kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody7) oldstable-security; urgency=high

  * Rebuild against kernel-source-2.4.17_2.4.17-1woody4.
    * Disabled O_DIRECT (CAN-2003-0018):
      . fs/fcntl.c
      . fs/open.c
    * Backport final ioport fix (CVE-2003-0246)
    * Made /proc/tty/driver root-only (CAN-2003-0461):
      . include/linux/proc_fs.h
      . fs/proc/generic.c
      . fs/proc/proc_tty.c
    * Fix race condition in execve env_start/env_end initialization.
      (CVE-2003-0462)
      . fs/proc/base.c
    * Fixed ptrace/proc bug in fs/proc/base.c (CAN-2003-0501).
    * [SECURITY] Make sure strncpy null terminates strings. (CAN-2003-0465)
      Fix for s390x and s390. mips and alpha are still unfixed.
      N.B. This bug appears to be minor at best
      http://marc.theaimsgroup.com/?l=linux-kernel&m=105796021120436&w=2
    * Fix unauthorized file descriptor read vulnerability.  (CAN-2003-0476)
    * Fixed bridging security issues (CAN-2003-055[012]):
      . net/bridge/br_fdb.c
      . net/bridge/br_if.c
      . net/bridge/br_input.c
      . net/bridge/br_private.h
      . net/bridge/br_stp_bpdu.c
    * Applied patch from John Byrne <john.l.byrne@hp.com> for Linux 2.4.26
      to fix local denial of service in do_fork()
      <http://marc.theaimsgroup.com/?l=linux-kernel&m=108139073506983&w=2>
      [kernel/fork.c, CAN-2004-0427]
    * Applied patch by Marcelo Tosatti <marcelo.tosatti@cyclades.com> to fix
      potential memory access to free memory in /proc handling
      [fs/proc/base.c, CAN-2005-0489]
    * Applied patch by Marcelo Tosatti <marcelo.tosatti@cyclades.com> to fix
      a possible buffer overflow in panic() [kernel/panic.c, CAN-2004-0394]
    * Applied patch by David Mosberger <davidm@napali.hpl.hp.com> to fix
      local denial of service in combination with gdb 6.x and NPTL on IA-64
      <http://marc.theaimsgroup.com/?l=linux-ia64&m=108026377907667&w=2>
      [arch/ia64/kernel/unwind.c, CAN-2004-0447]
    * Applied patch by Alexander Nyberg and Andi/Sergey to fix local denial
      of service.  <http://linuxreviews.org/news/2004-06-11_kernel_crash/>
      [include/asm-i386/i387.h, CAN-2004-0554]
    * Applied patch by Arun Sharma <arun.sharma@intel.com> to fix register
      information leak on the IA64 architecture
      <http://lia64.bkbits.net:8080/to-linus-2.5/cset@1.1726.29.7>
      [include/asm-ia64/system.h, CAN-2004-0565]
    * Backported patch by Mark Cox to fix information leak by initialising
      allocated data structures [drivers/usb/serial/io_edgeport.c,
      drivers/sound/audio.c, drivers/usb/vicam.c, CAN-2004-0685]
      <http://linux.bkbits.net:8080/linux-2.4/cset@410582380U3H9KOx8J2YZmMT0bhXQw>
    * Applied patch from Marcelo Tosatti to fix i386 SMP page fault handler
      privilege escalation [include/linux/mm.h, CAN-2005-0001]
    * Applied patch by Stefan Esser to fix missing boundary checks
      [fs/smbfs/proc.c, fs/smbfs/sock.c, CAN-2004-0883]
    * Applied patch by Stefan Esser to fix information leak
      [fs/smbfs/sock.c, CAN-2004-0949]
    * Applied patch by Herbert Xu to fix a denial of service in scm_send()
      <http://linux.bkbits.net:8080/linux-2.4/cset@41b76e94BsJKm8jhVtyDat9ZM1dXXg>,
      added patch by Marcus Meissner to fix more 64/32 bit compatibility
      code, added additional patch by Olaf Kirch and Marcus Meissner for
      type correction [arch/ia64/ia32/sys_ia32.c,
      arch/s390x/kernel/linux32.c, include/linux/socket.h, net/core/scm.c,
