Author: dannf
Date: Wed Jan 16 01:43:34 2008
New Revision: 10113
Log:
forego 2.6.23 for etchnahalf
Removed:
dists/etch/linux-2.6.23/
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
Author: dannf
Date: Wed Jan 16 01:56:00 2008
New Revision: 10114
Log:
remove obsolete lenny tree
Removed:
dists/lenny/
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
Author: dannf
Date: Wed Jan 16 02:07:18 2008
New Revision: 10118
Log:
retroactively tag 2.6.22-5
Added:
releases/linux-2.6/2.6.22-5/
- copied from r9638, /dists/sid/linux-2.6/
___
Kernel-svn-changes mailing list
-2007-2878
-- dann frazier [EMAIL PROTECTED] Tue, 15 Jan 2008 16:44:15 -0700
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/fat-fix-compat-ioctls.patch
==
--- (empty file)
+++
dists/etch-security/linux-2.6
ioctls
See CVE-2007-2878
+ * bugfix/proc-snd-page-alloc-mem-leak.patch
+[SECURITY] Fix an issue in the alsa subsystem that allows a local user
+to read potentially sensitive kernel memory from the proc filesystem
+See CVE-2007-4571
-- dann frazier [EMAIL PROTECTED] Tue, 15 Jan
that allows a local user
-to read potentially sensitive kernel memory from the proc filesystem
+[SECURITY][ABI Changer] Fix an issue in the alsa subsystem that allows a
+local user to read potentially sensitive kernel memory from the proc
+filesystem
See CVE-2007-4571
-- dann
+Add security checks to do_brk() to prevent unprivileged users from
+accessing low memory pages
+See CVE-2007-6434
- -- dann frazier [EMAIL PROTECTED] Tue, 15 Jan 2008 16:44:15 -0700
+ -- dann frazier [EMAIL PROTECTED] Wed, 16 Jan 2008 00:31:52 -0700
linux-2.6 (2.6.18.dfsg.1-17
Author: dannf
Date: Tue Jan 8 05:22:23 2008
New Revision: 10082
Log:
removing to rebase on top of 2.6.18.dfsg.1-17
Removed:
dists/etch-security/linux-2.6/
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
Author: dannf
Date: Tue Jan 8 05:22:51 2008
New Revision: 10083
Log:
rebase on top of 2.6.18.dfsg.1-17
Added:
dists/etch-security/linux-2.6/
- copied from r10081, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
, which was causing filesystems in VMWare guests to get remounted
+read-only under load. (closes: #453120)
+ * Add UNUSUAL_DEV entries for supertop usb drives which require the
+IGNORE_RESIDUE flag. (closes: #455856)
+ * [sparc64] Enable CONFIG_USB_SERIAL (closes: #412740)
+
+ -- dann frazier
+[SECURITY] Fix potential isdn ioctl memory overrun
+See CVE-2007-6151
- -- dann frazier [EMAIL PROTECTED] Thu, 06 Dec 2007 00:46:20 -0700
+ -- dann frazier [EMAIL PROTECTED] Sat, 05 Jan 2008 18:10:05 -0700
kernel-source-2.6.8 (2.6.8-17) oldstable; urgency=high
Modified:
dists
Author: dannf
Date: Wed Dec 26 08:05:10 2007
New Revision: 10012
Log:
tag 2.6.18.dfsg.1-17
Added:
releases/linux-2.6/2.6.18.dfsg.1-17/
- copied from r10011, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
flag. (closes: #455856)
-- dann frazier [EMAIL PROTECTED] Fri, 21 Dec 2007 11:34:08 -0700
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
the
+IGNORE_RESIDUE flag.
- -- dann frazier [EMAIL PROTECTED] Thu, 20 Dec 2007 18:00:42 -0700
+ -- dann frazier [EMAIL PROTECTED] Fri, 21 Dec 2007 11:34:08 -0700
linux-2.6 (2.6.18.dfsg.1-16) stable; urgency=high
Added:
dists/etch/linux-2.6/debian/patches/bugfix/usb-storage-unusual_devs
drives which require the
IGNORE_RESIDUE flag. (closes: #455856)
+ * [sparc64] Enable CONFIG_USB_SERIAL (closes: #412740)
- -- dann frazier [EMAIL PROTECTED] Fri, 21 Dec 2007 11:34:08 -0700
+ -- dann frazier [EMAIL PROTECTED] Fri, 21 Dec 2007 18:19:31 -0700
linux-2.6 (2.6.18.dfsg.1-16
capable systems which causes a crash, see #414742.
