linux (3.2.96-2) wheezy-security; urgency=high

  * [!x86] Adjust "mmap: Add an exception to the stack gap for Hotspot JVM
    compatibility" to fix FTBFS

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 10 Dec 2017 04:02:42 +0000

linux (3.2.96-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.94
    - sched/fair, cpumask: Export for_each_cpu_wrap()
    - sched/topology: Fix building of overlapping sched-groups
    - mwifiex: fixup error cases in mwifiex_add_virtual_intf()
    - mceusb: fix memory leaks in error path
    - perf/core: Correct event creation with PERF_FORMAT_GROUP
    - usb: usbip: set buffer pointers to NULL after free
    - usb: Fix typo in the definition of Endpoint[out]Request
    - PCI: Correct PCI_STD_RESOURCE_END usage
    - md: don't use flush_signals in userspace processes
    - udf: Fix races with i_size changes during readpage
    - udf: Fix deadlock between writeback and udf_setsize()
    - xhci: Limit USB2 port wake support for AMD Promontory hosts
    - af_iucv: Move sockaddr length checks to before accessing sa_family in
      bind and connect handlers
    - scsi: bnx2i: missing error code in bnx2i_ep_connect()
    - [x86] PCI: Mark Haswell Power Control Unit as having non-compliant BARs
    - PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11
    - PM / Domains: Fix unsafe iteration over modified list of device links
    - Add USB quirk for HVR-950q to avoid intermittent device resets
    - btrfs: Don't clear SGID when inheriting ACLs
    - PCI/PM: Restore the status of PCI devices across hibernation
    - scsi: ses: do not add a device to an enclosure if enclosure_add_links()
      fails.
    - ipv6: always add flag an address that failed DAD with DADFAILED
    - ipv6: dad: don't remove dynamic addresses if link is down
    - IB/core: Create common start/end port functions
    - IB/core: Add inline function to validate port
    - RDMA/uverbs: Check port number supplied by user verbs cmds
    - tpm: fix a kernel memory leak in tpm-sysfs.c
    - cfg80211: Check if PMKID attribute is of expected size
    - cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
      (Closes: #865416)
    - fs/dcache.c: fix spin lockup issue on nlru->lock
    - Input: i8042 - fix crash at boot time
    - ubifs: Correctly evict xattr inodes
    - ubifs: Don't leak kernel memory to the MTD
    - mm: fix overflow check in expand_upwards()
    - vt: fix unchecked __put_user() in tioclinux ioctls
    - ext2: Don't clear SGID when inheriting ACLs
    - ext2: preserve i_mode if ext2_set_acl() fails
    - ext3: Don't clear SGID when inheriting ACLs
    - ext3: preserve i_mode if ext2_set_acl() fails
    - reiserfs: Don't clear SGID when inheriting ACLs
    - reiserfs: preserve i_mode if __reiserfs_set_acl() fails
    - ext4: preserve i_mode if __ext4_set_acl() fails
    - ext4: Don't clear SGID when inheriting ACLs
    - btrfs: preserve i_mode if __btrfs_set_acl() fails
    - saa7164: fix endian conversion in saa7164_bus_set()
    - saa7164: fix double fetch PCIe access condition (CVE-2017-8831)
    - l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv
    - netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get
    - [x86] perf: Check if user fp is valid
    - net sched filters: fix notification of filter delete with proper handle
    - sched: add macros to define bitops for task atomic flags
    - cpuset: PF_SPREAD_PAGE and PF_SPREAD_SLAB should be atomic flags
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.95
    - fuse: initialize the flock flag in fuse_file on allocation
    - usb: storage: return on error to avoid a null pointer dereference
    - libata: array underflow in ata_find_dev()
    - mount: copy the port field into the cloned nfs_server structure.
    - [x86] acpi: Prevent out of bound access caused by broken ACPI tables
    - cxgb4: Fix error codes in c4iw_create_cq()
    - IB/cxgb3: Fix error codes in iwch_alloc_mr()
    - RDMA/uverbs: Fix the check for port number
    - RDMA/core: Initialize port_num in qp_attr
    - ipv4: initialize fib_trie prior to register_netdev_notifier call.
    - perf/core: Invert perf_read_group() loops
    - perf/core: Fix locking for children siblings group read
    - IB/ipoib: Prevent setting negative values to max_nonsrq_conn_qp
    - IB/ipoib: Remove double pointer assigning
    - sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
    - sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
    - USB: hcd: Mark secondary HCD as dead if the primary one died
    - net/mlx4_en: Fix wrong indication of Wake-on-LAN (WoL) support
    - ocfs2: don't clear SGID when inheriting ACLs
    - RDMA/uverbs: Prevent leak of reserved field
    - IB/uverbs: Fix device cleanup
    - xfs: fix inobt inode allocation search optimization
    - af_key: do not use GFP_KERNEL in atomic contexts
    - audit: Fix use after free in audit_remove_watch_rule()
    - ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
    - mm/mempolicy: fix use after free when calling get_mempolicy
    - ALSA: core: Fix unexpected error at replacing user TLV
    - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
    - ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
    - cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
    - qlge: avoid memcpy buffer overflow
    - perf: Tighten (and fix) the grouping condition
    - perf/core: Fix group {cpu,task} validation
    - PM/hibernate: touch NMI watchdog when creating snapshot
    - ipv6: Add rt6_get_cookie() function
    - ipv6: add rcu grace period before freeing fib6_node
    - ipv6: Fix may be used uninitialized warning in rt6_check
    - r8169: Do not increment tx_dropped in TX ring cleaning
    - xfrm_user: fix info leak in xfrm_notify_sa()
    - xfrm_user: fix info leak in build_aevent()
    - dm: convert DM printk macros to pr_<level> macros
    - dm: fix printk() rate limiting code
    - l2tp: initialise session's refcount before making it reachable
    - l2tp: define parameters of l2tp_session_get*() as "const"
    - l2tp: hold tunnel while looking up sessions in l2tp_netlink
    - l2tp: hold tunnel while processing genl delete command
    - l2tp: hold tunnel while handling genl tunnel updates
    - l2tp: hold tunnel while handling genl TUNNEL_GET commands
    - l2tp: remove useless duplicate session detection in l2tp_netlink
    - l2tp: hold tunnel used while creating sessions with netlink
    - ipv6: fix sparse warning on rt6i_node
    - cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
    - CIFS: remove endian related sparse warning
    - net_sched: fix error recovery at qdisc creation
    - sch_htb: fix crash on init failure
    - sch_multiq: fix double free on init failure
    - sch_hfsc: fix null pointer deref and double free on init failure
    - sch_cbq: fix null pointer dereferences on init failure
    - sch_netem: avoid null pointer deref on init failure
    - sch_tbf: fix two null pointer dereferences on init failure
    - wl1251: add a missing spin_lock_init()
    - epoll: fix race between ep_poll_callback(POLLFREE) and
      ep_free()/ep_remove()
    - cifs: check MaxPathNameComponentLength != 0 before using it
    - fix unbalanced page refcounting in bio_map_user_iov (CVE-2017-12190)
    - mac80211: accept key reinstall without changing anything (CVE-2017-13080)
    - ALSA: seq: Fix use-after-free at creating a port (CVE-2017-15265)
    - KEYS: don't let add_key() update an uninstantiated key (CVE-2017-15299)
    - packet: race condition in packet_bind
    - packet: hold bind lock when rebinding to fanout hook (CVE-2017-15649)
    - packet: in packet_do_bind, test fanout with bind_lock held
      (CVE-2017-15649)
    - ALSA: usb-audio: Kill stray URB at exiting (CVE-2017-16527)
    - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
      (CVE-2017-16529)
    - USB: fix out-of-bounds in usb_set_configuration (CVE-2017-16531)
    - usb: usbtest: fix NULL pointer dereference (CVE-2017-16532)
    - HID: usbhid: fix out-of-bounds bug (CVE-2017-16533)
    - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
      (CVE-2017-16535)
    - ALSA: seq: Enable 'use' locking in all configurations
    - [x86] drivers/block/DAC960: fix DAC960_V2_IOCTL_Opcode_T -Wenum-compare
      warning
    - [x86] drivers/block/DAC960: fix -Wuninitialized warning
    - [x86] vmw_balloon: fix for a -Wuninitialized warning
    - [x86] platform: samsung-laptop: Initialize loca variable
    - aic94xx: Skip reading user settings if flash is not found
    - [x86] staging: reduce stack usage in prism2fw.c
    - mct_u232: Fix use of uninitialized pointer in mct_u323_startup()
    - rc: Fix input deadlock and transmit error in redrat3 driver
    - libsas: prevent double completion of scmds from eh
    - [x86] net: am2150: fix nmclan_cs.c shared interrupt handling
    - [x86] am2150: Update nmclan_cs.c to use update PCMCIA API
    - Staging: wlan-ng: fix sparse warning in prism2fw.c
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.96
    - IB/core: Fix the validations of a multicast LID in attach or detach
      operations
    - fcntl: Don't use ambiguous SIG_POLL si_codes
    - PCI: shpchp: Enable bridge bus mastering if MSI is enabled
    - dlm: avoid double-free on error path in dlm_device_{register,unregister}
    - [amd64] fsgsbase: Report FSBASE and GSBASE correctly in core dumps
    - [x86] cs5536: add support for IDE controller variant
    - block: Relax a check in blk_start_queue()
    - media: uvcvideo: Prevent heap overflow when accessing mapped controls
    - [x86] media: lirc_zilog: driver only sends LIRCCODE
    - media: em28xx: calculate left volume level correctly
    - USB: core: Avoid race of async_completed() w/ usbdev_release()
    - usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
    - usb: Add device quirk for Logitech HD Pro Webcam C920-C
    - IB/{qib, hfi1}: Avoid flow control testing for RDMA write operation
    - net/mlx4_core: Make explicit conversion to 64bit value
    - scsi: aacraid: Fix command send race condition
    - qla2xxx: Corrections to returned sysfs error codes.
    - qla2xxx: Add mutex around optrom calls to serialize accesses.
    - scsi: qla2xxx: Fix an integer overflow in sysfs code (CVE-2017-14051)
    - driver core: bus: Fix a potential double free
    - ftrace: Fix selftest goto location on error
    - xfs: fix incorrect log_flushed on fsync
    - l2tp: prevent creation of sessions on terminated tunnels
    - l2tp: pass tunnel pointer to ->session_create()
    - genirq: Make sparse_irq_lock protect what it should protect
    - ipv6: fix memory leak with multiple tables during netns destruction
    - ipv6: fix typo in fib6_net_exit()
    - Input: xpad - add a few new VID/PID combinations
    - Input: xpad - add support for Xbox One controllers
    - Input: xpad - don't depend on endpoint order
    - Input: xpad - validate USB endpoint type during probe
    - smsc95xx: Configure pause time to 0xffff when tx flow control enabled
    - [x86] KVM: SVM: Add a missing 'break' statement
    - [x86] KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page
      Ready" exceptions simultaneously
    - [x86] Input: i8042 - add Gigabyte P57 to the keyboard reset table
    - ext4: validate s_first_meta_bg at mount time (CVE-2016-10208)
    - ext4: fix fencepost in s_first_meta_bg validation
    - sctp: do not peel off an assoc from one netns to another one
      (CVE-2017-15115)
    - USB: serial: console: fix use-after-free after failed setup
      (CVE-2017-16525)
    - cx231xx-cards: fix NULL-deref on missing association descriptor
      (CVE-2017-16536)
    - media: imon: Fix null-ptr-deref in imon_probe (CVE-2017-16537)
    - Input: gtco - fix potential out-of-bound access (CVE-2017-16643)
    - net: cdc_ether: fix divide by 0 on bad descriptors (CVE-2017-16649)
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
      (CVE-2017-13080)
    - mac80211: Fix null dereference in ieee80211_key_link()

  [ Ben Hutchings ]
  * sched: Avoid ABI change in 3.2.94
  * ip6_fib: Avoid ABI change in 3.2.95
  * libsas: Avoid ABI change in 3.2.95
  * perf: Avoid ABI change in 3.2.95
  * mlx4*: Ignore ABI change
  * [rt] Update to 3.2.95-rt133
  * dm: Avoid ABI change in 3.2.95
  * mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
  * mmap: Remember the MAP_FIXED flag as VM_FIXED
  * [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility
    (Closes: #865303)
  * dccp: CVE-2017-8824: use-after-free in DCCP code
  * Bluetooth: hidp: verify l2cap sockets
  * Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with
    l2cap socket
  * Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with
    l2cap socket (CVE-2017-15868)
  * xfrm: fix crash in XFRM_MSG_GETSA netlink handler
  * ipsec: Fix aborted xfrm policy dump crash (CVE-2017-16939)
  * [x86]  KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
    (CVE-2017-1000407)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 09 Dec 2017 19:39:28 +0000

linux (3.2.93-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.90
    - Allow stack to grow up to address space limit
    - rxrpc: Fix several cases where a padded len isn't checked in ticket decode
      (CVE-2017-7482)
    - mm: simplify find_vma_prev()
    - mm: fix find_vma_prev
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.91
    - xen: do not re-use pirq number cached in pci device msi msg data
    - usb: dwc3: gadget: make Set Endpoint Configuration macros safe
    - scsi: aacraid: Fix typo in blink status
    - scsi: lpfc: Add shutdown method for kexec
    - USB: serial: io_ti: fix NULL-deref in interrupt callback
    - USB: serial: safe_serial: fix information leak in completion handler
    - dvb-usb: don't use stack for firmware load
    - dvb-usb-firmware: don't do DMA on stack
    - USB: iowarrior: fix NULL-deref in write
    - udp: avoid ufo handling on IP payload compression packets
    - isdn/gigaset: fix NULL-deref at probe
    - net: wimax/i2400m: fix NULL-deref at probe
    - USB: idmouse: fix NULL-deref at probe
    - USB: uss720: fix NULL-deref at probe
    - USB: wusbcore: fix NULL-deref at probe
    - uwb: hwa-rc: fix NULL-deref at probe
    - uwb: i1480-dfu: fix NULL-deref at probe
    - usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk
    - futex: Fix potential use-after-free in FUTEX_REQUEUE_PI
    - futex: Add missing error handling to FUTEX_REQUEUE_PI
    - sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting
    - perf/core: Fix event inheritance on fork()
    - mmc: ushc: fix NULL-deref at probe
    - Input: iforce - validate number of endpoints before using them
    - Input: cm109 - validate number of endpoints before using them
    - Input: yealink - validate number of endpoints before using them
    - Input: hanwang - validate number of endpoints before using them
    - Input: kbtab - validate number of endpoints before using them
    - net: ipv6: set route type for anycast routes
    - USB: usbtmc: add missing endpoint sanity check
    - ACM gadget: fix endianness in notifications
    - ALSA: ctxfi: Fix the incorrect check of dma_set_mask() call
    - scsi: libsas: fix ata xfer length
    - ALSA: seq: Fix racy cell insertions during snd_seq_pool_done()
    - net: unix: properly re-increment inflight counter of GC discarded
      candidates
    - bpf: try harder on clones when writing into skb
    - sch_dsmark: fix invalid skb_cow() usage
    - mmc: sdhci: Do not disable interrupts while waiting for clock
    - hwmon: (asus_atk0110) fix uninitialized data access
    - ALSA: seq: Fix race during FIFO resize
    - net: phy: handle state correctly in phy_stop_machine
    - IB/qib: fix false-postive maybe-uninitialized warning
    - netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register
    - virtio_balloon: init 1st buffer in stats vq
    - virtio_balloon: prevent uninitialized variable use
    - ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
    - ACPI: Fix incompatibility with mcount-based function graph tracing
    - xhci: Manually give back cancelled URB if we can't queue it for cancel
    - ubi/upd: Always flush after prepared for an update
    - mmc: sdhci: Disable runtime pm when the sdio_irq is enabled
    - l2tp: fix race in l2tp_recv_common()
    - l2tp: ensure session can't get removed during pppol2tp_session_ioctl()
    - l2tp: fix duplicate session creation
    - l2tp: take a reference on sessions used in genetlink handlers
    - iscsi-target: Drop work-around for legacy GlobalSAN initiator
    - af_key: Add lock to key dump
    - l2tp: take reference on sessions being dumped
    - xen, fbfront: fix connecting to backend
    - scsi: sr: Sanity check returned mode data
    - scsi: sd: Fix capacity calculation with 32-bit sector_t
    - ptrace: fix PTRACE_LISTEN race corrupting task->state
    - l2tp: don't mask errors in pppol2tp_setsockopt()
    - l2tp: don't mask errors in pppol2tp_getsockopt()
    - [x86] vdso: Plug race between mapping and ELF header setup
    - ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
    - [x86] ftrace: Fix triple fault with graph tracing and suspend-to-ram
    - p9_client_readdir() fix
    - KEYS: Change the name of the dead type to ".dead" to prevent user access
    - ACPI / power: Avoid maybe-uninitialized warning
    - ring-buffer: Have ring_buffer_iter_empty() return true when empty
    - mac80211: reject ToDS broadcast data frames
    - smsc75xx: use skb_cow_head() to deal with cloned skbs
    - cx82310_eth: use skb_cow_head() to deal with cloned skbs
    - [x86] mm/init.c: Fix devmem_is_allowed() off by one
    - [x86] mm: Tighten x86 /dev/mem with zeroing reads (CVE-2017-7889)
    - xen-blkback: don't leak stack data via response ring (CVE-2017-10911)
    - char: lp: fix possible integer overflow in lp_setup() (CVE-2017-1000363)
    - fs/exec.c: account for argv/envp pointers (CVE-2017-1000365)
    - ALSA: timer: Fix race between read and ioctl (CVE-2017-1000380)
    - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
      (CVE-2017-1000380)
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.92
    - pvrusb2: reduce stack usage pvr2_eeprom_analyze()
    - zd1211rw: fix NULL-deref at probe
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - mceusb: fix NULL-deref at probe
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - cdc-acm: fix possible invalid access when processing notification
    - ath9k_htc: fix NULL-deref at probe
    - gspca: konica: add missing endpoint sanity check
    - usbvision: fix NULL-deref at probe
    - cx231xx: fix double free and leaks on failure path in cx231xx_usb_probe()
    - cx231xx-cards: fix NULL-deref at probe
    - cx231xx-audio: fix init error path
    - cx231xx-audio: fix NULL-deref at probe
    - padata: free correct variable
    - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
    - digitv: limit messages to buffer size
    - zr364xx: enforce minimum size when reading header
    - PCI: Ignore write combining when mapping I/O port space
    - PCI: Fix another sanity check bug in /proc/pci mmap
    - PCI: Only allow WC mmap on prefetchable resources
    - PCI: Freeze PME scan before suspending devices
    - ttusb2: Don't use stack variables for DMA
    - ttusb2: limit messages to buffer size
    - dw2102: Don't use dynamic static allocation
    - dw2102: some missing unlocks on error
    - dw2102: limit messages to buffer size
    - ov2640: fix vflip control
    - usb: host: xhci: print correct command ring address
    - [x86] boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - netfilter: ctnetlink: make it safer when updating ct->status
    - PCI: Disable boot interrupt quirk for ASUS M2N-LR
    - usb: Make sure usb/phy/of gets built-in
    - IB/core: If the MGID/MLID pair is not on the list return an error
    - IB/core: For multicast functions, verify that LIDs are multicast LIDs
    - libata: reject passthrough WRITE SAME requests
    - net: ethernet: ucc_geth: fix MEM_PART_MURAM mode
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - ip6_tunnel: Fix missing tunnel encapsulation limit option
    - ipv6: Need to export ipv6_push_frag_opts for tunneling now.
    - tcp: fix wraparound issue in tcp_lp
    - cifs: small underflow in cnvrtDosUnixTm()
    - CIFS: Set unicode flag on cifs echo request to avoid Mac error
    - fbdev: sti: don't select CONFIG_VT
    - [i386] mm: Set the '__vmalloc_start_set' flag in initmem_init()
    - ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542)
    - timerfd: Protect the might cancel mechanism proper (CVE-2017-10661)
    - mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176)
    - packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111)
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.93
    - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY
    - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
    - tcp: avoid fragmenting peculiar skbs in SACK
    - USB: serial: ftdi_sio: fix setting latency for unprivileged users
    - USB: serial: io_ti: fix div-by-zero in set_termios
    - tcp: eliminate negative reordering in tcp_clean_rtx_queue
    - [x86] USB: usbip: fix nonconforming hub descriptor
    - USB: hub: fix SS hub-descriptor handling
    - USB: hub: fix non-SS hub-descriptor handling
    - USB: hub: fix SS max number of ports
    - mac80211: strictly check mesh address extension mode
    - tracing/kprobes: Enforce kprobes teardown after testing
    - xhci: workaround for hosts missing CAS bit
    - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
    - usb: host: xhci: simplify irq handler return
    - USB: xhci: fix lock-inversion problem
    - drivers: char: mem: Check for address space wraparound with mmap()
    - watchdog: pcwd_usb: fix NULL-deref at probe
    - [x86] KVM: Fix read out-of-bounds vulnerability in kvm pio emulation
    - [x86] KVM: fix use of uninitialized memory as segment descriptor in
      emulator.
    - [x86] KVM: zero base3 of unusable segments
    - ext4: keep existing extra fields when inode expands
    - i2c: i2c-tiny-usb: fix buffer not being DMA capable
    - crypto: gcm - wait for crypto op not signal safe
    - block: fix an error code in add_partition()
    - libceph: NULL deref on crush_decode() error path
    - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
    - [arm*] ASoC: Fix use-after-free at card unregistration
    - scsi: qla2xxx: don't disable a not previously enabled PCI device
    - net: ethernet: ax88796: don't call free_irq without request_irq first
    - ext4: fix data corruption for mmap writes
    - ext4: fix fdatasync(2) after extent manipulation operations
    - net: phy: fix marvell phy status reading
    - usb: gadget: f_mass_storage: Serialize wake and sleep execution
    - drivers: char: mem: Fix wraparound check to allow mappings up to the end
    - alarmtimer: Prevent overflow of relative timers
    - alarmtimer: Rate limit periodic intervals
    - rc-core: race condition during ir_raw_event_register()
    - net: ping: do not abuse udp_poll()
    - vb2: fix plane index sanity check in vb2_plane_cookie()
    - vb2: Fix an off by one error in 'vb2_plane_vaddr'
    - net: ethoc: enable NAPI before poll may be scheduled
    - [x86] KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid
      emulation
    - KEYS: fix dereferencing NULL payload with nonzero length
    - fix ufs_isblockset()
    - ufs: set correct ->s_maxsize
    - excessive checks in ufs_write_failed() and ufs_evict_inode()
    - [x86] KVM: async_pf: avoid async pf injection when in guest mode
    - configfs: Fix race between create_link and configfs_rmdir
    - selinux: fix double free in selinux_parse_opts_str()
    - xfrm: Oops on error in pfkey_msg2xfrm_state()
    - xfrm: NULL dereference on allocation failure
    - swap: cond_resched in swap_cgroup_prepare()
    - signal: Only reschedule timers on signals timers have sent
    - rtnetlink: add IFLA_GROUP to ifla_policy
    - ipv6: avoid unregistering inet6_dev for loopback
    - autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL
    - lib/cmdline.c: fix get_options() overflow while parsing ranges
    - net: prevent sign extension in dev_get_stats()
    - tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (CVE-2017-14106)
    - xfrm: policy: check policy direction value (CVE-2017-11600)
    - xen: fix bio vec merging (CVE-2017-12134)
    - ptrace: use fsuid, fsgid, effective creds for fs access checks
    - mm: fix move/migrate_pages() race on task struct
    - mm: fix NULL ptr dereference in migrate_pages
    - mm: fix NULL ptr dereference in move_pages
    - Sanitize 'move_pages()' permission checks (CVE-2017-14140)
    - net: phy: marvell: Limit errata to 88m1101

  [ Ben Hutchings ]
  * [rt] Update to 3.2.89-rt127 (no functional change)
  * ptrace, xfrm: Avoid ABI changes in 3.2.93
  * nl80211: check for the required netlink attributes presence (CVE-2017-12153)
  * [x86] kvm: nVMX: Don't allow L2 to access the hardware CR8 (CVE-2017-12154)
  * [x86] video: fbdev: aty: do not leak uninitialized padding in clk to userspace
    (CVE-2017-14156)
  * xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
    (CVE-2017-14340)
  * scsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly
    (CVE-2017-14489)
  * Bluetooth: Properly check L2CAP config option output buffer length
    (CVE-2017-1000251)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 18 Sep 2017 02:48:33 +0100

linux (3.2.89-2) wheezy-security; urgency=high

  * Revert previous fixes for CVE-2017-1000364 (Closes: #865303)
  * mm: larger stack guard gap, between vmas (CVE-2017-1000364)
  * mm: larger stack guard gap, between vmas - ARM topdown case

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 26 Jun 2017 18:57:49 +0100

linux (3.2.89-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.89
    - adm8211: return an error if adm8211_alloc_rings() fails
    - ath5k: drop bogus warning on drv_set_key with unsupported cipher
    - RDMA/core: Fix incorrect structure packing for booleans
    - IB/ipoib: Set device connection mode only when needed
    - IB/ipoib: Change list_del to list_del_init in the tx object
    - USB: serial: ch341: fix modem-status handling
    - USB: serial: ark3116: fix register-accessor error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix modem-status error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - [x86] staging: rtl: fix possible NULL pointer dereference
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - usb: gadget: f_hid: Use spinlock instead of mutex
    - USB: serial: ftdi_sio: fix extreme low-latency setting
    - drm/ttm: Make sure BOs being swapped out are cacheable
    - drm/radeon: handle vfct with multiple vbios images
    - ext4: trim allocation requests to group size
    - ext4: use private version of page_zero_new_buffers() for data=journal mode
    - ext4: fix data corruption in data=journal mode
    - bcma: use (get|put)_device when probing/removing device driver
    - USB: serial: digi_acceleport: fix OOB data sanity check
    - USB: serial: digi_acceleport: fix OOB-event processing
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: keyspan_pda: fix receive sanity checks
    - [x86] pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
    - jbd2: don't leak modified metadata buffers on an aborted journal
    - ext4: preserve the needs_recovery flag when the journal is aborted
    - USB: serial: ftdi_sio: fix line-status over-reporting
    - USB: serial: mos7840: fix another NULL-deref at open
    - KEYS: Fix an error code in request_master_key()
    - [x86] drivers: hv: Turn off write permission on the hypercall page
    - [armhf/omap] mmc: host: omap_hsmmc: avoid possible overflow of timeout
      value
    - md linear: fix a race between linear_add() and linear_congested()
    - md: ensure md devices are freed before module is unloaded.
    - nlm: Ensure callback code also checks that the files match
    - nfsd: update mtime on truncate
    - nfsd: minor nfsd_setattr cleanup
    - nfsd: special case truncates some more
    - NFSv4: Fix the underestimation of delegation XDR space reservation
    - fuse: add missing FR_FORCE
    - rdma_cm: fail iwarp accepts w/o connection params
    - net/dccp: fix use after free in tw_timer_handler()
    - scsi: aacraid: Fix memory leak in fib init path
    - scsi: aacraid: Reorder Adapter status check
    - NFSv4: Fix range checking in __nfs4_get_acl_uncached and
      __nfs4_proc_set_acl
    - NFSv4: fix getacl ERANGE for some ACL buffer sizes
    - net sched actions: decrement module reference count after table flush.
    - ALSA: timer: Reject user params with too small ticks
    - ALSA: ctxfi: Fallback DMA mask to 32bit
    - ALSA: seq: Fix link corruption by event error handling
    - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
      (CVE-2017-0605)
    - ipx: call ipxitf_put() in ioctl error path (CVE-2017-7487)
    - nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
    - nfsd4: minor NFSv2/v3 write decoding cleanup
    - nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
    - dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
    - USB: serial: io_ti: fix information leak in completion handler
      (CVE-2017-8924)
    - USB: serial: omninet: fix reference leaks at open (CVE-2017-8925)
    - ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
    - ipv6: Check ip6_find_1stfragopt() return value properly.
    - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
    - ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076,
      CVE-2017-9077)
    - ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)

  [ Ben Hutchings ]
  * ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt()
  * net: add kfree_skb_list()
  * ipv6: Fix leak in ipv6_gso_segment().
  * Ignore ABI changes in IB, rds
  * mm: do not grow the stack vma just because of an overrun on preceding vma
  * mm: enlarge stack guard gap (CVE-2017-1000364)
  * mm: allow to configure stack gap size
  * mm, proc: cap the stack gap for unpopulated growing vmas
  * mm: do not collapse stack gap into THP

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 18 Jun 2017 17:18:24 +0100

linux (3.2.88-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.87
    - net/sched: em_meta: Fix 'meta vlan' to correctly recognize zero VID frames
    - ite-cir: initialize use_demodulator before using it
    - usb: gadget: composite: correctly initialize ep->maxpacket
    - [x86] drm/gma500: Add compat ioctl
    - xfs: fix up xfs_swap_extent_forks inline extent handling
    - PCI: Check for PME in targeted sleep state
    - USB: UHCI: report non-PME wakeup signalling for Intel hardware
    - usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL
    - ext4: fix mballoc breakage with 64k block size
    - ext4: fix stack memory corruption with 64k block size
    - IB/mlx4: Put non zero value in max_ah device attribute
    - scsi: mvsas: fix command_active typo
    - ssb: Fix error routine when fallback SPROM fails
    - ext4: fix in-superblock mount options processing
    - ext4: use more strict checks for inodes_per_block on mount
    - ext4: add sanity checking to count_overhead()
    - dm crypt: mark key as invalid until properly loaded
    - regmap: cache: Remove unused 'blksize' variable
    - ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream()
    - thermal: hwmon: Properly report critical temperature in sysfs
    - USB: serial: kl5kusb105: fix open error path
    - USB: serial: kl5kusb105: abort on open exception path
    - Btrfs: fix tree search logic when replaying directory entry deletes
    - hotplug: Make register and unregister notifier API symmetric
    - hwmon: (ds620) Fix overflows seen when writing temperature limits
    - nfs_write_end(): fix handling of short copies
    - ext4: reject inodes with negative size
    - libceph: verify authorize reply on connect
    - fsnotify: Fix possible use-after-free in inode iteration on umount
    - block_dev: don't test bdev->bd_contains when it is not stable
    - IB/mad: Fix an array index check
    - IB/multicast: Check ib_find_pkey() return value
    - scsi: avoid a permanent stop of the scsi device's request queue
    - target/iscsi: Fix double free in lio_target_tiqn_addtpg()
    - net, sched: fix soft lockup in tc_classify
    - net/mlx4_en: Fix bad WQE issue
    - net/mlx4: Remove BUG_ON from ICM allocation routine
    - usb: gadget: composite: Test get_alt() presence instead of set_alt()
    - USB: dummy-hcd: fix bug in stop_activity (handle ep0)
    - [armhf] usb: gadgetfs: restrict upper bound on device configuration size
    - [armhf] USB: gadgetfs: fix unbounded memory allocation bug
    - [armhf] USB: gadgetfs: fix use-after-free bug
    - [armhf] USB: gadgetfs: fix checks of wTotalLength in config descriptors
    - xhci: free xhci virtual devices with leaf nodes first
    - USB: serial: cyberjack: fix NULL-deref at open
    - USB: serial: garmin_gps: fix memory leak on failed URB submit
    - USB: serial: io_edgeport: fix NULL-deref at open
    - USB: serial: io_ti: fix NULL-deref at open
    - USB: serial: io_ti: fix another NULL-deref at open
    - USB: serial: iuu_phoenix: fix NULL-deref at open
    - USB: serial: keyspan_pda: verify endpoints at probe
    - USB: serial: kobil_sct: fix NULL-deref in write
    - USB: serial: mos7720: fix NULL-deref at open
    - USB: serial: mos7720: fix use-after-free on probe errors
    - USB: serial: mos7720: fix parport use-after-free on probe errors
    - USB: serial: mos7720: fix parallel probe
    - USB: serial: mos7840: fix NULL-deref at open
    - USB: serial: mos7840: fix misleading interrupt-URB comment
    - USB: serial: omninet: fix NULL-derefs at open and disconnect
    - USB: serial: oti6858: fix NULL-deref at open
    - USB: serial: pl2303: fix NULL-deref at open
    - USB: serial: spcp8x5: fix NULL-deref at open
    - USB: serial: ti_usb_3410_5052: fix NULL-deref at open
    - [x86] iommu/amd: Fix the left value check of cmd buffer
    - [x86] cpu: Fix bootup crashes by sanitizing the argument of the
      'clearcpuid=' command-line option
    - [armhf] usb: musb: Fix trying to free already-free IRQ 4
    - USB: fix problems with duplicate endpoint addresses
    - HID: hid-cypress: validate length of report (CVE-2017-7273)
    - ata: sata_mv:- Handle return value of devm_ioremap.
    - USB: ch341: forward USB errors to USB serial core
    - USB: ch341: remove redundant close from open error path
    - USB: ch341: set tty baud speed according to tty struct
    - USB: serial: ch341: add register and USB request definitions
    - USB: serial: ch341: reinitialize chip on reconfiguration
    - USB: serial: ch341: fix initial modem-control state
    - USB: serial: ch341: fix open and resume after B0
    - USB: serial: ch341: fix modem-control and B0 handling
    - USB: serial: ch341: fix open error handling
    - USB: serial: ch341: fix resume after reset
    - USB: serial: ch341: fix baud rate and line-control handling
    - gro: Enter slow-path if there is no tailroom
    - gro: Disable frag0 optimization on IPv6 ext headers
    - ocfs2: fix crash caused by stale lvb with fsdlm plugin
    - sysrq: attach sysrq handler correctly for 32-bit kernel
    - USB: serial: ch341: fix control-message error handling
    - gro: use min_t() in skb_gro_reset_offset()
    - xhci: fix deadlock at host remove by running watchdog correctly
    - i2c: fix kernel memory disclosure in dev interface
    - svcrpc: don't leak contexts on PROC_DESTROY
    - net/mlx4_core: Fix racy CQ (Completion Queue) free
    - ubifs: Fix journal replay wrt. xattr nodes
    - ceph: fix bad endianness handling in parse_reply_info_extra
    - nbd: fix use-after-free of rq/bio in the xmit path
    - nbd: only set MSG_MORE when we have more to send
    - crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg
    - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
    - sysctl: fix proc_doulongvec_ms_jiffies_minmax()
    - can: bcm: fix hrtimer/tasklet termination in bcm op removal
    - [arm*] 8643/3: arm/ptrace: Preserve previous registers for short regset
      write
    - mm, fs: check for fatal signals in do_generic_file_read()
    - netlabel: out of bound access in cipso_v4_validate()
    - mac80211: Fix adding of mesh vendor IEs
    - ALSA: seq: Don't handle loop timeout at snd_seq_pool_done()
    - rtl8150: Use heap buffers for all register access
    - catc: Combine failure cleanup code in catc_probe()
    - catc: Use heap buffer for memory size test
    - ALSA: seq: Fix race at creating a queue
    - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
    - ping: fix a null pointer dereference
    - xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend()
    - l2tp: do not use udp_ioctl()
    - futex: Move futex_init() to core_initcall
    - vfs: fix uninitialized flags in splice_to_pipe()
    - packet: call fanout_release, while UNREGISTERING a netdev
    - packet: Do not call fanout_release from atomic contexts
    - Fix missing sanity check in /dev/sg
    - lib/vsprintf.c: improve sanity check in vsnprintf()
    - decnet: Do not build routes to devices without decnet private data.
    - route: do not cache fib route info on local routes with oif
    - sch_htb: update backlog as well
    - sch_dsmark: update backlog as well
    - net: bridge: fix old ioctl unlocked net device walk
    - ipmr/ip6mr: Initialize the last assert time of mfc entries.
    - net: fix sk_mem_reclaim_partial()
    - tcp: fix overflow in __tcp_retransmit_skb()
    - net: avoid sk_forward_alloc overflows
    - tcp: fix wrong checksum calculation on MTU probing
    - net: sctp, forbid negative length
    - net: clear sk_err_soft in sk_clone_lock()
    - net: mangle zero checksum in skb_checksum_help()
    - dccp: do not send reset to already closed sockets
    - dccp: fix out of bound access in dccp_v4_err()
    - ipv6: dccp: fix out of bound access in dccp_v6_err()
    - sctp: assign assoc_id earlier in __sctp_connect
    - sock: fix sendmmsg for partial sendmsg
    - ip6_tunnel: disable caching when the traffic class is inherited
    - net: sky2: Fix shutdown crash
    - net/sched: pedit: make sure that offset is valid
    - net/dccp: fix use-after-free in dccp_invalid_packet
    - [x86] netvsc: reduce maximum GSO size
    - ipv6: handle -EFAULT from skb_copy_bits
    - drop_monitor: add missing call to genlmsg_end
    - drop_monitor: consider inserted data in genlmsg_end
    - igmp: Make igmp group member RFC 3376 compliant
    - ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock
    - net: socket: fix recvmmsg not returning error from sock_error
    - can: Fix kernel panic at security_sock_rcv_skb
    - ipv6: fix ip6_tnl_parse_tlv_enc_lim()
    - ipv6: pointer math error in ip6_tnl_parse_tlv_enc_lim()
    - tcp: fix 0 divide in __tcp_select_window()
    - tun: Fix TUN_PKT_STRIP setting
    - tun: read vnet_hdr_sz once
    - macvtap: read vnet_hdr_size once
    - igmp: do not remove igmp souce list info when set link down
    - mld: do not remove mld souce list info when set link down
    - igmp, mld: Fix memory leak in igmpv3/mld_del_delrec()
    - [x86] Revert "KVM: x86: expose MSR_TSC_AUX to userspace"
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.88
    - ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970)
    - mm/huge_memory.c: fix up "mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW
      for thp" backport
    - l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()
      (CVE-2016-10200)
    - keys: Guard against null match function in keyring_search_aux()
      (CVE-2017-2647 / CVE-2017-6951)

  [ Ben Hutchings ]
  * timer: Restrict timer_stats to initial PID namespace (CVE-2017-5967)
  * USB: iowarrior: fix NULL-deref at probe (CVE-2016-2188)
  * KEYS: special dot prefixed keyring name bug fix
  * KEYS: Reinstate EPERM for a key type name beginning with a '.'
  * KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
    (CVE-2016-9604)
  * ping: implement proper locking (CVE-2017-2671)
  * xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    (CVE-2017-7184)
  * xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (CVE-2017-7184)
  * [x86] drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()
    (CVE-2017-7261)
  * [x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
    (CVE-2017-7294)
  * packet: handle too big packets for PACKET_V3
  * net/packet: Fix integer overflow in various range checks (CVE-2017-7308)
  * KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
    (CVE-2017-7472)
  * mm/mempolicy.c: fix error handling in set_mempolicy and mbind
    (CVE-2017-7616)
  * crypto: ahash - Fully restore ahash request before completing
  * crypto: hash - Fix the pointer voodoo in unaligned ahash
  * crypto: hash - Pull out the functions to save/restore request
  * crypto: hash - Simplify the ahash_finup implementation
  * crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
  * can: Ignore ABI change
  * net: Avoid ABI change for "net: fix sk_mem_reclaim_partial()"

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 27 Apr 2017 02:52:16 +0100

linux (3.2.86-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.85
    - [x86] fbdev/efifb: Fix 16 color palette entry calculation
    - netfilter: restart search if moved to other chain
    - rtlwifi: Update regulatory database
    - rtlwifi: Fix missing country code for Great Britain
    - cx231xx: don't return error on success
    - cx231xx: fix GPIOs for Pixelview SBTVD hybrid
    - ext4: reinforce check of i_dtime when clearing high fields of uid and gid
    - reiserfs: Unlock superblock before calling reiserfs_quota_on_mount()
    - sctp: do not return the transmit err back to sctp_sendmsg
    - [x86] iommu/amd: Free domain id when free a domain of struct
      dma_ops_domain
    - ALSA: ali5451: Fix out-of-bound position reporting
    - usb: misc: legousbtower: Fix NULL pointer deference
    - net/mlx4_core: Fix deadlock when switching between polling and event fw
      commands
    - ALSA: usb-audio: Extend DragonFly dB scale quirk to cover other variants
    - regulator: tps65910: Work around silicon erratum SWCZ010
    - mmc: block: don't use CMD23 with very old MMC cards
    - NFSv4: Open state recovery must account for file permission changes
    - ext4: release bh in make_indexed_dir
    - fuse: invalidate dir dentry after chmod
    - fuse: fix killing s[ug]id in setattr
    - fuse: listxattr: verify xattr list
    - crypto: gcm - Fix IV buffer size in crypto_gcm_setkey
    - scsi: Fix use-after-free
    - mac80211: discard multicast and 4-addr A-MSDUs
    - isofs: Do not return EACCES for unknown filesystems
    - Input: i8042 - add XMG C504 to keyboard reset table
    - ubifs: Fix xattr_names length in exit paths
    - ubifs: Abort readdir upon error
    - [x86] ACPI / APEI: Fix incorrect return value of ghes_proc()
    - dm table: fix missing dm_put_target_type() in dm_table_add_target()
    - scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough)
      devices
    - [x86] hv: do not lose pending heartbeat vmbus packets
    - scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
    - scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
    - tty: vt, fix bogus division in csi_J
    - tty: limit terminal size to 4M chars
    - vt: clear selection before resizing
    - netfilter: nf_conntrack_sip: extend request line validation
    - lib/genalloc.c: start search from start of chunk
    - [x86] KVM: fix wbinvd_dirty_mask use-after-free
    - ubifs: Fix regression in ubifs_readdir()
    - net/mlx4_en: Process all completions in RX rings after port goes up
    - ipv6: Don't use ufo handling on later transformed packets
    - can: bcm: fix warning in bcm_connect/proc_register
    - usb: gadget: u_ether: remove interrupt throttling
    - uwb: fix device reference leaks
    - ip6_tunnel: Clear IP6CB in ip6tunnel_xmit()
    - firewire: net: fix fragmented datagram_size off-by-one
    - ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped
    - i2c: core: fix NULL pointer dereference under race condition
    - scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression
    - swapfile: fix memory corruption via malformed swapfile
    - coredump: fix unfreezable coredumping task
    - dib0700: fix nec repeat handling
    - mfd: core: Fix device reference leak in mfd_clone_cell
    - IB/uverbs: Fix leak of XRC target QPs
    - IB/mlx4: Fix create CQ error flow
    - mwifiex: printk() overflow with 32-byte SSIDs
    - [x86] KVM: Disable irq while unregistering user notifier
    - ext4: sanity check the block and cluster size at mount time
    - locking/rtmutex: Prevent dequeue vs. unlock race
    - tipc: check minimum bearer MTU
    - net: ep93xx_eth: Do not crash unloading module
    - fuse: fix clearing suid, sgid for chown()
    - can: raw: raw_setsockopt: limit number of can_filter that can be set
    - ser_gigaset: return -ENOMEM on error instead of success
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.86
    - [x86] kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
      (CVE-2016-9588)
    - tcp: avoid infinite loop in tcp_splice_read() (CVE-2017-6214)

  [ Ben Hutchings ]
  * ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
  * sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
  * net/sock: Add sock_efree() function
  * net/llc: avoid BUG_ON() in skb_orphan() (CVE-2017-6345)
  * packet: fix races in fanout_add() (CVE-2017-6346)
  * irda: Fix locking in hashbin_delete() (CVE-2017-6348)
  * sctp: deny peeloff operation on asocs with threads sleeping on it
    (CVE-2017-6353)
  * TTY: n_hdlc, fix lockdep false positive
  * list: introduce list_first_entry_or_null
  * tty: n_hdlc: get rid of racy n_hdlc.tbuf (CVE-2017-2636)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 07 Mar 2017 22:20:05 +0000

linux (3.2.84-2) wheezy-security; urgency=high

  [ Salvatore Bonaccorso ]
  * dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074)

  [ Ben Hutchings ]
  * [arm*] dma-mapping: don't allow DMA mappings to be marked executable
    (CVE-2014-9888)
  * media: info leak in __media_device_enum_links() (CVE-2014-9895)
  * perf: Fix perf_event_for_each() to use sibling
  * lockdep: Silence warning if CONFIG_LOCKDEP isn't set
  * perf: Fix event->ctx locking (CVE-2016-6786, CVE-2016-6787)
  * fbdev: color map copying bounds checking (CVE-2016-8405)
  * USB: serial: kl5kusb105: fix line-state error handling (CVE-2017-5549)
  * perf: Do not double free (dependency of the following fix)
  * perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
    (CVE-2017-6001)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 22 Feb 2017 02:42:06 +0000

linux (3.2.84-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.83
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.84
    - netlabel: add address family checks to netlbl_{sock,req}_delattr()
    - sched/cputime: Fix prev steal time accouting during CPU hotplug
    - crypto: gcm - Filter out async ghash if necessary
    - Input: xpad - validate USB endpoint count during probe
    - ext4: check for extents that wrap around
    - ext4: don't call ext4_should_journal_data() on the journal inode
    - ext4: validate s_reserved_gdt_blocks on mount
    - ALSA: ctl: Stop notification after disconnection
    - ppp: defer netns reference release for ppp channel
    - [x86] quirks: Add early quirk to reset Apple AirPort card
    - svc: Avoid garbage replies when pc_func() returns rpc_drop_reply
    - NFS: Don't drop CB requests with invalid principals
    - net: ethoc: Fix early error paths
    - [x86] KVM: nVMX: fix lifetime issues for vmcs02
    - [x86] KVM: nVMX: Fix memory corruption when using VMCS shadowing
    - ext4: fix reference counting bug on block allocation error
    - ext4: short-cut orphan cleanup on error
    - Bluetooth: Fix l2cap_sock_setsockopt() with optname BT_RCVMTU
    - crypto: scatterwalk - Fix test in scatterwalk_done
    - tpm: read burstcount from TPM_STS in one 32-bit transaction
    - brcmsmac: Initialize power in brcms_c_stf_ss_algo_channel_get()
    - mtd: nand: fix bug writing 1 byte less than page size
    - hwmon: (adt7411) set bit 3 in CFG1 register
    - tty/vt/keyboard: fix OOB access in do_compute_shiftstate()
    - nfs: don't create zero-length requests
    - pps: do not crash when failed to register
    - [armhf/omap] hwmod data: Add sysc information for DSI
    - net/irda: fix NULL pointer dereference on memory allocation failure
    - l2tp: Correctly return -EBADF from pppol2tp_getname.
    - ceph: Correctly return NXIO errors from ceph_llseek
    - ubi: Fix race condition between ubi device creation and udev
    - tcp: consider recv buf for the initial window scale
    - ext4: validate that metadata blocks do not overlap superblock
    - [amd64] syscalls/64: Add compat_sys_keyctl for 32-bit userspace
    - balloon: check the number of available pages in leak balloon
    - dm flakey: error READ bios during the down_interval
    - mm/hugetlb: avoid soft lockup in set_max_huge_pages()
    - hostfs: Freeing an ERR_PTR in hostfs_fill_sb_common()
    - block: fix use-after-free in seq file (CVE-2016-7910)
    - netfilter: nfnetlink_queue: reject verdict request from different portid
    - USB: validate wMaxPacketValue entries in endpoint descriptors
    - [x86] mm: Disable preemption during CR3 read+write
    - megaraid_sas: Fix probing cards without io port
    - USB: serial: mos7720: fix non-atomic allocation in write path
    - USB: serial: mos7840: fix non-atomic allocation in write path
    - cdc-acm: fix wrong pipe type on rx interrupt xfers
    - usb: xhci: Fix panic if disconnect
    - xhci: don't dereference a xhci member after removing xhci
    - iio: accel: kxsd9: Fix raw read return
    - USB: fix typo in wMaxPacketSize validation
    - ubifs: Fix assertion in layout_in_gaps()
    - [x86] apic: Do not init irq remapping if ioapic is disabled
    - fs/seq_file: fix out-of-bounds read
    - ALSA: timer: fix division by zero after SNDRV_TIMER_IOCTL_CONTINUE
    - ALSA: timer: fix NULL pointer dereference on memory allocation failure
    - ALSA: timer: fix NULL pointer dereference in read()/ioctl() race
    - [x86] paravirt: Do not trace _paravirt_ident_*() functions
    - IB/core: Fix use after free in send_leave function
    - IB/ipoib: Fix memory corruption in ipoib cm mode connect flow
    - iio: accel: kxsd9: Fix scaling bug
    - sched/core: Fix a race between try_to_wake_up() and a woken up task
    - crypto: cryptd - initialize child shash_desc on import
    - ALSA: timer: Fix zero-division by continue of uninitialized instance
    - ALSA: rawmidi: Fix possible deadlock with virmidi registration
    - xfrm_user: propagate sec ctx allocation errors
    - NFSv4.1: Fix the CREATE_SESSION slot number accounting
    - crypto: skcipher - Fix blkcipher walk OOM crash
    - USB: change bInterval default to 10 ms
    - IB/ipoib: Don't allow MC joins during light MC flush
    - irda: Free skb on irda_accept error path.
    - xfrm: Fix memory leak of aead algorithm name
    - ocfs2/dlm: fix race between convert and migration
    - ocfs2: fix start offset to ocfs2_zero_range_for_truncate()
    - [x86] i2c-eg20t: fix race between i2c init and interrupt enable
    - btrfs: ensure that file descriptor used with subvol ioctls is a dir
    - can: dev: fix deadlock reported after bus-off
    - tracing: Move mutex to protect against resetting of seq data
    - ipmr, ip6mr: fix scheduling while atomic and a deadlock with
      ipmr_get_route
    - mm,ksm: fix endless looping in allocating memory when ksm enable
    - firewire: net: guard against rx buffer overflows (CVE-2016-8633)
    - fs: Avoid premature clearing of capabilities (CVE-2015-1350)
    - Btrfs: skip adding an acl attribute if we don't have to
    - posix_acl: Clear SGID bit when setting file permissions (CVE-2016-7097)
    - usbvision: revert commit 588afcc1
    - xenbus: don't BUG() on user mode induced condition
    - xenbus: don't look up transaction IDs for ordinary writes
    - ext3: NULL dereference in ext3_evict_inode()

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.113 (no functional change)
  * i8042: Revert ABI break in 3.2.84
  * fs: Fix ABI change in 3.2.84
  * can: Ignore ABI change in 3.2.84
  * [rt] Update to 3.2.84-rt122:
    - genirq: Fix pointer cast warning for randomness on 32-bit architectures
    - work-simple: Add missing #include <linux/export.h>
  * net: cleanups in sock_setsockopt() (CVE-2012-6704)
  * net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (CVE-2016-9793)
  * sg: Fix double-free when drives detach during SG_IO (CVE-2015-8962)
  * perf: Fix race in swevent hash (CVE-2015-8963)
  * isdn/gigaset: reset tty->receive_room when attaching ser_gigaset
  * tty: Prevent ldisc drivers from re-using stale tty fields (CVE-2015-8964)
  * block: fix use-after-free in sys_ioprio_get() (CVE-2016-7911)
  * HID: core: prevent out-of-bound readings (CVE-2016-7915)
  * net: ping: check minimum size on ICMP header length (CVE-2016-8399)
  * packet: fix race condition in packet_set_ring (CVE-2016-8655)
  * sctp: validate chunk len before actually using it (CVE-2016-9555)
  * sg_write()/bsg_write() is not fit to be called under KERNEL_DS
    (CVE-2016-9576, CVE-2016-10088)
  * [x86] Fix potential infoleak in older kernels (CVE-2016-9178)
  * [x86] KVM: drop error recovery in em_jmp_far and em_ret_far (CVE-2016-9756)
  * ALSA: pcm : Call kill_fasync() in stream lock (CVE-2016-9794)
  * net: Add __sock_queue_rcv_skb()
  * rose,dccp: limit sk_filter trim to payload
  * tcp: take care of truncations done by sk_filter() (CVE-2016-8645)
  * security,perf: Allow unprivileged use of perf_event_open to be disabled
    (sysctl: kernel.perf_event_paranoid=3)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 31 Dec 2016 14:15:51 +0000

linux (3.2.82-1) wheezy-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.82
    - PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive()
    - aacraid: Fix for aac_command_thread hang
    - ext4: fix hang when processing corrupted orphaned inode list
    - char: Drop bogus dependency of DEVPORT on !M68K
    - tty: vt, return error when con_startup fails
    - ACPI / sysfs: fix error code in get_status()
    - sched/loadavg: Fix loadavg artifacts on fully idle and on fully
      loaded systems
    - mmc: mmc: Fix partition switch timeout for some eMMCs
    - net/mlx4_core: Fix access to uninitialized index
    - [x86] PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs
    - PCI: Disable all BAR sizing for devices with non-compliant BARs
    - fs/cifs: correctly do anonymous authentication
    - sunrpc: Update RPCBIND_MAXNETIDLEN
    - Input: uinput - handle compat ioctl for UI_SET_PHYS
    - wait/ptrace: assume __WALL if the child is traced
    - [x86] xen/events: Don't move disabled irqs
    - RDMA/cxgb3: device driver frees DMA memory with different size
    - Input: xpad - prevent spurious input from wired Xbox 360 controllers
    - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
    - [armhf] fix PTRACE_SETVFPREGS on SMP systems
    - [x86] KVM: fix OOPS after invalid KVM_SET_DEBUGREGS
    - fs: fix d_walk()/non-delayed __d_free() race
    - usb: f_fs: off by one bug in _ffs_func_bind()
    - [armhf/omap] usb: musb: Ensure rx reinit occurs for shared_fifo endpoints
    - [armhf/omap] usb: musb: Stop bulk endpoint while queue is rotated
    - [armhf/omap] staging:iio: trigger fixes for repeat request of same
      trigger and allocation failure
    - [armhf/omap] iio: Fix error handling in iio_trigger_attach_poll_func
    - [x86] drm/radeon: fix asic initialization for virtualized environments
    - [x86] kprobes: Clear TF bit in fault on single-stepping
    - kernel/sysrq, watchdog, sched/core: Reset watchdog on all CPUs while
      processing sysrq-w
    - base: make module_create_drivers_dir race-free
    - [x86] kvm: Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES
    - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
    - isa: Call isa_bus_init before dependent ISA bus drivers register
    - [x86] hwmon: (dell-smm) Restrict fan control and serial number to
      CAP_SYS_ADMIN by default
    - ubi: Make recover_peb power cut aware
    - UBIFS: Implement ->migratepage()
    - can: fix oops caused by wrong rtnl dellink usage
    - [x86] xen/pciback: Fix conf_space read/write overlap check.
    - IB/mlx4: Fix the SQ size of an RC QP
    - Input: wacom_w8001 - w8001_MAX_LENGTH should be 13
    - ALSA: dummy: Fix a use-after-free at closing
    - fs/nilfs2: fix potential underflow in call to crc32_le
    - [armhf/omap] staging: iio: accel: fix error check
    - ALSA: echoaudio: Fix memory allocation
    - NFS: Fix another OPEN_DOWNGRADE bug
    - batman-adv: Fix use-after-free/double-free of tt_req_node
    - [x86] ALSA: au88x0: Fix calculation in vortex_wtdma_bufshift()
    - [x86] amd_nb: Fix boot crash on non-AMD systems
    - bonding: prevent out of bound accesses
    - ALSA: timer: Fix negative queue usage by racy accesses
    - qeth: delete napi struct when removing a qeth device
    - ecryptfs: don't allow mmap when the lower fs doesn't support it
      (CVE-2016-1583)
    - cifs: dynamic allocation of ntlmssp blob
    - proc: prevent stacking filesystems on top (CVE-2016-1583)

