kernel-image-2.4.18-1-alpha (2.4.18-15woody1) oldstable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Rebuilt against kernel-source 2.4.18-14.4.
    * Applied patch from John Byrne <john.l.byrne@hp.com> for Linux 2.4.26
      to fix local denial of service in do_fork()
      <http://marc.theaimsgroup.com/?l=linux-kernel&m=108139073506983&w=2>
      [kernel/fork.c, CAN-2004-0427]
    * Applied patch by Marcelo Tosatti <marcelo.tosatti@cyclades.com> to fix
      potential memory access to free memory in /proc handling
      [fs/proc/base.c, CAN-2005-0489]
    * Applied patch by Marcelo Tosatti <marcelo.tosatti@cyclades.com> to fix
      a possible buffer overflow in panic() [kernel/panic.c, CAN-2004-0394]
    * Applied patch by David Mosberger <davidm@napali.hpl.hp.com> to fix
      local denial of service in combination with gdb 6.x and NPTL on IA-64
      <http://marc.theaimsgroup.com/?l=linux-ia64&m=108026377907667&w=2>
      [arch/ia64/kernel/unwind.c, CAN-2004-0447]
    * Applied patch by Alexander Nyberg and Andi/Sergey to fix local denial
      of service.  <http://linuxreviews.org/news/2004-06-11_kernel_crash/>
      [include/asm-i386/i387.h, CAN-2004-0554]
    * Applied patch by Arun Sharma <arun.sharma@intel.com> to fix register
      information leak on the IA64 architecture
      <http://lia64.bkbits.net:8080/to-linus-2.5/cset@1.1726.29.7>
      [include/asm-ia64/system.h, CAN-2004-0565]
    * Backported patch by Mark Cox to fix information leak by initialising
      allocated data structures [drivers/usb/serial/io_edgeport.c,
      drivers/sound/audio.c, drivers/usb/vicam.c, CAN-2004-0685]
      <http://linux.bkbits.net:8080/linux-2.4/cset@410582380U3H9KOx8J2YZmMT0bhXQw>
    * Applied patch from Marcelo Tosatti to fix i386 SMP page fault handler
      privilege escalation [include/linux/mm.h, CAN-2005-0001]
    * Applied patch by Stefan Esser to fix missing boundary checks
      [fs/smbfs/proc.c, fs/smbfs/sock.c, CAN-2004-0883]
    * Applied patch by Stefan Esser to fix information leak
      [fs/smbfs/sock.c, CAN-2004-0949]
    * Applied patch by Herbert Xu to fix a denial of service in scm_send()
      <http://linux.bkbits.net:8080/linux-2.4/cset@41b76e94BsJKm8jhVtyDat9ZM1dXXg>,
      added patch by Marcus Meissner to fix more 64/32 bit compatibility
      code, added additional patch by Olaf Kirch and Marcus Meissner for
      type correction [arch/ia64/ia32/sys_ia32.c,
      arch/s390x/kernel/linux32.c, include/linux/socket.h, net/core/scm.c,
      net/ipv4/ip_sockglue.c, net/ipv6/datagram.c, CAN-2004-1016]
    * Applied patch by Thiemo Seufer to fix local ptrace root in the MIPS
      ptrace implementation [arch/mips/kernel/scall_o32.S,
      arch/mips/tools/offset.c, arch/mips64/kernel/scall_64.S,
      arch/mips64/kernel/scall_o32.S, CAN-2004-0997]
    * Applied patch by Marcelo Tosatti to fix integer overflow in the
      vc_resize() function [drivers/char/console.c, CAN-2004-1333]
    * Applied patch by Dave Miller to fix memory leak in ip_options_get()
      [net/ipv4/ip_options.c, CAN-2004-1335]
    * Applied patch by Greg Kroah-Hartman to fix buffer overflow and crash
      [drivers/usb/serial/io_edgeport.c, CAN-2004-1017]
    * Applied patch by Jan Harkes to fix to add bounds checking for tainted
      scalars [include/linux/coda.h, fs/coda/upcall.c, CAN-2005-0124]
    * Applied patch by Andrea Arcangeli from 2.4.24 to fix privilege
      escalation in the mremap() syscall [mm/mremap.c, CAN-2004-nnnn]
    * Applied patch by Tom Rini to fix information leak
      [drivers/char/efirtc.c, drivers/char/rtc.c, drivers/macintosh/rtc.c,
      drivers/sbus/char/rtc.c, CAN-2003-0984]
    * Applied patch by Chris Wright to fix wrong return value check while
      filling kernel buffers [fs/binfmt_elf.c, CAN-2004-1070]
    * Applied patch by Chris Wright to fix incorrect error behaviour when
      mmap() fails [fs/binfmt_elf.c, CAN-2004-1071]
    * Applied patch by Chris Wright to fix NULL termination vulnerability
      when reading an interpreter [fs/binfmt_elf.c, CAN-2004-1072]
    * Applied patch by Chris Wright to fix reading of non-readable ELF
      binaries [fs/binfmt_elf.c, CAN-2004-1073]
    * Applied patch by Chris Wright to not insert overlapping regions in
      setup_arg_pages() [fs/exec.c, associated to CAN-2004-1074]
    * Applied patch by Chris Wright to fix error handling in do_brk() when
      setting up bss in a.out [fs/binfmt_aout.c, CAN-2004-1074]
    * Applied patch by Chris Wright to denial of service in the ELF loader
      when the interpreter architecture doesn't match the current one
      <http://linux.bkbits.net:8080/linux-2.4/cset@4021346f79nBb-4X_usRikR3Iyb4Vg>
      [fs/binfmt_elf.c, CAN-2004-0138]
    * Applied patch by Dave Miller to serialize dgram read using semaphore
      [net/unix/af_unix.c, CAN-2004-1068]
    * Applied patch by Chris Wright to fix denial of service in the ELF loader
      <http://linux.bkbits.net:8080/linux-2.4/cset@4076466d_SqUm4azg4_v3FIG2-X6XQ>
      [fs/binfmt_elf.c, CAN-2004-1234]
    * Backported patch by Nanhai Zou from 2.6 to fix denial of service via
      broken executables [arch/ia64/ia32/binfmt_elf32.c,
      arch/ia64/mm/init.c, fs/exec.c, include/linux/mm.h, mm/mmap.c,
      CAN-2005-0003]
    * Backported patch by Chris Wright and Simon Heywood to fix a race
      conditions in the uselib calls for ELF and a.out formats
      [arch/mips/kernel/irixelf.c, arch/sparc64/kernel/binfmt_aout32.c,
      fs/binfmt_aout.c, fs/binfmt_elf.c, CAN-2004-1235]
    * Applied patch by Brad Spengler to fix integer overflow in the moxa
      serial driver [drivers/char/moxa.c, CAN-2005-0504]
    * Applied patch by Ben Martel and Stephen Blackheath to fix a remote
      denial of service [drivers/net/ppp_async.c, CAN-2005-0384]
    * Backported patch by Keith Owens to fix a locally induced crash on
      IA-64 machines [arch/ia64/kernel/unwind.c, CAN-2005-0135]
    * Export __cpu_logical_map on alpha to fix a FTBFS bug.
  * The last updates were clearly not built with a pristine woody toolchain,
    which necessitates the following changes:
    . Disabled CONFIG_ATM_AMBASSADOR and CONFIG_BLK_DEV_DAC960.
      Compiling these in a woody environment triggers an internal error
      in gcc.
    . Remove the System.map ed filter in the post-install.  ed finds no
      lines to change, which causes the build to silently fail.

