Release notes for the update from 190529 to 190730 Summary: Added Packages: 0 Removed Packages: 0 Modified Packages: 746 Updated Packages: 389-ds-base-1.3.8.4-23.el7_6 ---------------------------- * Wed Feb 06 2019 Mark Reynolds - 1.3.8.4-23 - Bump version to 1.3.8.4-23 - Resolves: Bug 1672173 - import task should not be deleted after import finishes to be able to query the status - Resolves: Bug 1672177 - after certain failed import operation, impossible to replay an import operation. - Resolves: Bug 1672179 - cannot add cenotaph in read only consumer * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-22 - Bump version to 1.3.8.4-22 - Resolves: Bug 1660120 - certmap fails when Issuer DN has comma in name * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-21 - Bump version to 1.3.8.4-21 - Resolves: Bug 1659510 - during MODRDN referential integrity can fail erronously while updating large groups - Resolves: Bug 1659936 - After RHEL 7.6 HTB update, unable to set nsslapd-cachememsize (RHDS 10) to custom value * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-20 - Bump version to 1.3.8.4-20 - Resolves: Bug 1645197 - Fix compiler warnings * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-19 - Bump version to 1.3.8.4-19 - Resolves: Bug 1653820 - PassSync not setting pwdLastSet attribute in Active Directory after Pw update from LDAP sync for normal user - Resolves: Bug 1645197 - on-line re-initialization hangs * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-18 - Bump version to 1.3.8.4-18 - Resolves: Bug 1638516 - CRIT - list_candidates - NULL idl was recieved from filter_candidates_ex * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-17 - Bump version to 1.3.8.4-17 - Resolves: Bug 1643875 - ns-slapd: crash in entrycache_add_int * Tue Oct 16 2018 Mark Reynolds - 1.3.8.4-16 - Bump version to 1.3.8.4-16 - Resolves: Bug 1638513 - Message: "CRIT - list_candidates - NULL idl was recieved from filter_candidates_ext." should not be critical 389-ds-base-devel-1.3.8.4-23.el7_6 ---------------------------------- * Wed Feb 06 2019 Mark Reynolds - 1.3.8.4-23 - Bump version to 1.3.8.4-23 - Resolves: Bug 1672173 - import task should not be deleted after import finishes to be able to query the status - Resolves: Bug 1672177 - after certain failed import operation, impossible to replay an import operation. - Resolves: Bug 1672179 - cannot add cenotaph in read only consumer * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-22 - Bump version to 1.3.8.4-22 - Resolves: Bug 1660120 - certmap fails when Issuer DN has comma in name * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-21 - Bump version to 1.3.8.4-21 - Resolves: Bug 1659510 - during MODRDN referential integrity can fail erronously while updating large groups - Resolves: Bug 1659936 - After RHEL 7.6 HTB update, unable to set nsslapd-cachememsize (RHDS 10) to custom value * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-20 - Bump version to 1.3.8.4-20 - Resolves: Bug 1645197 - Fix compiler warnings * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-19 - Bump version to 1.3.8.4-19 - Resolves: Bug 1653820 - PassSync not setting pwdLastSet attribute in Active Directory after Pw update from LDAP sync for normal user - Resolves: Bug 1645197 - on-line re-initialization hangs * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-18 - Bump version to 1.3.8.4-18 - Resolves: Bug 1638516 - CRIT - list_candidates - NULL idl was recieved from filter_candidates_ex * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-17 - Bump version to 1.3.8.4-17 - Resolves: Bug 1643875 - ns-slapd: crash in entrycache_add_int * Tue Oct 16 2018 Mark Reynolds - 1.3.8.4-16 - Bump version to 1.3.8.4-16 - Resolves: Bug 1638513 - Message: "CRIT - list_candidates - NULL idl was recieved from filter_candidates_ext." should not be critical 389-ds-base-libs-1.3.8.4-23.el7_6 --------------------------------- * Wed Feb 06 2019 Mark Reynolds - 1.3.8.4-23 - Bump version to 1.3.8.4-23 - Resolves: Bug 1672173 - import task should not be deleted after import finishes to be able to query the status - Resolves: Bug 1672177 - after certain failed import operation, impossible to replay an import operation. - Resolves: Bug 1672179 - cannot add cenotaph in read only consumer * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-22 - Bump version to 1.3.8.4-22 - Resolves: Bug 1660120 - certmap fails when Issuer DN has comma in name * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-21 - Bump version to 1.3.8.4-21 - Resolves: Bug 1659510 - during MODRDN referential integrity can fail erronously while updating large groups - Resolves: Bug 1659936 - After RHEL 7.6 HTB update, unable to set nsslapd-cachememsize (RHDS 10) to custom value * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-20 - Bump version to 1.3.8.4-20 - Resolves: Bug 1645197 - Fix compiler warnings * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-19 - Bump version to 1.3.8.4-19 - Resolves: Bug 1653820 - PassSync not setting pwdLastSet attribute in Active Directory after Pw update from LDAP sync for normal user - Resolves: Bug 1645197 - on-line re-initialization hangs * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-18 - Bump version to 1.3.8.4-18 - Resolves: Bug 1638516 - CRIT - list_candidates - NULL idl was recieved from filter_candidates_ex * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-17 - Bump version to 1.3.8.4-17 - Resolves: Bug 1643875 - ns-slapd: crash in entrycache_add_int * Tue Oct 16 2018 Mark Reynolds - 1.3.8.4-16 - Bump version to 1.3.8.4-16 - Resolves: Bug 1638513 - Message: "CRIT - list_candidates - NULL idl was recieved from filter_candidates_ext." should not be critical 389-ds-base-snmp-1.3.8.4-23.el7_6 --------------------------------- * Wed Feb 06 2019 Mark Reynolds - 1.3.8.4-23 - Bump version to 1.3.8.4-23 - Resolves: Bug 1672173 - import task should not be deleted after import finishes to be able to query the status - Resolves: Bug 1672177 - after certain failed import operation, impossible to replay an import operation. - Resolves: Bug 1672179 - cannot add cenotaph in read only consumer * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-22 - Bump version to 1.3.8.4-22 - Resolves: Bug 1660120 - certmap fails when Issuer DN has comma in name * Mon Dec 17 2018 Mark Reynolds - 1.3.8.4-21 - Bump version to 1.3.8.4-21 - Resolves: Bug 1659510 - during MODRDN referential integrity can fail erronously while updating large groups - Resolves: Bug 1659936 - After RHEL 7.6 HTB update, unable to set nsslapd-cachememsize (RHDS 10) to custom value * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-20 - Bump version to 1.3.8.4-20 - Resolves: Bug 1645197 - Fix compiler warnings * Tue Dec 04 2018 Mark Reynolds - 1.3.8.4-19 - Bump version to 1.3.8.4-19 - Resolves: Bug 1653820 - PassSync not setting pwdLastSet attribute in Active Directory after Pw update from LDAP sync for normal user - Resolves: Bug 1645197 - on-line re-initialization hangs * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-18 - Bump version to 1.3.8.4-18 - Resolves: Bug 1638516 - CRIT - list_candidates - NULL idl was recieved from filter_candidates_ex * Mon Oct 29 2018 Mark Reynolds - 1.3.8.4-17 - Bump version to 1.3.8.4-17 - Resolves: Bug 1643875 - ns-slapd: crash in entrycache_add_int * Tue Oct 16 2018 Mark Reynolds - 1.3.8.4-16 - Bump version to 1.3.8.4-16 - Resolves: Bug 1638513 - Message: "CRIT - list_candidates - NULL idl was recieved from filter_candidates_ext." should not be critical ImageMagick-6.7.8.9-16.el7_6 ---------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) ImageMagick-c++-6.7.8.9-16.el7_6 -------------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) ImageMagick-c++-devel-6.7.8.9-16.el7_6 -------------------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) ImageMagick-devel-6.7.8.9-16.el7_6 ---------------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) ImageMagick-doc-6.7.8.9-16.el7_6 -------------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) ImageMagick-perl-6.7.8.9-16.el7_6 --------------------------------- * Wed Oct 24 2018 Jan Horak - 6.7.8.9-16 - Added fix for long convert under some circumstances (rhbz#1633602) NetworkManager-1.12.0-10.el7_6 ------------------------------ * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-adsl-1.12.0-10.el7_6 ----------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-bluetooth-1.12.0-10.el7_6 ---------------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-config-server-1.12.0-10.el7_6 -------------------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-dispatcher-routing-rules-1.12.0-10.el7_6 ------------------------------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-glib-1.12.0-10.el7_6 ----------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-glib-devel-1.12.0-10.el7_6 ----------------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-libnm-1.12.0-10.el7_6 ------------------------------------ * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-libnm-devel-1.12.0-10.el7_6 ------------------------------------------ * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-ovs-1.12.0-10.el7_6 ---------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-ppp-1.12.0-10.el7_6 ---------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-team-1.12.0-10.el7_6 ----------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-tui-1.12.0-10.el7_6 ---------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-wifi-1.12.0-10.el7_6 ----------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) NetworkManager-wwan-1.12.0-10.el7_6 ----------------------------------- * Mon Mar 04 2019 Beniamino Galvani - 1:1.12.0-10 - manager: ignore ovs-system master when assuming connections (rh #1676551) - device: do ARP announcements only after masters have a slave (rh #1678796) * Tue Feb 19 2019 Beniamino Galvani - 1:1.12.0-9 - device: restore routes after a link down event (rh #1676551) * Fri Nov 02 2018 Thomas Haller - 1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Mon Oct 22 2018 Beniamino Galvani - 1:1.12.0-7 - manager: accept non-null device for VPN activations (rh #1641174) - drop dependency of NetworkManager-ovs on openvswitch (rh #1633190) adcli-0.8.1-6.el7_6.1 --------------------- * Wed Jan 16 2019 Sumit Bose - 0.8.1-6.1 - join failed if hostname is not FQDN [#1666775] augeas-1.4.0-6.el7_6.1 ---------------------- * Thu Nov 15 2018 Pino Toscano - 1.4.0-6.el7_6.1 - Sudoers: handle "always_query_group_plugin" option (RHBZ#1650174) augeas-devel-1.4.0-6.el7_6.1 ---------------------------- * Thu Nov 15 2018 Pino Toscano - 1.4.0-6.el7_6.1 - Sudoers: handle "always_query_group_plugin" option (RHBZ#1650174) augeas-libs-1.4.0-6.el7_6.1 --------------------------- * Thu Nov 15 2018 Pino Toscano - 1.4.0-6.el7_6.1 - Sudoers: handle "always_query_group_plugin" option (RHBZ#1650174) bind-9.9.4-73.el7_6 ------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-chroot-9.9.4-73.el7_6 -------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-devel-9.9.4-73.el7_6 ------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-libs-9.9.4-73.el7_6 ------------------------ * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-libs-lite-9.9.4-73.el7_6 ----------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-license-9.9.4-73.el7_6 --------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-lite-devel-9.9.4-73.el7_6 ------------------------------ * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-pkcs11-9.9.4-73.el7_6 -------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-pkcs11-devel-9.9.4-73.el7_6 -------------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-pkcs11-libs-9.9.4-73.el7_6 ------------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-pkcs11-utils-9.9.4-73.el7_6 -------------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-sdb-9.9.4-73.el7_6 ----------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-sdb-chroot-9.9.4-73.el7_6 ------------------------------ * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bind-utils-9.9.4-73.el7_6 ------------------------- * Fri Nov 23 2018 Petr Menšík - 32:9.9.4-73 - Fixes debug level comments (#1647539) bpftool-3.10.0-957.21.3.el7 --------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] cloud-init-18.2-1.el7.centos.2 ------------------------------ * Thu Mar 07 2019 Miroslav Rezanina - 18.2-1.el7_6.2 - ci-azure-Filter-list-of-ssh-keys-pulled-from-fabric.patch [bz#1684038] - Resolves: bz#1684038 (EMBARGOED cloud-init: wrong list of ssh keys added to authorized_keys [rhel-7.6.z]) cmirror-2.02.180-10.el7_6.3 --------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. cockpit-173.2-1.el7.centos -------------------------- * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cockpit-bridge-173.2-1.el7.centos --------------------------------- * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cockpit-doc-173.2-1.el7.centos ------------------------------ * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cockpit-machines-ovirt-173.2-1.el7.centos ----------------------------------------- * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cockpit-system-173.2-1.el7.centos --------------------------------- * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cockpit-ws-173.2-1.el7.centos ----------------------------- * Tue Mar 12 2019 Johnny Hughes - Manual CentOS Debranding * Wed Jan 30 2019 Martin Pitt 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz#1672296 cpp-4.8.5-36.el7_6.2 -------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). cronie-1.4.11-20.el7_6 ---------------------- * Tue Oct 23 2018 Marcel Plch - 1.4.11-20 - Fix race condition when crontab is modified the same second before and after reading the crontab - Resolves: rhbz#1638691 cronie-anacron-1.4.11-20.el7_6 ------------------------------ * Tue Oct 23 2018 Marcel Plch - 1.4.11-20 - Fix race condition when crontab is modified the same second before and after reading the crontab - Resolves: rhbz#1638691 cronie-noanacron-1.4.11-20.el7_6 -------------------------------- * Tue Oct 23 2018 Marcel Plch - 1.4.11-20 - Fix race condition when crontab is modified the same second before and after reading the crontab - Resolves: rhbz#1638691 dbus-1.10.24-13.el7_6 --------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) dbus-devel-1.10.24-13.el7_6 --------------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) dbus-doc-1.10.24-13.el7_6 ------------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) dbus-libs-1.10.24-13.el7_6 -------------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) dbus-tests-1.10.24-13.el7_6 --------------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) dbus-x11-1.10.24-13.el7_6 ------------------------- * Tue Dec 11 2018 David King - 1:1.10.24-13 - Add a symlink for dbus-daemon-launch-helper (#1568856) device-mapper-1.02.149-10.el7_6.3 --------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. device-mapper-devel-1.02.149-10.el7_6.3 --------------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. device-mapper-event-1.02.149-10.el7_6.3 --------------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. device-mapper-event-devel-1.02.149-10.el7_6.3 --------------------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. device-mapper-event-libs-1.02.149-10.el7_6.3 -------------------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. device-mapper-libs-1.02.149-10.el7_6.3 -------------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. efivar-36-11.el7_6.1 -------------------- * Tue Nov 13 2018 Javier Martinez Canillas - 36-11.el7_6.1 - Fix partition number detection when it's not provided (pjones) Resolves: rhbz#1649712 efivar-devel-36-11.el7_6.1 -------------------------- * Tue Nov 13 2018 Javier Martinez Canillas - 36-11.el7_6.1 - Fix partition number detection when it's not provided (pjones) Resolves: rhbz#1649712 efivar-libs-36-11.el7_6.1 ------------------------- * Tue Nov 13 2018 Javier Martinez Canillas - 36-11.el7_6.1 - Fix partition number detection when it's not provided (pjones) Resolves: rhbz#1649712 elinks-0.12-0.37.pre6.el7.0.1 ----------------------------- emacs-git-1.8.3.1-20.el7 ------------------------ * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 emacs-git-el-1.8.3.1-20.el7 --------------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 fcoe-utils-1.0.32-2.el7_6 ------------------------- * Fri Jan 25 2019 Chris Leech - 1.0.32-2 - 1656720 fcoemon fix ignored devices from recv buffer resize bug fence-agents-aliyun-4.2.1-11.el7_6.7 ------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-all-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-amt-ws-4.2.1-11.el7_6.7 ------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-apc-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-apc-snmp-4.2.1-11.el7_6.7 -------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-aws-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-azure-arm-4.2.1-11.el7_6.7 --------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-bladecenter-4.2.1-11.el7_6.7 ----------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-brocade-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-cisco-mds-4.2.1-11.el7_6.7 --------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-cisco-ucs-4.2.1-11.el7_6.7 --------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-common-4.2.1-11.el7_6.7 ------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-compute-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-drac5-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-eaton-snmp-4.2.1-11.el7_6.7 ---------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-emerson-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-eps-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-gce-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-heuristics-ping-4.2.1-11.el7_6.7 --------------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-hpblade-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ibmblade-4.2.1-11.el7_6.7 -------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ifmib-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ilo-moonshot-4.2.1-11.el7_6.7 ------------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ilo-mp-4.2.1-11.el7_6.7 ------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ilo-ssh-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ilo2-4.2.1-11.el7_6.7 ---------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-intelmodular-4.2.1-11.el7_6.7 ------------------------------------------ * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ipdu-4.2.1-11.el7_6.7 ---------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-ipmilan-4.2.1-11.el7_6.7 ------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-kdump-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-mpath-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-rhevm-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-rsa-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-rsb-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-sbd-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-scsi-4.2.1-11.el7_6.7 ---------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-virsh-4.2.1-11.el7_6.7 ----------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-vmware-rest-4.2.1-11.el7_6.7 ----------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-vmware-soap-4.2.1-11.el7_6.7 ----------------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 fence-agents-wti-4.2.1-11.el7_6.7 --------------------------------- * Thu Jan 17 2019 Oyvind Albrigtsen - 4.2.1-11.7 - fence_redfish: new fence agent Resolves: rhbz#1666848 * Thu Dec 06 2018 Oyvind Albrigtsen - 4.2.1-11.5 - fence_scsi: add watchdog retry support Resolves: rhbz#1654172 * Wed Nov 28 2018 Oyvind Albrigtsen - 4.2.1-11.4 - fence_hpblade: fix log_expect syntax Resolves: rhbz#1652115 * Thu Nov 08 2018 Oyvind Albrigtsen - 4.2.1-11.1 - fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher Resolves: rhbz#1647522 firefox-60.6.1-1.el7_6.bclinux ------------------------------ * Mon Apr 22 2019 weimingjiang - Manual BcLinux Debranding * Wed Mar 27 2019 Johnny Hughes - Manual CentOS Debranding * Mon Mar 25 2019 Martin Stransky - 60.6.1-1 - Update to 60.6.1 ESR (Build 1) * Fri Mar 15 2019 Martin Stransky - 60.6.0-3 - Added Google API keys (mozbz#1531176) * Thu Mar 14 2019 Martin Stransky - 60.6.0-2 - Update to 60.6.0 ESR (Build 2) * Wed Mar 13 2019 Martin Stransky - 60.6.0-1 - Update to 60.6.0 ESR (Build 1) * Wed Feb 13 2019 Jan Horak - 60.5.1-1 - Update to 60.5.1 ESR * Wed Feb 06 2019 Martin Stransky - 60.5.0-3 - Added fix for rhbz#1672424 - Firefox crashes on NFS drives. * Fri Jan 25 2019 Martin Stransky - 60.5.0-2 - Updated to 60.5.0 ESR build2 * Tue Jan 22 2019 Martin Stransky - 60.5.0-1 - Updated to 60.5.0 ESR build1 flatpak-1.0.2-4.el7_6 --------------------- * Fri Feb 15 2019 David King - 1.0.2-4 - Tweak /proc sandbox patch (#1675433) * Wed Feb 13 2019 David King - 1.0.2-3 - Do not mount /proc in root sandbox (#1675433) flatpak-builder-1.0.0-4.el7_6 ----------------------------- * Fri Feb 15 2019 David King - 1.0.2-4 - Tweak /proc sandbox patch (#1675433) * Wed Feb 13 2019 David King - 1.0.2-3 - Do not mount /proc in root sandbox (#1675433) flatpak-devel-1.0.2-4.el7_6 --------------------------- * Fri Feb 15 2019 David King - 1.0.2-4 - Tweak /proc sandbox patch (#1675433) * Wed Feb 13 2019 David King - 1.0.2-3 - Do not mount /proc in root sandbox (#1675433) flatpak-libs-1.0.2-4.el7_6 -------------------------- * Fri Feb 15 2019 David King - 1.0.2-4 - Tweak /proc sandbox patch (#1675433) * Wed Feb 13 2019 David King - 1.0.2-3 - Do not mount /proc in root sandbox (#1675433) freerdp-1.0.2-15.el7_6.1 ------------------------ * Fri Mar 08 2019 Ondrej Holy - 1.0.2-15.1 - Fix CVE-2018-8786 (#1684152) - Fix CVE-2018-8787 (#1684156) - Fix CVE-2018-8788 (#1684163) freerdp-devel-1.0.2-15.el7_6.1 ------------------------------ * Fri Mar 08 2019 Ondrej Holy - 1.0.2-15.1 - Fix CVE-2018-8786 (#1684152) - Fix CVE-2018-8787 (#1684156) - Fix CVE-2018-8788 (#1684163) freerdp-libs-1.0.2-15.el7_6.1 ----------------------------- * Fri Mar 08 2019 Ondrej Holy - 1.0.2-15.1 - Fix CVE-2018-8786 (#1684152) - Fix CVE-2018-8787 (#1684156) - Fix CVE-2018-8788 (#1684163) freerdp-plugins-1.0.2-15.el7_6.1 -------------------------------- * Fri Mar 08 2019 Ondrej Holy - 1.0.2-15.1 - Fix CVE-2018-8786 (#1684152) - Fix CVE-2018-8787 (#1684156) - Fix CVE-2018-8788 (#1684163) freetype-2.8-12.el7_6.1 ----------------------- * Thu Nov 22 2018 Marek Kasik - 2.8-12.el7_6.1 - Fix definition of constant ft_encoding_gb2312 in freetype.h - Resolves: #1652187 freetype-demos-2.8-12.el7_6.1 ----------------------------- * Thu Nov 22 2018 Marek Kasik - 2.8-12.el7_6.1 - Fix definition of constant ft_encoding_gb2312 in freetype.h - Resolves: #1652187 freetype-devel-2.8-12.el7_6.1 ----------------------------- * Thu Nov 22 2018 Marek Kasik - 2.8-12.el7_6.1 - Fix definition of constant ft_encoding_gb2312 in freetype.h - Resolves: #1652187 gcc-4.8.5-36.el7_6.2 -------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-c++-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-gfortran-4.8.5-36.el7_6.2 ----------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-gnat-4.8.5-36.el7_6.2 ------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-go-4.8.5-36.el7_6.2 ----------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-objc-4.8.5-36.el7_6.2 ------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-objc++-4.8.5-36.el7_6.2 --------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gcc-plugin-devel-4.8.5-36.el7_6.2 --------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). gdm-3.28.2-12.el7_6 ------------------- * Thu Dec 20 2018 Ray Strode 3.28.2-12 - Allow multiple simultaneous XDMCP logins for a user if xdmcp/AllowMultipleSessionsPerUser=true Resolves: #1679914 * Mon Dec 03 2018 Ray Strode - 3.28.2-11 - Don't assume X server defaults to local only Resolves: #1647621 * Fri Oct 05 2018 Ray Strode - 3.28.2-10 - another user switching fix Resolves: #1489977 gdm-devel-3.28.2-12.el7_6 ------------------------- * Thu Dec 20 2018 Ray Strode 3.28.2-12 - Allow multiple simultaneous XDMCP logins for a user if xdmcp/AllowMultipleSessionsPerUser=true Resolves: #1679914 * Mon Dec 03 2018 Ray Strode - 3.28.2-11 - Don't assume X server defaults to local only Resolves: #1647621 * Fri Oct 05 2018 Ray Strode - 3.28.2-10 - another user switching fix Resolves: #1489977 gdm-pam-extensions-devel-3.28.2-12.el7_6 ---------------------------------------- * Thu Dec 20 2018 Ray Strode 3.28.2-12 - Allow multiple simultaneous XDMCP logins for a user if xdmcp/AllowMultipleSessionsPerUser=true Resolves: #1679914 * Mon Dec 03 2018 Ray Strode - 3.28.2-11 - Don't assume X server defaults to local only Resolves: #1647621 * Fri Oct 05 2018 Ray Strode - 3.28.2-10 - another user switching fix Resolves: #1489977 ghostscript-9.07-31.el7_6.10 ---------------------------- * Tue Jan 29 2019 Martin Osvald - 9.07-31.el7_6.10 - Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) * Thu Jan 24 2019 Martin Osvald - 9.07-31.el7_6.9 - Related: #1667442 - CVE-2019-6116 - added missing parts of patch * Fri Jan 18 2019 Martin Osvald - 9.07-31.el7_6.8 - Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators * Thu Dec 20 2018 Martin Osvald - 9.07-31.el7_6.7 - Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) * Mon Dec 10 2018 Martin Osvald - 9.07-31.el7_6.6 - Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--) * Wed Dec 05 2018 Martin Osvald - 9.07-31.el7_6.5 - Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) * Thu Nov 29 2018 Martin Osvald - 9.07-31.el7_6.4 - Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c * Wed Nov 28 2018 Martin Osvald - 9.07-31.el7_6.3 - Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage) * Mon Nov 26 2018 Martin Osvald - 9.07-31.el7_6.2 - Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 * Wed Nov 14 2018 Martin Osvald - 9.07-31.el7_6.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type checker (699659) - Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) - Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues (699657) - Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete type checking (699660) ghostscript-cups-9.07-31.el7_6.10 --------------------------------- * Tue Jan 29 2019 Martin Osvald - 9.07-31.el7_6.10 - Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) * Thu Jan 24 2019 Martin Osvald - 9.07-31.el7_6.9 - Related: #1667442 - CVE-2019-6116 - added missing parts of patch * Fri Jan 18 2019 Martin Osvald - 9.07-31.el7_6.8 - Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators * Thu Dec 20 2018 Martin Osvald - 9.07-31.el7_6.7 - Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) * Mon Dec 10 2018 Martin Osvald - 9.07-31.el7_6.6 - Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--) * Wed Dec 05 2018 Martin Osvald - 9.07-31.el7_6.5 - Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) * Thu Nov 29 2018 Martin Osvald - 9.07-31.el7_6.4 - Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c * Wed Nov 28 2018 Martin Osvald - 9.07-31.el7_6.3 - Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage) * Mon Nov 26 2018 Martin Osvald - 9.07-31.el7_6.2 - Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 * Wed Nov 14 2018 Martin Osvald - 9.07-31.el7_6.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type checker (699659) - Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) - Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues (699657) - Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete type checking (699660) ghostscript-devel-9.07-31.el7_6.10 ---------------------------------- * Tue Jan 29 2019 Martin Osvald - 9.07-31.el7_6.10 - Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) * Thu Jan 24 2019 Martin Osvald - 9.07-31.el7_6.9 - Related: #1667442 - CVE-2019-6116 - added missing parts of patch * Fri Jan 18 2019 Martin Osvald - 9.07-31.el7_6.8 - Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators * Thu Dec 20 2018 Martin Osvald - 9.07-31.el7_6.7 - Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) * Mon Dec 10 2018 Martin Osvald - 9.07-31.el7_6.6 - Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--) * Wed Dec 05 2018 Martin Osvald - 9.07-31.el7_6.5 - Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) * Thu Nov 29 2018 Martin Osvald - 9.07-31.el7_6.4 - Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c * Wed Nov 28 2018 Martin Osvald - 9.07-31.el7_6.3 - Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage) * Mon Nov 26 2018 Martin Osvald - 9.07-31.el7_6.2 - Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 * Wed Nov 14 2018 Martin Osvald - 9.07-31.el7_6.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type checker (699659) - Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) - Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues (699657) - Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete type checking (699660) ghostscript-doc-9.07-31.el7_6.10 -------------------------------- * Tue Jan 29 2019 Martin Osvald - 9.07-31.el7_6.10 - Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) * Thu Jan 24 2019 Martin Osvald - 9.07-31.el7_6.9 - Related: #1667442 - CVE-2019-6116 - added missing parts of patch * Fri Jan 18 2019 Martin Osvald - 9.07-31.el7_6.8 - Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators * Thu Dec 20 2018 Martin Osvald - 9.07-31.el7_6.7 - Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) * Mon Dec 10 2018 Martin Osvald - 9.07-31.el7_6.6 - Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--) * Wed Dec 05 2018 Martin Osvald - 9.07-31.el7_6.5 - Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) * Thu Nov 29 2018 Martin Osvald - 9.07-31.el7_6.4 - Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c * Wed Nov 28 2018 Martin Osvald - 9.07-31.el7_6.3 - Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage) * Mon Nov 26 2018 Martin Osvald - 9.07-31.el7_6.2 - Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 * Wed Nov 14 2018 Martin Osvald - 9.07-31.el7_6.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type checker (699659) - Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) - Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues (699657) - Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete type checking (699660) ghostscript-gtk-9.07-31.el7_6.10 -------------------------------- * Tue Jan 29 2019 Martin Osvald - 9.07-31.el7_6.10 - Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) * Thu Jan 24 2019 Martin Osvald - 9.07-31.el7_6.9 - Related: #1667442 - CVE-2019-6116 - added missing parts of patch * Fri Jan 18 2019 Martin Osvald - 9.07-31.el7_6.8 - Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators * Thu Dec 20 2018 Martin Osvald - 9.07-31.el7_6.7 - Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) * Mon Dec 10 2018 Martin Osvald - 9.07-31.el7_6.6 - Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--) * Wed Dec 05 2018 Martin Osvald - 9.07-31.el7_6.5 - Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) * Thu Nov 29 2018 Martin Osvald - 9.07-31.el7_6.4 - Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c * Wed Nov 28 2018 Martin Osvald - 9.07-31.el7_6.3 - Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage) * Mon Nov 26 2018 Martin Osvald - 9.07-31.el7_6.2 - Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 * Wed Nov 14 2018 Martin Osvald - 9.07-31.el7_6.