      net/ipv4/ip_sockglue.c, net/ipv6/datagram.c, CAN-2004-1016]
    * Applied patch by Thiemo Seufer to fix local ptrace root in the MIPS
      ptrace implementation [arch/mips/kernel/scall_o32.S,
      arch/mips/tools/offset.c, arch/mips64/kernel/scall_64.S,
      arch/mips64/kernel/scall_o32.S, CAN-2004-0997]
    * Applied patch by Marcelo Tosatti to fix integer overflow in the
      vc_resize() function [drivers/char/console.c, CAN-2004-1333]
    * Applied patch by Dave Miller to fix memory leak in ip_options_get()
      [net/ipv4/ip_options.c, CAN-2004-1335]
    * Applied patch by Greg Kroah-Hartman to fix buffer overflow and crash
      [drivers/usb/serial/io_edgeport.c, CAN-2004-1017]
    * Applied patch by Jan Harkes to fix to add bounds checking for tainted
      scalars [include/linux/coda.h, fs/coda/upcall.c, CAN-2005-0124]
    * Applied patch by Andrea Arcangeli from 2.4.24 to fix privilege
      escalation in the mremap() syscall [mm/mremap.c, CAN-2004-nnnn]
    * Applied patch by Tom Rini to fix information leak
      [drivers/char/efirtc.c, drivers/char/rtc.c, drivers/macintosh/rtc.c,
      drivers/sbus/char/rtc.c, CAN-2003-0984]
    * Applied patch by Chris Wright to fix wrong return value check while
      filling kernel buffers [fs/binfmt_elf.c, CAN-2004-1070]
    * Applied patch by Chris Wright to fix incorrect error behaviour when
      mmap() fails [fs/binfmt_elf.c, CAN-2004-1071]
    * Applied patch by Chris Wright to fix NULL termination vulnerability
      when reading an interpreter [fs/binfmt_elf.c, CAN-2004-1072]
    * Applied patch by Chris Wright to fix reading of non-readable ELF
      binaries [fs/binfmt_elf.c, CAN-2004-1073]
    * Applied patch by Chris Wright to not insert overlapping regions in
      setup_arg_pages() [fs/exec.c, associated to CAN-2004-1074]
    * Applied patch by Chris Wright to fix error handling in do_brk() when
      setting up bss in a.out [fs/binfmt_aout.c, CAN-2004-1074]
    * Applied patch by Chris Wright to denial of service in the ELF loader
      when the interpreter architecture doesn't match the current one
      <http://linux.bkbits.net:8080/linux-2.4/cset@4021346f79nBb-4X_usRikR3Iyb4Vg>
      [fs/binfmt_elf.c, CAN-2004-0138]
    * Applied patch by Dave Miller to serialize dgram read using semaphore
      [net/unix/af_unix.c, CAN-2004-1068]
    * Applied patch by Chris Wright to fix denial of service in the ELF loader
      <http://linux.bkbits.net:8080/linux-2.4/cset@4076466d_SqUm4azg4_v3FIG2-X6XQ>
      [fs/binfmt_elf.c, CAN-2004-1234]
    * Backported patch by Nanhai Zou from 2.6 to fix denial of service via
      broken executables [arch/ia64/ia32/binfmt_elf32.c,
      arch/ia64/mm/init.c, fs/exec.c, include/linux/mm.h, mm/mmap.c,
      CAN-2005-0003]
    * Backported patch by Chris Wright and Simon Heywood to fix a race
      conditions in the uselib calls for ELF and a.out formats
      [arch/mips/kernel/irixelf.c, arch/sparc64/kernel/binfmt_aout32.c,
      fs/binfmt_aout.c, fs/binfmt_elf.c, CAN-2004-1235]
    * Applied patch by Brad Spengler to fix integer overflow in the moxa
      serial driver [drivers/char/moxa.c, CAN-2005-0504]
    * Applied patch by Ben Martel and Stephen Blackheath to fix a remote
      denial of service [drivers/net/ppp_async.c, CAN-2005-0384]
    * Backported patch by Keith Owens to fix a locally induced crash on
      IA-64 machines [arch/ia64/kernel/unwind.c, CAN-2005-0135]