- -- dann frazier [EMAIL PROTECTED] Thu, 08 Nov 2007 09:43:49 -0700
+ -- dann frazier [EMAIL PROTECTED] Thu, 20 Dec 2007 17:47:37 -0700
linux-2.6 (2.6.18.dfsg.1-16) stable; urgency=high
Added:
dists/etch/linux-2.6/debian/patches/bugfix
frazier [EMAIL PROTECTED] Thu, 20 Dec 2007 17:47:37 -0700
+ -- dann frazier [EMAIL PROTECTED] Thu, 20 Dec 2007 18:00:42 -0700
linux-2.6 (2.6.18.dfsg.1-16) stable; urgency=high
Added:
dists/etch/linux-2.6/debian/patches/bugfix/mptscsih-vmware-remount-ro-fix.patch
Author: dannf
Date: Thu Dec 20 06:17:00 2007
New Revision: 9989
Log:
tag 2.6.18.dfsg.1-13etch6
Added:
releases/linux-2.6/2.6.18.dfsg.1-13etch6/
- copied from r9988, /dists/etch-security/linux-2.6/
___
Kernel-svn-changes mailing list
-2.6/debian/changelog Thu Dec 20 06:19:54 2007
@@ -52,6 +52,53 @@
-- dann frazier [EMAIL PROTECTED] Mon, 17 Sep 2007 16:56:07 -0600
+linux-2.6 (2.6.18.dfsg.1-13etch6) stable-security; urgency=high
+
+ * bugfix/isdn-net-overflow.patch
+[SECURITY] Fix potential overflows in the ISDN
+[SECURITY] Fix a theoretical kernel memory leak in the tmpfs filesystem
+See CVE-2007-6417
- -- dann frazier [EMAIL PROTECTED] Sun, 16 Dec 2007 19:46:30 -0700
+ -- dann frazier [EMAIL PROTECTED] Tue, 18 Dec 2007 08:01:00 -0700
linux-2.6 (2.6.18.dfsg.1-13etch5) stable-security; urgency
-6206
+ * bugfix/hrtimer-large-relative-timeouts-overflow.patch
+[SECURITY] Avoid overflow in hrtimers due to large relative timeouts
+See CVE-2007-5966
- -- dann frazier [EMAIL PROTECTED] Wed, 05 Dec 2007 23:41:52 -0700
+ -- dann frazier [EMAIL PROTECTED] Sun, 16 Dec 2007 18:46:17
to large relative timeouts
See CVE-2007-5966
+ * bugfix/minixfs-printk-hang.patch
+[SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
+filesystem that would otherwise cause a system to hang (printk storm)
+See CVE-2006-6058
- -- dann frazier [EMAIL PROTECTED] Sun, 16
+ * bugfix/coredump-only-to-same-uid.patch
+[SECURITY] Fix an issue where core dumping over a file that
+already exists retains the ownership of the original file
+See CVE-2007-6206
- -- dann frazier [EMAIL PROTECTED] Tue, 04 Dec 2007 11:48:54 -0700
+ -- dann frazier [EMAIL PROTECTED
() implementations
See CVE-2007-1353
+ * coredump-only-to-same-uid.dpatch
+[SECURITY] Fix an issue where core dumping over a file that
+already exists retains the ownership of the original file
+See CVE-2007-6206
- -- dann frazier [EMAIL PROTECTED] Tue, 11 Sep 2007 00:24:22 -0600
+ -- dann
)
+++ dists/etch-security/linux-2.6/debian/changelog Tue Dec 4 21:07:43 2007
@@ -1,3 +1,11 @@
+linux-2.6 (2.6.18.dfsg.1-13etch6) UNRELEASED; urgency=low
+
+ * bugfix/isdn-net-overflow.patch
+[SECURITY] Fix potential overflows in the ISDN subsystem
+See CVE-2007-6063
+
+ -- dann frazier
for Cobalt RaQ.