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type checker (699659) - Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) - Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues (699657) - Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete type checking (699660) git-1.8.3.1-20.el7 ------------------ * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-all-1.8.3.1-20.el7 ---------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-bzr-1.8.3.1-20.el7 ---------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-cvs-1.8.3.1-20.el7 ---------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-daemon-1.8.3.1-20.el7 ------------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-email-1.8.3.1-20.el7 ------------------------ * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-gnome-keyring-1.8.3.1-20.el7 -------------------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-gui-1.8.3.1-20.el7 ---------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-hg-1.8.3.1-20.el7 --------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-instaweb-1.8.3.1-20.el7 --------------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-p4-1.8.3.1-20.el7 --------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 git-svn-1.8.3.1-20.el7 ---------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 gitk-1.8.3.1-20.el7 ------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 gitweb-1.8.3.1-20.el7 --------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 glibc-2.17-260.el7_6.6 ---------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glibc-common-2.17-260.el7_6.6 ----------------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glibc-devel-2.17-260.el7_6.6 ---------------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glibc-headers-2.17-260.el7_6.6 ------------------------------ * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glibc-static-2.17-260.el7_6.6 ----------------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glibc-utils-2.17-260.el7_6.6 ---------------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) glusterfs-3.12.2-47.2.el7 ------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-api-3.12.2-47.2.el7 ----------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-api-devel-3.12.2-47.2.el7 ----------------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-cli-3.12.2-47.2.el7 ----------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-client-xlators-3.12.2-47.2.el7 ---------------------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-devel-3.12.2-47.2.el7 ------------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-fuse-3.12.2-47.2.el7 ------------------------------ * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-libs-3.12.2-47.2.el7 ------------------------------ * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 glusterfs-rdma-3.12.2-47.2.el7 ------------------------------ * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 gnome-session-3.28.1-6.el7 -------------------------- * Tue Oct 02 2018 Ray Strode - 3.28.1-6 - Fix crash in gles helper if there's no display Resolves: #1627056 gnome-session-custom-session-3.28.1-6.el7 ----------------------------------------- * Tue Oct 02 2018 Ray Strode - 3.28.1-6 - Fix crash in gles helper if there's no display Resolves: #1627056 gnome-session-wayland-session-3.28.1-6.el7 ------------------------------------------ * Tue Oct 02 2018 Ray Strode - 3.28.1-6 - Fix crash in gles helper if there's no display Resolves: #1627056 gnome-session-xsession-3.28.1-6.el7 ----------------------------------- * Tue Oct 02 2018 Ray Strode - 3.28.1-6 - Fix crash in gles helper if there's no display Resolves: #1627056 gnome-tweak-tool-3.28.1-2.el7.2 ------------------------------- * Tue Jan 22 2019 Carlos Soriano - 3.28.1-2 - Fix release numbers for z-stream - Resolves: #1667991 #1664791 * Mon Jan 21 2019 Carlos Soriano - 3.28.1-4 - Fix keyboard panel crashes - Resolves: #1667991 * Mon Dec 17 2018 Carlos Soriano - 3.28.1-3 - Fixes to port to python2 - Resolves: #1664791 gnutls-3.3.29-9.el7_6 --------------------- * Tue Feb 12 2019 Anderson Sasaki 3.3.29-9 - Make sure the FIPS startup KAT selftest run for ECDSA (#1673919) gnutls-c++-3.3.29-9.el7_6 ------------------------- * Tue Feb 12 2019 Anderson Sasaki 3.3.29-9 - Make sure the FIPS startup KAT selftest run for ECDSA (#1673919) gnutls-dane-3.3.29-9.el7_6 -------------------------- * Tue Feb 12 2019 Anderson Sasaki 3.3.29-9 - Make sure the FIPS startup KAT selftest run for ECDSA (#1673919) gnutls-devel-3.3.29-9.el7_6 --------------------------- * Tue Feb 12 2019 Anderson Sasaki 3.3.29-9 - Make sure the FIPS startup KAT selftest run for ECDSA (#1673919) gnutls-utils-3.3.29-9.el7_6 --------------------------- * Tue Feb 12 2019 Anderson Sasaki 3.3.29-9 - Make sure the FIPS startup KAT selftest run for ECDSA (#1673919) grub2-2.02-0.76.el7_6.bclinux.1 ------------------------------- grub2-common-2.02-0.76.el7_6.bclinux.1 -------------------------------------- grub2-efi-ia32-2.02-0.76.el7_6.bclinux.1 ---------------------------------------- grub2-efi-ia32-cdboot-2.02-0.76.el7_6.bclinux.1 ----------------------------------------------- grub2-efi-ia32-modules-2.02-0.76.el7_6.bclinux.1 ------------------------------------------------ grub2-efi-x64-2.02-0.76.el7_6.bclinux.1 --------------------------------------- grub2-efi-x64-cdboot-2.02-0.76.el7_6.bclinux.1 ---------------------------------------------- grub2-efi-x64-modules-2.02-0.76.el7_6.bclinux.1 ----------------------------------------------- grub2-pc-2.02-0.76.el7_6.bclinux.1 ---------------------------------- grub2-pc-modules-2.02-0.76.el7_6.bclinux.1 ------------------------------------------ grub2-tools-2.02-0.76.el7_6.bclinux.1 ------------------------------------- grub2-tools-extra-2.02-0.76.el7_6.bclinux.1 ------------------------------------------- grub2-tools-minimal-2.02-0.76.el7_6.bclinux.1 --------------------------------------------- ipa-client-4.6.4-10.el7.centos.3 -------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-client-common-4.6.4-10.el7.centos.3 --------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-common-4.6.4-10.el7.centos.3 -------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-python-compat-4.6.4-10.el7.centos.3 --------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-server-4.6.4-10.el7.centos.3 -------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-server-common-4.6.4-10.el7.centos.3 --------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-server-dns-4.6.4-10.el7.centos.3 ------------------------------------ * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipa-server-trust-ad-4.6.4-10.el7.centos.3 ----------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes ipset-6.38-3.el7_6 ------------------ * Tue Nov 06 2018 Stefano Brivio - 6.38-3 - Fix loading of sets with dependencies on other sets (RHBZ#1646666) ipset-devel-6.38-3.el7_6 ------------------------ * Tue Nov 06 2018 Stefano Brivio - 6.38-3 - Fix loading of sets with dependencies on other sets (RHBZ#1646666) ipset-libs-6.38-3.el7_6 ----------------------- * Tue Nov 06 2018 Stefano Brivio - 6.38-3 - Fix loading of sets with dependencies on other sets (RHBZ#1646666) ipset-service-6.38-3.el7_6 -------------------------- * Tue Nov 06 2018 Stefano Brivio - 6.38-3 - Fix loading of sets with dependencies on other sets (RHBZ#1646666) java-1.7.0-openjdk-1.7.0.231-2.6.19.1.el7_6 ------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-accessibility-1.7.0.231-2.6.19.1.el7_6 --------------------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-demo-1.7.0.231-2.6.19.1.el7_6 ------------------------------------------------ * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-devel-1.7.0.231-2.6.19.1.el7_6 ------------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-headless-1.7.0.231-2.6.19.1.el7_6 ---------------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-javadoc-1.7.0.231-2.6.19.1.el7_6 --------------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.7.0-openjdk-src-1.7.0.231-2.6.19.1.el7_6 ----------------------------------------------- * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz#1724452 * Tue Jul 16 2019 Andrew Hughes - 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 (including tapsets) and OpenJDK 7u231-b01. - Fix fsg.sh to fail if patching fails. - Resolves: rhbz#1724452 * Tue Apr 16 2019 Andrew Hughes - 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz#1693468 * Wed Feb 27 2019 Severin Gehwolf - 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set IT_CFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debug_info in pulse-java.so.debug. - Resolves: rhbz#1661577 * Mon Feb 25 2019 Andrew Hughes - 1:1.7.0.211-2.6.17.0 - Bump to 2.6.17. - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after 8211883 - Regenerate pr3393-rh1273760-support_rsaandmgf1_with_sha_in_pkcs11.patch against current sources - Resolves: rhbz#1661577 * Thu Feb 21 2019 Andrew Hughes - 1:1.7.0.201-2.6.17pre01.0 - Bump to 2.6.17pre01. - Add support for icedtea_snapshot so we can build pre-releases. - Resolves: rhbz#1661577 * Mon Oct 22 2018 Andrew Hughes - 1:1.7.0.201-2.6.16.1 - Bump to 2.6.16 and u201b00. - Update 8076221/PR2809 (disable RC4) to apply after 8208350 (disable DES) - Resolves: rhbz#1633817 java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6 ---------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-accessibility-1.8.0.222.b10-0.el7_6 ------------------------------------------------------ * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-accessibility-debug-1.8.0.222.b10-0.el7_6 ------------------------------------------------------------ * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-debug-1.8.0.222.b10-0.el7_6 ---------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-demo-1.8.0.222.b10-0.el7_6 --------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-demo-debug-1.8.0.222.b10-0.el7_6 --------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-devel-1.8.0.222.b10-0.el7_6 ---------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-devel-debug-1.8.0.222.b10-0.el7_6 ---------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el7_6 ------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-headless-debug-1.8.0.222.b10-0.el7_6 ------------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-javadoc-1.8.0.222.b10-0.el7_6 ------------------------------------------------ * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-javadoc-debug-1.8.0.222.b10-0.el7_6 ------------------------------------------------------ * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-javadoc-zip-1.8.0.222.b10-0.el7_6 ---------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.222.b10-0.el7_6 ---------------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-src-1.8.0.222.b10-0.el7_6 -------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-1.8.0-openjdk-src-debug-1.8.0.222.b10-0.el7_6 -------------------------------------------------- * Thu Jul 11 2019 Andrew Hughes - 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Tue Jul 09 2019 Andrew Hughes - 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust PR3083/RH134640 to apply after JDK-8182999 - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b06-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b06. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b05-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b05. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b04-0.1.ea - Update to aarch64-shenandoah-jdk8u222-b04. - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:1.8.0.222.b03-0.1.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Severin Gehwolf - 1:1.8.0.222.b03-0.1.ea - Don't produce javadoc/javadoc-zip sub packages for the debug variant build. - Don't perform a bootcycle build for the debug variant build. - Resolves: rhbz#1724452 java-11-openjdk-11.0.4.11-0.el7_6 --------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-debug-11.0.4.11-0.el7_6 --------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-demo-11.0.4.11-0.el7_6 -------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-demo-debug-11.0.4.11-0.el7_6 -------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-devel-11.0.4.11-0.el7_6 --------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-devel-debug-11.0.4.11-0.el7_6 --------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-headless-11.0.4.11-0.el7_6 ------------------------------------------ * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-headless-debug-11.0.4.11-0.el7_6 ------------------------------------------------ * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-javadoc-11.0.4.11-0.el7_6 ----------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-javadoc-debug-11.0.4.11-0.el7_6 ----------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-javadoc-zip-11.0.4.11-0.el7_6 --------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-javadoc-zip-debug-11.0.4.11-0.el7_6 --------------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-jmods-11.0.4.11-0.el7_6 --------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-jmods-debug-11.0.4.11-0.el7_6 --------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-src-11.0.4.11-0.el7_6 ------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 java-11-openjdk-src-debug-11.0.4.11-0.el7_6 ------------------------------------------- * Tue Jul 09 2019 Andrew Hughes - 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 (EA) - Resolves: rhbz#1724452 * Mon Jul 08 2019 Andrew Hughes - 1:11.0.4.8-0.0.ea - Update to shenandoah-jdk-11.0.4+8 (EA) - Resolves: rhbz#1724452 * Sun Jul 07 2019 Andrew Hughes - 1:11.0.4.7-0.0.ea - Update to shenandoah-jdk-11.0.4+7 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Provide Javadoc debug subpackages for now, but populate them from the normal build. - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.6-0.0.ea - Update to shenandoah-jdk-11.0.4+6 (EA) - Resolves: rhbz#1724452 * Wed Jul 03 2019 Andrew Hughes - 1:11.0.4.5-0.0.ea - Update to shenandoah-jdk-11.0.4+5 (EA) - Resolves: rhbz#1724452 * Tue Jul 02 2019 Andrew Hughes - 1:11.0.4.4-0.0.ea - Update to shenandoah-jdk-11.0.4+4 (EA) - Resolves: rhbz#1724452 * Mon Jul 01 2019 Andrew Hughes - 1:11.0.4.3-0.0.ea - Update to shenandoah-jdk-11.0.4+3 (EA) - Resolves: rhbz#1724452 jss-4.4.4-5.el7_6 ----------------- * Fri Feb 15 2019 Dogtag PKI Team 4.4.4-5 - Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert chain [rhel-7.6.z] (jmagne) * Thu Jan 31 2019 Dogtag PKI Team 4.4.4-4 - Bugzilla #1671244 - x25519 allowed in FIPS mode [rhel-7.6.z] (ascheel) - Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert chain [rhel-7.6.z] (jmagne) jss-javadoc-4.4.4-5.el7_6 ------------------------- * Fri Feb 15 2019 Dogtag PKI Team 4.4.4-5 - Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert chain [rhel-7.6.z] (jmagne) * Thu Jan 31 2019 Dogtag PKI Team 4.4.4-4 - Bugzilla #1671244 - x25519 allowed in FIPS mode [rhel-7.6.z] (ascheel) - Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert chain [rhel-7.6.z] (jmagne) keepalived-1.3.5-8.el7_6 ------------------------ * Mon Dec 31 2018 Ryan O'Hara - 1.3.5-8 - Fixed patch that was incorrectly removed (#1652694) * Mon Dec 10 2018 Ryan O'Hara - 1.3.5-7 - Fix buffer overflow when parsing HTTP status codes (#1652694) kernel-3.10.0-957.21.3.el7 -------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-abi-whitelists-3.10.0-957.21.3.el7 ----------------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-debug-3.10.0-957.21.3.el7 -------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-debug-devel-3.10.0-957.21.3.el7 -------------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-devel-3.10.0-957.21.3.el7 -------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-doc-3.10.0-957.21.3.el7 ------------------------------ * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-headers-3.10.0-957.21.3.el7 ---------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-tools-3.10.0-957.21.3.el7 -------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-tools-libs-3.10.0-957.21.3.el7 ------------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kernel-tools-libs-devel-3.10.0-957.21.3.el7 ------------------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] kmod-oracleasm-2.0.8-22.1.el7_6 ------------------------------- * Wed Feb 20 2019 Eugene Syromiatnikov 2.0.8-22.1 - For >= kernel-3.10.0-957.el7 - Add "use-after-free-asm-request.patch" - (oracleasm: Fix use after free for request processing timer) - Resolves: #1679239 krb5-devel-1.15.1-37.el7_6 -------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 krb5-libs-1.15.1-37.el7_6 ------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 krb5-pkinit-1.15.1-37.el7_6 --------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 krb5-server-1.15.1-37.el7_6 --------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 krb5-server-ldap-1.15.1-37.el7_6 -------------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 krb5-workstation-1.15.1-37.el7_6 -------------------------------- * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 libasan-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libasan-static-4.8.5-36.el7_6.2 ------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libatomic-4.8.5-36.el7_6.2 -------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libatomic-static-4.8.5-36.el7_6.2 --------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libblkid-2.23.2-59.el7_6.1 -------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libblkid-devel-2.23.2-59.el7_6.1 -------------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libgcc-4.8.5-36.el7_6.2 ----------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgfortran-4.8.5-36.el7_6.2 ---------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgfortran-static-4.8.5-36.el7_6.2 ----------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgfortran4-8.2.1-1.3.1.el7_5 ------------------------------ libgfortran5-8.2.1-1.3.1.el7_5 ------------------------------ libgnat-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgnat-devel-4.8.5-36.el7_6.2 ------------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgnat-static-4.8.5-36.el7_6.2 ------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgo-4.8.5-36.el7_6.2 ---------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgo-devel-4.8.5-36.el7_6.2 ---------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgo-static-4.8.5-36.el7_6.2 ----------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgomp-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libgudev1-219-62.el7_6.7 ------------------------ * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) libgudev1-devel-219-62.el7_6.7 ------------------------------ * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) libguestfs-1.38.2-12.el7_6.2 ---------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-bash-completion-1.38.2-12.el7_6.2 -------------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-benchmarking-1.38.2-12.el7_6.2 ----------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-devel-1.38.2-12.el7_6.2 ---------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-gfs2-1.38.2-12.el7_6.2 --------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-gobject-1.38.2-12.el7_6.2 ------------------------------------ * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-gobject-devel-1.38.2-12.el7_6.2 ------------------------------------------ * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-inspect-icons-1.38.2-12.el7_6.2 ------------------------------------------ * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-java-1.38.2-12.el7_6.2 --------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-java-devel-1.38.2-12.el7_6.2 --------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-javadoc-1.38.2-12.el7_6.2 ------------------------------------ * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-man-pages-ja-1.38.2-12.el7_6.2 ----------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-man-pages-uk-1.38.2-12.el7_6.2 ----------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-rescue-1.38.2-12.el7_6.2 ----------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-rsync-1.38.2-12.el7_6.2 ---------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-tools-1.38.2-12.el7_6.2 ---------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-tools-c-1.38.2-12.el7_6.2 ------------------------------------ * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libguestfs-xfs-1.38.2-12.el7_6.2 -------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 libipa_hbac-1.16.2-13.el7_6.8 ----------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libipa_hbac-devel-1.16.2-13.el7_6.8 ----------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libitm-4.8.5-36.el7_6.2 ----------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libitm-devel-4.8.5-36.el7_6.2 ----------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libitm-static-4.8.5-36.el7_6.2 ------------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libkadm5-1.15.1-37.el7_6 ------------------------ * Tue Dec 18 2018 Robbie Harwood - 1.15.1-37 - Bring back builtin crypto (openssl broke too many FIPS setups) - Resolves: #1657890 * Mon Dec 17 2018 Robbie Harwood - 1.15.1-36 - Clean up MEMORY ccache behavior to match upstream more closely - Resolves: #1657890 * Tue Dec 11 2018 Robbie Harwood - 1.15.1-35 - Fix bugs with concurrent use of MEMORY ccaches - Resolves: #1657890 libmount-2.23.2-59.el7_6.1 -------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libmount-devel-2.23.2-59.el7_6.1 -------------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libmudflap-4.8.5-36.el7_6.2 --------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libmudflap-devel-4.8.5-36.el7_6.2 --------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libmudflap-static-4.8.5-36.el7_6.2 ---------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libobjc-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libquadmath-4.8.5-36.el7_6.2 ---------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libquadmath-devel-4.8.5-36.el7_6.2 ---------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libquadmath-static-4.8.5-36.el7_6.2 ----------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libreswan-3.25-4.8.el7_6 ------------------------ * Thu May 09 2019 Paul Wouters - 3.25-4.8 - Resolves: rhbz#1708060 IKEv1 traffic interruption when responder deletes SAs 60 seconds before EVENT_SA_REPLACE [rhel-7.6.z] * Thu May 02 2019 Paul Wouters - 3.25-4.7 - Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or auto=start [updated for eclipsed handling] * Thu Apr 11 2019 Paul Wouters - 3.25-4.6 - Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses when critical flags are set causing validation failure [rhel-7.6.z] [updated] * Sun Mar 31 2019 Paul Wouters - 3.25-4.5 - Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or auto=start that receive delete won't restart [rhel-7.6.z] [updated] * Tue Feb 26 2019 Paul Wouters - 3.25-4.4 - Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or auto=start that receive delete won't restart [rhel-7.6.z] * Mon Feb 25 2019 Paul Wouters - 3.25-4.3 - Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses when critical flags are set causing validation failure [rhel-7.6.z] * Fri Feb 15 2019 Paul Wouters - 3.25-4.2 - Resolves: rhbz#1672921 - Libreswan crash upon receiving ISAKMP_NEXT_D with appended ISAKMP_NEXT_N [updated bugfix] * Fri Jan 11 2019 Paul Wouters - 3.25-4.1 - Resolves: rhbz#1665369 libreswan 3.25 in FIPS mode is incorrectly rejecting X.509 public keys that are >= 3072 bits [rhel-7.6.z] * Tue Jan 08 2019 Paul Wouters - 3.25-4 - Resolves: rhbz#1660536 libreswan assertion failed when OAKLEY_KEY_LENGTH is zero for IKE using AES_CBC - Resolves: rhbz#1660544 config: recursive include check doesn't work - Resolves: rhbz#1660542 Libreswan crash upon receiving ISAKMP_NEXT_D with appended ISAKMP_NEXT_N - Resolves: rhbz#1664244 [abrt] [faf] libreswan: strncpy(): /usr/libexec/ipsec/pluto killed by 11 * Mon Dec 03 2018 Paul Wouters - 3.25-3 - Resolves: rhbz#1655440 Unable to verify certificate with non-empty Extended Key Usage which does not include serverAuth or clientAuth libsmartcols-2.23.2-59.el7_6.1 ------------------------------ * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libsmartcols-devel-2.23.2-59.el7_6.1 ------------------------------------ * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libssh2-1.4.3-12.el7_6.2 ------------------------ * Wed Mar 20 2019 Kamil Dudka 1.4.3-12.el7_6.2 - sanitize public header file (detected by rpmdiff) * Tue Mar 19 2019 Kamil Dudka 1.4.3-12.el7_6.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863) - fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) libssh2-devel-1.4.3-12.el7_6.2 ------------------------------ * Wed Mar 20 2019 Kamil Dudka 1.4.3-12.el7_6.2 - sanitize public header file (detected by rpmdiff) * Tue Mar 19 2019 Kamil Dudka 1.4.3-12.el7_6.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863) - fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) libssh2-docs-1.4.3-12.el7_6.2 ----------------------------- * Wed Mar 20 2019 Kamil Dudka 1.4.3-12.el7_6.2 - sanitize public header file (detected by rpmdiff) * Tue Mar 19 2019 Kamil Dudka 1.4.3-12.el7_6.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863) - fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) libsss_autofs-1.16.2-13.el7_6.8 ------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_certmap-1.16.2-13.el7_6.8 -------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_certmap-devel-1.16.2-13.el7_6.8 -------------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_idmap-1.16.2-13.el7_6.8 ------------------------------ * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_idmap-devel-1.16.2-13.el7_6.8 ------------------------------------ * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_nss_idmap-1.16.2-13.el7_6.8 ---------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_nss_idmap-devel-1.16.2-13.el7_6.8 ---------------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_simpleifp-1.16.2-13.el7_6.8 ---------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_simpleifp-devel-1.16.2-13.el7_6.8 ---------------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libsss_sudo-1.16.2-13.el7_6.8 ----------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] libstdc++-4.8.5-36.el7_6.2 -------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libstdc++-devel-4.8.5-36.el7_6.2 -------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libstdc++-docs-4.8.5-36.el7_6.2 ------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libstdc++-static-4.8.5-36.el7_6.2 --------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libteam-1.27-6.el7_6.1 ---------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] libteam-devel-1.27-6.el7_6.1 ---------------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] libteam-doc-1.27-6.el7_6.1 -------------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] libtsan-4.8.5-36.el7_6.2 ------------------------ * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libtsan-static-4.8.5-36.el7_6.2 ------------------------------- * Wed Feb 13 2019 Marek Polacek 4.8.5-36.2 - allow libitm to use HTM (#1674383) - fix mode mismatch in prepare_cmp_insn (#1676795, PR target/63442) * Wed Jan 16 2019 Jeff Law 4.8.5-36.1 - Avoid code generation bug due to incorrect CFG in the presence of setjmp/longjmp (#1655148). libuuid-2.23.2-59.el7_6.1 ------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libuuid-devel-2.23.2-59.el7_6.1 ------------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login libvirt-4.5.0-10.el7_6.7 ------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-admin-4.5.0-10.el7_6.7 ------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-bash-completion-4.5.0-10.el7_6.7 ---------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-client-4.5.0-10.el7_6.7 ------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-4.5.0-10.el7_6.7 ------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-config-network-4.5.0-10.el7_6.7 ---------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.7 ----------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-interface-4.5.0-10.el7_6.7 ------------------------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-lxc-4.5.0-10.el7_6.7 ------------------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-network-4.5.0-10.el7_6.7 ---------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.7 ---------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.7 ----------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-qemu-4.5.0-10.el7_6.7 ------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-secret-4.5.0-10.el7_6.7 --------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-4.5.0-10.el7_6.7 ---------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.7 --------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.7 --------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.7 ------------------------------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.7 ---------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.7 ------------------------------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.7 ---------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.7 -------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.7 --------------------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-kvm-4.5.0-10.el7_6.7 ----------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-daemon-lxc-4.5.0-10.el7_6.7 ----------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-devel-4.5.0-10.el7_6.7 ------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-docs-4.5.0-10.el7_6.7 ----------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-libs-4.5.0-10.el7_6.7 ----------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-lock-sanlock-4.5.0-10.el7_6.7 ------------------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-login-shell-4.5.0-10.el7_6.7 ------------------------------------ * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-nss-4.5.0-10.el7_6.7 ---------------------------- * Tue Mar 26 2019 Jiri Denemark - 4.5.0-10.el7_6.7 - cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1687515) - cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1687515) - cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1687515) - cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1687515) - cpu_x86: Add x86ModelCopySignatures helper (rhbz#1687515) - cpu_x86: Store CPU signature in an array (rhbz#1687515) - cpu_x86: Allow multiple signatures for a CPU model (rhbz#1687515) - cpu_map: Add hex representation of signatures (rhbz#1687515) - cpu_map: Add more signatures for Conroe CPU model (rhbz#1687515) - cpu_map: Add more signatures for Penryn CPU model (rhbz#1687515) - cpu_map: Add more signatures for Nehalem CPU models (rhbz#1687515) - cpu_map: Add more signatures for Westmere CPU model (rhbz#1687515) - cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1687515) - cpu_map: Add more signatures for Haswell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Broadwell CPU models (rhbz#1687515) - cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1687515) - cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1687515) - cpu_x86: Log decoded CPU model and signatures (rhbz#1687515) - util: Modify virStorageFileGetSCSIKey return (rhbz#1687715) - storage: Rework virStorageBackendSCSISerial (rhbz#1687715) - util: Introduce virStorageFileGetNPIVKey (rhbz#1687715) - storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1687715) * Thu Feb 21 2019 Jiri Denemark - 4.5.0-10.el7_6.6 - RHEL: spec: Require new enough librbd1 (rhbz#1679569) * Wed Feb 20 2019 Jiri Denemark - 4.5.0-10.el7_6.5 - virfile: Detect ceph as shared FS (rhbz#1672178) - util: Don't overflow in virRandomBits (rhbz#1667329) - virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1667329) * Thu