Upgrade std/rt kernel to version 1062.1.2 for fixing CVE bug

To fix below kernel CVE, std/rt kernel will be upgraded to a higher version than current version. So we will upgrade kernel srpm to below version, which will cover this issue. std kernel: kernel-3.10.0-1062.1.2.el7.src.rpm https://lists.centos.org/pipermail/centos-announce/2019-October/023457.html rt kernel: kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm https://access.redhat.com/errata/RHSA-2019:2830 linux-firmware is brought forward due to a kernel spec file build dependency. CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during migration Closes-Bug: 1849206 Closes-Bug: 1849209 Closes-Bug: 1847817 Change-Id: Ic8c107e4850d0679470a4c8214c85c6d9a800beb Signed-off-by: Robin Lu <bin1.lu@intel.com>
2019-11-21 14:41:24 +08:00 · 2019-11-21 14:41:24 +08:00 · c69bc1ef1e
parent 2be2f1f5cb
commit c69bc1ef1e
2 changed files with 4 additions and 4 deletions
--- a/centos-mirror-tools/rpms_centos.lst
+++ b/centos-mirror-tools/rpms_centos.lst
@ -525,8 +525,8 @@ kbd-1.15.5-15.el7.x86_64.rpm
 kbd-legacy-1.15.5-15.el7.noarch.rpm
 kbd-misc-1.15.5-15.el7.noarch.rpm
 kde-filesystem-4-47.el7.x86_64.rpm
-kernel-3.10.0-957.21.3.el7.src.rpm
-kernel-headers-3.10.0-957.21.3.el7.x86_64.rpm
+kernel-3.10.0-1062.1.2.el7.src.rpm
+kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm
 keyutils-1.5.8-3.el7.x86_64.rpm
 keyutils-libs-1.5.8-3.el7.x86_64.rpm
 keyutils-libs-devel-1.5.8-3.el7.x86_64.rpm
@ -813,7 +813,7 @@ libzstd-1.4.2-1.el7.x86_64.rpm
 lighttpd-1.4.54-1.el7.src.rpm
 linuxconsoletools-1.4.5-3.el7.x86_64.rpm
 linuxdoc-tools-0.9.68-5.el7.x86_64.rpm
-linux-firmware-20180911-69.git85c5d90.el7.noarch.rpm
+linux-firmware-20190429-72.gitddde598.el7.noarch.rpm
 linux-libertine-biolinum-fonts-5.3.0-6.2012_07_02.el7.noarch.rpm
 linux-libertine-fonts-5.3.0-6.2012_07_02.el7.noarch.rpm
 linux-libertine-fonts-common-5.3.0-6.2012_07_02.el7.noarch.rpm
--- a/centos-mirror-tools/rpms_centos3rdparties.lst
+++ b/centos-mirror-tools/rpms_centos3rdparties.lst
@ -42,7 +42,7 @@ iprutils-2.4.16.1-1.el7.x86_64.rpm
 java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64.rpm
 java-1.8.0-openjdk-devel-1.8.0.191.b12-1.el7_6.x86_64.rpm
 java-1.8.0-openjdk-headless-1.8.0.191.b12-1.el7_6.x86_64.rpm
-kernel-rt-3.10.0-957.21.3.rt56.935.el7.src.rpm
+kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm
 kexec-tools-2.0.15-21.el7.x86_64.rpm
 libblkid-2.23.2-59.el7.x86_64.rpm
 libcom_err-1.42.9-13.el7.x86_64.rpm