kernel-patch-2.4.17-s390 (0.0.20020816-0.woody.4) oldstable-security; urgency=high

  * Rebuild against kernel-source-2.4.17 (2.4.17-1woody4).

 -- dann frazier <dannf@dannf.org>  Sun, 18 Dec 2005 15:01:58 -0700

kernel-patch-2.4.17-s390 (0.0.20020816-0.woody.3) stable-security; urgency=high

  * Rebuild against latest kernel-source-2.4.17-1woody2, which includes
    the follwing additional security fixes:
    - Applied patch by Petr Vandrovec <vandrove@vc.cvut.cz> to fix a
      possible roothole in ncpfs discovered by Arjan van de Ven
      <arjanv@devserv.devel.redhat.com> [fs/ncpfs/dir.c, CAN-2004-0010]
    - Applied patch by Sebastian Krahmer <krahmer@suse.de> and Ernie
      Petrides <petrides@redhat.com> to fix a local root exploit in iso9660
      [fs/isofs/rock.c, CAN-2004-0109]
    - Applied patch by Alan Cox and Thomas Biege to fix local root exploit
      in the R128 DRI code [drivers/char/drm/r128_state.c, CAN-2004-0003]
    - Applied additional patch by Ernie Petrides <petrides@redhat.com> to
      fix another intance of the same
    - Applied patch by Theodore Ts'o <tytso@mit.edu> to fix an information
      leak in ext3 journal creation [fs/jbd/journal.c, CAN-2004-0177]
    - Applied patch by Andreas Kies <andikies@t-online.de> to fix local
      denial of service in the Sound Blaster driver
      [drivers/sound/sb_audio.c, CAN-2004-0178]

 -- Arnd Bergmann <arnd@debian.org>  Sun, 11 Apr 2004 22:41:00 +0200

kernel-patch-2.4.17-s390 (0.0.20020816-0.woody.2) stable-security; urgency=high
  * Rebuild against latest kernel-source-2.4.17-1woody2), which includes
    the follwing additional security fixes:
    - CAN-2003-0961: Added TASK_SIZE check to do_brk() [mm/mmap.c]
    - CAN-2003-0985: Applied patch by Andrea Arcangeli to fix local 
      privilege escalation discovered by Paul Starzetz [mm/mremap.c]
    - CAN-2004-0077: Applied patch extracted from Solar Designer's Owl 
      patched kernel to fix local privilege escalation discovered by Paul
      Starzetz [mm/mremap.c]
    - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device
      drivers do not pad frames with null bytes, which allows remote
      attackers to obtain information from previous packets or kernel
      memory by using malformed packets
    - CAN-2003-0244: The route cache implementation in Linux 2.4, and the
      Netfilter IP conntrack module, allows remote attackers to cause a
      denial of service (CPU consumption) via packets with forged
      source addresses that cause a large number of hash table
      collisions related to the PREROUTING chain
    - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier
      does not properly restrict privileges, which allows local users to
      gain read or write access to certain I/O ports.
    - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux
      kernels 2.4.18 and earlier on x86 systems allow local users to kill
      arbitrary processes via a a binary compatibility interface (lcall)
    - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to
      modify CPU state registers via a malformed address.
    - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4
      allows attackers to cause a denial of service ("kernel oops")
    - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux
      kernel 2.4 allows remote attackers to cause a denial of service (CPU
      consumption) via certain packets that cause a large number of hash
      table collisions
  * Resolve a conflict between the previous fix for CAN-2003-0127 and the
      new kernel-source
  * New Maintainer

 -- Arnd Bergmann <arnd@debian.org>  Wed, 18 Feb 2004 10:45:08 +0100

kernel-patch-2.4.17-s390 (0.0.20020816-0.woody.1.1) stable-security; urgency=high

  * NMU
  * Added an s390 specific patch for the ptrace vulnerability,
    provided by Martin Schwidefsky <schwidefsky@de.ibm.com>.

