| 1 |
kernel-source-2.4.27 (2.4.27-5) UNRELEASED; urgency=high |
kernel-source-2.4.27 (2.4.27-9) UNRELEASED; urgency=low |
| 2 |
|
|
| 3 |
|
* There was a stray file in 2.4.27-8. Don't include it this time. |
| 4 |
|
(Simon Horman) (closes: Bug#291536) |
| 5 |
|
|
| 6 |
|
* Updated kernel-tree description from Martin F Krafft |
| 7 |
|
(Simon Horman) |
| 8 |
|
|
| 9 |
|
* Updated apply script so it can handle point versions |
| 10 |
|
(Simon Horman) |
| 11 |
|
|
| 12 |
|
* 134_skb_reset_ip_summed.diff: resolve checksumming exploit in |
| 13 |
|
fragmented packet forwarding (Joshua Kwan) |
| 14 |
|
|
| 15 |
|
* 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options |
| 16 |
|
data. (Joshua Kwan) |
| 17 |
|
|
| 18 |
|
* 136_vc_resizing_overflow.diff: [CAN-2004-1333] make sure VC resizing |
| 19 |
|
fits in 16 bits. (Joshua Kwan) |
| 20 |
|
|
| 21 |
|
* 137_io_edgeport_overflow.diff: [CAN-2004-1017] fix buffer overflow |
| 22 |
|
(underflow, really) that opens multiple attack vectors. (Joshua Kwan) |
| 23 |
|
|
| 24 |
|
* 138_amd64_syscall_vuln.diff: [CAN-2004--1144] fix the "int 0x80 hole" |
| 25 |
|
that allowed overflow of the system call table. (Joshua Kwan) |
| 26 |
|
|
| 27 |
|
* 139_sparc_context_switch.diff: fix FPU context switching dirtiness on |
| 28 |
|
sparc32 SMP. (Joshua Kwan) |
| 29 |
|
|
| 30 |
|
-- Joshua Kwan <joshk@triplehelix.org> Thu, 17 Feb 2005 22:46:04 -0800 |
| 31 |
|
|
| 32 |
|
kernel-source-2.4.27 (2.4.27-8) unstable; urgency=high |
| 33 |
|
|
| 34 |
|
* add dh_fixperms to the build targets to kernel-patch-debian-2.4.27 |
| 35 |
|
to ensure that the permissions of the files in this package are |
| 36 |
|
sensible. (closes: Bug#288279) (Simon Horman) |
| 37 |
|
* Turn a make conditional into a runtime conditional to allow debian/rules |
| 38 |
|
prune to work. (closes: #289682) (Joshua Kwan) |
| 39 |
|
|
| 40 |
|
Patches applied: |
| 41 |
|
|
| 42 |
|
* 121_drm-locking-checks-1.diff, 121_drm-locking-checks-2.diff: |
| 43 |
|
[SECURITY] Fix insufficient locking checks in DRM code; CAN-2004-1056 |
| 44 |
|
(Fabio M. Di Nitto, Dann Frazier, Simon Horman). (closes: Bug#285563) |
| 45 |
|
* 122_sec_brk-locked.diff |
| 46 |
|
[SECURITY] Fix vulnerability in the ELF loader code allowing |
| 47 |
|
local attacker to execute code as root; CAN-2004-1235. This is better |
| 48 |
|
known as the "uselib() bug". (closes: #289202) (Maximilian Attems) |
| 49 |
|
* 123_nfs_verify_eacces.diff |
| 50 |
|
Return -EACCES instead of -ESTALE to fix some NFS data loss bugs, already |
| 51 |
|
fixed in 2.6 but not in 2.4. (closes: #288046) (Joshua Kwan) |
| 52 |
|
* 124_random_poolsize_overflow.diff |
| 53 |
|
[SECURITY] Fix integer overflow in random poolsize sysctl. (Simon Horman) |
| 54 |
|
* 125_moxa_bound_checking.diff |
| 55 |
|
[SECURITY] Fix bounds checking in moxa serial driver. (Simon Horman) |
| 56 |
|
* 126_rlimit_memlock_dos.diff |
| 57 |
|
[SECURITY] Fix RLIMIT_MEMLOCK local DoS (Simon Horman) |
| 58 |
|
* 127_fs_coda_coverty.diff |
| 59 |
|
[SECURITY] Untrusted user data in kernel. (Maxmilian Attems) |
| 60 |
|
* 128_net_fose_coverty.diff |
| 61 |
|
[SECURITY] Fix Coverity reported lack of bounds checking rose_rt_ioctl. |
| 62 |
|
(Maximilian Attems) |
| 63 |
|
* 129_net_sdla_coverty.diff |
| 64 |
|
[SECURITY] Fix sdla_xfer lack of bounds checking, reported by Coverity. |