  [ Ben Hutchings ]
  * Revert "ecryptfs: forbid opening files without mmap handler", redundant
    with upstream fixes
  * fs: Move procfs/ecryptfs stacking check into ecryptfs, to avoid ABI change
  * Bluetooth: Fix potential NULL dereference in RFCOMM bind callback
    (CVE-2015-8956)
  * KEYS: Fix short sprintf buffer in /proc/keys show function (CVE-2016-7042)
  * scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (CVE-2016-7425)
  * [rt] Update to 3.2.82-rt119:
    - timers: wakeup all timer waiters
    - timers: wakeup all timer waiters without holding the base lock
    - net: add back the missing serialization in ip_send_unicast_reply()
    - net: add a lock around icmp_sk()
    - fs/dcache: resched/chill only if we make no progress
    - fs/dcache: incremental fixup of the retry routine
  * mm, gup: close FOLL MAP_PRIVATE race (CVE-2016-5195)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 19 Oct 2016 17:53:05 +0100

linux (3.2.81-2) wheezy-security; urgency=high

  * linux-source: Fix build failure for non-modular configurations
    (Closes: #827561; regression in 3.2.81-1)
  * KEYS: potential uninitialized variable (CVE-2016-4470)
  * HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands
    (CVE-2016-5829)
  * tcp: make challenge acks less predictable (CVE-2016-5696)
  * audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136)
  * [rt] Update to 3.2.81-rt117:
    - [x86] Revert: KVM: lapic: mark LAPIC timer handler as irqsafe
    - trace: correct off by one while recording the trace-event
    - [x86] Fix an RT MCE crash
  * [arm*] oabi compat: add missing access checks (CVE-2016-3857)
  * aacraid: Check size values after double-fetch from user (CVE-2016-6480)
  * tcp: fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828)
  * fs: Fix oops when fcntl() is called on an aufs directory (CVE-2016-7118;
    regression in 3.2.81-1)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 31 Aug 2016 14:02:14 +0100

linux (3.2.81-1) wheezy-security; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.79
    - [x86] iommu/vt-d: Fix 64-bit accesses to 32-bit DMAR_GSTS_REG
    - wext: fix message delay/ordering
    - cfg80211/wext: fix message ordering
    - mac80211: fix use of uninitialised values in RX aggregation
    - nfs: fix nfs_size_to_loff_t
    - cifs: fix erroneous return value
    - [s390*] dasd: prevent incorrect length error under z/VM after PAV changes
    - [s390*] dasd: fix refcount for PAV reassignment
    - libata: fix HDIO_GET_32BIT ioctl
    - xen/pciback: Check PF instead of VF for PCI_COMMAND_MEMORY
    - xen/pciback: Save the number of MSI-X entries to be copied later.
    - xen/pcifront: Fix mysterious crashes when NUMA locality information was
      extracted.
    - ALSA: seq: Fix leak of pool buffer at concurrent writes
    - tracepoints: Do not trace when cpu is offline
    - tracing: Fix freak link error caused by branch tracer
    - ALSA: seq: Fix double port list deletion
    - af_unix: Don't set err in unix_stream_read_generic unless there was
      an error
    - [amd64] uaccess: Handle the caching of 4-byte nocache copies properly in
      __copy_user_nocache()
    - usb: dwc3: Fix assignment of EP transfer resources
    - net/mlx4_en: Count HW buffer overrun only once
    - USB: option: add support for SIM7100E
    - USB: cp210x: add IDs for GE B650V3 and B850V3 boards
    - USB: option: add "4G LTE usb-modem U901"
    - [x86] Adding Intel Lewisburg device IDs for SATA
    - ext4: fix bh->b_state corruption
    - kernel/resource.c: fix muxed resource handling in __request_region()
    - can: ems_usb: Fix possible tx overflow
    - mac80211: minstrel_ht: set default tx aggregation timeout to 0
    - sunrpc/cache: fix off-by-one in qword_get()
    - KVM: async_pf: do not warn on page allocation failures
    - Revert "jffs2: Fix lock acquisition order bug in jffs2_write_begin"
    - jffs2: Fix page lock / f->sem deadlock
    - Fix directory hardlinks from deleted directories
    - libata: Align ata_device's id on a cacheline
    - ipr: Fix out-of-bounds null overwrite
    - ipr: Fix regression when loading firmware
    - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED
    - hpfs: don't truncate the file when delete fails
    - ALSA: timer: Fix broken compat timer user status ioctl
    - ALSA: hdspm: Fix wrong boolean ctl value accesses
    - ALSA: hdsp: Fix wrong boolean ctl value accesses
    - USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder
    - ASoC: wm8958: Fix enum ctl accesses in a wrong type
    - ASoC: wm8994: Fix enum ctl accesses in a wrong type
    - USB: serial: option: add support for Quectel UC20
    - ALSA: seq: oss: Don't drain at closing a client
    - [x86] PM / sleep: Fix crash on graph trace through x86 suspend
    - IB/core: Use GRH when the path hop-limit > 0
    - mld, igmp: Fix reserved tailroom calculation
    - [mips*] traps: Fix SIGFPE information leak from `do_ov' and
      `do_trap_or_bp'
    - ubi: Fix out of bounds write in volume update code
    - [s390*] mm: four page table levels vs. fork (CVE-2016-2143)
    - Input: aiptek - fix crash on detecting device without endpoints
    - include/linux/poison.h: fix LIST_POISON{1,2} offset (CVE-2016-0821)
    - HID: usbhid: fix recursive deadlock
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.80
    - [x86] EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr()
    - 8250: use callbacks to access UART_DLL/UART_DLM
    - net: irda: Fix use-after-free in irtty_open()
    - usb: retry reset if a device times out
    - mac80211: avoid excessive stack usage in sta_info
    - nfsd4: fix bad bounds checking
    - xfs: fix two memory leaks in xfs_attr_list.c error paths
    - drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors
    - usb: hub: fix a typo in hub_port_init() leading to wrong logic
    - [x86] KVM: i8254: change PIT discard tick policy
    - ipvs: correct initial offset of Call-ID header search in SIP
      persistence engine
    - [x86] PCI: Mark Broadwell-EP Home Agent & PCU as having non-compliant BARs
    - be2iscsi: set the boot_kset pointer to NULL in case of failure
    - sg: fix dxferp in from_to case
    - jbd2: fix FS corruption possibility in jbd2_journal_destroy() on
      umount path
    - dm snapshot: disallow the COW and origin devices from being identical
    - [x86] ALSA: intel8x0: Add clock quirk entry for AD1981B on IBM
      ThinkPad X41.
    - Input: powermate - fix oops with malicious USB descriptors (CVE-2016-2186)
    - net: Fix use after free in the recvmmsg exit path
    - ath9k: fix buffer overrun for ar9287
    - ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()
      (CVE-2016-2184)
    - ALSA: usb-audio: Add sanity checks for endpoint accesses
    - nfsd: fix deadlock secinfo+readdir compound
    - ppp: ensure file->private_data can't be overridden
    - [amd64] iopl: Properly context-switch IOPL on Xen PV (CVE-2016-3157)
    - raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang
    - raid10: include bio_end_io_list in nr_queued to prevent freeze_array hang
    - Input: synaptics - handle spurious release of trackstick buttons, again
    - USB: iowarrior: fix oops with malicious USB descriptors
    - USB: usb_driver_claim_interface: add sanity checking
    - USB: cdc-acm: more sanity checking (CVE-2016-3138)
    - tracing: Fix crash from reading trace_pipe with sendfile
    - splice: handle zero nr_pages in splice_to_pipe()
    - ethernet: micrel: fix some error codes
    - fs/coredump: prevent fsuid=0 dumps into user-controlled directories
    - ppp: take reference on channels netns
    - Input: ati_remote2 - fix crashes on detecting device with invalid
      descriptor (CVE-2016-2185)
    - ocfs2/dlm: fix race between convert and recovery
    - ocfs2/dlm: fix BUG in dlm_move_lockres_to_recovery_list
    - hwmon: (max1111) Return -ENODEV from max1111_read_channel if not
      instantiated
    - ALSA: usb-audio: Fix double-free in error paths after
      snd_usb_add_audio_stream() call
    - USB: mct_u232: add sanity checking in probe (CVE-2016-3136)
    - USB: cypress_m8: add endpoint sanity check (CVE-2016-3137)
    - USB: digi_acceleport: do sanity checking for the number of ports
      (CVE-2016-3140)
    - sd: Fix excessive capacity printing on devices with blocks bigger than
      512 bytes
    - [x86] KVM: Inject pending interrupt even if pending nmi exist
    - ALSA: timer: Use mod_timer() for rearming the system timer
    - xen/events: Mask a moving irq
    - netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs
      (CVE-2016-3134)
      + validate e->target_offset early
      + make sure e->next_offset covers remaining blob size
    - [x86] mm/32: Enable full randomization on i386 and X86_32 (CVE-2016-3672)
    - usbnet: cleanup after bind() in probe() (CVE-2016-3951)
    - USB: usbip: fix potential out-of-bounds write (CVE-2016-3955)
    - ipv4: Don't do expensive useless work during inetdev destroy.
      (CVE-2016-3156)
    - ext4: fix NULL pointer dereference in ext4_mark_inode_dirty()
    - sctp: sctp should release assoc when sctp_make_abort_user return NULL
      in sctp_close
    - connector: bump skb->users before callback invocation
    - phonet: properly unshare skbs in phonet_rcv()
    - net: dp83640: Fix tx timestamp overflow handling.
    - ipv6/udp: use sticky pktinfo egress ifindex on connect()
    - ipv4: fix memory leaks in ip_cmsg_send() callers
    - pppoe: fix reference counting in PPPoE proxy
    - sctp: Fix port hash table size computation
    - bio: return EINTR if copying to user space got interrupted
    - sctp: lack the check for ports in sctp_v6_cmp_addr
    - macvtap: always pass ethernet header in linear
    - farsync: fix off-by-one bug in fst_add_one
    - xfrm: Fix crash observed during device unregistration and decryption
    - ipv4: l2tp: fix a potential issue in l2tp_ip_recv
    - ipv6: Count in extension headers in skb->network_header
    - netfilter: x_tables: fix unconditional helper
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.81
    - [x86] microcode/amd: Do not overwrite final patch levels
    - crypto: gcm - fix rfc4543 to handle async crypto correctly
    - crypto: gcm - Fix rfc4543 decryption crash
    - [x86] Add 1/2/4/8 byte optimization to 64bit
      __copy_{from,to}_user_inatomic
    - ipmi: fix timeout calculation when bmc is disconnected
    - Input: gtco - fix crash on detecting device without endpoints
      (CVE-2016-2187)
    - libahci: save port map for forced port map
    - [x86] kvm: do not leak guest xcr0 into host interrupt handlers
    - nl80211: check netlink protocol in socket release notification
    - usb: xhci: applying XHCI_PME_STUCK_QUIRK to Intel BXT B0 host
    - usb: xhci: fix wild pointers in xhci_mem_cleanup
    - USB: uas: Add a new NO_REPORT_LUNS quirk
    - usb: hcd: out of bounds access in for_each_companion
    - Input: pmic8xxx-pwrkey - fix algorithm for converting trigger delay
    - hugetlb: ensure hugepage access is denied if hugepages are not supported
    - mm: hugetlb: allow hugepages_supported to be architecture specific
    - [x86] mm/xen: Suppress hugetlbfs in PV guests (CVE-2016-3961)
    - batman-adv: Check skb size before using encapsulated ETH+VLAN header
    - batman-adv: Reduce refcnt of removed router when updating route
    - batman-adv: Fix broadcast/ogm queue limit on a removed interface
    - IB/security: Restrict use of the write() interface (CVE-2016-4565)
    - thp: introduce hugepage_vma_check()
    - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check
    - [x86] EDAC: i7core, sb_edac: Don't return NOTIFY_BAD from mce_decoder
      callback
    - Make hash_64() use a 64-bit multiply when appropriate
    - Minimal fix-up of bad hashing behavior of hash_64()
    - ACPICA: Dispatcher: Update thread ID for recursive method calls
    - crypto: hash - Fix page length clamping in hash walk
    - proc: prevent accessing /proc/<PID>/environ until it's ready
    - get_rock_ridge_filename(): handle malformed NM entries (CVE-2016-4913)
    - nf_conntrack: avoid kernel pointer value leak in slab name
    - net: fix infoleak in llc (CVE-2016-4485)
    - net: fix infoleak in rtnetlink (CVE-2016-4486)
    - net: fix a kernel infoleak in x25 module (CVE-2016-4580)

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.112:
    - drm: add a check for x/y in drm_mode_setcrtc
    - drm/radeon/combios: add some validation of lvds values
    - DRM - radeon: Don't link train DisplayPort on HPD until we get the dpcd
    - Add radeon suspend/resume quirk for HP Compaq dc5750.
    - drm: crtc: integer overflow in drm_property_create_blob()
    - drm/nouveau/gem: return only valid domain when there's only one
  * Revert "libata: Align ata_device's id on a cacheline" to avoid ABI change
  * [rt] Update to 3.2.78-rt113:
    - latencyhist: disable jump-labels
    - kernel: migrate_disable() do fastpath in atomic & irqs-off
    - kernel: softirq: unlock with irqs on
    - rcu/torture: Comment out rcu_bh ops on PREEMPT_RT_FULL
    - kernel: sched: Fix preempt_disable_ip recodring for preempt_disable()
  * Revert "net/ipv6: add sysctl option accept_ra_min_hop_limit" to avoid
    ABI change
  * aufs: Make fcntl(F_SETFL, ...) work (Closes: #627782):
    - for aufs: new f_op->setfl() to support fcntl(F_SETFL)
    - aufs: implement new f_op->setfl()
    - fs: Fix ABI change for aufs F_SETFL fix
  * stable-update: Rewrite stable-update.sh in Python
  * USB: usbfs: fix potential infoleak in devio (CVE-2016-4482)
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (CVE-2016-4569)
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback or
    snd_timer_user_tinterrupt (CVE-2016-4578)
  * tipc: fix an infoleak in tipc_node_get_links (CVE-2016-5243)
  * rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244)
  * ecryptfs: fix handling of directory opening
  * ecryptfs: forbid opening files without mmap handler (CVE-2016-1583)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 16 Jun 2016 17:25:10 +0100

linux (3.2.78-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.74
    - PCI: Fix devfn for VPD access through function 0
    - PCI: Use function 0 VPD for identical functions, regular VPD for others
    - mac80211: fix driver RSSI event calculations
    - HID: core: Avoid uninitialized buffer access
    - wm831x_power: Use IRQF_ONESHOT to request threaded IRQs
    - mwifiex: fix mwifiex_rdeeprom_read()
    - mtd: mtdpart: fix add_mtd_partitions error path
    - devres: fix a for loop bounds check
    - packet: fix match_fanout_group()
    - Btrfs: added helper btrfs_next_item()
    - Btrfs: fix file corruption and data loss after cloning inline extents
    - [x86] iommu/vt-d: Fix ATSR handling for Root-Complex integrated endpoints
    - Btrfs: don't use ram_bytes for uncompressed inline items
    - Btrfs: fix truncation of compressed and inlined extents
    - ext4, jbd2: ensure entering into panic after recording an error in
      superblock
    - ACPI: Use correct IRQ when uninstalling ACPI interrupt handler
    - ALSA: hda - Disable 64bit address for Creative HDA controllers
    - megaraid_sas: Do not use PAGE_SIZE for max_sectors
    - can: Use correct type in sizeof() in nla_put()
    - mtd: blkdevs: fix potential deadlock + lockdep warnings
    - crypto: algif_hash - Only export and import on sockets with data
    - megaraid_sas : do not access user memory from IOCTL code
    - ipv6: fix tunnel error handling
    - ALSA: hda - Apply pin fixup for HP ProBook 6550b
    - firewire: ohci: fix JMicron JMB38x IT context discovery
    - scsi: restart list search after unlock in scsi_remove_target
    - [amd64] cpu: Call verify_cpu() after having entered long mode too
    - Btrfs: fix race leading to incorrect item deletion when dropping extents
    - Btrfs: fix race leading to BUG_ON when running delalloc for nodatacow
    - perf: Fix inherited events vs. tracepoint filters
    - scsi_sysfs: Fix queue_ramp_up_period return code
    - Btrfs: fix race when listing an inode's xattrs
    - net: fix a race in dst_release()
    - FS-Cache: Increase reference of parent after registering, netfs success
    - FS-Cache: Don't override netfs's primary_index if registering failed
    - FS-Cache: Handle a write to the page immediately beyond the EOF marker
    - binfmt_elf: Don't clobber passed executable's file header
    - fs: make dumpable=2 require fully qualified path
    - fs: if a coredump already exists, unlink and recreate with O_EXCL
    - irda: precedence bug in irlmp_seq_hb_idx()
    - RDS-TCP: Recover correctly from pskb_pull()/pksb_trim() failure in
      rds_tcp_data_recv
    - ipmr: fix possible race resulting from improper usage of IP_INC_STATS_BH()
      in preemptible context.
    - net: avoid NULL deref in inet_ctl_sock_destroy()
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.75
    - fuse: break infinite loop in fuse_fill_write_pages()
    - sctp: translate host order to network order when setting a hmacid
    - ALSA: usb-audio: add packet size quirk for the Medeli DD305
    - ALSA: usb-audio: prevent CH345 multiport output SysEx corruption
    - ALSA: usb-audio: work around CH345 input SysEx corruption
    - usb: musb: core: fix order of arguments to ulpi write callback
    - ASoC: wm8962: correct addresses for HPF_C_0/1
    - net: fix __netdev_update_features return on ndo_set_features failure
    - FS-Cache: Add missing initialization of ret in cachefiles_write_page()
    - mac80211: mesh: fix call_rcu() usage
    - macvlan: fix leak in macvlan_handle_frame
    - xhci: Add XHCI_INTEL_HOST quirk
    - xhci: Workaround to get Intel xHCI reset working more reliably
    - usblp: do not set TASK_INTERRUPTIBLE before lock
    - mac: validate mac_partition is within sector
    - ip6mr: call del_timer_sync() in ip6mr_free_table()
    - net: ip6mr: fix static mfc/dev leaks on table destruction
    - can: sja1000: clear interrupts on start
    - USB: cp210x: Remove CP2110 ID from compatibility list
    - USB: cdc-acm - Add IGNORE_DEVICE quirk
    - USB: cdc_acm: Ignore Infineon Flash Loader utility
    - fix sysvfs symlinks
    - vfs: Make sendfile(2) killable even better
    - vfs: Avoid softlockups with sendfile(2)
    - broadcom: fix PHY_ID_BCM5481 entry in the id table
    - ring-buffer: Update read stamp with first real commit on page
    - ext4: Fix handling of extended tv_sec
    - jbd2: Fix unreclaimed pages after truncate in data=journal mode
    - nfs: if we have no valid attrs, then don't declare the attribute cache
      valid
    - AHCI: Fix softreset failed issue of Port Multiplier
    - sata_sil: disable trim
    - wan/x25: Fix use-after-free in x25_asy_open_tty()
    - USB: whci-hcd: add check for dma mapping error
    - usb: Use the USB_SS_MULT() macro to decode burst multiplier for log message
    - dm btree: fix leak of bufio-backed block in btree_split_sibling error path
    - ipv4: igmp: Allow removing groups from a removed interface
    - locking: Add WARN_ON_ONCE lock assertion
    - sched/core: Remove false-positive warning from wake_up_process()
    - sched/core: Clear the root_domain cpumasks in init_rootdomain()
    - usb: xhci: fix config fail of FS hub behind a HS hub with MTT
    - ALSA: rme96: Fix unexpected volume reset after rate changes
    - 9p: ->evict_inode() should kick out ->i_data, not ->i_mapping
    - ipmi: move timer init to before irq is setup
    - dm btree: fix bufio buffer leaks in dm_btree_del() error path
    - vgaarb: fix signal handling in vga_get()
    - mm, vmstat: allow WQ concurrency to discover memory reclaim doesn't make
      any progress
    - mm: hugetlb: call huge_pte_alloc() only if ptep is null
    - snmp: Remove duplicate OUTMCAST stat increment
    - tcp: initialize tp->copied_seq in case of cross SYN connection
    - net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds
    - net: ipmr: fix static mfc/dev leaks on table destruction
    - ipv6: distinguish frag queues by device for multicast and link-local
      packets
    - dccp: remove unnecessary codes in ipv6.c
    - ipv6: add complete rcu protection around np->opt
    - ipv6: sctp: implement sctp_v6_destroy_sock()
    - atl1c: Improve driver not to do order 4 GFP_ATOMIC allocation
    - sctp: update the netstamp_needed counter when copying sockets
    - ipv6: sctp: clone options to avoid use after free
    - af_unix: Revert 'lock_interruptible' in stream receive code
    - af_unix: fix a fatal race with bit fields
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.76
    - sctp: start t5 timer only when peer rwnd is 0 and local state is
      SHUTDOWN_PENDING
    - ipv6: sctp: fix lockdep splat in sctp_v6_get_dst()
    - video: fbdev: fsl: Fix kernel crash when diu_ops is not implemented
    - crypto: skcipher - Copy iv from desc even for 0-len walks
    - rfkill: copy the name into the rfkill struct
    - ses: Fix problems with simple enclosures
    - ses: fix additional element traversal bug
    - tty: Fix GPF in flush_to_ldisc()
    - ALSA: tlv: compute TLV_*_ITEM lengths automatically
    - ALSA: tlv: add DECLARE_TLV_DB_RANGE()
    - ALSA: usb-audio: Add a more accurate volume quirk for AudioQuest DragonFly
    - sh_eth: fix TX buffer byte-swapping
    - mISDN: fix a loop count
    - ser_gigaset: fix deallocation of platform device structure
    - spi: fix parent-device reference leak
    - [s390*] dis: Fix handling of format specifiers
    - USB: ipaq.c: fix a timeout loop
    - USB: fix invalid memory access in hub_activate()
    - ipv6/addrlabel: fix ip6addrlbl_get()
    - ocfs2: fix BUG when calculate new backup super
    - mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone()
    - [mips*] Fix restart of indirect syscalls
    - net/core: revert "net: fix __netdev_update_features return.." and add
      comment
    - genirq: Prevent chip buslock deadlock
    - net: possible use after free in dst_release
    - [x86] kvm: only channel 0 of the i8254 is linked to the HPET
    - vmstat: allocate vmstat_wq before it is used
    - cdrom: Random writing support for BD-RE media
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.77
    - gspca: ov534/topro: prevent a division by 0
    - media: dvb-core: Don't force CAN_INVERSION_AUTO in oneshot mode
    - rc: allow rc modules to be loaded if rc-main is not a module
    - SCSI: initio: remove duplicate module device table
    - [x86] KVM: expose MSR_TSC_AUX to userspace
    - [x86] KVM: correctly print #AC in traces
    - ath9k_htc: check for underflow in ath9k_htc_rx_msg()
    - mtd: nand: fix ONFI parameter page layout
    - drm/radeon: call hpd_irq_event on resume
    - xhci: refuse loading if nousb is used
    - rtlwifi: fix memory leak for USB device
    - wlcore: SPI - fix spi transfer_list
    - wlcore/wl12xx: spi: fix oops on firmware load
    - EDAC: Robustify workqueues destruction
    - powerpc: Make value-returning atomics fully ordered
    - powerpc: Make {cmp}xchg* and their atomic_ versions fully ordered
    - asix: silence log message from oversize packet
    - futex: Drop refcount if requeue_pi() acquired the rtmutex
    - ALSA: fm801: propagate TUNER_ONLY bit when autodetected
    - drm/radeon: clean up fujitsu quirks
    - udf: limit the maximum number of indirect extents in a row
    - USB: cp210x: add ID for ELV Marble Sound Board 1
    - posix-clock: Fix return code on the poll method's error path
    - [x86] LDT: Print the real LDT base address
    - rtlwifi: rtl8192de: Fix incorrect module parameter descriptions
    - rtlwifi: rtl8192se: Fix module parameter initialization
    - rtlwifi: rtl8192ce: Fix handling of module parameters
    - rtlwifi: rtl8192cu: Add missing parameter setup
    - NFS: Fix attribute cache revalidation
    - Input: i8042 - add Fujitsu Lifebook U745 to the nomux list
    - [x86] xen: don't reset vcpu_info on a cancelled suspend
    - udf: Prevent buffer overrun with multi-byte characters
    - udf: Check output buffer length when converting name to CS0
    - power: test_power: correctly handle empty writes
    - locks: fix unlock when fcntl_setlk races with a close
    - dm snapshot: fix hung bios when copy error occurs
    - ipv6: tcp: add rcu locking in tcp_v6_send_synack()
    - [x86] mm: Add barriers and document switch_mm()-vs-flush synchronization
    - [x86] boot: Double BOOT_HEAP_SIZE to 64KB
    - [x86] reboot/quirks: Add iMac10,1 to pci_reboot_dmi_table[]
    - ALSA: seq: Fix missing NULL check at remove_events ioctl
    - ALSA: seq: Fix race at timer setup and close
    - [hppa] Fix __ARCH_SI_PREAMBLE_SIZE
    - [x86] mm: Improve switch_mm() barrier comments
    - ALSA: timer: Fix double unlink of active_list
    - ALSA: timer: Fix race among timer ioctls
    - [sparc64] fix incorrect sign extension in sys_sparc64_personality
    - cifs: Ratelimit kernel log messages
    - cifs: fix race between call_async() and reconnect()
    - cifs_dbg() outputs an uninitialized buffer in cifs_readdir()
    - dma-debug: switch check from _text to _stext
    - ocfs2/dlm: ignore cleaning the migration mle that is inuse
    - ALSA: timer: Harden slave timer list handling
    - memcg: only free spare array when readers are done
    - printk: help pr_debug and pr_devel to optimize out arguments
    - crypto: af_alg - Fix socket double-free when accept fails
    - ALSA: hrtimer: Fix stall by hrtimer_cancel()
    - ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode
    - ALSA: seq: Fix snd_seq_call_port_info_ioctl in compat mode
    - ALSA: control: Avoid kernel warnings from tlv ioctl with numid 0
    - IB/qib: fix mcast detach when qp not attached
    - IB/mlx4: Initialize hop_limit when creating address handle
    - ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with
      ocfs2_unblock_lock
    - crypto: algif_skcipher - Require setkey before accept(2)
    - crypto: af_alg - Disallow bind/setkey/... after accept(2)
    - crypto: af_alg - Add nokey compatibility path
    - crypto: algif_skcipher - Add nokey compatibility path
    - crypto: hash - Add crypto_ahash_has_setkey
    - crypto: algif_hash - Require setkey before accept(2)
    - crypto: skcipher - Add crypto_skcipher_has_setkey
    - crypto: algif_skcipher - Add key check exception for cipher_null
    - crypto: af_alg - Allow af_af_alg_release_parent to be called on nokey path
    - crypto: algif_hash - Remove custom release parent function
    - crypto: algif_skcipher - Remove custom release parent function
    - crypto: af_alg - Forbid bind(2) when nokey child sockets are present
    - crypto: algif_hash - Fix race condition in hash_check_key
    - crypto: algif_skcipher - Fix race condition in skcipher_check_key
    - crypto: algif_skcipher - Load TX SG list after waiting
    - sctp: Prevent soft lockup when sctp_accept() is called during a timeout
      event
    - usbvision-video: fix memory leak of alt_max_pkt_size
    - usbvision: fix leak of usb_dev on failure paths in usbvision_probe()
    - usbvision fix overflow of interfaces array
    - usbvision: fix crash on detecting device with invalid configuration
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.78
    - [x86] KVM: vmx: fix MPX detection
    - hrtimer: Handle remaining time proper for TIME_LOW_RES
    - timerfd: Handle relative timers with CONFIG_TIME_LOW_RES proper
    - posix-timers: Handle relative timers with CONFIG_TIME_LOW_RES proper
    - itimers: Handle relative timers with CONFIG_TIME_LOW_RES proper
    - usb: cdc-acm: send zero packet for intel 7260 modem
    - cdc-acm:exclude Samsung phone 04e8:685d
    - af_unix: fix struct pid memory leak
    - pptp: fix illegal memory access caused by multiple bind()s
    - sctp: allow setting SCTP_SACK_IMMEDIATELY by the application
    - USB: cp210x: add ID for IAI USB to RS485 adaptor
    - USB: visor: fix null-deref at probe
    - USB: serial: visor: fix crash on detecting device without write_urbs
    - USB: serial: option: Adding support for Telit LE922
    - ALSA: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup()
    - ALSA: seq: Degrade the error message for too many opens
    - USB: serial: ftdi_sio: add support for Yaesu SCU-18 cable
    - PCI/AER: Flush workqueue on device remove to avoid use-after-free
    - libata: disable forced PORTS_IMPL for >= AHCI 1.3
    - virtio_pci: fix use after free on release
    - rfkill: fix rfkill_fop_read wait_event usage
    - SCSI: fix crashes in sd and sr runtime PM
    - tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)
    - crypto: shash - Fix has_key setting
    - ALSA: dummy: Disable switching timer backend via sysfs
    - [x86] drm/vmwgfx: respect 'nomodeset'
    - [x86] mm/pat: Avoid truncation when converting cpa->numpages to address
    - crypto: algif_hash - wait for crypto_ahash_init() to complete
    - [x86] intel_scu_ipcutil: underflow in scu_reg_access()
    - ALSA: seq: Fix race at closing in virmidi driver
    - ALSA: rawmidi: Remove kernel WARNING for NULL user-space buffer check
    - ALSA: pcm: Fix potential deadlock in OSS emulation
    - ALSA: seq: Fix yet another races among ALSA timer accesses
    - ALSA: timer: Fix link corruption due to double start or stop
    - libata: fix sff host state machine locking while polling
    - ALSA: rawmidi: Make snd_rawmidi_transmit() race-free
    - ALSA: rawmidi: Fix race at copying & updating the position
    - ALSA: seq: Fix lockdep warnings due to double mutex locks
    - Revert "xhci: don't finish a TD if we get a short-transfer event mid TD"
    - [x86] usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Broxton-M platforms
    - xhci: Fix list corruption in urb dequeue at host removal
    - tda1004x: only update the frontend properties if locked
    - ALSA: timer: Fix leftover link at closing
    - saa7134-alsa: Only frees registered sound cards
    - scsi_dh_rdac: always retry MODE SELECT on command lock violation
    - mm, vmstat: fix wrong WQ sleep when memory reclaim doesn't make any
      progress
    - ocfs2/dlm: clear refmap bit of recovery lock while doing local
      recovery cleanup
    - crypto: user - lock crypto_alg_list on alg dump
    - klist: fix starting point removed bug in klist iterators
    - ALSA: dummy: Implement timer backend switching more safely
    - ALSA: timer: Fix wrong instance passed to slave callbacks
    - [arm*] 8517/1: ICST: avoid arithmetic overflow in icst_hz()
    - sctp: translate network order to host order when users get a hmacid
    - ALSA: timer: Fix race between stop and interrupt
    - ALSA: timer: Fix race at concurrent reads
    - [x86] ahci: Intel DNV device IDs SATA
    - [arm*] 8519/1: ICST: try other dividends than 1
    - btrfs: properly set the termination value of ctx->pos in readdir
    - ALSA: usb-audio: avoid freeing umidi object twice
    - unix: properly account for FDs passed over unix sockets
    - unix: correctly track in-flight fds in sending process user_struct
    - pipe: limit the per-user amount of pages allocated in pipes
    - iw_cxgb3: Fix incorrectly returning error on success
    - pipe: Fix buffer offset after partially failed read
    - sched: fix __sched_setscheduler() vs load balancing race

  [ Ben Hutchings ]
  * net: Ignore ABI changes due to "ipv6: add complete rcu protection around
    np->opt", which don't appear to affect out-of-tree modules
  * [rt] Update to 3.2.77-rt111:
    - rtmutex: Handle non enqueued waiters gracefully
    - rtmutex: Use chainwalking control enum
    - dump stack: don't disable preemption during trace
    - net: Make synchronize_rcu_expedited() conditional on
    - sched: Introduce the trace_sched_waking tracepoint
    - rtmutex: Have slowfn of rt_mutex_timed_fastlock() use
  * Revert "crypto: algif_skcipher - Do not dereference ctx without socket lock"
    (regression in 3.2.78)
  * crypto: {blk,giv}cipher: Set has_setkey (avoids regressing cryptsetup;
    see #815480)
  * [rt] Fix trace function type mismatch introduced in 3.2.77-rt111

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 07 Mar 2016 02:33:29 +0000

linux (3.2.73-2+deb7u3) wheezy-security; urgency=high

  [ Ben Hutchings ]
  * usb: serial: visor: fix crash on detecting device without write_urbs
    (CVE-2015-7566)
  * sctp: Prevent soft lockup when sctp_accept() is called during a timeout event
    (CVE-2015-8767)
  * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (CVE-2016-0723)
  * fuse: break infinite loop in fuse_fill_write_pages() (CVE-2015-8785)
  * [x86] mm: Add barriers and document switch_mm()-vs-flush synchronization
    (CVE-2016-2069)
  * [x86] mm: Improve switch_mm() barrier comments
  * pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312)
    [Original reference is incorrect; should be CVE-2016-2847.]
  * iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812)
  * aufs: Fix regression due to "mm: make sendfile(2) killable"
    (Closes: #812207)
    - tiny, extract a new func xino_fwrite_wkq()
    - XINO handles EINTR from the dying process
  * af_unix: Guard against other == sk in unix_dgram_sendmsg
    (regression in 3.2.73-2+deb7u1)
  * pipe: Fix buffer offset after partially failed read (CVE-2016-0774)
  * ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-2384)
  * unix: correctly track in-flight fds in sending process user_struct
    (CVE-2016-2550)
  * USB: fix invalid memory access in hub_activate() (CVE-2015-8816)
  * ALSA: seq: Fix missing NULL check at remove_events ioctl (CVE-2016-2543)
  * ALSA: seq: Fix race at timer setup and close (CVE-2016-2544)
  * ALSA: timer: Fix double unlink of active_list (CVE-2016-2545)
  * ALSA: timer: Fix race among timer ioctls (CVE-2016-2546)
  * ALSA: timer: Harden slave timer list handling (CVE-2016-2547, CVE-2016-2548)
  * ALSA: hrtimer: Fix stall by hrtimer_cancel() (CVE-2016-2549)

  [ Salvatore Bonaccorso ]
  * unix: properly account for FDs passed over unix sockets (CVE-2013-4312)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 28 Feb 2016 23:14:54 +0000

linux (3.2.73-2+deb7u2) wheezy-security; urgency=medium

  * net: add validation for the socket syscall protocol argument (CVE-2015-8543)
  * [xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155)
  * [xen] pciback: Fix state validation in MSI control operations
    (CVE-2015-8551, CVE-2015-8852, XSA-157)
  * pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569)
  * bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575)
  * KEYS: Fix race between read and revoke (CVE-2015-7550)
  * [x86] KVM: Reload pit counters for all channels when restoring state
    (CVE-2015-7513)
  * udp: properly support MSG_PEEK with truncated buffers
    (Closes: #808293, regression in 3.2.72)
  * drm/radeon: fix hotplug race at startup
    (Closes: #808973, regression in 3.4.110)
  * Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
    (Closes: #808602, #808953, regression in 3.2.73)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 02 Jan 2016 03:31:22 +0000

linux (3.2.73-2+deb7u1) wheezy-security; urgency=medium

  * media: usbvision-video: fix memory leak of alt_max_pkt_size
  * media: usbvision: fix leak of usb_dev on failure paths in usbvision_probe()
  * media: usbvision: fix crash on detecting device with invalid configuration
    (CVE-2015-7833, partly fixed in 3.2.68-1+deb7u6)
  * [x86] KVM: svm: Restore #BP handler, mistakenly removed in 3.2.73-1
  * unix: avoid use-after-free in ep_remove_wait_queue (CVE-2013-7446)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 14 Dec 2015 21:28:02 +0000

linux (3.2.73-2) wheezy; urgency=medium

  * splice: sendfile() at once fails for big files (Closes: #785189)
  * drm, agp: Update to 3.4.110:
    - drm/radeon: take the mode_config mutex when dealing with hpds (v2)
    - [x86] agp/intel: Fix typo in needs_ilk_vtd_wa()
    - [x86] Revert "drm/i915: Don't skip request retirement if the active list
      is empty" (regression in 3.4.109) (Closes: #805880)
    - Revert "drm/radeon: Use drm_calloc_ab for CS relocs"
      (regression in 3.4.109)
    - drm/radeon: partially revert "fix VM_CONTEXT*_PAGE_TABLE_END_ADDR
      handling" (regression in 3.4.109)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 23 Nov 2015 23:45:54 +0000

linux (3.2.73-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.72
    - xen/gntdevt: Fix race condition in gntdev_release()
    - [armel/ixp4xx] crypto: Remove bogus BUG_ON on scattered dst buffer
    - target/iscsi: Fix double free of a TUR followed by a solicited NOPOUT
    - md/raid1: extend spinlock to protect raid1_end_read_request against
      inconsistencies
    - target: REPORT LUNS should return LUN 0 even for dynamic ACLs
    - [mips*] Fix sched_getaffinity with MT FPAFF enabled
    - xhci: fix off by one error in TRB DMA address boundary check
    - rds: fix an integer overflow test in rds_info_getsockopt()
    - perf: Fix fasync handling on inherited events
    - [mips*] Make set_pte() SMP safe.
    - ocfs2: fix BUG in ocfs2_downconvert_thread_do_work()
    - net: Clone skb before setting peeked flag
    - net: Fix skb_set_peeked use-after-free bug
    - [x86] ldt: Make modify_ldt synchronous
    - [x86] ldt: Correct LDT access in single stepping logic
    - [x86] ldt: Correct FPU emulation access to LDT
    - dm btree: add ref counting ops for the leaves of top level btrees
    - libiscsi: Fix host busy blocking during connection teardown
    - libfc: Fix fc_fcp_cleanup_each_cmd()
    - ipc,sem: fix use after free on IPC_RMID after a task using same semaphore
      set exits
    - [x86] ldt: Further fix FPU emulation
    - net: Fix RCU splat in af_key
    - sctp: donot reset the overall_error_count in SHUTDOWN_RECEIVE state
    - [sparc] Fix userspace FPU register corruptions. (Closes: #789180)
    - rc-core: fix remove uevent generation
    - PCI: Fix TI816X class code quirk
    - mac80211: enable assoc check for mesh interfaces
    - PCI: Add VPD function 0 quirk for Intel Ethernet devices
    - usb: gadget: m66592-udc: forever loop in set_feature()
    - auxdisplay: ks0108: fix refcount
    - devres: fix devres_get()
    - [powerpc] windfarm: decrement client count when unregistering
    - NFSv4: don't set SETATTR for O_RDONLY|O_EXCL
    - usb: host: ehci-sys: delete useless bus_to_hcd conversion
    - eCryptfs: Invalidate dcache entries when lower i_nlink is zero
    - xfs: Fix xfs_attr_leafblock definition
    - of/address: Don't loop forever in of_find_matching_node_by_address().
    - drivercore: Fix unregistration path of platform devices
    - xfs: return errors from partial I/O failures to files
    - IB/qib: Change lkey table allocation to support more MRs
    - SUNRPC: xs_reset_transport must mark the connection as disconnected
    - IB/mlx4: Use correct SL on AH query under RoCE
    - IB/uverbs: Fix race between ib_uverbs_open and remove_one
    - IB/uverbs: reject invalid or unknown opcodes
    - Input: evdev - do not report errors form flush()
    - [x86] crypto: ghash-clmulni: specify context size for ghash async
      algorithm
    - fs: create and use seq_show_option for escaping
    - ARM: 8429/1: disable GCC SRA optimization
    - pagemap: hide physical addresses from non-privileged users
    - [powerpc] MSI: Fix race condition in tearing down MSI interrupts
    - hfs,hfsplus: cache pages correctly between bnode_create and bnode_free
    - hfs: fix B-tree corruption after insertion at position 0
    - perf header: Fixup reading of HEADER_NRCPUS feature
    - USB: option: add ZTE PIDs
    - Btrfs: fix read corruption of compressed and shared extents
    - btrfs: skip waiting on ordered range for special files
    - [armhf] 7880/1: Clear the IT state independent of the Thumb-2 mode
    - [i386] platform: Fix Geode LX timekeeping in the generic x86 build
    - [s390*] compat: correct uc_sigmask of the compat signal frame
    - [x86] KVM: trap AMD MSRs for the TSeg base and mask
    - usb: Use the USB_SS_MULT() macro to get the burst multiplier.
    - xhci: give command abortion one more chance before killing xhci
    - usb: xhci: Clear XHCI_STATE_DYING on start
    - xhci: change xhci 1.0 only restrictions to support xhci 1.1
    - cifs: use server timestamp for ntlmv2 authentication
    - [x86] paravirt: Replace the paravirt nop with a bona fide empty function
    - ocfs2/dlm: fix deadlock when dispatch assert master
    - net/tipc: initialize security state for new connection socket
    - net: pktgen: fix race between pktgen_thread_worker() and kthread_stop()
    - net: Fix skb csum races when peeking
    - ipv6: lock socket in ip6_datagram_connect()
    - bonding: correct the MAC address for "follow" fail_over_mac policy
    - net/ipv6: Correct PIM6 mrt_lock handling
    - fib_rules: fix fib rule dumps across multiple skbs
    - ipv6: prevent fib6_run_gc() contention
    - ipv6: update ip6_rt_last_gc every time GC is run
    - jbd2: avoid infinite loop when destroying aborted journal
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.73
    - module: Fix locking in symbol_put_addr()
    - regmap: debugfs: Ensure we don't underflow when printing access masks
    - regmap: debugfs: Don't bother actually printing when calculating max
      length
    - ath9k: declare required extra tx headroom
    - [x86] xen: Do not clip xen_e820_map to xen_e820_map_entries when
      sanitizing map
    - UBI: Validate data_size
    - UBI: return ENOSPC if no enough space available
    - [mips*] dma-default: Fix 32-bit fall back to GFP_DMA
    - [amd64] process: Add proper bound checks in 64bit get_wchan()
    - genirq: Fix race in register_irq_proc()
    - mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a
      fault
    - cifs: Do not fall back to SMBWriteX in set_file_size error cases
    - md/raid0: update queue parameter in a safer location.
    - md/raid0: apply base queue limits *before* disk_stack_limits
    - clocksource: Fix abs() usage w/ 64bit values
    - iio: accel: sca3000: memory corruption in sca3000_read_first_n_hw_rb()
    - USB: Add reset-resume quirk for two Plantronics usb headphones.
    - usb: Add device quirk for Logitech PTZ cameras
    - tty: fix stall caused by missing memory barrier in drivers/tty/n_tty.c
    - drivers/tty: require read access for controlling terminal
    - ppp: don't override sk->sk_state in pppoe_flush_dev()
    - iwlwifi: dvm: fix D3 firmware PN programming
    - ALSA: synth: Fix conflicting OSS device registration on AWE32
    - sched/core: Fix TASK_DEAD race in finish_task_switch()
    - 3w-9xxx: don't unmap bounce buffered commands (regression in 3.2.70)
    - xen-blkfront: check for null drvdata in blkback_changed
      (XenbusStateClosing)
    - ALSA: hda - Fix inverted internal mic on Lenovo G50-80
    - crypto: ahash - ensure statesize is non-zero
    - [x86] iommu/vt-d: fix range computation when making room for large pages
    - xhci: don't finish a TD if we get a short transfer event mid TD
    - xhci: handle no ping response error properly
    - xhci: Switch Intel Lynx Point LP ports to EHCI on shutdown.
    - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers
    - crypto: api - Only abort operations on fatal signal
    - IB/cm: Fix rb-tree duplicate free and use-after-free
    - drm/nouveau/gem: return only valid domain when there's only one
    - [powerpc*] rtas: Validate rtas.entry before calling enter_rtas()
    - mm: make sendfile(2) killable
    - ppp: fix pppoe_dev deletion condition in pppoe_release()
    - dm btree remove: fix a bug when rebalancing nodes after removal
    - dm btree: fix leak of bufio-backed block in btree_split_beneath error path
    - md/raid1: ensure device failure recorded before write request returns.
    - md/raid1: don't clear bitmap bit when bad-block-list write fails.
    - md/raid10: ensure device failure recorded before write request returns.
    - md/raid10: don't clear bitmap bit when bad-block-list write fails.
    - mvsas: Fix NULL pointer dereference in mvs_slot_task_free
    - sched: declare pid_alive as inline
    - net: add length argument to skb_copy_and_csum_datagram_iovec
      (regression in 3.2.72) (CVE-2015-8019)
    - skbuff: Fix skb checksum flag on skb pull
    - skbuff: Fix skb checksum partial check.
    - ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings
    - asix: Don't reset PHY on if_up for ASIX 88772
    - asix: Do full reset during ax88772_bind
    - nfs: Failing to send a CLOSE if file is opened WRONLY and server reboots
      on a 4.x mount (regression in 3.2.71)

  [ Ben Hutchings ]
  * [rt] Update to 3.2.72-rt105 (no functional change)
  * isdn_ppp: Add checks for allocation failure in isdn_ppp_open()
  * ppp, slip: Validate VJ compression slot parameters completely
    (CVE-2015-7799)
  * [x86] KVM: svm: unconditionally intercept #DB (CVE-2015-8104)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 17 Nov 2015 16:32:55 +0000

linux (3.2.71-2) wheezy; urgency=medium

  * Ignore ABI changes in drivers/net/wireless/* (fixes FTBFS on i386)
  * jbd2: protect all log tail updates with j_checkpoint_mutex
    (regression in 3.2.71)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 05 Oct 2015 23:37:40 +0100

linux (3.2.71-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.69
    - usb: core: buffer: smallest buffer should start at ARCH_DMA_MINALIGN
    - TPM: Add new TPMs to the tail of the list to prevent inadvertent change of
      dev
    - [x86] staging: comedi: comedi_compat32.c: fix COMEDI_CMD copy back
    - cdc-acm: add sanity checks
    - USB: fix use-after-free bug in usb_hcd_unlink_urb()
    - tty: Prevent untrappable signals from malicious program
    - rtnetlink: ifla_vf_policy: fix misuses of NLA_BINARY
    - fsnotify: fix handling of renames in audit
    - NFSv4.1: Fix a kfree() of uninitialised pointers in decode_cb_sequence_args
    - mm/hugetlb: fix getting refcount 0 page in hugetlb_fault()
    - mm/hugetlb: add migration/hwpoisoned entry check in
      hugetlb_change_protection
    - mm/hugetlb: add migration entry check in __unmap_hugepage_range
    - mm/mmap.c: fix arithmetic overflow in __vm_enough_memory()
    - iscsi-target: Drop problematic active_ts_list usage
    - mm/memory.c: actually remap enough memory
    - jffs2: fix handling of corrupted summary length
    - dm mirror: do not degrade the mirror on discard error
    - dm io: reject unsupported DISCARD requests with EOPNOTSUPP
    - sg: fix read() error reporting
    - netfilter: xt_socket: fix a stack corruption bug
    - IB/qib: Do not write EEPROM
    - dm: fix a race condition in dm_get_md
    - dm snapshot: fix a possible invalid memory access on unload
    - libceph: fix double __remove_osd() problem
    - ipv4: ip_check_defrag should correctly check return value of skb_copy_bits
      (regression in 3.2.36)
    - debugfs: leave freeing a symlink body until inode eviction
    - autofs4: check dev ioctl size before allocating
    - autofs4 copy_dev_ioctl(): keep the value of ->size we'd used for allocation
    - xfs: ensure truncate forces zeroed blocks to disk
    - net: compat: Ignore MSG_CMSG_COMPAT in compat_sys_{send, recv}msg
      (regression in 3.2.48)
    - xhci: Allocate correct amount of scratchpad buffers
    - USB: usbfs: don't leak kernel data in siginfo
    - USB: serial: fix potential use-after-free after failed probe
    - USB: serial: fix tty-device error handling at probe
    - nilfs2: fix potential memory overrun on inode
    - eCryptfs: don't pass fs-specific ioctl commands through
    - TTY: fix tty_wait_until_sent on 64-bit machines
    - gadgetfs: use-after-free in ->aio_read()
    - gadgetfs: Fix leak on error in aio_read()
    - fuse: notify: don't move pages
    - fuse: set stolen page uptodate
    - dm: hold suspend_lock while suspending device during device deletion
    - dm io: deal with wandering queue limits when handling REQ_DISCARD and
      REQ_WRITE_SAME
    - mac80211: drop unencrypted frames in mesh fwding
    - mac80211: disable u-APSD queues by default
    - libsas: Fix Kernel Crash in smp_execute_task
    - Input: synaptics - handle spurious release of trackstick buttons
    - can: add missing initialisations in CAN related skbuffs
    - ALSA: control: Add sanity checks for user ctl id name string
    - nilfs2: fix deadlock of segment constructor during recovery
      (regression in 3.2.68)
    - pagemap: do not leak physical addresses to non-privileged userspace
      (mitigation of the DRAM 'rowhammer' defect)
    - iio: core: Fix double free.
    - net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user()
      behaviour (regression in 3.2.54)
    - cifs: fix use-after-free bug in find_writable_file
    - mm: fix anon_vma->degree underflow in anon_vma endless growing prevention
      (regression in 3.2.67)
    - hfsplus: fix B-tree corruption after insertion at position 0
    - mac80211: fix RX A-MPDU session reorder timer deletion
    - ocfs2: _really_ sync the right range
    - net:socket: set msg_namelen to 0 if msg_name is passed as NULL in msghdr
      struct from userland. (fixes regression in 3.2.53-1)
    - jfs: fix readdir regression (regression in 3.2.51)
    - ip: zero sockaddr returned on error queue
    - net: rps: fix cpu unplug
    - ipv6: stop sending PTB packets for MTU < 1280
    - ping: Fix race in free in receive path
    - ppp: deflate: never return len larger than output buffer
    - net: gen_stats.c: Duplicate xstats buffer for later use
    - ipv4: ip_check_defrag should not assume that skb_network_offset is zero
    - ematch: Fix auto-loading of ematch modules.
    - net: reject creation of netdev names with colons
    - macvtap: limit head length of skb allocated
    - macvtap: make sure neighbour code can push ethernet header
    - udp: only allow UFO for packets from SOCK_DGRAM sockets
    - rds: avoid potential stack overflow
    - tcp: make connect() mem charging friendly
    - 8139cp,8139too,r8169,tg3,ixgb,benet,gianfar: Call dev_kfree_skb_any
      instead of kfree_skb
    - tcp: avoid looping in tcp_send_fin()
    - net: make skb_gso_segment error handling more robust
    - spi: spidev: fix possible arithmetic overflow for multi-transfer message
    - IB/core: Avoid leakage from kernel to user space
    - ipvs: uninitialized data with IP_VS_IPV6
    - [s390*] Revert "KVM: s390: flush CPU on load control" (regression in
      3.2.67)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.70
    - [x86] Drivers: hv: vmbus: Fix a bug in the error path in vmbus_open()
    - e1000: add dummy allocator to fix race condition between mtu change and
      netpoll
    - [s390*] KVM: Zero out current VMDB of STSI before including level3 data.
    - [armhf/omap] usb: musb: core: fix TX/RX endpoint order
    - UBI: account for bitflips in both the VID header and data
    - UBI: fix out of bounds write
    - UBI: initialize LEB number variable
    - UBI: fix check for "too many bytes"
    - Btrfs: fix log tree corruption when fs mounted with -o discard
    - btrfs: don't accept bare namespace as a valid xattr
    - [arm*] 8320/1: fix integer overflow in ELF_ET_DYN_BASE
    - [mips*] Hibernate: flush TLB entries earlier
    - ext4: make fsync to sync parent dir in no-journal for real this time
    - jhash: Update jhash_[321]words functions to use correct initval
    - scsi: storvsc: Fix a bug in copy_from_bounce_buffer()
    - ALSA: emu10k1: don't deadlock in proc-functions
    - [s390*] hibernate: fix save and restore of kernel text section
    - Btrfs: fix inode eviction infinite loop after cloning into it
    - [powerpc] perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH
    - fs/binfmt_elf.c: fix bug in loading of PIE binaries
    - IB/core: disallow registering 0-sized memory region
    - ptrace: fix race between ptrace_resume() and wait_task_stopped()
    - memstick: mspro_block: add missing curly braces
    - [x86] KVM: VMX: Preserve host CR4.MCE value while in guest mode.
    - ALSA: emu10k1: Fix card shortname string buffer overflow
    - 3w-sas,3w-xxxx,3w-9xxx: fix command completion race
    - cdc-acm: prevent infinite loop when parsing CDC headers.
    - ALSA: emux: Fix mutex deadlock in OSS emulation
    - gpio: sysfs: fix memory leaks and device hotplug
    - ext4: move check under lock scope to close a race.
    - nfsd: fix the check for confirmed openowner in nfs4_preprocess_stateid_op
    - nilfs2: fix sanity check of btree level in nilfs_btree_root_broken()
    - ocfs2: dlm: fix race between purge and get lock resource
    - ACPI / init: Fix the ordering of acpi_reserve_resources()
    - md/raid5: don't record new size if resize_stripes fails.
    - ipvs: fix memory leak in ip_vs_ctl.c
    - mac80211: move WEP tailroom size check
    - [x86] KVM: MMU: fix CR4.SMEP=1, CR0.WP=0 with shadow pages
    - firmware: dmi_scan: Fix ordering of product_uuid (regression in 3.2.38)
    - ext4: check for zero length extent explicitly (regression in 3.2.55)
    - jbd2: fix r_count overflows leading to buffer overflow in journal recovery
    - sd: Disable support for 256 byte/sector disks
    - xen/events: don't bind non-percpu VIRQs with percpu chip
    - [s390*] crypto: ghash - Fix incorrect ghash icv buffer handling.
    - fs/binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings
    - vfs: d_walk() might skip too much (regression in 3.2.66)
    - [amd64] Fix strnlen_user() to not touch memory after specified maximum
    - ipvs: kernel oops - do_ip_vs_get_ctl
    - [powerpc] Don't skip ePAPR spin-table CPUs (regression in 3.2.61)
    - net: dp83640: fix broken calibration routine.
    - unix/caif: sk_socket can disappear when state is unlocked
    - bridge: fix br_stp_set_bridge_priority race conditions
    - packet: read num_members once in packet_rcv_fanout()
    - packet: avoid out of bounds read in round robin fanout
    - neigh: do not modify unlinked entries
    - debugfs: Fix statfs() regression in 3.2.69
    - net: socket: Fix the wrong returns for recvmsg and sendmsg
    - [x86] config: Enable NEED_DMA_MAP_STATE by default when SWIOTLB is
      selected (Closes: #786551)
    - softirq: reduce latencies
    - softirq: Fix lockup related to stop_machine being stuck in __do_softirq.
    - [mips*] Fix race condition in lazy cache flushing.
    - [mips/octeon] Remove udelay() causing huge IRQ latency
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.71
    - hrtimer: Allow concurrent hrtimer_start() for self restarting timers
    - s5h1420: fix a buffer overflow when checking userspace params
    - cx24116: fix a buffer overflow when checking userspace params
    - mtd: fix: avoid race condition when accessing mtd->usecount
    - rcu: Correctly handle non-empty Tiny RCU callback list with none ready
    - [x86] staging: rtl8712: prevent buffer overrun in recvbuf2recvframe
    - SUNRPC: Fix a memory leak in the backchannel code
    - regulator: core: fix constraints output buffer
    - [armel] dmaengine: mv_xor: bug fix for racing condition in descriptors
      cleanup
    - ext4: fix race between truncate and __ext4_journalled_writepage()
    - [x86] pcmcia: Disable write buffering on Toshiba ToPIC95
    - jbd2: issue cache flush after checkpointing even with internal journal
    - jbd2: fix ocfs2 corrupt when updating journal superblock fails
    - mmc: card: Fixup request missing in mmc_blk_issue_rw_rq
    - ext4: call sync_blockdev() before invalidate_bdev() in put_super()
    - iio: DAC: ad5624r_spi: fix bit shift of output data value
    - ext4: don't retry file block mapping on bigalloc fs with non-extent file
    - NET: ROSE: Don't dereference NULL neighbour pointer.
    - fs: Fix S_NOSEC handling
    - Btrfs: use kmem_cache_free when freeing entry in inode cache
    - Btrfs: fix race between caching kthread and returning inode to inode
      cache
    - fuse: initialize fc->release before calling it
    - ext4: avoid deadlocks in the writeback path by using sb_getblk_gfp
    - netfilter: bridge: don't leak skb in error paths
    - [x86] KVM: make vapics_in_nmi_mode atomic
    - 9p: forgetting to cancel request on interrupted zero-copy RPC
    - dm btree remove: fix bug in redistribute3
    - rtnetlink: verify IFLA_VF_INFO attributes before passing them to driver
    - mm: avoid setting up anonymous pages into file mapping
    - net: do not process device backlog during unregistration
    - net: call rcu_read_lock early in process_backlog
    - 9p: don't leave a half-initialized inode sitting around
    - Btrfs: fix file corruption after cloning inline extents
    - rds: rds_ib_device.refcount overflow
    - libata: force disable trim for SuperSSpeed S238
    - inet: frags: fix defragmented packet's IP header for af_packet
    - netfilter: nf_conntrack: Support expectations in different zones
    - usb-storage: ignore ZTE MF 823 card reader in mode 0x1225
    - md/raid1: fix test for 'was read error from last working device'.
    - iscsi-target: Fix use-after-free during TPG session shutdown
    - [x86] xen: Probe target addresses in set_aliased_prot() before the
      hypercall

