Author: dannf
Date: Sat Sep 30 20:00:11 2006
New Revision: 7567
Modified:
people/jurij/firmware-position-statement.txt
Log:
s/believed/believed to be/
Modified: people/jurij/firmware-position-statement.txt
==
---
Author: dannf
Date: Thu Sep 28 18:10:08 2006
New Revision: 7544
Added:
people/dannf/etch-release-notes
Modified:
people/dannf/pkg-checklist
Log:
start working on some kernel release notes for etch
Added: people/dannf/etch-release-notes
Author: dannf
Date: Thu Sep 28 18:40:57 2006
New Revision: 7545
Modified:
people/dannf/etch-release-notes
Log:
remove incorrect alpha/SMP text - thanks waldi
Modified: people/dannf/etch-release-notes
==
---
Author: dannf
Date: Thu Sep 28 18:43:29 2006
New Revision: 7547
Modified:
people/dannf/etch-release-notes
Log:
add a section on ia64 console shuffling
Modified: people/dannf/etch-release-notes
==
---
Author: dannf
Date: Thu Sep 28 18:47:31 2006
New Revision: 7548
Modified:
people/dannf/etch-release-notes
Log:
note drop of support for 2.2/2.4 kernels
Modified: people/dannf/etch-release-notes
==
---
Author: dannf
Date: Thu Sep 28 18:52:35 2006
New Revision: 7549
Modified:
people/dannf/etch-release-notes
Log:
change syntax to make it easier to see what is arch specific
Modified: people/dannf/etch-release-notes
==
Author: dannf
Date: Thu Sep 28 18:57:17 2006
New Revision: 7551
Modified:
people/dannf/etch-release-notes
Log:
placeholder for new s390 hardware config info
Modified: people/dannf/etch-release-notes
==
---
Author: dannf
Date: Thu Sep 28 18:58:32 2006
New Revision: 7552
Added:
dists/etch/etch-release-notes
- copied unchanged from r7551, /people/dannf/etch-release-notes
Removed:
people/dannf/etch-release-notes
Log:
move release notes to dists/etch instead of under my people dir
Author: dannf
Date: Mon Sep 18 21:07:44 2006
New Revision: 7446
Added:
releases/kernel/source/kernel-source-2.6.8-2.6.8/2.6.8-16sarge4/
- copied from r7006,
/dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/
Log:
retroactively tag sarge4 release
@@
+kernel-source-2.6.8 (2.6.8-16sarge5dannf1) dannf; urgency=low
+
+ *
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 18 Sep 2006 15:27:13 -0600
+
kernel-source-2.6.8 (2.6.8-16sarge5) stable-security; urgency=high
* [ERRATA] madvise_remove-restrict.dpatch
Added:
people/dannf/kernel-source-2.6.8-2.6.8
-rmp3.dpatch, hp-diva-hurricane.dpatch:
+Add PCI IDs for newer Diva console ports
- -- dann frazier [EMAIL PROTECTED] Mon, 18 Sep 2006 15:27:13 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 18 Sep 2006 15:31:59 -0600
kernel-source-2.6.8 (2.6.8-16sarge5) stable-security; urgency=high
@@
* 231_udf-deadlock.diff
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
+* 232_sparc-membar-extraneous-semicolons.diff
+ Fix an additional syntax error caused by extraneous semicolons
+ in membar macros on sparc
-- dann frazier
Author: dannf
Date: Wed Sep 13 19:04:36 2006
New Revision: 7399
Added:
releases/kernel/m68k/
Log:
create tags dir for m68k
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
Author: dannf
Date: Wed Sep 13 19:07:44 2006
New Revision: 7400
Added:
dists/sarge-security/kernel/m68k/
dists/sarge-security/kernel/m68k/kernel-image-2.6.8-m68k-2.6.8/
releases/kernel/m68k/kernel-image-2.6.8-m68k-2.6.8/
Log:
Create directories to load project into.