 -- dann frazier <dannf@debian.org>  Wed, 17 May 2006 18:18:54 -0500

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody6) stable-security; urgency=low

  * Rebuild against kernel-source-2.4.17_2.4.17-1woody3 to fix
    - a possible roothole in ncpfs discovered by Arjan van de Ven
      <arjanv@devserv.devel.redhat.com> [fs/ncpfs/dir.c, CAN-2004-0010]
    - a local root exploit in iso9660 [fs/isofs/rock.c, CAN-2004-0109]
    - a local root exploit in the R128 DRI code 
      [drivers/char/drm/r128_state.c, CAN-2004-0003]
    - an information leak in ext3 journal creation 
      [fs/jbd/journal.c, CAN-2004-0177]
    - a local denial of service in the Sound Blaster driver
      [drivers/sound/sb_audio.c, CAN-2004-0178]
  * Added versioned build-dependency on kernel-source >= 2.4.17-1woody3

 -- Karsten Merker <merker@debian.org>  Tue, 13 Apr 2004 21:16:34 +0200

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody5) stable-security; urgency=low

  * Applied patch extracted from Solar Designer's Owl patched kernel to
    fix local privilege escalation discovered by Paul Starzetz
    (CAN-2004-0077)

 -- Guido Guenther <agx@debian.org>  Mon,  9 Feb 2004 15:57:46 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody4) stable-security; urgency=low

  * do_brk security fix (CAN-2003-0961)
  * don't build mips-tools on mips since we have a newer version in
    kernel-patch-2.4.19-mips which is also in woody.

 -- Guido Guenther <agx@debian.org>  Sat, 17 Jan 2004 14:18:00 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody3) stable-security; urgency=low

  * apply do_mremap security fix (CAN-2003-0985) 

 -- Guido Guenther <agx@debian.org>  Wed,  7 Jan 2004 17:45:38 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody2) stable-security; urgency=low

  * backout our ptrace fix since this is fixed in kernel-source-2.4.17-1woody1
  * Rebuilt against new kernel-source-2.4.17-1woody1 which fixes:
    - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device
      drivers do not pad frames with null bytes, which allows remote
      attackers to obtain information from previous packets or kernel
      memory by using malformed packets
    - CAN-2003-0127: The kernel module loader allows local users to gain
      root privileges by using ptrace to attach to a child process that
      is spawned by the kernel
    - CAN-2003-0244: The route cache implementation in Linux 2.4, and the
      Netfilter IP conntrack module, allows remote attackers to cause a
      denial of service (CPU consumption) via packets with forged
      source addresses that cause a large number of hash table
      collisions related to the PREROUTING chain
    - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier
      does not properly restrict privileges, which allows local users to
      gain read or write access to certain I/O ports.
    - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux
      kernels 2.4.18 and earlier on x86 systems allow local users to kill
      arbitrary processes via a a binary compatibility interface (lcall)
    - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to
      modify CPU state registers via a malformed address.
    - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4
      allows attackers to cause a denial of service ("kernel oops")
    - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux
      kernel 2.4 allows remote attackers to cause a denial of service (CPU
      consumption) via certain packets that cause a large number of hash
      table collisions
  * remove Readme.Debian from the diff

 -- Guido Guenther <agx@debian.org>  Thu, 12 Jun 2003 10:03:59 +0200

kernel-patch-2.4.17-mips (2.4.17-0.020226.2.woody1) stable-security; urgency=high

  * ptrace security fix

 -- Guido Guenther <agx@debian.org>  Sun, 23 Mar 2003 22:34:31 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020226.2) unstable; urgency=low