Jan 10 2019 Jiri Denemark - 4.5.0-10.el7_6.4 - qemu: Fix post-copy migration on the source (rhbz#1654732) - RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1664793) * Thu Nov 08 2018 Jiri Denemark - 4.5.0-10.el7_6.3 - virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1641798) - qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634759) - qemu: Report more appropriate running reasons (rhbz#1634759) - qemu: Pass running reason to RESUME event handler (rhbz#1634759) - qemu: Map running reason to resume event detail (rhbz#1634759) - qemu: Avoid duplicate resume events and state changes (rhbz#1634759) - qemu: Don't ignore resume events (rhbz#1634759) * Wed Oct 10 2018 Jiri Denemark - 4.5.0-10.el7_6.2 - virfile: fix cast-align error (rhbz#1635705) - virfiletest: Fix test name prefix for virFileInData test (rhbz#1635705) - virfiletst: Test virFileIsSharedFS (rhbz#1635705) - virFileIsSharedFSType: Detect direct mount points (rhbz#1635705) - virfile: Rework virFileIsSharedFixFUSE (rhbz#1635705) * Mon Oct 08 2018 Jiri Denemark - 4.5.0-10.el7_6.1 - security: dac: also label listen UNIX sockets (rhbz#1635228) - qemu: fix up permissions for pre-created UNIX sockets (rhbz#1635228) - virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1635705) libvirt-snmp-0.0.3-5.el7_6.2 ---------------------------- * Wed Dec 12 2018 Michal Privoznik - 0.0.3-5.el7_6.1 - Send sysUptime in traps (BZ: 1653591) * Thu Nov 22 2018 Michal Privoznik - 0.0.3-5.el7_6.1 - Replace placeholder org OID with libvirt OID (BZ: 1603154) - Fix object OIDs for SNMP traps (BZ: 1641995) - Modernize spec file libvncserver-0.9.9-13.el7_6 --------------------------- * Thu Jan 10 2019 Petr Pisar - 0.9.9-13 - Fix CVE-2018-15127 (Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer()) (bug #1662995) * Mon Feb 26 2018 Petr Pisar - 0.9.9-12 - Fix CVE-2018-7225 (improper client cut text length sanitization) (bug #1548441) libvncserver-devel-0.9.9-13.el7_6 --------------------------------- * Thu Jan 10 2019 Petr Pisar - 0.9.9-13 - Fix CVE-2018-15127 (Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer()) (bug #1662995) * Mon Feb 26 2018 Petr Pisar - 0.9.9-12 - Fix CVE-2018-7225 (improper client cut text length sanitization) (bug #1548441) libwsman-devel-2.6.3-6.git4391e5c.el7_6 --------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 libwsman1-2.6.3-6.git4391e5c.el7_6 ---------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 lua-guestfs-1.38.2-12.el7_6.2 ----------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 lvm2-2.02.180-10.el7_6.3 ------------------------ * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-cluster-2.02.180-10.el7_6.3 -------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-devel-2.02.180-10.el7_6.3 ------------------------------ * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-libs-2.02.180-10.el7_6.3 ----------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-lockd-2.02.180-10.el7_6.3 ------------------------------ * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-python-boom-0.9-14.el7_6.2 ------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-python-libs-2.02.180-10.el7_6.3 ------------------------------------ * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. lvm2-sysvinit-2.02.180-10.el7_6.3 --------------------------------- * Mon Dec 17 2018 Marian Csontos - 7:2.02.180-10.el7_6.3 - Fix component detection for MD RAID version 1.0 and 0.90. - Use sync io if async io_setup fails, or when use_aio=0 is set in config. - Fix dmstats report printing no output. * Wed Oct 31 2018 Marian Csontos - 7:2.02.180-10.el7_6.2 - Fix possible write beyond metadata area. * Wed Oct 10 2018 Marian Csontos - 7:2.02.180-10.el7_6.1 - Fix clustered mirror repair. mesa-dri-drivers-18.0.5-4.el7_6 ------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-filesystem-18.0.5-4.el7_6 ------------------------------ * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libEGL-18.0.5-4.el7_6 -------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libEGL-devel-18.0.5-4.el7_6 -------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libGL-18.0.5-4.el7_6 ------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libGL-devel-18.0.5-4.el7_6 ------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libGLES-18.0.5-4.el7_6 --------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libGLES-devel-18.0.5-4.el7_6 --------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libOSMesa-18.0.5-4.el7_6 ----------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libOSMesa-devel-18.0.5-4.el7_6 ----------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libgbm-18.0.5-4.el7_6 -------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libgbm-devel-18.0.5-4.el7_6 -------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libglapi-18.0.5-4.el7_6 ---------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libwayland-egl-18.0.5-4.el7_6 ---------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libwayland-egl-devel-18.0.5-4.el7_6 ---------------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libxatracker-18.0.5-4.el7_6 -------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-libxatracker-devel-18.0.5-4.el7_6 -------------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-vdpau-drivers-18.0.5-4.el7_6 --------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions mesa-vulkan-drivers-18.0.5-4.el7_6 ---------------------------------- * Sat Dec 15 2018 Dave Airlie - 18.0.5-4 - disable shm put/get for now it caused regressions microcode_ctl-2.1-47.5.el7_6 ---------------------------- * Wed Jun 19 2019 Eugene Syromiatnikov - 2:2.1-47.5 - Intel CPU microcode update to 20190618. - Resolves: #1722575. * Sun Jun 02 2019 Eugene Syromiatnikov - 2:2.1-47.4 - Remove disclaimer, as it is not as important now to justify kmsg/log pollution; its contents are partially adopted in README.caveats. * Wed May 29 2019 Eugene Syromiatnikov - 2:2.1-47.3 - Intel CPU microcode update to 20190514a. - Resolves: #1714958. * Fri May 10 2019 Eugene Syromiatnikov - 2:2.1-47.2 - Intel CPU microcode update to 20190507_Public_DEMO. - Resolves: #1704374. * Fri May 10 2019 Eugene Syromiatnikov - 2:2.1-47.1 - Intel CPU microcode update to 20190312. - Add "Provides:" tags generation. - Fix %postun script. - Resolves: #1704374. mod_auth_mellon-0.14.0-2.el7_6.4 -------------------------------- * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.4 - Actually apply the patch in the previous build - Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.3 - Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes [rhel-7] [rhel-7.6.z] * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.2 - Resolves: rhbz#1697487 - mod_auth_mellon Cert files name wrong when hostname contains a number * Fri Mar 22 2019 Jakub Hrozek - 0.14.0-2.1 - Resolves: rhbz#1692455 - CVE-2019-3878 mod_auth_mellon: authentication bypass in ECP flow [rhel-7.6.z] mod_auth_mellon-diagnostics-0.14.0-2.el7_6.4 -------------------------------------------- * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.4 - Actually apply the patch in the previous build - Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.3 - Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes [rhel-7] [rhel-7.6.z] * Mon Apr 08 2019 Jakub Hrozek - 0.14.0-2.2 - Resolves: rhbz#1697487 - mod_auth_mellon Cert files name wrong when hostname contains a number * Fri Mar 22 2019 Jakub Hrozek - 0.14.0-2.1 - Resolves: rhbz#1692455 - CVE-2019-3878 mod_auth_mellon: authentication bypass in ECP flow [rhel-7.6.z] mokutil-15-2.el7_6.bclinux -------------------------- * Fri Feb 22 2019 Fabian Arrotin -15-2.el7.centos - Rebuilt with a patch for non SB machines (Fixes #15522) mutter-3.28.3-7.el7_6 --------------------- * Mon Mar 18 2019 Jonas Ådahl - 3.28.3-7 - Don't ignore current mode when deriving current config (#1690760) * Wed Jan 16 2019 Florian Müllner - 3.26.2-18 - Prevent titlebars going off-screen (rhbz#1679913) * Wed Oct 10 2018 Carlos Garnacho - 3.28.3-5 - Do not latch modifiers on modifier keys Resolves: #1637822 mutter-devel-3.28.3-7.el7_6 --------------------------- * Mon Mar 18 2019 Jonas Ådahl - 3.28.3-7 - Don't ignore current mode when deriving current config (#1690760) * Wed Jan 16 2019 Florian Müllner - 3.26.2-18 - Prevent titlebars going off-screen (rhbz#1679913) * Wed Oct 10 2018 Carlos Garnacho - 3.28.3-5 - Do not latch modifiers on modifier keys Resolves: #1637822 nbdkit-1.2.6-1.el7_6.2 ---------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-basic-plugins-1.2.6-1.el7_6.2 ------------------------------------ * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-devel-1.2.6-1.el7_6.2 ---------------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-example-plugins-1.2.6-1.el7_6.2 -------------------------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-plugin-python-common-1.2.6-1.el7_6.2 ------------------------------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-plugin-python2-1.2.6-1.el7_6.2 ------------------------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nbdkit-plugin-vddk-1.2.6-1.el7_6.2 ---------------------------------- * Thu Nov 08 2018 Richard W.M. Jones - 1.2.6-1.el7_6.2 - Enhanced Python error reporting. resolves: rhbz#1613946 * Fri Oct 12 2018 Pino Toscano - 1.2.6-1.el7_6.1 - Fix TLS priority. (RHBZ#1632220) nscd-2.17-260.el7_6.6 --------------------- * Fri May 03 2019 Florian Weimer - 2.17-260.6 - Backport libio vtable validation improvements (#1705899) * Tue Apr 30 2019 Florian Weimer - 2.17-260.5 - Use versioned Obsoletes: for nss_db (#1704593) * Mon Apr 01 2019 Florian Weimer - 2.17-260.4 - ja_JP: Add new Japanese Era name (#1693152) * Thu Jan 03 2019 Florian Weimer - 2.17-260.3 - elf: Fix data race in _dl_profile_fixup (#1661242) * Thu Dec 20 2018 Florian Weimer - 2.17-260.1 - aarch64: Disable lazy symbol binding of TLSDESC (#1661244) nss-3.36.0-7.1.el7_6 -------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-7.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-devel-3.36.0-7.1.el7_6 -------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-7.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-pem-1.0.3-5.el7_6.1 ----------------------- * Mon Jan 14 2019 Kamil Dudka 1.0.3-5.el7_6.1 - fix performance regression in libcurl (#1659108) nss-pkcs11-devel-3.36.0-7.1.el7_6 --------------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-7.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-sysinit-3.36.0-7.1.el7_6 ---------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-7.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-tools-3.36.0-7.1.el7_6 -------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-7.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-util-3.36.0-1.1.el7_6 ------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-1.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nss-util-devel-3.36.0-1.1.el7_6 ------------------------------- * Mon Nov 12 2018 Bob Relyea - 3.36.0-1.1 - Update the cert verify code to allow a new ipsec usage and follow RFC 4945 nvme-cli-1.6-4.el7_6 -------------------- * Tue Oct 16 2018 dmilburn@redhat.com - 1.6-2 - Pull in upstream fixes ocaml-libguestfs-1.38.2-12.el7_6.2 ---------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 ocaml-libguestfs-devel-1.38.2-12.el7_6.2 ---------------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 openldap-2.4.44-21.el7_6 ------------------------ * Tue Dec 18 2018 Matus Honek - 2.4.44-21 - MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184) openldap-clients-2.4.44-21.el7_6 -------------------------------- * Tue Dec 18 2018 Matus Honek - 2.4.44-21 - MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184) openldap-devel-2.4.44-21.el7_6 ------------------------------ * Tue Dec 18 2018 Matus Honek - 2.4.44-21 - MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184) openldap-servers-2.4.44-21.el7_6 -------------------------------- * Tue Dec 18 2018 Matus Honek - 2.4.44-21 - MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184) openldap-servers-sql-2.4.44-21.el7_6 ------------------------------------ * Tue Dec 18 2018 Matus Honek - 2.4.44-21 - MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184) openssl-1.0.2k-16.2.el7.bclinux ------------------------------- * Wed May 08 2019 guzhifeng 1.0.2k-16.2 - Add China cryptographic algorithm SM2 SM3 SMS4 - Fix wget some websites meet decode error. openssl-devel-1.0.2k-16.2.el7.bclinux ------------------------------------- * Wed May 08 2019 guzhifeng 1.0.2k-16.2 - Add China cryptographic algorithm SM2 SM3 SMS4 - Fix wget some websites meet decode error. openssl-libs-1.0.2k-16.2.el7.bclinux ------------------------------------ * Wed May 08 2019 guzhifeng 1.0.2k-16.2 - Add China cryptographic algorithm SM2 SM3 SMS4 - Fix wget some websites meet decode error. openssl-perl-1.0.2k-16.2.el7.bclinux ------------------------------------ * Wed May 08 2019 guzhifeng 1.0.2k-16.2 - Add China cryptographic algorithm SM2 SM3 SMS4 - Fix wget some websites meet decode error. openssl-static-1.0.2k-16.2.el7.bclinux -------------------------------------- * Wed May 08 2019 guzhifeng 1.0.2k-16.2 - Add China cryptographic algorithm SM2 SM3 SMS4 - Fix wget some websites meet decode error. openwsman-client-2.6.3-6.git4391e5c.el7_6 ----------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 openwsman-perl-2.6.3-6.git4391e5c.el7_6 --------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 openwsman-python-2.6.3-6.git4391e5c.el7_6 ----------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 openwsman-ruby-2.6.3-6.git4391e5c.el7_6 --------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 openwsman-server-2.6.3-6.git4391e5c.el7_6 ----------------------------------------- * Wed Mar 13 2019 Vitezslav Crhonek - 2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: #1668657 - Remove Dist Tag from the oldest changelog entry * Mon Mar 04 2019 Vitezslav Crhonek - 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: #1668657 osinfo-db-20181214-1.el7_6.bclinux ---------------------------------- * Mon Apr 15 2019 Wei Ye - 20181214-1 - Add BC-Linux7.0 os info. * Fri Dec 14 2018 Fabiano Fidêncio - 20181214-1 - Resolves: rhbz#1652088 - Rebase to the latest upstream release * Thu Dec 06 2018 Fabiano Fidêncio - 20181203-1 - Resolves: rhbz#1652088 - Rebase to the latest upstream release pcp-4.1.0-5.el7_6 ----------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-collector-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-conf-4.1.0-5.el7_6 ---------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-devel-4.1.0-5.el7_6 ----------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-doc-4.1.0-5.el7_6 --------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-pcp2graphite-4.1.0-5.el7_6 ------------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-pcp2influxdb-4.1.0-5.el7_6 ------------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-pcp2json-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-pcp2xml-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-pcp2zabbix-4.1.0-5.el7_6 ----------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-export-zabbix-agent-4.1.0-5.el7_6 ------------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-gui-4.1.0-5.el7_6 --------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-import-collectl2pcp-4.1.0-5.el7_6 ------------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-import-ganglia2pcp-4.1.0-5.el7_6 ------------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-import-iostat2pcp-4.1.0-5.el7_6 ----------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-import-mrtg2pcp-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-import-sar2pcp-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-libs-4.1.0-5.el7_6 ---------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-libs-devel-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-manager-4.1.0-5.el7_6 ------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-monitor-4.1.0-5.el7_6 ------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-activemq-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-apache-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-bash-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-bcc-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-bind2-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-bonding-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-cifs-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-cisco-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-dbping-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-dm-4.1.0-5.el7_6 ------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-docker-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-ds389-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-ds389log-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-elasticsearch-4.1.0-5.el7_6 ------------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-gfs2-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-gluster-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-gpfs-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-gpsd-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-haproxy-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-infiniband-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-json-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-kvm-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-libvirt-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-lio-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-lmsensors-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-logger-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-lustre-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-lustrecomm-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-mailq-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-memcache-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-mic-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-mounts-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-mysql-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-named-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-netfilter-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-news-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-nfsclient-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-nginx-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-nvidia-gpu-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-oracle-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-papi-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-pdns-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-perfevent-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-postfix-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-postgresql-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-prometheus-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-redis-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-roomtemp-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-rpm-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-rsyslog-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-samba-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-sendmail-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-shping-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-slurm-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-smart-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-snmp-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-summary-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-systemd-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-trace-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-unbound-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-vmware-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-weblog-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-zimbra-4.1.0-5.el7_6 ----------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-pmda-zswap-4.1.0-5.el7_6 ---------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-selinux-4.1.0-5.el7_6 ------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-system-tools-4.1.0-5.el7_6 ------------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-testsuite-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webapi-4.1.0-5.el7_6 ------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webapp-blinkenlights-4.1.0-5.el7_6 -------------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webapp-grafana-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webapp-graphite-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webapp-vector-4.1.0-5.el7_6 ------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-webjs-4.1.0-5.el7_6 ----------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) pcp-zeroconf-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) perf-3.10.0-957.21.3.el7 ------------------------ * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] perl-5.16.3-294.el7_6 --------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-CPAN-1.9800-294.el7_6 -------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6 ----------------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-ExtUtils-Embed-1.30-294.el7_6 ---------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-ExtUtils-Install-1.58-294.el7_6 ------------------------------------ * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Git-1.8.3.1-20.el7 ----------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 perl-Git-SVN-1.8.3.1-20.el7 --------------------------- * Fri Oct 19 2018 Pavel Cahyna - 1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1 perl-IO-Zlib-1.10-294.el7_6 --------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Locale-Maketext-Simple-0.21-294.el7_6 ------------------------------------------ * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Module-CoreList-2.76.02-294.el7_6 -------------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Module-Loaded-0.08-294.el7_6 --------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Object-Accessor-0.42-294.el7_6 ----------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-PCP-LogImport-4.1.0-5.el7_6 -------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) perl-PCP-LogSummary-4.1.0-5.el7_6 --------------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) perl-PCP-MMV-4.1.0-5.el7_6 -------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) perl-PCP-PMDA-4.1.0-5.el7_6 --------------------------- * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) perl-Package-Constants-0.02-294.el7_6 ------------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Pod-Escapes-1.04-294.el7_6 ------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-Sys-Guestfs-1.38.2-12.el7_6.2 ---------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 perl-Time-Piece-1.20.1-294.el7_6 -------------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-core-5.16.3-294.el7_6 -------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-devel-5.16.3-294.el7_6 --------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-libs-5.16.3-294.el7_6 -------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-macros-5.16.3-294.el7_6 ---------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) perl-tests-5.16.3-294.el7_6 --------------------------- * Mon Jan 07 2019 Jitka Plesnikova - 4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow (bug #1661064) pki-base-10.5.9-13.el7_6 ------------------------ * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-base-java-10.5.9-13.el7_6 ----------------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-ca-10.5.9-13.el7_6 ---------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-javadoc-10.5.9-13.el7_6 --------------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-kra-10.5.9-13.el7_6 ----------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-server-10.5.9-13.el7_6 -------------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-symkey-10.5.9-13.el7_6 -------------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, pki-tools-10.5.9-13.el7_6 ------------------------- * Fri Feb 15 2019 Dogtag Team 10.5.9-13 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] [manpage] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Fri Feb 01 2019 Dogtag Team 10.5.9-12 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Thu Jan 31 2019 Dogtag Team 10.5.9-11 - Updated jss dependencies - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1671245 - CC: unable to verify cert before import [rhel-7.6.z] (ascheel) - Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL) [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS) * Mon Dec 17 2018 Dogtag Team 10.5.9-10 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout configuration [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, - # Added Batch Update Information to Product Version (mharmsen) * Mon Dec 10 2018 Dogtag Team 10.5.9-9 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification if enableOCSP is true [rhel-7.6.z] (jmagne) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Wed Dec 05 2018 Dogtag Team 10.5.9-8 - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645263 - Auth plugins leave passwords in the access log and audit log using REST [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1645429 - pkispawn fails due to name collision with /var/log/pki/ [rhel-7.6.z] (dmoluguw) - Bugzilla Bug #1655951 - CC: tools supporting CMC requests output keyID needs to be captured in file [rhel-7.6.z] (cfu) - Bugzilla Bug #1656297 - Unable to install with admin-generated keys [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, * Mon Oct 29 2018 Dogtag Team 10.5.9-7 - Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement - ########################################################################## - # RHEL 7.6: - ########################################################################## - Bugzilla Bug #1632116 - CC: missing audit event for CS acting as TLS client [rhel-7.6.z] (cfu) - Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be removed from the default ciphers list [rhel-7.6.z] (cfu) - Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu) - Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen) - Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth [rhel-7.6.z] (cfu) - Bugzilla Bug #1636490 - Installation of CA using an existing CA fails [rhel-7.6.z] (edewata) - Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for a password [rhel-7.6.z] (edewata) - Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra, pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne) - Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when there is no space on the disk to write logs [rhel-7.6.z] (edewata) - ########################################################################## - # RHCS 9.4: - ########################################################################## - # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA, policycoreutils-2.5-29.el7_6.1 ------------------------------ * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-devel-2.5-29.el7_6.1 ------------------------------------ * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-gui-2.5-29.el7_6.1 ---------------------------------- * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-newrole-2.5-29.el7_6.1 -------------------------------------- * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-python-2.5-29.el7_6.1 ------------------------------------- * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-restorecond-2.5-29.el7_6.1 ------------------------------------------ * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) policycoreutils-sandbox-2.5-29.el7_6.1 -------------------------------------- * Wed Jan 16 2019 Vit Mojzis - 2.5-29.1 - scripts/fixfiles: Do not fail on file_contexts.local (#1665813) polkit-0.112-18.el7_6.1 ----------------------- * Tue Jan 22 2019 Jan Rybar - 0.112-18.el7_6.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz#1667311 polkit-devel-0.112-18.el7_6.1 ----------------------------- * Tue Jan 22 2019 Jan Rybar - 0.112-18.el7_6.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz#1667311 polkit-docs-0.112-18.el7_6.1 ---------------------------- * Tue Jan 22 2019 Jan Rybar - 0.112-18.el7_6.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz#1667311 python-2.7.5-80.el7_6 --------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python-debug-2.7.5-80.el7_6 --------------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python-devel-2.7.5-80.el7_6 --------------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python-docs-2.7.5-3.el7_6 ------------------------- * Thu May 09 2019 Charalampos Stratakis - 2.7.5-3 - Remove unversioned obsoletes Resolves: rhbz#1708673 python-libguestfs-1.38.2-12.el7_6.2 ----------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 python-libipa_hbac-1.16.2-13.el7_6.8 ------------------------------------ * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] python-libs-2.7.5-80.el7_6 -------------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python-libsss_nss_idmap-1.16.2-13.el7_6.8 ----------------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] python-libteam-1.27-6.el7_6.1 ----------------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] python-paramiko-2.1.1-9.el7 --------------------------- * Thu Oct 18 2018 Jake Hunsaker - 2.1.1-9 - Fix a security flaw (CVE-2018-1000805) in Paramiko's server mode (does not effect client mode). Backported from 2.1.6 Resolves rhbz#1637366 python-paramiko-doc-2.1.1-9.el7 ------------------------------- * Thu Oct 18 2018 Jake Hunsaker - 2.1.1-9 - Fix a security flaw (CVE-2018-1000805) in Paramiko's server mode (does not effect client mode). Backported from 2.1.6 Resolves rhbz#1637366 python-pcp-4.1.0-5.el7_6 ------------------------ * Tue Oct 09 2018 Nathan Scott - 4.1.0-5 - Missing values from short /proc/*/status file reads (BZ 1600262) python-perf-3.10.0-957.21.3.el7 ------------------------------- * Fri Jun 14 2019 Jan Stancek [3.10.0-957.21.3.el7] - [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479} - [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478} - [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477} - [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477} * Tue May 28 2019 Jan Stancek [3.10.0-957.21.2.el7] - [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1702286 1710633] * Thu May 23 2019 Jan Stancek [3.10.0-957.21.1.el7] - [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Wed May 15 2019 Jan Stancek [3.10.0-957.20.1.el7] - [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091} - [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} - [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091} * Fri Apr 26 2019 Jan Stancek [3.10.0-957.19.1.el7] - [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1702923 1077929] - [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei) [1702921 1701348] - [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921 1701348] - [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian Foster) [1702922 1658749] - [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (Brian Foster) [1701293 1613405] - [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian Foster) [1701293 1613405] - [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian Foster) [1701293 1613405] - [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash (Tony Camuso) [1701991 1692236] - [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso) [1701991 1692236] - [char] ipmi: Remove platform driver overrides and use the id_table (Tony Camuso) [1701991 1692236] - [security] xattr: Constify ->name member of "struct xattr" (Aaron