*
Author: dannf
Date: Wed Sep 13 19:08:22 2006
New Revision: 7402
Added:
releases/kernel/m68k/kernel-image-2.6.8-m68k-2.6.8/2.6.8-4sarge4/
- copied from r7401,
/dists/sarge-security/kernel/m68k/kernel-image-2.6.8-m68k-2.6.8/
Log:
Tag
CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 13 Sep 2006 13:10:56 -0600
+
kernel-image-2.6.8-m68k (2.6.8-4sarge4) stable-security; urgency=high
* Build against
Author: dannf
Date: Thu Sep 14 02:15:43 2006
New Revision: 7404
Added:
dists/sarge-security/kernel-2.4/m68k/
dists/sarge-security/kernel-2.4/m68k/kernel-image-2.4.27-m68k-2.4.27/
releases/kernel-2.4/m68k/
releases/kernel-2.4/m68k/kernel-image-2.4.27-m68k-2.4.27/
Log:
Create
Author: dannf
Date: Thu Sep 14 02:16:19 2006
New Revision: 7406
Added:
releases/kernel-2.4/m68k/kernel-image-2.4.27-m68k-2.4.27/2.4.27-3sarge3/
- copied from r7405,
/dists/sarge-security/kernel-2.4/m68k/kernel-image-2.4.27-m68k-2.4.27/
Log:
Tag
deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 13 Sep 2006 20:21:24 -0600
+
kernel-image-2.4.27-m68k (2.4.27-3sarge3) stable-security; urgency=high
* Build against kernel-tree-2.4.27-10sarge3:
Modified:
dists/sarge-security/kernel-2.4/m68k
Author: dannf
Date: Thu Sep 14 02:35:57 2006
New Revision: 7408
Added:
dists/sarge-security/kernel-2.4/i386/kernel-image-speakup-i386-2.4.27/
releases/kernel-2.4/i386/kernel-image-speakup-i386-2.4.27/
Log:
Create directories to load project into.
*
UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 13 Sep 2006 20:42:50 -0600
+
kernel-image-speakup-i386 (2.4.27-1.1sarge2) stable-security; urgency=high
* NMU by the Security Team
Modified:
dists/sarge-security/kernel-2.4/i386/kernel
+in membar macros on sparc
- -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:53:53 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 13 Sep 2006 21:33:51 -0600
kernel-source-2.4.27 (2.4.27-10sarge3) stable-security; urgency=high
Added:
dists/sarge-security/kernel-2.4/source/kernel
Author: dannf
Date: Tue Sep 12 00:19:03 2006
New Revision: 7388
Added:
dists/sarge-security/kernel/s390/kernel-image-2.6.8-s390-2.6.8/
- copied from r7353,
/dists/sarge-security/kernel/s390/kernel-image-2.6.8-s390/
in a build failure with 227_kfree_skb.diff
-- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:53:53 -0600
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge4
.
- Thanks to Matthew Wilcox for identifying this fix.
- Original changeset is here:
-http://linux.bkbits.net:8080/linux-2.6/[EMAIL
PROTECTED]|src/|src/include|src/include/asm-parisc|related/include/asm-parisc/system.h
- -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 12:43
HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 09:28:45 -0600
+
kernel-image-2.6.8-s390 (2.6.8
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Tue, 5 Sep 2006 00:24:23 -0600
+
kernel-image-2.4.27-s390 (2.4.27-2sarge3) stable-security; urgency=high
* Build against kernel-tree-2.4.27-10sarge3:
Modified:
dists/sarge-security/kernel-2.4/s390/kernel-image-2.4.27-s390/debian
.
