2008
kernel-patch-powerpc-2.6.8 (2.6.8-13sarge1) oldstable-security; urgency=high
* Rebuild against kernel-tree-2.6.8-17sarge1
* compat_sys_mount-NULL-data_page.dpatch
[SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page
See CVE-2006-7203
* pppoe-socket-release-mem-leak.dpatch
[SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
after connect but before PPPIOCGCHAN ioctl is called upon it
See CVE-2007-2525
* dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch
[SECURITY] Fix out of bounds condition in dn_fib_props[]
See CVE-2007-2172
* aacraid-ioctl-perm-check.dpatch
[SECURITY] Require admin capabilities to issue ioctls to aacraid devices
See CVE-2007-4308
* reset-pdeathsig-on-suid.dpatch
[SECURITY] Fix potential privilege escalation caused by improper
clearing of the child process' pdeath signal.
See CVE-2007-3848
* bluetooth-l2cap-hci-info-leaks.dpatch
[SECURITY] Fix information leaks in setsockopt() implementations
See CVE-2007-1353
* coredump-only-to-same-uid.dpatch
[SECURITY] Fix an issue where core dumping over a file that
already exists retains the ownership of the original file
See CVE-2007-6206
* i4l-isdn_ioctl-mem-overrun.dpatch
[SECURITY] Fix potential isdn ioctl memory overrun
See CVE-2007-6151
* cramfs-check-block-length.dpatch
[SECURITY] Add a sanity check of the block length in cramfs_readpage to
avoid a potential oops condition
See CVE-2006-5823
* ext2-skip-pages-past-num-blocks.dpatch
[SECURITY] Add some sanity checking for a corrupted i_size in
ext2_find_entry()
See CVE-2006-6054
* minixfs-printk-hang.dpatch
[SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
filesystem that would otherwise cause a system to hang (printk storm)
See CVE-2006-6058
* isdn-net-overflow.dpatch
[SECURITY] Fix potential overflows in the ISDN subsystem
See CVE-2007-6063
* prevent-stack-growth-into-hugetlb-region.dpatch
[SECURITY] Prevent OOPS during stack expansion when the VMA crosses
into address space reserved for hugetlb pages.
See CVE-2007-3739
* cifs-honor-umask.dpatch
[SECURITY] Make CIFS honor a process' umask
See CVE-2007-3740
* hugetlb-prio_tree-unit-fix.dpatch
[SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree
which could be used to trigger a BUG_ON() call in exit_mmap.
See CVE-2007-4133
* amd64-zero-extend-32bit-ptrace.dpatch
[SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
See CVE-2007-4573
* usb-pwc-disconnect-block.dpatch
[SECURITY] Fix issue with unplugging webcams that use the pwc driver.
If userspace still has the device open it can result, the driver would
wait for the device to close, blocking the USB subsystem.
See CVE-2007-5093
* powerpc-chrp-null-deref.dpatch
[SECURITY][powerpc] Fix NULL pointer dereference if get_property
fails on the subarchitecture
See CVE-2007-6694
* random-bound-check-ordering.dpatch
[SECURITY] Fix stack-based buffer overflow in the random number
generator
See CVE-2007-3105
* mmap-VM_DONTEXPAND.dpatch
[SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
a fault handler but do not bounds check the offset argument
See CVE-2008-0007
-- dann frazier <dannf@debian.org> Tue, 19 Feb 2008 20:54:09 -0700
2007
kernel-patch-powerpc-2.6.8 (2.6.8-13) oldstable; urgency=high
* Rebuild against kernel-tree-2.6.8-17
[ Simon Horman ]
* drivers-net-via-rhine-wol-oops.dpatch (removed):
This patch breaks the via-rhine driver and 2.6.8 and is
completely bogus for this version of the kernel
(closes: #311357)
* drivers-media-vidio-bttv-vc100xp-detect.dpatch
Allow Leadtek WinFast VC100 XP cards to work.
* fs-jbd-checkpoint-assertion.dpatch
Fix possible false assertion failure in log_do_checkpoint(). We might fail
to detect that we actually made a progress when cleaning up the checkpoint
lists if we don't retry after writing something to disk.
* mm-rmap-out-of-bounds-pte.dpatch
Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap()
* net-ipv4-netfilter-ip_queue-deadlock.dpatch
Fix deadlock with ip_queue and tcp local input path.
* asm-i386-mem-clobber.dpatch:
Make sure gcc doesn't reorder memory accesses in strncmp and friends on
i386.
* drivers-acpi-pci_irq-elcr.dpatch:
Make sure we call acpi_register_gsi() even for default PCI interrupt
assignment. That's the part that keeps track of the ELCR register, and we
want to make sure that the PCI interrupts are properly marked level/low.