- -- maximilian attems [EMAIL PROTECTED] Tue, 04 Dec 2007 16:51:53 +0100
+ [ dann frazier ]
+ * [ia64]: Enable BLK_CPQ_DA
+
+ -- dann frazier [EMAIL PROTECTED] Tue, 04 Dec 2007 13:17:13 -0700
linux-2.6 (2.6.23-1~experimental.1) UNRELEASED; urgency=low
Modified: dists
Author: dannf
Date: Tue Dec 4 05:59:18 2007
New Revision: 9871
Log:
tag 2.6.18.dfsg.1-13etch5
Added:
releases/linux-2.6/2.6.18.dfsg.1-13etch5/
- copied from r9870, /dists/etch-security/linux-2.6/
___
Kernel-svn-changes mailing list
* bugfix/sysfs_readdir-NULL-deref-1.patch,
bugfix/sysfs_readdir-NULL-deref-2.patch,
@@ -21,7 +21,7 @@
by a server sending a corrupt response.
See CVE-2007-5904
- -- dann frazier [EMAIL PROTECTED] Mon, 26 Nov 2007 08:46:19 -0700
+ -- dann frazier [EMAIL PROTECTED] Thu, 29 Nov 2007
.
See CVE-2007-4997
+ * bugfix/wait_task_stopped-hang.patch
+[SECURITY] wait_task_stopped was incorrectly testing for TASK_TRACED -
+check p-exit_state instead avoiding a potential system hang
+See CVE-2007-5500
- -- dann frazier [EMAIL PROTECTED] Sun, 11 Nov 2007 15:46:51 -0700
2.6.18 by dann frazier [EMAIL PROTECTED]
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
expected
See CVE-2007-4311
-
- -- dann frazier [EMAIL PROTECTED] Wed, 07 Nov 2007 23:13:28 -0700
+ * 249_openpromfs-signedness-bug.diff
+250_openpromfs-checks-1.diff
+251_openpromfs-checks-2.diff
+252_openpromfs-checks-3.diff
+[SECURITY] Fix a number of data checks
==
--- dists/trunk/linux-2.6/debian/changelog (original)
+++ dists/trunk/linux-2.6/debian/changelog Tue Nov 13 06:34:52 2007
@@ -109,8 +109,9 @@
[ dann frazier ]
* [ia64] Re-enable various unintentionally disabled config options
+ * Enable hugetlbfs on i386, amd64
- -- dann frazier [EMAIL PROTECTED] Wed, 07 Nov 2007 17:18:15 -0700
+ -- dann frazier [EMAIL PROTECTED] Sun, 11 Nov 2007 15:46:51 -0700
linux-2.6 (2.6.18.dfsg.1-13etch4) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/ieee80211-underflow.patch
9 17:44:29 2007
@@ -1,3 +1,10 @@
+linux-2.6 (2.6.18.dfsg.1-17) UNRELEASED-stable; urgency=low
+
+ * [futex] Fix address computation in compat code, fixing hangs
+on sparc64. (closes: #433187)
+
+ -- dann frazier [EMAIL PROTECTED] Thu, 08 Nov 2007 09:43:49 -0700
+
linux-2.6 (2.6.18.dfsg.1-16
/sysfs-fix-condition-check.patch
+[SECURITY] Fix potential NULL pointer dereference which can lead to
+a local DoS (kernel oops)
+See CVE-2007-3104
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 07 Nov 2007 17:18:15 -0700
+
linux-2.6 (2.6.18.dfsg.1-13etch4) stable-security; urgency=high
/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Thu Nov 8 06:16:44 2007
@@ -31,8 +31,12 @@
clearing of the child process' pdeath signal.
Thanks to Marcel Holtmann for the patch.
See CVE-2007-3848
-
- -- dann frazier [EMAIL PROTECTED] Wed, 07 Nov 2007 23:02:37 -0700
+[SECURITY] Fix potential privilege escalation caused by improper
+clearing of the child process' pdeath signal.
+Thanks to Marcel Holtmann for the patch.
+See CVE-2007-3848
- -- dann frazier [EMAIL PROTECTED] Thu, 12 Jul 2007 23:46:15 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 07 Nov
==
--- dists/trunk/linux-2.6/debian/changelog (original)
+++ dists/trunk/linux-2.6/debian/changelog Fri Oct 12 05:25:31 2007
@@ -95,9 +95,9 @@
* Clean up new amd64 options
[ dann frazier ]
- * [ia64] Enable cciss module
==
--- dists/sid/linux-2.6/debian/changelog(original)
+++ dists/sid/linux-2.6/debian/changelogTue Oct 9 19:54:01 2007
@@ -104,9 +104,9 @@
* Fix tainted check in bug scripts.