Tomlin) [1702286 1607307] - [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca) [1702282 1625454] - [s390] zcrypt: fix specification exception on z196 during ap probe (Hendrik Brueckner) [1700706 1669535] - [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (Mike Snitzer) [1699722 1693466] - [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110 1686149] - [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs() (Lukas Czerner) [1698110 1671293] - [powerpc] livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: relax reliable stack tracer checks for first-frame (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe Lawrence) [1697867 1658435] - [powerpc] 64s: Clear on-stack exception marker upon exception return (Joe Lawrence) [1697867 1658435] - [powerpc] livepatch: Fix build error with kprobes disabled (Joe Lawrence) [1697867 1658435] - [fs] xfs: don't screw up direct writes when freesp is fragmented (Brian Foster) [1693796 1667523] - [nvme] ensure forward progress during Admin passthru (David Milburn) [1690519 1672428] * Tue Apr 23 2019 Jan Stancek [3.10.0-957.18.1.el7] - [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743 1698825] * Mon Apr 15 2019 Jan Stancek [3.10.0-957.17.1.el7] - [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas Henzl) [1699723 1661906] * Thu Apr 11 2019 Jan Stancek [3.10.0-957.16.1.el7] - [netdrv] net/mlx5e: Properly set steering match levels for offloaded TC decap rules (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Always use the match level enum when parsing TC rule match (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Support offloaded TC flows with no matches on headers (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Get the required HW match level while parsing TC flow matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Properly order min inline mode setup while parsing TC matches (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow attributes (Alaa Hleihel) [1686292 1618427] - [netdrv] net/mlx5e: Err if asked to offload TC match on frag being first (Alaa Hleihel) [1686292 1618427] - [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov) [1697940 1691421] - [net] geneve: correctly handle ipv6.disable module parameter (Jiri Benc) [1694981 1677049] - [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595 1691227] - [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos Szeredi) [1696292 1677705] - [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511 1697241 1676613 1662887] - [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav Kysela) [1693562 1680180] - [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation (Jaroslav Kysela) [1693562 1657855] - [block] mtip32xx: fix memory corruption by initializing internal command header (Ming Lei) [1689929 1660292] - [fs] nfsd: deal with revoked delegations appropriately (Dave Wysochanski) [1689811 1552203] * Thu Mar 28 2019 Jan Stancek [3.10.0-957.15.1.el7] - [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1693561 1684780] - [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera) [1693110 1676462] * Tue Mar 26 2019 Jan Stancek [3.10.0-957.14.1.el7] - [fs] move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266 1627001] - [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng Yan) [1692266 1627001] - [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001] - [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan) [1692266 1627001] - [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries (Zheng Yan) [1692266 1627001] - [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan) [1692266 1627001] python-s3transfer-0.1.13-1.el7.0.1 ---------------------------------- python-sss-1.16.2-13.el7_6.8 ---------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] python-sss-murmur-1.16.2-13.el7_6.8 ----------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] python-sssdconfig-1.16.2-13.el7_6.8 ----------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] python-test-2.7.5-80.el7_6 -------------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python-tools-2.7.5-80.el7_6 --------------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 python2-gluster-3.12.2-47.2.el7 ------------------------------- * Fri May 17 2019 Rinku Kothiya - 3.12.2-47.2 - fixes bugs bz#1711159 * Tue May 14 2019 Rinku Kothiya - 3.12.2-47.1 - fixes bugs bz#1709174 * Wed Mar 13 2019 Milind Changire - 3.12.2-47 - fixes bugs bz#1458215 bz#1661258 bz#1669020 bz#1683893 * Thu Mar 07 2019 Milind Changire - 3.12.2-46 - fixes bugs bz#1668327 bz#1684648 * Thu Feb 21 2019 Milind Changire - 3.12.2-45 - fixes bugs bz#1678232 * Thu Feb 14 2019 Milind Changire - 3.12.2-43 - fixes bugs bz#1676904 * Tue Feb 12 2019 Milind Changire - 3.12.2-42 - fixes bugs bz#1410145 * Tue Feb 12 2019 Milind Changire - 3.12.2-41 - fixes bugs bz#1390151 bz#1410145 bz#1429190 bz#1510752 bz#1511779 bz#1570958 bz#1574490 bz#1595246 bz#1618669 bz#1661393 bz#1668989 bz#1669020 * Fri Jan 25 2019 Milind Changire - 3.12.2-40 - fixes bugs bz#1668304 bz#1669020 * Mon Jan 21 2019 Milind Changire - 3.12.2-39 - fixes bugs bz#1667169 python2-ipaclient-4.6.4-10.el7.centos.3 --------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes python2-ipalib-4.6.4-10.el7.centos.3 ------------------------------------ * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes python2-ipaserver-4.6.4-10.el7.centos.3 --------------------------------------- * Tue Mar 12 2019 CentOS Sources - 4.6.4-10.el7.centos.3 - Roll in CentOS Branding * Mon Feb 04 2019 Florence Blanc-Renaud - 4.6.4-10.el7_6.3 - Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6 IPA master - Update mod_nss cipher list so there is overlap with a 4.x master - Resolves: 1672342 Fix compile issue with new 389-ds - ipa-sidgen: make internal fetch_attr helper really internal - Resolves: 1672176 host_del and host_disable fails, ra.find() search for every certificates instead of the host's certificate by subject - Add workaround for slow host/service del - Optimize cert remove case - Resolves: 1672238 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain record - replica installation: add master record only if in managed zone - ipatests: add test for replica in forward zone * Tue Dec 18 2018 Florence Blanc-Renaud - 4.6.4-10.el7_6.2 - Resolves: 1659492 searching for ipa users by certificate fails - ipaldap.py: fix method creating a ldap filter for IPACertificate - ipatests: add xmlrpc test for user|host-find --certificate - Resolves: 1659509 IPA Upgrade failed with "unable to convert the attribute u'cACertificate;binary'" - ipa upgrade: handle double-encoded certificates - ipatests: add upgrade test for double-encoded cacert - ipatests: fix TestUpgrade::test_double_encoded_cacert - Resolves: 1659500 'ipa vault-retrieve' is failing with "ipa: ERROR: an internal error has occurred" - Add a shared-vault-retrieve test - Add a "Find enabled services" ACI in 20-aci.update so that all users can find IPA servers and services. ACI suggested by Christian Heimes. - Resolves: 1659511 ipa-pkinit-manage reports a switch from local pkinit to full pkinit configuration was successful although it was not. - ipatest: add test for ipa-pkinit-manage enable|disable - PKINIT: fix ipa-pkinit-manage enable|disable - Resolves: 1659499 automember-rebuild crashes - Find orphan automember rules - Resolves: 1660389 ipa-replica-install fails migrating RHEL 6 to 7 - replication: check remote ds version before editing attributes qemu-img-1.5.3-160.el7_6.1 -------------------------- * Mon Jan 14 2019 Miroslav Rezanina - 1.5.3-160.el7_6.1 - kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1664792] - Resolves: bz#1664792 (mode="host-model" VMs include broken "arch-facilities" flag name [qemu-kvm] [rhel-7.6.z]) qemu-kvm-1.5.3-160.el7_6.1 -------------------------- * Mon Jan 14 2019 Miroslav Rezanina - 1.5.3-160.el7_6.1 - kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1664792] - Resolves: bz#1664792 (mode="host-model" VMs include broken "arch-facilities" flag name [qemu-kvm] [rhel-7.6.z]) qemu-kvm-common-1.5.3-160.el7_6.1 --------------------------------- * Mon Jan 14 2019 Miroslav Rezanina - 1.5.3-160.el7_6.1 - kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1664792] - Resolves: bz#1664792 (mode="host-model" VMs include broken "arch-facilities" flag name [qemu-kvm] [rhel-7.6.z]) qemu-kvm-tools-1.5.3-160.el7_6.1 -------------------------------- * Mon Jan 14 2019 Miroslav Rezanina - 1.5.3-160.el7_6.1 - kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1664792] - Resolves: bz#1664792 (mode="host-model" VMs include broken "arch-facilities" flag name [qemu-kvm] [rhel-7.6.z]) qt-4.8.7-3.el7_6 ---------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-assistant-4.8.7-3.el7_6 -------------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-config-4.8.7-3.el7_6 ----------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-demos-4.8.7-3.el7_6 ---------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-devel-4.8.7-3.el7_6 ---------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-devel-private-4.8.7-3.el7_6 ------------------------------ * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-doc-4.8.7-3.el7_6 -------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-examples-4.8.7-3.el7_6 ------------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-mysql-4.8.7-3.el7_6 ---------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-odbc-4.8.7-3.el7_6 --------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-postgresql-4.8.7-3.el7_6 --------------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-qdbusviewer-4.8.7-3.el7_6 ---------------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-qvfb-4.8.7-3.el7_6 --------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 qt-x11-4.8.7-3.el7_6 -------------------- * Thu Mar 21 2019 Jan Grulich - 1:4.8.7-3 - Revert fix for font cache check in QFontEngineFT::recalcAdvances() Resolves: bz#1701744 rear-2.4-4.el7_6 ---------------- * Tue Feb 26 2019 Pavel Cahyna - 2.4-4 - Apply upstream PR2034 (multipath optimizations for lots of devices) * Thu Jan 03 2019 Pavel Cahyna - 2.4-3 - Backport fixes for upstream bugs 1974 and 1975 - Apply upstream PR1954 (record permanent MAC address for bond members) - Apply upstream PR2004 (support for custom network interface naming) - Backport fix for upstream bug 1926 (support for LACP bonding and teaming) rhsm-gtk-1.21.10-3.el7.centos ----------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) ruby-2.0.0.648-34.el7_6 ----------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 ruby-devel-2.0.0.648-34.el7_6 ----------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 ruby-doc-2.0.0.648-34.el7_6 --------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 ruby-irb-2.0.0.648-34.el7_6 --------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 ruby-libguestfs-1.38.2-12.el7_6.2 --------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 ruby-libs-2.0.0.648-34.el7_6 ---------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 ruby-tcltk-2.0.0.648-34.el7_6 ----------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-bigdecimal-1.2.0-34.el7_6 --------------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-io-console-0.4.2-34.el7_6 --------------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-json-1.7.7-34.el7_6 --------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-minitest-4.3.2-34.el7_6 ------------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-psych-2.0.0-34.el7_6 ---------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-rake-0.9.6-34.el7_6 --------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygem-rdoc-4.0.0-34.el7_6 --------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygems-2.0.14.1-34.el7_6 -------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 rubygems-devel-2.0.14.1-34.el7_6 -------------------------------- * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395 sbd-1.3.1-8.2.el7_6.1 --------------------- * Tue Jan 08 2019 Klaus Wenninger - 1.3.1-8.2.1 - make timeout-action configurable Resolves: rhbz#1666201 selinux-policy-3.13.1-229.el7_6.9 --------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-devel-3.13.1-229.el7_6.9 --------------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-doc-3.13.1-229.el7_6.9 ------------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-minimum-3.13.1-229.el7_6.9 ----------------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-mls-3.13.1-229.el7_6.9 ------------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-sandbox-3.13.1-229.el7_6.9 ----------------------------------------- * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 selinux-policy-targeted-3.13.1-229.el7_6.9 ------------------------------------------ * Thu Jan 17 2019 Lukas Vrabec - 3.13.1-229.9 - Allow gssd_t domain to manage kernel keyrings of every domain. Resolves: rhbz#1665815 - Add new interface domain_manage_all_domains_keyrings() Resolves: rhbz#1665815 * Mon Jan 14 2019 Lukas Vrabec - 3.13.1-229.8 - Add interface domain_rw_all_domains_keyrings() Resolves: rhbz#1665815 - Allow gssd_t domain to read/write kernel keyrings of every domain. Resolves: rhbz#1665815 * Thu Dec 20 2018 Lukas Vrabec - 3.13.1-229.7 - Update snapperd policy to allow snapperd manage all non security dirs. Resolves: rhbz#1661158 * Fri Nov 02 2018 Lukas Vrabec - 3.13.1-229.6 - Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 * Fri Oct 12 2018 Lukas Vrabec - 3.13.1-229.5 - Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.4 - Allow staff_t userdomain and confined_admindomain attribute to allow use generic ptys because of new sudo feature 'io logging' Resolves: rhbz#1638427 * Thu Oct 11 2018 Lukas Vrabec - 3.13.1-229.3 - Run ganesha as ganesha_t domain again, revert changes where ganesha is running as nfsd_t Resolves: rhbz#1638257 * Wed Oct 10 2018 Lukas Vrabec - 3.13.1-229.2 - Fix missing patch in spec file Resolves: rhbz#1635704 * Fri Oct 05 2018 Lukas Vrabec - 3.13.1-229.1 - Allow cinder_volume_t domain to dbus chat with systemd_logind_t domain Resolves: rhbz#1635704 shadow-utils-4.1.5.1-25.el7_6.1 ------------------------------- * Fri Feb 01 2019 Tomáš Mráz - 2:4.1.5.1-25.1 - re-allow all numeric usernames when SHADOW_ALLOW_ALL_NUMERIC_USER environment variable is set (#1651450) shim-ia32-15-2.el7_6.bclinux ---------------------------- * Fri Feb 22 2019 Fabian Arrotin -15-2.el7.centos - Rebuilt with a patch for non SB machines (Fixes #15522) shim-unsigned-ia32-15-2.el7_6.bclinux ------------------------------------- * Thu Dec 06 2018 Fabian Arrotin - 15-2.el7.centos - 0002-MokListRT-Fatal.patch (https://github.com/rhboot/shim/pull/157) (#15522) shim-unsigned-x64-15-2.el7_6.bclinux ------------------------------------ * Thu Dec 06 2018 Fabian Arrotin - 15-2.el7.centos - 0002-MokListRT-Fatal.patch (https://github.com/rhboot/shim/pull/157) (#15522) shim-x64-15-2.el7_6.bclinux --------------------------- * Fri Feb 22 2019 Fabian Arrotin -15-2.el7.centos - Rebuilt with a patch for non SB machines (Fixes #15522) sos-3.6-16.el7_6.bclinux ------------------------ * Thu Apr 18 2019 Liu Jing - Roll in BC-Linux Branding - add collection of license information sos-collector-1.5-3.el7_6 ------------------------- * Tue Nov 13 2018 Jake Hunsaker - 1.5-3 - Resolve race condition in cluster profile loading - Quote all options globally - RHBZ#1633515 - RHBZ#1647955 * Wed Nov 07 2018 Jake Hunsaker - 1.5-2 - Fix cluster option reporting * Mon Oct 22 2018 Jake Hunsaker - 1.5-1 - Update to version 1.5 - Resolves CVE-2018-14650 spamassassin-3.4.0-4.el7_5 -------------------------- * Thu Sep 27 2018 Ondřej Lysoněk - 3.4.0-4 - Add missing Requires for perl(XSLoader) and perl(ExtUtils::MakeMaker), - which are no longer auto-generated due to a (expected) change in rpm-build - Related: rhbz#1632998 * Thu Sep 27 2018 Ondřej Lysoněk - 