| 65 |
|
(Maximilian Attems) |
| 66 |
|
* 130_fs_xfs_coverty.diff |
| 67 |
|
[SECURITY] Fix xfs_attrmulti_by_handle lack of bounds checking, reported |
| 68 |
|
by Coverity. (Maximilian Attems) |
| 69 |
|
* 131_expand_stack_race.diff |
| 70 |
|
[SECURITY] Fix expand_stack race in mm.h; see CAN-2005-0001. |
| 71 |
|
* 127_acpi_off.diff |
| 72 |
|
Do not do acpi_early_init() if acpi=off is in effect. |
| 73 |
|
(closes: #290039, #290013, #289517, #288712, #285521, #288272) |
| 74 |
|
(Simon Horman) |
| 75 |
|
* 133_strncpy_zero_pad.diff |
| 76 |
|
[SECURITY] Make sure strncpy null terminates strings. (CAN-2003-0465) |
| 77 |
|
Fix for s390x, ppc64 and s390. mips and alpha are still unfixed. |
| 78 |
|
N.B. This bug appears to be minor at best |
| 79 |
|
http://marc.theaimsgroup.com/?l=linux-kernel&m=105796021120436&w=2 |
| 80 |
|
(See: #280492) (Simon Horman) |
| 81 |
|
|
| 82 |
|
-- Simon Horman <horms@debian.org> Tue, 18 Jan 2005 17:15:51 +0900 |
| 83 |
|
|
| 84 |
|
kernel-source-2.4.27 (2.4.27-7) unstable; urgency=low |
| 85 |
|
|
| 86 |
|
* 113-unix-serialization.diff: |
| 87 |
|
Security: Add missing serialization to unix_dgram_recvmsg() which otherwise |
| 88 |
|
could lead to elevated previleges (CAN-2004-1068) (dann frazier) |
| 89 |
|
* 114-binfmt_aout-CAN-2004-1074.diff: |
| 90 |
|
Security: Fix a potential oops using a malformed a.out binary |
| 91 |
|
(CAN-2004-1074) (dann frazier) |
| 92 |
|
* 115_tty_lockup-3.diff: Fix an unterminated comment (dann frazier) |
| 93 |
|
* 116-cmsg-validation-checks.patch, 118-cmsg-validation-checks-compat.patch: |
| 94 |
|
Patches from Herbert Xu and David Miller fixing CMSG validation wrt |
| 95 |
|
signedness - thanks to Andre Tornt for pointing it out (CAN-2004-1016) |
| 96 |
|
(dann frazier) |
| 97 |
|
* 117-igmp-source-filter-fixes.patch: IGMP source filter fixes |
| 98 |
|
(CAN-2004-1137) (dann frazier) |
| 99 |
|
* 119-acpi_early-build.diff: Build fix for ACPI |
| 100 |
|
(Closes: #286226) (Simon Horman) |
| 101 |
|
* 093-tty_lockup-3.diff: Updated patch for race conditions in |
| 102 |
|
linux terminal subsystem from uptream (CAN-2004-0814) (Simon Horman) |
| 103 |
|
* 097-elf_loader_overflow-3.diff, 097-elf_loader_overflow-4.diff: |
| 104 |
|
Update ELF loader error handling and check for invalid binaries. |
| 105 |
|
(Simon Horman) |
| 106 |
|
* 120_sparc_ET_DYN_BASE.diff: revert crazy ld behavior that was put in |
| 107 |
|
place to make an obscure corner case work. closes: #268450 |
| 108 |
|
|
| 109 |
|
-- Joshua Kwan <joshk@triplehelix.org> Sun, 26 Dec 2004 11:34:05 -0800 |
| 110 |
|
|
| 111 |
|
kernel-source-2.4.27 (2.4.27-6) unstable; urgency=low |
| 112 |
|
|
| 113 |
|
* Split out many monolithic diffs into smaller diffs for easy submission |
| 114 |
|
to upstream. (Dann Frazier) |
| 115 |
|
* Annotate all diffs for the same purpose. (Dann Frazier) |
| 116 |
|
* Fix $(upstream) regex, thanks Michael Tokarev. (Joshua Kwan) |
| 117 |
|
* 089_alpha_include_ptrace.diff: |
| 118 |
|
Add asm/ptrace.h include as it is needed for pt_regs. |
| 119 |
|
(Closes: #271533) (Simon Horman) |
| 120 |
|
* 090_setkey_spddelete.diff: |
| 121 |
|
Fix for bug which causes spddelete of individual entries using setkey |
| 122 |
|
to fail. Teddy Hogeborn <teddy@fukt.bth.se> |
| 123 |
|
(Closes: #272719) (Simon Horman) |
| 124 |
|