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.109:
    - [x86] drm/i915: Unlock panel even when LVDS is disabled
    - drm/radeon: kernel panic in drm_calc_vbltimestamp_from_scanoutpos with
      3.18.0-rc6
    - [x86] drm/vmwgfx: Don't use memory accounting for kernel-side fence objects
    - [x86] drm/vmwgfx: Fix fence event code
    - drm/radeon: check the right ring in radeon_evict_flags()
    - [x86] drm/i915: Only fence tiled region of object.
    - drm/radeon/dp: Set EDP_CONFIGURATION_SET for bridge chips if necessary
    - drm/radeon: do a posting read in r100_set_irq
    - drm/radeon: do a posting read in rs600_set_irq
    - drm/radeon: do a posting read in r600_set_irq
    - drm/radeon: do a posting read in evergreen_set_irq
    - drm/radeon: do a posting read in si_set_irq
    - drm/radeon: fix DRM_IOCTL_RADEON_CS oops
    - [x86] drm/vmwgfx: Reorder device takedown somewhat
    - radeon: Do not directly dereference pointers to BIOS area.
    - drm/radeon: fix doublescan modes (v2)
    - drm/radeon: Use drm_calloc_ab for CS relocs
    - drm/radeon: fix VM_CONTEXT*_PAGE_TABLE_END_ADDR handling
    - [x86] drm/i915: Don't skip request retirement if the active list is empty
  * Revert "ACPICA: Utilities: split IO address types from data type models."
    to avoid ABI change on i386
  * Adjust for migration to git:
    - Update .gitignore files
    - debian/control: Update Vcs-* fields
    - README.Debian, README.source: Update references to svn
  * [rt] Update to 3.2.70-rt103:
    - KVM: lapic: mark LAPIC timer handler as irqsafe
    - mm/slub: move slab initialization into irq enabled region
    - xfs: Disable percpu SB on PREEMPT_RT_FULL

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 21 Sep 2015 23:04:56 +0200

linux (3.2.68-1+deb7u6) wheezy-security; urgency=medium

  [ Salvatore Bonaccorso ]
  * KEYS: Fix race between key destruction and finding a keyring by name
  * KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
    (CVE-2015-7872)
  * KEYS: Don't permit request_key() to construct a new keyring

  [ Ben Hutchings ]
  * usbvision: fix overflow of interfaces array (CVE-2015-7833)
  * RDS: fix race condition when sending a message on unbound socket
    (CVE-2015-7990)
  * [x86] KVM: Intercept #AC to avoid guest->host denial-of-service
    (CVE-2015-5307)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 09 Nov 2015 12:25:06 +0000

linux (3.2.68-1+deb7u5) wheezy-security; urgency=medium

  * USB: whiteheat: fix potential null-deref at probe (CVE-2015-5257)
  * ipc/sem.c: fully initialize sem_array before making it visible
  * ipc: Initialize msg/shm IPC objects before doing ipc_addid()
    (CVE-2015-7613)
  * vfs: Fix possible escape from mount namespace or chroot (CVE-2015-2925):
    - dcache: Handle escaped paths in prepend_path
    - vfs: Test for and handle paths that are unreachable from their mnt_root

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 09 Oct 2015 23:24:39 +0100

linux (3.2.68-1+deb7u4) wheezy-security; urgency=medium

  * ipv6: addrconf: validate new MTU before applying it (CVE-2015-0272)
    [Original reference is incorrect; should be CVE-2015-8215.]
  * virtio-net: drop NETIF_F_FRAGLIST (CVE-2015-5156)
  * vhost: actually track log eventfd file (CVE-2015-6252)
  * RDS: verify the underlying transport exists before creating a connection
    (CVE-2015-6937)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 19 Sep 2015 13:22:14 +0200

linux (3.2.68-1+deb7u3) wheezy-security; urgency=medium

  * udp: fix behavior of wrong checksums (CVE-2015-5364, CVE-2015-5366)
  * sctp: fix ASCONF list handling (CVE-2015-3212)
  * [x86] bpf_jit: fix compilation of large bpf programs (CVE-2015-4700)
  * sg_start_req(): make sure that there's not too many elements in iovec
    (CVE-2015-5707)
  * md: use kzalloc() when bitmap is disabled (CVE-2015-5697)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 04 Aug 2015 02:41:28 +0100

linux (3.2.68-1+deb7u2) wheezy-security; urgency=high

  * pipe: iovec: Fix memory corruption when retrying atomic copy as non-atomic
    (CVE-2015-1805)
  * udf: Remove repeated loads blocksize
  * udf: Check length of extended attributes and allocation descriptors
    (CVE-2015-4167)
  * ipv4: Missing sk_nulls_node_init() in ping_unhash(). (CVE-2015-3636)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 15 Jun 2015 09:52:46 +0100

linux (3.2.68-1+deb7u1) wheezy-security; urgency=high

  * IB/core: Prevent integer overflow in ib_umem_get address arithmetic
    (CVE-2014-8159)
  * netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len
    (CVE-2014-9715)
  * net: llc: use correct size for sysctl timeout entries (CVE-2015-2041)
  * net: rds: use correct size for max unacked packets and bytes
    (CVE-2015-2042)
  * xen-pciback: limit guest control of command register (CVE-2015-2150)
  * [amd64] asm/entry: Remove a bogus 'ret_from_fork' optimization
    (CVE-2015-2830)
  * ipv6: Don't reduce hop limit for an interface (CVE-2015-2922)
  * [x86] crypto: aesni - fix memory usage in GCM decryption (Closes: #782561)
    (CVE-2015-3331)
  * fs: take i_mutex during prepare_binprm for set[ug]id executables
    (CVE-2015-3339)

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 24 Apr 2015 16:21:37 +0100

linux (3.2.68-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.66
    - net: sctp: fix memory leak in auth key management
    - tcp: md5: remove spinlock usage in fast path
    - tcp: md5: do not use alloc_percpu()
    - ipv4: dst_entry leak in ip_send_unicast_reply()
    - net: sctp: use MAX_HEADER for headroom reserve in output path
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.67
    - eCryptfs: Force RO mount when encrypted view is enabled
    - ipv4: Remove all uses of LL_ALLOCATED_SPACE
    - ipv6: Remove all uses of LL_ALLOCATED_SPACE
    - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs
    - [s390*] KVM: flush CPU on load control
    - UBI: Fix invalid vfree()
    - drbd: merge_bvec_fn: properly remap bvm->bi_bdev
    - PCI: Restore detection of read-only BARs
    - genhd: check for int overflow in disk_expand_part_tbl()
    - USB: cdc-acm: check for valid interfaces
    - dm space map metadata: fix sm_bootstrap_get_nr_blocks()
    - [x86] iommu/vt-d: Fix an off-by-one bug in __domain_mapping()
    - KEYS: Fix stale key registration at error path
    - Btrfs: fix fs corruption on transaction abort if device supports discard
    - ncpfs: return proper error from NCP_IOC_SETROOT ioctl
    - mac80211: fix multicast LED blinking and counter (regression in 3.2.65)
    - genirq: Prevent proc race against freeing of irq descriptors
    - decompress_bunzip2: off by one in get_next_block()
    - [x86] tls: Disallow unusual TLS segments
    - iscsi-target: Fail connection on short sendmsg writes
    - ceph: introduce global empty snap context
    - [x86] tls: Don't validate lm in set_thread_area() after all
    - ocfs2: fix journal commit deadlock
    - udf: Verify i_size when loading inode
    - udf: Verify symlink size before loading it
    - udf: Treat symlink component of type 2 as /
    - udf: Check path length when reading symlink
    - udf: Check component length before reading it
    - crypto: af_alg - fix backlog handling
    - Revert "tcp: Apply device TSO segment limit earlier"
      (regression in 3.2.30)
    - virtio_pci: defer kfree until release callback
    - mm: propagate error from stack expansion even for guard page
    - time: settimeofday: Validate the values of tv from user
    - regulator: core: fix race condition in regulator_put()
    - mm: prevent endless growth of anon_vma hierarchy
    - mm: protect set_page_dirty() from ongoing truncation
    - HID: roccat: potential out of bounds in pyra_sysfs_write_settings()
    - USB: console: fix potential use after free
    - mm: Don't count the stack guard page towards RLIMIT_STACK
    - mm: fix corner case in anon_vma endless growing prevention
    - can: dev: fix crtlmode_supported check
    - net: sctp: fix race for one-to-many sockets in sendmsg's auto associate
    - libata: allow sata_sil24 to opt-out of tag ordered submission
      (regression in 3.2.62)
    - nl80211: fix per-station group key get/del and memory leak
    - vm: add VM_FAULT_SIGSEGV handling support
    - vm: make stack guard page errors return VM_FAULT_SIGSEGV rather than
      SIGBUS
    - ACPI / EC: Fix regression due to conflicting firmware behavior between
      Samsung and Acer. (regression in 3.2.63)
    - [s390*] 3215: fix tty output containing tabs (Closes: #758264)
    - fsnotify: next_i is freed during fsnotify_unmount_inodes.
    - PCI: Handle read-only BARs on AMD CS553x devices
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.68
    - mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range
      (regression in 3.2.46)
    - nilfs2: fix deadlock of segment constructor over I_SYNC flag
    - staging: comedi: cb_pcidas64: fix incorrect AI range code handling
    - time: adjtimex: Validate the ADJ_FREQUENCY values
    - ntp: Fixup adjtimex freq validation on 32-bit systems
    - Bluetooth: ath3k: workaround the compatibility issue with xHCI controller
      (maybe fixes #778463)

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.106:
    - [x86] drm/vmwgfx: Filter out modes those cannot be supported by the
      current VRAM size.
    - drm/radeon: add missing crtc unlock when setting up the MC
  * [rt] Update to 3.2.68-rt99:
    - Replace the plist functions with rt_mutex_enqueue{_pi}() and
      rt_mutex_dequeue{_pi}() like upstream -rt does
    - rtmutex: Simplify rtmutex_slowtrylock()
    - rtmutex: Simplify and document try_to_take_rtmutex()
    - rtmutex: No need to keep task ref for lock owner check
    - rtmutex: Clarify the boost/deboost part
    - rtmutex: Document pi chain walk
    - rtmutex: Simplify remove_waiter()
    - rtmutex: Confine deadlock logic to futex
    - rtmutex: Cleanup deadlock detector debug logic
    - rtmutex: Avoid pointless requeueing in the deadlock detection chain walk
    - futex: Make unlock_pi more robust
    - futex: Use futex_top_waiter() in lookup_pi_state()
    - futex: Split out the waiter check from lookup_pi_state()
    - futex: Split out the first waiter attachment from lookup_pi_state()
    - futex: Simplify futex_lock_pi_atomic() and make it more robust
    - rt-mutex: avoid a NULL pointer dereference on deadlock
    - x86: UV: raw_spinlock conversion
    - scheduling while atomic in cgroup code
    - work-simple: Simple work queue implemenation
    - sunrpc: make svc_xprt_do_enqueue() use get_cpu_light()
    - fs,btrfs: fix rt deadlock on extent_buffer->lock
  * hpsa: Update device ID tables (Closes: #781548)
  * NFSv4: Fix oops in nfs4_handle_exception when server returns
    NFS4ERR_OPENMODE (Closes: #731439)
  * netfilter: ipset: Check and reject crazy /0 input parameters
    (Closes: #732689)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 31 Mar 2015 09:30:16 +0100

linux (3.2.65-1+deb7u2) wheezy-security; urgency=medium

  * splice: Apply generic position and size checks to each write
    (CVE-2014-7822)
  * crypto: Fix unprivileged arbitrary module loading (CVE-2013-7421,
    CVE-2014-9644)
    - prefix module autoloading with "crypto-"
    - include crypto- module prefix in template
    - add missing crypto module aliases
  * netfilter: conntrack: disable generic tracking for known protocols
    (CVE-2014-8160)
  * [amd64] vdso: Fix the vdso address randomization algorithm (CVE-2014-9585)
  * [x86] KVM: x86 emulator: reject SYSENTER in compatibility mode on AMD
    guests
  * [x86] KVM: SYSENTER emulation is broken (CVE-2015-0239)
  * vfs: move d_rcu from overlapping d_child to overlapping d_alias
  * aufs: move d_rcu from overlapping d_child to overlapping d_alias
  * vfs: deal with deadlock in d_walk() (CVE-2014-8559)
  * vfs: read file_handle only once in handle_to_path (CVE-2015-1420)
  * ASLR: fix stack randomization on 64-bit systems (CVE-2015-1593)
  * vfs: Fix vfsmount_lock imbalance in path_init() (regression in 3.2.64)
  * net: sctp: fix slab corruption from use after free on INIT collisions
    (CVE-2015-1421)
  * Fix regressions caused by CVE-2014-8133 fix:
    - [amd64] tls, ldt: Stop checking lm in LDT_empty
    - [x86] tls: Interpret an all-zero struct user_desc as "no segment"
  * eCryptfs: Remove buggy and unnecessary write in file name decode
    routine (CVE-2014-9683)

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 20 Feb 2015 02:39:08 +0000

linux (3.2.65-1+deb7u1) wheezy-security; urgency=medium

  * [amd64] Revert NX changes that caused a regresion in 3.2.65
    (Closes: #774436)
    - Revert "x86, mm: Set NX across entire PMD at boot"
    - Revert "x86, 64bit, mm: Mark data/bss/brk to nx"
  * [x86] cpu, amd: Add workaround for family 16h, erratum 793 (CVE-2013-6885)
  * [x86] tls: Validate TLS entries to protect espfix (CVE-2014-8133)
  * [amd64] switch_to(): Load TLS descriptors before switching DS and ES
    (CVE-2014-9419)
  * KEYS: close race between key lookup and freeing (CVE-2014-9529)
  * isofs: Fix unchecked printing of ER records (CVE-2014-9584)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 12 Jan 2015 16:06:56 +0000

linux (3.2.65-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.64
    - percpu: fix pcpu_alloc_pages() failure path
    - percpu: perform tlb flush after pcpu_map_pages() failure
    - cgroup: reject cgroup names with '\n'
    - [s390*] KVM: Fix user triggerable bug in dead code
    - regmap: Fix handling of volatile registers for format_write() chips
    - Revert "iwlwifi: dvm: don't enable CTS to self" (regression in 3.2.62)
    - aio: add missing smp_rmb() in read_events_ring
    - block: Fix dev_t minor allocation lifetime
    - uwb: init beacon cache entry before registering uwb device
    - perf: Fix a race condition in perf_remove_from_context()
    - libceph: gracefully handle large reply messages from the mon
    - libceph: add process_one_ticket() helper
    - libceph: do not hard code max auth ticket len
    - usb: hub: take hub->hdev reference when processing from eventlist
    - futex: Unlock hb->lock in futex_wait_requeue_pi() error path
    - alarmtimer: Return relative times in timer_gettime
    - alarmtimer: Do not signal SIGEV_NONE timers
    - alarmtimer: Lock k_itimer during timer callback
    - vfs: don't bugger nd->seq on set_root_rcu() from follow_dotdot_rcu()
    - vfs: Fold follow_mount_rcu() into follow_dotdot_rcu()
    - vfs: be careful with nd->inode in path_init() and follow_dotdot_rcu()
    - iscsi-target: Fix memory corruption in iscsit_logout_post_handler_diffcid
    - NFSv4: Fix another bug in the close/open_downgrade code
    - libiscsi: fix potential buffer overrun in __iscsi_conn_send_pdu
    - nl80211: clear skb cb before passing to netlink
    - ALSA: pcm: fix fifo_size frame calculation
    - Fix nasty 32-bit overflow bug in buffer i/o code.
    - sched: Fix unreleased llc_shared_mask bit during CPU hotplug
    - [armhf] 8165/1: alignment: don't break misaligned NEON load/store
    - nilfs2: fix data loss with mmap()
    - ocfs2/dlm: do not get resource spinlock if lockres is new
      (regression in 3.2)
    - shmem: fix nlink for rename overwrite directory
    - mm: migrate: Close race between migration completion and mprotect
    - perf: fix perf bug in fork()
    - [mips*] Fix forgotten preempt_enable() when CPU has inclusive pcaches
    - ipv4: move route garbage collector to work queue
    - ipv4: avoid parallel route cache gc executions
    - ipv4: disable bh while doing route gc
    - ipv6: reallocate addrconf router for ipv6 address when lo device up
      (regression in 3.2.50)
    - [x86] kvm,vmx: Preserve CR4 across VM entry
    - ipvs: avoid netns exit crash on ip_vs_conn_drop_conntrack
    - ring-buffer: Fix infinite spin in reading buffer (regression in 3.2.63)
    - genhd: fix leftover might_sleep() in blk_free_devt()
    - [x86] KVM: Fix far-jump to non-canonical check
      (regression in 3.2.63-2+deb7u1)
    - l2tp: fix race while getting PMTU on PPP pseudo-wire
  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.65
    - [x86] kvm: fix stale mmio cache bug
    - UBIFS: fix a race condition
    - [s390*] KVM: unintended fallthrough for external call
    - ext4: check EA value offset when loading
    - v4l2-common: fix overflow in v4l_bound_align_image()
    - Revert "lzo: properly check for overruns"
    - lzo: check for length overrun in variable length encoding.
    - NFSv4: fix open/lock state recovery error handling
    - NFSv4.1: Fix an NFSv4.1 state renewal regression
    - target: Fix queue full status NULL pointer for SCF_TRANSPORT_TASK_SENSE
    - vfs: fix data corruption when blocksize < pagesize for mmaped data
    - dm bufio: update last_accessed when relinking a buffer
    - ext4: don't orphan or truncate the boot loader inode
    - ext4: add ext4_iget_normal() which is to be used for dir tree lookups
    - ecryptfs: avoid to access NULL pointer when write metadata in xattr
    - fs: make cont_expand_zero interruptible
    - fix misuses of f_count() in ppp and netlink
    - block: fix alignment_offset math that assumes io_min is a power-of-2
    - fanotify: enable close-on-exec on events' fd when requested in
      fanotify_init()
    - selinux: fix inode security list corruption
    - random: add and use memzero_explicit() for clearing data
    - dm raid: ensure superblock's size matches device's logical block size
    - scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND
    - usb: serial: ftdi_sio: add "bricked" FTDI device PID
    - nfsd4: fix crash on unknown operation number
    - [x86] kvm: don't kill guest on unknown exit reason
    - posix-timers: Fix stack info leak in timer_create()
    - futex: Fix a race condition between REQUEUE_PI and task death
    - ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat mode
    - zap_pte_range: update addr when forcing flush after TLB batching faiure
    - mm, thp: fix collapsing of hugepages on madvise
    - lib/bitmap.c: fix undefined shift in __bitmap_shift_{left|right}()
    - ext4: fix overflow when updating superblock backups after resize
    - ext4: bail out from make_indexed_dir() on first error
    - tracing/syscalls: Fix perf syscall tracing when syscall_nr == -1
    - tracing/syscalls: Ignore numbers outside NR_syscalls' range
    - mac80211: fix use-after-free in defragmentation
    - xhci: no switching back on non-ULT Haswell (regression in 3.2.53)
    - audit: keep inode pinned
    - libceph: do not crash on large auth tickets
    - firewire: cdev: prevent kernel stack leaking into ioctl arguments
    - iio: Fix IIO_EVENT_CODE_EXTRACT_DIR bit mask
    - [x86] Require exact match for 'noxsave' command line option
    - [amd64] mm: Mark data/bss/brk to nx
    - [amd64] mm: Set NX across entire PMD at boot
    - SUNRPC: Fix locking around callback channel reply receive
    - bnx2fc: do not add shared skbs to the fcoe_rx_list
    - Revert "xhci: clear root port wake on bits if controller isn't wake-up
      capable" (regression in 3.2.62)
    - [amd64] ALSA: hda - Limit 40bit DMA for AMD HDMI controllers
    - mei: add mei_quirk_probe function
    - tcp: be more strict before accepting ECN negociation
    - hpsa: fix a race in cmd_free/scsi_done
    - mm: Remove false WARN_ON from pagecache_isize_extended()

  [ Ben Hutchings ]
  * [rt] Update to 3.2.64-rt94:
    - sched: Do not clear PF_NO_SETAFFINITY flag in select_fallback_rq()
    - workqueue: Prevent deadlock/stall on RT
    - hrtimer:fix the miss of hrtimer_peek_ahead_timers in nort code
    - lockdep: Fix backport of "Correctly annotate hardirq context in
      irq_exit()"
  * drm, agp: Update to 3.4.105:
    - drm/i915: Remove bogus __init annotation from DMI callbacks
    - drm/vmwgfx: Fix a potential infinite spin waiting for fifo idle
    - drm/radeon: add connector quirk for fujitsu board
   * [x86] KVM: Don't report guest userspace emulation error to userspace
     (CVE-2014-7842)
   * [x86] kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
     (CVE-2014-8134)
   * isofs: Fix infinite looping over CE entries (CVE-2014-9420)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 29 Dec 2014 02:50:43 +0100

linux (3.2.63-2+deb7u2) wheezy-security; urgency=high

  * Revert "drivers/net: Disable UFO through virtio" in macvtap and tun.
    This removes the need to shut down VMs if migrating to a patched
    host.
  * ip: Fix backport of "ip: make IP identifiers less predictable"
    (regression in 3.2.63) (thanks to Jeffrey Knockel)
  * net: sctp: fix NULL pointer dereference in af->from_addr_param on
    malformed packet (CVE-2014-7841)
  * kvm: fix excessive pages un-pinning in kvm_iommu_map error path.
    (CVE-2014-8369)
  * media: ttusb-dec: buffer overflow in ioctl (CVE-2014-8884)
  * [amd64] traps: Stop using IST for #SS (CVE-2014-9090)
  * [amd64] traps: Fix the espfix64 #DF fixup and rewrite it in C
  * [amd64] traps: Rework bad_iret

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 07 Dec 2014 03:42:14 +0000

linux (3.2.63-2+deb7u1) wheezy-security; urgency=high

  * drivers/net,ipv6: Fix virtio/IPv6 regression in 3.2.63:
    - ipv6: reuse ip6_frag_id from ip6_ufo_append_data (Closes: #766195)
      (CVE-2014-7207)
    - drivers/net: Disable UFO through virtio
    - drivers/net,ipv6: Select IPv6 fragment idents for virtio UFO packets
  * [x86] KVM: Check non-canonical addresses upon WRMSR (CVE-2014-3610)
  * [x86] KVM: Improve thread safety in pit (CVE-2014-3611)
  * [x86] KVM: nEPT: Nested INVEPT (CVE-2014-3645)
  * [x86] kvm: vmx: handle invvpid vm exit gracefully (CVE-2014-3646)
  * [x86] KVM: emulator: Use opcode::execute for CALL
  * [x86] KVM: Fix wrong masking on relative jump/call
  * [x86] KVM: Emulator fixes for eip canonical checks on near branches
    (CVE-2014-3647)
  * [x86] KVM: use new CS.RPL as CPL during task switch
  * [x86] KVM: Handle errors when RIP is set during far jumps (CVE-2014-3647)
  * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks
    (CVE-2014-3673)
  * net: sctp: fix panic on duplicate ASCONF chunks (CVE-2014-3687)
  * net: sctp: fix remote memory pressure from excessive queueing
    (CVE-2014-3688)
  * [x86] kvm,vmx: Preserve CR4 across VM entry (CVE-2014-3690)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 29 Oct 2014 23:35:20 +0000

linux (3.2.63-2) wheezy; urgency=medium

  * [s390*] Ignore ABI change in lowcore structure (fixes FTBFS)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 29 Sep 2014 22:35:33 +0100

linux (3.2.63-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.61
    - mm: highmem: don't treat PKMAP_ADDR(LAST_PKMAP) as a highmem address
    - UBIFS: fix an mmap and fsync race condition
    - HID: core: fix validation of report id 0
    - IB/srp: Fix a sporadic crash triggered by cable pulling
    - reiserfs: drop vmtruncate
    - reiserfs: call truncate_setsize under tailpack mutex
    - [arm] 8051/1: put_user: fix possible data corruption in put_user
    - ext4: fix zeroing of page during writeback
    - ext4: fix wrong assert in ext4_mb_normalize_request()
    - USB: sierra: fix remote wakeup
    - USB: option: fix runtime PM handling
    - USB: usb_wwan: fix race between write and resume
    - USB: usb_wwan: fix write and suspend race
    - USB: usb_wwan: fix urb leak at shutdown
    - USB: cdc-acm: Fix various bugs in power management
    - USB: io_ti: fix firmware download on big-endian machines (part 2)
    - md: always set MD_RECOVERY_INTR when aborting a reshape or other
      "resync".
    - [s390] lowcore: reserve 96 bytes for IRB in lowcore
    - rtmutex: Fix deadlock detector for real
    - xhci: delete endpoints from bandwidth list before freeing whole device
    - IB/umad: Fix error handling
    - RDMA/cxgb4: Fix four byte info leak in c4iw_create_cq()
    - nfsd: getattr for FATTR4_WORD0_FILES_AVAIL needs the statfs buffer
    - UBIFS: Remove incorrect assertion in shrink_tnc()
    - nfsd4: use recall_lock for delegation hashing
    - iscsi-target: Reject mutual authentication with reflected CHAP_C
    - ptrace: fix fork event messages across pid namespaces
    - idr: fix overflow bug during maximum ID calculation at maximum height
    - Input: synaptics - fix resolution for manually provided min/max
      (regression in 3.2.57)
    - nfsd4: fix FREE_STATEID lockowner leak (regression in 3.2.60)
    - Btrfs: fix double free in find_lock_delalloc_range
    - mm: rmap: fix use-after-free in __put_anon_vma
    - rtmutex: Handle deadlock detection smarter
    - rtmutex: Detect changes in the pi lock chain
    - rtmutex: Plug slow unlock race
    - Bluetooth: Fix check for connection encryption
    - Bluetooth: Fix SSP acceptor just-works confirmation without MITM
    - tracing: Fix syscall_*regfunc() vs copy_process() race
    - lib/lzo: Update LZO compression to current upstream version
    - lzo: properly check for overruns (CVE-2014-4608)
    - hugetlb: fix copy_hugetlb_page_range() to handle migration/hwpoisoned
      entry
    - mm: fix crashes from mbind() merging vmas
    - [mips] MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region
    - SCSI: Stop accepting SCSI requests before removing a device
    - SCSI: fix our current target reap infrastructure
    - SCSI: dual scan thread bug fix
    - perf: Fix race in removing an event
    - netlink: rate-limit leftover bytes warning and print process name
    - net: tunnels - enable module autoloading
    - net: fix inet_getid() and ipv6_select_ident() bugs
    - target: Explicitly clear ramdisk_mcp backend pages
    - iommu/vt-d: Fix missing IOTLB flush in intel_iommu_unmap()
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.62
    - ibmvscsi: Add memory barriers for send / receive
    - cpuset,mempolicy: fix sleeping function called from invalid context
    - nfsd: fix rare symlink decoding bug
    - md: flush writes before starting a recovery.
    - drm/vmwgfx: Fix incorrect write to read-only register v2:
      (regression in 3.2.58)
    - ACPI / EC: Avoid race condition related to advance_transaction()
    - ACPI / EC: Fix race condition in ec_transaction_completed()
    - hwmon: (adm1031) Fix writes to limit registers
    - alarmtimer: Fix bug where relative alarm timers were treated as absolute
    - dm io: fix a race condition in the wake up code for sync_io
    - sched: Fix possible divide by zero in avg_atom() calculation
    - locking/mutex: Disable optimistic spinning on some architectures
    - hwmon: (adt7470) Fix writes to temperature limit registers
    - usb: Check if port status is equal to RxDetect (regression in 3.2.38)
    - tcp: fix tcp_match_skb_to_sack() for unaligned SACK at end of an skb
    - igmp: fix the problem when mc leave group
    - appletalk: Fix socket referencing in skb
    - net: sctp: fix information leaks in ulpevent layer
    - dns_resolver: assure that dns_query() result is null-terminated
    - dns_resolver: Null-terminate the right string
    - rtnetlink: fix userspace API breakage for iproute2 < v3.9.0
      (regression in 3.2.45)
    - netfilter: ipt_ULOG: fix info leaks
    - xfs: fix allocbt cursor leak in xfs_alloc_ag_vextent_near
    - xfs: really fix the cursor leak in xfs_alloc_ag_vextent_near
    - shmem: fix faulting into a hole, not taking i_mutex (CVE-2014-4171)
    - shmem: fix splicing from a hole while it's punched (CVE-2014-4171)
    - [x86] x86-32, espfix: Remove filter for espfix32 due to race
    - sym53c8xx_2: Set DID_REQUEUE return code when aborting squeue
    - mm: hugetlb: fix copy_hugetlb_page_range() (regression in 3.2.61)
    - [arm*] 7668/1: fix memset-related crashes caused by recent GCC (4.7.2)
      optimizations
    - [arm*] 7670/1: fix the memset fix
    - ceph: fix overflow check in build_snap_context()
    - libata: support the ata host which implements a queue depth less than 32
      (regression in 3.2.59)
    - libata: introduce ata_host->n_tags to avoid oops on SAS controllers
    - [x86] x86_32, entry: Store badsys error code in %eax
      (regression in 3.2.60-1)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.63
    - [x86] KVM: Inter-privilege level ret emulation is not implemeneted
    - block: don't assume last put of shared tags is for the host
    - debugfs: Fix corrupted loop in debugfs_remove_recursive
    - mtd/ftl: fix the double free of the buffers allocated in build_maps()
    - [x86] don't exclude low BIOS area when allocating address space for
      non-PCI cards (regression in 2.6.37)
    - scsi: handle flush errors properly
    - hwmon: (smsc47m192) Fix temperature limit and vrm write operations
    - staging: vt6655: Fix Warning on boot handle_irq_event_percpu.
    - [mips,powerpc] bfa: Fix undefined bit shift on big-endian architectures
      with 32-bit DMA address
    - Drivers: scsi: storvsc: Implement a eh_timed_out handler
    - iommu/vt-d: Exclude devices using RMRRs from IOMMU API domains
    - net: sendmsg: fix NULL pointer dereference
    - hwmon: (ads1015) Fix off-by-one for valid channel index checking
    - [mips*] tlbex: Fix a missing statement for HUGETLB
    - [mips*] Prevent user from setting FCSR cause bits
    - md/raid1,raid10: always abort recover on write error.
    - ext4: fix ext4_discard_allocated_blocks() if we can't allocate the pa
      struct
    - hwmon: (lm85) Fix various errors on attribute writes
    - hwmon: (amc6821) Fix possible race condition bug
    - crypto: af_alg - properly label AF_ALG socket
    - mnt: Change the default remount atime from relatime to the existing value
    - netlabel: fix a problem when setting bits below the previously lowest bit
    - ALSA: virtuoso: Xonar DSX support (Closes: #721346)
    - hwmon: (ads1015) Fix out-of-bounds array access
    - [s390*] locking: Reenable optimistic spinning
    - ring-buffer: Always reset iterator to reader page
    - reiserfs: Fix use after free in journal teardown
    - [powerpc*] mm: Use read barrier when creating real_pte
    - Btrfs: fix csum tree corruption, duplicate and outdated checksums
    - CIFS: Fix wrong directory attributes after rename
    - md/raid6: avoid data corruption during recovery of double-degraded RAID6
    - iommu/amd: Fix cleanup_domain for mass device removal
    - pata_scc: propagate return value of scc_wait_after_reset
    - kvm: iommu: fix the third parameter of kvm_iommu_put_pages
      (CVE-2014-3601)
    - [mips*/octeon] make get_system_type() thread-safe
    - xhci: rework cycle bit checking for new dequeue pointers
      (regression in 3.2.59)
    - isofs: Fix unbounded recursion when processing relocated directories
      (CVE-2014-5471, CVE-2014-5472)
    - HID: logitech: perform bounds checking on device_id early enough
      (CVE-2014-3182)
    - USB: whiteheat: Added bounds checking for bulk command response
      (CVE-2014-3183, CVE-2014-3184, CVE-2014-3185)
    - HID: logitech-dj: prevent false errors to be shown
    - ACPI / EC: Add support to disallow QR_EC to be issued when SCI_EVT isn't
      set (regression in 3.2.62)
    - HID: magicmouse: sanity check report size in raw_event() callback
      (CVE-2014-3181)
    - HID: picolcd: sanity check report size in raw_event() callback
      (CVE-2014-3186)
    - [armhf] 8128/1: abort: don't clear the exclusive monitors
    - [armhf] 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy
      strex
    - USB: serial: fix potential stack buffer overflow
    - USB: serial: fix potential heap buffer overflow
    - [mips*] Fix accessing to per-cpu data when flushing the cache
    - inetpeer: get rid of ip_id_count
    - ip: make IP identifiers less predictable
    - tcp: Fix integer-overflows in TCP veno
    - tcp: Fix integer-overflow in TCP vegas
    - net: sctp: inherit auth_capable on INIT collisions (CVE-2014-5077)
    - iovec: make sure the caller actually wants anything in
      memcpy_fromiovecend
    - sctp: fix possible seqlock seadlock in sctp_packet_transmit()
    - [sparc] Fix argument sign extension for compat_sys_futex().
    - [sparc] Handle 32-bit tasks properly in compute_effective_address().
    - [sparc] Fix top-level fault handling bugs.
    - [sparc] Don't bark so loudly about 32-bit tasks generating 64-bit fault
      addresses.
    - [sparc] Fix huge TSB mapping on pre-UltraSPARC-III cpus.
    - [sparc] Add membar to Niagara2 memcpy code.
    - [sparc] Do not insert non-valid PTEs into the TSB hash table.
    - [sparc] arch/sparc/math-emu/math_32.c: drop stray break operator
    - [amd64] Revert "x86-64, modify_ldt: Make support for 16-bit segments a
      runtime option"
    - [amd64] x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit
      stack
    - [amd64] x86_64/entry/xen: Do not invoke espfix64 on Xen
    - [amd64] x86/espfix/xen: Fix allocation of pages for paravirt page tables

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.103:
    - drm/radeon: only apply hdmi bpc pll flags when encoder mode is hdmi
    - drm/radeon: fix typo in radeon_connector_is_dp12_capable()
    - drm/radeon/atom: fix dithering on certain panels
    - drm/vmwgfx: Fix incorrect write to read-only register v2:
    - drm/radeon: stop poisoning the GART TLB
  * nfsd: Fix ACL null pointer deref (thanks to Sergio Gelato)
    (Closes: #754420)
  * ext4: fix BUG_ON in mb_free_blocks() (regression in 3.2.63)
  * udf: Avoid infinite loop when processing indirect ICBs (CVE-2014-6410)
  * libceph: do not hard code max auth ticket len (CVE-2014-6416,
    CVE-2014-6417, CVE-2014-6418)
  * sp5100_tco: Reject SB8x0 chips (Closes: #726150)
  * udeb: Add pata_rdc to pata-modules (Closes: #633128)

  [ Cyril Brulebois ]
  * udeb: Add virtio_scsi to virtio-modules (Closes: #756249).

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 27 Sep 2014 13:36:53 +0100

linux (3.2.60-1+deb7u3) wheezy-security; urgency=medium

  * net/l2tp: don't fall back on UDP [get|set]sockopt (CVE-2014-4943)
  * sctp: Fix sk_ack_backlog wrap-around problem (CVE-2014-4667)
  * [s390,s390x] ptrace: fix PSW mask check (CVE-2014-3534) (Closes: #728705)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 23 Jul 2014 13:12:02 +0100

linux (3.2.60-1+deb7u2) wheezy-security; urgency=medium

  * Revert "net: ipv4: ip_forward: fix inverted local_df test"
    (regression in 3.2.60) (Closes: #754173)
  * Revert "net: ip, ipv6: handle gso skbs in forwarding path"
    (regression in 3.2.57)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 20 Jul 2014 23:54:34 +0100

linux (3.2.60-1+deb7u1) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * CVE-2014-4699: ptrace,x86: force IRET path after a ptrace_stop()

 -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 04 Jul 2014 23:21:05 +0200

linux (3.2.60-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.58
    - net: sctp: fix skb leakage in COOKIE ECHO path of chunk->auth_chunk
    - bridge: multicast: add sanity check for query source addresses
    - net: unix: non blocking recvmsg() should not return -EINTR
      (regression in 2.6.38)
    - net: socket: error on a negative msg_namelen (regression in 3.2.53-1)
    - ipv6: ip6_append_data_mtu do not handle the mtu of the second fragment
      properly (regression in 3.2.50)
    - xen-netback: remove pointless clause from if statement
    - ipv6: some ipv6 statistic counters failed to disable bh
    - netlink: don't compare the nul-termination in nla_strcmp
    - [sparc] PCI: Fix incorrect address calculation of PCI Bridge windows on
      Simba-bridges
    - [sparc] Revert "sparc64: Fix __copy_{to,from}_user_inatomic defines."
    - [sparc] sparc64: don't treat 64-bit syscall return codes as 32-bit
    - [arm] mm: introduce present, faulting entries for PAGE_NONE
    - Btrfs: skip submitting barrier for missing device
    - jffs2: remove from wait queue after schedule()
    - jffs2: Fix segmentation fault found in stress test
    - jffs2: Fix crash due to truncation of csize
    - iwlwifi: dvm: take mutex when sending SYNC BT config command
    - ext4: fix partial cluster handling for bigalloc file systems
    - IB/ipath: Fix potential buffer overrun in sending diag packet routine
    - IB/nes: Return an error on ib_copy_from_udata() failure instead of NULL
    - mfd: Include all drivers in subsystem menu
    - audit: convert PPIDs to the inital PID namespace.
    - Btrfs: fix deadlock with nested trans handles
    - nfsd4: buffer-length check for SUPPATTR_EXCLCREAT
    - nfsd4: session needs room for following op to error out
    - dm thin: fix dangling bio in process_deferred_bios error path
    - nfsd4: fix setclientid encode size
    - [mips] Hibernate: Flush TLB entries in swsusp_arch_resume()
    - IB/mthca: Return an error on ib_copy_to_udata() failure
    - IB/ehca: Returns an error on ib_copy_to_udata() failure
    - reiserfs: fix race in readdir
    - ocfs2: dlm: fix lock migration crash
    - ocfs2: do not put bh when buffer_uptodate failed
    - iscsi-target: Fix ERL=2 ASYNC_EVENT connection pointer bug
    - wait: fix reparent_leader() vs EXIT_DEAD->EXIT_ZOMBIE race
    - [amd64] modify_ldt: Ban 16-bit segments on 64-bit kernels
    - target/tcm_fc: Fix use-after-free of ft_tpg
    - [x86] drivers: hv: additional switch to use mb() instead of smp_mb()
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.59
    - ext4: FIBMAP ioctl causes BUG_ON due to handle EXT_MAX_BLOCKS
    - ext4: note the error in ext4_end_bio()
    - ext4: use i_size_read in ext4_unaligned_aio()
    - locks: allow __break_lease to sleep even when break_time is 0
    - libata/ahci: accommodate tag ordered controllers
    - mm: make fixup_user_fault() check the vma access rights too
    - Btrfs: Don't allocate inode that is already in use
    - Btrfs: fix inode caching vs tree log
    - USB: io_ti: fix firmware download on big-endian machines
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.60
    - netfilter: Can't fail and free after table replacement
    - net: core: don't account for udp header size when computing seglen
      (regression in 3.2.57)
    - rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF
      is set
    - sctp: reset flowi4_oif parameter on route lookup (regression in 3.0)
    - Revert "macvlan : fix checksums error when we are in bridge mode"
      (regression in 2.6.39)
    - tcp_cubic: fix the range of delayed_ack
    - net: ipv4: ip_forward: fix inverted local_df test (regression in 3.2.57)
    - ipv4: fib_semantics: increment fib_info_cnt after fib_info allocation
    - act_mirred: do not drop packets when fails to mirror it
    - ipv4: initialise the itag variable in __mkroute_input
    - net-gro: reset skb->truesize in napi_reuse_skb()
    - [x86] thinkpad-acpi: fix issuing duplicated key events for brightness
      up/down
    - KVM: async_pf: mm->mm_users can not pin apf->mm
    - hrtimer: Prevent remote enqueue of leftmost timers
    - timer: Prevent overflow in apply_slack
    - media-device: fix infoleak in ioctl media_enum_entities()
    - usb: storage: shuttle_usbat: fix discs being detected twice
    - USB: Nokia 305 should be treated as unusual dev
    - USB: Nokia 5300 should be treated as unusual dev
    - NFSd: Move default initialisers from create_client() to alloc_client()
    - NFSd: call rpc_destroy_wait_queue() from free_client()
    - posix_acl: handle NULL ACL in posix_acl_equiv_mode
    - mm/page-writeback: Negative (setpoint-dirty) in bdi_position_ratio()
      (see #695182)
    - mm/page-writeback.c: fix divide by zero in pos_ratio_polynom
    - NFSD: Call ->set_acl with a NULL ACL structure if no entries
    - hrtimer: Set expiry time before switch_hrtimer_base()
    - V4L2: ov7670: fix a wrong index, potentially Oopsing the kernel from
      user-space
    - [x86] mm, hugetlb: Add missing TLB page invalidation for hugetlb_cow()
    - i2c: s3c2410: resume race fix
    - [amd64] modify_ldt: Make support for 16-bit segments a runtime option
    - libceph: fix corruption when using page_count 0 page in rbd
    - perf: Limit perf_event_attr::sample_period to 63 bits
    - perf: Prevent false warning in perf_swevent_add
    - nfsd4: remove lockowner when removing lock stateid
    - nfsd4: warn on finding lockowner without stateid's
    - [armel] dma: mv_xor: Flush descriptors before activating a channel
    - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a
      free hugepage

  [ Ben Hutchings ]
  * drm, agp: Update to 3.4.92:
    - i915: Skip intel_crt_init for Dell XPS 8700
    - drm/vmwgfx: correct fb_fix_screeninfo.line_length
    - drm/radeon: call drm_edid_to_eld when we update the edid
    - drm/radeon: fix ATPX detection on non-VGA GPUs
    - drm/nouveau/acpi: allow non-optimus setups to load vbios from acpi
    - drm/i915/sdvo: clean up connectors on intel_sdvo_init() failures
    - drm: fix documentation for drm_crtc_set_mode()
    - drm/radeon: fix typo in evergreen_mc_resume()
    - drm/i915: add missing \n to UTS_RELEASE in the error_state
    - DRM/i915: Add QUIRK_INVERT_BRIGHTNESS for NCR machines.
    - drm/radeon: use frac fb div on RS780/RS880
    - drm/radeon: cleanup properly if mmio mapping fails
    - drm/i915: Workaround incoherence between fences and LLC across multiple
      CPUs
    - drm/i915: ensure single initialization and cleanup of backlight device
    - drm/radeon: Another card with wrong primary dac adj
    - drm/i915: try not to lose backlight CBLV precision
    - drm/radeon: fix panel scaling with eDP and LVDS bridges
    - drm/ttm: Fix memory type compatibility check
    - drm/radeon: fix hdmi mode enable on RS600/RS690/RS740
    - drm/radeon: always program the MC on startup
  * [rt] Update to 3.2.60-rt87:
    - net: gianfar: do not disable interrupt
    - rcu: make RCU_BOOST default on RT
  * [mips] seccomp: Check system calls whenever seccomp is enabled,
    even if audit and trace are disabled (Closes: #751417) (CVE-2014-4157)
  * netfilter: ipv4: defrag: set local_df flag on defragmented skb
    (fixes regression in 3.2.57 and another in 3.2.60)
  * PCI/sysfs: add per pci device msi[x] irq listing (Closes: #748595)
    - PCI/MSI: Export MSI mode using attributes, not kobjects
    - Fix various memory leaks in this feature
  * [rt] Fix latency histogram after "hrtimer: Set expiry time before
    switch_hrtimer_base()" in 3.2.60
  * auditsc: audit_krule mask accesses need bounds checking (CVE-2014-3917)
  * mm: add !pte_present() check on existing hugetlb_entry callbacks
    (CVE-2014-3940)
  * [x86] x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
  * ALSA: control: Protect user controls against concurrent access
    (CVE-2014-4652)
  * ALSA: control: Don't access controls outside of protected regions
    (CVE-2014-4653)
  * ALSA: control: Fix replacing user controls (CVE-2014-4654, CVE-2014-4655)
  * ALSA: control: Make sure that id->index does not overflow;
    Handle numid overflow (CVE-2014-4656)
  * target: Explicitly clear ramdisk_mcp backend pages (CVE-2014-4027)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 29 Jun 2014 02:09:50 +0100

linux (3.2.57-3+deb7u2) wheezy-security; urgency=high

  * futex: Add another early deadlock detection check
  * futex: Prevent attaching to kernel threads
  * futex: Forbid uaddr == uaddr2 in futex_requeue(..., requeue_pi=1)
    (CVE-2014-3153)
  * futex: Validate atomic acquisition in futex_lock_pi_atomic()
  * futex: Always cleanup owner tid in unlock_pi
  * futex: Make lookup_pi_state more robust
  * filter: prevent nla extensions to peek beyond the end of the message
    (CVE-2014-3145)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 04 Jun 2014 22:29:31 +0100

linux (3.2.57-3+deb7u1) wheezy-security; urgency=high

  * n_tty: Fix n_tty_write crash when echoing in raw mode (CVE-2014-0196)
  * floppy: ignore kernel-only members in FDRAWCMD ioctl input (CVE-2014-1737)
  * floppy: don't write kernel-only members to FDRAWCMD ioctl output
    (CVE-2014-1738)
  * mm: try_to_unmap_cluster() should lock_page() before mlocking
    (CVE-2014-3122)
  * net: ipv4: current group_info should be put after using. (CVE-2014-2851)
  * Revert "isci: fix reset timeout handling" (Closes: #746642)
  * skbuff: export skb_copy_ubufs (Closes: #746602)
  * Revert "perf/x86/amd/ibs: Fix waking up from S3 for AMD family 10h"
    (Closes: #746411)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 10 May 2014 21:20:57 +0100

linux (3.2.57-3) wheezy; urgency=medium

  * rtl8192ce: Fix null dereference in watchdog (Closes: #745137)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 22 Apr 2014 20:48:59 +0100

linux (3.2.57-2) wheezy; urgency=medium

  * Revert "ALSA: Enable CONFIG_ZONE_DMA for smaller PCI DMA masks"
    (fixes FTBFS on several architectures where it changed ABI)
  * e1000e,igb: Backport changes up to Linux 3.13 (Closes: #705959)
    - e1000e: add RX hash support
    - e1000e: add support for i217 and i218
    - e1000e: 82571 Tx Data Corruption during Tx hang recovery
    - igb: add basic runtime PM support
    - igb: Add Support for new i210/i211 devices.
    - igb: Add 1588 support to I210/I211.
    - igb: Enable hwmon data output for thermal sensors via I2C. [!sparc]
    - igb: Add support for SW timestamping
    - igb: Don't give VFs random MAC addresses
    - igb: Support for 100base-fx SFP
    - igb: Enable EEE LP advertisement
    - igb: Add support for i354 devices
    - igb: Support for SFP modules discovery
    - igb: Expose RSS indirection table for ethtool
  * [x86] crypto: ghash-clmulni-intel - use C implementation for setkey()
  * [x86] powernow-k6: disable cache when changing frequency

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 16 Apr 2014 23:29:10 +0100

linux (3.2.57-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.55
    - net: do not pretend FRAGLIST support
    - ipv6: don't count addrconf generated routes against gc limit
    - net: drop_monitor: fix the value of maxattr
    - net: unix: allow bind to fail on mutex lock
    - net: inet_diag: zero out uninitialized idiag_{src,dst} fields
    - drivers/net/hamradio: Integer overflow in hdlcdrv_ioctl()
    - rds: prevent dereference of a NULL device (CVE-2013-7339)
    - net: rose: restore old recvmsg behavior (regression in 3.2.54)
    - vlan: Fix header ops passthru when doing TX VLAN offload.
    - net: llc: fix use after free in llc_ui_recvmsg
    - net: avoid reference counter overflows on fib_rules in multicast
      forwarding
    - xfs: Account log unmount transaction correctly (Closes: #737036)
    - staging: comedi: cb_pcidio: fix for newer PCI-DIO48H
    - hpfs: fix warnings when the filesystem fills up
    - ext4: call ext4_error_inode() if jbd2_journal_dirty_metadata() fails
    - ext4: fix use-after-free in ext4_mb_new_blocks
    - ext4: check for overlapping extents in ext4_valid_extent_entries()
    - ext2: Fix oops in ext2_get_block() called from ext2_quota_write()
    - ext4: fix del_timer() misuse for ->s_err_report
    - xhci: Limit the spurious wakeup fix only to HP machines
      (regression in 3.2.53)
    - radiotap: fix bitmap-end-finding buffer overrun
    - sched/rt: Fix rq's cpupri leak while enqueue/dequeue child RT entities
    - rtlwifi: pci: Fix oops on driver unload
    - net_dma: mark broken
    - ext4: add explicit casts when masking cluster sizes
    - selinux: fix broken peer recv check
    - selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()
    - [powerpc] Fix bad stack check in exception entry
    - md/raid5: Fix possible confusion when multiple write errors occur.
    - md/raid10: fix two bugs in handling of known-bad-blocks.
    - md/raid10: fix bug when raid10 recovery fails to recover a block.
    - nilfs2: fix segctor bug that causes file system corruption
    - perf/x86/amd/ibs: Fix waking up from S3 for AMD family 10h
    - mm: fix aio performance regression for database caused by THP
    - mm: hugetlbfs: fix hugetlbfs optimization
    - sched/rt: Fix SCHED_RR across cgroups
    - sched,rt: fix isolated CPUs leaving root_task_group indefinitely
      throttled
    - sched: Unthrottle rt runqueues in __disable_runtime()
    - sched/rt: Avoid updating RT entry timeout twice within one tick period
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.56
    - selinux: process labeled IPsec TCP SYN-ACK packets properly in
      selinux_ip_postroute()
    - USB: pl2303: fix data corruption on termios updates
    - USB: Nokia 502 is an unusual device
    - sunrpc: Fix infinite loop in RPC state machine
    - USB: ftdi_sio: added CS5 quirk for broken smartcard readers
      (regression in 3.2.54)
    - dm: wait until embedded kobject is released before destroying a device
    - ftrace: Use schedule_on_each_cpu() as a heavy synchronize_sched()
    - ftrace: Fix synchronization location disabling and freeing ftrace_ops
    - dm sysfs: fix a module unload race
    - [x86] KVM: limit PIT timer frequency
    - md/raid5: fix long-standing problem with bitmap handling on write failure.
    - libata: disable LPM for some WD SATA-I devices
    - intel-iommu: fix off-by-one in pagetable freeing (Closes: #743263)
    - fuse: fix pipe_buf_operations
    - [powerpc] KVM: e500: Fix bad address type in deliver_tlb_misss()
    - btrfs: restrict snapshotting to own subvolumes
    - Btrfs: setup inode location during btrfs_init_inode_locked
    - KVM: return an error code in kvm_vm_ioctl_register_coalesced_mmio()
    - [s390] crypto: Don't panic after crypto instruction failures
    - [s390] crypto: fix concurrency issue in aes-ctr mode
    - [s390] crypto: fix des and des3_ede cbc concurrency issue
    - [s390] crypto: fix des and des3_ede ctr concurrency issue
    - mm, oom: base root bonus on current usage
    - sata_sil: apply MOD15WRITE quirk to TOSHIBA MK2561GSYN
    - SELinux: Fix kernel BUG on empty security contexts. (CVE-2014-1874)
    - mac80211: fix fragmentation code, particularly for encryption
    - mm/swap: fix race on swap_info reuse between swapoff and swapon
    - mm: __set_page_dirty_nobuffers() uses spin_lock_irqsave() instead of
      spin_lock_irq()
    - mm: __set_page_dirty uses spin_lock_irqsave instead of spin_lock_irq
    - raw: test against runtime value of max_raw_minors
    - staging: comedi: adv_pci1710: fix analog output readback value
    - [armhf] 7953/1: mm: ensure TLB invalidation is complete before
      enabling MMU
    - [arm] 7955/1: spinlock: ensure we have a compiler barrier before sev
    - fs/file.c:fdtable: avoid triggering OOMs from alloc_fdmem
    - SUNRPC: Fix races in xs_nospace()
    - block: add cond_resched() to potentially long running ioctl discard loop
    - lockd: send correct lock when granting a delayed lock.
    - [mips] Fix potential corruption of DMA buffers
    - [mips] rtl8187: fix regression on MIPS without coherent DMA
    - EDAC: Correct workqueue setup path
    - PCI: Enable INTx if BIOS left them disabled
    - PCI: Enable INTx in pci_reenable_device() only when MSI/MSI-X not enabled
    - ext4: don't leave i_crtime.tv_sec uninitialized
    - [arm] 7957/1: add DSB after icache flush in __flush_icache_all()
    - workqueue: ensure @task is valid across kthread_stop()
    - cgroup: update cgroup_enable_task_cg_lists() to grab siglock
    - mac80211: fix AP powersave TX vs. wakeup race (CVE-2014-2706)
    - SELinux: bigendian problems with filename trans rules
    - ath9k: protect tid->sched check (CVE-2014-2672)
    - ath9k: Fix ETSI compliance for AR9462 2.0
    - quota: Fix race between dqput() and dquot_scan_active()
    - [x86] i7core_edac: Fix PCI device reference count
    - [x86] i7300_edac: Fix device reference count
    - [x86] ioat: fix tasklet tear down (regression in 3.2.55)
    - genirq: Remove racy waitqueue_active check
    - sched: Fix double normalization of vruntime
    - [x86] perf: Fix event scheduling
    - perf: Fix hotplug splat
    - cpuset: fix a race condition in __cpuset_node_allowed_softwall()
    - can: flexcan: flexcan_remove(): add missing netif_napi_del()
    - ocfs2: fix quota file corruption
    - mac80211: clear sequence/fragment number in QoS-null frames
    - net: unix socket code abuses csum_partial
    - ocfs2 syncs the wrong range...
    - [x86] vmxnet3: fix netpoll race condition
    - staging: comedi: ssv_dnp: correct insn_bits result
    - mm/hugetlb: check for pte NULL pointer in __page_check_address()
    - hpfs: deadlock and race in directory lseek()
    - timekeeping: fix 32-bit overflow in get_monotonic_boottime
    - net: fix 'ip rule' iif/oif device rename
    - saa7134: Fix unlocked snd_pcm_stop() call
    - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable
      (CVE-2014-0101)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.57
    - ext4: atomically set inode->i_flags in ext4_set_inode_flags()
    - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
      (CVE-2014-2523)
    - net: add and use skb_gso_transport_seglen()
    - net: ip, ipv6: handle gso skbs in forwarding path
    - deb-pkg: Fix cross-building linux-headers package (Closes: #649748)
    - KVM: MMU: handle invalid root_hpa at __direct_map
    - KVM: VMX: fix use after free of vmx->loaded_vmcs
    - cifs: ensure that uncached writes handle unmapped areas correctly
      (CVE-2014-0069)
    - [s390] fix kernel crash due to linkage stack instructions (CVE-2014-2039)