 -- dann frazier <dannf@debian.org>  Wed, 17 May 2006 14:47:32 -0500

kernel-image-2.4.18-1-alpha (2.4.18-15) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-14.3.
    . Applied patch by Petr Vandrovec <vandrove@vc.cvut.cz> to fix a
      possible roothole in ncpfs discovered by Arjan van de Ven
      <arjanv@devserv.devel.redhat.com> [fs/ncpfs/dir.c, CAN-2004-0010]
    . Applied patch by Sebastian Krahmer <krahmer@suse.de> and Ernie
      Petrides <petrides@redhat.com> to fix a local root exploit in iso9660
      [fs/isofs/rock.c, CAN-2004-0109]
    . Applied patch by Alan Cox and Thomas Biege to fix local root exploit
      in the R128 DRI code [drivers/char/drm/r128_state.c, CAN-2004-0003,
      drivers/char/drm-4.0/r128_state.c]
    . Applied additional patch by Ernie Petrides <petrides@redhat.com> to
      fix another intance of the same
    . Applied patch by Theodore Ts'o <tytso@mit.edu> to fix an information
      leak in ext3 journal creation [fs/jbd/journal.c, CAN-2004-0177]
    . Applied patch by Andreas Kies <andikies@t-online.de> to fix local
      denial of service in the Sound Blaster driver
      [drivers/sound/sb_audio.c, CAN-2004-0178]

 -- Herbert Xu <herbert@debian.org>  Sat, 10 Apr 2004 10:16:57 +1000

kernel-image-2.4.18-1-alpha (2.4.18-14) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-14.2.
    . Applied patch extracted from Solar Designer's Owl patched kernel to
      fix local privilege escalation discovered by Paul Starzetz.

 -- Herbert Xu <herbert@debian.org>  Thu,  5 Feb 2004 19:14:20 +1100

kernel-image-2.4.18-1-alpha (2.4.18-13) stable-security; urgency=high

  * Added missing home setting in post-install.

