From 3121da6e92df893b8e3b6c894829c2bcc6018cfc Mon Sep 17 00:00:00 2001 From: Jeremy Cline Date: Tue, 27 Nov 2018 12:55:45 -0500 Subject: Linux v4.19.5 Fix CVE-2018-16862 (rhbz 1649017 1653122) Fix CVE-2018-19407 (rhbz 1652656 1652658) --- kernel.spec | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'kernel.spec') diff --git a/kernel.spec b/kernel.spec index 7d9c88822..8153466f1 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 4 +%define stable_update 5 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -621,15 +621,18 @@ Patch502: input-rmi4-remove-the-need-for-artifical-IRQ.patch # rhbz 1526312, patch is in 4.20, can be dropped on rebase Patch507: 0001-HID-i2c-hid-override-HID-descriptors-for-certain-dev.patch -# rhbz 1644013, patch pending upstream -Patch509: 0001-ACPI-platform-Add-SMB0001-HID-to-forbidden_id_list.patch - # rhbz 1526312 (accelerometer part of the bug), patches pending upstream Patch510: iio-accel-kxcjk1013-Add-more-hardware-ids.patch # rhbz 1650224, patch in subsystem tree and Cc'd for stable Patch511: drm-set-is_master-to-0-upon-drm_new_set_master-failure.patch +# CVE-2018-16862 (rhbz 1649017 1653122) +Patch512: mm-cleancache-fix-corruption-on-missed-inode-invalidation.patch + +# CVE-2018-19407 (rhbz 1652656 1652658) +Patch513: CVE-2018-19407.patch + # END OF PATCH DEFINITIONS %endif @@ -1881,6 +1884,11 @@ fi # # %changelog +* Tue Nov 27 2018 Jeremy Cline - 4.19.5-300 +- Linux v4.19.5 +- Fix CVE-2018-16862 (rhbz 1649017 1653122) +- Fix CVE-2018-19407 (rhbz 1652656 1652658) + * Mon Nov 26 2018 Jeremy Cline - Fixes a null pointer dereference with Nvidia and vmwgfx drivers (rhbz 1650224) -- cgit