  [ Ben Hutchings ]
  * [rt] Update to 3.2.55-rt81:
    - cpu_down: move migrate_enable() back
    - lockdep: Correctly annotate hardirq context in irq_exit()
    - rtmutex: use a trylock for waiter lock in trylock
    - smp: introduce a generic on_each_cpu_mask() function
    - smp: add func to IPI cpus based on parameter func
    - fs: only send IPI to invalidate LRU BH when needed
    - rcutree/rcu_bh_qs: disable irq while calling rcu_preempt_qs()
    - Revert "x86: Disable IST stacks for debug/int 3/stack fault for
      PREEMPT_RT"
    - rt: Make cpu_chill() use hrtimer instead of msleep(
    - kernel/hrtimer: be non-freezeable in cpu_chill()
    - arm/unwind: use a raw_spin_lock
    - net: sched: dev_deactivate_many(): use msleep(1) instead of yield() to
      wait for outstanding qdisc_run calls
    - fs: jbd2: pull your plug when waiting for space
    - cpu_chill: Add a UNINTERRUPTIBLE hrtimer_nanosleep
  * drm, agp: Update to 3.4.86:
    - drm/radeon: warn users when hw_i2c is enabled (v2)
    - radeon/pm: Guard access to rdev->pm.power_state array
    - drm/radeon: skip colorbuffer checking if COLOR_INFO.FORMAT is set to
      INVALID
    - drm/radeon: set the full cache bit for fences on r7xx+
    - drm/radeon/DCE4+: clear bios scratch dpms bit (v2)
    - drm/i915: kick any firmware framebuffers before claiming the gtt
    - drm/ttm: don't oops if no invalidate_caches()
    - drm/radeon/atom: select the proper number of lanes in transmitter setup
  * ipc/msg: fix race around refcount (CVE-2013-4483)
  * ALSA: usb-audio: add front jack channel selector for EMU0204
    (thanks to Mark Hymers) (Closes: #742139)
  * vhost: validate vhost_get_vq_desc return value (CVE-2014-0055)
  * vhost: fix total length when packets are too short (CVE-2014-0077)
  * rds: prevent dereference of a NULL device in  rds_iw_laddr_check
    (CVE-2014-2678)
  * skbuff: skb_segment: orphan frags before copying (CVE-2014-0131)
  * ipv6: don't set DST_NOCOUNT for remotely added routes (CVE-2014-2309)
  * vlan: Set correct source MAC address with TX VLAN offload enabled
    (regression in 3.2.55)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 14 Apr 2014 01:38:31 +0100

linux (3.2.54-2) wheezy; urgency=high

  * [arm] Ignore ABI change in omap_dsp_get_mempool_base (fixes FTBFS)

 -- dann frazier <dannf@debian.org>  Sat, 01 Feb 2014 13:08:46 +0000

linux (3.2.54-1) wheezy; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54
    - NFSv4: Fix a use-after-free situation in _nfs4_proc_getlk()
    - USB: mos7840: fix tiocmget error handling
    - ALSA: 6fire: Fix probe of multiple cards
    - can: c_can: Fix RX message handling, handle lost message before EOB
    - dm mpath: fix race condition between multipath_dtr and pg_init_done
    - ext4: avoid bh leak in retry path of ext4_expand_extra_isize_ea()
    - KVM: IOMMU: hva align mapping page size
    - crypto: s390 - Fix aes-cbc IV corruption
    - audit: printk USER_AVC messages when audit isn't enabled
    - audit: fix info leak in AUDIT_GET requests
    - audit: use nlmsg_len() to get message payload length
    - PM / hibernate: Avoid overflow in hibernate_preallocate_memory()
    - blk-core: Fix memory corruption if blkcg_init_queue fails
    - block: fix a probe argument to blk_register_region
    - SUNRPC: Fix a data corruption issue when retransmitting RPC calls
    - mwifiex: correct packet length for packets from SDIO interface
    - vsprintf: check real user/group id for %pK
    - ipc, msg: fix message length check for negative values
    - hwmon: (lm90) Fix max6696 alarm handling
    - rtlwifi: rtl8192cu: Fix more pointer arithmetic errors
    - setfacl removes part of ACL when setting POSIX ACLs to Samba
    - nfsd: make sure to balance get/put_write_access
    - nfsd4: fix xdr decoding of large non-write compounds (regression
      in 3.2.49)
    - NFSv4 wait on recovery for async session errors
    - powerpc/signals: Mark VSX not saved with small contexts
    - iscsi-target: fix extract_param to handle buffer length corner case
    - iscsi-target: chap auth shouldn't match username with trailing garbage
    - configfs: fix race between dentry put and lookup
    - [powerpc] signals: Improved mark VSX not saved with small contexts fix
    - mac80211: don't attempt to reorder multicast frames
    - Staging: zram: Fix access of NULL pointer
    - Staging: zram: Fix memory leak by refcount mismatch
    - irq: Enable all irqs unconditionally in irq_resume
    - tracing: Allow events to have NULL strings
    - [armhf/omap] Staging: tidspbridge: disable driver
    - cpuset: Fix memory allocator deadlock
    - crypto: authenc - Find proper IV address in ablkcipher callback
    - crypto: scatterwalk - Set the chain pointer indication bit
    - [s390] crypto: s390 - Fix aes-xts parameter corruption
    - crypto: ccm - Fix handling of zero plaintext when computing mac
    - net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST
      (fixes regression in 3.2.17)
    - hpsa: do not discard scsi status on aborted commands
    - hpsa: return 0 from driver probe function on success, not 1
    - [arm] 7912/1: check stack pointer in get_wchan
    - [arm] 7913/1: fix framepointer check in unwind_frame
    - ALSA: memalloc.h - fix wrong truncation of dma_addr_t
    - dm snapshot: avoid snapshot space leak on crash
    - dm table: fail dm_table_create on dm_round_up overflow
    - hwmon: (w83l786ng) Fix fan speed control mode setting and reporting
    - hwmon: (w83l768ng) Fix fan speed control range
    - futex: fix handling of read-only-mapped hugepages
    - KVM: Improve create VCPU parameter (CVE-2013-4587)
    - [x86] KVM: Fix potential divide by 0 in lapic (CVE-2013-6367)
    - net: Fix "ip rule delete table 256" (Closes: #724783)
    - 6lowpan: Uncompression of traffic class field was incorrect
    - ipv4: fix possible seqlock deadlock
    - inet: prevent leakage of uninitialized memory to user in recv syscalls
    - net: rework recvmsg handler msg_name and msg_namelen logic
    - net: add BUG_ON if kernel advertises msg_namelen >
      sizeof(struct sockaddr_storage)
    - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu
      functions
    - ipv6: fix leaking uninitialized port number of offender sockaddr
    - net: core: Always propagate flag changes to interfaces
    - packet: fix use after free race in send path when dev is released
    - inet: fix possible seqlock deadlocks
    - ipv6: fix possible seqlock deadlock in ip6_finish_output2
    - ftrace: Check module functions being traced on reload
    - ftrace: Fix function graph with loading of modules
    - mmc: block: fix a bug of error handling in MMC driver

  [ Ben Hutchings ]
  * SCSI: virtio_scsi: fix memory leak on full queue condition
    (Closes: #730138)
  * drm, agp: Update to 3.4.76:
    - drm/radeon: fix asic gfx values for scrapper asics
    - drm/edid: add quirk for BPC in Samsung NP700G7A-S01PL notebook
    - drm/radeon: fixup bad vram size on SI

  [ dann frazier ]
  * ath9k_htc: properly set MAC address and BSSID mask (CVE-2013-4579)
  * KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368)
  * x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (CVE-2014-1438)
  * hamradio/yam: fix info leak in ioctl (CVE-2014-1446)

 -- dann frazier <dannf@debian.org>  Wed, 29 Jan 2014 13:42:01 -0700

linux (3.2.53-2) wheezy; urgency=high

  * [sparc] Ignore insignificant ABI changes (fixes FTBFS)
  * [powerpc] Update CPU device backport to work after 'powerpc/sysfs:
    Disable writing to PURR in guest mode' in 3.2.52 (fixes FTBFS)
  * exec/ptrace: Fix typo in backport of 'fix get_dumpable() incorrect tests'
    (CVE-2013-2929) (Closes: #732208)
  * net: Fix infinite loop in in skb_flow_dissect() (CVE-2013-4348)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 17 Dec 2013 03:24:07 +0000

linux (3.2.53-1) wheezy; urgency=medium

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.52
    - 8139cp: Add dma_mapping_error checking
    - ipv6: drop packets with multiple fragmentation headers
    - ipv6: Don't depend on per socket memory for neighbour discovery messages
    - HID: hidraw: correctly deallocate memory on device disconnect
    - xen-gnt: prevent adding duplicate gnt callbacks
    - usb: config->desc.bLength may not exceed amount of data returned by the
      device
    - USB: cdc-wdm: fix race between interrupt handler and tasklet
    - [powerpc] Handle unaligned ldbrx/stdbrx
    - intel-iommu: Fix leaks in pagetable freeing
    - ath9k: fix rx descriptor related race condition
    - ath9k: avoid accessing MRC registers on single-chain devices
    - rculist: list_first_or_null_rcu() should use list_entry_rcu()
    - USB: mos7720: fix big-endian control requests
    - of: Fix missing memory initialization on FDT unflattening
    - fuse: postpone end_page_writeback() in fuse_writepage_locked()
    - fuse: invalidate inode attributes on xattr modification
    - fuse: hotfix truncate_pagecache() issue
    - hdpvr: register the video node at the end of probe
    - hdpvr: fix iteration over uninitialized lists in hdpvr_probe()
    - fuse: readdir: check for slash in names
    - crypto: api - Fix race condition in larval lookup
    - sd: Fix potential out-of-bounds access
    - ocfs2: fix the end cluster offset of FIEMAP
    - mm/huge_memory.c: fix potential NULL pointer dereference
    - sched/fair: Fix small race where child->se.parent,cfs_rq might point to
      invalid ones
    - HID: zeroplus: validate output report details (CVE-2013-2889)
    - HID: LG: validate HID output report details (CVE-2013-2893)
    - HID: validate feature and input report details (CVE-2013-2897)
    - HID: logitech-dj: validate output report details (CVE-2013-2895)
    - nilfs2: fix issue with race condition of competition between segments
      for dirty blocks
    - powerpc: Fix parameter clobber in csum_partial_copy_generic()
    - powerpc: Restore registers on error exit from csum_partial_copy_generic()
    - net: sctp: fix smatch warning in sctp_send_asconf_del_ip
    - net: sctp: fix ipv6 ipsec encryption bug in sctp_v6_xmit (CVE-2013-4350)
    - ip: generate unique IP identificator if local fragmentation is allowed
    - ipv6: udp packets following an UFO enqueued packet need also be handled
      by UFO (CVE-2013-4387)
    - esp_scsi: Fix tag state corruption when autosensing.
    - [sparc] Fix not SRA'ed %o5 in 32-bit traced syscall
    - perf: Use css_tryget() to avoid propping up css refcount
    - Revert "zram: use zram->lock to protect zram_free_page() in swap free
      notify path" (regression in 3.2.49)
    - macvtap: do not zerocopy if iov needs more pages than MAX_SKB_FRAGS
    - sfc: Fix efx_rx_buf_offset() for recycled pages
    - cgroup: fail if monitored file and event_control are in different cgroup
    - perf: Fix perf_cgroup_switch for sw-events
    - Revert "sctp: fix call to SCTP_CMD_PROCESS_SACK in
      sctp_cmd_interpreter()" (regression in 3.2.34)
    - iscsi: don't hang in endless loop if no targets present
    - cpqarray: fix info leak in ida_locked_ioctl() (CVE-2013-2147)
    - cciss: fix info leak in cciss_ioctl32_passthru() (CVE-2013-2147)
    - staging: comedi: ni_65xx: (bug fix) confine insn_bits to one subdevice
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.53
    - tcp: must unclone packets before mangling them
    - tcp: do not forget FIN in tcp_shifted_skb() (fixes regression in 2.6.39)
    - net: do not call sock_put() on TIMEWAIT sockets
    - net: heap overflow in __audit_sockaddr()
    - proc connector: fix info leaks
    - ipv6: restrict neighbor entry creation to output flow
      (fixes regression in 3.2.39)
    - farsync: fix info leak in ioctl
    - connector: use nlmsg_len() to check message length
    - wanxl: fix info leak in ioctl
    - net: unix: inherit SOCK_PASS{CRED, SEC} flags from socket to fix race
      (fixes regression in 3.2)
    - net: fix cipso packet validation when !NETLABEL
    - zram: allow request end to coincide with disksize
    - perf: Fix perf ring buffer memory ordering
    - inet: fix possible memory corruption with UDP_CORK and UFO
      (CVE-2013-4470)
    - tracing: Fix potential out-of-bounds in trace_get_user()
    - include/linux/fs.h: disable preempt when acquire i_size_seqcount write
      lock
    - jfs: fix error path in ialloc
    - random: run random_int_secret_init() run after all late_initcalls
    - mac80211: drop spoofed packets in ad-hoc mode
    - libata: make ata_eh_qc_retry() bump scmd->allowed on bogus failures
    - [powerpc] KVM: PPC: Book3S HV: Fix typo in saving DSCR
    - compiler/gcc4: Add quirk for 'asm goto' miscompilation bug
    - ext4: fix memory leak in xattr
    - [hppa] fix interruption handler to respect pagefault_disable()
    - dm snapshot: fix data corruption (CVE-2013-4299)
    - ecryptfs: Fix memory leakage in keystore.c
    - target/pscsi: fix return value check
    - Fix a few incorrectly checked [io_]remap_pfn_range() calls
      (CVE-2013-4511)
    - uml: check length in exitcode_proc_write() (CVE-2013-4512)
    - aacraid: missing capable() check in compat ioctl
    - staging: wlags49_h2: buffer overflow setting station name
    - Staging: bcm: info leak in ioctl
    - lib/scatterlist.c: don't flush_kernel_dcache_page on slab page

  * [armel/orion5x] i2c: mv64xxx: work around signals causing I2C transactions
    to be aborted
  * [armel/orion5x] I2C: mv64xxx: fix race between FSM/interrupt and process
    context (Closes: #622325)
  * aufs: Set version to 3.2.x-debian
  * drm: fix DRM_IOCTL_MODE_GETFB handle-leak
  * drm, agp: Update to 3.4.72:
    - drm/edid: add quirk for Medion MD30217PG
    - drm/ttm: fix the tt_populated check in ttm_tt_destroy()
    - drm/radeon: fix LCD record parsing
    - drm/radeon: fix endian bugs in hw i2c atom routines
    - drm/radeon: update line buffer allocation for dce4.1/5
    - drm/radeon: update line buffer allocation for dce6
    - drm/radeon: fix resume on some rs4xx boards (v2)
    - drm/radeon: fix handling of variable sized arrays for router objects
    - drm/radeon/atom: workaround vbios bug in transmitter table on rs880 (v2)
    - drm/i915/dp: increase i2c-over-aux retry interval on AUX DEFER
    - drm/radeon: disable tests/benchmarks if accel is disabled
    - drm/radeon: fix hw contexts for SUMO2 asics
    - drm: Prevent overwriting from userspace underallocating core ioctl structs
    - drm/radeon/atom: workaround vbios bug in transmitter table on rs780
    - drm/ttm: Handle in-memory region copies
    - drm/i915: flush cursors harder
    - drm/nouveau: when bailing out of a pushbuf ioctl, do not remove previous
      fence
    - drm/radeon/si: fix define for MC_SEQ_TRAIN_WAKEUP_CNTL
    - radeon: workaround pinning failure on low ram gpu
  * [rt] Update to 3.2.53-rt75:
    - genirq: Set the irq thread policy without checking CAP_SYS_NICE
    - hwlat-detector: Don't ignore threshold module
    - mm/memcontrol: Don't call schedule_work_on in preemption disabled context
    - drm: remove preempt_disable() from
      drm_calc_vbltimestamp_from_scanoutpos()
  * net: clamp ->msg_namelen instead of returning an error (fixes
    regression in 3.2.53)
  * rds: prevent BUG_ON triggered on congestion update to loopback
    (CVE-2012-2372)  
  * HID: multitouch: validate indexes details (CVE-2013-2897)
  * exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929)
  * crypto: ansi_cprng - Fix off by one error in non-block size request
    (CVE-2013-4345)
  * KVM: perform an invalid memslot step for gpa base change
  * KVM: Fix iommu map/unmap to handle memory slot moves (CVE-2013-4592)
  * [armhf] 7527/1: uaccess: explicitly check __user pointer when
    !CPU_USE_DOMAINS (CVE-2013-6282)
  * libertas: potential oops in debugfs (CVE-2013-6378)
  * aacraid: prevent invalid pointer dereference (CVE-2013-6380)
  * [s390,s390x] qeth: avoid buffer overflow in snmp ioctl (CVE-2013-6381)
  * xfs: underflow bug in xfs_attrlist_by_handle() (CVE-2013-6382)

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 06 Dec 2013 07:23:56 +0000

linux (3.2.51-1) wheezy; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.47
    - xfs: kill suid/sgid through the truncate path.
    - ALSA: usb-audio: fix possible hang and overflow in
      parse_uac2_sample_rate_range()
    - ALSA: usb-audio: avoid integer overflow in create_fixed_stream_quirk()
    - xen-netfront: reduce gso_max_size to account for max TCP header
    - jfs: fix a couple races
    - USB: revert periodic scheduling bugfix (fixes regression in 3.2.39)
    - USB: keyspan: fix bogus array index
    - Bluetooth: Fix missing length checks for L2CAP signalling PDUs
    - swap: avoid read_swap_cache_async() race to deadlock while waiting on
      discard I/O completion
    - mm: migration: add migrate_entry_wait_huge()
    - USB: spcp8x5: fix device initialisation at open
    - USB: pl2303: fix device initialisation at open
    - md/raid1: consider WRITE as successful only if at least one non-Faulty
      and non-rebuilding drive completed it.
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.48
    - ARM: 7755/1: handle user space mapped pages in flush_kernel_dcache_page
    - ARM: 7772/1: Fix missing flush_kernel_dcache_page() for noMMU
    - [x86] Modify UEFI anti-bricking code
    - tcp: fix tcp_md5_hash_skb_data()
    - ipv6: fix possible crashes in ip6_cork_release()
    - r8169: fix 8168evl frame padding.
    - ip_tunnel: fix kernel panic with icmp_dest_unreach
    - net: Block MSG_CMSG_COMPAT in send(m)msg and recv(m)msg
    - net: force a reload of first item in hlist_nulls_for_each_entry_rcu
    - net: sctp: fix NULL pointer dereference in socket destruction
    - l2tp: Fix PPP header erasure and memory leak
    - ncpfs: fix rmdir returns Device or resource busy (regression in 3.1)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.49
    - zram: avoid invalid memory access in zram_exit()
    - zram: use zram->lock to protect zram_free_page() in swap free notify path
    - zram: avoid access beyond the zram device
    - zram: protect sysfs handler from invalid memory access
    - Bluetooth: Fix crash in l2cap_build_cmd() with small MTU
    - xhci: check for failed dma pool allocation
    - drivers: hv: switch to use mb() instead of smp_mb()
    - media: dmxdev: remove dvb_ringbuffer_flush() on writer side
    - hw_breakpoint: Use cpu_possible_mask in {reserve,release}_bp_slot()
    - iommu/amd: Only unmap large pages from the first pte
    - futex: Take hugepages into account when generating futex_key
    - perf: Disable monitoring on setuid processes for regular users
    - cgroup: fix RCU accesses to task->cgroups
    - dlci: acquire rtnl_lock before calling __dev_get_by_name()
    - dlci: validate the net device in dlci_del()
    - genirq: Fix can_request_irq() for IRQs without an action
      (Closes: #709647)
    - writeback: Fix periodic writeback after fs mount
    - UBIFS: fix a horrid bug - data race between readdir and llseek
    - powerpc/smp: Section mismatch from smp_release_cpus to __initdata
      spinning_secondaries
    - ext3,ext4: don't mess with dir_file->f_pos in htree_dirblock_to_tree()
    - jbd2: fix theoretical race in jbd2__journal_restart
    - drivers/dma/pl330.c: fix locking in pl330_free_chan_resources()
    - ocfs2: xattr: fix inlined xattr reflink
    - crypto: sanitize argument for format string
    - hpfs: better test for errors
    - iscsi-target: Fix tfc_tpg_nacl_auth_cit configfs length overflow
    - perf: Clone child context from parent context pmu
    - perf: Remove WARN_ON_ONCE() check in __perf_event_enable() for valid
      scenario
    - perf: Fix perf_lock_task_context() vs RCU
    - perf: Fix perf mmap bugs
    - perf: Fix mmap() accounting hole
    - ext4: fix overflow when counting used blocks on 32-bit architectures
    - ext4: fix data offset overflow in ext4_xattr_fiemap() on 32-bit archs
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.50
    - macvtap: fix recovery from gup errors
    - neighbour: fix a race in neigh_destroy()
    - net: Swap ver and type in pppoe_hdr
    - ipv6,mcast: always hold idev->lock before mca_lock
    - macvtap: correctly linearize skb when zerocopy is used
    - 9p: fix off by one causing access violations and memory corruption
    - atl1e: fix dma mapping warnings
    - atl1e: unmap partially mapped skb on dma error and free skb
    - vlan: fix a race in egress prio management
    - [sparc] tsb must be flushed before tlb
    - virtio_net: fix race in RX VQ processing
    - bnx2fc: Fix incorrect memset in bnx2fc_parse_fcp_rsp
    - xen/blkback: Check for insane amounts of request on the ring (v6).
    - lockd: protect nlm_blocked access in nlmsvc_retry_blocked
    - ext4: don't allow ext4_free_blocks() to fail due to ENOMEM
    - ACPI / memhotplug: Fix a stale pointer in error path
    - ALSA: Fix unlocked snd_pcm_stop() calls in various drivers
    - Btrfs: fix lock leak when resuming snapshot deletion
    - Btrfs: re-add root to dead root list if we stop dropping it
    - ALSA: usb-audio: 6fire: return correct XRUN indication
    - [x86] isci: Fix a race condition in the SSP task management path
    - sd: fix crash when UA received on DIF enabled device
    - nfsd: nfsd_open: when dentry_open returns an error do not propagate as
      struct file
    - staging: comedi: fix a race between do_cmd_ioctl() and read/write
    - usb: host: xhci: Enable XHCI_SPURIOUS_SUCCESS for all controllers with
      xhci 1.0
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.51
    - sctp: fully initialize sctp_outq in sctp_outq_init
    - ipv6: take rtnl_lock and mark mrt6 table as freed on namespace cleanup
    - net_sched: Fix stack info leak in cbq_dump_wrr().
    - af_key: more info leaks in pfkey messages
    - net_sched: info leak in atm_tc_dump_class()
    - ALSA: ak4xx-adda: info leak in ak4xxx_capture_source_info()
    - NFSv4.1: integer overflow in decode_cb_sequence_args()
    - jfs: fix readdir cookie incompatibility with NFSv4 (Closes: #714974)
    - mac80211: fix duplicate retransmission detection
    - [arm] 7791/1: a.out: remove partial a.out support
    - [x86] fpu: correct the asm constraints for fxsave, unbreak mxcsr.daz
    - USB: mos7840: fix race in register handling
    - serial/mxs-auart: fix race condition in interrupt handler
    - serial/mxs-auart: increase time to wait for transmitter to become idle
    - ixgbe: Fix Tx Hang issue with lldpad on 82598EB
    - virtio: console: fix race with port unplug and open/close
    - virtio: console: fix race in port_fops_open() and port unplug
    - virtio: console: clean up port data immediately at time of unplug
    - ACPI / battery: Fix parsing _BIX return value (Closes: #721468)
    - cifs: extend the buffer length enought for sprintf() using
    - iwlwifi: dvm: fix calling ieee80211_chswitch_done() with NULL
    - ALSA: 6fire: fix DMA issues with URB transfer_buffer usage
    - cifs: don't instantiate new dentries in readdir for inodes that need
      to be revalidated immediately (fixes regression in 3.2.46)
    - hwmon: (adt7470) Fix incorrect return code check
    - zd1201: do not use stack as URB transfer_buffer
    - Hostap: copying wrong data prism2_ioctl_giwaplist()
    - ALSA: 6fire: make buffers DMA-able (pcm)
    - ALSA: 6fire: make buffers DMA-able (midi)
    - jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - [arm] 7809/1: perf: fix event validation for software group leaders
    - [arm] perf: Fix armpmu_map_hw_event()
    - fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - USB: mos7720: fix broken control requests
    - USB: keyspan: fix null-deref at disconnect and release
    - block: Add bio_for_each_segment_all()
    - sg: Fix user memory corruption when SG_IO is interrupted by a signal
    - of: fdt: fix memory initialization for expanded DT
    - nilfs2: remove double bio_put() in nilfs_end_bio_write() for
      BIO_EOPNOTSUPP error
    - nilfs2: fix issue with counting number of bio requests for
      BIO_EOPNOTSUPP error detection
    - ath9k_htc: Restore skb headroom when returning skb to mac80211
    - [powerpc] Don't Oops when accessing /proc/powerpc/lparcfg without
      hypervisor
    - [powerpc] Work around gcc miscompilation of __pa() on 64-bit
    - SUNRPC: Fix memory corruption issue on 32-bit highmem systems
    - drivers/base/memory.c: fix show_mem_removable() to handle missing sections
    - [x86] get_unmapped_area: Access mmap_legacy_base through mm_struct member
    - [s390] KVM: move kvm_guest_enter,exit closer to sie

  [ Ben Hutchings ]
  * cassini: Make missing firmware non-fatal (Closes: #714128)
  * drm, agp: Update to 3.4.61:
    - drm/radeon: fix card_posted check for newer asics
    - radeon: Fix system hang issue when using KMS with older cards
    - drm/radeon: don't allow audio on DCE6
    - drm: fix a use-after-free when GPU acceleration disabled
    - drm/i915/sdvo: Use &intel_sdvo->ddc instead of intel_sdvo->i2c for DDC.
    - drm/i915: no lvds quirk for hp t5740
    - drm/gma500: Increase max resolution for mode setting
    - drm/gma500/psb: Unpin framebuffer on crtc disable
    - drm/gma500/cdv: Unpin framebuffer on crtc disable
    - drm/i915: prefer VBT modes for SVDO-LVDS over EDID
    - drm/radeon: fix endian issues with DP handling (v3)
    - drm/radeon: fix combios tables on older cards
    - drm/radeon: improve dac adjust heuristics for legacy pdac
    - drm/radeon/atom: initialize more atom interpretor elements to 0
    - drm/i915: quirk no PCH_PWM_ENABLE for Dell XPS13 backlight
    - drm/i915/lvds: ditch ->prepare special case
    - drm/i915: Invalidate TLBs for the rings after a reset
    - drm/vmwgfx: Split GMR2_REMAP commands if they are to large
    - drm/i915: ivb: fix edp voltage swing reg val
  * m25p80: Add support for Micron N25Q128 including 3V variant
    (Closes: #714092)
  * [x86] Revert "drm/i915: GFX_MODE Flush TLB Invalidate Mode must be '1'
    for scanline waits" (possibly fixes: #703715, #704987 and others)
  * ata: Disable SATA_INIC162X - this driver corrupts data and is not
    expected to be fixed (Closes: #714295)
  * Update debconf template translations:
    - Update Brazilian Portugese (Fernando Ike de Oliveira) (Closes: #719725)
    - Update Japanese ('victory') (Closes: #719939)
  * [x86] efivars: Enable the improved check for free space; this should
    avoid either risk of bricking Samsung systems or refusing to set the
    boot configuration on Asus systems
  * mvsas: Recognise device/subsystem 9485/9485 as 88SE9485
  * ipv6: remove max_addresses check from ipv6_create_tempaddr (CVE-2013-0343)
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path" (regression in 3.2.49)
  * HID: validate HID report id size (CVE-2013-2888)
  * HID: pantherlord: validate output report details (CVE-2013-2892)
  * HID: ntrig: validate feature report details (CVE-2013-2896)
  * HID: picolcd_core: validate output report details (CVE-2013-2899)
  * HID: check for NULL field when setting values
  * [rt] Update to 3.2.51-rt72:
    - sched/workqueue: Only wake up idle workers if not blocked on sleeping
      spin lock
    - x86/mce: fix mce timer interval
    - genirq: Set irq thread to RT priority on creation
    - list_bl.h: make list head locking RT safe
    - list_bl.h: fix it for for !SMP && !DEBUG_SPINLOCK
    - timers: prepare for full preemption improve
    - kernel/cpu: fix cpu down problem if kthread's cpu is going down
    - kernel/hotplug: restore original cpu mask oncpu/down
    - drm/i915: drop trace_i915_gem_ring_dispatch on rt
    - rt,ntp: Move call to schedule_delayed_work() to helper thread
    - hwlat-detector: Update hwlat_detector to add outer loop detection
    - hwlat-detect/trace: Export trace_clock_local for hwlat-detector
    - hwlat-detector: Use trace_clock_local if available
    - hwlat-detector: Use thread instead of stop machine
    - genirq: do not invoke the affinity callback via a workqueue
  * linux-doc: Include aufs documentation
  * aufs: Apply bug fixes from 3.2.x branch:
    - Update Sourceforge URLs in documentation
    - Fix build with CONFIG_AUFS_DEBUG=y
    - Make sure the target branch is upper before copy-up
    - Fix error handling in au_reopen_nondir()
    - Track pseudo-links with hlist, addressing poor performance and
      WARNING during package installation
    - Add necessary memory barriers around i_nlink updates
    - Fix unbalanced au_unpin() in au_file_refresh_by_inode()
    - Do not copy-up the S_AUTOMOUNT inode flag
  * kernel-doc: bugfix - multi-line macros (fixes build failure in 3.2.51)

  [ Aurelien Jarno ]
  * [s390] Revert "s390: Use direct ktime path for s390 clockevent device"
    to fix kernel hard hang after a few hours (Closes: #719993).

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 18 Sep 2013 14:22:20 +0100

linux (3.2.46-1+deb7u1) wheezy-security; urgency=low

  [ Ian Campbell ]
  * Fix regression in "xen: netback: shutdown the ring if it contains garbage
    (CVE-2013-0216)" (Closes: #701744)

  [ dann frazier ]
  * libceph: Fix NULL pointer dereference in auth client code (CVE-2013-1059)
  * fanotify: info leak in copy_event_to_user() (CVE-2013-2148)
  * drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (CVE-2013-2164)
  * ipv6: ip6_sk_dst_check() must not assume ipv6 dst (CVE-2013-2232)
  * af_key: fix info leaks in notify messages (CVE-2013-2234)
  * af_key: initialize satype in key_notify_policy_flush() (CVE-2013-2237)
  * block: do not pass disk names as format strings (CVE-2013-2851)
  * b43: stop format string leaking into error msgs (CVE-2013-2852)
  * ipv6: call udp_push_pending_frames when uncorking a socket (CVE-2013-4162)
  * ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size
    (CVE-2013-4163)

 -- dann frazier <dannf@debian.org>  Mon, 12 Aug 2013 22:00:56 -0600

linux (3.2.46-1) wheezy; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.42
    - TTY: do not reset master's packet mode
    - l2tp: Restore socket refcount when sendmsg succeeds
    - tun: add a missing nf_reset() in tun_net_xmit()
    - netlabel: correctly list all the static label mappings
    - sctp: Use correct sideffect command in duplicate cookie handling
    - rtlwifi: rtl8192cu: Fix problem that prevents reassociation
      (Closes: #661860)
    - inet: limit length of fragment queue hash table bucket lists
    - sfc: Properly sync RX DMA buffer when it is not the last in the page
    - sfc: Fix efx_rx_buf_offset() in the presence of swiotlb
    - sfc: Only use TX push if a single descriptor is to be written
    - ext4: fix the wrong number of the allocated blocks in ext4_split_extent()
    - jbd2: fix use after free in jbd2_journal_dirty_metadata()
    - ext4: convert number of blocks to clusters properly
    - ext4: use atomic64_t for the per-flexbg free_clusters count
    - cifs: delay super block destruction until all cifsFileInfo objects are
      gone
    - USB: xhci: correctly enable interrupts (possibly fix for #703470)
    - [amd64] Fix the failure case in copy_user_handle_tail()
    - dm thin: fix discard corruption
    - USB: serial: fix interface refcounting
    - vfs,proc: guarantee unique inodes in /proc
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.43
    - [armhf/mx5] ASoC: imx-ssi: Fix occasional AC97 reset failure
    - rtlwifi: usb: add missing freeing of skbuff
    - xen-blkback: fix dispatch_rw_block_io() error path
    - net/irda: add missing error path release_sock call
    - sysfs: fix race between readdir and lseek
    - sysfs: handle failure path correctly for readdir()
    - NFSv4.1: Fix a race in pNFS layoutcommit
    - usb: xhci: Fix TRB transfer length macro used for Event TRB.
    - nfsd4: reject "negative" acl lengths
    - Nest rename_lock inside vfsmount_lock
    - [x86] iommu/amd: Make sure dma_ops are set for hotplug devices
    - b43: A fix for DMA transmission sequence errors
    - reiserfs: Fix warning and inode leak when deleting inode with xattrs
    - virtio: console: add locking around c_ovq operations
    - mm: prevent mmap_cache race in find_vma()
    - ixgbe: fix registration order of driver and DCA nofitication
    - key: Fix resource leak
    - udf: Fix bitmap overflow on large filesystems with small block size
    - NFS: nfs_getaclargs.acl_len is a size_t
    - loop: prevent bdev freeing while device in use
    - sky2: Threshold for Pause Packet is set wrong
    - 8021q: fix a potential use-after-free
    - unix: fix a race condition in unix_release()
    - atl1e: drop pci-msi support because of packet corruption
      (possibly fixes: #577747)
    - ipv6: don't accept multicast traffic with scope 0
    - ipv6: don't accept node local multicast traffic from the wire
    - pch_gbe: fix ip_summed checksum reporting on rx
    - HID: microsoft: do not use compound literal (fixes FTBFS on m68k)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.44
    - USB: serial: fix use-after-free in TIOCMIWAIT
    - hrtimer: Don't reinitialize a cpu_base lock on CPU_UP
    - crypto: gcm - fix assumption that assoc has one segment
    - sched_clock: Prevent 64bit inatomicity on 32bit systems
    - can: gw: use kmem_cache_free() instead of kfree()
    - spinlocks and preemption points need to be at least compiler barriers
    - [x86] mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates
    - Btrfs: make sure nbytes are right after log replay
    - kobject: fix kset_find_obj() race with concurrent last kobject_put()
    - vfs: Revert spurious fix to spinning prevention in prune_icache_sb
    - ath9k_htc: accept 1.x firmware newer than 1.3
    - [armel] Fix kexec by setting outer_cache.inv_all for Feroceon
    - hugetlbfs: add swap entry check in follow_hugetlb_page()
    - writeback: fix dirtied pages accounting on redirty
    - Btrfs: fix race between mmap writes and compression
    - mtd: Disable mtdchar mmap on MMU systems
    - fbcon: fix locking harder (Closes: #704933)
    - hfsplus: fix potential overflow in hfsplus_file_truncate()
    - sched: Convert BUG_ON()s in try_to_wake_up_local() to WARN_ON_ONCE()s
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.45
    - [ia64] Wrong asm register contraints in the futex implementation
      (Closes: #702641)
    - [ia64] Wrong asm register contraints in the kvm implementation
      (Closes: #702639)
    - [ia64] Fix initialization of CMCI/CMCP interrupts
    - sysfs: fix use after free in case of concurrent read/write and readdir
    - nfsd: don't run get_file if nfs4_preprocess_stateid_op return error
    - ext4/jbd2: don't wait (forever) for stale tid caused by wraparound
    - jbd2: fix race between jbd2_journal_remove_checkpoint and
      ->j_commit_callback
    - hrtimer: Fix ktime_add_ns() overflow on 32bit architectures
    - nfsd4: don't close read-write opens too soon
    - wireless: regulatory: fix channel disabling race condition
    - iwlwifi: dvm: don't send zeroed LQ cmd
    - powerpc/spufs: Initialise inode->i_ino in spufs_new_inode()
      (possibly fixes: #707175)
    - clockevents: Set dummy handler on CPU_DEAD shutdown (Closes: #700333)
    - powerpc: Add isync to copy_and_flush
    - fs/fscache/stats.c: fix memory leak
    - md: bad block list should default to disabled. (fixes regression in 3.1)
    - inotify: invalid mask should return a error number but not set it
      (fixes regression in 3.2.40)
    - fs/dcache.c: add cond_resched() to shrink_dcache_parent()
    - perf: Fix error return code
    - [x86] perf: Fix offcore_rsp valid mask for SNB/IVB (CVE-2013-2146)
    - vm: Introduce and use vm_iomap_memory() helper function
    - atl1e: limit gso segment size to prevent generation of wrong ip length
      fields (Closes: #565404)
    - netfilter: don't reset nf_trace in nf_reset()
    - rtnetlink: Call nlmsg_parse() with correct header length
    - tcp: incoming connections might use wrong route under synflood
    - esp4: fix error return code in esp_output()
    - net: sctp: sctp_auth_key_put: use kzfree instead of kfree
    - netrom: fix info leak via msg_name in nr_recvmsg()
    - netrom: fix invalid use of sizeof in nr_recvmsg()
    - net: drop dst before queueing fragments
    - [sparc] sparc64: Fix race in TLB batch processing.
    - r8169: fix 8168evl frame padding.
    - ixgbe: add missing rtnl_lock in PM resume path
    - kernel/audit_tree.c: tree will leak memory when failure occurs in
      audit_trim_trees()
    - r8169: fix vlan tag read ordering.
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.46
    - nfsd4: don't allow owner override on 4.1 CLAIM_FH opens
    - ext4: limit group search loop for non-extent files
    - iscsi-target: Fix processing of OOO commands
    - cifs: only set ops for inodes in I_NEW state
    - KVM: VMX: fix halt emulation while emulating invalid guest sate
    - [armel/kirkwood] Enable PCIe port 1 on QNAP TS-11x/TS-21x
    - drivers/char/ipmi: memcpy, need additional 2 bytes to avoid memory
      overflow
    - ipmi: ipmi_devintf: compat_ioctl method fails to take ipmi_mutex
    - btrfs: don't stop searching after encountering the wrong item
    - TTY: Fix tty miss restart after we turn off flow-control
      (Closes: #465823)
    - SUNRPC: Prevent an rpc_task wakeup race
    - fat: fix possible overflow for fat_clusters
    - mm: mmu_notifier: re-fix freed page still mapped in secondary MMU
    - mm compaction: fix of improper cache flush in migration code
    - mm/THP: use pmd_populate() to update the pmd with pgtable_t pointer
    - nilfs2: fix issue of nilfs_set_page_dirty() for page at EOF boundary
    - random: fix accounting race condition with lockless irq entropy_count
      update
    - mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP areas
    - ipvs: ip_vs_sip_fill_param() BUG: bad check of return value
    - x86,efi: Check max_size only if it is non-zero.
    - x86,efi: Implement efi_no_storage_paranoia parameter
    - tcp: force a dst refcount when prequeue packet
    - packet: tpacket_v3: do not trigger bug() on wrong header status
    - macvlan: fix passthru mode race between dev removal and rx path
    - ipv6: do not clear pinet6 field

  [ Ben Hutchings ]
  * Input: MT: add tracking and frame synchronisation to core
  * Input: add support for Cypress PS/2 Trackpads (Closes: #703607),
    thanks to Apollon Oikonomopoulos
  * drm, agp: Update to 3.4.47:
    - drm/i915: restrict kernel address leak in debugfs
    - KMS: fix EDID detailed timing vsync parsing
    - KMS: fix EDID detailed timing frame rate
    - drm/radeon: add support for Richland APUs
    - drm/radeon/benchmark: make sure bo blit copy exists before using it
    - drm/i915: Don't clobber crtc->fb when queue_flip fails
    - drm/i915: Use the correct size of the GTT for placing the per-process
      entries
    - udl: handle EDID failure properly.
    - drm/i915: Add no-lvds quirk for Fujitsu Esprimo Q900
    - drm/i915: Fall back to bit banging mode for DVO transmitter detection
    - drm/radeon: don't use get_engine_clock() on APUs
    - drm/radeon/dce6: add missing display reg for tiling setup
    - drm/radeon: properly lock disp in mc_stop/resume for evergreen+
    - drm/radeon: disable the crtcs in mc_stop (evergreen+) (v2)
    - drm/radeon/evergreen+: don't enable HPD interrupts on eDP/LVDS
    - drm/radeon: fix endian bugs in atom_allocate_fb_scratch()
    - drm/radeon: fix possible segfault when parsing pm tables
    - drm/radeon: add new richland pci ids
    - drm/radeon: fix handling of v6 power tables
    - drm/radeon: Fix VRAM size calculation for VRAM >= 4GB
    - drm/radeon: check incoming cliprects pointer
    - drm/mm: fix dump table BUG
  * [rt] Update to 3.2.45-rt66:
    - rcutiny: Fix typo of using swake_up() instead of swait_wake()
    - tcp: force a dst refcount when prequeue packet
    - x86/mce: Defer mce wakeups to threads for PREEMPT_RT
    - swap: Use unique local lock name for swap_lock
    - sched: Add is_idle_task() to handle invalidated uses of idle_cpu()
  * debugfs: Document change of default mode
  * iwlwifi: Do not request firmware API version 6 for IWL6005/6205
    (Closes: #705655)
  * bug script: Remove broken sound functions (Closes: #705619)
  * [i386/486] udeb: Add lxfb to fb-modules (Closes: #705780)
  * [i386] cpufreq / Longhaul: Disable driver by default (Closes: #707047)
  * iscsi-target: fix heap buffer overflow on error (CVE-2013-2850)
  * ath9k: Disable PowerSave by default (Closes: #695968)
  * dlm: Do not allocate a fd for peeloff (Closes: #706010)
  * nfsd4: Fix performance problem with RELEASE_LOCKOWNER (Closes: #699361)
    - hash lockowners to simplify RELEASE_LOCKOWNER
    - maintain one seqid stream per (lockowner, file)
  * ipw2100,ipw2200: Fix order of device registration (Closes: #656813)
  * udf: Fix handling of i_blocks (Closes: #704269)
  * kbuild: Fix missing '\n' for NEW symbols in yes "" | make oldconfig
    >conf.new (Closes: #636029)
  * [i386] udeb: Add viafb to fb-modules (Closes: #705788)
    - [i386] udeb: Move i2c-algo-bit to i2c-modules and make fb-modules
      depend on it
    - viafb: Autoload on OLPC XO 1.5 only
  * cifs: fix potential buffer overrun when composing a new options string

  [ Jonathan Nieder ]
  * ext3,ext4,nfsd: dir_index: Return 64-bit readdir cookies for NFSv3 and 4
    (Closes: #685407)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 08 Jun 2013 22:36:14 +0100

linux (3.2.41-2+deb7u2) wheezy-security; urgency=high

  * s390/kvm: Ignore ABI changes, it should not be used OOT

 -- dann frazier <dannf@debian.org>  Wed, 15 May 2013 12:07:33 -0600

linux (3.2.41-2+deb7u1) wheezy-security; urgency=high

  [ dann frazier ]
  * perf: Treat attr.config as u64 in perf_swevent_init() (CVE-2013-2094)
  * TTY: fix timing leak with /dev/ptmx (CVE-2013-0160)
  * ext4: avoid hang when mounting non-journal filesystems with orphan list
    (CVE-2013-2015)
  * crypto: algif - suppress sending source address information in recvmsg
    (CVE-2013-3076)
  * atm: update msg_namelen in vcc_recvmsg() (CVE-2013-3222)
  * ax25: fix info leak via msg_name in ax25_recvmsg() (CVE-2013-3223)
  * Bluetooth: fix possible info leak in bt_sock_recvmsg() (CVE-2013-3224)
  * Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg()
    (CVE-2013-3225)
  * caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg()
    (CVE-2013-3227)
  * irda: Fix missing msg_namelen update in irda_recvmsg_dgram() (CVE-2013-3228)
  * iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() (CVE-2013-3229)
  * llc: Fix missing msg_namelen update in  llc_ui_recvmsg() (CVE-2013-3231)
  * rose: fix info leak via msg_name in rose_recvmsg() (CVE-2013-3234)
  * tipc: fix info leaks via msg_name in  recv_msg/recv_stream (CVE-2013-3235)
  * tracing: Fix possible NULL pointer dereferences (CVE-2013-3301)
  
  [ Ben Hutchings ]
  * [x86] KVM: Allow cross page reads and writes from cached translations.
    (fixes regression in fix for CVE-2013-1796)
  * net: fix incorrect credentials passing (CVE-2013-1979)
  * tg3: fix length overflow in VPD firmware parsing (CVE-2013-1929)
  * kernel/signal.c: stop info leak via the tkill and the tgkill syscalls

 -- dann frazier <dannf@debian.org>  Tue, 14 May 2013 22:17:43 -0600

linux (3.2.41-2) unstable; urgency=low

  * [ia64] udeb: Remove efi-modules package; make kernel-image provide
    efi-modules (fixes FTBFS)
  * linux-headers: Fix file installation on architectures without
    Kbuild.platforms (Closes: #703800)
  * [x86] drm/i915: bounds check execbuffer relocation count (CVE-2013-0913)
  * [x86] drm: Enable DRM_GMA500 as module, replacing DRM_PSB (Closes: #703506)
    - Enable DRM_GMA600, DRM_GMA3600, DRM_MEDFIELD
  * [x86] KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
    (CVE-2013-1796)
  * [x86] KVM: x86: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache
    functions (CVE-2013-1797)
  * KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 25 Mar 2013 15:17:44 +0000

linux (3.2.41-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.40
    - ext4: return ENOMEM if sb_getblk() fails
    - ext4: fix possible use-after-free with AIO
    - s390/kvm: Fix store status for ACRS/FPRS
    - staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
    - ext4: fix race in ext4_mb_add_n_trim()
    - UBIFS: fix double free of ubifs_orphan objects
    - hrtimer: Prevent hrtimer_enqueue_reprogram race
    - nfsd: Fix memleak
    - x86: Do not leak kernel page mapping locations
    - USB: usb-storage: unusual_devs update for Super TOP SATA bridge
    - posix-cpu-timers: Fix nanosleep task_struct leak
    - NFSv4.1: Don't decode skipped layoutgets
    - cgroup: fix exit() vs rmdir() race
    - cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
    - ext4: fix xattr block allocation/release with bigalloc
    - mm: fix pageblock bitmap allocation
    - target: Add missing mapped_lun bounds checking during make_mappedlun
      setup
    - b43: Increase number of RX DMA slots
    - posix-timer: Don't call idr_find() with out-of-range ID
    - fs: Fix possible use-after-free with AIO
    - powerpc/kexec: Disable hard IRQ before kexec
    - mmu_notifier_unregister NULL Pointer deref and multiple ->release()
      callouts
    - tmpfs: fix use-after-free of mempolicy object (CVE-2013-1767)
    - ocfs2: fix possible use-after-free with AIO
    - ocfs2: fix ocfs2_init_security_and_acl() to initialize acl correctly
    - ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
    - idr: fix a subtle bug in idr_get_next()
    - idr: make idr_get_next() good for rcu_read_lock()
    - idr: fix top layer handling
    - sysctl: fix null checking in bin_dn_node_address()
    - nbd: fsync and kill block device on shutdown
    - s390/timer: avoid overflow when programming clock comparator
      (regression in 3.2.38)
    - xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
      (CVE-2013-0231)
    - xen-netback: correctly return errors from netbk_count_requests()
    - xen-netback: cancel the credit timer when taking the vif down
    - ipv6: use a stronger hash for tcp
    - staging: comedi: ni_labpc: correct differential channel sequence for
      AI commands
    - staging: comedi: ni_labpc: set up command4 register *after* command3
    - vhost: fix length for cross region descriptor (CVE-2013-0311)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.41
    - NFS: Don't allow NFS silly-renamed files to be deleted, no signal
    - ARM: VFP: fix emulation of second VFP instruction
    - md: fix two bugs when attempting to resize RAID0 array.
    - proc connector: reject unprivileged listener bumps
    - cifs: ensure that cifs_get_root() only traverses directories
    - dm: fix truncated status strings
    - hw_random: make buffer usable in scatterlist. (real fix for #701784)
    - efi_pstore: Check remaining space with QueryVariableInfo() before
      writing data
    - efi: be more paranoid about available space when creating variables
      (Closes: #703574)
    - vfs: fix pipe counter breakage
    - xen/pciback: Don't disable a PCI device that is already disabled.
    - ALSA: seq: Fix missing error handling in snd_seq_timer_open()
    - ext3: Fix format string issues (CVE-2013-1848)
    - keys: fix race with concurrent install_user_keyrings() (CVE-2013-1792)
    - USB: cdc-wdm: fix buffer overflow (CVE-2013-1860)
    - signal: always clear sa_restorer on execve (CVE-2013-0914)
    - crypto: user - fix info leaks in report API (CVE-2013-2546,
      CVE-2013-2547, CVE-2013-2548)
    - Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and
      security keys
    - batman-adv: bat_socket_read missing checks
    - batman-adv: Only write requested number of byte to user buffer
    - mm/hotplug: correctly add new zone to all other nodes' zone lists
      (CVE-2012-5517)
    - btrfs: use rcu_barrier() to wait for bdev puts at unmount

  [ Aurelien Jarno]
  * [mips,mipsel] Disable VGA_CONSOLE and ignore the corresponding ABI
    change. It is completely broken on MIPS.
  * headers: Include Kbuild.platforms and Platform files in -common to
    fix out-of-tree building on mips and mipsel.
  * [{mips,mipsel}/{4,5}kc-malta] Enable HW_RANDOM as module so that both
    flavours have a consistent configuration.