[ dann frazier ]
- * [ia64] Enable cciss module
+ * [ia64] Re-enable various unintentionally disabled
+ [ dann frazier ]
+ * Merge in changes from 2.6.18.dfsg.1-13etch4.
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 03 Oct 2007 11:21:41 -0600
linux-2.6 (2.6.18.dfsg.1-15) stable; urgency=high
@@ -41,6 +45,30 @@
-- dann frazier [EMAIL PROTECTED] Mon, 17 Sep 2007 16:56:07 -0600
+linux-2.6 (2.6.18
. (closes: #444395)
@@ -6,7 +6,7 @@
[ dann frazier ]
* Merge in changes from 2.6.18.dfsg.1-13etch4.
- -- dann frazier [EMAIL PROTECTED] Wed, 03 Oct 2007 11:21:41 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 03 Oct 2007 12:20:06 -0600
linux-2.6 (2.6.18.dfsg.1-15) stable; urgency=high
Author: dannf
Date: Wed Oct 3 22:23:11 2007
New Revision: 9608
Log:
tag 2.6.18.dfsg.1-16
Added:
releases/linux-2.6/2.6.18.dfsg.1-16/
- copied from r9607, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
+wait for the device to close, blocking the USB subsystem.
- -- dann frazier [EMAIL PROTECTED] Tue, 02 Oct 2007 10:01:43 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 02 Oct 2007 10:26:32 -0600
linux-2.6 (2.6.18.dfsg.1-13etch3) stable-security; urgency=high
Added:
dists/etch-security
Author: dannf
Date: Tue Oct 2 23:13:45 2007
New Revision: 9601
Log:
tag 2.6.18.dfsg.1-13etch4
Added:
releases/linux-2.6/2.6.18.dfsg.1-13etch4/
- copied from r9600, /dists/etch-security/linux-2.6/
___
Kernel-svn-changes mailing list
/debian/changelogMon Oct 1 21:06:19 2007
@@ -43,7 +43,10 @@
[ Bastian Blank ]
* Fix tainted check in bug scripts.
- -- Bastian Blank [EMAIL PROTECTED] Sun, 09 Sep 2007 15:13:20 +0200
+ [ dann frazier ]
+ * [ia64] Enable cciss module
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 01 Oct
[EMAIL PROTECTED] Wed, 26 Sep 2007 21:09:13 +0200
+ [ dann frazier ]
+ * [ia64] Enable cciss module
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 01 Oct 2007 13:10:12 -0600
linux-2.6 (2.6.22-5) UNRELEASED; urgency=low
Modified: dists/trunk/linux-2.6/debian/config/ia64/config
/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Fri Sep 28 20:59:18 2007
@@ -2,7 +2,7 @@
* Merge in changes from 2.6.18.dfsg.1-13etch3.
- -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 22:33:15 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 26 Sep 2007 14
Author: dannf
Date: Fri Sep 28 21:00:05 2007
New Revision: 9588
Log:
tag 2.6.18.dfsg1-15
Added:
releases/linux-2.6/2.6.18.dfsg.1-15/
- copied from r9587, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
* bugfix/ptrace-handle-bogus-selector.patch,
bugfix/fixup-trace_irq-breakage.patch
@@ -21,7 +21,7 @@
prevent incorrect permissions upon remount.
See CVE-2007-4849
- -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 22:22:42 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep
Author: dannf
Date: Wed Sep 26 16:42:38 2007
New Revision: 9555
Log:
tag 2.6.18.dfsg.1-13etch3
Added:
releases/linux-2.6/2.6.18.dfsg.1-13etch3/
- copied from r9554, /dists/etch-security/linux-2.6/
___
Kernel-svn-changes mailing list
-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Wed Sep 26 20:02:42 2007
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.18.dfsg.1-15) stable; urgency=high
+
+ * Merge in changes from 2.6.18.dfsg.1-13etch3.
+
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 22:33:15 -0600
Author: dannf
Date: Thu Sep 27 00:15:10 2007
New Revision: 9568
Log:
tag 2.6.18.dfsg.1-14
Added:
releases/linux-2.6/2.6.18.dfsg.1-14/
- copied from r9537, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
+[SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
+See CVE-2007-4573
- -- dann frazier [EMAIL PROTECTED] Mon, 24 Sep 2007 23:05:05 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 00:12:13 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency
-2007-4573
+ * bugfix/jffs2-ACL-vs-mode-handling.patch
+[SECURITY] Write correct legacy modes to the medium on inode creation to
+prevent incorrect permissions upon remount.