  * On IP22 link in scsi-cdrom and iso9660 statically (Closes: #144412)
  * this bloats the kernel so much that it will overwrite arcboot (<<0.3.1)
    during boot, so I added a versioned conflict
  * Corrupted pixmaps in X are now a thing of the past - fixed by a cache
    aliasing patch from Steve Longerbeam & Jun Sun posted to linux-mips

 -- Guido Guenther <agx@debian.org>  Sun, 28 Apr 2002 15:55:35 +0200

kernel-patch-2.4.17-mips (2.4.17-0.020226.1) unstable; urgency=low

  * addinitrd fixups: open the source image O_RDONLY and make sure we don't
    overwrite the kernel's data segment unintentionally.
  * remove BKL and fix potential race on SMP systems in IP22 watchdog driver
    (patch by Dave Hansen)
  * Karsten: backport of the DECstation keyboard driver fixes from the current
    cvs kernel, needed to make the kernel work on machines without keyboard
    (previous version hung infinitely when no keyboard was attached)

 -- Guido Guenther <agx@debian.org>  Wed,  3 Apr 2002 15:25:03 +0200

kernel-patch-2.4.17-mips (2.4.17-0.020226) unstable; urgency=low

  * update to CVS 2002-02-26
  * include r3k-swap-patch from linux-mips list (this should finally
    make r3k decstations work)
  * IP22 watchdog driver included upstream
  * use make-kpkg --append-to-version instead of --arch_in_name to
    make sure we can install kernel images of different subarches
    at the same time.
  * add updated decstation configs from Karsten Merker
  * fix apply/0mips mipsel vs mips breakage (patch by Karsten Merker)

 -- Guido Guenther <agx@debian.org>  Mon, 11 Mar 2002 10:28:37 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020130.1) unstable; urgency=medium

  * *** Important: ***
    We now ship an ELF instead of an ECOFF image on mips since this is 
    what arcboot expects. Old I2 proms will not boot this kernel unless 
    you either use arcboot(recommended) or use elf2ecoff before putting 
    the kernel into the vh.
  * incorporate proper mipsel support so we can build mips and mipsel
    images from this source packages(thanks to Karsten Merker
    <merker@debian.org> for .configs and descriptions)
  * mips images now suggest arcboot instead of dvhtool
  * README.Debian and debian/control cleanup
  * elf2ecoff/addinitrd changes applied upstream
  * add IP22 watchdog driver
  * fix depmod tumbling over non ELF files in toplevel makefile
  * urgency=medium so this package makes it into the archive before
    arcboot

 -- Guido Guenther <agx@debian.org>  Sat,  2 Feb 2002 16:32:36 +0100

kernel-patch-2.4.17-mips (2.4.17-0.020130) unstable; urgency=low

  * new upstream version
  * build mips-tools package for mipsel too.
  * machtype in /proc/cpuinfo is fixed upstream again, so remove
    our patch.
  * cleanup our "don't crash the I2 on boot" patch
  * enable the HAL2 driver

 -- Guido Guenther <agx@debian.org>  Wed, 30 Jan 2002 23:35:28 +0100

kernel-patch-2.4.16-mips (2.4.16-0.011212.1) unstable; urgency=low

  * fix /proc/cpuinfo to make autoconf, XFree86 and boot-floppies
    happy

 -- Guido Guenther <agx@debian.org>  Sun, 16 Dec 2001 14:50:26 +0100

kernel-patch-2.4.16-mips (2.4.16-0.011212) unstable; urgency=low

  * New upstream version
  * rework newport_dont_crash patch since ip22 specific files
    moved to arch/mips/sgi-ip22
  * remove unnecessary kernel-{patch,images} targets from debian/rules
  * small addinitrd/elf2ecoff cleanups
  * build mips-tools package containing addinitrd and elf2ecoff