 -- Herbert Xu <herbert@debian.org>  Fri,  9 Jan 2004 11:53:26 +1100

kernel-image-2.4.18-1-alpha (2.4.18-12) stable-security; urgency=high

  * Removed dependency on new modutils (closes: #225976).
  * Rebuilt against kernel-source 2.4.18-14.1.
    . Added missing check in mm/mremap.c.

 -- Herbert Xu <herbert@debian.org>  Wed,  7 Jan 2004 20:06:13 +1100

kernel-image-2.4.18-1-alpha (2.4.18-11) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-14.
    . Added TASK_SIZE check to do_brk in mm/mmap.c.

 -- Herbert Xu <herbert@debian.org>  Sat, 29 Nov 2003 10:16:17 +1100

kernel-image-2.4.18-1-alpha (2.4.18-10) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-13.
    . Fixed steal_locks race introduced in 2.4.18-10.

 -- Herbert Xu <herbert@debian.org>  Sun, 10 Aug 2003 09:11:20 +1000

kernel-image-2.4.18-1-alpha (2.4.18-9) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-12.
    . Fixed is_dumpable crash in include/linux/sched.h.

 -- Herbert Xu <herbert@debian.org>  Sat,  2 Aug 2003 09:31:49 +1000

kernel-image-2.4.18-1-alpha (2.4.18-8) stable-security; urgency=high

  * Rebuilt against kernel-source 2.4.18-10.
    . Made /proc/tty/driver root-only (CAN-2003-0461).
    . Fixed exec file handling semantics (CAN-2003-0462, CAN-2003-0476).
    . Fixed sunrpc UDP reuse bug in net/sunrpc/svcsock.c (CAN-2003-0464).
    . Fixed unchecked copy_to_user in fs/proc/proc_misc.c.
    . Fixed ptrace/proc bug in fs/proc/base.c (CAN-2003-0501).
    . Fixed bridging security issues (CAN-2003-055[012]).
    . Fixed boundary check in net/core/filter.c.

 -- Herbert Xu <herbert@debian.org>  Sat, 26 Jul 2003 14:42:19 +1000

kernel-image-2.4.18-1-alpha (2.4.18-7) stable; urgency=low

  * Rebuilt against kernel-source 2.4.18-9.
    . Fixed mxcsr security hole in arch/i386/kernel/i387.c.
    . Fixed TIOCCONS and writing to /dev/console.
    . Fixed hashing exploits in fragment processing.

 -- Herbert Xu <herbert@debian.org>  Sat,  7 Jun 2003 09:05:29 +1000

kernel-image-2.4.18-1-alpha (2.4.18-6) stable; urgency=low

  * Rebuilt against kernel-source 2.4.18-8.
   . Fixed TSS I/O bitmap initialisation in arch/i386/kernel/ioport.c.
   . Fixed hashing exploits in network stack (David S. Miller).
  * Changed modules ABI.

 -- Herbert Xu <herbert@debian.org>  Sun, 18 May 2003 09:43:17 +1000

kernel-image-2.4.18-alpha (2.4.18-5) unstable; urgency=low

  * Set default RAM disk size to 8192K.

 -- Herbert Xu <herbert@debian.org>  Sat,  6 Apr 2002 20:47:36 +1000

kernel-image-2.4.18-alpha (2.4.18-4) unstable; urgency=low

  * Rebuilt to correct OSF partition detection.

 -- Herbert Xu <herbert@debian.org>  Sat, 23 Mar 2002 16:55:20 +1100

kernel-image-2.4.18-alpha (2.4.18-3) unstable; urgency=low

  * Built against kernel-source 2.4.18-4.

 -- Herbert Xu <herbert@debian.org>  Wed, 20 Mar 2002 20:27:31 +1100

kernel-image-2.4.18-alpha (2.4.18-2) unstable; urgency=low

  * Built against kernel-source 2.4.18-3.

 -- Herbert Xu <herbert@debian.org>  Thu, 14 Mar 2002 19:54:39 +1100

kernel-image-2.4.18-alpha (2.4.18-1) unstable; urgency=low

  * New upstream release.

 -- Herbert Xu <herbert@debian.org>  Mon,  4 Mar 2002 19:12:30 +1100

kernel-image-2.4.17-alpha (2.4.17-1) unstable; urgency=low

  * New upstream release.

 -- Herbert Xu <herbert@debian.org>  Sat,  5 Jan 2002 19:57:44 +1100

kernel-image-2.2.20-alpha (2.2.20-2) unstable; urgency=low

  * Built against kernel-source 2.2.20-3.
  * Set default RAMDISK size to 8M on non-smp flavours (closes: #126513).

 -- Herbert Xu <herbert@debian.org>  Mon, 31 Dec 2001 07:06:17 +1100

kernel-image-2.2.20-alpha (2.2.20-1) unstable; urgency=high

  * New upstream release.