  [ Ben Hutchings ]
  * [x86] ata_piix: reenable MS Virtual PC guests (fixes regression in
    3.2.19-1)
  * test-patches: Clean up all previous test patches, whether or not they
    were applied
  * test-patches: Add --fuzz option to allow testing patches that have fuzz
  * [x86] efi: Fix processor-specific memcpy() build error (Closes: #698581)
  * udeb: Add hid-topseed to input-modules (Closes: #702611)
  * [x86] drm/i915: Unconditionally initialise the interrupt workers,
    thanks to Bjørn Mork (Closes: #692607)
  * efi: Ensure efivars is loaded on EFI systems (Closes: #703363)
    - [x86] Use a platform device to trigger loading of efivars
    - [ia64] Change EFI_VARS from module to built-in
  * efivars: Work around serious firmware bugs
    - Allow disabling use as a pstore backend
    - Add module parameter to disable use as a pstore backend
      * [x86] Set EFI_VARS_PSTORE_DEFAULT_DISABLE=y
    - explicitly calculate length of VariableName
    - Handle duplicate names from get_next_variable()
  * efi_pstore: Introducing workqueue updating sysfs
  * efivars: pstore: Do not check size when erasing variable
  * efivars: Remove check for 50% full on write
  * kmsg_dump: Only dump kernel log in error cases (Closes: #703386)
    - kexec: remove KMSG_DUMP_KEXEC
    - kmsg_dump: don't run on non-error paths by default
  * [x86] i915: initialize CADL in opregion (Closes: #703271)
  * drm, agp: Update to 3.4.37:
    - drm/radeon/dce6: fix display powergating
    - drm: don't add inferred modes for monitors that don't support them
    - drm/i915: Increase the RC6p threshold.
  * signal: Fix use of missing sa_restorer field (build regression
    introduced by fix for CVE-2013-0914)
  * rds: limit the size allocated by rds_message_alloc()
  * rtnl: fix info leak on RTM_GETLINK request for VF devices
  * dcbnl: fix various netlink info leaks
  * [s390] mm: fix flush_tlb_kernel_range()
  * [powerpc] Fix cputable entry for 970MP rev 1.0
  * vhost/net: fix heads usage of ubuf_info
  * udf: avoid info leak on export (CVE-2012-6548)
  * isofs: avoid info leak on export (CVE-2012-6549)
  * [x86,powerpc/powerpc64] random: Change HW_RANDOM back from built-in to
    module, as we now have a real fix for #701784
  * [rt] Update to 3.2.40-rt60

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 23 Mar 2013 03:54:34 +0000

linux (3.2.39-2) unstable; urgency=high

  * [s390,s390x] virtio: Ignore ABI changes in 3.2.39 (fixes FTBFS)
  * [sparc] drm: Ignore ABI changes in 3.2.39 (fixes FTBFS)
  * [sparc] drm: Change from built-in to module
  * [rt] Update to 3.2.39-rt59:
    - acpi/rt: Convert acpi_gbl_hardware lock back to a raw_spinlock_t
    - printk: Fix rq->lock vs logbuf_lock unlock lock inversion
    - wait-simple: Simple waitqueue implementation
    - rcutiny: Use simple waitqueue
  * [x86] efi: Fix ABI change for introduction of efi_enabled() function
    in 3.2.38 (Closes: #701690)
  * [armel/versatile] i2c: Re-enable I2C_PCA_PLATFORM as module, erroneously
    disabled in 3.2.39-1 (fixes FTBFS)
  * [x86,powerpc/powerpc64] random: Change HW_RANDOM from module to built-in,
    to work around virtio-rng bug (Closes: #701784)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 27 Feb 2013 03:48:30 +0000

linux (3.2.39-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.36
    - freezer: PF_FREEZER_NOSIG should be cleared along with PF_NOFREEZE
      (Closes: #697077)
    - tmpfs: fix shared mempolicy leak
    - virtio: 9p: correctly pass physical address to userspace for high pages
    - virtio: force vring descriptors to be allocated from lowmem
    - USB: EHCI: bugfix: urb->hcpriv should not be NULL
    - rcu: Fix batch-limit size problem
    - Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027]
      (Closes: #700550)
    - mvsas: fix undefined bit shift
    - ALSA: usb-audio: Avoid autopm calls after disconnection; Fix missing
      autopm for MIDI input (Closes: #664068)
    - target/file: Fix 32-bit highmem breakage for SGL -> iovec mapping
    - SCSI: fix Null pointer dereference on disk error
    - proc: pid/status: show all supplementary groups
    - nfsd4: fix oops on unusual readlike compound
    - ARM: missing ->mmap_sem around find_vma() in swp_emulate.c
    - sctp: fix memory leak in sctp_datamsg_from_user() when copy from user
      space fails
    - ne2000: add the right platform device
    - irda: sir_dev: Fix copy/paste typo
    - ipv4: ip_check_defrag must not modify skb before unsharing
    - telephony: ijx: buffer overflow in ixj_write_cid()
    - udf: fix memory leak while allocating blocks during write
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.37
    - ext4: fix extent tree corruption caused by hole punch
    - jbd2: fix assertion failure in jbd2_journal_flush()
    - tmpfs mempolicy: fix /proc/mounts corrupting memory
    - sparc: huge_ptep_set_* functions need to call set_huge_pte_at()
    - inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and
      dccp_v4/6_request_recv_sock
    - net: sched: integer overflow fix
    - tcp: implement RFC 5961 3.2
    - tcp: implement RFC 5961 4.2
    - tcp: refine SYN handling in tcp_validate_incoming
    - tcp: tcp_replace_ts_recent() should not be called from
      tcp_validate_incoming()
    - tcp: RFC 5961 5.2 Blind Data Injection Attack Mitigation
    - RDMA/nes: Fix for crash when registering zero length MR for CQ
    - ACPI : do not use Lid and Sleep button for S5 wakeup
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.38
    - staging: comedi: comedi_test: fix race when cancelling command
    - mm: use aligned zone start for pfn_to_bitidx calculation
    - [s390] s390/time: fix sched_clock() overflow (Closes: #698382) 
    - [i386] xen: Fix stack corruption in xen_failsafe_callback for 32bit
      PVOPS guests. (CVE-2013-0190)
    - KVM: PPC: Emulate dcbf
    - evm: checking if removexattr is not a NULL
    - ath9k_htc: Fix memory leak
    - ath9k: do not link receive buffers during flush
    - ath9k: fix double-free bug on beacon generate failure
    - x86/msr: Add capabilities check
    - can: c_can: fix invalid error codes
    - can: ti_hecc: fix invalid error codes
    - can: pch_can: fix invalid error codes
    - smp: Fix SMP function call empty cpu mask race
    - xfs: Fix possible use-after-free with AIO
    - EDAC: Test correct variable in ->store function
    - samsung-laptop: Disable on EFI hardware, to avoid damaging it
    - NFS: Don't silently fail setattr() requests on mountpoints
    - intel-iommu: Prevent devices with RMRRs from being placed into SI Domain
    - ALSA: usb-audio: Fix regression by disconnection-race-fix patch
      (Closes: #696321)
    - printk: fix buffer overflow when calling log_prefix function from
      call_console_drivers
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.39
    - USB: XHCI: fix memory leak of URB-private data
    - sched/rt: Use root_domain of rt_rq not current processor
    - mwifiex: fix incomplete scan in case of IE parsing error
    - x86-64: Replace left over sti/cli in ia32 audit exit code
    - Bluetooth: Fix handling of unexpected SMP PDUs
    - ptrace/x86: Partly fix set_task_blockstep()->update_debugctlmsr() logic
    - Fix race condition with PTRACE_SETREGS and fatal signal (CVE-2013-0871)
      + ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up()
      + ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL
      + wake_up_process() should be never used to wakeup a TASK_STOPPED/TRACED
        task
    - net: prevent setting ttl=0 via IP_TTL
    - ipv6: fix header length calculation in ip6_append_data()
    - netxen: fix off by one bug in netxen_release_tx_buffer()
    - r8169: remove the obsolete and incorrect AMD workaround
    - net: loopback: fix a dst refcounting issue
    - packet: fix leakage of tx_ring memory
    - net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
    - net: sctp: sctp_endpoint_free: zero out secret key data
    - xen/netback: shutdown the ring if it contains garbage. (CVE-2013-0216)
    - xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop.
    - xen/netback: free already allocated memory on failure in
      xen_netbk_get_requests
    - netback: correct netbk_tx_err to handle wrap around. (CVE-2013-0217)
    - tcp: frto should not set snd_cwnd to 0
    - tcp: fix for zero packets_in_flight was too broad
    - tcp: fix MSG_SENDPAGE_NOTLAST logic
    - bridge: Pull ip header into skb->data before looking into ip header.
      (Closes: #697903)
    - x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
      (CVE-2013-0228)

  [ Aurelien Jarno ]
  * [armhf/vexpress] Add kernel udebs.

  [ Julien Cristau ]
  * Backport drm and agp subsystems from Linux 3.4.29 (closes: #687442)
    - [x86] i915: Fixes freezes on Ivy Bridge (Closes: #689268)
    - nouveau: Support for newer nvidia chipsets (Closes: #690284)
    - radeon: Support for HD7000 'Southern Islands' chips
    - [x86] drm/i915: add Ivy Bridge GT2 Server entries (Closes: #684767)
    - [x86] drm/i915: Close race between processing unpin task and queueing
      the flip

  [ Ben Hutchings ]
  * Input: wacom - fix touch support for Bamboo Fun CTH-461
  * media/rc: Add iguanair driver from Linux 3.7 (Closes: #696925)
  * rt2800: add chipset revision RT5390R support (Closes: #696592)
  * [armhf/mx5] mtd: Enable MTD_BLOCK as module
  * [armhf/mx5] udeb: Add missing storage drivers (Closes: #697128)
    - Add ata-modules including libata, pata-modules including pata_imx,
      sata-modules including ahci_platform
    - Add sdhci-esdhc-imx to mmc-modules
    - Add mtd-modules including mtd, mtdblock and m25p80
  * [armhf] udeb: Fix network driver selection
    - [armhf/mx5] Remove nic-modules
    - [armhf/vexpress] Add usb-modules
    - Add standard set of USB drivers to nic-usb-modules
    - Add nic-wireless-modules
  * be2net: Apply backported fixes requested by Emulex (Closes: #697479)
    - be2net: do not modify PCI MaxReadReq size
    - be2net: fix reporting number of actual rx queues
    - be2net: do not use SCRATCHPAD register
    - be2net: reduce gso_max_size setting to account for ethernet header.
    - be2net: Increase statistics structure size for skyhawk.
    - be2net: Explicitly clear the reserved field in the Tx Descriptor
    - be2net: Regression bug wherein VFs creation broken for multiple cards.
    - be2net: Fix to trim skb for padded vlan packets to workaround an ASIC Bug
    - be2net: Fix Endian
    - be2net: Enable RSS UDP hashing for Lancer and Skyhawk
    - be2net: dont pull too much data in skb linear part
    - be2net: Fix to parse RSS hash from Receive completions correctly.
    - be2net: Avoid disabling BH in be_poll()
  * udeb: Add specialised USB keyboard/mouse drivers to input-modules:
    hid-a4tech, hid-cypress, hid-ezkey (Closes: #697035), hid-kensington,
    hid-keytouch, hid-kye, hid-multitouch, hid-ortek, hid-primax,
    hid-quanta, hid-samsung, hid-speedlink
  * radeon: Firmware is required for DRM and KMS on R600 onward, but not
    for KMS on earlier chips (Closes: #697229)
  * [!powerpc] radeon: Reenable DRM_RADEON_KMS, as it apparently works on
    most non-PowerMac systems
  * fs: cachefiles: add support for large files in filesystem caching
    (Closes: #698376)
  * [rt] Update to 3.2.38-rt57:
    - sched: Adjust sched_reset_on_fork when nothing else changes
    - sched: Queue RT tasks to head when prio drops
    - sched: Consider pi boosting in setscheduler
    - sched: Init idle->on_rq in init_idle()
    - sched: Check for idle task in might_sleep()
    - mm: swap: Initialize local locks early
  * [armel/versatile,armhf/vexpress] i2c: Enable I2C, I2C_VERSATILE as modules
    (Closes: #696182)
  * ext4: Fix corruption by hole punch in large files (Closes: #685726)
    - rewrite punch hole to use ext4_ext_remove_space()
    - fix hole punch failure when depth is greater than 0
    - fix kernel BUG on large-scale rm -rf commands
  * md: protect against crash upon fsync on ro array (Closes: #696650)
  * net: Add alx driver for Atheros AR8161 and AR8162 (Closes: #699129)
    - Mark as staging, since it has not been accepted upstream
  * [armel/kirkwood] rtc-s35390a: add wakealarm support (Closes: #693997)
  * [x86] i915: Invert backlight brightness control for various models
    including Packard Bell NCL20 (Closes: #627372) and eMachines G725
    (Closes: #680737)
    - Also allow this behaviour to be enabled via module parameter
      invert_brightness=1
  * [amd64] edac: Enable EDAC_SBRIDGE as module (Closes: #699283)
  * SCSI: Add virtio_scsi driver (Closes: #686636)
  * [x86] sound: Enable LINE6_USB as module (Closes: #700211)
    - Apply upstream changes up to Linux 3.8-rc1
  * [armhf/mx5] Update description to mention i.MX53
  * mm: Try harder to allocate vmemmap blocks (Closes: #699913)
  * aufs: Update to aufs3.2-20130204:
    - support for syncfs(2)
    - possible bugfix, race in lookup
    - bugfix, half refreshed iinfo
    - possible bugfix, au_lkup_by_ino() returns ESTALE
  * [x86] efi: Clear EFI_RUNTIME_SERVICES rather than EFI_BOOT by "noefi" boot
    parameter
  * [x86] efi: Make "noefi" really disable EFI runtime serivces
  * drm, agp: Update to 3.4.32
    - drm/radeon: add WAIT_UNTIL to the non-VM safe regs list for cayman/TN
    - drm/radeon: prevent crash in the ring space allocation
  * linux-image-dbg: Add symlinks to vmlinux from the locations expected by
    kdump-tools (Closes: #700418), systemtap and others
  * mm: fix pageblock bitmap allocation (fixes regression in 3.2.38)
  * USB: usb-storage: unusual_devs update for Super TOP SATA bridge

  [ Cyril Brulebois ]
  * Bump python build-dep, needed since the switch from local SortedDict
    to collections.OrderedDict (new in version 2.7). (Closes: #697740)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 25 Feb 2013 00:36:51 +0000

linux (3.2.35-2) unstable; urgency=low

  * [ia64] Make IPV6 built-in (fixes FTBFS)
  * [rt] Update to 3.2.35-rt52
  * audit: Increase maximum number of names logged per syscall to 30
    (Closes: #631799)
  * asix: Add support for Lenovo 10/100 USB dongle (Closes: #696248)
  * udeb: Add ums-eneub6250, ums-realtek (Closes: #694348) to
    usb-storage-modules

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 19 Dec 2012 03:41:35 +0000

linux (3.2.35-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.33
    - samsung-laptop: don't handle backlight if handled by acpi/video
      (Closes: #693190)
    - e1000: fix vlan processing regression (Closes: #690956)
    - [x86] drm/i915: no lvds quirk for Zotac ZDBOX SD ID12/ID13
      (Closes: #691122)
    - au0828: fix case where STREAMOFF being called on stopped stream
      causes BUG()
    - net: Fix skb_under_panic oops in neigh_resolve_output
    - vlan: don't deliver frames for unknown vlans to protocols
    - RDS: fix rds-ping spinlock recursion
    - tcp: resets are misrouted
    - nfsd4: fix nfs4 stateid leak
    - [arm] vfp: fix saving d16-d31 vfp registers on v6+ kernels
    - scsi_debug: Fix off-by-one bug when unmapping region
    - storvsc: Account for in-transit packets in the RESET path
    - tmpfs,ceph,gfs2,isofs,reiserfs,xfs: fix fh_len checking
    - ext4: race-condition protection for ext4_convert_unwritten_extents_endio
      (CVE-2012-4508)
    - md/raid10: use correct limit variable
    - net/wireless: ipw2200: Fix panic occurring in ipw_handle_promiscuous_tx()
    - USB: cdc-acm: fix pipe type of write endpoint
    - [x86] xen: don't corrupt %eip when returning from a signal handler
    - sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat()
    - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check
    - netfilter: nf_conntrack: fix racy timer handling with reliable events
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.34
    - x86: Remove the ancient and deprecated disable_hlt() and enable_hlt()
      facility (Closes: #667501)
    - ALSA: PCM: Fix some races at disconnection
    - ALSA: usb-audio: Fix races at disconnection
    - crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent
      data corruption
    - mac80211: Only process mesh config header on frames that RA_MATCH
    - mac80211: fix SSID copy on IBSS JOIN
    - mac80211: check management frame header length
    - mac80211: verify that skb data is present
    - mac80211: make sure data is accessible in EAPOL check
    - ath9k: Test for TID only in BlockAcks while checking tx status
    - nfs: Show original device name verbatim in /proc/*/mount{s,info}
      (Closes: #669314)
    - target: Avoid integer overflow in se_dev_align_max_sectors()
    - hwmon: (w83627ehf) Force initial bank selection
    - xfs: fix reading of wrapped log data
    - fanotify: fix missing break
    - drm/vmwgfx: Fix a case where the code would BUG when trying to pin
      GMR memory
    - sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter()
    - netlink: use kfree_rcu() in netlink_release()
    - tcp: fix FIONREAD/SIOCINQ
    - net: fix divide by zero in tcp algorithm illinois (CVE-2012-4565)
    - af-packet: fix oops when socket is not present
    - r8169: Fix WoL on RTL8168d/8111d. (Closes: #674154)
    - sky2: Fix for interrupt handler (Closes: #681280)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.35
    - UBIFS: fix mounting problems after power cuts
    - [s390] gup: add missing TASK_SIZE check to get_user_pages_fast()
    - [x86] Exclude E820_RESERVED regions and memory holes above 4 GB from
      direct mapping.
    - netfilter: Mark SYN/ACK packets as invalid from original direction
    - netfilter: Validate the sequence number of dataless ACK packets as well
    - ipv4: avoid undefined behavior in do_ip_setsockopt()
    - Input: i8042 - also perform controller reset when suspending
      (Closes: #693934)
    - brcm80211: smac: only print block-ack timeout message at trace level
      (Closes: #674430)
    - GFS2: Test bufdata with buffer locked and gfs2_log_lock held
    - [x86] mce, therm_throt: Don't report power limit and package level
      thermal throttle events in mcelog (Closes: #695209)
    - [hppa] fix virtual aliasing issue in get_shared_area()
    - xfs: drop buffer io reference when a bad bio is built
    - reiserfs: Protect reiserfs_quota_{on,write}() with write lock
    - md: Reassigned the parameters if read_seqretry returned true in func
      md_is_badblock.
    - md: Avoid write invalid address if read_seqretry returned true.
    - [i386] Fix invalid stack address while in softirq
    - selinux: fix sel_netnode_insert() suspicious rcu dereference
    - [hppa] fix user-triggerable panic on parisc
    - block: Don't access request after it might be freed
    - futex: avoid wake_futex() for a PI futex_q

  [ Ben Hutchings ]
  * [x86] udeb: Re-add isci to scsi-extra-modules (Closes: #690886;
    regression of #652897 in version 3.2~rc7-1~experimental.1 due to
    mis-merge)
  * udeb: Add missing net drivers:
    - Add 8021q (Closes: #689159), cxgb4, cxgb4vf, igbvf, ixgbevf, micrel,
      mlx4_en, pch_gbe, qlge, smsc9420, tehuti, vxge to nic-extra-modules
    - Add int51x1, smsc75xx, smsc95xx to nic-usb-modules
    - Add adm8211, at76c50x-usb, b43legacy, iwl4965, libertas_tf_usb,
      mwifiex_pcie, mwl8k, orinoco_usb, prism2_usb, r8187se, r8192e_pci,
      r8712u, rtl8192ce (Closes: #686605), rtl8192cu, rtl8192de, rtl8192se
      vt6656_stage to nic-wireless-modules
    - Move broadcom to nic-modules, as it may be needed by tg3
  * udeb: Add bnx2fc, fnic, pmcraid to scsi-extra-modules
  * udeb: Move rtl8180 to nic-wireless-modules
  * [x86] asus-laptop: Do not call HWRS on init (Closes: #692436)
  * [x86] drm/i915: Only kick out vesafb if we takeover the fbcon with KMS
    (Closes: #686284)
  * [!x86] radeon: Disable DRM_RADEON_KMS, as this is still not expected to
    work (Closes: #628972)
  * radeon: Disable KMS earlier if firmware is not installed (Closes: #607194)
  * [amd64] linux-image: Include VIA Nano in package description
  * linux-image-dbg: Change package description to use the phrase
    'debugging symbols' and correct grammar
  * usb: Disable UAS; it is known to be broken, and the supported devices
    can also work with usb-storage
  * ipv6: Treat ND option 31 as userland (DNSSL support) (Closes: #694522)
  * rt2x00: Add device IDs 5362, 5392, 539b (Closes: #694312)
  * udeb: Add pata_piccolo to pata-modules (Closes: #695437)
  * firmware_class: Log every success and failure against given device
  * firmware: Remove redundant log messages from drivers
  * [x86] ACPI / video: ignore BIOS initial backlight value for
    HP Folio 13-2000 (Closes: #692361)
  * [x86] KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set
    (CVE-2012-4461)
  * kmod: make __request_module() killable (CVE-2012-4398)
  * exec: do not leave bprm->interp on stack (CVE-2012-4530)
  * exec: use -ELOOP for max recursion depth
  * [rt] Update to 3.2.34-rt51:
    - hrtimer: Raise softirq if hrtimer irq stalled
    - rcu: Disable RCU_FAST_NO_HZ on RT
    - net: netfilter: Serialize xt_write_recseq sections on RT
  * megaraid_sas: fix memory leak if SGL has zero length entries
    (Closes: #688198)

  [ Ian Campbell ]
  * [xen] add support for microcode updating. (Closes: #693053)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 10 Dec 2012 00:14:55 +0000

linux (3.2.32-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.31
    - target: Fix ->data_length re-assignment bug with SCSI overflow
    - hpsa: fix handling of protocol error
    - cifs: fix return value in cifsConvertToUTF16
    - asix: Support DLink DUB-E100 H/W Ver C1 (Closes: #687567)
    - dj: memory scribble in logi_dj
    - dm: handle requests beyond end of device instead of using BUG_ON
    - md/raid10: fix "enough" function for detecting if array is failed.
    - libata: Prevent interface errors with Seagate FreeAgent GoFlex
    - vfs: dcache: fix deadlock in tree traversal
    - Revert "drm/radeon: rework pll selection (v3)" (regression in 3.2.30)
    - HID: hidraw: don't deallocate memory when it is in use
    - xfrm: Workaround incompatibility of ESN and async crypto
    - xfrm_user: fix various information leaks
    - xfrm_user: ensure user supplied esn replay window is valid
    - net: guard tcp_set_keepalive() to tcp sockets
    - ipv4: raw: fix icmp_filter()
    - ipv6: raw: fix icmpv6_filter()
    - ipv6: mip6: fix mip6_mh_filter()
    - netrom: copy_datagram_iovec can fail
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.32
    - mtd: nand: Use the mirror BBT descriptor when reading its version
    - TTY: ttyprintk, don't touch behind tty->write_buf
    - n_gsm: fix various serious bugs
    - hpsa: Use LUN reset instead of target reset
    - staging: comedi: don't dereference user memory for INSN_INTTRIG
    - ext4: fix potential deadlock in ext4_nonda_switch()
    - staging: comedi: fix memory leak for saved channel list
    - scsi_remove_target: fix softlockup regression on hot remove
      (Closes: #690990)
    - usb: host: xhci: Fix Null pointer dereferencing with 71c731a for
      non-x86 systems (regression in 3.2.30)
    - ext4: online defrag is not supported for journaled files
    - staging: comedi: s626: don't dereference insn->data
    - serial: pl011: handle corruption at high clock speeds
    - ext4: always set i_op in ext4_mknod()
    - ext4: fix fdatasync() for files with only i_size changes
    - [x86] drm/i915: use adjusted_mode instead of mode for checking the
      6bpc force flag (regression in 3.2.29)
    - staging: comedi: jr3_pci: fix iomem dereference
    - JFFS2: don't fail on bitflips in OOB
    - mtd: nandsim: bugfix: fail if overridesize is too big
    - pnfsblock: fix partial page buffer wirte
    - target/file: Re-enable optional fd_buffered_io=1 operation
    - iscsit: remove incorrect unlock in iscsit_build_sendtargets_resp
    - rapidio/rionet: fix multicast packet transmit logic
    - ALSA: aloop - add locking to timer access
    - [armhf/omap] counter: add locking to read_persistent_clock
    - mm: fix invalidate_complete_page2() lock ordering
    - mm: thp: fix pmd_present for split_huge_page and PROT_NONE with THP
    - mm: hugetlb: fix pgoff computation when unmapping page from vma
    - hugetlb: do not use vma_hugecache_offset() for vma_prio_tree_foreach
    - [x86] firewire: cdev: fix user memory corruption (i386 userland on
      amd64 kernel)
    - udf: fix retun value on error path in udf_load_logicalvol
    - eCryptfs: Unlink lower inode when ecryptfs_create() fails
    - eCryptfs: Initialize empty lower files when opening them
    - eCryptfs: Revert to a writethrough cache model
    - eCryptfs: Write out all dirty pages just before releasing the lower file
    - eCryptfs: Call lower ->flush() from ecryptfs_flush()
    - mempolicy: remove mempolicy sharing
    - mempolicy: fix a race in shared_policy_replace()
    - mempolicy: fix refcount leak in mpol_set_shared_policy()
    - mempolicy: fix a memory corruption by refcount imbalance in
      alloc_pages_vma()
    - hpsa: dial down lockup detection during firmware flash
    - netfilter: nf_ct_ipv4: packets with wrong ihl are invalid
    - netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP
      expectation
    - netfilter: nf_ct_expect: fix possible access to uninitialized timer
    - ipvs: fix oops on NAT reply in br_nf context

  [ Ben Hutchings ]
  * codel: refine one condition to avoid a nul rec_inv_sqrt
  * [mips,mipsel] Ignore NFS/SunRPC ABI changes in 3.2.30 (fixes FTBFS)
  * tg3: Fix TSO CAP for 5704 devs w / ASF enabled
  * SUNRPC: Set alloc_slot for backchannel tcp ops (regression in 3.2.30)
  * iwlwifi: Do not request unreleased firmware for IWL6000 (Closes: #689416)
  * aufs: Update to aufs3.2-20120827:
    - Fix statfs() values when different block sizes are in use
  * udeb: Add hid-logitech-dj to input-modules (Closes: #661379)
  * connector: Make CONNECTOR built-in; enable PROC_EVENTS (Closes: #588200)
  * e1000e: Change wthresh to 1 to avoid possible Tx stalls
  * [x86] efi: Build EFI stub with EFI-appropriate options
  * [rt] Update to 3.2.32-rt48:
    - random: Make add_interrupt_randomness() work on rt
    - softirq: Init softirq local lock after per cpu section is set up
    - mm: slab: Fix potential deadlock
    - mm: page_alloc: Use local_lock_on() instead of plain spinlock
    - rt: rwsem/rwlock: lockdep annotations
    - sched: Better debug output for might sleep
    - stomp_machine: Use mutex_trylock when called from inactive cpu
  * [x86] storvsc: Account for in-transit packets in the RESET path
  * fs: handle failed audit_log_start properly
  * fs: prevent use after free in auditing when symlink following was denied
  * kernel/sys.c: fix stack memory content leak via UNAME26 (CVE-2012-0957)
  * ALSA: hda: Fix oops caused by "Fix internal mic for Lenovo Ideapad U300s"
    in 3.2.32

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 22 Oct 2012 06:25:37 +0100

linux (3.2.30-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.30
    - ext3: Fix fdatasync() for files with only i_size changes
    - UBI: fix a horrible memory deallocation bug
    - fuse: fix retrieve length
    - mmc: card: Skip secure erase on MoviNAND; causes unrecoverable corruption
    - udf: Fix data corruption for files in ICB
    - xen: Use correct masking in xen_swiotlb_alloc_coherent.
    - CIFS: Fix error handling in cifs_push_mandatory_locks
    - [x86] drm/i915: Wait for all pending operations to the fb before
      disabling the pipe
    - xhci: Fix bug after deq ptr set to link TRB
    - NFS: Fix the initialisation of the readdir 'cookieverf' array
    - staging: comedi: das08: Correct AI encoding for das08jr-16-ao
    - staging: comedi: das08: Correct AO output for das08jr-16-ao
    - rt2800usb: Added rx packet length validity check
    - staging: zcache: fix cleancache race condition with shrinker
    - NFS: return error from decode_getfh in decode open
    - ARM: 7526/1: traps: send SIGILL if get_user fails on undef handling path
    - ahci: Add alternate identifier for the 88SE9172

  [ Ben Hutchings ]
  * [s390/s390x-tape] udeb: Remove fuse-modules configuration (fixes FTBFS)

 -- dann frazier <dannf@debian.org>  Wed, 26 Sep 2012 16:00:58 +0900

linux (3.2.29-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24
    - sched/nohz: Rewrite and fix load-avg computation -- again
      (Closes: #674153)
    - libsas: fix taskfile corruption in sas_ata_qc_fill_rtf
    - md/raid1: fix use-after-free bug in RAID1 data-check code.
    - PCI: EHCI: fix crash during suspend on ASUS computers
    - cpufreq / ACPI: Fix not loading acpi-cpufreq driver (regression in 3.2.2)
    - block: fix infinite loop in __getblk_slow (regression in 3.2.19)
      (Closes: #684293)
    - PM / Hibernate: Hibernate/thaw fixes/improvements
    - tcm_fc: Fix crash seen with aborts and large reads
    - fifo: Do not restart open() if it already found a partner
    - cifs: on CONFIG_HIGHMEM machines, limit the rsize/wsize to the kmap space
    - UBIFS: fix a bug in empty space fix-up
    - ore: Fix NFS crash by supporting any unaligned RAID IO
    - ore: Remove support of partial IO request (NFS crash)
    - pnfs-obj: don't leak objio_state if ore_write/read fails
    - pnfs-obj: Fix __r4w_get_page when offset is beyond i_size
    - dm raid1: fix crash with mirror recovery and discard
    - dm raid1: set discard_zeroes_data_unsupported
    - time: Fix bugs in leap-second handling (Closes: #679882)
      + ntp: Fix leap-second hrtimer livelock
      + timekeeping: Fix leapsecond triggered load spike issue
    - bnx2x: fix checksum validation
    - bnx2x: fix panic when TX ring is full
    - eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files
    - ACPI / PM: Make acpi_pm_device_sleep_state() follow the specification
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.25
    - mm: Fix various performance problems, particularly affecting use of
      transparent hugepages (Closes: #675493)
    - target: Add range checking to UNMAP emulation
    - target: Fix reading of data length fields for UNMAP commands
    - target: Fix possible integer underflow in UNMAP emulation
    - target: Check number of unmap descriptors against our limit
    - ext4: don't let i_reserved_meta_blocks go negative
    - ext4: undo ext4_calc_metadata_amount if we fail to claim space
    - locks: fix checking of fcntl_setlease argument
    - Btrfs: call the ordered free operation without any locks held
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.26
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.27
    - lirc_sir: make device registration work (Closes: #680762)
    - random: Improve random number generation on non-interactive systems
      + random: Use arch_get_random_int instead of cycle counter if avail
      + random: Use arch-specific RNG to initialize the entropy store
      + random: make 'add_interrupt_randomness()' do something sane
      + usb: feed USB device information to the /dev/random driver
      + net: feed /dev/random with the MAC address when registering a device
      + rtc: wm831x: Feed the write counter into device_add_randomness()
      + mfd: wm831x: Feed the device UUID into device_add_randomness()
    - futex: Test for pi_mutex on fault in futex_wait_requeue_pi()
    - futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi()
    - s390/mm: downgrade page table after fork of a 31 bit process
    - asus-wmi: use ASUS_WMI_METHODID_DSTS2 as default DSTS ID.
      (Closes: #679158)
    - md/raid1: don't abort a resync on the first badblock.
    - [arm] 7467/1: mutex: use generic xchg-based implementation for ARMv6+
    - [arm] 7476/1: vfp: only clear vfp state for current cpu in vfp_pm_suspend
    - [arm] 7477/1: vfp: Always save VFP state in vfp_pm_suspend on UP
    - [arm] 7478/1: errata: extend workaround for erratum #720789
    - [arm] Fix undefined instruction exception handling
    - mm: mmu_notifier: fix freed page still mapped in secondary MMU
    - mm: hugetlbfs: close race during teardown of hugetlbfs shared page tables
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.28
    - bnx2: Fix bug in bnx2_free_tx_skbs().
    - sch_sfb: Fix missing NULL check
    - sctp: Fix list corruption resulting from freeing an association on a list
    - cipso: don't follow a NULL pointer when setsockopt() is called
    - caif: fix NULL pointer check
    - net/tun: fix ioctl() based info leaks
    - rtlwifi: rtl8192cu: Change buffer allocation for synchronous reads
    - hfsplus: fix overflow in sector calculations in hfsplus_submit_bio
    - drm/i915: fixup seqno allocation logic for lazy_request
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.29
    - pnfs: defer release of pages in layoutget
    - fuse: verify all ioctl retry iov elements
    - usb: serial: mos7840: Fixup mos7840_chars_in_buffer()
    - sched: fix divide by zero at {thread_group,task}_times
    - vfs: canonicalize create mode in build_open_flags()
    - dccp: check ccid before dereferencing
    - md: Don't truncate size at 4TB for RAID0 and Linear
    - target: fix NULL pointer dereference bug alloc_page() fails to get memory
    - USB: CDC ACM: Fix NULL pointer dereference
    - alpha: Don't export SOCK_NONBLOCK to user space. (Closes: #658460)
    - radeon: Fix various bugs in reading vbios (Closes: #685604)
    - vfs: missed source of ->f_pos races
    - svcrpc: fix BUG() in svc_tcp_clear_pages
    - svcrpc: sends on closed socket should stop immediately
    - fbcon: fix race condition between console lock and cursor timer (v1.1)
    - mm: hugetlbfs: correctly populate shared pmd
    - fs/buffer.c: remove BUG() in possible but rare condition
    - block: replace __getblk_slow misfix by grow_dev_page fix
    - Staging: speakup: fix an improperly-declared variable. (Closes: #685953)
    - NFS: Fix Oopses in nfs_lookup_revalidate and nfs4_lookup_revalidate

  [ Ben Hutchings ]
  * Bump ABI to 4
  * linux-image: Include package version in utsname version string
    ('uname -v' output) (Closes: #638878)
  * linux-source: Drop support for version.$DISTRIBUTION
  * [arm,ia64,powerpc,s390,sh,x86] linux-image: Include package version
    in stack traces from WARN, BUG, Oops etc.
  * udeb: Add snd-hda-codec-ca0132 to sound-modules (Closes: #682368)
  * linux-source: Suggest pkg-config, needed to build kconfig GUIs
    (Closes: #682726)
  * debugfs: Add mode, uid and gid mount options; set default mode to 700
    (Closes: #681418)
  * net: new counter for tx_timeout errors in sysfs
  * net: Add byte queue limits (bql) for reduced buffer-bloat
  * bnx2,bnx2x,e1000e,forcedeth,igb,ixgbe,sfc,skge,sky2,tg3:
    Add support for bql
  * fs: Update link security restrictions to match Linux 3.6:
    - Drop kconfig options; restrictions can only be disabled by sysctl
    - Change the audit message type from AUDIT_AVC (1400) to
      AUDIT_ANON_LINK (1702)
  * [rt] Update to 3.2.28-rt42:
    - time/rt: Fix up leap-second backport for RT changes
    - fix printk flush of messages
  * rds: set correct msg_namelen (CVE-2012-3430)
  * e1000: add dropped DMA receive enable back in for WoL (Closes: #684618)
  * PCI/PM/Runtime: make PCI traces quieter (Closes: #684049)
  * rc: ite-cir: Initialise ite_dev::rdev earlier (Closes: #684441)
  * input: Enable TOUCHSCREEN_ATMEL_MXT as module (Closes: #685123)
  * usb: Add USB_QUIRK_RESET_RESUME for all Logitech UVC webcams
    (Closes: #668211)
  * [alpha] Use gcc-4.6 (Closes: #685894)
    - Use large data model to work around link failure
  * [i386/486] video: Change FB_GEODE_LX from built-in to module (lxfb)
    (Closes: #686528)
  * [i386/686-pae] video: Disable Geode framebuffer drivers, not used with
    any chips that support PAE
  * [x86] drm/i915: Fix i8xx interrupt handling (Closes: #655152)
  * [armel/kirkwood] ahci: Add JMicron 362 device IDs (Closes: #634180)
  * speakup: lower default software speech rate (Closes: #686742)
  * e1000e: Fix potential DoS when TSO enabled
  * mm: Remove user-triggerable BUG from mpol_to_str
  * sfc: Fix maximum number of TSO segments and minimum TX queue size
    (CVE-2012-3412)
    - tcp: Apply device TSO segment limit earlier
  * net_sched: gact: Fix potential panic in tcf_gact().
  * af_packet: remove BUG statement in tpacket_destruct_skb
  * net: Fix various information leaks
  * af_packet: don't emit packet on orig fanout group
  * af_netlink: force credentials passing (CVE-2012-3520)
  * netlink: fix possible spoofing from non-root processes
  * net: ipv4: ipmr_expire_timer causes crash when removing net namespace
  * [i386] i810fb: Enable FB_I810_GTF, FB_I810_I2C (Closes: #687644)
  * udeb: Add fuse-modules to support os-prober (see #684265)

  [ Bastian Blank ]
  * Make xen-linux-system meta-packages depend on xen-system. This allows
    automatic updates. (closes: #681637)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 16 Sep 2012 06:16:38 +0100

linux (3.2.23-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.22
    - nilfs2: ensure proper cache clearing for gc-inodes
    - ath9k_hw: avoid possible infinite loop in ar9003_get_pll_sqsum_dvc
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.23
    - splice: fix racy pipe->buffers uses
    - NFC: Prevent multiple buffer overflows in NCI (CVE-2012-3364)
    - NFC: Return from rawsock_release when sk is NULL
    - md/raid5: Do not add data_offset before call to is_badblock
    - md/raid5: In ops_run_io, inc nr_pending before calling
      md_wait_for_blocked_rdev
    - md/raid10: fix failure when trying to repair a read error.
    - udf: Improve sanity checking of filesystem metadata (CVE-2012-3400)
      + udf: Avoid run away loop when partition table length is corrupted
      + udf: Fortify loading of sparing table
    - l2tp: fix a race in l2tp_ip_sendmsg()
    - netpoll: fix netpoll_send_udp() bugs
    - Btrfs: run delayed directory updates during log replay
    - ocfs2: clear unaligned io flag when dio fails
    - aio: make kiocb->private NUll in init_sync_kiocb()
    - mm: Hold a file reference in madvise_remove

  [ Ben Hutchings ]
  * linux-libc-dev: Fix redundant 'GNU glibc' in description (Closes: #631228)
  * README.source: Correct name of main patch series file
  * [sh] Fix up store queue code for subsys_interface changes (Closes: #680025)
  * scsi: Silence unnecessary warnings about ioctl to partition
    (Closes: #656899)
  * Update Czech debconf template translations (Michal Simunek)
    (Closes: #679674)
  * linux-image: Remove versioned relations where stable version is new enough
  * udf: Improve table length check to avoid possible overflow
  * CIFS: Respect negotiated MaxMpxCount (deferred from 3.2.14)
  * epoll: clear the tfile_check_list on -ELOOP (CVE-2012-3375)
  * nouveau: Update to support Fermi (NVC0+) acceleration (Closes: #679566)
    - Refactor sub-channel use
    - Bump version to 1.0.0
  * e100: ucode is optional in some cases
  * [x86] drm/i915: prefer wide & slow to fast & narrow in DP configs
    (Closes: #658662)
  * cipso: don't follow a NULL pointer when setsockopt() is called
  * [x86] hwmon: Enable SENSORS_SCH5636 as module (Closes: #680934)
  * atl1c: fix issue of transmit queue 0 timed out
  * raid5: delayed stripe fix (Closes: #680366)
  * fs: Remove easily user-triggerable BUG from generic_setlease
  * tcp: drop SYN+FIN messages
  * fifo: Do not restart open() if it already found a partner (Closes: #678852)
  * [rt] linux-source: Include -rt version suffix
  * [rt] Update to 3.2.23-rt37:
    - Latency histogramms: Cope with backwards running local trace clock
    - Latency histograms: Adjust timer, if already elapsed when programmed
    - Disable RT_GROUP_SCHED in PREEMPT_RT_FULL
    - Latency histograms: Detect another yet overlooked sharedprio condition
    - slab: Prevent local lock deadlock
    - fs, jbd: pull your plug when waiting for space
    - perf: Make swevent hrtimer run in irq instead of softirq
    - cpu/rt: Rework cpu down for PREEMPT_RT
    - cpu/rt: Fix cpu_hotplug variable initialization
    - workqueue: Revert workqueue: Fix PF_THREAD_BOUND abuse
    - workqueue: Revert workqueue: Fix cpuhotplug trainwreck

  [ Arnaud Patard ]
  * [mipsel] add r8169 to d-i udeb.

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 22 Jul 2012 23:25:47 +0100

linux (3.2.21-3) unstable; urgency=low

  * driver core: remove __must_check from device_create_file
    (fixes FTBFS on sparc)
  * i2400m: Disable I2400M_SDIO; hardware did not reach production
  * apparmor: remove advertising the support of network rules from
    compat iface (Closes: #676515)
  * xen/netfront: teardown the device before unregistering it (Closes: #675190)
  * linux-{doc,manual,source,support}: Mark as capable of satisfying
    relations from foreign packages (Multi-Arch: foreign) (Closes: #679202)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 28 Jun 2012 04:58:18 +0100

linux (3.2.21-2) unstable; urgency=low

  * [i386] cpufreq/gx: Fix the compile error
  * [powerpc] Enable PPC_DISABLE_WERROR (fixes FTBFS)
  * tracing/mm: Move include of trace/events/kmem.h out of header into slab.c
    (fixes FTBFS on sparc)
  * [i386] Disable incomplete lguest support
  * udeb: Add missing dependencies for various modules (see #678587)
    - [armel/kirkwood] fb-modules depends on kernel-image
    - [ia64] nic-usb-modules depends on kernel-image, nic-shared-modules,
      usb-modules
    - [ia64] sata-modules depends on kernel-image, scsi-core-modules
    - [ia64] scsi-modules depends on scsi-core-modules
    - [ia64,powerpc,ppc64] pcmcia-modules depends on kernel-image
    - [powerpc,ppc64] nic-pcmcia-modules depends on kernel-image,
      nic-shared-modules, pcmcia-modules
    - [powerpc,ppc64,x86] scsi-modules depends on ata-modules
    - [x86] nic-extra-modules depends on i2c-modules
  * wacom: do not crash when retrieving touch_max (Closes: #678798)
  * wacom: Revert unintended changes to handling of Tablet PCs
    (Closes: #677164)
  * linux-image, README.Debian: Suggest debian-kernel-handbook package

  [ Arnaud Patard ]
  * [armel, armhf] backport BPF JIT support

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 26 Jun 2012 01:56:42 +0100

linux (3.2.21-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.21
    - NFSv4.1: Fix a request leak on the back channel
    - target: Return error to initiator if SET TARGET PORT GROUPS emulation
      fails
    - USB: add NO_D3_DURING_SLEEP flag and revert 151b61284776be2
    - USB: fix gathering of interface associations

  [ Ben Hutchings ]
  * [ia64,powerpc] udeb: Add crc-itu-t to crc-modules; make
    firewire-core-modules depend on it (fixes FTBFS)
  * [arm,m68k,sh4] udeb: Build ipv6-modules
  * ethtool: allow ETHTOOL_GSSET_INFO for users
  * [rt] bump version to 3.2.20-rt32
  * cpu: Convert 'cpu' and 'machinecheck' sysdev_class to a regular subsystem
  * [x86] Add driver auto probing for x86 features
    - crypto: Add support for x86 cpuid auto loading for x86 crypto drivers
      (Closes: #568008)
    - intel-idle: convert to x86_cpu_id auto probing
    - HWMON: Convert coretemp to x86 cpuid autoprobing
    - HWMON: Convert via-cputemp to x86 cpuid autoprobing
    - cpufreq: Add support for x86 cpuinfo auto loading (Closes: #664813)
  * [x86] ACPI: Load acpi-cpufreq from processor driver automatically
  * Bump ABI to 3
  * input: Add Synaptics USB device driver (Closes: #678071)
  * [x86] udeb: Fix dependencies for nic-wireless-modules

  [ Aurelien Jarno ]
  * [mips,mipsel] udeb: Remove rivafb and nvidiafb.
  * [ppc64]: add udebs, based on powerpc/powerpc64.

  [ Bastian Blank ]
  * Support build-arch and build-indep make targets.

  [ Arnaud Patard ]
  * [armel/kirkwood] Add dreamplug and iconnect support (Closes: #675922)

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 22 Jun 2012 13:54:15 +0100

linux (3.2.20-1) unstable; urgency=low

  * The "Confused? You Won't Be" release

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.20
   - cifs: fix oops while traversing open file list (try #4)
   - mm/fork: fix overflow in vma length when copying mmap on clone
   - mm: fix faulty initialization in vmalloc_init()
   - x86, amd, xen: Avoid NULL pointer paravirt references
   - ext4: force ro mount if ext4_setup_super() fails
   - ext4: disallow hard-linked directory in ext4_lookup
   - ext4: add missing save_error_info() to ext4_error()
   - ALSA: usb-audio: fix rate_list memory leak
   - Bluetooth: btusb: typo in Broadcom SoftSailing id (Closes: #674565)
   - ipv4: Do not use dead fib_info entries.
   - ipv4: fix the rcu race between free_fib_info and ip_route_output_slow
   - l2tp: fix oops in L2TP IP sockets for connect() AF_UNSPEC case
   - btree: fix tree corruption in btree_get_prev()
   - asix: allow full size 8021Q frames to be received (Closes: #676545)
   - ext4: don't trash state flags in EXT4_IOC_SETFLAGS
   - ext4: fix the free blocks calculation for ext3 file systems w/ uninit_bg

  [ Ben Hutchings ]
  * Rename source package to 'linux' (Closes: #636010)
  * Convert source package format to 3.0 (quilt)
    - Convert patch system to quilt, except for the 'orig' patch series
    - Use xz compression for upstream and Debian tarballs
    - README.source: Update description of patch system to match current
      usage
    - linux-patch-debian: Remove; it is no longer necessary for GPL
      compliance and does not work with our current patch management
  * linux-image: Change package name for bugs to 'src:linux' (Closes: #644198)
  * DFSG: video: Remove nvidiafb and rivafb, which include apparently
    obfuscated code (Closes: #383481, #609615).  The nouveau driver supports
    all the same hardware, aside from RIVA 128 (NV3).
  * udeb: Add udf-modules containing UDF filesystem module (Closes: #613972)
  * [mipsel/loongson2f] linux-image: Recommend libc6-loongson2f
    (Closes: #629410)
  * Build-Depend on kmod or module-init-tools, not just the latter
  * test-patches: Recognise the rt featureset automatically
  * udeb: Build-Depend on kernel-wedge >= 2.84; this allows us to list
    modules as required even if they are built-in in some configurations
  * filter: Allow to create sk-unattached filters
  * proc: Backport hidepid mount option from Linux 3.4 (Closes: #669028)
  * NFSv4: Reduce the footprint of the idmapper (Closes: #657078)
  * [i386] thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE
    (Closes: #676360)
  * linux-source: Add single patch for each featureset
  * [x86] Enable CRASH_DUMP, PROC_VMCORE (Closes: #623177)
  * media/dvb: Enable DVB_DDBRIDGE as module (Closes: #676952)
  * net: sock: validate data_len before allocating skb in
    sock_alloc_send_pskb() (CVE-2012-2136)
  * macvtap: zerocopy: fix offset calculation when building skb
  * macvtap: zerocopy: fix truesize underestimation
  * macvtap: zerocopy: put page when fail to get all requested user pages
  * macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is built
    successfully
  * macvtap: zerocopy: validate vectors before building skb (CVE-2012-2119)
  * KVM: Fix buffer overflow in kvm_set_irq() (CVE-2012-2137)

  [ Bastian Blank ]
  * [s390/s390x,s390x/s390x] Build debugging symbols.

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 11 Jun 2012 02:46:34 +0100

linux-2.6 (3.2.19-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.19
    - hpsa: Fix problem with MSA2xxx devices (Closes: #661057)
    - IB/core: Fix mismatch between locked and pinned pages
    - iommu: Fix off by one in dmar_get_fault_reason()
    - vfs: make AIO use the proper rw_verify_area() area helpers
    - HID: logitech: read all 32 bits of report type bitfield (Closes: #671292)
    - USB: Remove races in devio.c
    - ext{3,4}: Fix error handling on inode bitmap corruption
    - uvcvideo: Fix ENUMINPUT handling
    - dl2k: Clean up rio_ioctl (CVE-2012-2313)
    - [x86] MCE: Fix vm86 handling for 32bit mce handler
    - [x86] mce: Fix check for processor context when machine check was taken.
    - ethtool: Null-terminate filename passed to ethtool_ops::flash_device
    - NFSv4: Fix buffer overflows in ACL support (CVE-2012-2375)
      + Avoid reading past buffer when calling GETACL
      + Avoid beyond bounds copy while caching ACL

  [ Ben Hutchings ]
  * be2net: Backport most changes up to Linux 3.5-rc1, thanks to
    Sarveshwar Bandi (Closes: #673391)
    - Add support for Skyhawk cards
  * net/sched: Add codel and fq_codel from Linux 3.5-rc1
  * [x86] udeb: Add hyperv-modules containing Hyper-V paravirtualised drivers
  * [x86] ata_piix: defer disks to the Hyper-V drivers by default
  * [x86] drm/i915:: Disable FBC on SandyBridge (Closes: #675022)
  * AppArmor: compatibility patch for v5 interface (Closes: #661151)
  * hugepages: fix use after free bug in "quota" handling (CVE-2012-2133)
  * [x86] mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race
    condition (CVE-2012-2373)
  * hugetlb: fix resv_map leak in error path (CVE-2012-2390)
  * [SCSI] fix scsi_wait_scan (Closes: #647436)

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 01 Jun 2012 13:15:48 +0100

linux-2.6 (3.2.18-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.18
    - hugetlb: prevent BUG_ON in hugetlb_fault() -> hugetlb_cow()
    - net: l2tp: unlock socket lock before returning from l2tp_ip_sendmsg
    - [sparc] sparc64: Do not clobber %g2 in xcall_fetch_glob_regs().
    - ext4: avoid deadlock on sync-mounted FS w/o journal
    - brcm80211: smac: fix endless retry of A-MPDU transmissions
      (Closes: #672891)
    - target: Fix SPC-2 RELEASE bug for multi-session iSCSI client setups
    - ALSA: hda/idt - Fix power-map for speaker-pins with some HP laptops
      (Closes: #672582)
    - usbnet: fix skb traversing races during unlink(v2)
    - [arm] prevent VM_GROWSDOWN mmaps extending below FIRST_USER_ADDRESS

  [ Jonathan Nieder ]
  * wacom: Add support for various tablet models (Closes: #671801)
  * rt2800usb: Add support for Ralink RT5392/RF5372 chipset (Closes: #673186)

  [ Ben Hutchings ]
  * test-patches: Fix -j option, broken since 3.1.0-1~experimental.1
  * rt2800usb: Re-enable powersaving by default, as it should work better
    than in 2.6.38
  * [sparc,sparc64] Build virtio-modules-udeb for use in qemu (Closes: #673320)
  * KVM: mmu_notifier: Flush TLBs before releasing mmu_lock
  * [x86] KVM: nVMX: Fix erroneous exception bitmap check
  * [x86] KVM: VMX: vmx_set_cr0 expects kvm->srcu locked
  * [s390] KVM: do store status after handling STOP_ON_STOP bit
  * [s390] KVM: Sanitize fpc registers for KVM_SET_FPU
  * ACPI battery: only refresh the sysfs files when pertinent information
    changes (Closes: #670958)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 21 May 2012 04:07:08 +0100

linux-2.6 (3.2.17-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.17
    - md: fix possible corruption of array metadata on shutdown.
    - ext4: fix endianness breakage in ext4_split_extent_at()
    - KVM: unmap pages from the iommu when slots are removed (CVE-2012-2121)
    - btrfs: btrfs_root_readonly() broken on big-endian
    - ocfs2: Fix various bugs affecting big-endian architectures
    - lockd: fix the endianness bug
    - phonet: Check input from user before allocating
    - netlink: fix races after skb queueing
    - net: fix a race in sock_queue_err_skb()
    - net/ethernet: ks8851_mll fix rx frame buffer overflow
    - x86, apic: APIC code touches invalid MSR on P5 class machines
    - drm/i915: fix integer overflow in i915_gem_execbuffer2()
    - drm/i915: fix integer overflow in i915_gem_do_execbuffer()
    - USB: cdc-wdm: fix race leading leading to memory corruption
    - autofs: make the autofsv5 packet file descriptor use a packetized pipe
      (Closes: #633423)
    - efi: Validate UEFI boot variables
    - efivars: Improve variable validation
    - fs/cifs: fix parsing of dfs referrals
    - hfsplus: Fix potential buffer overflows (CVE-2012-2319)
    - exit_signal: fix the "parent has changed security domain" logic

  [ Ben Hutchings ]
  * aufs: Enable AUFS_EXPORT
  * ext4: Report max_batch_time option correctly (Closes: #654206)
  * [i386/rt-686-pae] Enable HIGHMEM64G as intended for this configuration
  * NFSv4: Revalidate uid/gid after open (Closes: #659111)
  * sky2: propogate rx hash when packet is copied
  * sky2: fix receive length error in mixed non-VLAN/VLAN traffic
    (Closes: #492853)
  * KVM: Ensure all vcpus are consistent with in-kernel irqchip settings
    (CVE-2012-1601)
  * KVM: lock slots_lock around device assignment (CVE-2012-2121)
  * [rt] bump version to 3.2.16-rt27

  [ Bastian Blank ]
  * [s390] Enable IUCV special message support. (closes: #671238)

  [ Arnaud Patard ]
  * [armhf] Add vexpress support from Vagrant Cascadian with a slightly
    modified kernel configuration (Closes: #670462)
  * [armel] Introduce a new udeb module for leds and use it on kirkwoord
    kernel thanks to Simon Guinot (Closes: #671200)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 12 May 2012 15:29:09 +0100

linux-2.6 (3.2.16-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.16
    - drm/i915: properly compute dp dithering for user-created modes
      (Closes: #666360)
    - md/bitmap: prevent bitmap_daemon_work running while initialising bitmap
    - [ia64] Fix futex_atomic_cmpxchg_inatomic() (Closes: #659485)
    - USB: serial: fix race between probe and open
    - fcaps: clear the same personality flags as suid when fcaps are used
      (CVE-2012-2123)
    - ACPICA: Fix to allow region arguments to reference other scopes
      (Closes: #661581)
    - futex: Do not leak robust list to unprivileged process
    - drm/radeon/kms: fix the regression of DVI connector check
      (Closes: #670047)

  [ Ben Hutchings ]
  * rt2x00: Identify rt2800usb chipsets. (Closes: #658067)
  * [x86] Add EFI boot stub support (Closes: #669033)
  * brcmsmac: "INTERMEDIATE but not AMPDU" only when tracing
  * NFSv4: Fix error handling and improve error reporting for file locking
    (Closes: #669270)
    - Rate limit the state manager for lock reclaim warning messages
    - Ensure that the LOCK code sets exception->inode
    - Ensure that we check lock exclusive/shared type against open modes
  * [x86] i915: Fix integer overflows in i915_gem_{do_execbuffer,execbuffer2}
  * Revert "autofs: work around unhappy compat problem on x86-64".
    Reopens #633423.

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 29 Apr 2012 08:00:53 +0100

linux-2.6 (3.2.15-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.15
    - drm/radeon/kms: fix fans after resume (Closes: #596741)
    - sysctl: fix write access to dmesg_restrict/kptr_restrict
    - [x86] PCI: use host bridge _CRS info on MSI MS-7253 (Closes: #619034)
    - nfs: Fix length of buffer copied in __nfs4_get_acl_uncached
    - [x86] ioat: fix size of 'completion' for Xen (Closes: #660554)
    - cred: copy_process() should clear child->replacement_session_keyring

  [ Ben Hutchings ]
  * net: fix /proc/net/dev regression (Closes: #659499)
  * [armel/orion5x] Fix GPIO enable bits for MPP9 (Closes: #667446)
  * [x86] drm/i915: mask transcoder select bits before setting them on LVDS
  * [armhf/mx5,mipsel/loongson-2f] input: Enable INPUT_TOUCHSCREEN
    (Closes: #668036)
  * [x86] hv: Update all Hyper-V drivers to 3.4-rc1 (Closes: #661318)
  * hugetlb: fix race condition in hugetlb_fault()

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 14 Apr 2012 18:23:44 +0100

linux-2.6 (3.2.14-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14
    - mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem
      read mode (CVE-2012-1179)
    - hugetlbfs: avoid taking i_mutex from hugetlbfs_read()
    - md/bitmap: ensure to load bitmap when creating via sysfs
      (Closes: #661558)
    - md: dont set md arrays to readonly on shutdown
    - md/raid1,raid10: avoid deadlock during resync/recovery (Closes: #584881)
    - md: fix clearing of the changed flags for the bad blocks list
    - xfs: fix inode lookup race
    - sysctl: protect poll() in entries that may go away
    - NFSv4: Rate limit the state manager warning messages (Closes: #666121)
    - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer
    - ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc
    - ext4: fix race between sync and completed io work
    - ext4: check for zero length extent
    - vfs: fix d_ancestor() case in d_materialize_unique
    - udf: Fix deadlock in udf_release_file()
    - dm crypt: add missing error handling
    - dm thin: fix stacked bi_next usage
    - xfs: Fix oops on IO error during xlog_recover_process_iunlinks()
    - NFSv4: Fix two infinite loops in the mount code
    - drm/i915: suspend fbdev device around suspend/hibernate
      (Closes: #645547)
    - net: fix a potential rcu_read_lock() imbalance in rt6_fill_node()
    - [x86] tls: Off by one limit check
    - PCI: ASPM: Fix pcie devices with non-pcie children (Closes: #665420)

  [ Jonathan Nieder ]
  * ata: Enable PATA_IT8213 as module (Closes: #666506)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 05 Apr 2012 05:02:45 +0100

linux-2.6 (3.2.13-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.13

  [ Ben Hutchings ]
  * kbuild: do not check for ancient modutils tools

  [ Uwe Kleine-König ]
  * [rt] bump version to 3.2.12-rt22

  [ Bastian Blank ]
  * [s390x] Ignore ABI change.