[ dann frazier ]
* Merge in applicable fixes from 2.6.12.4
- netfilter-deadlock-ip6_queue.dpatch
- rocket_c-fix-ldisc-ref-count.dpatch
- early-vlan-fix.dpatch
[ Simon Horman ]
* drivers-sata-promise-sataii_tx2_tx4.dpatch
Add SATAII TX2 and TX2/TX4 support to sata promise driver
(Closes: #317286)
* module-per-cpu-alignment-fix.dpatch
Module per-cpu alignment cannot always be met
From 2.6.12.5
* genelink-usbnet-skb-typo.dpatch
fix gl_skb/skb type error in genelink driver in usbnet
Backported From 2.6.12.6
* drivers-ide-ppp-pmac-build.dpatch
Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds
(closes: #321442)
* fs-ext3-nfs-parent-fix.dpatch
ext3 file systems mounted over nfs may lookup .. in dx directories
causing an oops.
(closes: #323557)
* sparc-request_irq-in-RTC-fix.dpatch
Use SA_SHIRQ in sparc specific code.
From 2.6.13.1
* forcedeth-init-link-settings-in-nv_open.patch
forcedeth: Initialize link settings in every nv_open()
From 2.6.13.2
* fix-MPOL_F_VERIFY.patch
Fix MPOL_F_VERIFY
From 2.6.13.2
* fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch
Fix up more strange byte writes to the PCI_ROM_ADDRESS config word
From 2.6.13.2
* yenta-oops-fix.patch
yenta oops fix
From 2.6.13.3
* fix-de_thread-BUG_ON.patch
Fix fs/exec.c:788 (de_thread()) BUG_ON
From 2.6.13.3
* ipv6-fix-per-socket-multicast-filtering.patch
fix IPv6 per-socket multicast filtering in exact-match case
From 2.6.13.3
* ipvs-ip_vs_ftp-breaks-connections.patch
ipvs: ip_vs_ftp breaks connections using persistence
From 2.6.13.3
* ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch
ieee1394/sbp2: fixes for hot-unplug and module unloading
From 2.6.13.4
* fix-sparc64-fpu-register-corruption.dpatch
[SPARC64]: Fix userland FPU state corruption.
From 2.6.13.4
[ dann frazier ]
* drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch:
Fix a bug in the block layer that causes a bootloader installation
error under certain conditions - breaks installation on cciss devices.
(closes: #354493)
* Fix data corruption with dm-crypt over RAID5 (closes: #336153)
* Fix VLAN support for 3c59x/90x series hardware (closes: #349774)
* Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in
bogus 'error during NLMSG_PUT' messages (closes: #372621)
* hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch:
Add PCI IDs for newer Diva console ports
-- dann frazier <dannf@debian.org> Sat, 26 May 2007 04:08:06 -0600
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge7) oldstable-security; urgency=high
* Rebuild against kernel-tree-2.6.8-16sarge7 which requires
an ABI increment:
* [ERRATA] smbfs-honor-mount-opts-2.dpatch
Fix some regressions with respect to file types (e.g., symlinks)
introduced by the fix for CVE-2006-5871 in 2.6.8-16sarge6
* mincore_hang.dpatch
[SECURITY] Fix a potential deadlock in mincore, thanks to Marcel
Holtmann for the patch.
See CVE-2006-4814
* mincore-fixes.dpatch
This patch includes a few fixes, necessary for mincore_hang.dpatch to
apply cleanly.
* dev_queue_xmit-error-path.dpatch
[SECURITY] Correct an error path in dev_queue_xmit() to rebalance
local_bh_enable() calls. Patch from Vasily Averin.
See CVE-2006-6535
* dvb-core-handle-0-length-ule-sndu.dpatch
[SECURITY] Avoid sending invalid ULE packets which may not properly
handled by the receiving side triggering a crash. This is a backport
of the patch that went into 2.6.17.y. It would be better to fix the
receiving end, but no patch for the era kernel has been developed yet.
See CVE-2006-4623
* bluetooth-capi-size-checks.dpatch
[SECURITY] Add additional length checks to avoid potential remote
DoS attacks in the handling of CAPI messages in the bluetooth driver
See CVE-2006-6106
* __find_get_block_slow-race.dpatch
[SECURITY] Fix infinite loop in __find_get_block_slow that can
be triggered by mounting and accessing a malicious iso9660 or NTFS
filesystem
See CVE-2006-5757, CVE-2006-6060
* listxattr-mem-corruption.dpatch
[SECURITY] Fix userspace corruption vulnerability caused by
incorrectly promoted return values in bad_inode_ops
This patches changes the kernel ABI.