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed tags in crafted emails allow for - scan timeouts and resulting denial of service - Resolves: rhbz#1632998 spice-server-0.14.0-6.el7_6.1 ----------------------------- * Thu Jan 24 2019 Christophe Fergeau - 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 spice-server-devel-0.14.0-6.el7_6.1 ----------------------------------- * Thu Jan 24 2019 Christophe Fergeau - 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 squid-3.5.20-12.el7_6.1 ----------------------- * Mon Dec 10 2018 Luboš Uhliarik - 7:3.5.20-12.1 - Resolves: #1657638 - migration of upstream squid bug 4007 squid-migration-script-3.5.20-12.el7_6.1 ---------------------------------------- * Mon Dec 10 2018 Luboš Uhliarik - 7:3.5.20-12.1 - Resolves: #1657638 - migration of upstream squid bug 4007 squid-sysvinit-3.5.20-12.el7_6.1 -------------------------------- * Mon Dec 10 2018 Luboš Uhliarik - 7:3.5.20-12.1 - Resolves: #1657638 - migration of upstream squid bug 4007 sssd-1.16.2-13.el7_6.8 ---------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-ad-1.16.2-13.el7_6.8 ------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-client-1.16.2-13.el7_6.8 ----------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-common-1.16.2-13.el7_6.8 ----------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-common-pac-1.16.2-13.el7_6.8 --------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-dbus-1.16.2-13.el7_6.8 --------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-ipa-1.16.2-13.el7_6.8 -------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-kcm-1.16.2-13.el7_6.8 -------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-krb5-1.16.2-13.el7_6.8 --------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-krb5-common-1.16.2-13.el7_6.8 ---------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-ldap-1.16.2-13.el7_6.8 --------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-libwbclient-1.16.2-13.el7_6.8 ---------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-libwbclient-devel-1.16.2-13.el7_6.8 ---------------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-polkit-rules-1.16.2-13.el7_6.8 ----------------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-proxy-1.16.2-13.el7_6.8 ---------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-tools-1.16.2-13.el7_6.8 ---------------------------- * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] sssd-winbind-idmap-1.16.2-13.el7_6.8 ------------------------------------ * Tue Mar 26 2019 Michal Židek - 1.16.2-13.8 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] - Part 2. * Tue Mar 26 2019 Michal Židek - 1.16.2-13.7 - Resolves: rhbz#1690759 - RHEL STIG pointing sssd Packaging issue [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.6 - Resolves: rhbz#1683578 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.5 - Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.4 - Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust [rhel-7.6.z] * Tue Dec 18 2018 Michal Židek - 1.16.2-13.3 - Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z] * Wed Nov 28 2018 Michal Židek - 1.16.2-13.2 - Resolves: Bug 1649784 - SSSD not fetching all sudo rules from AD [rhel-7.6.z] * Wed Nov 14 2018 Michal Židek - 1.16.2-13.1 - Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it differs from the default [rhel-7.6.z] subscription-manager-1.21.10-3.el7.centos ----------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-cockpit-1.21.10-3.el7.centos ------------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-gui-1.21.10-3.el7.centos --------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-initial-setup-addon-1.21.10-3.el7.centos ------------------------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-plugin-container-1.21.10-3.el7.centos ---------------------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-plugin-ostree-1.21.10-3.el7.centos ------------------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-rhsm-1.21.10-3.el7.centos ---------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) subscription-manager-rhsm-certificates-1.21.10-3.el7.centos ----------------------------------------------------------- * Mon Nov 19 2018 Johnny Hughes 1.21.10-3 - Manual CentOS Debranding * Wed Nov 07 2018 Christopher Snyder 1.21.10-3 - 1646867: Do not update ent certs inside containers (csnyder@redhat.com) systemd-219-62.el7_6.7 ---------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-devel-219-62.el7_6.7 ---------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-journal-gateway-219-62.el7_6.7 -------------------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-libs-219-62.el7_6.7 --------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-networkd-219-62.el7_6.7 ------------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-python-219-62.el7_6.7 ----------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-resolved-219-62.el7_6.7 ------------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) systemd-sysv-219-62.el7_6.7 --------------------------- * Wed Apr 24 2019 Lukas Nykryn - 219-62.7 - rules: fix memory hotplug rule so systemd-detect-virt does not run too often (#1701230) * Thu Mar 21 2019 Lukas Nykryn - 219-62.6 - Revert "bus: when dumping string property values escape the chars we use as end-of-line and end-of-item marks" (#1643172) * Thu Feb 14 2019 Lukas Nykryn - 219-62.5 - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871) * Thu Feb 07 2019 Lukas Nykryn - 219-62.4 - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870) - Allocate temporary strings to hold dbus paths on the heap (#1667870) * Wed Jan 16 2019 Lukas Nykryn - 219-62.3 - journald: free cmdline buffers owned by iovec (#1666646) * Mon Jan 07 2019 Lukas Nykryn - 219-62.2 - journald: do not store the iovec entry for process commandline on stack (#1657788) - journald: set a limit on the number of fields (1k) (#1657792) - journal-remote: set a limit on the number of fields in a message (#1657792) * Mon Nov 26 2018 Lukas Nykryn - 219-62.1 - dhcp6: make sure we have enough space for the DHCP6 option header (CVE-2018-15688) teamd-1.27-6.el7_6.1 -------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] teamd-devel-1.27-6.el7_6.1 -------------------------- * Thu Mar 14 2019 Xin Long - 1.27-6.el7_6.1 - Added patch to update port state according to partner's sync bit [1689254] * Fri Aug 17 2018 Xin Long - 1.27-6 - Added patch to fix the issue that no active port is set [1593241] thunderbird-60.6.1-1.el7.centos ------------------------------- * Thu Mar 28 2019 Johnny Hughes - Manual CentOS Debranding * Mon Mar 25 2019 Martin Stransky - 60.6.1-1 - Update to 60.6.1 * Tue Mar 19 2019 Martin Stransky - 60.6.0-1 - Update to 60.6.0 * Tue Jan 29 2019 Martin Stransky - 60.5.0-1 - Update to 60.5.0 * Thu Jan 03 2019 Jan Horak - 60.4.0-1 - Update to 60.4.0 * Wed Oct 31 2018 Jan Horak - 60.3.0-1 - Update to 60.3.0 * Wed Oct 31 2018 Jan Horak - 60.2.1-6 - Fixed missing calendar langpacks * Tue Oct 16 2018 Jan Horak - 60.2.1-5 - Fixing minor issues * Wed Oct 10 2018 Jan Horak - 60.2.1-3 - Reverting deleting of key3db * Wed Oct 03 2018 Jan Horak - 60.2.1-2 - Update to 60.2.1 - Added fix for rhbz#1546988 tkinter-2.7.5-80.el7_6 ---------------------- * Tue Jun 11 2019 Charalampos Stratakis - 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz#1718401 * Mon May 20 2019 Charalampos Stratakis - 2.7.5-79 - Updated fix for CVE-2019-9636 Resolves: rhbz#1711166 * Thu May 09 2019 Charalampos Stratakis - 2.7.5-78 - Remove unversioned obsoletes Resolves: rhbz#1708674 * Tue Mar 26 2019 Charalampos Stratakis - 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz#1689316 tomcat-7.0.76-9.el7_6 --------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-admin-webapps-7.0.76-9.el7_6 ----------------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-docs-webapp-7.0.76-9.el7_6 --------------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-el-2.2-api-7.0.76-9.el7_6 -------------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-javadoc-7.0.76-9.el7_6 ----------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-jsp-2.2-api-7.0.76-9.el7_6 --------------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-jsvc-7.0.76-9.el7_6 -------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-lib-7.0.76-9.el7_6 ------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-servlet-3.0-api-7.0.76-9.el7_6 ------------------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcat-webapps-7.0.76-9.el7_6 ----------------------------- * Tue Feb 12 2019 Coty Sutherland 0:7.0.76-9 - Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet * Fri Oct 12 2018 Coty Sutherland 0:7.0.76-8 - Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS * Tue Jul 24 2018 Jean-Frederic Clere 0:7.0.76-7 - Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session tomcatjss-7.2.1-8.el7_6 ----------------------- * Mon Oct 29 2018 Jack Magne 7.2.1-8 - Bugzilla Bug #1632618 - CC: tomcatjss: unable to enable OCSP checking from peer AIA extension [rhel-7.6.z] (jmagne) tuned-2.10.0-6.el7_6.3 ---------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-gtk-2.10.0-6.el7_6.3 -------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-profiles-atomic-2.10.0-6.el7_6.3 -------------------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-profiles-compat-2.10.0-6.el7_6.3 -------------------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-profiles-cpu-partitioning-2.10.0-6.el7_6.3 ------------------------------------------------ * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-profiles-mssql-2.10.0-6.el7_6.3 ------------------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-profiles-oracle-2.10.0-6.el7_6.3 -------------------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-utils-2.10.0-6.el7_6.3 ---------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tuned-utils-systemtap-2.10.0-6.el7_6.3 -------------------------------------- * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.3 - Reworked setup_kvm_mod_low_latency to count with kernel changes Resolves: rhbz#1653767 * Tue Nov 27 2018 Jaroslav Škarvada - 2.10.0-6.2 - Updated disable-ksm-once patch Related: rhbz#1652822 * Fri Nov 23 2018 Jaroslav Škarvada - 2.10.0-6.1 - Disable ksm once, re-enable it on full rollback Resolves: rhbz#1652822 tzdata-2019a-1.el7 ------------------ * Tue Mar 26 2019 Patsy Griffin Franklin - 2019a-1 - Rebase to tzdata-2019a - Palestine will start DST on 2019-03-30, rather than 2019-03-23 as previously predicted. - Metlakatla rejoined Alaska time on 2019-01-20, ending its observances of Pacific standard time. * Wed Jan 02 2019 Patsy Griffin Franklin - 2018i-1 - Rebase to tzdata-2018i (includes changes from tzdata-2018h) - São Tomé and Príncipe changed from UTC+01 to UTC+00 on 2019-01-01. - Qyzylorda, Kazakhstan changed from UTC+06 to UTC+05 on 2018-12-21. - Created a new zone Asia/Qostanay since Qostanay, Kazakhstan didn't transition with the Qyzylorda change. - Metlakatla, Alaska will observe PST for this winter only. - Predict that Morocco will continue to adjust clocks around Ramadan. - Also include predictions for Iran from 2038 through 2090. * Mon Oct 29 2018 Patsy Griffin Franklin - 2018g-1 - Rebase to tzdata-2018g - Morocco will remain at UTC+1 rather than switching back to UTC+0 as planned. This change is effective Octobober 28, 2018. * Thu Oct 18 2018 Patsy Griffin Franklin - 2018f-1 - Europe/Volgograd will change from UTC+3 to UTC+4 on October 28,2018. - Add patch to remove use of 25:00. - Drop previous change to DST in Brazil. The government rescinded the change. * Thu Oct 11 2018 Patsy Griffin Franklin - 2018e-4 - Brazil moved the start of DST from the first Sunday in November to the third Sunday in November. tzdata-java-2019a-1.el7 ----------------------- * Tue Mar 26 2019 Patsy Griffin Franklin - 2019a-1 - Rebase to tzdata-2019a - Palestine will start DST on 2019-03-30, rather than 2019-03-23 as previously predicted. - Metlakatla rejoined Alaska time on 2019-01-20, ending its observances of Pacific standard time. * Wed Jan 02 2019 Patsy Griffin Franklin - 2018i-1 - Rebase to tzdata-2018i (includes changes from tzdata-2018h) - São Tomé and Príncipe changed from UTC+01 to UTC+00 on 2019-01-01. - Qyzylorda, Kazakhstan changed from UTC+06 to UTC+05 on 2018-12-21. - Created a new zone Asia/Qostanay since Qostanay, Kazakhstan didn't transition with the Qyzylorda change. - Metlakatla, Alaska will observe PST for this winter only. - Predict that Morocco will continue to adjust clocks around Ramadan. - Also include predictions for Iran from 2038 through 2090. * Mon Oct 29 2018 Patsy Griffin Franklin - 2018g-1 - Rebase to tzdata-2018g - Morocco will remain at UTC+1 rather than switching back to UTC+0 as planned. This change is effective Octobober 28, 2018. * Thu Oct 18 2018 Patsy Griffin Franklin - 2018f-1 - Europe/Volgograd will change from UTC+3 to UTC+4 on October 28,2018. - Add patch to remove use of 25:00. - Drop previous change to DST in Brazil. The government rescinded the change. * Thu Oct 11 2018 Patsy Griffin Franklin - 2018e-4 - Brazil moved the start of DST from the first Sunday in November to the third Sunday in November. util-linux-2.23.2-59.el7_6.1 ---------------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login uuidd-2.23.2-59.el7_6.1 ----------------------- * Thu Jan 31 2019 Karel Zak 2.23.2-59.el7_6.1 - fix #1664752 - Bull (Atos) server lands up in invalid stty settings on the serial console after boot preventing login virt-dib-1.38.2-12.el7_6.2 -------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 virt-p2v-maker-1.38.2-12.el7_6.2 -------------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 virt-v2v-1.38.2-12.el7_6.2 -------------------------- * Thu Feb 07 2019 Pino Toscano - 1:1.38.2-12.el7_6.2 - Fix inspection of partition-less devices resolves: rhbz#1673280 * Fri Oct 12 2018 Pino Toscano - 1:1.38.2-12.el7_6.1 - v2v: update documentation regarding SHA-2 certificates in Windows 7 and Windows Server 2008 R2 resolves: rhbz#1632788 - v2v: fix rhev-apt firstboot command for Windows resolves: rhbz#1625216 xfsprogs-4.5.0-19.el7_6 ----------------------- * Mon Feb 11 2019 Eric Sandeen 4.5.0-19 - xfs_copy: accept CRC version of ABTB_MAGIC in ASSERT (#1641023) xfsprogs-devel-4.5.0-19.el7_6 ----------------------------- * Mon Feb 11 2019 Eric Sandeen 4.5.0-19 - xfs_copy: accept CRC version of ABTB_MAGIC in ASSERT (#1641023) xorg-x11-drv-ati-18.1.0-1.el7_6 ------------------------------- * Thu Nov 22 2018 Dave Airlie - 18.1.0-1 - ati 18.1.0 fix some regressions with new X server (#1648116) xorg-x11-server-Xdmx-1.20.1-5.3.el7_6 ------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-Xephyr-1.20.1-5.3.el7_6 --------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-Xnest-1.20.1-5.3.el7_6 -------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-Xorg-1.20.1-5.3.el7_6 ------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-Xvfb-1.20.1-5.3.el7_6 ------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-Xwayland-1.20.1-5.3.el7_6 ----------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-common-1.20.1-5.3.el7_6 --------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-devel-1.20.1-5.3.el7_6 -------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic" xorg-x11-server-source-1.20.1-5.3.el7_6 --------------------------------------- * Tue Feb 12 2019 Adam Jackson - 1.20.1-5.3 - Sync platform probe patch with upstream * Fri Nov 23 2018 Olivier Fourdan - 1.20.1-5.2 - Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen * Mon Oct 22 2018 Adam Jackson - 1.20.1-5.1 - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges * Tue Oct 09 2018 Adam Jackson - 1.20.1-5 - Call LeaveVT from xf86CrtcCloseScreen * Fri Oct 05 2018 Adam Jackson - 1.20.1-4 - Hide the modesetting driver's atomic ioctl support behind Option "Atomic"