 -- Bastian Blank <waldi@debian.org>  Wed, 28 Mar 2012 13:40:26 +0200

linux-2.6 (3.2.12-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.11
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.12
    - aio: fix io_setup/io_destroy race
    - aio: fix the "too late munmap()" race
    - vfs: fix double put after complete_walk()
    - acer-wmi: No wifi rfkill on Lenovo machines (Closes: #655941)
    - tcp: fix false reordering signal in tcp_shifted_skb
    - r8169: corrupted IP fragments fix for large mtu
    - tcp: don't fragment SACKed skbs in tcp_mark_head_lost()
    - tcp: fix tcp_shift_skb_data() to not shift SACKed data below snd_una
    - block: Fix NULL pointer dereference in sd_revalidate_disk
      (Closes: #649735)
    - block: fix __blkdev_get and add_disk race condition

  [ Ben Hutchings ]
  * [powerpc] Enable KVM_GUEST
  * [s390] Ignore arch_pick_mmap_layout version change; it should not be
    needed by modules (fixes FTBFS)
  * [x86] Disable POHMELFS; this version is obsolete
  * epoll: Don't limit non-nested epoll paths
  * CIFS: Fix a spurious error in cifs_push_posix_locks
  * [rt] bump rt patch to version 3.2.11-rt20
  * aufs: Update to aufs3.2-20120312
  * tcp: fix syncookie regression
  * ipv6: Don't dev_hold(dev) in ip6_mc_find_dev_rcu

  [ Jonathan Nieder ]
  * [x86] Enable RTS5139 as module (Closes: #663912)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 20 Mar 2012 04:32:51 +0000

linux-2.6 (3.2.10-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
    - regset: Prevent null pointer reference on readonly regsets
      (CVE-2012-1097)

  [ Uwe Kleine-König ]
  * [rt] bump rt patch to version 3.2.9-rt17
  * [rt] fix conflict between the security restrictions on links introduced in
    3.2.9-1 and rt (Closes: #663269)

  [ Aurelien Jarno ]
  * [mips,mipsel] Mark ext4-modules as provided by the kernel-image udeb, remove
    ide-core-modules provide.

  [ Ben Hutchings ]
  * [x86,ia64] PCI/hotplug: Build-in common hotplug drivers:
    - Change HOTPLUG_PCI, HOTPLUG_PCI_PCIE to built-in
    - [x86] Change HOTPLUG_PCI_ACPI to built-in (Closes: #663433)
    - [ia64] Enable HOTPLUG_PCI_SGI as built-in
  * linux-headers: Remove unused, broken symlinks to Kbuild (Closes: #663597)
  * udeb: Remove dependency of {pcmcia,usb}-storage-modules on ide-core-modules
  * [mips,mipsel] Mark ata-modules as provided by the kernel-image udeb
    for most flavours

 -- Bastian Blank <waldi@debian.org>  Tue, 13 Mar 2012 17:19:32 +0100

linux-2.6 (3.2.9-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.8
    - [i386] i387: move TS_USEDFPU flag from thread_info to task_struct
    - [x86] additional refactoring of FPU/SSE state save and restore
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.9
    - vfs: fix d_inode_lookup() dentry ref leak
    - target: Allow control CDBs with data > 1 page
    - epoll: introduce POLLFREE to flush ->signalfd_wqh before kfree()
    - epoll: ep_unregister_pollwait() can use the freed pwq->whead
    - epoll: limit paths (CVE-2011-1083)
    - cdrom: use copy_to_user() without the underscores

  [ Bastian Blank ]
  * [mips,mipsel] Also remove ext4 modules from installer.

  [ Ben Hutchings ]
  * Update debconf template translations:
    - Update Dutch (Willem Kuyn) (Closes: #658736)
    - Add Polish (Michał Kułach) (Closes: #658912)
  * Bump ABI to 2
  * fs: Introduce and enable security restrictions on links:
    - Do not follow symlinks in /tmp that are owned by other users
      (sysctl: fs.protected_symlinks)
    - Do not allow unprivileged users to create hard links to sensitive files
      (sysctl: fs.protected_hardlinks) (Closes: #609455)
      + This breaks the 'at' package in stable, which will be fixed shortly
        (see #597130)
    The precise restrictions are specified in Documentation/sysctl/fs.txt in
    the linux-doc-3.2 and linux-source-3.2 packages.
  * iwlwifi: fix key removal (Closes: #651199)
  * cgroups: Set CGROUP_PERF
  * hid: Enable HID_HOLTEK, HID_PRIMAX, HID_SPEEDLINK, HID_WIIMOTE as modules,
    HID_ACRUX_FF
  * media/rc: Enable RC_ATI_REMOTE as module
  * gspca: Enable USB_GSPCA_TOPRO as module
  * dvb-usb: Enable DVB_USB_PCTV452E, DVB_USB_MXL111SF as modules

  [ Uwe Kleine-König ]
  * [x86] Update rt featureset to 3.2.9-rt15

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 04 Mar 2012 15:32:20 +0000

linux-2.6 (3.2.7-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.7

  [ Ben Hutchings ]
  * Add Turkish debconf template translations (Mert Dirik) (Closes: #660117)
  * [amd64] Disable BLK_DEV_IDEPNP, BLK_DEV_OPTI621, IDE_GENERIC
  * Use libata-based drivers for most of the remaining PATA controllers:
    - pata_legacy replaces ide-generic
    - pata_isapnp replaces ide-pnp
    - pata_opti replaces opti621
    - pata_hpt366 and pata_hpt37x replace hpt366
    - pata_ninja32 replaces delkin_cb
    - pata_cs5535 replaces cs5535
    - pata_winbond replaces sl82c105
    - [alpha] pata_cypress replaces cy82c693
    - [hppa] pata_ns87415 replaces ns87415
    - [sparc] Various replacements, as for x86 in 2.6.32-10
  * Disable old IDE subsystem [!ia64,m68k]:
    - Disable BLK_DEV_IT8172, BLK_DEV_IT8213, BLK_DEV_TC86C001, BLK_DEV_TRM290
    - [alpha] Disable BLK_DEV_4DRIVES, BLK_DEV_ALI14XX, BLK_DEV_DTC2278,
      BLK_DEV_HT6560B, BLK_DEV_QD65XX, BLK_DEV_UMC8672
  * fs: Enable EFI_PARTITION in all configurations (Closes: #660582)
  * [i386] Re-enable INTEL_IOMMU, IRQ_REMAP
  * [mips/r5k-ip32] Enable INPUT_SGI_BTNS (previously INPUT_SGIO2_BTNS)
  * [powerpc/powerpc64] Enable IBM_EMAC (previously IBM_NEW_EMAC)
  * [x86] drm/i915: do not enable RC6p on Sandy Bridge (Closes: #660265)
  * ipsec: be careful of non existing mac headers (Closes: #660804)
  * version: Use maintainer rather than uploader address for official
    binary packages

  [ Bastian Blank ]
  * Don't advertise Xen support for rt images. (closes: #659988)
  * [m68k,mips,mipsel] Use ext4 for all ext-variants. (closes: #660446)
  * [m68k,mips,mipsel] Don't built-in ramdisk support.
  * [hppa,mips,mipsel] Don't built-in cramfs support.
  * [alpha,hppa] Don't built-in ext2.
  * Remove IDE trigger for LED support.
  * Remove all framebuffer bootup logos.
  * NFSv4: Fix an Oops in the NFSv4 getacl code.

 -- Bastian Blank <waldi@debian.org>  Tue, 28 Feb 2012 16:00:41 +0100

linux-2.6 (3.2.6-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.5
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.6
    - ALSA: hda - Apply 0x0f-VREF fix to all ASUS laptops with ALC861/660
      (Closes: #657302)
    - [armhf] vfp: flush thread hwstate before restoring context from sigframe
    - proc: mem_release() should check mm != NULL
    - proc: make sure mem_open() doesnt pin the targets memory
    - [arm] sched/rt: Fix task stack corruption under
      __ARCH_WANT_INTERRUPTS_ON_CTXSW
    - eCryptfs: Infinite loop due to overflow in ecryptfs_write()
    - iscsi-target: Fix reject release handling in iscsit_free_cmd()
    - iscsi-target: Fix double list_add with iscsit_alloc_buffs reject
    - pcmcia: fix socket refcount decrementing on each resume

  [ Aurelien Jarno ]
  * hwmon: backport IT8728F support for linux 3.3. 

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.2.5-rt12
  * [i386] enable rt featureset for 686-pae

  [ Arnaud Patard ]
  * Merge ixp4xx oops fix when probing mtd.

  [ Ben Hutchings ]
  * Change linux-image dependencies to allow kmod as an alternative to
    module-init-tools
  * relay: prevent integer overflow in relay_open()
  * builddeb: Don't create files in /tmp with predictable names
  * ath9k: fix a WEP crypto related regression (Closes: #659484)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 16 Feb 2012 02:38:38 +0000

linux-2.6 (3.2.4-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.3
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.4
    - eCryptfs: Sanitize write counts of /dev/ecryptfs
    - eCryptfs: Make truncate path killable
    - eCryptfs: Check inode changes in setattr
    - drm/i915: paper over missed irq issues with force wake voodoo
    - tpm_tis: add delay after aborting command (Closes: #649033)
    - USB: ftdi_sio: fix initial baud rate (Closes: #658164)
    - USB: Realtek cr: fix autopm scheduling while atomic (Closes: #656724)

  [ Ben Hutchings ]
  * [armel] Add mv78xx0 flavour; thanks to Steve McIntyre for the config
  * net: Disable FIXED_PHY; this driver only causes trouble
  * PCI: Rework ASPM disable code (fixes power usage regression on some
    systems)

  [ Bastian Blank ]
  * Remove unneeded scmversion workaround.

 -- Bastian Blank <waldi@debian.org>  Sun, 05 Feb 2012 15:42:21 +0100

linux-2.6 (3.2.2-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2
    - ext4: fix undefined behavior in ext4_fill_flex_info() (CVE-2009-4307)
    - Unused iocbs in a batch should not be accounted as active (CVE-2012-0058)
    - uvcvideo: Fix integer overflow in uvc_ioctl_ctrl_map()
    - [arm] proc: clear_refs: do not clear reserved pages

  [ Ben Hutchings ]
  * Clean up linux-image maintainer scripts:
    - Stop changing 'build' and 'source' symlinks; these now belong to the
      linux-headers packages
    - Remove unused configuration variables
    - prerm: Remove last vestige of /usr/doc transition
    - postrm: Remove modules.*.bin; currently modules.builtin.bin is left
      behind
  * [alpha] Build with gcc-4.5 (Closes: #657112)
  * aufs: Update to aufs3.2-20120109 (fixes FTBFS on m68k)
  * [m68k] Fix assembler constraint to prevent overeager gcc optimisation
  * sdhci-pci: Include driver in installer
  * [armel] udeb: Do not attempt to build lzo-modules udeb as lzo_compress
    is now built-in (fixes FTBFS)
  * [armhf] udeb: Include rt2800usb in nic-modules, replacing rt2870sta
    which was removed from the kernel
  * drm: Fix authentication kernel crash
  * xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink()
  * jbd: Issue cache flush after checkpointing
  * crypto: sha512 - make it work, undo percpu message schedule
    - crypto: sha512 - reduce stack usage to safe number
  * [x86] xen: size struct xen_spinlock to always fit in arch_spinlock_t
  * l2tp: l2tp_ip - fix possible oops on packet receive
  * macvlan: fix a possible use after free
  * tcp: fix tcp_trim_head() to adjust segment count with skb MSS
  * [x86] KVM: fix missing checks in syscall emulation (CVE-2012-0045)

  [ Thorsten Glaser ]
  * [m68k] Use gcc-4.6 like (almost) all other architectures
  * Pass the cflags define as CFLAGS_KERNEL and CFLAGS_MODULE to kbuild
  * [m68k] Use cflags -ffreestanding (Closes: #648996)

  [ Aurelien Jarno ]
  * [mips,octeon] Disabled CONFIG_FIXED_PHY as it conflicts with the octeon
    phy driver.

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 01 Feb 2012 01:44:05 +0000

linux-2.6 (3.2.1-2) unstable; urgency=high

  [ Stefan Lippers-Hollmann ]
  * udeb: Add missing modules to nic-wireless-modules:
    - lib80211 encryption algorithms (lib80211_crypt_{wep,ccmptkip})
      needed for e.g. ipw2x00 wlan modules (Closes: #636259)
    - ath9k_htc, carl9170 and rt2800{pci,usb} drivers
      (Closes: #636321, #636353, #636385)

  [ Ben Hutchings ]
  * Update Vcs-Browser URL for the switch to ViewVC
  * Point Vcs-{Svn,Browser} at trunk branch, since the sid branch does
    not always exist
  * Build linux-libc-dev without multiarch if dpkg does not support it,
    to support backports
  * proc: clean up and fix /proc/<pid>/mem handling (CVE-2012-0056)

  [ Aurelien Jarno ]
  * [x86] Backport KVM nested VMX fixes from 3.3 to fix warnings and
    crashes of L1 guests.

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 23 Jan 2012 15:10:04 +0000

linux-2.6 (3.2.1-1) unstable; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_3.2
  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1

  [ Aurelien Jarno ]
  * [arm, mips, mipsel, sh4] Add a virtio-modules udeb on flavours which
    can be emulated by QEMU.

  [ Ben Hutchings ]
  * media/dvb: Enable DVB_USB_IT913X as module (Closes: #653776)
  * [arm] Remove use of possibly undefined BUILD_BUG_ON in <asm/bug.h>
    (fixes FTBFS)
  * Install /lib/modules/<kernel-version>/modules.builtin in linux-image
    packages
  * [ia64] Add accept4() syscall (Closes: #647825)
  * [x86] staging: Enable STAGING_MEDIA, which various drivers now depend on
    (Closes: #654800)
  * [um,m68k] Register a generic CPU device (fixes regression introduced by
    the fix for #649216)
  * [alpha] add io{read,write}{16,32}be functions, thanks to Michael Cree
  * net: reintroduce missing rcu_assign_pointer() calls
  * Input: ALPS - add support for protocol versions 3 and 4
    (Closes: #618422, #648207)
  * [powerpc/powerpc64] udeb: Drop zlib-modules; ZLIB_DEFLATE is built-in
  * [amd64] iommu: Enable INTEL_IOMMU, INTEL_IOMMU_FLOPPY_WA, IRQ_REMAP
  * [amd64] cpufreq: Enable X86_P4_CLOCKMOD (Closes: #656328)
  * Refresh list of related firmware packages for bug script

  [ Bastian Blank ]
  * [amd64] crypt: Enable some amd64 only ciphers.
  * Packaging updates:
    - Use unicode.
    - Cleanup config handling.
    - Remove support for plain-xen image type.
    - Allow disabling debug infos for unreleased builds.

  [ Arnaud Patard ]
  * [armel] disable tomoyo and apparmor to allow kernel image to fit into flash.
  * [armel] add back ixp4xx gpiolib patch
  * [arm] backport topdown mmap support from rmk's tree
  * [armel] Enable support from LaCIE kirkwood devices, thanks to Simon Guinot
    (Closes: #655344)
  * [armel] Backport 88f6282 A1 support

  [ Jurij Smakov ]
  * [sparc] Add mpt2sas to scsi-common-modules udeb on sparc and sparc64,
    needed by Niagara T3 machines.

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 18 Jan 2012 16:14:12 +0000

linux-2.6 (3.2~rc7-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    - [powerpc] pasemi_mac: Fix building as module
    - [x86] mpparse: Account for bus types other than ISA and PCI
      (Closes: #586494)
    - EHCI : Fix a regression in the ISO scheduler (Closes: #651382)
    - [arm] setup: initialize arm_dma_zone_size earlier (Closes: #651215)

  [ Ben Hutchings ]
  * [x86] et131x: Include driver in installer (Closes: #651440)
  * security: Enable APPARMOR (Closes: #598408)

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.2-rc5-rt8

  [ Bastian Blank ]
  * Use xz compression for all packages.

 -- Bastian Blank <waldi@debian.org>  Wed, 28 Dec 2011 14:55:38 +0100

linux-2.6 (3.2~rc4-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * aufs: Update to aufs3.x-rcN-20111114
  * ieee802154: Enable IEEE802154_6LOWPAN as module
  * can: Enable CAN_GW, CAN_EMS_PCMCIA, CAN_PEAK_PCI as modules
  * nfc: enable NFC_NCI as module
  * scsi: Enable MVUMI as module
  * dm: Enable DM_THIN_PROVISIONING as module
  * b43: Enable B43_PHY_HT
  * [ia64,powerpc,sparc,x86] wireless: Enable MWIFIEX_PCIE as module
  * udeb: Update configuration for 3.2:
    - Provide the default configuration instead of including it from the
      kernel-wedge package
    - iwlagn is renamed to iwlwifi
    - blowfish is renamed to blowfish_generic

  [ Uwe Kleine-König ]
  * [amd64] reenable rt featureset with 3.2-rc4-rt5

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 03 Dec 2011 23:07:41 +0000

linux-2.6 (3.1.8-2) unstable; urgency=high

  * igmp: Avoid zero delay when receiving odd mixture of IGMP queries
    (Closes: #654876) (CVE-2012-0207)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 10 Jan 2012 00:14:39 +0000

linux-2.6 (3.1.8-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.7
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.8
    - Revert "clockevents: Set noop handler in clockevents_exchange_device()",
      included in stable update 3.1.5 (Closes: #653398)
    - cfq-iosched: fix cfq_cic_link() race condition
    - binary_sysctl(): fix memory leak
    - cgroups: fix a css_set not found bug in cgroup_attach_proc
    - iwlwifi: allow to switch to HT40 if not associated (Closes: #653423)
    - futex: Fix uninterruptible loop due to gate_area
    - drm/radeon/kms: bail on BTC parts if MC ucode is missing
    - [sparc] sparc64: Fix masking and shifting in VIS fpcmp emulation.
    - llc: llc_cmsg_rcv was getting called after sk_eat_skb.
    - ipv4: reintroduce route cache garbage collector
    - Revert "rtc: Disable the alarm in the hardware" (Closes: #652869)

  [ Ben Hutchings ]
  * snapshot: Implement compat_ioctl (Closes: #502816)
  * drm/radeon: flush read cache for gtt with fence on r6xx and newer GPU
    (Closes: #646376)
  * rtc: Fix alarm rollover when day or month is out-of-range (Closes: #646429)
  * l2tp: ensure sk->dst is still valid (Closes: #652503)
  * Update Russian debconf template translations (Yuri Kozlov)
    (Closes: #653716)
  * v4l2-ioctl: integer overflow in video_usercopy()
  * Restrict ioctl forwarding on partitions and logical volumes (CVE-2011-4127)
  * [x86] KVM: Prevent starting PIT timers in the absence of irqchip support
    (CVE-2011-4622)

  [ Jonathan Nieder ]
  * prerm: Print an error message when aborting removal of the running
    kernel (Closes: #601962)
  
  [ Aurelien Jarno ]
  * [sh4] Remove core-modules udeb as it is empty.
  * [sh4/sh7751r] Disable CONFIG_RTS7751R2D_1. Support for this board 
    implies IRQless IDE, which causes data corruption.

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 08 Jan 2012 16:31:16 +0000

linux-2.6 (3.1.6-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.6
    - staging: r8712u: Add new USB ID (Closes: #651622)
    - [arm] setup: initialize arm_dma_zone_size earlier (Closes: #651215)

  [ Ben Hutchings ]
  * [x86] Enable HYPERV, HYPERV_STORAGE, HYPERV_NET, HYPERV_UTILS,
    HYPERV_MOUSE as modules (Closes: #652014)
  * cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler
    (Closes: #650119)
  * udeb: Update configuration:
    - Provide the default configuration instead of including it from the
      kernel-wedge package
    - [x86] Include et131x (Closes: #651440)
    - [x86] Include isci (Closes: #652897)

 -- Bastian Blank <waldi@debian.org>  Fri, 23 Dec 2011 17:02:26 +0100

linux-2.6 (3.1.5-1) unstable; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.5
    - bridge: correct IPv6 checksum after pull (Closes: #651469)
    - USB: EHCI: fix HUB TT scheduling issue with iso transfer
      (Closes: #651015)
    - [x86] mpparse: Account for bus types other than ISA and PCI
      (Closes: #586494)

  [ Bastian Blank ]
  * Fix generation of revisions for the patch list.

  [ Hector Oron ]
  * regulator: backport fix for nullpointer dereference in core.

  [ Ben Hutchings ]
  * [x86] Enable MEMTEST (Closes: #613321, #646361)
    - If bad RAM is detected, WARN and recommend a more thorough test
  * brcmsmac: Fix I/O functions for MIPS and for big-endian architectures
  * [x86] Enable GPIO_PCH, GPIO_ML_IOH, I2C_EG20T, PCH_CAN, PCH_DMA,
    PCH_GBE, PCH_PHUB, SERIAL_PCH_UART, SPI_TOPCLIFF_PCH, USB_GADGET,
    USB_EG20T as modules

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 11 Dec 2011 05:28:40 +0000

linux-2.6 (3.1.4-1) unstable; urgency=low

  * New upstream stable updates:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.2
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.3
    - TTY: ldisc, wait for ldisc infinitely in hangup (Closes: #645071)
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.4

  [ Martin Michlmayr ]
  * [armel] Set the priority of pata-modules to standard since the
    GLAN Tank uses PATA.

  [ Ben Hutchings ]
  * Enable BCMA as module, BCMA_HOST_PCI and B43_BCMA (Closes: #649567)
    but limit these to devices not supported by brcmsmac
  * brcmsmac: Enable as module for all architectures
  * Include module taint flags in bug reports
  * lirc_serial: Fix various bugs that may result in a crash, deadlock or
    other failure (Closes: #645811)
  * amilo-rfkill: Use proper functions to write to the i8042 safely
  * topology: Provide CPU topology in sysfs in !SMP configurations
    (Closes: #649216)

  [ Bastian Blank ]
  * Include generated headers. (closes: #650085)

 -- Bastian Blank <waldi@debian.org>  Tue, 29 Nov 2011 14:14:14 +0100

linux-2.6 (3.1.1-1) unstable; urgency=high

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.1

  [ Aurelien Jarno ]
  * [s390x] Add s390x udebs, based on linux-kernel-di-s390x-2.6.
  * [sparc64] Sync udebs with sparc.

  [ Ben Hutchings ]
  * [powerpc] Fix module selection for {ata,ide,scsi-core}-modules udebs
  * [alpha] wire up accept4 syscall, thanks to Michael Cree
  * iwlagn: fix modinfo display for 135 ucode (Closes: #647958)
  * [powerpc] ptrace: Fix build with gcc 4.6
  * [arm] add io{read,write}{16,32}be functions (fixes FTBFS)
  * cifs, freezer: add wait_event_freezekillable and have cifs use it
    (Closes: #488794)
  * [alpha] Remove old, broken udeb configuration (Closes: #647586)
  * DFSG: Remove drivers/staging/ft1000/ft1000-*/*.img, non-free
    firmware for drivers we don't build
  * hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops (CVE-2011-2203)
  * vmscan: fix shrinker callback bug in fs/super.c
  * block: Always check length of all iov entries in blk_rq_map_user_iov()
  * [x86] Add amilo-rfkill driver for some Fujitsu-Siemens Amilo laptops
    (Closes: #631664)

  [ Arnaud Patard ]
  * [arm] add missing ioread/write be functions to ixp4xx to fix FTBFS
  * [armhf] allow to build kernel image for iMX51 and iMX53 and enable some
    iMX53 platforms.
  * [armhf] add ahci for iMX53, pata for iMX51

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 13 Nov 2011 20:08:09 +0000

linux-2.6 (3.1.0-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_3.1
    - drm/i915: FBC off for ironlake and older, otherwise on by default
      (Closes: #641622)
    - drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin
      calculation (Closes: #585130)
    - crypto: ghash - Avoid null pointer dereference if no key is set

  [ Ben Hutchings ]
  * [powerpc/powerpc64] Add missing #include to LPAR console selection fix
  * Make kernel-wedge package checks non-fatal in experimental builds
  * [x86/!486] Enable INTEL_IDLE
  * aufs: Update to aufs3.1-20111031 (Closes: #644687)

  [ Bastian Blank ]
  * Use xz compression for debug packages.
  * Make gcc-4.6 the default compiler.
  * Use shorter versions in the package names.
  * Remove linux-tools-* binary package.
  * Drop external module packages stuff.
  * Set default security module to Unix Discretionary Access Controls.
    - Remove unneeded selinux boot parameter.

 -- Bastian Blank <waldi@debian.org>  Thu, 03 Nov 2011 20:03:14 +0100

linux-2.6 (3.1.0~rc7-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * Build udebs for the installer

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 25 Sep 2011 22:52:50 +0100

linux-2.6 (3.1.0~rc6-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * [ia64] Disable GENERIC_GPIO (fixes FTBFS)
  * [i386] libertas: prioritize usb8388_olpc.bin firmware on OLPC machines
  * [armel/ixp4xx] Add gpioblib support (fixes FTBFS)
  * [i386] Fix alignment of alternative instruction entries (Closes: #640964)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 21 Sep 2011 05:45:40 +0100

linux-2.6 (3.1.0~rc4-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * aufs: Disable until it is updated for Linux 3.1
  * rt: Disable until it is updated for Linux 3.1
  * nfs: Enable NFSv4.1/pNFS (Closes: #627655)
  * [x86] ACPI: Enable ACPI_APEI_GHES as built-in (no longer modular).
    Enable ACPI_APEI_MEMORY_FAILURE.
  * netfilter: Enable IP_SET_HASH_NETIFACE as module
  * net: Enable NFC, NFC_PN533 as modules
  * video: Enable FB_UDL as module (Closes: #618261)
  * target: Enable ISCSI_TARGET as module
  * skge: Enable SKGE_GENESIS
  * net/wireless: Enable RTL8192DE as module
  * hwmon: Enable SENSORS_EMC2103, SENSORS_LM95245, SENSORS_MAX1668,
    SENSORS_NTC_THERMISTOR, SENSORS_SMM665 as modules
  * [i386] Enable GPIO_CS5535, MFD_CS5535, CS5535_MFGPT,
    CS5535_CLOCK_EVENT_SRC, GPIO_VX855, MFD_VX855 as modules;
    [i386/486] Enable OLPC_XO1_PM, OLPC_XO1_RTC, OLPC_XO1_SCI, OLPC_XO15_SCI
    (Closes: #639113)
  * media/dvb: Enable DVB_NET
  * media/rc: Enable IR_MCE_KBD_DECODER as module
  * gspca: Enable USB_GSPCA_SE401 as module
  * de4x5: Disable on all architectures except alpha (Closes: #639538)
  * wl128x: Disable on all flavours except armhf/omap
  * Make bug script accept failure of lspci (Closes: #639439)
  * [alpha] Disable GENERIC_GPIO (Closes: #638696)

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 29 Aug 2011 14:48:28 +0100

linux-2.6 (3.0.0-6) unstable; urgency=high

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.0.7-rt20

  [ Bastian Blank ]
  * Add stable 3.0.7, including:
    - drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin
      calculation (Closes: #585130)
    - ipv6: fix NULL dereference in udp6_ufo_fragment() (Closes: #643817)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.7

  [ Ben Hutchings ]
  * [powerpc] Change ATA, PATA_MACIO from module to built-in (Closes: #641210)
  * [powerpc] Change IDE, IDE_GD from built-in to module
  * Add stable 3.0.8, including:
    - cputimer: Cure lock inversion
    - drm/ttm: ensure ttm for new node is bound before calling move_notify()
    - drm/ttm: unbind ttm before destroying node in accel move cleanup
    - CIFS: Fix ERR_PTR dereference in cifs_get_root
    - xfs: start periodic workers later
    - mm: fix race between mremap and removing migration entry
    - x25: Prevent skb overreads when checking call user data
    - crypto: ghash - Avoid null pointer dereference if no key is set
      (CVE-2011-4081)
    - hfsplus: Fix kfree of wrong pointers in hfsplus_fill_super() error path
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.8
  * [{mips,mipsel}/{4,5}kc-malta] Disable X.25, as in all other configurations
  * ark3116: Fix initialisation order (Closes: #640391)
  * Add empty files to trigger generation of kernel-image udebs
  * aufs: Update to aufs3.0-20111031 (Closes: #644687)
  * xfs: Fix possible memory corruption in xfs_readlink (CVE-2011-4077)
  * oom: fix integer overflow of points in oom_badness (CVE-2011-4097)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 01 Nov 2011 14:50:06 +0000

linux-2.6 (3.0.0-5) unstable; urgency=low

  [ Ben Hutchings ]
  * Bump ABI to 2
  * kobj_uevent: Ignore if some listeners cannot handle message
    (Closes: #641661)
  * Build udebs for the installer
  * Add stable 3.0.5 and 3.0.6, including:
    - TTY: pty, fix pty counting
    - pata_via: disable ATAPI DMA on AVERATEC 3200
    - atm: br2684: Fix oops due to skb->dev being NULL
    - alarmtimers: Avoid possible null pointer traversal
    - alarmtimers: Memset itimerspec passed into alarm_timer_get
    - alarmtimers: Avoid possible denial of service with high freq periodic
      timers
    - rtc: Fix RTC PIE frequency limit
    - x86, perf: Check that current->mm is alive before getting user callchain
    - xen/smp: Warn user why they keel over - nosmp or noapic and what to use
      instead. (Closes: #637308)
    - drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate
    - net/9p: fix client code to fail more gracefully on protocol error
    - virtio: Fix the size of receive buffer packing onto VirtIO ring.
    - virtio: VirtIO can transfer VIRTQUEUE_NUM of pages.
    - fs/9p: Fid is not valid after a failed clunk.
    - fs/9p: When doing inode lookup compare qid details and inode mode bits.
    - fs/9p: Always ask new inode in create
    - net/9p: Fix the msize calculation.
    - 9p: close ACL leaks
    - fs/9p: Add fid before dentry instantiation
    - net/9p: Fix kernel crash with msize 512K
    - fs/9p: Always ask new inode in lookup for cache mode disabled
    - vfs: restore pinning the victim dentry in vfs_rmdir()/vfs_rename_dir()
    - cifs: fix possible memory corruption in CIFSFindNext (CVE-2011-3191)
    - writeback: introduce .tagged_writepages for the WB_SYNC_NONE sync stage
    - writeback: update dirtied_when for synced inode to prevent livelock
    - fib:fix BUG_ON in fib_nl_newrule when add new fib rule
    - scm: Capture the full credentials of the scm sender
    - vlan: reset headers on accel emulation path
    - xfrm: Perform a replay check after return from async codepaths
    - bridge: Pseudo-header required for the checksum of ICMPv6
    - bridge: fix a possible use after free
    - TPM: Call tpm_transmit with correct size (CVE-2011-1161)
    - TPM: Zero buffer after copying to userspace (CVE-2011-1162)
    - ALSA: fm801: Gracefully handle failure of tuner auto-detect
      (Closes: #641946)
    - btrfs: fix d_off in the first dirent
    - ARM: 7091/1: errata: D-cache line maintenance operation by MVA may not
      succeed
    - ARM: 7099/1: futex: preserve oldval in SMP __futex_atomic_op
    - ALSA: usb-audio: Check for possible chip NULL pointer before clearing
      probing flag
    - cfg80211: Fix validation of AKM suites
    - iwlagn: fix dangling scan request
    - block: Free queue resources at blk_release_queue() (Closes: #631187)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.5
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.6
  * Make taskstats require root access (CVE-2011-2494)

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.0.6-rt16 (Closes: #643301)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 05 Oct 2011 15:14:34 +0100

linux-2.6 (3.0.0-4) unstable; urgency=low

  [ Ben Hutchings ]
  * Make bug script accept failure of lspci (Closes: #639439)
  * [alpha] Disable GENERIC_GPIO (Closes: #638696)
  * Add stable 3.0.4, including:
    - loop: fix deadlock when sysfs and LOOP_CLR_FD race against each other
    - Btrfs: fix an oops of log replay
    - ext4: Fix ext4_should_writeback_data() for no-journal mode
    - ext4: call ext4_ioend_wait and ext4_flush_completed_IO in ext4_evict_inode
    - ext4: Resolve the hang of direct i/o read in handling
      EXT4_IO_END_UNWRITTEN.
    - ext4: fix nomblk_io_submit option so it correctly converts uninit blocks
    - xen-blkfront: Drop name and minor adjustments for emulated scsi devices
    - xen/x86: replace order-based range checking of M2P table by linear one
    - rt2x00: fix order of entry flags modification
    - Add a personality to report 2.6.x version numbers
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.4
  * sendmmsg/sendmsg: fix unsafe user pointer access
  * rt2x00: fix crash in rt2800usb_write_tx_desc
  * rt2x00: fix crash in rt2800usb_get_txwi (Closes: #636531)
  * [sparc] Only Panther cheetah+ chips have POPC (Closes: #639949)
  * uvcvideo: Fix crash when linking entities (Closes: #637740)
  * Update Spanish debconf template translations (Omar Campagne)
    (Closes: #636242)

  [ Moritz Muehlenhoff ]
  * Update German Debconf translation. Thanks to Holger Wansing
    (Closes: #641487)

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.0.4-rt14

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 19 Sep 2011 14:40:42 +0100

linux-2.6 (3.0.0-3) unstable; urgency=low

  [ Ben Hutchings ]
  * Disable SENSORS_SHT15, unlikely to be usable on any supported platform
    (Closes: #638696)
  * Add stable 3.0.3, including:
    - atm: br2864: sent packets truncated in VC routed mode (Closes: #638656)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.3
  * netfilter: TCP and raw fix for ip_route_me_harder (fixes case where
    SNAT/masquerading is not done)
  * Remove net device features from bug reports (Closes: #638956)
  * [mips,mipsel] Ignore nfs ABI changes made in 3.0.0-2; fixes FTBFS
  * genirq: Fix wrong bit operation
  * befs: Validate length of long symbolic links (CVE-2011-2928)
  * CIFS: Fix memory corruption on mount (Closes: #635344)
  * x86-32, vdso: On system call restart after SYSENTER, use int $0x80
  * drm/ttm: fix ttm_bo_add_ttm(user) failure path
  * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 27 Aug 2011 08:04:02 +0100

linux-2.6 (3.0.0-2) unstable; urgency=high

  [ Aurelien Jarno ]
  * Add configuration files for s390x architecture.

  [ Ben Hutchings ]
  * linux-libc-dev: Install include/asm under arch-specific directory
    (thanks to Aurelien for correcting the directory); mark package as
    multi-arch-coinstallable (Multi-Arch: same)
  * [powerpc] Use libata-based drivers for most PATA controllers
    (Closes: #636854):
    - Various drivers replaced as for x86 in 2.6.32-10
    - pata_macio replaces ide_pmac
  * Add stable 3.0.2, including:
    - net: Cap number of elements for sendmmsg
    - net: Fix security_socket_sendmsg() bypass problem
    - [x86] xen: allow enable use of VGA console on dom0
    - net: Compute protocol sequence numbers and fragment IDs using MD5
    - cifs: cope with negative dentries in cifs_get_root
    - ALSA: snd-usb: avoid dividing by zero on invalid input
    - ipv6: make fragment identifications less predictable (CVE-2011-2699)
    - sch_sfq: fix sfq_enqueue() (Closes: #631945)
    - gre: fix improper error handling
    - ecryptfs: Add mount option to check uid of device being mounted
      = expect uid
    - ecryptfs: Return error when lower file pointer is NULL
    - ext{3,4}: Properly count journal credits for long symlinks
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.2
  * [x86] Enable RTS_PSTOR as module

  [ maximilian attems ]
  * Add stable 3.0.1, including:
    - gro: Only reset frag0 when skb can be pulled (CVE-2011-2723)
    - staging: comedi: fix infoleak to userspace (CVE-2011-2909)
    - rtc: limit frequency
    - CIFS: Fix oops while mounting with prefixpath
    - [SCSI] fix crash in scsi_dispatch_cmd()
    - tracing: Fix bug when reading system filters on module removal
    - tracing: Have "enable" file use refcounts like the "filter" file
    - ext4: fix i_blocks/quota accounting when extent insertion fails
    - ext4: free allocated and pre-allocated blocks when check_eofblocks_fl
      fails
    - ext3: Fix oops in ext3_try_to_allocate_with_rsv()
    - nfsd4: remember to put RW access on stateid destruction
    - nfsd4: fix file leak on open_downgrade
    - NFS: Fix spurious readdir cookie loop messages
    - proc: fix a race in do_io_accounting()
    - ipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID
    - [armel,armhf,hppa] dm io: flush cpu cache with vmapped io
    - dm snapshot: flush disk cache when merging
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.1

  [ Jonathan Nieder ]
  * perf: do not look at ./config for configuration (Closes: #632923)
    (CVE-2011-2905)

  [ Uwe Kleine-König ]
  * [amd64] Update rt featureset to 3.0.1-rt11

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 16 Aug 2011 06:08:53 +0100

linux-2.6 (3.0.0-1) unstable; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_3.0

  [ maximilian attems ]
  * Topconfig enable modular VIDEO_SR030PC30, VIDEO_NOON010PC30,
    SOC_CAMERA_IMX074, SOC_CAMERA_OV2640, SOC_CAMERA_OV6650,
    SOC_CAMERA_OV9740, USB_YUREX.
  * [x86] enable modular VIDEO_VIA_CAMERA.
  * [x86_32] enable modular XO15_EBOOK.
  * ALSA: hda - Enable auto-parser as default for Conexant codecs.

  [ Ben Hutchings ]
  * linux-support, linux-tools: Use dh_python2 instead of dh_pysupport
  * aufs: Update for 3.0
  * [amd64] Enable PCMCIA_AHA152X as module (Closes: #632929)
  * Update debconf template translations:
    - Slovak (Slavko)
  * [x86] comedi: Enable the same drivers as in stable (squeeze), except
    for ISA drivers on amd64 (Closes: #633516)
  * Reduce required initramfs-tools version to 0.99~, to ease backporting
  * [armhf/mx5] Explicitly configure this flavour to support i.MX51; it
    is not currently possible to support other i.MX5x processors as well

  [ Arnaud Patard ]
  * Merge ixp4xx build fix and enable ixp4xx back
 
  [ Aurelien Jarno ]
  * [mips/octeon] Disable MEGARAID_SAS, SUSPEND, HIBERNATION, PM_RUNTIME.
    Enable FUSION, FUSION_SAS, HW_RANDOM, HW_RANDOM_OCTEON, 
    OCTEON_MGMT_ETHERNET, CONFIG_OCTEON_ETHERNET.

  [ Bastian Blank ]
  * [xen] Allow autoloading of backend drivers.

  [ Uwe Kleine-König ]
  * [amd64] Add rt featureset with 3.0-rt2 patch set

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 24 Jul 2011 02:42:27 +0200

linux-2.6 (3.0.0~rc6-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ maximilian attems ]
  * Topconfig enable modular USB_NET_KALMIA, I2C_DIOLAN_U2C, SMBUS,
    SENSORS_SMBUS, SENSORS_SHT21, SENSORS_EMC6W201, SENSORS_SCH5627,
    SENSORS_ADS1015, SENSORS_W83795, SENSORS_DS620, SENSORS_LINEAGE,
    SENSORS_LTC4151, SENSORS_LTC4261, SENSORS_MAX16065, SENSORS_MAX6639,
    SENSORS_MAX6642, BT_WILINK.
  * [x86_32] enable modular I2C_PXA.
  * [x86] enable modular SENSORS_FAM15H_POWER.
  * drm/i915: Hold struct_mutex during i915_save_state/i915_restore_state.
  * [thinkpad]: Add KEY_MICMUTE and enable it on Lenovo X220.
  * [m68k]: resources: Add lookup_resource().
  * m68k/atari: Reserve some ST-RAM early on for device buffer use.
  * ALSA: hda - Handle -1 as invalid position, too
  * ALSA: hda - Judge playback stream from stream id in azx_via_get_position()

  [ Ben Hutchings ]
  * [x86] Enable SCSI_ISCI as module

 -- maximilian attems <maks@debian.org>  Tue, 05 Jul 2011 11:05:43 +0200

linux-2.6 (3.0.0~rc5-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    -  fix wrong iput on d_inod. (closes: #631255, #631802)

  [ maximilian attems ]
  * [x86] enable some comedi modules. (closes: #631199)
  * [kirkwood] Enable sound support for the HP t5325 (closes: #631762)

  [ Arnaud Patard ]
  * [armel] disable ixp4xx, until upstream agrees on how to fix
  the build error
  * [armel] Remove configuration options which don't exist anymore
  * [armhf] disable net dma/async tx on mx5 as it can't work

 -- maximilian attems <maks@debian.org>  Tue, 28 Jun 2011 11:55:21 +0200

linux-2.6 (3.0.0~rc4-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    - drm/i915: Fixes. (closes: #627976)

  [ maximilian attems ]
  * [x86] enable modular INTEL_OAKTRAIL, ACPI_APEI_PCIEAER.
  * Topconfig enable modular RADIO_WL1273, RADIO_WL128X.

  [ Ben Hutchings ]
  * rt2800pci: Add device ID for RT539F device (Closes: #630960)
  * atm: Enable for all architectures except m68k, s390 (Closes: #630900)

 -- maximilian attems <maks@debian.org>  Tue, 21 Jun 2011 15:00:23 +0200

linux-2.6 (3.0.0~rc3-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * [i386] idle: EXPORT_SYMBOL(default_idle, pm_idle) if
    CONFIG_APM_MODULE (only); fixes FTBFS

  [ maximilian attems ]
  * Update configs.
  * Topconfig enable BPF_JIT. (closes: #630553)
  * Update debconf pt (Américo Monteiro) translations. (closes: #627631)
  * Add kbuild fixes out of linux-next.

 -- maximilian attems <maks@debian.org>  Thu, 16 Jun 2011 15:04:33 +0200

linux-2.6 (3.0.0~rc2-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ maximilian attems ]
  * Newer Standards-Version 3.9.2 without changes.
  
  [ Hector Oron ]
  * [armel/iop32x] Fix FTBFS (Closes: #629342)

  [ Aurelien Jarno ]
  * [mips,mipsel] Update arch/mips/kernel/i8259.c to fix FTBFS.
  * [mips,mipsel] Remove explicit disable of CONFIG_DRM_NOUVEAU and 
    CONFIG_DRM_RADEON_KMS.

  [ Ben Hutchings ]
  * perf: Cancel -Werror compiler option; fixes FTBFS with perl 5.14
  * qla4xxx: Remove our fix for #598503; it has now been fixed upstream
    in a different way and the two changes resulted in FTBFS
  * [ia64] nouveau: Disable ACPI support. It probably wasn't very useful
    on ia64, and now depends on mxm-wmi which is definitely x86-only.
  * Make gcc-4.5 the default compiler (except for alpha, hppa and m68k)
  * Restore xen-linux-system-<version>-<flavour> packages

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 09 Jun 2011 01:10:53 +0100

linux-2.6 (3.0.0~rc1-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * [x86] Enable BACKLIGHT_APPLE, replacing BACKLIGHT_MBP_NVIDIA
    (Closes: #627492)
  * cgroups: Disable memory resource controller by default. Allow it
    to be enabled using kernel parameter 'cgroup_enable=memory'.
  * rt2800usb: Enable support for more USB devices including
    Linksys WUSB600N (Closes: #596626) (this change was accidentally
    omitted from 2.6.39-1)
  * fs: Enable FHANDLE
  * cgroups: Enable CGROUP_MEM_RES_CTLR_SWAP but not
    CGROUP_MEM_RES_CTLR_SWAP_ENABLED. Swap accounting can be enabled
    using kernel parameter 'swapaccount'.
  * ipv4: Enable IP_FIB_TRIE_STATS
  * netfilter: Enable IP_SET, IP_SET_BITMAP_IP, IP_SET_BITMAP_IPMAC,
    IP_SET_BITMAP_PORT, IP_SET_HASH_IP, IP_SET_HASH_IPPORT,
    IP_SET_HASH_IPPORTIP, IP_SET_HASH_IPPORTNET, IP_SET_HASH_NET,
    IP_SET_HASH_NETPORT, IP_SET_LIST_SET, NETFILTER_XT_SET as modules
  * net/sched: Enable NET_SCH_QFQ as module
  * can: Enable CAN_SOFTING, CAN_SOFTING_CS as modules
  * mtd: Enable MTD_SWAP as module
  * of, proc: Enable PROC_DEVICETREE
  * dm: Enable DM_RAID, DM_FLAKEY as modules. Note these are currently
    experimental.
  * target: Enable TCM_FC as module
  * net/wireless/ath: Enable CARL9170 as module (carl9170, replacing
    ar9170usb)
  * rtlwifi: Enable RTL8192SE as module (Closes: #590280)
  * net/wireless: Enable MWIFIEX, MWIFIEX_SDIO as modules
  * net/usb: Enable USB_VL600 as module
  * tablet: Enable drivers for all possible architectures and flavours
  * tablet: Enable TABLET_USB_HANWANG as module
  * pps: Enable PPS_CLIENT_PARPORT as module
  * ptp: Enable PTP_1588_CLOCK, PTP_1588_CLOCK_GIANFAR,
    PTP_1588_CLOCK_IXP46X as modules
  * [x86] watchdog: Enable SP5100_TCO, NV_TCO as modules
  * media/rc: Enable IR_REDRAT3, RC_LOOPBACK as module
  * [x86] media/rc: Enable IR_ITE_CIR, IR_FINTEK as modules
  * gspca: Enable USB_GSPCA_KINECT as module
  * [i386] radio: Enable RADIO_MIROPCM20 as module
  * s3fb: Enable FB_S3_DDC
  * viafb: Enable FB_VIA_X_COMPATIBILITY
  * es1968: Enable SND_ES1968_RADIO
  * sound: Enable SND_ISIGHT, SND_LOLA as modules
  * hid: Enable HID_ACRUX, HID_EMS_FF, HID_KEYTOUCH, HID_LCPOWER,
    HID_MULTITOUCH, HID_ROCCAT_ARVO, HID_ROCCAT_KONEPLUS,
    HID_ROCCAT_KOVAPLUS as modules
  * usb-storage: Enable USB_STORAGE_REALTEK, USB_STORAGE_ENE_UB6250 as
    modules
  * mmc: Enable MMC_VUB300, MMC_USHC as modules
  * memstick: Enable MEMSTICK_R592 as module
  * [x86] edac: Enable EDAC_I7300 as module
  * [i386] staging, video: Enable FB_OLPC_DCON as module
  * [x86] staging, drm: Enable DRM_PSB as module
  * crypto, net: Enable CRYPTO_USER_API_HASH, CRYPTO_USER_API_SKCIPHER as
    modules
  * [x86] block, xen: Enable XEN_BLKDEV_BACKEND as module

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 01 Jun 2011 06:41:14 +0100

linux-2.6 (2.6.39-3) unstable; urgency=low

  [ Ben Hutchings ]
  * [x86] i915: Revert "drm/i915: Enable GMBUS for post-gen2 chipsets"
    (Closes: #627575)
  * linux-source-<version>: Suggest libqt4-dev (for 'make xconfig')
    instead of libqt3-mt-dev (Closes: #631666)
  * [armhf] Add omap flavour, thanks to Sebastian Reichel
  * [armhf] rtc-twl: Switch to using threaded irq
  * bridge/netfilter: provide a cow_metrics method for fake_ops
    (Closes: #629932)
  * Update debconf template translations:
    - Danish (Joe Dalton) (Closes: #632551)
    - Slovak (Slavko) (Closes: #608684)
  * partitions/efi: Fix crash (oops) caused by corrupted GUID partition
    table (CVE-2011-1577)
  * ksm: fix NULL pointer dereference in scan_get_next_rmap_item()
    (CVE-2011-2183)
  * inet_diag: Fix infinite loop in inet_diag_bc_audit() (CVE-2011-2213)
  * taskstats: don't allow duplicate entries in listener mode (CVE-2011-2484)
  * bluetooth: Prevent buffer overflow in l2cap config request
    (CVE-2011-2497)

  [ maximilian attems ]
  * Add stable 2.6.39.2, including:
    - block: Fix crash (oops) in blkdev_get() on failed exclusive open
      (Closes: #631574)
    - nl80211: fix check for valid SSID size in scan operations (CVE-2011-2517)
    - drm/radeon/kms: viewport height has to be even
    - drm/radeon/kms: fix for radeon on systems >4GB without hardware iommu
    - fat: Fix corrupt inode flags when remove ATTR_SYS flag
    - scsi:  Fix oops caused by queue refcounting failure
    - cifs: don't allow cifs_reconnect to exit with NULL socket pointer
    - drm/radeon/kms: do bounds checking for 3D_LOAD_VBPNTR and bump array
      limit
    - TOMOYO: Fix oops in tomoyo_mount_acl() (CVE-2011-2518)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 04 Jul 2011 07:08:10 +0100

linux-2.6 (2.6.39-2) unstable; urgency=low

  [ Ben Hutchings ]
  * [x86] Enable BACKLIGHT_APPLE, replacing BACKLIGHT_MBP_NVIDIA
    (Closes: #627492)
  * cgroups: Disable memory resource controller by default. Allow it
    to be enabled using kernel parameter 'cgroup_enable=memory'.
  * rt2800usb: Enable support for more USB devices including
    Linksys WUSB600N (Closes: #596626) (this change was accidentally
    omitted from 2.6.39-1)
  * [x86] Remove Celeron from list of processors supporting PAE. Most
    'Celeron M' models do not.
  * Update debconf template translations:
    - Swedish (Martin Bagge) (Closes: #628932)
    - French (David Prévot) (Closes: #628191)
  * aufs: Update for 2.6.39 (Closes: #627837)
  * Add stable 2.6.39.1, including:
    - ext4: dont set PageUptodate in ext4_end_bio()
    - pata_cmd64x: fix boot crash on parisc (Closes: #622997, #622745)
    - ext3: Fix fs corruption when make_indexed_dir() fails
    - netfilter: nf_ct_sip: validate Content-Length in TCP SIP messages
    - sctp: fix race between sctp_bind_addr_free() and
      sctp_bind_addr_conflict()
    - sctp: fix memory leak of the ASCONF queue when free asoc
    - md/bitmap: fix saving of events_cleared and other state
    - cdc_acm: Fix oops when Droids MuIn LCD is connected
    - cx88: Fix conversion from BKL to fine-grained locks (Closes: #619827)
    - keys: Set cred->user_ns in key_replace_session_keyring (CVE-2011-2184)
    - tmpfs: fix race between truncate and writepage
    - nfs41: Correct offset for LAYOUTCOMMIT
    - xen/mmu: fix a race window causing leave_mm BUG()
    - ext4: fix possible use-after-free in ext4_remove_li_request()
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1
  * Bump ABI to 2
  * netfilter: Enable IP_SET, IP_SET_BITMAP_IP, IP_SET_BITMAP_IPMAC,
    IP_SET_BITMAP_PORT, IP_SET_HASH_IP, IP_SET_HASH_IPPORT,
    IP_SET_HASH_IPPORTIP, IP_SET_HASH_IPPORTNET, IP_SET_HASH_NET,
    IP_SET_HASH_NETPORT, IP_SET_LIST_SET, NETFILTER_XT_SET as modules
    (Closes: #629401)

  [ Aurelien Jarno ]
  * [mipsel/loongson-2f] Disable_SCSI_LPFC to workaround GCC ICE.

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 07 Jun 2011 12:14:05 +0100

linux-2.6 (2.6.39-1) unstable; urgency=low

  [ maximilian attems ]
  * [x86] Enable CRYPTO_AES_NI_INTEL for all flavours. (closes: #623631)
  * topconfig: Enable SND_USB_6FIRE, SND_FIREWIRE_SPEAKERS,
    MEDIA_CONTROLLER, DVB_USB_TECHNISAT_USB2, USB_GSPCA_NW80X,
    USB_GSPCA_VICAM, XEN_WDT, LOOPBACK_TARGET.
  * [x86] Enable modular XEN_NETDEV_BACKEND.
  * topconfig enable mem cgroup RESOURCE_COUNTERS, CGROUP_MEM_RES_CTLR.
    (closes: #534964)
  * Cleanup configs.

  [ Ben Hutchings ]
  * [!x86] Disable TPM drivers. TPMs are currently only fitted in PCs.
  * rt2800usb: Enable support for more USB devices including
    Linksys WUSB600N (Closes: #596626)
  * mm: Select SLAB allocator again. Although SLUB is currently the
    upstream default, this was set as an experiment rather than a
    recommendation! SLUB generally has poorer performance than SLAB on
    larger systems.
  * postinst: Remove specific support for running a ramdisk creator;
    warn users that specify one in /etc/kernel-img.conf
  * Require initramfs-tools >= 0.99, which installs a postinst hook

  [ Arnaud Patard ]
  * [armel] Disable eeti touchscreen driver due to missing irq_to_gpio on
    several platforms.

 -- maximilian attems <maks@debian.org>  Thu, 19 May 2011 15:34:37 +0200

linux-2.6 (2.6.39~rc7-1~experimental.1) experimental; urgency=low

  * [x86] Enable modular ASUS_WMI and ASUS_NB_WMI. (closes: #626141)
  * [x86] Enable modular DELL_WMI_AIO, HP_ACCEL, INTEL_IPS, ACPI_IPMI.
  * [x86/486] Enable modular XO1_RFKILL, XO15_EBOOK.
  * topconfig: Enable modular NF_CONNTRACK_TIMESTAMP, NF_CONNTRACK_SNMP,
    NETFILTER_XT_TARGET_AUDIT, NETFILTER_XT_MATCH_ADDRTYPE,
    NETFILTER_XT_MATCH_DEVGROUP, NET_SCH_SFB, NET_SCH_MQPRIO, NET_SCH_CHOKE,
    SATA_ACARD_AHCI, PATA_ARASAN_CF, SCSI_BNX2X_FCOE.
  * Add nl debconf template translation. (closes: #622967)
    Thanks willem kuyn <willemkuyn@gmail.com>.
  * topconfig Enable modular RTL8192CU. (closes: #625613)

 -- maximilian attems <maks@debian.org>  Tue, 10 May 2011 15:11:00 +0200

linux-2.6 (2.6.39~rc6-1~experimental.1) experimental; urgency=low

  * New upstream release candidate  

  [ maximilian attems ]
  * Enable SQUASHFS_{LZO,XZ}. (closes: #613658)
  * [x86] Enable EASYCAP. (closes: #624505)

  [ Ben Hutchings
  * xhci-hcd: Include <linux/slab.h> in xhci-pci.c (fixes FTBFS on armel)
  * [x86] Enable BRCMSMAC; the brcmsmac module replaces brcm80211
    (Closes: #625510)

  [ Aurelien Jarno ]
  * drm/nouveau, drm/radeon: remove fix for non-powerpc/sparc/x86.
  * [mips,mipsel] Disabled CONFIG_DRM_NOUVEAU and CONFIG_DRM_RADEON_KMS.
  * [mips/octeon] Disabled CONFIG_HOTPLUG_CPU and CONFIG_PM.

 -- maximilian attems <maks@debian.org>  Sun, 08 May 2011 12:23:15 +0200

linux-2.6 (2.6.39~rc5-1~experimental.1) experimental; urgency=low

  * New upstream release candidate  

  [ Ben Hutchings ]
  * [powerpc] kexec: Fix build failure on 32-bit SMP
  * net/wireless: Adjust config for iwlegacy/iwlwifi split (Closes: #624124)
    - Enable IWLWIFI_LEGACY as module
    - Enable IWL4965 as module; it is no longer part of the iwlagn module
  * [armhf] Actually install zImage into the linux-image package, thanks to
    Sebastian Reichel
  * [armhf] Build a linux-tools package
  * Fix configuration for features that are no longer modular, thanks to
    Sedat Dilek (Closes: #624372):
    - bluetooth: Re-enable BT_L2CAP and BT_SCO as part of bluetooth module
    - leds: Explicitly enable LEDS_CLASS as built-in
    - mfd: Explicitly disable MFD_WM8994

  [ Aurelien Jarno ]
  * drm/nouveau, drm/radeon: fix build failure on mips.