See CVE-2006-5753
* aio-fix-nr_pages-init.dpatch
[SECURITY] Fix initialization of info->nr_pages in aio_setup_ring() to
avoid a race that can lead to a system crash
See CVE-2006-5754
* unmap_hugepage_area-check-null-pte.dpatch
[SECURITY] Fix a potential DoS (crash) in unmap_hugepage_area().
No kernel-image builds appear to compile this code, so this fix is only
for users that compile their own kernels with the Debian source and
enable/use huge pages.
See CVE-2005-4811
* ext3-fsfuzz.dpatch
[SECURITY] Fix a DoS vulnerability that can be triggered by a local
user with the ability to mount a corrupted ext3 filesystem
See CVE-2006-6053
* hfs-no-root-inode.dpatch
[SECURITY] Fix bug in HFS where hfs_fill_super returns success even
if no root inode is found. On an SELinux-enabled system, this can
be used to trigger a local DoS. Debian does not enable SELinux by
default.
See CVE-2006-6056
* ipv6_fl_socklist-no-share.dpatch
[SECURITY] Fix local DoS vulnerability caused by inadvertently sharing
ipv6_fl_socklist between the listening socket and the socket created
for connection.
See CVE-2007-1592
* core-dump-unreadable-PT_INTERP.dpatch
[SECURITY] Fix a vulnerability that allows local users to read
otherwise unreadable (but executable) files by triggering a core dump.
See CVE-2007-0958
* appletalk-length-mismatch.dpatch
[SECURITY] Fix a remote DoS (crash) in appletalk
Depends upon appletalk-endianness-annotations.dpatch
See CVE-2007-1357
-- dann frazier <dannf@debian.org> Mon, 16 Apr 2007 17:08:07 -0700
2006
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge6) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge6:
* perfmon-fd-refcnt.dpatch
[SECURITY][ia64] Fix file descriptor leak in perfmonctl
system call which could be used as a local denial of service attack
by depleting the system of file descriptors
See CVE-2006-3741
* ia64-sparc-cross-region-mappings.dpatch
[SECURITY] Prevent cross-region mappings on ia64 and sparc which
could be used in a local DoS attack (system crash)
See CVE-2006-4538
* __block_prepare_write-recovery.dpatch
[SECURITY] Fix an information leak in __block_prepare_write()
See CVE-2006-4813
* atm-clip-freed-skb-deref.dpatch
[SECURITY] Avoid dereferencing an already freed skb, preventing a
potential remote DoS (system crash) vector
See CVE-2006-4997
* ip6_flowlabel-lockup.dpatch
[SECURITY] Fix local DoS attack vector (lockups, oopses) in the
sequence handling for /proc/net/ip6_flowlabel
See CVE-2006-5619
* ppc-alignment-exception-table-check.dpatch
[SECURITY][ppc] Avoid potential DoS which can be triggered by some
futex ops
See CVE-2006-5649
* s390-uaccess-memleak.dpatch
[SECURITY][s390] Fix memory leak in copy_from_user by clearing the
remaining bytes of the kernel buffer after a fault on the userspace
address in copy_from_user()
See CVE-2006-5174
* smbfs-honor-mount-opts.dpatch
Honor uid, gid and mode mount options for smbfs even when unix extensions
are enabled
See CVE-2006-5871
* bridge-get_fdb_entries-overflow.dpatch
Protect against possible overflow in get_fdb_entries
See CVE-2006-5751
-- dann frazier <dannf@debian.org> Tue, 5 Dec 2006 02:21:34 -0700
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge5) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge5:
* [ERRATA] madvise_remove-restrict.dpatch
[SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
CVE-2006-1524. However, this patch fixes an mprotect issue that was
split off from the original report into CVE-2006-2071. 2.6.8 is not
vulnerable to CVE-2006-1524 the madvise_remove issue.
See CVE-2006-2071
* fs-ext3-bad-nfs-handle.dpatch
[SECURITY] James McKenzie discovered a Denial of Service vulnerability
in the NFS driver. When exporting an ext3 file system over NFS, a remote
attacker could exploit this to trigger a file system panic by sending
a specially crafted UDP packet.
See CVE-2006-3468
* direct-io-write-mem-leak.dpatch
[SECURITY] Fix memory leak in O_DIRECT write.
See CVE-2004-2660
* nfs-handle-long-symlinks.dpatch
[SECURITY] Fix buffer overflow in NFS readline handling that allows a
remote server to cause a denial of service (crash) via a long symlink
See CVE-2005-4798
* cdrom-bad-cgc.buflen-assign.dpatch
[SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
be used by a local user to trigger a buffer overflow via a specially
crafted DVD, USB stick, or similar automatically mounted device.