+
+ -- dann frazier [EMAIL PROTECTED] Fri, 1 Sep 2006 16:34:40 -0600
+
linux-2.6 (2.6.17-8) unstable; urgency=low
[ Martin Michlmayr ]
Added:
dists/sid/linux-2.6/debian/patches/drivers-ide-pci-via82cxxx-vt8237a-id-2.patch
+
+ -- dann frazier [EMAIL PROTECTED] Sun, 3 Sep 2006 16:10:00 -0600
+
kernel-image-2.4.27-alpha (2.4.27-10sarge3) stable-security; urgency=high
* Build against kernel-tree-2.4.27-10sarge3:
Modified:
dists/sarge-security/kernel-2.4/alpha/kernel-image-2.4.27-alpha-2.4.27/debian/control
@@
Maintainer: Debian Kernel Team debian-kernel@lists.debian.org
Uploaders: William Irwin [EMAIL PROTECTED], Sven Luther [EMAIL PROTECTED],
Jens Schmalzing [EMAIL PROTECTED], Jeff Bailey [EMAIL PROTECTED], Dann
Frazier [EMAIL PROTECTED], Simon Horman [EMAIL PROTECTED], Joshua Kwan
[EMAIL PROTECTED
@@
Maintainer: Debian Kernel Team debian-kernel@lists.debian.org
Uploaders: dann frazier [EMAIL PROTECTED]
Standards-Version: 3.6.1
-Build-Depends: debhelper (= 2), modutils, kernel-patch-2.4.27-ia64 (=
2.4.27-4), kernel-tree-2.4.27-10sarge3, kernel-package (= 8.042), bzip2
+Build-Depends: debhelper (= 2
Author: dannf
Date: Mon Sep 4 01:14:45 2006
New Revision: 7299
Removed:
dists/sarge-security/kernel-2.4/powerpc/kernel-patch-powerpc-2.4.27-2.4.27/debian/control
Log:
don't store autogenerated file in source control
___
Kernel-svn-changes
-priv-elevation-2.diff
+ [SECURITY] Fix SCTP privelege escalation
+ See CVE-2006-3745
+* 229_udf-deadlock.diff
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Sun, 3 Sep 2006 19:01:32 -0600
+
kernel
-3745
+* ppc-hid0-dos.dpatch
+ [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier
-3745
+* ppc-hid0-dos.dpatch
+ [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier
CVE-2006-3745
+* ppc-hid0-dos.dpatch
+ [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann
CVE-2006-3745
+* ppc-hid0-dos.dpatch
+ [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann
CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 10:01:37 -0600
+
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge4) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge4:
Modified:
dists/sarge-security/kernel/powerpc/kernel-patch-powerpc-2.6.8-2.6.8/debian
-3745
+* ppc-hid0-dos.dpatch
+ [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
+ PPC970 at boot time
+ See CVE-2006-4093
+* udf-deadlock.dpatch
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier
Author: dannf
Date: Mon Sep 4 18:20:44 2006
New Revision: 7309
Added:
releases/kernel/hppa/kernel-patch-2.6.8-hppa-2.6.8/2.6.8-5/
- copied from r2461, /trunk/kernel/hppa/kernel-patch-2.6.8-hppa-2.6.8/
Log:
retroactively tag 2.6.8-5 release
Author: dannf
Date: Mon Sep 4 18:22:44 2006
New Revision: 7310
Added:
dists/sarge-security/kernel/hppa/kernel-patch-2.6.8-hppa-2.6.8/
- copied from r7309,
/releases/kernel/hppa/kernel-patch-2.6.8-hppa-2.6.8/2.6.8-5/
Log:
create a sarge-security branch of kernel-patch-2.6.8-hppa
Author: dannf
Date: Mon Sep 4 18:30:48 2006
New Revision: 7311
Modified:
dists/sarge-security/kernel/hppa/kernel-patch-2.6.8-hppa-2.6.8/debian/changelog
Log:
change urgency of the -5 release to match what actually entered sarge
Modified:
in kernel-tree-2.6.8-16sarge5.
+ Thanks to Matthew Wilcox for identifying this fix.
