File: changelog

package info (click to toggle)
mindi-kernel 2.4.27-2sarge4
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 80 kB
  • ctags: 1
  • sloc: makefile: 43
file content (202 lines) | stat: -rw-r--r-- 8,992 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
 
mindi-kernel (2.4.27-2sarge4) stable-security; urgency=high

  * Build against kernel-tree-2.4.27-10sarge5:
    * 233_ia64-sparc-cross-region-mappings.diff
      [SECURITY] Prevent cross-region mappings on ia64 and sparc which
      could be used in a local DoS attack (system crash)
      See CVE-2006-4538
    * 234_atm-clip-freed-skb-deref.diff
      [SECURITY] Avoid dereferencing an already freed skb, preventing a
      potential remote DoS (system crash) vector
      See CVE-2006-4997
    * 235_ppc-alignment-exception-table-check.diff
      [SECURITY][ppc] Avoid potential DoS which can be triggered by some
      futex ops
      See CVE-2006-5649
    * 236_s390-uaccess-memleak.diff
      [SECURITY][s390] Fix memory leak in copy_from_user by clearing the
      remaining bytes of the kernel buffer after a fault on the userspace
      address in copy_from_user()
      See CVE-2006-5174
    * 237_smbfs-honor-mount-opts.diff
      Honor uid, gid and mode mount options for smbfs even when unix extensions
      are enabled (closes: #310982)
      See CVE-2006-5871
    * 238_ppc-hid0-dos.diff
      [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on
      PPC970 at boot time
      See CVE-2006-4093

 -- dann frazier <dannf@debian.org>  Thu,  7 Dec 2006 10:57:55 -0700

mindi-kernel (2.4.27-2sarge3) stable-security; urgency=high

  * Build against kernel-tree-2.4.27-10sarge4:
    * [ERRATA] 213_madvise_remove-restrict.diff
      [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with
      CVE-2006-1524. However, this patch fixes an mprotect issue that was
      split off from the original report into CVE-2006-2071. 2.4.27 is not
      vulnerable to CVE-2006-1524 the madvise_remove issue.
      See CVE-2006-2071
    * 223_nfs-handle-long-symlinks.diff
      [SECURITY] Fix buffer overflow in NFS readline handling that allows a
      remote server to cause a denial of service (crash) via a long symlink
      See CVE-2005-4798
    * 224_cdrom-bad-cgc.buflen-assign.diff
      [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
      be used by a local user to trigger a buffer overflow via a specially
      crafted DVD, USB stick, or similar automatically mounted device.
      See CVE-2006-2935
    * 225_sg-no-mmap-VM_IO.diff
      [SECURITY] Fix DoS vulnerability whereby a local user could attempt
      a dio/mmap and cause the sg driver to oops.
      See CVE-2006-1528
    * 226_snmp-nat-mem-corruption-fix.diff
      [SECURITY] Fix memory corruption in snmp_trap_decode
      See CVE-2006-2444
    * 227_kfree_skb.diff
      [SECURITY] Fix race between kfree_skb and __skb_unlink
      See CVE-2006-2446
    * 228_sparc-mb-extraneous-semicolons.diff
      Fix a syntax error caused by extranous semicolons in smp_mb() macros
      which resulted in a build failure with 227_kfree_skb.diff
    * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
      [SECURITY] Fix SCTP privelege escalation
      See CVE-2006-3745
    * 231_udf-deadlock.diff
      [SECURITY] Fix possible UDF deadlock and memory corruption
      See CVE-2006-4145
    * 232_sparc-membar-extraneous-semicolons.diff
      Fix an additional syntax error caused by extraneous semicolons
      in membar macros on sparc