See CVE-2006-2935
* usb-serial-ftdi_sio-dos.patch
[SECURITY] fix userspace DoS in ftdi_sio driver
See CVE-2006-2936
* selinux-tracer-SID-fix.dpatch
[SECURITY] Fix vulnerability in selinux_ptrace that prevents local
users from changing the tracer SID to the SID of another process
See CVE-2006-1052
* netfilter-SO_ORIGINAL_DST-leak.dpatch
[SECURITY] Fix information leak in SO_ORIGINAL_DST
See CVE-2006-1343
* sg-no-mmap-VM_IO.dpatch
[SECURITY] Fix DoS vulnerability whereby a local user could attempt
a dio/mmap and cause the sg driver to oops.
See CVE-2006-1528
* exit-bogus-bugon.dpatch
[SECURITY] Remove bogus BUG() in exit.c which could be maliciously
triggered by a local user
See CVE-2006-1855
* readv-writev-missing-lsm-check.dpatch,
readv-writev-missing-lsm-check-compat.dpatch
[SECURITY] Add missing file_permission callback in readv/writev syscalls
See CVE-2006-1856
* snmp-nat-mem-corruption-fix.dpatch
[SECURITY] Fix memory corruption in snmp_trap_decode
See CVE-2006-2444
* kfree_skb-race.dpatch
[SECURITY] Fix race between kfree_skb and __skb_unlink
See CVE-2006-2446
* hppa-mb-extraneous-semicolon.dpatch,
sparc32-mb-extraneous-semicolons.dpatch,
sparc64-mb-extraneous-semicolons.dpatch:
Fix a syntax error caused by extranous semicolons in smp_mb() macros
which resulted in a build failure with kfree_skb-race.dpatch
* sctp-priv-elevation.dpatch
[SECURITY] Fix SCTP privelege escalation
See CVE-2006-3745
* sctp-priv-elevation-2.dpatch
[SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch
See CVE-2006-4535
* ppc-hid0-dos.dpatch
[SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
PPC970 at boot time
See CVE-2006-4093
* udf-deadlock.dpatch
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
-- dann frazier <dannf@debian.org> Mon, 4 Sep 2006 10:01:37 -0600
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge4) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge4:
* proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
[SECURITY] Fix local root vulnerability caused by a race in proc
See CVE-2006-3626
-- dann frazier <dannf@debian.org> Sat, 15 Jul 2006 02:48:56 -0600
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge3) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge3:
* net-protocol-mod-refcounts-pre.dpatch, net-protocol-mod-refcounts.dpatch
[SECURITY] Fix potential DoS (panic) cause by inconsistent reference
counting in network protocol modules.
See CVE-2005-3359
* netfilter-do_replace-overflow.dpatch
[SECURITY] Fix buffer overflow in netfilter do_replace which can could
be triggered by users with CAP_NET_ADMIN rights.
See CVE-2006-0038
* sys_mbind-sanity-checking.dpatch
[SECURITY] Make sure maxnodes is safe size before calculating nlongs in
get_nodes() to prevent a local DoS vulnerability.
See CVE-2006-0557
* smbfs-chroot-escape.dpatch
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
local users to escape chroot restrictions
See CVE-2006-1864
* perfmon-exit-race.dpatch
[SECURITY][ia64] Fix local denial of service vulnerability (oops) in
the ia64 perfmon subsystem
See CVE-2006-0558
* ia64-die_if_kernel-returns.dpatch
[SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
an incorrect 'noreturn' attribute on die_if_kernel()
See CVE-2006-0742
* smbfs-chroot-escape.dpatch
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
local users to escape chroot restrictions
See CVE-2006-1863
* binfmt-bad-elf-entry-address.dpatch
[SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
code on em64t processors
See CVE-2006-0741
* em64t-uncanonical-return-addr.dpatch
[SECURITY][amd64] Fix local DoS vulnerability on em64t systems that
arises when returning program control using SYSRET
See CVE-2006-0744
* sctp-discard-unexpected-in-closed.dpatch
[SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
received in CLOSED state instead of calling BUG()
See CVE-2006-2271
* ipv4-id-no-increment.dpatch
[SECURITY] Fix vulnerability that allows remote attackers to conduct an
Idle Scan attack, bypassing intended protections against such attacks
See CVE-2006-1242
* usb-gadget-rndis-bufoverflow.dpatch
[SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation that
allows for a remote DoS attack (kmalloc'd memory corruption)
See CVE-2006-1368
* group_complete_signal-BUG_ON.dpatch
[SECURITY] Fix improper use of BUG_ON in __group_complete_signal()
See CVE-2006-1523
* madvise_remove-restrict.dpatch
[SECURITY] Fix vulnerability that allows local users to bypass IPC
permissions and replace portions of read-only tmpfs files with zeroes.