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 29 Apr 2011 06:04:13 +0100

linux-2.6 (2.6.39~rc4-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * [i386] Rename '686-bigmem' flavour to '686-pae'; remove '686' flavour.
    For 686-class systems without PAE, the '486' flavour is more efficient
    than the '686' flavour due to optimisation for uniprocessor systems.
  * Add armhf architecture with mx5 flavour, thanks to Hector Oron and
    Vagrant Cascadian (Closes: #621032)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 24 Apr 2011 03:21:31 +0100

linux-2.6 (2.6.38-5) unstable; urgency=medium

  [ Thorsten Glaser ]
  * [m68k] atari: Enable and compile in generic RTC
  * [m68k] Backport the most urgent fixes from 2.6.39
    - Add helper functions to handle kernel faults, traps and
      exceptions better (used by the other patches below)
    - Add improved support for running under the ARAnyM emulator
      (its native features interface) and emulated hardware
      + block access (similar to virtio-block)
      + console access (redirection to stdout)
      + network access (Ethernet)  (Closes: #599121)
  * [m68k] Add patch from queue fixing atarifb console output on
    machines with a lot of FastRAM by reserving some ST-RAM early
  * [m68k] Add patch from mm mailing list to fix SLUB breakage

  [ Aurelien Jarno ]
  * [mips/octeon] Disable CONFIG_HOTPLUG_CPU.

  [ Ben Hutchings ]
  * rt2800pci, rt2800usb: Enable experimental support for more recent
    chips (Closes: #623808)
  * [x86] staging: Enable EASYCAP as module (Closes: #624505)
  * Add stable 2.6.38.5, including:
    - p54: Initialize extra_len in p54_tx_80211
    - nfsd4: Fix filp leak (regression introduced in 2.6.38.3)
    - radeon: PLL tweaks for R7xx
    - nouveau: Fix notifier memory corruption bug
    - radeon: Fix bad shift in atom iio table parser
    - [x86] i915: Sanitize the output registers after resume
    - [x86] ideapad: Read brightness setting on brightness key notify
    - ath9k_hw: Partially revert "fix dma descriptor rx error bit parsing"
    - [s390] pfault: fix token handling
    - ACPI/PM: Avoid infinite recurrence while registering power resources
    - [hppa] slub: Disable use with DISCONTIGMEM && !NUMA
    - vfs: avoid large kmalloc()s for the fdtable
    - agp: Fix arbitrary kernel memory writes (CVE-2011-1745)
    - agp: Fix OOM and buffer overflow (CVE-2011-1746)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5
  * [hppa] Bump ABI to 2a
  * mpt2sas: Prevent heap overflows and unchecked reads
    (CVE-2011-1494, CVE-2011-1495)
  * [armel] Prevent heap corruption in OABI semtimedop
  * can: Add missing socket check in can/bcm release (CVE-2011-1598)
  * ldm: Disable broken support for VBLK fragments (CVE-2011-1017)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 07 May 2011 21:24:55 +0100

linux-2.6 (2.6.38-4) unstable; urgency=low

  * usb-audio: Define another USB ID for a buggy USB MIDI cable
    (Closes: #617743)
  * net: Enable BATMAN_ADV as module (Closes: #622361)
  * Add stable 2.6.38.3, including:
    - eCryptfs: Unlock page in write_begin error path
    - irda: validate peer name and attribute lengths (CVE-2011-1180)
    - irda: prevent heap corruption on invalid nickname
    - nilfs2: fix data loss in mmap page write for hole blocks
    - ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0()
    - inotify: fix double free/corruption of stuct user
    - perf: Fix task_struct reference leak
    - ROSE: prevent heap corruption with bad facilities (CVE-2011-1493)
    - [x86] mtrr, pat: Fix one cpu getting out of sync during resume
    - Input: synaptics - fix crash in synaptics_module_init()
    - ath9k: fix a chip wakeup related crash in ath9k_start
    - mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS
      rates
    - UBIFS: fix oops on error path in read_pnode
    - quota: Don't write quota info in dquot_commit()
    - mm: avoid wrapping vm_pgoff in mremap()
    - wl12xx: fix potential buffer overflow in testmode nvs push
    - Bluetooth: sco: fix information leak to userspace (CVE-2011-1078)
    - bridge: netfilter: fix information leak (CVE-2011-1080)
    - Bluetooth: bnep: fix buffer overflow (CVE-2011-1079)
    - netfilter: ip_tables: fix infoleak to userspace (CVE-2011-1171)
    - netfilter: arp_tables: fix infoleak to userspace (CVE-2011-1170)
    - [x86] Revert "x86: Cleanup highmap after brk is concluded"
      (Closes: #621072)
    - Squashfs: handle corruption of directory structure
    - ext4: fix a double free in ext4_register_li_request
    - ext4: fix credits computing for indirect mapped files
    - nfsd: fix auth_domain reference leak on nlm operations
    - nfsd4: fix oops on lock failure
    - char/tpm: Fix unitialized usage of data buffer (CVE-2011-1160)
    - ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172)
    - econet: 4 byte infoleak to the network (CVE-2011-1173)
    - sound/oss: remove offset from load_patch callbacks
      (CVE-2011-1476, CVE-2011-1477)
    - inotify: fix double free/corruption of stuct user (CVE-2011-1479)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.3
  * Add stable 2.6.38.4, including:
    - vm: Fix vm_pgoff wrap in stack expansion
    - cifs: Always do is_path_accessible check in cifs_mount
    - cifs: Check for private_data before trying to put it
    - sn9c102: Restrict world-wirtable sysfs files
    - UBIFS: Restrict world-writable debugfs files
    - vm: Fix mlock() on stack guard page
    - UBIFS: Fix assertion warnings
    - perf: Fix task context scheduling
    - fib: Add rtnl locking in ip_fib_net_exit
    - l2tp: Fix possible oops on l2tp_eth module unload
    - ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries.
    - net_sched: fix ip_tos2prio
    - pppoe: drop PPPOX_ZOMBIEs in pppoe_flush_dev
    - xfrm: Refcount destination entry on xfrm_lookup
    - vlan: Take into account needed_headroom
    - bridge: Reset IPCB when entering IP stack on NF_FORWARD
    - futex: Set FLAGS_HAS_TIMEOUT during futex_wait restart setup
    - oom-kill: Remove boost_dying_task_prio()
    - UBIFS: Fix oops when R/O file-system is fsync'ed
    - sched: Fix erroneous all_pinned logic
    - vmscan: all_unreclaimable() use zone->all_unreclaimable as a name
    - next_pidmap: fix overflow condition
    - proc: Do proper range check on readdir offset
    - [powerpc] Fix oops if scan_dispatch_log is called too early
    - ehci: Unlink unused QHs when the controller is stopped
    - USB: Fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - xhci: Fix math in xhci_get_endpoint_interval()
    - xhci: Also free streams when resetting devices
    - USB: Fix unplug of device with active streams
    - bluetooth: Fix HCI_RESET command synchronization
    - bridge: Reset IPCB in br_parse_ip_options
    - ip: ip_options_compile() resilient to NULL skb route
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4
  * [s390] pfault: fix token handling (Closes: #622570)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 23 Apr 2011 03:17:53 +0100

linux-2.6 (2.6.38-3) unstable; urgency=low

  [ Ben Hutchings ]
  * [ppc64] Add to linux-tools package architectures (Closes: #620124)
  * [amd64] Save cr4 to mmu_cr4_features at boot time (Closes: #620284)
  * appletalk: Fix bugs introduced when removing use of BKL
  * ALSA: Fix yet another race in disconnection
  * cciss: Fix lost command issue
  * ath9k: Fix kernel panic in AR2427
  * ses: Avoid kernel panic when lun 0 is not mapped
  * PCI/ACPI: Report ASPM support to BIOS if not disabled from command line

  [ Aurelien Jarno ]
  * rtlwifi: fix build when PCI is not enabled.

  [ Martin Michlmayr ]
  * rtlwifi: Eliminate udelay calls with too large values (Closes: #620204)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 06 Apr 2011 13:53:30 +0100

linux-2.6 (2.6.38-2) unstable; urgency=low

  [ Ben Hutchings ]
  * kconfig: Avoid buffer underrun in choice input (fixes FTBFS on mips)
  * rt2800usb: Disable powersaving by default (Closes: #618930)
  * b43: Enable B43_PHY_N (Closes: #619070)
  * net/wireless: Enable RTL8192CE as module (Closes: #619051)
  * Add configuration for Debian architecture ppc64, matching the
    powerpc/powerpc64 flavour (Closes: #618976)
  * Enable BOOT_PRINTK_DELAY (support for the boot_delay kernel parameter)
  * [x86/!486] Enable TRANSPARENT_HUGEPAGE, TRANSPARENT_HUGEPAGE_MADVISE
    (Closes: #618924)
  * [x86/486] Enable X86_32_IRIS (IRIS power-off support) (Closes: #619493)
  * Add stable 2.6.38.1, including:
    - RDMA/cma: Fix crash in request handlers (CVE-2011-0695)
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1
  * radeon: Add some sanity checks to obj info record parsing, thanks
    to John Lindgren (Closes: #618847)
  * [x86] KVM: remove isr_ack logic from PIC (Closes: #612105)
  * Add stable 2.6.38.2, including:
    - cgroups: If you list_empty() a head then don't list_del() it
    - oom: Fix various bugs in victim task selection
    - xen-kbdfront: Advertise either absolute or relative coordinates
    - signal: Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing
      the signal code (CVE-2011-1182)
    - ext3: Skip orphan cleanup on rocompat fs
    - sysctl: Restrict write access to dmesg_restrict
    - proc: Protect mm start_code/end_code in /proc/pid/stat
    - nfsd: Fix internal NFSv4.1 operation flags to be non-overlapping
    - nfsd: Fix wrong limit used in NFSv4 session creation
    - USB: Do not pass negative length to snoop_urb()
    - cdc-acm: Fix various bugs that can lead to a crash or memory corruption
    - fs: Fix deadlock in pivot_root()
    - fs: Assign sb->s_bdi to default_backing_dev_info if the bdi is going away
    - x86: Cleanup highmap after brk is concluded
    - NFS: Fix a hang/infinite loop in nfs_wb_page()
    - ext4: Skip orphan cleanup if fs has unknown ROCOMPAT features
    For the complete list of changes, see:
     http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.2
  * [amd64] media/rc: Enable IR_NUVOTON as module (Closes: #619937)
  * [x86] media/rc: Enable IR_WINBOND_CIR as module
  * [x86] Enable DEBUG_SET_MODULE_RONX (Closes: #619838)
  * SCSI: Enable TARGET_CORE and related modules (Closes: #619298)
  * [hppa] Remove .size directive for flush_alias_page (should fix FTBFS)

  [ Jurij Smakov ]
  * Bump CONFIG_NR_CPUS on sparc to 256 to accomodate T2+ machines
    (Closes: #619435)
  * Bump ABI to 2

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 29 Mar 2011 05:31:03 +0100

linux-2.6 (2.6.38-1) unstable; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_38

  [ Ben Hutchings ]
  * Move firmware-linux-free to separate source package (firmware-free)
  * Move linux-base to separate source package
  * net/can: Enable CAN_SLCAN as module (Closes: #617629)
  * sound: Enable SND_ALOOP as module (Closes: #617869)
  * Remove the Big Kernel Lock:
    - adfs,appletalk,i810,ufs,usbip: Refactor locking
    - hpfs: Disable HPFS_FS
  * ext4: Disable FS_IOC_FIEMAP ioctl temporarily (together with fixes
    for btrfs in 2.6.38, closes: #615035)
  * sched: Build with SCHED_AUTOGROUP, but do not enable autogrouping by
    default (use sysctl kernel.sched_autogroup_enabled=1) (Closes: #618486)
  * Set ABI to 1

  [ Aurelien Jarno]
  * mips/malta-[45]kc: 
    - disable ATM, TR, WAN.
    - synchronize options in malta-4kc and malta-5kc.

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 16 Mar 2011 04:47:57 +0000

linux-2.6 (2.6.38~rc8-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * [sparc] Fix .size directive for do_int_load
  * [arm] Fix .size directive for xscale_dma_a0_map_area

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 12 Mar 2011 03:31:52 +0000

linux-2.6 (2.6.38~rc7-1~experimental.1) experimental; urgency=low

  [ maximilian attems ]
  * New upstream release candidate
    - swiotlb: Fix wrong panic (Closes: #615990)
  * x86: Set DRM_I915_KMS on request by xorg team.

  [ Ben Hutchings ]
  * [x86] Correct typos in label names in two asm functions (Closes: #616426)
  * [x86] Enable VT6656, loading firmware from a separate file (requires
    firmware-linux-nonfree 0.29) (Closes: #568454)
  * perf: Build with libdwarf for improved analysis capabilities
  * perf: Build with newt for improved user interface (Closes: #615868)
  * aufs: Update for 2.6.38
  * aufs: Fix device numbers passed to security_path_mknod()
  * dib0700/dib7000m: Add pid filtering (Closes: #614837)
  * [powerpc] Revert fb module changes (Closes: #614221)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 08 Mar 2011 02:34:04 +0000

linux-2.6 (2.6.38~rc6-1~experimental.1) experimental; urgency=low

  [ Ben Hutchings ]
  * New upstream release candidate
    - drm/radeon/kms: hopefully fix pll issues for real (v3) (Closes: #614566)
    - r8169: Keep firmware in memory (Closes: #609538)
    - [sparc] Fix misaligned tracing information which the module loader
      does not support (Closes: #609371)
    - [sh4] Export cpu_core_map to fix build failure with CONFIG_SFC=m.
    - [armel] Support for Buffalo LS-CHL (Closes: #590105).
    - btrfs: Prevent heap corruption in btrfs_ioctl_space_info()
      (CVE-2011-0699)
    - [s390] Remove task_show_regs (CVE-2011-0710)
  * DFSG: Remove drivers/staging/ft1000/ft1000-pcmcia/boot.h, non-free
    firmware for a driver we don't build (Closes: #609448)
  * module,bug: Add TAINT_OOT_MODULE flag for modules that weren't built
    in-tree

  [ maximilian attems ]
  * [x86] linux-images suggest extlinux, s/grub/grub-pc/. (closes: #613909)

  [ Aurelien Jarno]
  * mips/swarm: enable PATA drivers that have been lost during IDE -> PATA
    conversion.
  * mips/malta-[45]kc: set VIRTUALIZATION.

 -- maximilian attems <maks@debian.org>  Tue, 22 Feb 2011 14:36:33 +0100

linux-2.6 (2.6.37-2) unstable; urgency=low

  [ Ben Hutchings ]
  * Add stable 2.6.37.1:
    - libata: Set queue DMA alignment to sector size for ATAPI too
    - USB: serial: add missing .usb_driver field in serial drivers
    - USB: EHCI: fix scheduling while atomic during suspend
    - zram: Fix data corruption issue
    - brcm80211: Fix suspend/resume issue
    - ath9k: Fix system hang when resuming from S3/S4
    - SCSI: Fix medium error problems with some arrays which can cause
      data corruption
    - libsas: Fix runaway error handler problem
    - NFS: Don't use vm_map_ram() in readdir
    - NFS: Fix NFSv3 exclusive open semantics
    - /proc/kcore: Fix seeking
    - mm: Fix migration hangs on anon_vma lock
    - writeback: Stop background/kupdate works from livelocking other works
    - writeback: Avoid livelocking WB_SYNC_ALL writeback
    - ext4: Fix trimming of a single group
    - af_unix: Avoid socket->sk NULL OOPS in stream connect security hooks
    - virtio_net: Add schedule check to napi_enable call
    - ptrace: Use safer wake up on ptrace_detach()
    - net: Fix ip link add netns oops
    - SMP: Fix smp_call_function_many() SMP race
    - md: Ensure no IO request to get md device before it is properly
      initialised
    - PM/runtime: Don't enable interrupts while running in_interrupt
    - [x86] mm: Avoid possible bogus TLB entries by clearing prev
      mm_cpumask after switching mm
  * Kbuild: Include localversion file in linux-headers-*; fixes output
    of 'make kernelrelease'
  * Add stable 2.6.37.2:
    - nfsd: Memory corruption due to writing beyond the stat array
    - xen: p2m: Correctly initialize partial p2m leaf
    - av7110: Check for negative array offset (CVE-2011-0521)
    - cred: Fix kernel panic upon security_file_alloc() failure
    - btrfs: Prevent heap corruption in btrfs_ioctl_space_info()
      (CVE-2011-0699)
    - cred: Fix BUG() upon security_cred_alloc_blank() failure
    - cred: Fix memory and refcount leaks upon security_prepare_creds()
      failure
    - PCI: Use security_capable() when checking capablities during config
      space read
    - [s390] Remove task_show_regs (CVE-2011-0710)
    - PM/hibernate: Return error code when alloc_image_page() fails
    - fs/partitions: Validate map_count in Mac partition tables
    - workqueue: Wake up a worker when a rescuer is leaving a gcwq
    - ALSA: caiaq - Fix possible string-buffer overflow
  * Set ABI to 2

  [ Martin Michlmayr ]
  * [armel/orion5x] Re-enable all devices.
  * [armel/kirkwood] Re-enable Seagate FreeAgent DockStar support.

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 26 Feb 2011 03:16:16 +0000

linux-2.6 (2.6.37-1) unstable; urgency=low

  [ Ben Hutchings ]
  * [arm] ixp4xx: Revert build fix, now applied upstream which resulted
    in another build failure
  * r8169: Keep firmware in memory (Closes: #609538)
  * r8712u: Firmware filename is rtlwifi/rtl8712u.bin (Closes: #602450)
  * [sparc] Fix misaligned tracing information which the module loader
    does not support (Closes: #609371)
  * Set ABI to 1
  * Add aufs2.1, marked as staging (Closes: #573189, #613248)
  * fs/notify: Enable FANOTIFY (Closes: #599877)
  * acer-wmi, aic94xx, asus_acpi, iscsi, janz-ican3, rtc-ds1511, tc1100-wmi:
    Restrict write permissions on files in procfs/sysfs
  * nbd: Remove module-level ioctl mutex mistakenly introduced in 2.6.37
  * [x86] crypto: Re-enable AES_NI_INTEL as module (Closes: #597658)
  * [powerpc] video/fb: Enable FB_VGA16 as built-in; build FB_CT65550,
    FB_NVIDIA, FB_MATROX, FB_RADEON, FB_ATY128, FB_ATY, FB_SIS, FB_3DFX
    as modules (Closes: #609615)

  [ Aurelien Jarno ]
  * [sh4] Export cpu_core_map to fix build failure with CONFIG_SFC=m.
  * [mips/5kc-malta] Enable CONFIG_VGA_CONSOLE.

  [ Bastian Blank ]
  * Enable CIFS fscache and ACL support.
  * Enable Xen PCI frontend.

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 15 Feb 2011 04:14:09 +0000

linux-2.6 (2.6.37-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_37
    - starfire: Fix dma_addr_t size test for MIPS (fixes FTBFS)
    - watchdog: Improve failure message and documentation (Closes: #608138)

  [ Ben Hutchings ]
  * i2c-i801: Include <linux/slab.h> (fixes FTBFS on alpha)
  * [x86] Staging: Enable R8712U as module (r8712u, replacing r8192s_usb)
    - Enable loading external firmware, thanks to Stefan Lippers-Hollmann
  * linux-base: Look for GRUB 1 configuration in both /boot/grub and
    /boot/boot/grub (Closes: #607863)
  * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance (Closes: #608185)
  * r8169: Change RTL8111D/RTL8168D initialisation and firmware loading to
    match upstream version (Closes: #596390 with firmware-realtek 0.28)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 05 Jan 2011 02:44:28 +0000

linux-2.6 (2.6.37~rc7-1~experimental.1) experimental; urgency=low
  
  * New upstream release candidate
    - [mips] Rename mips_dma_cache_sync back to dma_cache_sync (fixes FTBFS)

  [ Ben Hutchings ]
  * debian/copyright: Add explanation of indirect linking of perf to
    OpenSSL (Closes: #606520)
  * [powerpc,x86] Enable PATA_PCMCIA (Closes: #606324)
  * Disable BLK_DEV_IDECS
  * [alpha] Use libata-based drivers for most PATA controllers
  * [powerpc] linux-base: Run ybin after updating yaboot.conf
    (Closes: #607284)
  * Update debconf template translations:
    - Add Catalan (Jordi Mallach)
    - Update Danish (Joe Hansen)
    - Update Spanish (Omar Campagne, Javier Fernández-Sanguino)
    - Add Italian (Luca Bruno)
    - Update Japanese (Nobuhiro Iwamatsu)
    - Add Brazilian Portugese (Flamarion Jorge)
    - Update Vietnamese (Clytie Siddall)
  * debian/bin/test-patches: Restrict patches to featureset when building
    with a featureset (thanks to Tim Small)
  * Recommend use of 'make deb-pkg' to build custom kernel packages
  * [ia64] drm/nouveau: Revert unnecessary exclusion of ACPI support code

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 25 Dec 2010 16:21:09 +0000

linux-2.6 (2.6.37~rc5-1~experimental.3) experimental; urgency=low

  * Really apply patches added in the previous version

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 11 Dec 2010 16:27:21 +0000

linux-2.6 (2.6.37~rc5-1~experimental.2) experimental; urgency=low

  * Second attempt to fix FTBFS on various architectures:
    - [alpha] Do not use -Werror for arch/alpha
    - [arm/ixp4xx] Rename FREQ macro to avoid collisions (v2)
    - drm/nouveau: Only select ACPI_VIDEO if its dependencies are met
    - [mips] Change mips_sc_is_activated() to do what the comment says

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 11 Dec 2010 06:27:51 +0000

linux-2.6 (2.6.37~rc5-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ Ben Hutchings ]
  * Attempt to fix FTBFS on various architectures:
    - [alpha] Do not use -Werror for arch/alpha/kernel
    - [arm/ixp4xx] Rename FREQ macro to avoid collisions
    - [mips] Add the necessary parameter to mips_sc_is_activated()

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 10 Dec 2010 02:59:12 +0000

linux-2.6 (2.6.37~rc4-1~experimental.1) experimental; urgency=low

  * New upstream release candidate

  [ maximilian attems ]
  * Newer Standards-Version 3.9.1 without changes.

  [ Martin Michlmayr ]
  * Add ixp4xx build fix from Arnaud Patard (Closes: #602669)
  * [armel/kirkwood] Enable sound.
  * ASoC: Add support for OpenRD Ultimate (Arnaud Patard).

  [ Ben Hutchings ]
  * Enable PM_ADVANCED_DEBUG (Closes: #603254)
  * Disable X.25 protocol and related drivers.  This 10 year old experiment
    has stalled and is a source of security bugs.
  * Disable Econet protocol.  It is unmaintained upstream, probably broken,
    and of historical interest only.
  * af_802154,decnet,rds: Disable auto-loading as mitigation against local
    exploits.  These protocol modules are not widely used and can be
    explicitly loaded or aliased on systems where they are wanted.
  * debian/rules: Change 'clean' rule to remove package build directories
    even after a version bump, thanks to Timo Juhani Lindfors
  * dm: Deal with merge_bvec_fn in component devices better (Closes: #604457)
  * 9p: Enable 9P_FS_POSIX_ACL
  * netfilter/ipvs: Enable IP_VS_PE_SIP as module
  * net/sched: Enable NET_ACT_CSUM as module
  * can: Enable CAN_SJA1000_ISA, CAN_TSCAN1 as modules
  * block: Enable BLK_DEV_RBD (Rados) as module
  * sensors: Enable AD525X_DPOT_SPI, APDS9802ALS, ISL29020, SENSORS_BH1780,
    SENSORS_BH1770, SENSORS_APDS990X, HMC6352, BMP085 as modules
  * scsi: Enable SCSI_CXGB4_ISCSI as module
  * net/ppp: Enable PPTP as module
  * net: Enable BNA, SMCTR, USB_NET_CX82310_ETH as modules
  * IR: Enable IR_RC5_SZ_DECODER as module
  * [i386] IR: Enable IR_NUVOTON as module
  * V4L: Enable GSPCA_KONICA, GSPCA_XIRLINK_CIT as modules
  * DVB: Enable USB_LME2510 as module
  * [i386] sound/isa: Enable SND_AZT1605, SND_AZT2316, SND_JAZZ16,
    SND_MSND_PINNACLE, SND_MSND_CLASSIC as modules
  * HID: Enable HID_UCLOGIC, HID_WALTOP, HID_ROCCAT_PYRA as modules
  * hid-logitech: Enable LOGIWII_FF
  * Enable USB_UAS (USB-attached SCSI) as module
  * serial: Enable USB_SERIAL_SAMBA as module
  * drm/nouveau: Enable DRM_I2C_SIL164 as module
  * perf: Use libiberty, not libbfd, for symbol demangling
    (Closes: #604750, #606050)
  * firmware: Correct copyright information and add source for CIS files
    (accidentally omitted when merging from sid branch)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 05 Dec 2010 23:19:38 +0000

linux-2.6 (2.6.36-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_36
    - writeback: always use sb->s_bdi for writeback purposes (Closes: #599466)
    - i7core_edac: fix panic in udimm sysfs attributes registration
      (Closes: #600528)

  [ Ben Hutchings ]
  * qla4xxx: Fix build on some architectures lacking 64-bit I/O
    (Closes: #598503)
  * [x86] Enable modular TM6000, TM6000_ALSA, TM6000_DVB
  * [x86] Staging: fix Makefile so brcm80211 will actually build
    (Closes: #599465)
  * [x86] Enable modular IDEAPAD_ACPI (Closes: #599444)
  * perf: Enable Perl and Python scripting
    - Move scripts to /usr/share/perf_<version>-core (Closes: #599624)
  * crypto: Explicitly enable algorithm self-tests (Closes: #599441)
  * [x86] Skip looking for ioapic overrides when ioapics are not present
    (Closes: #598533)
  * [x86] ata_piix: Add device ID for ICH4-L
  * [armel/iop32x,ia64,x86] Disable BLK_DEV_PIIX as obsolete
  * [amd64] Disable DRM_I810; i81x chipsets do not support 64-bit processors
  * [x86] Disable DRM_I830; the i915 driver is now used instead

  [ Martin Michlmayr ]
  * Kirkwood: restrict the scope of the PCIe reset workaround

 -- maximilian attems <max@stro.at>  Wed, 27 Oct 2010 13:23:11 +0200

linux-2.6 (2.6.36~rc6-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    - drm/i915: Ensure that the crtcinfo is populated during mode_fixup()
      (Closes: #592415)
    - USB: fix bug in initialization of interface minor numbers
      (Closes: #598207)

  [ Ben Hutchings ]
  * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996, really)
  * Disable INTEL_IDLE.  It can no longer be built as a module and so was
    actually disabled by the previous version, but I do not consider it ready
    to build-in yet.
  * Enable modular NETFILTER_XT_TARGET_CHECKSUM, NETFILTER_XT_TARGET_IDLETIMER,
    NETFILTER_XT_MATCH_CPU, NETFILTER_XT_MATCH_IPVS
  * Reenable LOCKUP_DETECTOR, accidentally disabled by the previous version
  * Enable modular AD525X_DPOT_I2C, ATM_NICSTAR, CAN_ESD_USB2, CHELSIO_T4VF,
    FIREWIRE_NOSY, HID_ACRUX_FF, HID_ELECOM, INFINIBAND_CXGB4, INFINIBAND_QIB,
    MTD_PCMCIA, ORINOCO_USB, PPS_CLIENT_LDISC, RAMOOPS, SERIAL_MFD_HSU,
    UIO_NETX, USB_GSPCA_SPCA1528, USB_GSPCA_SQ930X, USB_SERIAL_SSU100,
    USB_SERIAL_ZIO, WL1271_SDIO, WL1271_SPI
  * Enable BT_HCIUART_ATH3K, USB_SERIAL_MOS7715_PARPORT
  * [x86] Enable modular SENSORS_PKGTEMP
  * Enable modular IR_CORE, RC_MAP, all IR decoders, IR_IMON, IR_MCEUSB,
    IR_ENE, IR_STREAMZAP
  * [x86] Enable modular LIRC drivers

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 03 Oct 2010 21:18:41 +0100

linux-2.6 (2.6.36~rc5-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    - 3c59x: Fix deadlock in vortex_error() (Closes: #595554)

  [ Ben Hutchings ]
  * speakup: Update to match Debian package version 3.1.5.dfsg.1-1
  * [x86] Add brcm80211 driver for Broadcom 802.11n wireless network
    controllers
  * [x86] Set XEN_PLATFORM_PCI=y

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 21 Sep 2010 02:15:33 +0100

linux-2.6 (2.6.35-1~experimental.3) experimental; urgency=low

  [ Ritesh Raj Sarraf ]
  * Add .gnu_debuglink information into kernel modules (Closes: #555549)
  
  [ Ben Hutchings ]
  * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996)
  * Update debconf template translations:
    - Czech (Michal Simunek) (Closes: #590546)
    - Portugese (Américo Monteiro) (Closes: #590557)
    - French (David Prévot) (Closes: #591149)
    - Russian (Yuri Kozlov) (Closes: #591241)
    - Swedish (Martin Bagge) (Closes: #592045)
    - German (Holger Wansing) (Closes: #592226)
  * [x86] Enable samsung-laptop driver
  * [sparc] Enable XVR1000 driver (Closes: #574243)
  * Change BLK_CGROUP from module to built-in so that cfq can be the
    default I/O scheduler again (Closes: #593720)
  * [mipsel/loongson-2f] Enable smtcfb (FB_SM7XX) driver (Closes: #594642)

  [ Ian Campbell ]
  * Fixes/overrides for Linitan warnings:
    - Add "(meta package)" to short description of linux-headers
      metapackages, resolves empty-binary-package.
    - Add dependency on ${misc:Depends} to all packages, resolves
      debhelper-but-no-misc-depends. Required update to gencontrol.py to
      augment rather than override headers_arch_depends read from templates.
    - Override dbg-package-missing-depends for linux-image-*-dbg. It is not
      necessary to install the kernel image package to use the dbg package
      since the dbg package already contains a complete image with symbols.

  [ Bastian Blank ]
  * Disable Ralink staging drivers, the in-tree ones reached "works-for-me"
    status.

  [ Aurelien Jarno ]
  * Fix netfilter CONFIG_COMPAT support.
  * [sh4] set VIRTUALIZATION.
  * [mips] Add an octeon flavour.

  [ maximilian attems]
  * Add stable 2.6.35.3 and 2.6.35.4.

 -- maximilian attems <maks@debian.org>  Mon, 06 Sep 2010 15:16:17 +0200

linux-2.6 (2.6.35-1~experimental.2) experimental; urgency=low

  * images: Nuke modules.devname on removal. (closes: #590607)
  * Add stable 2.6.35.1 and 2.6.35.2.
  * mm: fix page table unmap for stack guard page properly.
  * mm: fix up some user-visible effects of the stack guard page.
  * config.loongson-2f: Enable USB and RTC for loongson-2f.
    Thanks Geert Stappers <stappers@stappers.nl> (closes: #583689)

 -- maximilian attems <maks@debian.org>  Mon, 16 Aug 2010 23:49:32 +0200

linux-2.6 (2.6.35-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_35
    - [ia64] Fix crash when gcore reads gate area (Closes: #588574)
    - tpm_tis: fix subsequent suspend failures (Closes: #591031)

  * topconfig enable BLK_CGROUP, NETFILTER_XT_TARGET_TEE, VMWARE_BALLOON,
    ATH9K_HTC, TOUCHSCREEN_HAMPSHIRE, TOUCHSCREEN_TPS6507X, SND_ASIHPI,
    SQUASHFS_XATTRS, RCU_FAST_NO_HZ, COMPACTION, IP_MROUTE_MULTIPLE_TABLES,
    IPV6_MROUTE_MULTIPLE_TABLES, NET_DCCPPROBE, NET_SCTPPROBE, L2TP,
    BT_L2CAP_EXT_FEATURES, MTD_NAND_RICOH, ATA_BMDMA, KEYBOARD_QT2160,
    N_GSM, SENSORS_SHT15, SENSORS_EMC1403, SENSORS_ADS7871, SENSORS_TMP102,
    SND_ES1968_INPUT, SND_MAESTRO3_INPUT, LEDS_LT3593, LEDS_MC13783.
  * x86 enable INTEL_IDLE, ACPI_HED, ACPI_APEI, ACPI_APEI_GHES,
    PCI_CNB20LE_QUIRK.

 -- maximilian attems <maks@debian.org>  Tue, 03 Aug 2010 16:21:16 +0200

linux-2.6 (2.6.35~rc6-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
    - drm/i915: Add 'reclaimable' to i915 self-reclaimable page allocations
      (Closes: #534422)

  [ Ben Hutchings ]
  * [!x86] Disable FB_VIA; these GPUs are only found on x86 motherboards
  * ds2782_battery: Fix build failure on several architectures
  * postinst: Remove support for 'default' boot loaders. Warn users on
    upgrade if the current configuration may rely on this.
  * [i386/686] Remove AMD K6 from the list of supported processors; it
    does not implement the CMOV instruction
  * 3c59x: Fix call to mdio_sync() with the wrong argument (Closes: #589989)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 24 Jul 2010 01:00:26 +0100

linux-2.6 (2.6.35~rc5-1~experimental.1) experimental; urgency=low

  * New upstream release candidate
  
  [ Ben Hutchings ]
  * Consistently name the linux-tools package and perf binary using the
    upstream version without any -rcN suffix

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 13 Jul 2010 01:09:27 +0100

linux-2.6 (2.6.35~rc4-1~experimental.1) experimental; urgency=low
  
  * New upstream snapshot
    - [hppa] clear floating point exception flag on SIGFPE signal
      (Closes: #559406)
    - Add mantis and hopper DVB drivers (Closes: #577264)
    - eeepc-laptop: Disable wireless hotplug on more models where the
      controller is not at the expected address (Closes: #576199)
    - qcserial: Add support for Qualcomm Gobi 2000 devices
      (Closes: #585661)
    - radeon: Fix MacBook Pro connector quirk (Closes: #585943)
    - r8169: Fix MDIO timing (Closes: #583139)
    - asix: fix setting mac address for AX88772 (Closes: #587580)
    - Update Marvell CESA (mv_cesa) driver (Closes: #585790):

  [ Ben Hutchings ]
  * ipr: add writeq definition if needed (Closes: #584840)
  * [mips] Fix boot from ATA hard drives (Closes: #584784):
    - Set io_map_base for several PCI bridges lacking it
    - Replace per-platform built-in IDE drivers with libata-based drivers
    - Enable BLK_DEV_SD as built-in on all platforms
  * Update Spanish debconf templates, thanks to Omar Campagne
    (Closes: #580538)
  * [powerpc] Enable pata_amd driver, replacing amd74xx
  * linux-base: Don't identify LVM2 PVs by UUID (Closes: #585852)
  * Move NEWS to linux-latest-2.6 (Closes: #586401)
  * 3c59x: Change locking to avoid use of disable_irq() (Closes: #586967)
  * Enable IPv6 support for IPVS (IP_VS_IPV6) (Closes: #584549)
  * linux-base: If the disk ID update process fails, give the user a
    chance to retry or change their answers (Closes: #585609)
  * ipv6: Clamp reported valid_lft to a minimum of 0 (Closes: #514644)
  * ipv6: Use interface max_desync_factor instead of static default
    (Closes: #514646)
  * [ia64, powerpc, sparc, x86] Enable KPROBES and KRETPROBES
    (Closes: #584130)
  * r8192s_usb: Fix various bugs:
    - Clean up in case of an error in module initialisation
    - Rename and remove proc directories correctly if an interface is
      not called wlan0 (Closes: #582972)
    - Correct device ID table (Closes: #584945, #587985)
  * [x86] Enable r8192u_usb driver
  * Add linux-tools-<version> package containing the perf tool
    (Closes: #548715)
  * Enable SERIAL_USB_TI (Closes: #588096) and SERIAL_USB_WHITEHEAT
  * [x86] Enable EDAC_I7CORE

  [ maximilian attems ]
  * Enable DRM_RADEON_KMS.

  [ Martin Michlmayr ]
  * OpenRD-Base: revert patch "allow SD/UART1 selection" since it
    never made it upstream.
  * ARM: update mach types.
  * Add support for OpenRD-Ultimate.
  * QNAP TS-11x/TS-21x: Add MPP44 (board ID).
  * Add support for the HP t5325 Thin Client.
  * m25p80: Add support for Macronix 25L8005.
  * [armel/kirkwood] Enable FB_XGI and FRAMEBUFFER_CONSOLE.
  * [armel] Make MOUSE_PS2 modular.
  * [armel] Build INPUT_UINPUT for all flavours.
  * [armel/kirkwood] Enable FB_UDL.
  * [armel] Disable PARPORT_PC (Closes: #588164)

  [ Bastian Blank ]
  * Disable mISDN support for NETJet cards. The driver binds a generic PCI
    bridge.
  * Disable ISDN4Linux drivers.

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 10 Jul 2010 21:53:57 +0100

linux-2.6 (2.6.34-1~experimental.2) experimental; urgency=low

  [ Ben Hutchings ]
  * [x86] Reenable rtl8192su, accidentally disabled in previous version
    (Closes: #580740)
  * writeback: Update dirty flags in two steps
  * writeback: ensure that WB_SYNC_NONE writeback with sb pinned is sync
    (Closes: #582808)
  * writeback: fix non-integrity write-back
  * [mipsel] Add a loongson-2f flavour
  * [mipsel] Loongson: Define rtc device on MC146818-equipped systems
  * Make gcc-4.4 the default compiler
  * [ia64] Hardcode the output of the scripts under arch/ia64/scripts so
    that we can build out-of-tree modules correctly (refresh and re-add
    dropped patch) (Closes: #392592)
  * [ia64] Enable SGI SN support and mspec driver (Closes: #582224)
  * iwlwifi: Disable QoS when connected to a non-QoS-capable AP
    (Closes: #578262)
  * [x86] Disable e_powersaver cpufreq driver as unsafe. It has already
    been blacklisted by cpufrequtils. The acpi-cpufreq driver can be used
    instead on some VIA C7 systems. (Closes: #566208)
  * [amd64] ext4: Fix compat EXT4_IOC_ADD_GROUP (used by online resize)
  * Install debug kernel image in /usr/lib/debug/boot (Closes: #582810)
  * Build inet_lro as a module
  * [sparc] Enable CONFIG_FB_XVR500, CONFIG_FB_XVR2500 (Closes: #508108)

  [ maximilian attems ]
  * topconfig enable CFQ_GROUP_IOSCHED, MFD_WM8994, REGULATOR_MAX8649,
    REGULATOR_WM8994, VHOST_NET, BT_ATH3K, CRYPTO_PCRYPT.
  * [x86] Enable X86_PCC_CPUFREQ, VGA_SWITCHEROO (closes: #582637).

  [ Martin Michlmayr ]
  * QNAP TS-419P: Export GPIO indicating jumper setting of JP1.

  [ dann frazier ]
  * [hppa] clear floating point exception flag on SIGFPE signal
    (Closes: #559406)

  [ Aurelien Jarno ]
  * [sh4] fix sh_tmu clocksource following recent nohz changes.

  [ Moritz Muehlenhoff ]
  * Enable X86 board specific fixups for reboot (Closes: #536537)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 06 Jun 2010 18:53:04 +0100

linux-2.6 (2.6.34-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_34

  * New upstream release
    - rtl8192su: Add IDs for several more devices (Closes: #580740)

  [ maximilian attems ]
  * topconfig enable IPV6_SIT_6RD, NETFILTER_XT_TARGET_CT, IP_VS_PROTO_SCTP,
    NF_CONNTRACK_ZONES, CAN_PLX_PCI, TI_DAC7512, SCSI_HPSA, PATA_TOSHIBA,
    MACVTAP, CHELSIO_T4, IXGBEVF, QLCNIC, LIBERTAS_MESH,
    USB_NET_SMSC75XX, USB_SIERRA_NET, VIDEO_CX18_ALSA, USB_GSPCA_BENQ,
    USB_GSPCA_CPIA1, USB_GSPCA_OV534_9, USB_GSPCA_SN9C2028, RADIO_TEF6862,
    RADIO_SAA7706H, SND_USB_UA101, CEPH_FS, MICREL_PHY, KSZ884X_PCI,
    SENSORS_ADT7411, SENSORS_ASC7621, VIDEO_TLG2300, DVB_USB_AZ6027,
    DVB_NGENE, HID_3M_PCT, LOGIG940_FF, HID_MAGICMOUSE, HID_MOSART,
    HID_NTRIG, HID_QUANTA, HID_STANTUM, HID_WACOM, USB_SERIAL_QCAUX,
    USB_SERIAL_VIVOPAY_SERIAL, MMC_RICOH_MMC, LEDS_DELL_NETBOOKS, LOGFS.
  * [x86] Enable EEEPC_WMI.
  * Fix backlight support on some recent Thinkpads.
  * acpi: Fall back to manually changing SCI_EN.
  * Explicitly pass in whether sb is pinned or not.
  
  [ Ben Hutchings ]
  * Prepare debconf templates for translation (Closes: #576758)
  * [x86] Enable r8187se driver, previously named rtl8187se

  [ Aurelien Jarno ]
  * mips/swarm: fix boot from IDE based media (Sebastian Andrzej Siewior)
    (closes: #466977).
  * mips/*: remove SND_* options, as they are already enabled in topconfig.

 -- maximilian attems <maks@debian.org>  Wed, 19 May 2010 17:06:13 +0200

linux-2.6 (2.6.33-1~experimental.5) experimental; urgency=low

  [ Ian Campbell ]
  * Include Xen hypervisor in reportbug "related to" list.

  [ maximilian attems]
  * Add stable 2.6.33.2.

  [ Ben Hutchings ]
  * [x86] Enable ramzswap driver (Closes: #573912)
  * [x86] Re-enable rt2860sta and rt2870sta drivers which were accidentally
    disabled when moving to Linux 2.6.33 (Closes: #576723)
  * Add stable 2.6.33.3:
    - ACPI: EC: Allow multibyte access to EC; fixes temperature monitoring
      on some Dell laptops (Closes: #563313)

  [ Aurelien Jarno ]
  * Add support for sh4 architecture, patch by Nobuhiro Iwamatsu
    (Closes: #569034)
  * [mips*/*malta] Remove options that are present in topconfig.

 -- maximilian attems <maks@debian.org>  Wed, 05 May 2010 16:38:53 +0200

linux-2.6 (2.6.33-1~experimental.4) experimental; urgency=low

  [ Ben Hutchings ]
  * Include aufs2, marked as staging (Closes: #573189)
  * Remove /usr/include/drm from linux-libc-dev; let libdrm-dev provide it
    again (Closes: #572067)
  * [x86] Enable rtl8192su driver using external firmware

  [ maximilian attems]
  * Add stable 2.6.33.1.

 -- maximilian attems <maks@debian.org>  Wed, 17 Mar 2010 18:13:53 +0100

linux-2.6 (2.6.33-1~experimental.3) experimental; urgency=low

  [ Ben Hutchings ]
  * Fix regexp for binNMU versions in modules/rules.include (Closes: #524632)
  * linux-base: Fix bugs and improve libata transition code:
    - Fix calls to disk_id_to_path (renamed to id_to_path) (Closes: #572283)
    - Don't show empty list of devices to be relabelled
    - Don't update udev CD rules unnecessarily
    - Show the device paths to be added to udev CD rules
    - Ignore nonexistent devices and properly handle devices of unknown
      filesystem type (Closes: #572341, #572445)
    - Don't accept empty filesystem labels as identifiers (Closes: #572438)
    - For consistency with fresh installations, use or assign UUIDs rather
      than labels where both are available (Closes: #572376)
    - Replace CD/DVD/BD device names with udev-provided persistent aliases
    - Fix update of boot device name for LILO and related loaders
    - Update uswsusp resume device name

 -- maximilian attems <maks@debian.org>  Thu, 11 Mar 2010 05:58:02 +0100

linux-2.6 (2.6.33-1~experimental.2) experimental; urgency=low

  [ Ben Hutchings ]
  * Add missing debconf templates for linux-base (Closes: #571558)
  * Fix libata transition code for GRUB 1 config (Closes: #571662)

 -- maximilian attems <maks@debian.org>  Sun, 28 Feb 2010 17:48:11 +0100

linux-2.6 (2.6.33-1~experimental.1) experimental; urgency=low

  * New upstream release: http://kernelnewbies.org/Linux_2_6_33

  [ maximilian attems]
  * [topconfig] set BLK_DEV_DRBD, DRM_NOUVEAU, DRM_NOUVEAU_BACKLIGHT,
    DRM_VMWGFX, SENSORS_LM73, SENSORS_AMC682, SENSORS_LIS3_I2C,
    SENSORS_MC13783_ADC, TOUCHSCREEN_DYNAPRO, TOUCHSCREEN_MC13783,
    GIGASET_CAPI, LEDS_DAC124S085, LEDS_INTEL_SS4200, LEDS_INTEL_SS4200,
    DVB_FIREDTV, DVB_USB_EC168, SOC_CAMERA_MT9T112, SOC_CAMERA_OV9640,
    USB_GSPCA_PAC7302, USB_GSPCA_STV0680, AD525X_DPOT, CAN_MCP251X,
    RT2800PCI, REGULATOR_MAX8660, RTC_DRV_BQ32K, RTC_DRV_MSM6242,
    RTC_DRV_RP5C01, VMWARE_PVSCSI, SCSI_PM8001, WIMAX_IWMC3200_SDIO,
    INPUT_SPARSEKMAP, SERIO_ALTERA_PS2, MANTIS_CORE, DVB_MANTIS,
    DVB_HOPPER.
  * [x86] set CS5535_MFGPT, SENSORS_K10TEMP, GEODE_WDT, MSI_WMI,
    TOSHIBA_BT_RFKILL, ACPI_CMPC, CRYPTO_GHASH_CLMUL_NI_INTE.

  [ Ben Hutchings ]
  * Use libata-based drivers for most PATA controllers (Closes: #444182):
    - pata_triflex replaces triflex
    - pata_atiixp replaces atiixp
    - pata_ns87415 replaces ns87415
    - pata_sc1200 replaces sc1200
    - pata_cs5536 replaces cs5536
    - pata_amd replaces amd74xx
    - pata_sis replaces sis5513
    - pata_rz1000 replaces rz1000
    - pata_efar replaces slc90e66
    - pata_pdc202xx_old replaces pdc202xx_old
    - pata_pdc2027x replaces pdc202xx_new
    - pata_cs5520 replaces cs5520
    - pata_cs5530 replaces cs5530
    - pata_cmd64x replaces cmd64x
    - pata_sil680 replaces siimage
    - pata_ali replaces alim15x3
    - pata_via replaces via82cxxx
    - pata_serverworks replaces serverworks
    - pata_artop replaces aec62xx
    - pata_it821x replaces it821x
    - ata_piix, pata_oldpiix, pata_mpiix mostly replace piix
    - ata_generic, pata_ns87410, pata_netcell replace ide-pci-generic
  * Add libata transition script

 -- maximilian attems <maks@debian.org>  Thu, 25 Feb 2010 15:21:38 +0100

linux-2.6 (2.6.32-30) unstable; urgency=high

  [ Ben Hutchings ]
  * mpt2sas: Fix incorrect scsi_dma_map error checking (Closes: #606968)
  * Update Spanish debconf template translation (Omar Campagne, Javier
    Fernández-Sanguino) (Really closes: #600694)
  * intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions
    (Closes: #607095)
  * [powerpc] linux-base: Run ybin after updating yaboot.conf
    (Closes: #607284)
  * tehuti: Firmware filename is tehuti/bdx.bin
  * iwlwifi: Reduce a failure-prone memory allocation (Closes: #599345)
  * linux-base: Look for GRUB 1 configuration in both /boot/grub and
    /boot/boot/grub (Closes: #607863)
  * rt28x0: Add ieee80211_regdom module parameter mimicking cfg80211 as a
    workaround for incorrect region code in NVRAM (Closes: #594561)
  * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance (Closes: #608185)
  * [x86] dell-laptop: Enable for some newer Dell models
  * r8169: Change RTL8111D/RTL8168D initialisation and firmware loading to
    match upstream version (Closes: #596390 with firmware-realtek 0.28)
  * Add stable 2.6.32.28:
    - NFS: Fix panic after nfs_umount()
    - usb-storage/libusual: Add support for Samsung YP-CP3 MP4 Player,
      thanks to Vitaly Kuznetsov (Closes: #555835)
    - bfa: Fix system crash when reading sysfs fc_host statistics
      (CVE-2010-4343)
    - IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649)
    - orinoco: Fix TKIP countermeasure behaviour (CVE-2010-4648)
    - mm: Add security_file_mmap check to install_special_mapping
      (CVE-2010-4346)
    - sctp: Fix a race between ICMP protocol unreachable and connect()
      (CVE-2010-4526)
    - hvc_console: Fix race between hvc_close and hvc_remove (CVE-2010-2653)
      (previously applied as an isolated fix in 2.6.32-25)
    - fuse/cuse: Verify ioctl retries (CVE-2010-4650)
  * [powerpc] Restore device tree source files to linux-image packages
    (Closes: #609155)

  [ maximilian attems ]
  * [openvz] Reenable NF_CONNTRACK_IPV6. (closes: #580507)
  * cifs: fix another memleak, in cifs_root_iget.
  * b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd.
  * drm/radeon/kms: MC vram map needs to be >= pci aperture size.
  * drm/radeon/kms: make sure blit addr masks are 64 bit.
  * drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx.
  * drm/i915: Free hardware status page on unload when physically mapped.
  * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to writing.
  * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode().
  * drm/radeon/kms: fix typos in disabled vbios code.
  * drm/radeon/kms: add workaround for dce3 ddc line vbios bug.
  * drm/radeon/kms: fix interlaced and doublescan handling.
  * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection reliable.
  * wireless: b43: fix error path in SDIO.
  * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP.

  [ Ian Campbell ]
  * xen: backport TTM patches to use PCI API. Fixes PCIe GPU (specifically
    Radeon and Nouveau) on Xen (Closes: #601341).
  * xen: netback: drop SKBs which are GSO but do not have a partial
    checksum set (Closes: #608144).

  [ dann frazier ]
  * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243)
  * irda: Fix information leak in IRLMP_ENUMDEVICES (CVE-2010-4529)
  * af_unix: limit unix_tot_inflight (CVE-2010-4249)

  [ Moritz Muehlenhoff ]
  * net: ax25: fix information leak to userland (CVE-2010-3875)
  * net: packet: fix information leak to userland (CVE-2010-3876)	
  * net: tipc: fix information leak to userland (CVE-2010-3877)
  * inet_diag: Make sure we actually run the same bytecode we audited
    (CVE-2010-3880)
  * econet: Fix crash in aun_incoming() (CVE-2010-4342)

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 11 Jan 2011 05:42:11 +0000

linux-2.6 (2.6.32-29) unstable; urgency=high

  [ Ben Hutchings ]
  * megaraid_sas: Add support for 'entry-level' SAS controllers including
    the 9240 family (Closes: #604083)
  * tcp: Make TCP_MAXSEG minimum more correct (refinement of fix for
    CVE-2010-4165)
  * l2tp: Fix UDP socket reference count bugs in the pppol2tp driver
    (Closes: #604748)
  * USB: Retain device power/wakeup setting across reconfiguration;
    don't enable remote wakeup by default (Closes: #605246)
  * dm: Deal with merge_bvec_fn in component devices better (Closes: #604457)
  * Update Spanish debconf template translation (Aaron H Farias Martinez)
    (Closes: #600694)
  * perf: Use libiberty, not libbfd, for symbol demangling
    (Closes: #590226, #606050)
  * [x86] Add support for Fintek hardware watchdogs (Closes: #601187)
    - resource: Add shared I/O region support
    - hwmon: f71882fg: Use a muxed resource lock for the Super I/O port
    - watchdog: Add f71808e_wdt driver
  * bcm5974: Add reporting of multitouch events (Closes: #605450)
  * fusion: Set FUSION_MAX_SGE=128, the upstream default (Closes: #606096)
  * Add stable 2.6.32.27:
    - block: limit vec count in bio_kmalloc() and bio_alloc_map_data()
    - block: take care not to overflow when calculating total iov length
    - block: check for proper length of iov entries in blk_rq_map_user_iov()
      (CVE-2010-4163)
    - net: clear heap allocation for ETHTOOL_GRXCLSRLALL (CVE-2010-3861)
    - asus_oled: fix up some sysfs attribute permissions
    - ipc: initialize structure memory to zero for compat functions
      (CVE-2010-4073)
    - ipc/shm: fix information leak to userland (CVE-2010-4072)
    - ipc/sem: sys_semctl: fix kernel stack information leakage (CVE-2010-4083)
    - tty: prevent DOS in the flush_to_ldisc
    - [x86] KVM: VMX: Fix host userspace gsbase corruption (Closes: #604956)
    - KVM: VMX: fix vmx null pointer dereference on debug register access
      (CVE-2010-0435)
    - KVM: x86: fix information leak to userland (CVE-2010-3881)
    - firewire/cdev: fix information leak
    - firewire-core: fix an information leak
    - firewire-ohci: fix buffer overflow in AR split packet handling
    - bio: take care not overflow page count when mapping/copying user data
      (CVE-2010-4162)
    - sisusbvga: fix information leak to userland
    - iowarrior: fix information leak to userland
    - usb: core: fix information leak to userland
    - usb-storage/sierra_ms: fix sysfs file attribute
    - ueagle-atm: fix up some permissions on the sysfs files
    - cypress_cy7c63: fix up some sysfs attribute permissions
    - usbled: fix up some sysfs attribute permissions
    - trancevibrator: fix up a sysfs attribute permission
    - usbsevseg: fix up some sysfs attribute permissions
    - do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258)
    - DECnet: don't leak uninitialized stack byte
    - perf_events: Fix perf_counter_mmap() hook in mprotect() (CVE-2010-4169)
    - frontier: fix up some sysfs attribute permissions
    - net/sched: fix kernel information leak in act_police
    - can-bcm: fix minor heap overflow (CVE-2010-3874)
    - ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079)
    - net/sched: fix some kernel information leaks
  * TTY: Fix error return from tty_ldisc_open() (regression in 2.6.32.27)
  * filter: make sure filters dont read uninitialized memory (CVE-2010-4158)
  * posix-cpu-timers: workaround to suppress the problems with mt exec
    (CVE-2010-4248)

  [ Ian Campbell ]
  * xen: disable ACPI NUMA for PV guests and allow IRQ desc allocation on any
    node (Closes: #603632)
  * xen: handle potential time discontinuity on resume (Closes: #602273)
  * xen: don't bother to stop other cpus on shutdown/reboot (Closes: #605448)
  * xen: Add cpu hotplug support to prevent crash while parsing ACPI processor
    tables (Closes: #602109)

  [ Martin Michlmayr ]
  * Kirkwood: Add support for 6282 based QNAP devices.