 -- Arnd Bergmann <arnd@arndb.de>  Fri, 28 Mar 2003 15:53:03 +0100

kernel-patch-2.4.17-s390 (0.0.20020816-0.woody.1) stable; urgency=high

  * Integrated a new kernel-patch from the IBM Developerworks
    website (released on 2002.06.12).
    This patch fixes the DASD deadlock problem and some other severe
    problems.
  * Removed NMU DASD deadlock fix.
  * Integrated a new kernel-patch from the IBM Developerworks
    website (released on 2002.08.16).
    This patch fixes a problem related to the IUCV driver.

 -- Jochen Rhrig <jr@debian.org>  Fri, 20 Sep 2002 21:05:38 +0000

kernel-patch-2.4.17-s390 (0.0.20020415-1.1) unstable; urgency=high

  * NMU
  * Include DASD deadlock fix

 -- Stefan Gybas <sgybas@debian.org>  Mon, 29 Apr 2002 21:01:09 +0200

kernel-patch-2.4.17-s390 (0.0.20020415-1) unstable; urgency=high

  * Added a new patch from the IBM Developerworks website (released on
    2002.04.15).
  * Added cpint-patch by Neale Ferguson which allows to invoke CP commands
    from Linux.                                              closes: Bug#142202
  * Added cmsfs-patch by Rick Troth <rtroth@bmc.com> which enables read
    only access to CMS disks.
  * Added a patch which fixes kernel compilation failure with some
    configurations.                                          closes: Bug#142335

 -- Jochen Rhrig <jr@debian.org>  Tue, 16 Apr 2002 19:03:11 +0200

kernel-patch-2.4.17-s390 (0.0.20020304-1) unstable; urgency=low

  * New upstream release. 
  * Replaced 2.4.16-patch by the inital 2.4.17-patch from the IBM
    Developerworks website (released on 2002.02.05).
  * Added a new patch from the IBM Developerworks website (released on
    2002.03.04).
    This patch includes the source code for the lcs network driver which
    was only available as object code only module so far. 

 -- Jochen Rhrig <jr@debian.org>  Tue,  5 Mar 2002 20:37:33 +0100

kernel-patch-2.4.16-s390 (0.0.20011212-1) unstable; urgency=low

  * New upstream release. 
  * Replaced 2.4.7-patches by the inital 2.4.16-patch from the IBM
    Developerworks website (released on 2001.12.12).
  * Fixed the patch from Gerhard Tonn <gt@debian.org> (support for
    a second initrd) to fit the 2.4.16 kernel sources.

 -- Jochen Rhrig <jr@debian.org>  Thu, 20 Dec 2001 22:23:17 +0100

kernel-patch-2.4.7-s390 (0.0.20011123-1) unstable; urgency=low

  * Added a new patch from the IBM Developerworks website (released on
    2001.11.23).
  * New version of the linux-ramdisk-patch from Gerhard Tonn <gt@debian.org>
    (fixes some error handling bugs).                       closes: Bug#123283

 -- Jochen Rhrig <jr@debian.org>  Tue, 11 Dec 2001 21:29:05 +0100

kernel-patch-2.4.7-s390 (0.0.20011109-1) unstable; urgency=low

  * Added a new patch from the IBM Developerworks website (released on
    2001.11.09).
  * Added a patch from Gerhard Tonn <gt@debian.org> which adds support
    for a second initrd (needed by the s390 boot-floppies).  closes: Bug#119356 

 -- Jochen Rhrig <jr@debian.org>  Tue, 13 Nov 2001 20:34:56 +0100

kernel-patch-2.4.7-s390 (0.0.20011012-1) unstable; urgency=low

  * Added new patches from the IBM Developerworks website (released on
    2001.09.14 and on 2001.10.12).
  * Added the kerntypes patch from the IBM Developerworks website (released
    on 2001.08.20) which is needed by the dump analysis tool lcrash.
  * Integrate all patches into one big patch.

 -- Jochen Rhrig <jr@debian.org>  Thu, 25 Oct 2001 23:02:22 +0200

kernel-patch-2.4.7-s390 (0.0.20010820-1) unstable; urgency=low

  * Initial Release
  * Fixed difference in diff of fs/partitions/Makefile which prevented
    the patch from applying correctly to the kernel source from
    kernel-source-2.4.7.deb.

 -- Jochen Rhrig <jr@debian.org>  Wed, 29 Aug 2001 00:12:15 +0200