See CVE-2006-1524
* mcast-ip-route-null-deref.dpatch
[SECURITY] Fix local DoS vulnerability that allows local users to panic
a system by requesting a route for a multicast IP
See CVE-2006-1525
* sctp-fragment-recurse.dpatch
[SECURITY] Fix remote DoS vulnerability that can lead to infinite
recursion when a packet containing two or more DATA fragments is received
See CVE-2006-2274
* sctp-fragmented-receive-fix.dpatch
[SECURITY] Fix remote DoS vulnerability that allows IP fragmented
COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
See CVE-2006-2272
* amd64-fp-reg-leak-dep[1-3].dpatch, amd64-fp-reg-leak.dpatch
[SECURITY][amd64] Fix an information leak that allows a process to see
a portion of the floating point state of other processes, possibly
exposing sensitive information.
See CVE-2006-1056
* do_add_counters-race.dpatch
[SECURITY] Fix race condition in the do_add_counters() function in
netfilter that allows local users with CAP_NET_ADMIN capabilities to
read kernel memory
See CVE-2006-0039
* s390-strnlen_user-return.dpatch
[SECURITY][s390] Fix local DoS on s390 that may result from strnlen_user
returning a value that is too large
See CVE-2006-0456
* xfs-ftruncate-leak.dpatch
[SECURITY] Fix leak in the ftruncate call in the XFS filesystem that may
permit local users to view sensitive information
See CVE-2006-0554
* nfs-another-O_DIRECT-fix.dpatch
[SECURITY] Fix a potential local DoS vulnerability in the NFS O_DIRECT
code
See CVE-2006-0555
* sctp-hb-ack-overflow.dpatch
[SECURITY] Fix a remote buffer overflow that can result from a badly
formatted HB-ACK chunk
See CVE-2006-1857
* sctp-param-bound-checks.dpatch
[SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
checking code
See CVE-2006-1858
-- dann frazier <dannf@debian.org> Wed, 24 May 2006 19:57:56 -0500
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge2) stable-security; urgency=high
* Build against kernel-tree-2.6.8-16sarge1
* Add an ABI string to the package name. Use -3 to be consistent with most
other architectures.
* Add missing build-dep on module-init-tools
-- dann frazier <dannf@debian.org> Sun, 12 Feb 2006 10:53:28 -0700
2005
kernel-patch-powerpc-2.6.8 (2.6.8-12sarge1) stable-security; urgency=low
* Build against kernel-tree-2.6.8-16sarge1
-- dann frazier <dannf@debian.org> Wed, 23 Nov 2005 13:58:28 -0700
kernel-patch-powerpc-2.6.8 (2.6.8-12) unstable; urgency=high
* Rebuilding with added kernel-tree magic, as requested by the release
managers to handle the abi breaking kernel-source-2.6.8-14 upload.
* Also create the kernel-tree-version file in the documentation which
mentions against which kernel-tree we did build.
-- Sven Luther <luther@debian.org> Sun, 20 Mar 2005 08:03:08 +0100
kernel-patch-powerpc-2.6.8 (2.6.8-11) unstable; urgency=high
* Added kernel-source changelog in the kernel-image package.
* Added mkvmlinuz as dependency to kernel-image. This is just a plain
script, and will hold the debconfified postinst which will be run by
the kernel-image to select the bootloader stuff.
-- Sven Luther <luther@debian.org> Thu, 24 Feb 2005 07:59:54 +0100
kernel-patch-powerpc-2.6.8 (2.6.8-10) unstable; urgency=high
* Built against kernel-source 2.6.8-13 :
- add more USB card reader blacklist entries. Patch from Fedora via
Otavio Salvador <otavio@debian.org>. (Christoph Hellwig) (Bug #289247)
- Replace smbfs-overflow-fixes.patch with a newer version from 2.6.10-ac
that actually works. Thanks to S?ren Hansen <sh@warma.dk> for finding
and submitting it. (Christoph Hellwig) (Bug #283241).
- expand_stack_reorg.dpatch
Clean up mm/mmap.c's expand_stack() function, backported from
2.6.11-rcX. Needed for future security patches (Andres Salomon).
- [SECURITY] 034-stack_resize_exploit.dpatch
Fix exploitable race condition on SMP and HT systems where two
threads attempt to expand the stack at the same time. This is
CAN-2005-0001 (happy new year!) (Andres Salomon).
- [SECURITY] 035-do_brk_security_fixes-2.dpatch
Further do_brk fixes; just to be safe, lock everywhere do_brk
is used (Andres Salomon).
- Apply patch to fix compat cmsg_len checks (Christoph Hellwig).
