[4.18.0-372.13.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 - debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499} [4.18.0-372.13.1.el8_6] - openvswitch: always update flow key after nat [2068476 2066885] - KVM: PPC: Fix TCE handling for VFIO [2085572 2062687] - rfkill: make new event layout opt-in [2087641 2023175] - ASoC: Intel: soc-acpi: add entries in ADL match table [2090423 2052011] - isert: support for unsolicited NOPIN with no response [2079433 2035915] - iscsit: increment max_cmd_sn for isert on command release [2079433 2035915] - net: tcp better handling of reordering then loss cases [2080972 2074566] - tcp: tcp_mark_head_lost is only valid for sack-tcp [2080972 2074566] [4.18.0-372.12.1.el8_6] - sctp: use the correct skb for security_sctp_assoc_request [2070959] - net/mlx5e: Fix wrong source vport matching on tunnel rule [2088610] - net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table [2088611] - net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte [2088611] - net/mlx5: DR, Cache STE shadow memory [2075553] - net/mlx5: DR, Fix the threshold that defines when pool sync is initiated [2075553] - drm/i915/display: Remove check for low voltage sku for max dp source rate [2066644] - net/mlx5: DR, Ignore modify TTL on RX if device doesn"t support it [2088638] - net/mlx5: Bridge, Fix devlink deadlock on net namespace deletion [2081011] - net/mlx5e: TC, Skip redundant ct clear actions [2079918] - net/mlx5e: TC, fix decap fallback to uplink when int port not supported [2088639] - CI: Use zstream builder image - ice: Allow to pass VLAN tagged packets to VF when port VLAN is configured [2081794] - ice: clear stale Tx queue settings before configuring [2081794] - ice: fix crash when writing timestamp on RX rings [2081794] - ice: Fix race during aux device plugging [2081794] - ice: fix PTP stale Tx timestamps cleanup [2081794] - ice: ice_sched: fix an incorrect NULL check on list iterator [2081794] - ice: fix use-after-free when deinitializing mailbox snapshot [2081794] - ice: wait 5 s for EMP reset after firmware flash [2081794] - ice: Protect vf_state check by cfg_lock in ice_vc_process_vf_msg [2081794] - ice: Fix incorrect locking in ice_vc_process_vf_msg [2081794] - ice: Fix memory leak in ice_get_orom_civd_data [2081794] - ice: fix crash in switchdev mode [2081794] - Revert quot;iavf: Fix deadlock occurrence during resetting VF interfacequot; [2081794] - ice: arfs: fix use-after-free when freeing @rx_cpu_rmap [2081794] - ice: clear cmd_type_offset_bsz for TX rings [2081794] - ice: xsk: fix VSI state check in ice_xsk_wakeup [2081794] - ice: synchronize_rcu when terminating rings [2081794] - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg [2081794] - ice: Set txq_teid to ICE_INVAL_TEID on ring creation [2081794] - ice: Fix broken IFF_ALLMULTI handling [2081794] - ice: Fix MAC address setting [2081794] - openvswitch: Fix setting ipv6 fields causing hw csum failure [2086549] - sched/cputime, proc/stat: Fix incorrect guest nice cpustat value [2084138] - procfs: Use all-in-one vtime aware kcpustat accessor [2084138] - procfs: Use vtime aware kcpustat accessor to fetch CPUTIME_SYSTEM [2084138] - proc: read kernel cpu stat pointer once [2084138] - proc: use quot;unsigned intquot; in /proc/stat hook [2084138] - sched/cputime: Support other fields on kcpustat_field [2084138] - sched/cputime: Add vtime guest task state [2084138] - sched/cputime: Add vtime idle task state [2084138] - sched/cputime: Spare a seqcount lock/unlock cycle on context switch [2084138] - sched/vtime: Move task_struct_rh-gt;vtime_cpu back to vtime structure [2084138] - net: openvswitch: fix leak of nested actions [2086590] - net/sched: fix initialization order when updating chain 0 head [2074221] - PCI: hv: Propagate coherence from VMbus device to PCI device [2074829] - Drivers: hv: vmbus: Propagate VMbus coherence to each VMbus device [2074829] [4.18.0-372.11.1.el8_6] - Revert quot;xfs: actually bump warning counts when we send warningsquot; [2071713] - SUNRPC: use different lock keys for INET6 and LOCAL [2079856] - Revert quot;netfilter: conntrack: tag conntracks picked up in local out hookquot; [2065266] - Revert quot;netfilter: nat: force port remap to prevent shadowing well-known portsquot; [2065266] - KVM: PPC: Book3S HV: Add infrastructure to support 2nd DAWR [2079069] - KVM: PPC: Book3S HV: Rename current DAWR macros and variables [2079069] - esp: limit skb_page_frag_refill use to a single page [2062114] {CVE-2022-27666} - esp: Fix possible buffer overflow in ESP transformation [2062114] {CVE-2022-27666} - NFS: Don"t loop forever in nfs_do_recoalesce [2080998] [4.18.0-372.10.1.el8_6] - Fonts: Replace discarded const qualifier [2064762] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts [2064762] - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h [2064762] - CI: Drop baseline runs - redhat: drop the -sha512 suffix from default rhpkg invocation - redhat: switch release to zstream - ceph: fix possible NULL pointer dereference for req-gt;r_session [2080071]