 -- Herbert Xu <herbert@debian.org>  Mon,  5 Nov 2001 18:44:55 +1100

kernel-image-2.2.19-alpha (2.2.19-4) unstable; urgency=low

  * Enabled AHA1740 (closes: #109380).
  * Enabled AUTOFS (closes: #109625).

 -- Herbert Xu <herbert@debian.org>  Sat, 25 Aug 2001 15:02:27 +1000

kernel-image-2.2.19-alpha (2.2.19-3) unstable; urgency=high

  * Built against kernel-source 2.2.19-5.

 -- Herbert Xu <herbert@debian.org>  Sun, 10 Jun 2001 15:31:25 +1000

kernel-image-2.2.19-alpha (2.2.19-2) unstable; urgency=low

  * All kernel-headers packages now provide kernel-headers-2.2.
  * Updated tar command for sid.
  * Use make-kpkg --append_to_version.
  * Built against kernel-source 2.2.19-4.
  * Enabled NFSv3 support.

 -- Herbert Xu <herbert@debian.org>  Sun, 27 May 2001 19:36:27 +1000

kernel-image-2.2.19-alpha (2.2.19-1) stable unstable; urgency=low

  * New upstream release.

 -- Herbert Xu <herbert@debian.org>  Mon,  2 Apr 2001 21:04:19 +1000

kernel-image-2.2.19pre17-alpha (2.2.19pre17-1) stable unstable; urgency=high

  * New upstream release with security fixes.

 -- Herbert Xu <herbert@debian.org>  Tue, 13 Mar 2001 22:42:20 +1100

kernel-image-2.2.19pre16-alpha (2.2.19pre16-1) stable unstable; urgency=low

  * New upstream release with TCP bug fix.

 -- Herbert Xu <herbert@debian.org>  Sat, 10 Mar 2001 18:14:13 +1100

kernel-image-2.2.19pre13-alpha (2.2.19pre13-1) stable unstable; urgency=high

  * New upstream release with security fixes.

 -- Herbert Xu <herbert@debian.org>  Fri, 16 Feb 2001 22:02:58 +1100

kernel-image-2.2.18-alpha (2.2.18-1) stable unstable; urgency=low

  * New upstream release.

 -- Herbert Xu <herbert@debian.org>  Sun, 28 Jan 2001 12:06:09 +1100

kernel-image-2.2.18pre21-alpha (2.2.18pre21-1) stable unstable; urgency=low

  * New upstream release.
  * New maintainer.

 -- Herbert Xu <herbert@debian.org>  Sun, 19 Nov 2000 14:05:56 +1100

kernel-image-2.2.17-alpha (1:2.2.17-1) stable unstable; urgency=low

  * New kernel version.

 -- David Huggins-Daines <dhd@debian.org>  Sat, 16 Sep 2000 20:36:57 -0400

kernel-image-2.2.17-alpha (2.2.17pre6-1) unstable; urgency=low

  * New kernel version.

 -- David Huggins-Daines <dhd@debian.org>  Thu, 29 Jun 2000 10:40:52 -0400

kernel-image-2.2.15-alpha (1:2.2.15-2) frozen unstable; urgency=medium

  * Rebuilt with kernel-source 2.2.15-3, fixes a security bug.

 -- David Huggins-Daines <dhd@debian.org>  Thu,  8 Jun 2000 10:28:14 -0400

kernel-image-2.2.15-alpha (1:2.2.15-1) frozen unstable; urgency=medium

  * Don't use CONFIG_RTC, as it breaks Sable and maybe some others.
  * Add the DAC960 driver, found on lots of DEC systems.
  * Update to official 2.2.15 source.

 -- David Huggins-Daines <dhd@debian.org>  Thu, 18 May 2000 22:26:28 -0400

kernel-image-2.2.15-alpha (2.2.15pre20-2) frozen unstable; urgency=medium

  * That's "frozen unstable", not "unstable".
  * Also, don't use CONFIG_BLK_DEV_IDEPCI, as it disagrees with the broken
    firmware on some Miatas when booting from SRM.

 -- David Huggins-Daines <dhd@debian.org>  Thu,  4 May 2000 15:23:03 -0400

kernel-image-2.2.15-alpha (2.2.15pre20-1) unstable; urgency=low

  * That's "20", not "9".

 -- David Huggins-Daines <dhd@debian.org>  Mon,  1 May 2000 11:33:22 -0400

kernel-image-2.2.15-alpha (2.2.15pre9-1) frozen unstable; urgency=low

  * Initial release.

 -- David Huggins-Daines <dhd@debian.org>  Sun, 23 Apr 2000 13:33:54 -0400

kernel-image-2.2.13-alpha (2.2.13-1) unstable; urgency=low

  * Initial release.

 -- Herbert Xu <herbert@debian.org>  Sat, 20 Nov 1999 12:11:10 +1100