- Backport EFI partition support fixes from 2.6.10. Patch supplied by Tore
Anderson <tore@debian.org> (Christoph Hellwig) (Bug #281905).
- scsi-ioctl.dpatch
Provide a warning about unknown opcodes (Andres Salomon).
-- Sven Luther <luther@debian.org> Sat, 29 Jan 2005 14:04:37 +0100
kernel-patch-powerpc-2.6.8 (2.6.8-9) unstable; urgency=high
* Built against kernel-source 2.6.8-12 :
- [powerpc - prep] Fix bad irq assignement for pci devices on motorola
powerstack boxes. (Closes: #287933) (Sven Luther)
- add dh_fixperms to the build targets to kernel-patch-debian-2.6.8
to ensure that the permissions of the files in this package are
sensible. (See: Bug#288279) (Simon Horman)
- [SECURITY] Fix vulnerability in the ELF loader code allowing
local attacker to execute code as root, CAN-2004-1235.
(Maximilian Attems)
- Added backport of qla1280 driver from 2.6.10. (Norbert Tretkowski)
- [SECURITY] 028-do_brk_security_fixes.dpatch
Drop Marcelo's fix for this; use Linus' instead.
Fix local root vulnerability for various do_brk() calls;
ensure an exclusive lock on memory while modifying it; CAN-2004-1235
(Andres Salomon) (Bug: #289155).
- [SECURITY] 029-random_poolsize_overflow.dpatch
drivers/char/random allows you to set the poolsize; its sanity checking
on that input isn's very good. We fix that here.
See http://seclists.org/lists/fulldisclosure/2005/Jan/0270.html for
more details. This fixes #3 on that list (Andres Salomon).
- [SECURITY] 030-moxa_user_copy_checking.dpatch
The moxa driver does some ugly things w/ signed integers. This fixes
#4 on Brad Spengler's advisory (Andres Salomon).
- [SECURITY] 031-sg_scsi_ioctl_int_overflows.dpatch
SG ioctl stuff doesn't actually check whether the scsi command length
is positive. #5 on the above advisory (Andres Salomon).
-- Sven Luther <luther@debian.org> Sat, 8 Jan 2005 14:47:16 +0100
2004
kernel-patch-powerpc-2.6.8 (2.6.8-8) unstable; urgency=high
* Moved remaining powerpc patches (pegasos-via-ide and legacy-serial)
to the common kernel-source package. (Sven Luther)
* Rebuilt against kernel-source-2.6.8-11. (Sven Luther)
* Removed kernel-patch-powerpc package, since all the powerpc patches are
now part of kernel-source. Next version of kernel-source-2.6.8 should have
a conflict/replace/provides, but for now please remove it by hand.
-- Sven Luther <luther@debian.org> Wed, 29 Dec 2004 11:42:34 +0100
kernel-patch-powerpc-2.6.8 (2.6.8-7) unstable; urgency=high
* Rebuilt against kernel-source 2.6.8-10.
- [SECURITY] Fix problems in binfmt_elf and binfmt_aout loaders; see
http://isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt for more
details (Andres Salomon).
- Adding drivers-serial-8250-ioremap-fix.dpatch: a patch from Alex
Williamson that prevents setserial from crashing the kernel.
See: http://marc.theaimsgroup.com/?l=linux-kernel&m=109913237604338&w=2
(Dann Frazier)
- Split out aic7xxx-update patch into separate changesets, and drop
the pci-id-table and hostraid changesets; people are still reporting
problems having the driver detect their controller (Andres Salomon).
- VLAN updates (Potential fix for: Bug#280743) (Simon Horman)
- copy_to_user checking in select.c
(Potential fix for: Bug#278183) (Simon Horman)
- Remove bogus DMA blacklist for RICOH CD-R/RW MP7083A (Maximilian Attems)
- tmpfs inode accounting leak fix (Maximilian Attems)
- Fix disconnected dentries on NFS exports (Maximilian Attems)
- [SECURITY] Further smbfs overflow fixes, stolen from -ac tree
(Andres Salomon).
* Enabled the USB IrDA FIR Dongle device driver (CONFIG_USB_IRDA), which
was apparently forgotten in the transition from 2.4.
* Modified debian/rules to easily create or not the kernel-image packages.
Drop the kernel-image metapackages since we have kernel-latest already.
(Sven Luther)
-- Sven Luther <luther@debian.org> Tue, 7 Dec 2004 10:43:26 +0100
kernel-patch-powerpc-2.6.8 (2.6.8-6) unstable; urgency=medium
* Built support for the - now fixed - VGA console into the kernel, and
added the VGA16 framebuffer as a module (closes: Bug#271852).