 -- Guido Guenther <agx@debian.org>  Mon,  3 Dec 2001 00:57:47 +0100

kernel-patch-2.4.14-mips (2.4.14-0.011112.1) unstable; urgency=low

  * add build-dependency on modutils(depmod) & console-tools(loadkeys)
    since those are needed to build the kernel-images
  * cleanup debian/rules a bit

 -- Guido Guenther <agx@debian.org>  Mon, 19 Nov 2001 20:25:50 +0100

kernel-patch-2.4.14-mips (2.4.14-0.011112) unstable; urgency=medium

  * New upstream version
  * urgency=medium due to general kernel security fixes
  * arch/mips/kernel/setup.c now includes the initrd updates but
    arch/mips/kernel/boot/addinitrd.c doesn't, so keep that part for now

 -- Guido Guenther <agx@debian.org>  Mon, 12 Nov 2001 22:00:06 +0100

kernel-patch-2.4.9-mips (2.4.9-0.010928.3) unstable; urgency=low

  * pull in more fixes from oss cvs, mostly:
     - copy_{to,from}_user
     - lots of math-emu stuff
     - sys_sysmips
  * remove fast_sysmips patch, since this is fixed in cvs now
  * don't include .#* cvs leftovers
  * enable more modules on ip22

 -- Guido Guenther <agx@debian.org>  Thu, 11 Oct 2001 20:58:13 +0200

kernel-patch-2.4.9-mips (2.4.9-0.010928.2) unstable; urgency=low

  * make-kpkg now properly handles the mkcramfs/cramfsck nonsense, 
    so rebuild the diff

 -- Guido Guenther <agx@debian.org>  Mon,  8 Oct 2001 23:56:35 +0200

kernel-patch-2.4.9-mips (2.4.9-0.010928.1) unstable; urgency=low

  * add addinitrd patch and enable initrd by default

 -- Guido Guenther <agx@debian.org>  Tue,  2 Oct 2001 20:30:04 +0200

kernel-patch-2.4.9-mips (2.4.9-0.010927) unstable; urgency=low

  * New upstream version
  * build sound module for ip22 (no - sound still doesn't work)
  * Added Flo's MIPS_ATOMIC_SET implementation (ll/sc CPUs only)
  * Changed dependency on kernel-source-2.4.X to recommends
    kernel-source-2.4.X

 -- Guido Guenther <agx@debian.org>  Fri, 28 Sep 2001 03:41:37 +0200

kernel-patch-2.4.5-mips (2.4.5-0.20010728.2) unstable; urgency=low

  * add 'provides kernel-image-2.4' to debian/control
  * ip22 kernel-images recommend dvhtool
  * compile in the loopdevice statically (needed for bootdisks)

 -- Guido Guenther <agx@debian.org>  Tue, 31 Jul 2001 21:20:39 +0200

kernel-patch-2.4.5-mips (2.4.5-0.20010728.1) unstable; urgency=low

  * update to latest cvs head
  * add some comments about crosscompiling

 -- Guido Guenther <agx@debian.org>  Thu, 26 Jul 2001 21:51:20 +0200

kernel-patch-2.4.5-mips (2.4.5-0.20010721.2) unstable; urgency=low

  * build at least some modules for ip22
  * add r4k-decstation config by Karsten Merker

 -- Guido Guenther <agx@debian.org>  Mon, 23 Jul 2001 02:24:08 +0200

kernel-patch-2.4.5-mips (2.4.5-0.20010721.1) unstable; urgency=low

  * fix wrong 2.4.4 reference in dirs
  * weed out last powerpc references
  * add build dependency on debhelper

 -- Guido Guenther <agx@debian.org>  Sun, 22 Jul 2001 21:42:22 +0200

kernel-patch-2.4.5-mips (2.4.5-0.20010721) unstable; urgency=low

  * first shot at a kernel package for mips based on the powerpc
    kernel-patch package
  * added patch to stop i2 from crashing with newport driver
  * added Flo's first sysmips patch

 -- Guido Guenther <agx@debian.org>  Sat, 21 Jul 2001 19:36:40 +0200