+ Original changeset is here:
+http://linux.bkbits.net:8080/linux-2.6/[EMAIL
PROTECTED]|src/|src/include|src/include/asm-parisc|related/include/asm-parisc/system.h
- -- dann frazier [EMAIL
+* 228_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
+ [SECURITY] Fix SCTP privelege escalation
+ See CVE-2006-3745
+* 229_udf-deadlock.diff
+ [SECURITY] Fix possible UDF deadlock and memory corruption
+ See CVE-2006-4145
+
+ -- dann frazier [EMAIL PROTECTED
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:13:08 -0600
+
kernel-image-2.4.27-sparc (2.4.27-9sarge3) stable-security; urgency=high
* Build against kernel-tree-2.4.27-10sarge3:
Modified:
dists/sarge-security/kernel-2.4/sparc/kernel-image-2.4.27-sparc-2.4.27/debian/control
CVE-2006-3745
@@ -63,7 +68,7 @@
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
- -- dann frazier [EMAIL PROTECTED] Mon, 28 Aug 2006 23:15:37 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:38:15 -0600
kernel-source-2.6.8 (2.6.8-16sarge4
-elevation.dpatch, sctp-priv-elevation-2.dpatch
[SECURITY] Fix SCTP privelege escalation
See CVE-2006-3745
@@ -68,7 +68,7 @@
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
- -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:38:15 -0600
semicolons in smp_mb() macros
+which resulted in a build failure with 227_kfree_skb.diff
- -- dann frazier [EMAIL PROTECTED] Mon, 28 Aug 2006 23:16:42 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 4 Sep 2006 23:53:53 -0600
kernel-source-2.4.27 (2.4.27-10sarge3) stable-security; urgency
Fri Sep 1 22:38:29 2006
@@ -1,3 +1,10 @@
+linux-2.6 (2.6.17-9) UNRELEASED; urgency=low
+
+ * drivers-ide-pci-via82cxxx-vt8237a-id.patch: Add missing PCI ID
+for VT8237A chips, reported by Radek Oliwa.
+
+ -- dann frazier [EMAIL PROTECTED] Fri, 1 Sep 2006 16:34:40 -0600
+
linux-2.6
Michlmayr ]
* arm/ixp4xx: Enable CONFIG_W1.
- -- Martin Michlmayr [EMAIL PROTECTED] Sun, 27 Aug 2006 20:48:53 +0200
+ [ dann frazier ]
+ * sound-pci-hda-mac-mini-quirks.diff, sound-pci-hda-intel-d965.diff
+sound-pci-hda-mac-mini-intel945.diff:
+Updates to patch_sigmatel.c to add x86 mac
-upstream to [EMAIL PROTECTED]
+upstream to [EMAIL PROTECTED]
- -- Kyle McMartin [EMAIL PROTECTED] Tue, 29 Aug 2006 12:34:00 -0400
+ [ dann frazier ]
+ * sym2: only claim Storage class devices - the cpqarray driver should be
+used for 5c1510 devices in RAID mode. (closes: #380272
Author: dannf
Date: Wed Aug 30 01:04:40 2006
New Revision: 7277
Modified:
dists/sid/linux-2.6/debian/patches/series/8
dists/sid/linux-2.6/debian/patches/series/8-extra
Log:
ia64-mman.h-fix.patch only touches ia64 code, so its safe to be applied on all
archs
Modified:
deadlock and memory corruption
See CVE-2006-4145
- -- dann frazier [EMAIL PROTECTED] Sun, 27 Aug 2006 13:24:40 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 28 Aug 2006 23:15:37 -0600
kernel-source-2.6.8 (2.6.8-16sarge4) stable-security; urgency=high
Added:
dists/sarge-security/kernel
possible UDF deadlock and memory corruption
See CVE-2006-4145
- -- dann frazier [EMAIL PROTECTED] Sun, 27 Aug 2006 18:05:54 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 28 Aug 2006 23:16:42 -0600
kernel-source-2.4.27 (2.4.27-10sarge3) stable-security; urgency=high
Added:
dists
Author: dannf
Date: Sun Aug 27 22:43:23 2006
New Revision: 7252
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Log:
add CVE reference fix a typo
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Author: dannf
Date: Mon Aug 28 00:27:18 2006
New Revision: 7254
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Log:
prepare for release
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Author: dannf
Date: Mon Aug 28 00:41:46 2006
New Revision: 7255
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
mark abi breakers
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Author: dannf
Date: Mon Aug 28 00:42:25 2006
New Revision: 7256
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
prepare for release
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
, USB stick, or similar automatically mounted device.