- -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 00:12:13 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep
- -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 00:19:49 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 18:35:25 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/proc-snd-page-alloc-mem
Author: dannf
Date: Wed Sep 26 00:42:25 2007
New Revision: 9548
Log:
add missing cve reference
Modified:
dists/etch-security/linux-2.6/debian/changelog
Modified: dists/etch-security/linux-2.6/debian/changelog
==
---
Author: dannf
Date: Wed Sep 26 00:43:06 2007
New Revision: 9549
Log:
set urgency to high
Modified:
dists/etch-security/linux-2.6/debian/changelog
Modified: dists/etch-security/linux-2.6/debian/changelog
==
---
-to read potentially sensitive kernel memory from the proc filesystem
-See CVE-2007-4571
- -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 18:35:25 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 25 Sep 2007 22:22:42 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
-3739
- -- dann frazier [EMAIL PROTECTED] Thu, 20 Sep 2007 08:24:55 -0600
+ -- dann frazier [EMAIL PROTECTED] Fri, 21 Sep 2007 10:36:12 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/prevent-stack-growth
Author: dannf
Date: Tue Sep 25 04:34:08 2007
New Revision: 9543
Log:
add mising cve reference
Modified:
dists/etch-security/linux-2.6/debian/changelog
Modified: dists/etch-security/linux-2.6/debian/changelog
==
---
a process' umask
+See CVE-2007-3740
- -- dann frazier [EMAIL PROTECTED] Fri, 21 Sep 2007 10:36:12 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 24 Sep 2007 23:05:05 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches
single-step operations that can be used to trigger a
+NULL-pointer dereference causing an Oops.
+
+ -- dann frazier [EMAIL PROTECTED] Thu, 20 Sep 2007 08:24:55 -0600
+
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
* bugfix/ipv4-fib_props-out-of-bounds.patch
Added:
dists
Author: dannf
Date: Mon Sep 17 16:36:01 2007
New Revision: 9531
Log:
tag 2.6.18.dfsg.1-14
Added:
releases/2.6.18.dfsg.1-14/
- copied from r9530, /dists/etch/linux-2.6/
___
Kernel-svn-changes mailing list
Author: dannf
Date: Mon Sep 17 22:53:35 2007
New Revision: 9535
Log:
remove tag, need to add a couple other fixes first
Removed:
releases/2.6.18.dfsg.1-14/
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
changes in -13 that caused
+boot-time hangs on large memory systems. (closes: #438458)
- -- dann frazier [EMAIL PROTECTED] Mon, 17 Sep 2007 16:49:32 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 17 Sep 2007 16:56:07 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
to happen with certain serial devices so can only
be triggered by a user who already has additional priveleges (dialout
group). (closes: #404815)
-
- -- dann frazier [EMAIL PROTECTED] Mon, 10 Sep 2007 23:28:17 -0600
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 12 Sep 2007 18:53:12 -0600
-1353
- -- dann frazier [EMAIL PROTECTED] Wed, 29 Aug 2007 01:10:46 -0600
+ -- dann frazier [EMAIL PROTECTED] Tue, 11 Sep 2007 00:24:22 -0600
kernel-source-2.6.8 (2.6.8-17) oldstable; urgency=high
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/bluetooth
conformance issue introduced in 2.6.18.dfsg.1-13 by the
+fix for CVE-2007-2242. Thanks to Brian Haley for the patch.