* Removed the root filesystem option from the built-in command line
(closes: Bug#270321, Bug#270326). On PReP, the kernel will find the
root filesystem anyway if it is located on the third partition of the
first hard disk. If you keep your root filesystem elsewhere, you will
find a detailed explanation on changing the built-in command line in
the NEWS.Debian file.
* Enabled the CONFIG_SCSI_MULTI_LUN option (closes: Bug#273673).
* Rebuilt against the latest revision 2.6.8-7 of kernel-source-2.6.8.
-- Jens Schmalzing <jensen@debian.org> Sun, 3 Oct 2004 11:40:28 +0200
kernel-patch-powerpc-2.6.8 (2.6.8-5) unstable; urgency=low
* Rebuilt against the latest revision 2.6.8-6 of kernel-source-2.6.8
(Jens Schmalzing).
-- Jens Schmalzing <jensen@debian.org> Mon, 13 Sep 2004 22:27:32 +0200
kernel-patch-powerpc-2.6.8 (2.6.8-4) unstable; urgency=low
* Rebuilt against the latest revision 2.6.8-5 of kernel-source-2.6.8
(Jens Schmalzing).
-- Jens Schmalzing <jensen@debian.org> Mon, 30 Aug 2004 15:33:27 +0200
kernel-patch-powerpc-2.6.8 (2.6.8-3) unstable; urgency=high
* Disabled the LED blinking on hard drive activity again, since it looks
ugly on some machines and gets on people's nerves (closes: #268359)
(Jens Schmalzing).
* Enabled default command-line options, which allows the majority of
PReP machines to boot unattended (Jens Schmalzing).
* Included an example script for debian/post-install in the kernel-patch
package. The script adds the glue that mkvmlinuz needs in order to
build a compressed bootable kernel from an uncompressed kernel and
optionally a ramdisk. This is mainly intended for users who want to
build their own initrd kernel-image packages on subarchs that don't
have a bootloader, but is also useful for creating rescue systems
capable of working around a broken bootloader installation
(Jens Schmalzing).
-- Jens Schmalzing <jensen@debian.org> Fri, 27 Aug 2004 14:28:58 +0200
kernel-patch-powerpc-2.6.8 (2.6.8-2) unstable; urgency=high
* Enabled the PPC 601 Fix config option (Sven Luther).
* Built the PowerMac floppy driver into the kernel, making it possible
to boot OldWorld PowerMacs using a miBoot floopy (Sven Luther).
* Rebuilt against the latest revision 2.6.8-4 of kernel-source-2.6.8,
pulling in a plethora of bug fixes (Jens Schmalzing).
-- Jens Schmalzing <jensen@debian.org> Thu, 26 Aug 2004 14:59:16 +0200
kernel-patch-powerpc-2.6.8 (2.6.8-1) unstable; urgency=high
* Removed binutils and oprofile patches as they are now upstream
(Sven Luther).
* Removed uhci.diff, which is not needed anymore since the g4-errata patch
fixes those issues in a better way (Sven Luther).
* Modified config files so CPU_FREQ is built only on powerpc (Sven Luther).
-- Sven Luther <luther@debian.org> Tue, 17 Aug 2004 19:46:36 +0200
kernel-patch-powerpc-2.6.7 (2.6.7-5) unstable; urgency=high
* Enabled psaux compatiblity driver, since not having it will break
2.4/2.6 dual kernel installs, as well as current X configuration
defaults (Sven Luther).
* Enabled forced IDE detection on early Xserve G4 (closes: Bug#263058)
(Jens Schmalzing).
* Added a binutils patch based on a mailing list post by Tom Rini, in
order to take care of the stricter opcode checking introduced by the
new GNU assembler 2.15 (closes: Bug#263057) (Jens Schmalzing).
* Rebuilt against the latest revision of kernel-source-2.6.7. Removed
the pegasos and g4-errata patches that have migrated there, matched
urgencies to synchronize entry into sarge (Jens Schmalzing).
* Suggest kernel-tree instead of kernel-source (Jens Schmalzing).
-- Jens Schmalzing <jensen@debian.org> Thu, 5 Aug 2004 19:22:22 +0200
kernel-patch-powerpc-2.6.7 (2.6.7-4) unstable; urgency=low
* Built the Matrox framebuffer driver into the kernel again (closes:
Bug#259250) (Jens Schmalzing).
* Removed a number of useless .config options to get the kernel size
down (Christoph Hellwig).
* Built the voodoo framebuffer driver into the kernel again (Sven Luther).
* Added G4 errata patch to fix stability problem with some G4 processors
(Sven Luther).