See CVE-2006-2935
+ * 225_sg-no-mmap-VM_IO.diff
+[SECURITY] Fix DoS vulnerability whereby a local user could attempt
+a dio/mmap and cause the sg driver to oops.
+See CVE-2006-1528
- -- dann frazier [EMAIL PROTECTED] Wed, 16
user
See CVE-2006-1855
+ * readv-writev-missing-lsm-check.dpatch,
+readv-writev-missing-lsm-check-compat.dpatch
+[SECURITY] Add missing file_permission callback in readv/writev syscalls
+See CVE-2006-1856
- -- dann frazier [EMAIL PROTECTED] Thu, 17 Aug 2006 01:10:52 -0600
a long symlink
@@ -14,7 +20,7 @@
a dio/mmap and cause the sg driver to oops.
See CVE-2006-1528
- -- dann frazier [EMAIL PROTECTED] Thu, 17 Aug 2006 00:35:53 -0600
+ -- dann frazier [EMAIL PROTECTED] Sat, 26 Aug 2006 21:30:40 -0600
kernel-source-2.4.27 (2.4.27-10sarge3) stable
+47,7 @@
[SECURITY] Add missing file_permission callback in readv/writev syscalls
See CVE-2006-1856
- -- dann frazier [EMAIL PROTECTED] Sat, 26 Aug 2006 20:40:31 -0600
+ -- dann frazier [EMAIL PROTECTED] Sat, 26 Aug 2006 21:18:29 -0600
kernel-source-2.6.8 (2.6.8-16sarge4) stable
@@
readv-writev-missing-lsm-check-compat.dpatch
[SECURITY] Add missing file_permission callback in readv/writev syscalls
See CVE-2006-1856
+ * snmp-nat-mem-corruption-fix.dpatch
+[SECURITY] Fix memory corruption in snmp_trap_decode
+See CVE-2006-2444
- -- dann frazier
)
- -- Frederik Schüler [EMAIL PROTECTED] Sat, 19 Aug 2006 00:19:31 +0200
+ [ dann frazier ]
+ * Include module.lds in headers package if it exists. Closes: #342246
+
+ -- dann frazier [EMAIL PROTECTED] Sun, 20 Aug 2006 13:27:58 -0600
linux-2.6 (2.6.17-6) unstable; urgency=low
Modified: dists
: #383707)
[ dann frazier ]
- * Include module.lds in headers package if it exists. Closes: #342246
+ * Include module.lds in headers package if it exists. (closes: #342246)
+ * Add Apple MacBook product IDs to usbhid and set
+CONFIG_USB_HIDINPUT_POWERBOOK=y on i386 and amd64. (closes: #383620
to cause a denial of service (crash) via a long symlink
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 16 Aug 2006 19:13:03 -0600
+
kernel-source-2.4.27 (2.4.27-10sarge3) stable-security; urgency=high
* 207_smbfs-chroot-escape.diff
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27
Author: dannf
Date: Thu Aug 17 03:04:32 2006
New Revision: 7173
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
add missing cve id
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
potentially
+be used by a local user to trigger a buffer overflow via a specially
+crafted DVD, USB stick, or similar automatically mounted device.
+See CVE-2006-2935
- -- dann frazier [EMAIL PROTECTED] Wed, 16 Aug 2006 20:24:10 -0600
+ -- dann frazier [EMAIL PROTECTED] Wed, 16 Aug 2006
DVD, USB stick, or similar automatically
-mounted device (CVE-2006-2935)
+ * usb-serial-ftdi_sio-dos.patch: fix userspace DoS in ftdi_sio driver
[ Bastian Blank ]
* Update xen patch to changeset 9762.