* 091_disambiguate_sym53c8xx.diff: |
| 125 |
|
Disambiguate sym53c8xx driver name. (Josh Kwan) |
| 126 |
|
* 092_sparc64_hme_lockup.diff: |
| 127 |
|
Add workaround for broken Happy Meal ethernet controllers. |
| 128 |
|
(Closes: #275485) (Simon Horman) |
| 129 |
|
* 093_tty_lockup.diff, 093_tty_lockup-2.diff: |
| 130 |
|
Security: fix race conditions in linux terminal subsystem |
| 131 |
|
[CAN-2004-0814] (Closes: #277681) (Simon Horman) |
| 132 |
|
* 094_menuconfig_crash.diff |
| 133 |
|
Fix menuconfig crash due to infinite recursion (Maximilian Attems) |
| 134 |
|
* 095_sparc32_initrd_memcpy.diff: |
| 135 |
|
Apply patch by Jurij Smakov that fixes bad memcpy() behavior on |
| 136 |
|
sparc32, especially with respect to loading ramdisks. (Joshua Kwan) |
| 137 |
|
* 096_megaraid2_proc_name.diff: |
| 138 |
|
Fix megaraid2's proc_name so ramdisks are built correctly. (Joshua Kwan) |
| 139 |
|
* 097-elf_loader_overflow-1.diff, 097-elf_loader_overflow-2.diff: |
| 140 |
|
Fix multiple vulnerablilities in the ELF loader. (Simon Horman) |
| 141 |
|
* 098-elf_huge_bbs-1.diff, 098-elf_huge_bbs-2.diff: |
| 142 |
|
Fix problems with loading ELF executables with a huge BBS. (Simon Horman) |
| 143 |
|
* 099-applicom-leak-fix.diff: |
| 144 |
|
Fix leak and copy_user in applicom dirver (Simon Horman) |
| 145 |
|
* 100-xfs-lock-leak-fix.diff: |
| 146 |
|
Fix lock leak in xfs_free_file_space (Simon Horman) |
| 147 |
|
* 101-cbq-sheduler-leak-fix.diff: |
| 148 |
|
Fix class leak in CBQ scheduler (Simon Horman) |
| 149 |
|
* 102-nsc-ircc-oops-fix.diff: |
| 150 |
|
Fix oops in nsc-ircc if dongle id is out of range (Simon Horman) |
| 151 |
|
* 103-enter-acpi-early.diff: |
| 152 |
|
Fix boot failures that result from buggy SMM BIOS code by |
| 153 |
|
entering ACPI mode earlier. (Simon Horman) |
| 154 |
|
* 104-jfs-memory-leak.diff: |
| 155 |
|
Fix memory leak in JFS __invalidate_metapages. (Simon Horman) |
| 156 |
|
* 105-raid1-error-locks-fix.diff: |
| 157 |
|
Fix error handling locks in RAID1. (Simon Horman) |
| 158 |
|
* 106-sunclinkmp-oops-fix.diff: |
| 159 |
|
Fix oops in synclinkmp. (Simon Horman) |
| 160 |
|
* 107-hiddev-devfs-oops-fix.diff: |
| 161 |
|
Fix hiddev devfs oops. (Simon Horman) |
| 162 |
|
* 108-usb-devices-crash-fix.diff] |
| 163 |
|
Fix crash with cat /proc/bus/usb/devices and disconnect. (Simon Horman) |
| 164 |
|
* 109-proc-delete-inode-1.diff, 109-proc-delete-inode-2.diff: |
| 165 |
|
Fix oops in proc_delete_inode. (Simon Horman) |
| 166 |
|
* 110-asus-boot-crash-fix.diff: |
| 167 |
|
Fix ASUS boot crash. (Simon Horman) |
| 168 |
|
* 111-smb-client-overflow-fix-2.diff, 111-smb-client-overflow-fix-1.diff: |
| 169 |
|
Fix SMBFS client overflow. (Simon Horman) |
| 170 |
|
* 112-intermezzo-slab-leak-fix.diff: |
| 171 |
|
Fix intermezzo slab allocator leak. (Simon Horman) |
| 172 |
|
|
| 173 |
|
-- Simon Horman <horms@debian.org> Wed, 1 Dec 2004 12:08:10 +0900 |
| 174 |
|
|
| 175 |
|
kernel-source-2.4.27 (2.4.27-5) unstable; urgency=high |
| 176 |
|
|
| 177 |
* Fix a goofup in debian/apply that didn't really affect normal users. |
* Fix a goofup in debian/apply that didn't really affect normal users. |
| 178 |
* 070_ide_scan_pcibus.diff: Add this very crucial hunk of code that was |
* 070_ide_scan_pcibus.diff: Add this very crucial hunk of code that was |
Parent Directory
| 
Revision Log
| 
Patch