 -- dann frazier <dannf@debian.org>  Sun, 17 Sep 2006 14:09:27 -0600

mindi-kernel (2.4.27-2sarge2) stable-security; urgency=high

  * NMU by the Security Team
  * Build against kernel-tree-2.4.27-10sarge3:
    * 207_smbfs-chroot-escape.diff
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1864
    * 208_ia64-die_if_kernel-returns.diff
      [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
      an incorrect 'noreturn' attribute on die_if_kernel()
      See CVE-2006-0742
    * 209_sctp-discard-unexpected-in-closed.diff
      [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
      received in CLOSED state instead of calling BUG()
      See CVE-2006-2271
    * 210_ipv4-id-no-increment.diff
      [SECURITY] Fix vulnerability that allows remote attackers to conduct an
      Idle Scan attack, bypassing intended protections against such attacks
      See CVE-2006-1242
    * 211_usb-gadget-rndis-bufoverflow.diff
      [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation
      that allows for a remote DoS attack (kmalloc'd memory corruption)
      See CVE-2006-1368
    * 212_ipv4-sin_zero_clear.diff
      [SECURITY] Fix local information leak in af_inet code
      See CVE-2006-1343
    * 213_madvise_remove-restrict.diff
      [SECURITY] Fix vulnerability that allows local users to bypass IPC
      permissions and replace portions of read-only tmpfs files with zeroes.
      See CVE-2006-1524
    * 214_mcast-ip-route-null-deref.diff
      [SECURITY] Fix local DoS vulnerability that allows local users to panic
      a system by requesting a route for a multicast IP
      See CVE-2006-1525
    * 215_sctp-fragment-recurse.diff
      [SECURITY] Fix remote DoS vulnerability that can lead to infinite
      recursion when a packet containing two or more DATA fragments is received
      See CVE-2006-2274
    * 216_sctp-fragmented-receive-fix.diff
      [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
      COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
      See CVE-2006-2272
    * 217_amd64-fp-reg-leak.diff
      [SECURITY][amd64] Fix an information leak that allows a process to see
      a portion of the floating point state of other processes, possibly
      exposing sensitive information.
      See CVE-2006-1056
    * 218_do_add_counters-race.diff
      [SECURITY] Fix race condition in the do_add_counters() function in
      netfilter that allows local users with CAP_NET_ADMIN capabilities to
      read kernel memory
      See CVE-2006-0039
    * 219_sctp-hb-ack-overflow.diff
      [SECURITY] Fix a remote buffer overflow that can result from a badly
      formatted HB-ACK chunk
      See CVE-2006-1857
    * 220_sctp-param-bound-checks.diff
      [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
      checking code
      See CVE-2006-1858
    * 221_netfilter-do_replace-overflow.diff
      [SECURITY] Fix buffer overflow in netfilter do_replace which can could
      be triggered by users with CAP_NET_ADMIN rights.
      See CVE-2006-0038
    * 222_binfmt-bad-elf-entry-address.diff
      [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
      code on em64t processors
      See CVE-2006-0741

 -- dann frazier <dannf@debian.org>  Sat, 10 Jun 2006 12:34:33 -0600

mindi-kernel (2.4.27-2sarge1) stable-security; urgency=high

  * NMU by the Security Team
  * Rebuild against kernel-source-2.4.27 (2.4.27-10sarge2)

 -- dann frazier <dannf@debian.org>  Mon, 27 Feb 2006 20:41:28 -0700

mindi-kernel (2.4.27-2) unstable; urgency=low

  * Rebuilt package using kernel-source-2.4.27-9 to take advantage of latest
    fixes.
  * Added homepage to package descriptions as per Developer's Reference 2.6.4.
  * Improved short description: de-capitalise first letter, added mondo.
  * Expanded long description pointing out that this package is only for
    disaster recovery media and doesn't install a normal kernel in the system.

 -- Andree Leidenfrost <aleidenf@bigpond.net.au>  Sat, 26 Mar 2005 17:50:37 +1100

mindi-kernel (2.4.27-1) unstable; urgency=low

  * Upgraded to 2.4.27 standard Debian kernel.
  * Added SATA and PCI-Express devices new in 2.4.27 as modules.
  * Changed priority from 'extra' to 'optional': As per Debian Policy 
    2.5 this packages is not 'extra' but rather 'optional'. Also it is a 
    spin-off of package mindi which is 'optional' in the first place.
  * Updated versions in dependencies.
  * Added Amaya to uploaders.
	
 -- Andree Leidenfrost <aleidenf@bigpond.net.au>  Mon, 30 Aug 2004 22:19:40 +1000

mindi-kernel (2.4.26-1) unstable; urgency=low

  * Upgraded to 2.4.26 standard Debian kernel.
  * Added build dependency to modutils. (Closes: #246484)
  * Removed 'Conflicts' tag. (Closes: #246811)
  * Cleaned up rules file.
  * Changed to non-native package following suggestion by Ben Armstrong
  * Removed lots of modules unneeded for purpose (sound, Video4Linux,...).
	
 -- Andree Leidenfrost <aleidenf@bigpond.net.au>  Tue, 20 Jul 2004 20:29:00 +1000

mindi-kernel (2.4.24-1) unstable; urgency=low

  * Upgraded to 2.4.24 standard Debian kernel.
  * Compile kernel from source rather than provide upstream binaries to be in
    line with Debian policy and to re-allow package into Debian.
    Closes: #179812.
  * Put files under lib rather than share as they are binary files
	
 -- Andree Leidenfrost <aleidenf@bigpond.net.au>  Fri, 19 Mar 2004 09:46:35 +1100

mindi-kernel (1.0-1) unstable; urgency=low

  * Initial release.

 -- Hector Garcia <hector@debian.org>  Tue, 19 Aug 2003 12:07:02 +0200