- -- dann frazier [EMAIL PROTECTED] Wed, 16 Aug 2006 21:11:12 -0600
+ -- dann
Author: dannf
Date: Wed Jul 19 20:11:39 2006
New Revision: 7040
Removed:
patch-tracking/
Log:
security tracking has moved to the kernel-sec alioth project in order to make
it more convenient to share with other distributions
___
Kernel-svn-changes
2.6.17.6:
- Relax /proc fix a bit
- -- Bastian Blank [EMAIL PROTECTED] Sat, 15 Jul 2006 21:46:05 +0200
+ [ dann frazier ]
+ * [ia64] Drop the non-SMP flavours; they are not well maintained upstream.
+Note that the non-SMP flavours have been identical to the SMP builds
+since 2.6.13-1
vulnerability caused by a race in proc
+See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 02:03:51 -0600
+
kernel-source-2.6.8 (2.6.8-16sarge3) stable-security; urgency=high
* net-protocol-mod-refcounts-pre.dpatch, net-protocol-mod-refcounts.dpatch
Added:
dists/sarge
-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 02:23:36 -0600
) stable-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 02:27:54
-2.6.8 (2.6.8-12sarge4) stable-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED
) stable-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 09:12:48
) stable-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 09:16:24
-security; urgency=high
+
+ * Build against kernel-tree-2.6.8-16sarge4:
+* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
+ [SECURITY] Fix local root vulnerability caused by a race in proc
+ See CVE-2006-3626
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 15 Jul 2006 09:23:24 -0600
Author: dannf
Date: Sat Jul 15 15:43:09 2006
New Revision: 7025
Removed:
patch-tracking/CVE-2005-3055.patch
Log:
patch already applied, not needed here
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
Author: dannf
Date: Sat Jul 15 15:44:33 2006
New Revision: 7026
Removed:
patch-tracking/CVE-2005-1765.patch
Log:
patch already applied, not needed here
___
Kernel-svn-changes mailing list
Kernel-svn-changes@lists.alioth.debian.org
if upstream resolved the issue - but that never happened.
-Note that this is a measurable performance penalty on non-SMP systems.
-
- -- dann frazier [EMAIL PROTECTED] Sat, 8 Jul 2006 21:16:59 -0600
-
linux-2.6.16 (2.6.16-16) unstable; urgency=low
[ Sven Luther
Author: dannf
Date: Sun Jul 9 03:16:33 2006
New Revision: 6967
Added:
releases/linux-2.6.16/2.6.16-16/
- copied from r6966, /dists/sid/linux-2.6.16/
Log:
retroactively tag 2.6.16-16
___
Kernel-svn-changes mailing list
; this was to avoid having to drop then re-add these
+flavours if upstream resolved the issue - but that never happened.
+Note that this is a measurable performance penalty on non-SMP systems.
+
+ -- dann frazier [EMAIL PROTECTED] Sat, 8 Jul 2006 21:16:59 -0600
+
linux-2.6.16 (2.6.16-16
)
+++ dists/trunk/linux-2.6/debian/changelog Sun Jul 9 03:32:17 2006
@@ -43,7 +43,14 @@
[ Sven Luther ]
* Re-enabled fs-asfs patch.
- -- maximilian attems [EMAIL PROTECTED] Fri, 7 Jul 2006 15:23:43 +0200
+ [ dann frazier ]
+ * [ia64] Drop the non-SMP flavours; they are not well
Author: dannf
Date: Sun Jul 9 03:46:32 2006
New Revision: 6970
Modified:
dists/trunk/linux-2.6/debian/templates/control.extra.in
Log:
ia64 non-smp transition packages now depend on smp '-latest' packages since
we've dropped non-smp image support
Modified:
Author: dannf
Date: Sun Jul 9 04:05:53 2006
New Revision: 6971
Modified:
patch-tracking/CVE-2004-0949
patch-tracking/CVE-2004-2607
patch-tracking/CVE-2004-2660
patch-tracking/CVE-2005-0109
patch-tracking/CVE-2005-0176
patch-tracking/CVE-2005-2709
patch-tracking/CVE-2005-3180
Author: dannf
Date: Tue Jun 20 06:47:06 2006
New Revision: 6836
Added:
patch-tracking/CVE-2006-2448
- copied, changed from r6835, /patch-tracking/00boilerplate
Log:
new issue
Copied: patch-tracking/CVE-2006-2448 (from r6835, /patch-tracking/00boilerplate)
@@
[ Frederik Schüler ]
* New upstream release.
