[CentOS-devel] kernel-4.18.0-193.14.2.el8_2 in git.centos.org

Mon Aug 3 13:40:02 UTC 2020
Antal Nemeš <Antal.Nemes at hycu.com>

> -----Original Message-----
> From: CentOS-devel <centos-devel-bounces at centos.org> On Behalf Of Howard
> Johnson
> Sent: Monday, 3 August 2020 14:02
> To: The CentOS developers mailing list. <centos-devel at centos.org>
> Subject: Re: [CentOS-devel] kernel-4.18.0-193.14.2.el8_2 in git.centos.org
> 
> CAUTION: Origin is external! The content might not be safe!
> 
> 
> On 2020-08-03 11:37, Antal Nemeš wrote:
> > Hi all,
> >
> > I need sources for latest Centos 8.2 kernel
> > (kernel-4.18.0-193.14.2.el8_2).
> >
> > Since they are (now customarily) not available on vault.centos.org, I
> > am attempting to build from git.centos.org.
> >
> > However, I am unable to find the exact commit to build from.
> >
> > On https://git.centos.org/rpms/kernel/commits/c8, I see 13.2 and 14.3,
> > but not 14.2 that actually shipped.
> >
> > $git log --format="%C(auto) %h %s" origin/c8 | head -n 20
> >
> > 08e2843 debrand kernel-4.18.0-193.14.3.el8_2
> >
> > 284ac7b import kernel-4.18.0-193.14.3.el8_2
> 
> Looking at upstream, Red Hat never released kernel-4.18.0-193.14.2.el8_2 into
> the wild.  The RHEL update
> (https://access.redhat.com/errata/RHSA-2020:3218) was kernel-4.18.0-
> 193.14.3.el8_2, which is why that's the version in git (pushed from Red Hat's
> internal RelEng systems).  -193.14.2.el8_2 appears to be something unique to
> CentOS.  Looking at the changelog of the CentOS package vs the RHEL one, this
> changelog entry is missing:
> 
> * Mon Jul 20 2020 Bruno Meneguele <bmeneg at redhat.com> [4.18.0-
> 193.14.3.el8_2]
> - Reverse keys order for dual-signing (Frantisek Hrbata) [1837433 1837434]
> {CVE-2020-10713}
> 
> Something to do with differences between the way RHEL and CentOS do Secure
> Boot signing, perhaps?
> 

Thanks. I guess that makes sense. But I still have no idea how to obtain the 
sources to build. I would backtrack to a previous one (193.13.2), but that one is 
missing kernel-modules-extra rpm package, even though koji[1] shows it was built.
This is the first time I saw an actual binary rpm missing, which is worrying.

So I have backtrack two levels, to 193.6.3.

Any idea when we can expect release of 193.14.3?

[1] https://koji.mbox.centos.org/koji/buildinfo?buildID=12631

Regards,
Antal