+(closes: #440127)
- -- dann frazier [EMAIL PROTECTED] Mon, 03 Sep 2007 23:33:06 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 10 Sep 2007 22:56:21 -0600
linux-2.6 (2.6.18
Author: dannf
Date: Tue Sep 11 05:06:52 2007
New Revision: 9494
Log:
AMD have tested this for us on both the SB600 SB700, call it good
Modified:
dists/etch/linux-2.6/debian/changelog
Modified: dists/etch/linux-2.6/debian/changelog
***
-
- [ Frederik Schüler ]
- * Add support for 3ware 9650SE controllers. (closes: #402562)
-
- [ dann frazier ]
- * Some older forcedeth nics report the mac address bytes in the
-wrong order. The 2.6.18 driver would workaround this by generating
-a random mac address, but this causes a bad
. (closes: #402562)
- -- dann frazier [EMAIL PROTECTED] Mon, 10 Sep 2007 23:19:00 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 10 Sep 2007 23:22:24 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
Modified: dists/etch/linux-2.6/debian/patches/series/14
)
-
- [ Frederik Schüler ]
- * Add support for 3ware 9650SE controllers. (closes: #402562)
-
- -- dann frazier [EMAIL PROTECTED] Mon, 10 Sep 2007 23:22:24 -0600
+ * Fix a minor denial of service issue that allows local users to disable
+an interrupt by causing an interrupt handler to be quickly
inserted
@@
Signed-off-by: Linus Torvalds [EMAIL PROTECTED]
---
+Backported to Debian's 2.6.18 by dann frazier [EMAIL PROTECTED]
+
diff -urpN linux-source-2.6.18.orig/fs/exec.c linux-source-2.6.18/fs/exec.c
linux-source-2.6.18.orig/fs/exec.c 2007-08-11 08:55:05.0 -0600
-+++ linux-source-2.6.18
==
--- dists/etch/linux-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Thu Sep 6 00:50:56 2007
@@ -1,7 +1,6 @@
linux-2.6 (2.6.18.dfsg.1-14) UNRELEASED; urgency=high
[ dann frazier ]
- * Update abi
2007
@@ -14,7 +14,6 @@
[ Frederik Schüler ]
* Add support for 3ware 9650SE controllers. (closes: #402562)
-***THIS PATCH HAS NOT YET BEEN CHECKED FOR REGRESSIONS***
[ dann frazier ]
* Some older forcedeth nics report the mac address bytes
==
--- dists/etch/linux-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Tue Sep 4 04:32:32 2007
@@ -27,6 +27,31 @@
-- dann frazier [EMAIL PROTECTED] Wed, 29 Aug 2007 01:54:05 -0600
+linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
. (closes: #439167)
***THIS PATCH HAS NOT YET BEEN VERIFIED TO FIX THIS BUG***
+ * bugfix/reset-pdeathsig-on-suid-upstream.patch
+Update fix for CVE-2007-3848 with the patch accepted upstream
- -- dann frazier [EMAIL PROTECTED] Wed, 29 Aug 2007 01:54:05 -0600
+ -- dann frazier [EMAIL
to aacraid devices
See CVE-2007-4308
- -- dann frazier [EMAIL PROTECTED] Wed, 29 Aug 2007 00:29:56 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 23:29:31 -0600
linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
Modified: dists/etch-security/linux-2.6/debian/patches
Aug 30 20:01:02 2007
@@ -18,19 +18,17 @@
Backported to Debian's 2.6.18 by dann frazier [EMAIL PROTECTED]
-diff --git a/drivers/net/forcedeth.c b/drivers/net/forcedeth.c
-index 661c747..51e1cb4 100644
a/drivers/net/forcedeth.c
-+++ b/drivers/net/forcedeth.c
-@@ -178,6 +178,7 @@
- #define
-3848
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 23:56:14 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 29 Aug 2007 01:10:46 -0600
kernel-source-2.6.8 (2.6.8-17) oldstable; urgency=high
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/reset
***
- -- Frederik Schüler [EMAIL PROTECTED] Wed, 22 Aug 2007 21:54:29 +0200
+ [ dann frazier ]
+ * Some older forcedeth nics report the mac address bytes in the
+wrong order. The 2.6.18 driver would workaround this by generating
+a random mac address, but this causes a bad interaction
-of-bounds.patch
+[SECURITY] Fix a typo which caused fib_props[] to be of the wrong size
+and check for out of bounds condition in index provided by userspace
+See CVE-2007-2172
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:16:19 -0600
+
linux-2.6 (2.6.18.dfsg.1-13etch1) stable
.
+See CVE-2007-2875
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:16:19 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:32:44 -0600
linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix
-check.patch
+[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
+See CVE-2007-4308
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 23:14:40 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 23:29:31 -0600
linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security
+[SECURITY] Fix stack-based buffer overflow in the random number
+generator
+See CVE-2007-3105
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:32:44 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:59:03 -0600
linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security
-settings.patch
+[SECURITY] Fix overriding the server to force signing on caused by
+checking the wrong gloal variable.