* [amd64] Use gcc 4.1.
- * [amd64] Drop amd64-generic flavor. We will use amd64-k8 for the
+ * [amd64] Drop amd64-generic flavor. We will use amd64-k8 for the
installer.
[ Martin Michlmayr ]
@@ -19,8 +19,9 @@
[ dann frazier
Author: dannf
Date: Sun Jun 11 17:43:27 2006
New Revision: 6789
Modified:
patch-tracking/dsa-texts/2.4.27-sarge3
patch-tracking/dsa-texts/2.6.8-sarge3
Log:
add the other packages that needed a rebuild against sarge3 source
Modified: patch-tracking/dsa-texts/2.4.27-sarge3
PROTECTED]
-http://www.debian.org/security/ Dann Frazier
+http://www.debian.org/security/ Dann Frazier, Troy Heber
X 8th, 2005 http://www.debian.org/security/faq
with CAP_NET_ADMIN rights.
+ See CVE-2006-0038
+* 222_binfmt-bad-elf-entry-address.diff
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
+
+ -- dann frazier [EMAIL PROTECTED] Thu, 1 Jun 2006 23:16:20 -0600
-2006-0038
+* 222_binfmt-bad-elf-entry-address.diff
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
+
+ -- dann frazier [EMAIL PROTECTED] Wed, 31 May 2006 17:38:01 -0600
+
kernel-patch-2.4.27-mips (2.4.27-10
Author: dannf
Date: Wed May 31 02:39:26 2006
New Revision: 6767
Modified:
patch-tracking/CVE-2003-0018
patch-tracking/CVE-2003-0127
patch-tracking/CVE-2003-0244
patch-tracking/CVE-2003-0246
patch-tracking/CVE-2003-0247
patch-tracking/CVE-2003-0364
patch-tracking/CVE-2003-0461
-tree-2.4.27-10sarge3:
* 207_smbfs-chroot-escape.diff
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
@@ -67,7 +68,7 @@
code on em64t processors
See CVE-2006-0741
- -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 17:24:45 -0600
+ -- dann frazier
(remote DoS) in the SCTP parameter
checking code
See CVE-2006-1858
+ * 221_netfilter-do_replace-overflow.diff
+[SECURITY] Fix buffer overflow in netfilter do_replace which can could
+be triggered by users with CAP_NET_ADMIN rights.
+See CVE-2006-0038
- -- dann frazier
][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+code on em64t processors
+See CVE-2006-0741
- -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 00:57:31 -0600
+ -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 01:21:41 -0600
kernel-source-2.4.27 (2.4.27-10sarge2) stable
Author: dannf
Date: Mon May 29 08:26:06 2006
New Revision: 6755
Removed:
patch-tracking/CVE-2006-0741-2.4.patch
Modified:
patch-tracking/CVE-2002-0429
patch-tracking/CVE-2002-0704
patch-tracking/CVE-2003-0018
patch-tracking/CVE-2003-0127
patch-tracking/CVE-2003-0244
-2006-0038
+* 222_binfmt-bad-elf-entry-address.diff
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 17:13:43 -0600
+
kernel-image-2.4.27-arm (2.4.27
rights.
+ See CVE-2006-0038
+* 222_binfmt-bad-elf-entry-address.diff
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 17:18:58 -0600
+
kernel
by users with CAP_NET_ADMIN rights.
+ See CVE-2006-0038
+* 222_binfmt-bad-elf-entry-address.diff
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
+
+ -- dann frazier [EMAIL PROTECTED] Mon, 29 May 2006 17:24
401 - 500 of 689 matches
Mail list logo