-- Jens Schmalzing <jensen@debian.org> Tue, 27 Jul 2004 17:10:28 +0200
kernel-patch-powerpc-2.6.7 (2.6.7-3) unstable; urgency=high
* Upgraded the pegasos.diff patch to the one submitted upstream (Sven
Luther).
* Built the console drivers for 8250/16550 and PowerMac Zilog serial
ports into the kernel (closes: Bug#256798). In order to keep the
overall size constant, framebuffer drivers for Matrox and Voodoo cards
are now built as modules (Jens Schmalzing).
* Modified the autobuilder hack in debian/rules to actually build the
architecture-independent package kernel-patch-powerpc on other archs
(closes: Bug#257752) (Jens Schmalzing).
* Added necessary files for mkvmlinuz PReP support, needs mkvmlinuz >= 7
(Sven Luther).
-- Jens Schmalzing <jensen@debian.org> Fri, 9 Jul 2004 17:00:11 +0200
kernel-patch-powerpc-2.6.7 (2.6.7-2) unstable; urgency=low
* Removed the Amiga SmartFilesystem (asfs) patch that has now been
integrated into kernel-source.
* Added a new and improved version of the UHCI host controller patch.
* Split a small VIA IDE driver hack from the rest of the Pegasos patch.
* Really enabled the OProfile profiling driver.
* Converted from kernel-source to kernel-tree.
-- Jens Schmalzing <jensen@debian.org> Thu, 24 Jun 2004 12:42:38 +0200
kernel-patch-powerpc-2.6.7 (2.6.7-1) unstable; urgency=low
* New upstream release (closes: Bug#252230). * Added a patch to stop the UHCI host controller driver from freezing G4 systems (closes: Bug#255086). * Removed two patches that are now included upstream. * Added a recommendation of hotplug to the kernel-image packages, to ease the transition for people upgrading from the old monolithic kernels. * Removed the recommendation of mkvmlinuz, since it is perfectly reasonable to go without this helper on most systems.
-- Jens Schmalzing <jensen@debian.org> Sat, 19 Jun 2004 22:16:13 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-6) unstable; urgency=low
* Upgraded the Amiga SmartFilesystem (asfs) patch to 1.0beta6 (closes:
Bug#252628).
* Added a patch from the 2.5 BenH tree to enable the OProfile profiling
system (closes: Bug#251708).
-- Jens Schmalzing <jensen@debian.org> Sun, 6 Jun 2004 16:15:18 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-5) unstable; urgency=low
* Worked around an annoying bug in the autobuilders, who are stupid
enough to try to build this package on non-powerpc archs and choke in
the attempt.
* Removed the patch adding monitor mode to the Airport card driver. It
is outdated, unstable, and was only intended as a placeholder from the
very beginning.
* Added a patch to improve support for the Radeon Mobility 9200 graphics
card built into some G4 iBooks (closes: Bug#251163).
* Added remarks about the machines supported by each kernel-image
package to the descriptions in debian/control (closes: Bug#251062).
-- Jens Schmalzing <jensen@debian.org> Fri, 28 May 2004 18:20:48 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-4) unstable; urgency=low
* Added a patch to fix the 8250 serial driver so it doesn't hang the
PowerMac G5 any more. This makes the g5 flavours obsolete, power4
should be used instead.
-- Jens Schmalzing <jensen@debian.org> Sun, 23 May 2004 19:47:29 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-3) unstable; urgency=low
* Made the kernel-build packages dependent on the kernel-headers
package, since they are completely useless without it.
* Built rivafb as a module (closes: Bug#248134). Apparently, the nv
driver from XFree86 works just as well on offb.
* Added dummy packages for keeping track of one flavour of the
kernel-image packages across releases.
-- Jens Schmalzing <jensen@debian.org> Sat, 22 May 2004 14:05:26 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-2) unstable; urgency=high
* Added a missing symbol export to arch/ppc/kernel/ppc_ksyms.c, which
broke a couple of filesystem drivers, including ext3. Hence the
urgency.
-- Jens Schmalzing <jensen@debian.org> Thu, 13 May 2004 15:57:31 +0200
kernel-patch-powerpc-2.6.6 (2.6.6-1) unstable; urgency=low
* New upstream release.
-- Jens Schmalzing <jensen@debian.org> Wed, 12 May 2004 16:44:57 +0200
kernel-patch-powerpc-2.6.5 (2.6.5-2) unstable; urgency=low
* Added missing build-time dependencies (closes: Bug#247288).
-- Jens Schmalzing <jensen@debian.org> Thu, 6 May 2004 07:56:13 +0200
kernel-patch-powerpc-2.6.5 (2.6.5-1) unstable; urgency=low
* Nothing like a fresh start from scratch.
-- Jens Schmalzing <jensen@debian.org> Thu, 8 Apr 2004 19:36:20 +0200