+See CVE-2007-3843
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 22:59:03 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007 23:14:40 -0600
linux-2.6 (2.6.18
@@ -10,8 +10,11 @@
* dn_fib-out-of-bounds.dpatch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
+ * aacraid-ioctl-perm-check.dpatch
+[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
+See CVE-2007-4308
- -- dann frazier [EMAIL
-out-of-bounds.dpatch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
* aacraid-ioctl-perm-check.dpatch
[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
See CVE-2007-4308
- -- dann frazier [EMAIL PROTECTED] Mon, 27 Aug 2007
Author: dannf
Date: Thu Aug 23 23:42:34 2007
New Revision: 9368
Log:
note that this patch needs to be tested for regressions - I've contacted the
vendor/maintainer about this
Modified:
dists/etch/linux-2.6/debian/changelog
Modified: dists/etch/linux-2.6/debian/changelog
Author: dannf
Date: Wed Aug 22 19:31:43 2007
New Revision: 9348
Log:
fix failed build - .host_flags became .flags sometime after 2.6.18
(http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cca3974e48607c3775dc73b544a5700b2e37c21a)
Modified:
Author: dannf
Date: Wed Aug 22 19:33:01 2007
New Revision: 9349
Log:
move ahci patch to drivers subdir like all the other ones
Added:
dists/etch/linux-2.6/debian/patches/features/all/drivers/ahci-ignore-sb600-internal-error.patch
- copied unchanged from r9348,
* [hppa] remove misuse of global_ack_eiem, fixing a race condition that
resulted in frequent lockups on SMP systems. See: #435878
* Fix intel-agp hang on large memory systems. (closes: #438458)
***THIS PATCH HAS NOT YET BEEN VERIFIED TO FIX THIS BUG***
- -- dann frazier [EMAIL
and software coordination bug
- CPUFREQ: ondemand: add a check to avoid negative load calculation
- -- maximilian attems [EMAIL PROTECTED] Fri, 17 Aug 2007 15:02:13 +0200
+ [ dann frazier ]
+ * [ia64] Restore config cleanup now that its safe to break the ABI
+
+ -- dann frazier [EMAIL PROTECTED
Author: dannf
Date: Mon Aug 20 22:51:55 2007
New Revision: 9336
Log:
maks' fix for #360876 also fixes 438697
Modified:
dists/trunk/linux-2.6/debian/changelog
Modified: dists/trunk/linux-2.6/debian/changelog
==
---
facilitates the
+migration to the new ABI. Closes: #438617
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 20 Aug 2007 17:01:18 -0600
+
linux-latest-2.6 (6etch1) stable; urgency=high
* Update to 2.6.18-5.
___
Kernel-svn-changes mailing list
Kernel
Author: dannf
Date: Tue Aug 21 00:03:15 2007
New Revision: 9338
Log:
tag 6etch2
Added:
releases/linux-latest-2.6/6etch2/
- copied from r9337, /dists/etch-security/linux-latest-2.6/
___
Kernel-svn-changes mailing list
of linux-2.6 (2.6.18.dfsg.1-13etch1)
+requires this new ABI, and an updated linux-latest-2.6 facilitates the
+migration to the new ABI. Closes: #438617
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 20 Aug 2007 17:01:18 -0600
+
linux-latest-2.6 (6etch1) stable; urgency=high
* Update to 2.6.18-5
(original)
+++ dists/etch/linux-2.6/debian/changelog Tue Aug 21 00:59:15 2007
@@ -10,6 +10,47 @@
-- dann frazier [EMAIL PROTECTED] Fri, 03 Aug 2007 15:17:22 -0600
+linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
+
+ * Update abi reference files for ABI 5
systems. (closes: #438458)
+***THIS PATCH HAS NOT YET BEEN VERIFIED TO FIX THIS BUG***
- -- dann frazier [EMAIL PROTECTED] Fri, 03 Aug 2007 15:17:22 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 20 Aug 2007 19:16:19 -0600
linux-2.6 (2.6.18.dfsg.1-13etch1) stable-security; urgency=high
Author: dannf
Date: Tue Aug 14 15:31:50 2007
New Revision: 9304
Log:
set urgency to high
Modified:
dists/etch/linux-2.6/debian/changelog
Modified: dists/etch/linux-2.6/debian/changelog
==
---
101 - 200 of 689 matches
Mail list logo