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 10 Dec 2010 05:45:11 +0000

linux-2.6 (2.6.32-28) unstable; urgency=high

  [ maximilian attems ]
  * ipc: initialize structure memory to zero for shmctl.
  * drm/i915: set DIDL using the ACPI video output device _ADR method return.
  * images: Nuke modules.devname on removal. (closes: #590607)
  * Newer Standards-Version 3.9.1 without changes.
  * drm/ttm: Clear the ghost cpu_writers flag on ttm_buffer_object_transfer.
  * [openvz] Update upstream patch to 2.6.32-dzhanibekov.
  * [openvz] ubc: Fix orphan count checks after merge.

  [ Martin Michlmayr ]
  * Update udlfb to 2.6.37:
    - udlfb: minor cleanups
    - udlfb: fix coding style issues
    - udlfb: fbdev character read and write support
    - udlfb: add DPMS support
    - udlfb: remove metrics_misc sysfs attribute
    - udlfb: revamp reference handling to insure successful shutdown
    - udlfb: enhance EDID and mode handling support
    - udlfb: fix big endian rendering error
    - udlfb: support for writing backup EDID to sysfs file
    - udlfb: add module options for console and fb_defio
    - udlfb: fix incorrect fb_defio implementation for multiple framebuffers
    - udlfb: fix checkpatch and style

  [ Ben Hutchings ]
  * Update debconf template translations:
    - Update Japanese (Nobuhiro Iwamatsu) (Closes: #602152)
    - Update Catalan (Jordi Mallach) (Closes: #602520)
    - Add Italian (Luca Bruno) (Closes: #602945)
  * sunrpc: Fix NFS client over TCP hangs due to packet loss (Closes: #589945)
  * brcm80211: Update to 2.6.37-rc1
  * [powerpc] ALSA: Fix headphone and line-out detection on PowerMac G4 DA
    (Closes: #603419)
  * [x86] snd-hda-codec-cirrus: Add quirks for IMac 27", MacBookPro 5,5 and 7,1
  * [x86] btusb: Add device IDs for MacBookPro 6,2 and 7,1 (Closes: #603651)
  * [x86] applesmc: Add support for iMac 9,1 and MacBookPro 2,2, 5,3, 5,4, 6,*
    and 7,*
  * [x86] applesmc, bcm5974, btusb, HID, mbp_nvidia_bl, snd-hda-codec-cirrus:
    Add support for MacBookAir 3,1 and 3,2 (Closes: #603395)
  * [x86] mbp_nvidia_bl: Add support for MacBookPro 7,1
  * x25: Fix remote denial-of-service vulnerabilities:
    - x25 accesses fields beyond end of packet
    - memory corruption in X.25 facilities parsing (CVE-2010-3873)
    - Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)
  * tcp: Increase TCP_MAXSEG socket option minimum (CVE-2010-4165)
  * rds: Fix integer overflow in RDS cmsg handling
  * af_802154,decnet,econet,rds,x25: Disable auto-loading as mitigation
    against local exploits.  These protocol modules are not widely used
    and can be explicitly loaded or aliased on systems where they are
    wanted.
  * atl1c: Add support for Atheros AR8151 and AR8152 (Closes: #599771)
  * Add stable 2.6.32.26:
    - synclink_cs: Fix information leak to userland
    - bluetooth: Fix missing NULL check
    - [x86] KVM: VMX: Fix host GDT.LIMIT corruption
    - [x86] KVM: Fix fs/gs reload oops with invalid ldt (CVE-2010-3698)
    - gdth: Fix integer overflow in ioctl (CVE-2010-4157)
  * [x86] KVM: SVM: Fix wrong intercept masks for KVM_{GET,SET}_VCPU_EVENTS
    on 32 bit, thanks to Philipp Matthias Hahn (Closes: #599507)

  [ dann frazier ]
  * [vserver] Update patch to 2.6.32.25-vs2.3.0.36.29.6
  * add qlcnic driver
  * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)
  * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
  * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 25 Nov 2010 01:20:50 +0000

linux-2.6 (2.6.32-27) unstable; urgency=high
  
  * The "We'll Always Have Paris" release

  [ Ben Hutchings ]
  * rndis_host: Restrict fix for #576929 to specific devices
    (Closes: #589403, #600660)
  * Add stable 2.6.32.25:
    - rme9652: prevent reading uninitialized stack memory
      (CVE-2010-4080, CVE-2010-4081)
    - ocfs2: Don't walk off the end of fast symlinks
    - ip: fix truesize mismatch in ip fragmentation
    - net: clear heap allocations for privileged ethtool actions
    - execve: setup_arg_pages: diagnose excessive argument size
    - execve: improve interactivity with large arguments
    - execve: make responsive to SIGKILL with large arguments
    - rose: Fix signedness issues wrt. digi count. (CVE-2010-3310)
    - ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
    - setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)
  * btrfs: add a "df" ioctl for btrfs (Closes: #600190)
  * Update debconf template translations:
    - Add Catalan (Jordi Mallach) (Closes: #601146)
    - Add Brazilian Portugese (Flamarion Jorge) (Closes: #601102)
    - Update Vietnamese (Clytie Siddall) (Closes: #601534)
  * phonet: device notifier only runs on initial namespace
    (Really closes: #597904)
  * net/socket: Limit sendto()/recvfrom() length (CVE-2010-1187)
    [Original reference is incorrect; should be CVE-2010-3859.]

  [ Ian Campbell ]
  * xen: import additional fixes for disabling netfront smartpoll mode
    (Closes: #600992).

  [ dann frazier ]
  * e1000e: Reset 82577/82578 PHY before first PHY register read
    (Closes: #601017)

  [ Martin Michlmayr ]
  * Kirkwood: reset PCIe unit on boot
  * Kirkwood: restrict the scope of the PCIe reset workaround

  [ maximilian attems ]
  * Update abi files, readd Xen as ABI stable.
  * 2.6.33.stable-queue: drm/radeon: fix PCI ID 5657 to be an RV410.
  * Add drm changes from 2.6.32.24+drm33.11:
    - i915: return -EFAULT if copy_to_user fails.
    - drm/i915: Prevent double dpms on
    - drm: Only decouple the old_fb from the crtc is we call mode_set*
    - drm/i915: Unset cursor if out-of-bounds upon mode change (v4)
    - drm/i915,agp/intel: Add second set of PCI-IDs for B43
  * net: Limit socket I/O iovec total length to INT_MAX. (CVE-2010-1187)
    [Original reference is incorrect; should be CVE-2010-3859.]
  * numa: fix slab_node(MPOL_BIND).

 -- maximilian attems <maks@debian.org>  Sat, 30 Oct 2010 12:24:37 +0200

linux-2.6 (2.6.32-26) unstable; urgency=high

  [ Ian Campbell ]
  * xen: fix PVHVM hang at boot when Xen does not support vector callbacks.
  * xen: fix race between PV drivers and xenstore initialisation which caused
    breakage in drivers for both regular PV and PVHVM guests.

  [ maximilian attems ]
  * [openvz] Enable ioprio. (closes: #596772)
    Thanks Daniel Hahler <debian-bugs@thequod.de>

  [ Ben Hutchings ]
  * [x86] radeon: Add quirks to make HP nx6125 and dv5000 laptops resume
    (Closes: #583968)
  * dm-crypt: Add 'plain64' IV; this avoids watermarking attacks that are
    possible with 'plain' IV on devices larger than 2TB (Closes: #600384)
  * [x86] ahci,ata_generic: let ata_generic handle new MBP w/ MCP89
    (Closes: #600305)
  * debian/.../patches.py: Open files as needed, rather than all at once
    (Closes: #600423)
  * [openvz] printk: Handle global log buffer reallocation (Closes: #600299)
  * debian/bin/test-patches: Restrict patches to featureset when building
    with a featureset (thanks to Tim Small)
  * sata_via: Delay on vt6420 when starting ATAPI DMA write (Closes: #488566)
  * r6040: Fix various bugs in r6040_multicast_list() (Closes: #600155)

  [ dann frazier ]
  * Force enable DMA on MBP w/ MCP 7,1
  * RDS sockets: remove unsafe kmap_atomic optimization (CVE-2010-3904)
  * v4l: disable dangerous buggy compat function (CVE-2010-2963)

 -- dann frazier <dannf@debian.org>  Tue, 19 Oct 2010 07:50:55 -0600

linux-2.6 (2.6.32-25) unstable; urgency=high

  [ Ben Hutchings ]
  * mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y
  * Add stable 2.6.32.24 (trivial fix, already applied)
  * ipg: Remove device claimed by dl2k from pci id table (Closes: #599021)
  * linux-image: Include modules.order in image packages (Closes: #598518)
  * [x86] isdn/i4l: Reenable ISDN4Linux drivers, but mark them as staging
    (Closes: #588551)
    - hisax: Disable device aliases that conflict with mISDN
  * Update Danish debconf template translation (Joe Hansen) (Closes: #599457)
  * [x86] KVM: SVM: Fix wrong intercept masks on 32 bit (Closes: #599507)
  * e1000: fix Tx hangs by disabling 64-bit DMA (Closes: #518182)
  * rt2x00: Fix calculation of required TX headroom (Closes: #599395)
  * Add drm changes from 2.6.32.22+drm33.10:
    - i915: Don't touch PORT_HOTPLUG_EN in intel_dp_detect()
    - i915: Kill dangerous pending-flip debugging
    - radeon: release AGP bridge at suspend
    - radeon: initialize set_surface_reg for rs600 asic
  * [x86] toshiba_acpi: Add full hotkey support (Closes: #599768)

  [ Stephen R. Marenka ]
  * m68k: fix missing io macros.
  * m68k: modular swim on mac.
  * m68k: never build staging drivers on m68k.
  * m68k: build in rtc class on atari.

  [ Ian Campbell ]
  * xen: do not truncate machine address on gnttab_copy_grant_page hypercall
    (Closes: #599089)

  [ dann frazier ]
  * drm/i915: Sanity check pread/pwrite (CVE-2010-2962)
  * drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow
  * GFS2: Fix writing to non-page aligned gfs2_quota structures (CVE-2010-1436)
  * hvc_console: Fix race between hvc_close and hvc_remove (CVE-2010-2653)
  * net sched: fix some kernel memory leaks (CVE-2010-2942)
  * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL (CVE-2010-3084)
  * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)
  * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)
  * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
  * net sched: fix kernel leak in act_police (CVE-2010-3477)
  * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)

 -- dann frazier <dannf@debian.org>  Thu, 14 Oct 2010 01:08:05 -0600

linux-2.6 (2.6.32-24) unstable; urgency=high

  [ Ben Hutchings ]
  * speakup: Update to match Debian package version 3.1.5.dfsg.1-1
  * scsi_dh_emc: Fix mode select request setup (Closes: #591540)
  * snd-hda-codec-via: Fix syntax error when CONFIG_SND_HDA_POWER_SAVE is
    disabled (Closes: #597043)
  * Add stable 2.6.32.22:
    - [vserver] Revert sched changes since they conflict.
  * Recommend use of 'make deb-pkg' to build custom kernel packages
  * [x86] Revert "i915: Blacklist i830, i845, i855 for KMS". The current X
    driver (xserver-xorg-video-intel version 2.12.0+shadow-1) should work
    properly with KMS on these chips. (Closes: #596453)
  * phonet: Restrict to initial namespace (Closes: #597904)
  * Add stable 2.6.32.23:
    - serial/mos*: prevent reading uninitialized stack memory
    - net: Fix oops from tcp_collapse() when using splice()
    - rds: fix a leak of kernel memory
    - hso: prevent reading uninitialized memory (CVE-2010-3298)
    - cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)
    - eql: prevent reading uninitialized stack memory (CVE-2010-3297)
    - vt6655: fix buffer overflow
    - net/llc: make opt unsigned in llc_ui_setsockopt()
    - sisfb: prevent reading uninitialized stack memory
    - aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)
    - xfs: prevent reading uninitialized stack memory (CVE-2010-3078)
    - viafb: prevent reading uninitialized stack memory
    - [hppa,ia64] mm: guard page for stacks that grow upwards (CVE-2010-2240)
    - sctp: Do not reset the packet during sctp_packet_config()
      (CVE-2010-3432)
  * xen: Fix typo in xen_percpu_chip definition
  * 3c59x: Remove incorrect locking (Closes: #598103)
  * f71882fg: Add support for the f71889fg (Closes: #597820)
  * drm/radeon: Fix regressions introduced in 2.6.34.3 (Closes: #597636)
  * mmc: fix hangs related to mmc/sd card insert/removal during suspend/resume
    (Closes: #598147)

  [ Martin Michlmayr ]
  * ARM: update mach types.
  * [armel/config.kirkwood] Enable MACH_DOCKSTAR.

  [ Ian Campbell ]
  * [x86/xen] Disable netfront's smartpoll mode by default. (Closes: #596635)

  [ maximilian attems ]
  * [openvz] Update upstream patch to 2.6.32-dyomin.

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 30 Sep 2010 00:46:16 +0100

linux-2.6 (2.6.32-23) unstable; urgency=low

  [ Ben Hutchings ]
  * cgroupfs: create /sys/fs/cgroup to mount cgroupfs on (Closes: #595964)
  * r8169: Fix MDIO timing (Closes: #583139; mistakenly reverted in 2.6.32-19)
  * gro: Fix bogus gso_size on the first fraglist entry (Closes: #596802)
  * vgaarb: Fix VGA arbiter to accept PCI domains other than 0 (from stable
    2.6.32.12; mistakenly omitted in 2.6.32-12)

  [ maximilian attems ]
  * openvz: cfq-iosched: do not force idling for sync workload.

  [ Stephen R. Marenka ]
  * m68k: switch to generic siginfo layout.
  * m68k: NPTL support.

  [ dann frazier ]
  * compat: Make compat_alloc_user_space() incorporate the access_ok()
    (CVE-2010-3081)
  * x86-64, compat (CVE-2010-3301):
    - Retruncate rax after ia32 syscall entry tracing
    - Test %rax for the syscall number, not %eax
  * wireless extensions: fix kernel heap content leak (CVE-2010-2955)
  * KEYS (CVE-2010-2960):
    - Fix RCU no-lock warning in keyctl_session_to_parent()
    - Fix bug in keyctl_session_to_parent() if parent has no session keyring

 -- dann frazier <dannf@debian.org>  Fri, 17 Sep 2010 15:27:04 -0600

linux-2.6 (2.6.32-22) unstable; urgency=low

  [ Ian Campbell ]
  * xen: backport pvhvm drivers from upstream.
  * Fixes/overrides for Lintian warnings:
    - Add "(meta package)" to short description of linux-headers
      metapackages, resolves empty-binary-package.
    - Add dependency on ${misc:Depends} to all packages, resolves
      debhelper-but-no-misc-depends. Required update to gencontrol.py to
      augment rather than override headers_arch_depends read from templates.
    - Override dbg-package-missing-depends for linux-image-*-dbg. It is not
      necessary to install the kernel image package to use the dbg package
      since the dbg package already contains a complete image with symbols.

  [ Ben Hutchings ]
  * [x86/xen] Restore stack guard page (CVE-2010-2240)
  * Add stable 2.6.32.21:
    - ext4: consolidate in_range() definitions (CVE-2010-3015)
    - mm: make the mlock() stack guard page checks stricter
      (avoids regression for Xen tools; closes: 594756)
    - [sparc] sunxvr500: Ignore secondary output PCI devices
      (Closes: #594604)
    - ocfs2: fix o2dlm dlm run purgelist (Closes: #593679)
    - Avoid ABI change in mm
    - Ignore ABI change in snd-emu10k1
  * Add drm changes from stable 2.6.34.6:
    - drm: stop information leak of old kernel stack (CVE-2010-2803)
  * rt2870sta: Add more device IDs from vendor drivers
  * rt2860sta, rt2870sta: Enable channels 12-14 (Closes: #594561)
  * SCSI/mptsas: fix hangs caused by ATA pass-through (Closes: #594690)
  * sky2: Apply fixes and new hardware support from 2.6.33-2.6.35
    (Closes: #571526)
  * postinst: Really warn users on upgrade if the current configuration may
    rely on running a default boot loader.
  * input: add compat support for sysfs and /proc capabilities output
    (Closes: #579017)
  * snd-hda-intel: Add support for VIA V1708S, VT1718S, VT1828S, VT2020,
    VT1716S, VT2002P, VT1812, VT1818S
  * hwmon/w83627ehf: Add support for W83667HG-B
  * 3c59x: Fix deadlock in vortex_error() (Closes: #595554)
  * [x86] paravirt: Add a global synchronization point for pvclock (from
    2.6.32.16; reverted due to a regression which was addressed in 2.6.32.19)
  * sched, cputime: Introduce thread_group_times() (from 2.6.32.19; reverted
    due to the potential ABI change which we now carefully avoid)
  * net/{tcp,udp,llc,sctp,tipc,x25}: Add limit for socket backlog
    (Closes: #592187)
  * tun: Don't add sysfs attributes to devices without sysfs directories
    (Closes: #594845)
  * [x86] Add brcm80211 driver for Broadcom 802.11n wireless network
    controllers
  * r8169: Remove MODULE_FIRMWARE declarations since the firmware is
    non-essential and we do not distribute it
  * [x86] HPET: unmap unused I/O space
  * ipheth: add support for iPhone 4
  * ipheth: remove incorrect devtype of WWAN
  * ALSA: emux: Add trivial compat ioctl handler (Closes: #596478)
  * hostap_pci: set dev->base_addr during probe (Closes: #595802)
  * ethtool: allow non-netadmin to query settings (see #520724)
  * ACPI: add boot option acpi=copy_dsdt to fix corrupt DSDT, and enable this
    automatically for known-bad Toshiba models (Closes: #596709)

  [ Bastian Blank ]
  * Use Breaks instead of Conflicts.

  [ Aurelien Jarno ]
  * [mips,mipsel] Fix computation of DMA flags from device's 
    coherent_dma_mask.

  [ Martin Michlmayr ]
  * Add some patches from the Orion tree:
    - OpenRD: Enable SD/UART selection for serial port 1
    - kirkwood: Unbreak PCIe I/O port
    - Kirkwood: support for Seagate DockStar

  [ dann frazier ]
  * netxen_nic: add support for loading unified firmware images
  * irda: Correctly clean up self->ias_obj on irda_bind() failure.
    (CVE-2010-2954)

  [ maximilian attems ]
  * [powerpc] Enable WINDFARM_PM121. (closes: #596515)
    Thanks Étienne BERSAC <bersace03@gmail.com>
  * nouveau: disable acceleration on NVA3/NVA5/NVA8 by default.
  * openvz: disable KSM. Thanks Dietmar Maurer <dietmar@proxmox.com>.
    (closes: #585864)
  * Update openvz patch to d38b56fd0dca.
  * openvz: enalbe modular VZ_EVENT.

 -- maximilian attems <maks@debian.org>  Tue, 14 Sep 2010 14:17:11 +0200

linux-2.6 (2.6.32-21) unstable; urgency=high

  [ Ben Hutchings ]
  * Add stable 2.6.32.19:
    - ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
      (CVE-2010-2066)
    - mm: keep a guard page below a grow-down stack segment (CVE-2010-2240)
      (not applied to xen featureset)
    - md/raid10: fix deadlock with unaligned read during resync
      (Closes: #591415)
    - Revert "sched, cputime: Introduce thread_group_times()" which would
      result in an ABI change
  * Add stable 2.6.32.20:
    - Fix regressions introduced by original fix for CVE-2010-2240
  * Add drm and other relevant changes from stable 2.6.34.4
  * Add 'breaks' relation from image packages to boot loader packages that
    do not install required hooks (Closes: #593683)
  * [x86] i915: Blacklist i830, i845, i855 for KMS
    (Closes: #568207, #582105, #593432, #593507)

  [ Bastian Blank ]
  * Update Xen patch.
    - Notify Xen on crash.
    - Several blktap fixes.

  [ Ritesh Raj Sarraf ]
  * Add .gnu_debuglink information into kernel modules (Closes: #555549)

  [ Ian Campbell ]
  * [x86/xen] temporarily remove stack guard page, it breaks the xen
    toolstack.

  [ Aurelien Jarno ]
  * [mips,mipsel] Fix 64-bit atomics.

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 25 Aug 2010 01:06:18 +0100

linux-2.6 (2.6.32-20) unstable; urgency=low

  [ Moritz Muehlenhoff ]
  * Backport XVR1000 driver (Closes: #574243)

  [ Ben Hutchings ]
  * Add stable 2.6.32.18:
    - CIFS: Fix compile error with __init in cifs_init_dns_resolver()
      definition (FTBFS for most architectures)
    - GFS2: rename causes kernel Oops (CVE-2010-2798)
    - xfs: prevent swapext from operating on write-only files
      (CVE-2010-2226)
  * Update debconf template translations:
    - Swedish (Martin Bagge) (Closes: #592045)
    - German (Holger Wansing) (Closes: #592226)
  * [i386/openvz-686] Remove AMD Geode LX and VIA C3 "Nehemiah" from the
    list of supported processors; they do not implement PAE
  * V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver (Closes: #591710)
  * [s390] dasd: use correct label location for diag fba disks
    (Closes: #582281)
  * Add drm changes from stable 2.6.34.2 (thanks to Stefan Bader) and
    2.6.34.3
  * drm/i915: disable FBC when more than one pipe is active
    (Closes: #589077)
  * IB/ipath: Fix probe failure path (Closes: #579393)
  * ext4: fix freeze deadlock under IO (regression introduced in 2.6.32.17)
  * xen: Completely disable use of XSAVE (Closes: #592428)

  [ Martin Michlmayr ]
  * [armel/orion5x] Add a missing #include to fix a build issue.
  * [armel/kirkwood, armel/orion5x] Build-in support for more devices.

  [ dann frazier ]
  * can: add limit for nframes and clean up signed/unsigned variables

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 12 Aug 2010 03:26:39 +0100

linux-2.6 (2.6.32-19) unstable; urgency=low

  [ maximilian attems ]
  * inotify send IN_UNMOUNT events.
  * inotify fix oneshot support.

  [ Ben Hutchings ]
  * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996)
  * pata_pdc202xx_old: Fix UDMA mode for PDC2024x and PDC2026x controllers
    (Closes: #590532)
  * Update debconf template translations:
    - Czech (Michal Simunek) (Closes: #590546)
    - Portugese (Américo Monteiro) (Closes: #590557)
    - French (David Prévot) (Closes: #591149)
    - Russian (Yuri Kozlov) (Closes: #591241)
  * Add stable 2.6.32.17:
    - ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL
      (CVE-2010-2478)
    - GFS2: Fix up system xattrs (CVE-2010-2525)
    - Revert ABI changes in firmware_class and ssb
    - Ignore ABI changes in acpi_processor, hostap and jbd2
  * Add drm changes from stable 2.6.33.7:
    - drm/i915: Enable low-power render writes on GEN3 hardware (915, 945,
      G33 and Atom "Pineview") (Closes: #590193, maybe others)
  * [i386/xen-686] Remove AMD Geode LX and VIA C3 "Nehemiah" from the list
    of supported processors; they do not implement PAE
  * [x86] Add samsung-laptop driver

  [ dann frazier ]
  * [ia64] Fix crash when gcore reads gate area (Closes: #588574)

  [ Bastian Blank ]
  * Update Xen patch.
    - Ignore ABI changes.

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 05 Aug 2010 02:43:19 +0100

linux-2.6 (2.6.32-18) unstable; urgency=low

  [ Ben Hutchings ]
  * iwlwifi: Allocate pages for RX buffers, reducing the probability of
    allocation failure (Closes: #580124)
  * postinst: Remove support for 'default' boot loaders. Warn users on
    upgrade if the current configuration may rely on this.
  * rt2860sta, rt2870sta: Apply changes from Linux 2.6.33 and 2.6.34
    - rt2860sta: Fix WPA(2)PSK issue when group cipher of AP is WEP40
      or WEP104 (Closes: #574766)
  * rt3090sta: Replace with rt2860sta (Closes: #588863)
  * [i386/686] Remove AMD K6 from the list of supported processors; it
    does not implement the CMOV instruction
  * drm/i915: Add 'reclaimable' to i915 self-reclaimable page allocations
    (really closes: #534422, we hope)
  * Revert "x86, paravirt: Add a global synchronization point for pvclock",
    included in stable 2.6.32.16 (Closes: #588426)
  * 3c59x: Fix call to mdio_sync() with the wrong argument (Closes: #589989)

  [ Martin Michlmayr ]
  * Add some patches from the Orion tree, including support for Marvell's
    Armada 300 (88F6282):
    - Kirkwood: update MPP definition.
    - Kirkwood: fix HP t5325 after updating MPP definitions
    - leds: leds-gpio: Change blink_set callback to be able to turn off
      blinking
    - net/phy/marvell: Expose IDs and flags in a .h and add dns323 LEDs
      setup flag
    - orion5x: Base support for DNS-323 rev C1
    - orion5x: Fix soft-reset for some platforms
    - mtd: orion/kirkwood: add RnB line support to orion mtd driver
    - mtd: kirkwood: allow machines to register RnB callback
    - Kirkwood: add support for rev A1 of the 88f6192 and 88f6180 chips
    - Kirkwood: Add support for 88f6282
    - PCI: add platform private data to pci_sys_data
    - Kirkwood: add support for PCIe1
    - Kirkwood: more factorization of the PCIe init code

  [ maximilian attems ]
  * sched: Fix over-scheduling bug.

 -- Ben Hutchings <ben@decadent.org.uk>  Fri, 23 Jul 2010 03:48:08 +0100

linux-2.6 (2.6.32-17) unstable; urgency=low

  [ maximilian attems ]
  * agp: add no warn since we have a fallback to vmalloc paths.

  [ Ben Hutchings ]
  * linux-tools: Fix build for hppa and do not attempt to build for
    architectures where perf events are not available (Closes: #588409)
  * linux-tools: Add build-dependency on binutils-dev to enable symbol
    demangling in perf
  * drm/i915: Fix memory corruption on resume from hibernation
    (Closes: #534422)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 10 Jul 2010 16:40:38 +0100

linux-2.6 (2.6.32-16) unstable; urgency=low

  [ dann frazier ]
  * [hppa] clear floating point exception flag on SIGFPE signal
    (Closes: #559406)

  [ Ben Hutchings ]
  * Add stable 2.6.32.15
  * Add mantis and hopper DVB drivers with mb86a16 and tda665x DVB
    front-ends, backported by Bjørn Mork (Closes: #577264)
  * Build inet_lro as a module
  * [sparc] Enable CONFIG_FB_XVR500, CONFIG_FB_XVR2500 (Closes: #508108)
  * Update Spanish debconf templates, thanks to Omar Campagne
    (Closes: #580538)
  * Revert "Add EC path for Thinkpad X100."; it is incomplete and broken
  * sctp: fix append error cause to ERROR chunk correctly (regression due
    to fix for CVE-2010-1173)
  * [powerpc] Enable pata_amd driver, replacing amd74xx
  * eeepc-laptop: Disable wireless hotplug on more models where the
    controller is not at the expected address (Closes: #576199)
  * [mips] Fix boot from ATA hard drives (Closes: #584784):
    - Set io_map_base for several PCI bridges lacking it
    - Replace per-platform built-in IDE drivers with libata-based drivers
    - Enable BLK_DEV_SD as built-in on all platforms
  * Revert "vlan/macvlan: propagate transmission state to upper layers"
    (Closes: #585770)
  * linux-base: Don't identify LVM2 PVs by UUID (Closes: #585852)
  * usb-serial: Add generic USB WWAN code, backported by Mark Hymers
    (Closes: #585661)
    - option, qcserial: Use generic USB WWAN code
    - qcserial: Add support for Qualcomm Gobi 2000 devices
  * radeon: Fix MacBook Pro connector quirk (Closes: #585943)
  * r8169: Fix MDIO timing (Closes: #583139)
  * Move NEWS to linux-latest-2.6 (Closes: #586401)
  * 3c59x: Change locking to avoid use of disable_irq() (Closes: #586967)
  * Enable IPv6 support for IPVS (IP_VS_IPV6) (Closes: #584549)
  * Revert "tpm: autoload tpm_tis based on system PnP IDs", included in
    stable 2.6.32.12 (Closes: #584273)
  * linux-base: If the disk ID update process fails, give the user a
    chance to retry or change their answers (Closes: #585609)
  * asix: fix setting mac address for AX88772 (Closes: #587580)
  * ipv6: Clamp reported valid_lft to a minimum of 0 (Closes: #514644)
  * ipv6: Use interface max_desync_factor instead of static default
    (Closes: #514646)
  * Add stable 2.6.32.16:
    - Fixes CVE-2010-1641, CVE-2010-1187, CVE-2010-1148, CVE-2010-1173
      and CVE-2010-2071
    - libata: disable ATAPI AN by default (Closes: #582737, #582903)
  * Add drm changes from stable 2.6.33.6
  * [ia64, powerpc, sparc, x86] Enable KPROBES and KRETPROBES
    (Closes: #584130)
  * r8192s_usb: Fix various bugs:
    - Check for skb allocation failure in 2 more places
    - Update LED control code
    - Clean up in case of an error in module initialisation
    - Rename and remove proc directories correctly if an interface is
      not called wlan0 (Closes: #582972)
    - Correct device ID table (Closes: #584945, #587985)
  * Add r8192u_usb driver
  * Add linux-tools-<version> package containing the perf tool
    (Closes: #548715)
  * Enable USB_SERIAL_TI (Closes: #588096) and USB_SERIAL_WHITEHEAT

  [ Aurelien Jarno ]
  * [sh4] optimize runtime disabling of trapped I/O. 
  * [mips] backport mips/swarm: fix M3 TLB exception handler.

  [ Moritz Muehlenhoff ]
  * Enable X86 board specific fixups for reboot (Closes: #536537)

  [ Martin Michlmayr ]
  * OpenRD-Base: revert patch "allow SD/UART1 selection" since it
    never made it upstream.
  * ARM: update mach types.
  * Add support for OpenRD-Ultimate.
  * QNAP TS-11x/TS-21x: Add MPP36 (RAM) and MPP44 (board ID).
  * Add support for the HP t5325 Thin Client.
  * m25p80: Add support for Macronix 25L8005.
  * Add framebuffer driver for XGI chipsets.
  * [armel/kirkwood] Enable FB_XGI and FRAMEBUFFER_CONSOLE.
  * [armel] Make MOUSE_PS2 modular.
  * [armel] Build INPUT_UINPUT for all flavours.
  * Update Marvell CESA (mv_cesa) driver (Closes: #585790):
    - Invoke the user callback from a softirq context
    - Remove compiler warning in mv_cesa driver
    - Fix situation where the dest sglist is organized differently than...
    - Fix situations where the src sglist spans more data than the reques...
    - Enqueue generic async requests
    - Rename a variable to a more suitable name
    - Execute some code via function pointers rathr than direct calls
    - Make the copy-back of data optional
    - Support processing of data from previous requests
    - Add sha1 and hmac(sha1) async hash drivers
  * Update DisplayLink (udlfb) driver:
    - add dynamic modeset support
    - checkpatch cleanup
    - reorganize function order
    - pre-allocated urb list helpers
    - clean up function naming
    - Add functions to expose sysfs metrics and controls
    - Rework startup and teardown to fix race conditions
    - improved rendering performance
    - Support for fbdev mmap clients (defio)
    - explicit dependencies and warnings
    - remove printk and small cleanup
  * [armel/kirkwood] Enable FB_UDL.
  * [armel] Disable PARPORT_PC (Closes: #588164)

  [ Bastian Blank ]
  * Disable mISDN support for NETJet cards. The driver binds a generic PCI
    bridge.
  * Disable ISDN4Linux drivers.

  [ maximilian attems]
  * Update openvz patch to 5fd638726a69.

 -- Ben Hutchings <ben@decadent.org.uk>  Mon, 05 Jul 2010 22:13:33 +0100

linux-2.6 (2.6.32-15) unstable; urgency=low

  [ Ben Hutchings ]
  * [hppa] Ignore ABI change caused by disabling CONFIG_IDE_TIMINGS
  * [powerpc] Fix unnecessary ABI change

  [ Bastian Blank ]
  * xen: Fix crash in netback.

 -- Ben Hutchings <ben@decadent.org.uk>  Tue, 01 Jun 2010 01:31:05 +0100

linux-2.6 (2.6.32-14) unstable; urgency=low

  [ Ben Hutchings ]
  * [ia64] Hardcode the output of the scripts under arch/ia64/scripts so
    that we can build out-of-tree modules correctly (refresh and re-add
    dropped patch) (Closes: #392592)
  * vlan/macvlan: propagate transmission state to upper layers
  * macvlan: add GRO bit to features mask
  * macvlan: allow multiple driver backends
  * Add macvtap driver (Closes: #568755)
  * [ia64] Enable SGI SN support and mspec driver (Closes: #582224)
  * iwlwifi: Disable QoS when connected to a non-QoS-capable AP
    (Closes: #578262)
  * [x86] Disable e_powersaver cpufreq driver as unsafe. It has already
    been blacklisted by cpufrequtils. The acpi-cpufreq driver can be used
    instead on some VIA C7 systems. (Closes: #566208)
  * nouveau: Fix fbcon corruption with font width not divisible by 8
    (Closes: #583162)
  * [amd64] ext4: Fix compat EXT4_IOC_ADD_GROUP (used by online resize)
  * Install debug kernel image in /usr/lib/debug/boot (Closes: #582810)
  * net: sysfs: Check for null ethtool_ops before getting speed/duplex
  * Add stable 2.6.32.14:
    - [hppa] Revert "parisc: Set PCI CLS early in boot.", erroneously
      included in 2.6.32.13 causing FTBFS
    - btrfs: check for read permission on src file in the clone ioctl
      (CVE-2010-1636)

  [ Bastian Blank ]
  * Update Xen patch.
    - Fix checksum offloading in netback. (closes: #583366)

  [ maximilian attems]
  * Add drm changes from stable 2.6.33.5:
    - i915: Disable FBC on 915GM and 945GM (Closes: #582427)
  * Update openvz patch to e7399c239fad.

  [ Martin Michlmayr ]
  * QNAP TS-419P: Export GPIO indicating jumper setting of JP1.

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 29 May 2010 00:32:44 +0100

linux-2.6 (2.6.32-13) unstable; urgency=low

  [ Frederik Schueler ]
  * sparc: Fix use of uid16_t and gid16_t in asm/stat.h

  [ Moritz Muehlenhoff ]
  * Enable tomoyo (Closes: #562486)

  [ maximilian attems]
  * backport KVM: x86: Extend KVM_SET_VCPU_EVENTS with selective updates.
    (closes: #580652)
  * KEYS: find_keyring_by_name() can gain access to a freed keyring.
    CVE-2010-1437
  * hppa, sparc, powerpc disable BLK_DEV_CMD64X.
  * topconfig enable PATA_CMD64X. (closes: #580799)
  * x86: Disable CRYPTO_AES_NI_INTEL as it causes boot failures on T410.
  * Add stable 2.6.32.13:
    - [SCSI] Enable retries for SYNCRONIZE_CACHE commands to fix I/O error.
    - [SCSI] Retry commands with UNIT_ATTENTION sense codes to fix ext3/ext4
      I/O errors.
    - [SCSI] skip sense logging for some ATA PASS-THROUGH cdbs
      (Closes: #578129)
    - raid6: fix recovery performance regression.
    - raid456: Enable error-correction on singly-degraded RAID6
      (Closes: #581392)
    - r8169: fix broken register writes (Closes: #407217, #573007)
    - V4L/DVB: budget: Fix crash in case of failure to attach frontend
      (Closes: #575207)
  * drm/edid: Fix 1024x768@85Hz.

  [ Ben Hutchings ]
  * linux-base: Fix typo in disk relabelling code (Closes: #580467)
  * linux-base: Don't quote boot device name in elilo.conf
    (Closes: #580710; works-around: #581173)
  * rtl8192su: Add IDs for several more devices (Closes: #580740)
  * Add drm and sfc changes from stable 2.6.33.4
  * Improve workaround for HPAs (Host Protected Areas) overlapping
    partitions, thanks to Tejun Heo:
    - SCSI/libata: Disable HPA if it overlaps a partition (Closes: #572618)
    - buffer: Make invalidate_bdev() drain all percpu LRU add caches
    - block: Rescan partition tables after HPA is disabled
    - libata: Disable HPA if it is only enabled after suspend
  * V4L/DVB: budget: Select correct frontend drivers (Closes: #575223)
  * 3c503: Fix IRQ probing (Closes: #566522)
  * sis-agp: Remove SIS 760, handled by amd64-agp
  * amd64-agp: Probe unknown AGP devices the right way (Closes: #548090)

  [ Aurelien Jarno ]
  * mips/swarm: fix boot from IDE based media (Sebastian Andrzej Siewior)
    (closes: #466977).
  * backport mips/swarm: fix M3 TLB exception handler.
    [This patch was actually reverted and never applied in version 2.6.32-13]
  * backport MIPS FPU emulator: allow Cause bits of FCSR to be writeable
    by ctc1. (closes: #580602).
  * mips/swarm: enable adm* hwmon drivers.
  * backport Input: Add support of Synaptics Clickpad device (Closes: #572842)

  [ Bastian Blank ]
  * Fix symlinks in several packages.
  * Update Xen patch.
  * [amd64, i386/{686-bigmem,openvz-686,vserver-686-bigmem,xen-686}]
    Build debugging symbols. (closes: #365349)
  * Ignore crypto ABI changes.

  [ Martin Michlmayr ]
  * Backport GuruPlug support.

  [ Christian Perrier ]
  * Update debconf templates:
    - English revised by the debian-l10n-english team as part of the Smith
      review project (Closes: #578349)
    - Vietnamese (Clytie Siddall) (Closes: #579234)
    - German (Holger Wansing) (Closes: #579864)
    - Russian (Yuri Kozlov) (Closes: #578994)
    - Estonian (mihkel) (Closes: #579019)
    - Czech (Michal Simunek) (Closes: #579268)
    - Swedish (Martin Bagge) (Closes: #579308)
    - French (David Prévot) (Closes: #579763)
    - Spanish (Omar Campagne) (Closes: #580538)
    - Portuguese (Américo Monteiro) (Closes: #577227)
    - Japanese (Kenshi Muto) (Closes: #580855)
    - Danish (Joe Hansen) (Closes: #580915)
    - Czech (Michal Simunek) (Closes: #581399)

 -- maximilian attems <maks@debian.org>  Mon, 17 May 2010 15:29:27 +0200

linux-2.6 (2.6.32-12) unstable; urgency=low

  * The "Microwave Background" release

  [ Ben Hutchings ]
  * Prepare debconf templates for translation. (closes: #576758)
  * [x86] PCI/forcedeth: Disable MSI for MCP55 on P5N32-E SLI
    (Closes: #552299)
  * phylib: Fix typo in bcm63xx PHY driver table
  * linux-base: Fix bugs and improve libata transition code:
    - Fix scope of _system() function (Closes: #576925)
    - Fix case where a file may wrongly be listed as automatically converted
      (Closes: #577047)
    - Check device IDs in mdadm.conf rather than assuming it needs manual
      conversion
    - Use vol_id if available since the version of blkid in lenny does not
      support the output format we need (Closes: #576608)
    - Fix missing line breaks in updated crypttab (Closes: #577735)
  * i915: Stop trying to use ACPI lid status to determine LVDS connection
    (Closes: #577724)
  * forcedeth: Fix hardware version check for TX bug workaround
    (Closes: #572201)
  * rndis_host: Poll status channel before control channel (Closes: #576929)
  * megaraid_sas: Fix copying of sense data for 32-bit management tools on
    64-bit kernel (Closes: #578398)
  * Add ipheth driver for iPhone tethering
  * virtio_net: Make delayed refill more reliable (Closes: #576838)

  [ maximilian attems]
  * [ia64] Built in fbcon.
  * Update openvz patch to c05f95fcb04e. (closes: #574598)
  * Reenable nouveau autoloading.
  * reiserfs: Fix permissions on .reiserfs_priv. CVE-2010-1146
  * libata,ata_piix: detect and clear spurious IRQs.
  * libata/SCSI: fix locking around blk_abort_request().
  * topconfig enable NET_DROP_MONITOR. (closes: #578568)
  * Add stable 2.6.32.12:
    - ACPI: EC: Allow multibyte access to EC; fixes temperature monitoring
      on some Dell laptops (Closes: #563313)
    - [x86] KVM: disable paravirt mmu reporting (Closes: #573071)
    - thinkpad-acpi: lock down video output state access (Closes: #565790)
    - xfs update (closes: #579410)
  * Add drm changes from stable 2.6.33.3:
    - drm/radeon: R300 AD only has one quad pipe (Closes: #575681)
  * libata: Fix accesses at LBA28 boundary (old bug, but nasty) (v2)
  * Add EC path for Thinkpad X100.
  * Bump ABI to 5, apply:
    - hrtimer: Tune hrtimer_interrupt hang logic
  * Add libata TRIM support.
  * Backport radeon r800 modesetting support.
  * drm/radeon/kms: further spread spectrum fixes.
  * Backport p54 fixes.
  * net: export device speed and duplex via sysfs.
  * postrm: rm modules.softdep. (closes: #579175)
  * Backport KVM: Xen PV-on-HVM guest support.
  * Backport KVM: x86: Add KVM_GET/SET_VCPU_EVENTS.
  * hugetlb: fix infinite loop in get_futex_key() when backed by huge pages
  * ext4: Issue the discard operation *before* releasing the blocks to be
    reused.
  * libiscsi: regression: fix header digest errors.
  * Revert module.c and module.h changes from -stable update.

  [ dann frazier ]
  * Add DRBD backport
  * sctp: Fix skb_over_panic resulting from multiple invalid parameter
    errors (CVE-2010-1173)
  * [CIFS] Allow null nd (as nfs server uses) on create (CVE-2010-1148)
  * tipc: Fix oops on send prior to entering networked mode (CVE-2010-1187)
  * [powerpc] KGDB: don't needlessly skip PAGE_USER test for Fsl booke
    Note: KGDB is not currently enabled in debian builds (CVE-2010-1446)

  [ Aurelien Jarno ]
  * [sh4] Add a sh7751r flavour.
  * [mips/*malta] Remove options that are present in topconfig.

  [ Martin Michlmayr ]
  * dns323-setup.c: fix WARN() when booting (Arnaud Patard).
  * mips: enable PATA platform on SWARM and LITTLESUR (Sebastian Andrzej
    Siewior).
  * [mips/sb1-bcm91250a] Enable PATA_PLATFORM.

  [ Bastian Blank ]
  * Update Xen patch.

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 01 May 2010 02:58:31 +0100

linux-2.6 (2.6.32-11) unstable; urgency=low

  [ Ben Hutchings ]
  * [sparc] Provide io{read,write}{16,32}be() (Closes: #574421)
  * Use libata-based drivers for most PATA controllers on all architectures
    (previously applied only to x86)
  * linux-base: Fix bugs and improve libata transition code:
    - Handle duplicates in /etc/udev/rules.d/70-persistent-cd.rules
      (Closes: #574630)
    - Always attempt conversion if $DEBCONF_RECONFIGURE is set
    - Never attempt conversion during a fresh installation (Closes: #576243)
    - Convert disk IDs in crypttab (Closes: #575056)
    - Redirect stdin and stdout of child processes to avoid interfering with
      debconf (Closes: #574987)
    - Report when hdparm.conf or mdadm.conf may need to be updated
      (Closes: #576442)
    - Where a device has both a UUID and a label, prefer to identify it by
      UUID, consistent with fresh installations
    - Do not use device labels including certain unsafe characters
      (Closes: #576537)
  * iwlwifi: Fix repeated warnings about tfds_in_queue (Closes: #574526)
  * eeepc-laptop: Disable CPU speed control on 701 and 702 since it can
    cause the system to hang (Closes: #559578)
  * eeepc-laptop: Disable wireless hotplug on 1005HA, 1201N and 1005PE
    since it disconnects the wrong device (Closes: #573607)
  * linux-headers-*: Support postinst hooks in /etc/kernel/header_postinst.d,
    thanks to Michael Gilbert (Closes: #569724)
  * rt2860sta: Fix argument to linux_pci_unmap_single() (Closes: #575726)
  * nouveau: nv50: Implement ctxprog/state generation
  * phylib: Support PHY module autoloading (Closes: #553024)
  * [x86] Add ramzswap driver (Closes: #573912)

  [ maximilian attems]
  * [alpha, hppa] Disable oprofile as tracing code is unsupported here.
    (closes: #574368)
  * Update openvz patch to 14a9729fab67. (closes: #574598, #575189)
  * [x86]: Disable FB_INTEL. (closes: #447575, #503766, #574401)
  * ssb: do not read SPROM if it does not exist.
  * ssb: Avoid null pointer dereference by aboves.
  * Add stable 2.6.32.11.
    - MIPS: Cleanup forgotten label_module_alloc in tlbex.c (Closes: #571305) 	
    - ath5k: fix setup for CAB queue (closes: #576213)
    - NFS: Prevent another deadlock in nfs_release_page() (Closes: #574348)
  * Revert to keep ABI:
    - hrtimer: Tune hrtimer_interrupt hang logic

  [ Moritz Muehlenhoff ]
  * Add support for sh4 architecture, patch by Nobuhiro Iwamatsu
  (Closes: #569034)

  [ Bastian Blank ]
  * Update Xen patch.
    - Fix free interrupt problem on uni-processor machines.

  [ Ian Campbell ]
  * Include Xen hypervisor in reportbug "related to" list.

 -- maximilian attems <maks@debian.org>  Mon, 05 Apr 2010 20:31:15 +0200

linux-2.6 (2.6.32-10) unstable; urgency=low
  
  * The "Big Bang" release

  [ maximilian attems]
  * tcp: fix ICMP-RTO war.
  * Add stable 2.6.32.10.
    - net/via-rhine: Fix scheduling while atomic bugs (closes: #549606)
    - HID: remove TENX iBuddy from blacklist (Closes: #551312)
    - USB: SIS USB2VGA DRIVER: support KAIREN's USB VGA adaptor
      USB20SVGA-MB-PLUS (Closes: #565857)
  * Bump ABI to 4.
  * [x86] Add openvz flavour.
    - adds ppp support (closes: #550975)
  * Prevent nouveau from autoloading until xserver-xorg-video-nouveau lands.
 
  [ Moritz Muehlenhoff ]
  * Enable CONFIG_KEYS_DEBUG_PROC_KEYS (Closes: #400932)
  * Amend README.source with documentation on how to generate a 
    source tree with all patches applied (Closes: #509156)
  * Document needed packages for preparatory packaging
    steps (Closes: #548028)

  [ Aurelien Jarno ]
  * Fix signal stack alignement on sparc64 (Closes: #569797)
  
  [ Bastian Blank ]
  * Add support for Xen dom0 into its featureset.
    (Closes: #499745, #503857, #504805, #505545, #506118, #507785, #509085,
     #509733, #511963, #513835, #514511, #516223, #516374, #516635, #517048,
     #519586, #520702, #522452, #524571, #524596, #526695, #533132, #533432,
     #534880, #534978, #541227, #542299, #542614, #543489, #544525, #548345,
     #554564, #554621, #559175, #559634)
  * [alpha, amd64, i386, amd64, powerpc] Make all AGP driver built-in to
    workaround race-condition between DRM and AGP.

  [ Ben Hutchings ]
  * drm: Apply all changes from 2.6.33 and 2.6.33.1:
    - Add nouveau driver
    - i915: Fix disappearing mouse pointer (Closes: #551330)
    - i915: Restore video overlay support (Closes: #560033)
    - i915: Fix DDC on some systems by clearing BIOS GMBUS (Closes: #567747)
    - radeon: Enable KMS support
  * qla2xxx: Disable MSI/MSI-X on some chips or as selected by module parameter
    (Closes: #572322)
    - MSI is disabled on QLA24xx chips other than QLA2432 (MSI-X already was)
    - MSI-X is disabled if qlx2enablemsix=2
    - MSI and MSI-X are disabled if qlx2enablemsix=0
  * [sparc64] Make prom entry spinlock NMI safe (Closes: #572442)
  * firmware: Correct copyright information and add source for CIS files
  * Fix first line of kernel-doc for a few functions so that they get valid
    manual pages
  * Remove /usr/include/drm from linux-libc-dev; let libdrm-dev provide it
    again
  * [x86] Enable rtl8192su driver using external firmware
  * [x86] Use libata-based drivers for most PATA controllers (Closes: #444182):
    - pata_triflex replaces triflex
    - pata_atiixp replaces atiixp
    - pata_ns87415 replaces ns87415
    - pata_sc1200 replaces sc1200
    - pata_cs5536 replaces cs5536
    - pata_amd replaces amd74xx
    - pata_sis replaces sis5513
    - pata_rz1000 replaces rz1000
    - pata_efar replaces slc90e66
    - pata_pdc202xx_old replaces pdc202xx_old
    - pata_pdc2027x replaces pdc202xx_new
    - pata_cs5520 replaces cs5520
    - pata_cs5530 replaces cs5530
    - pata_cmd64x replaces cmd64x
    - pata_sil680 replaces siimage
    - pata_ali replaces alim15x3
    - pata_via replaces via82cxxx
    - pata_serverworks replaces serverworks
    - pata_artop replaces aec62xx
    - pata_it821x replaces it821x
    - ata_piix, pata_oldpiix, pata_mpiix mostly replace piix
    - ata_generic, pata_ns87410, pata_netcell replace ide-pci-generic
  * linux-base: Add libata transition script
  * Hide sensitive information when including network configuration in bug
    reports and running a different kernel version

  [ Martin Michlmayr ]
  * Add some ARM patches from git:
    - Update mach types
    - eSATA SheevaPlug: basic board support
    - eSATA SheevaPlug: configure SoC SATA interface
    - eSATA SheevaPlug: correlate MPP to SD CD and SD WP
  * [armel/kirkwood] Enable MACH_ESATA_SHEEVAPLUG.

 -- maximilian attems <maks@debian.org>  Tue, 16 Mar 2010 23:39:05 +0100

linux-2.6 (2.6.32-9) unstable; urgency=high

  [ Ben Hutchings ]
  * Do not build obsolete lgs8gl5 driver
  * [x86] Enable USB IP drivers (Closes: #568903)
  * Ignore failure of lsusb when gathering information for bug reports
    (Closes: #569725)
  * macvlan: Add bridge, VEPA and private modes (Closes: #568756)
  * [sparc] sunxvr500: Support Intergraph graphics chips again
    (Closes: #508108)
  * sfc: Apply fixes from 2.6.33
  * ath9k: Add support for AR2427
  * fs/exec.c: fix initial stack reservation (regression in 2.6.32.9)

  [ maximilian attems]
  * Postinst don't refercence k-p related manpage. (closes: #542208)
  * Postinst only write kernel-img.conf for palo boxes.
  * Enable VT_HW_CONSOLE_BINDING for unbinding efifb. (closes: #569314)
  * hwmon: Add driver for VIA CPU core temperature.
  * wireless: report reasonable bitrate for MCS rates through wext.
  * efifb: fix framebuffer handoff. (bugzilla.k.o #15151)
  * Add stable 2.6.32.9:
    - drm/i915: Fix DDC on some systems by clearing BIOS GMBUS setup.
      (closes: #567747)
    - futex: Handle futex value corruption gracefully. (CVE-2010-0623)
    - futex_lock_pi() key refcnt fix. (CVE-2010-0623)
    - Staging: fix rtl8187se compilation errors with mac80211.
      (closes: #566726)
  * r8169 patch for rx length check errors. (CVE-2009-4537)
  * vgaarb: fix incorrect dereference of userspace pointer.
  * Bump ABI to 3.
  * drm/i915: give up on 8xx lid status.
  * vgaarb: fix "target=default" passing.
  * drm/radeon: block ability for userspace app to trash 0 page and beyond.
    (closes: #550562)

  [ Bastian Blank ]
  * Restrict access to sensitive SysRq keys by default.
  * debian/rules.real: Install arch specific scripts.

  [ Moritz Muehlenhoff ]
  * Set source format to 1.0

  [ Martin Michlmayr ]
  * [armel/iop32x] Enable ARCH_IQ80321 and ARCH_IQ31244 (Thanks Arnaud
    Patard).
  * [armel/kirkwood] Disable MTD_NAND_VERIFY_WRITE to avoid errors
    with ubifs on OpenRD (Thanks Gert Doering) (Closes: #570407)
  * OpenRD-Base: allow SD/UART1 selection (Closes: #571019)
  * D-Link DNS-323 revision A1: implement power LED (Closes: 503172).

 -- maximilian attems <maks@debian.org>  Wed, 24 Feb 2010 17:06:27 +0100

linux-2.6 (2.6.32-8) unstable; urgency=high

  [ Bastian Blank ]
  * Don't let default compiler flags escape into build.

  [ dann frazier ]
  * KVM: PIT: control word is write-only (CVE-2010-0309)
  * Fix potential crash with sys_move_pages (CVE-2010-0415)

  [ Ben Hutchings ]
  * Build lgs8gxx driver along with cxusb (Closes: #568414)
  * Revert incorrect change to powerpc clocksource setup (Closes: #568457)
  * Add stable release 2.6.32.8:
    - Remove TIF_ABI_PENDING bit from x86, sparc & powerpc, fixing
      32-bit userland/64-bit kernel breakage (Closes: #568416)
    - connector: Delete buggy notification code. (CVE-2010-0410)
  * [x86] KVM: Add IOPL/CPL checks to emulator, to prevent privilege
    escalation within a guest. (CVE-2010-0298, CVE-2010-0306)

  [ Martin Michlmayr ]
  * Implement power-off for D-Link DNS-323 rev B1 and fix the blinking
    power LED (Erik Benada) (Closes: #503172).

  [ Aurelien Jarno ]
  * Enable CONFIG_FB_CIRRUS and CONFIG_LOGO on 4kc-malta and 5kc-malta.

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 11 Feb 2010 02:17:17 +0000

linux-2.6 (2.6.32-7) unstable; urgency=low

  [ maximilian attems]
  * [x86] Disable deprecated X86_CPU_DEBUG, causes boot failures.
  * Newer Standards-Version 3.8.4 without changes.

  [ Ben Hutchings ]
  * clocksource/events: Fix fallout of generic code changes
    (Closes: #568030)
  * Set ABI to 2.

  [ dann frazier ]
  * Disable FUNCTION_TRACER due to performance/build issues.
    (Closes: #568025)
  * Split 'flush_old_exec' into two functions (CVE-2010-0307)

 -- dann frazier <dannf@debian.org>  Wed, 03 Feb 2010 18:35:21 -0700

linux-2.6 (2.6.32-6) unstable; urgency=high

  [ Ben Hutchings ]
  * Documentation/3c509: document ethtool support (Closes: #564743)
  * Add MODULE_FIRMWARE declarations to several drivers that lacked them
  * [x86] Update rt2860sta/rt2870sta firmware loader patch
    - Accept 8K versions of rt2870.bin
    - Fix hang on resume
  * [x86] Enable rt3090sta using firmware loader
  * Add stable release 2.6.32.4:
    - untangle the do_mremap() mess (CVE-2010-0291)
    - fasync: split 'fasync_helper()' into separate add/remove functions
      (CVE-2009-4141)
    - kernel/signal.c: fix kernel information leak with print-fatal-signals=1
      (CVE-2010-0003)
    - netfilter: ebtables: enforce CAP_NET_ADMIN (CVE-2010-0007)
    - quota: Fix dquot_transfer for filesystems different from ext4
      (Closes: #566532)
    - audit: Fix memory management bugs (Closes: #562815)
      + fix braindamage in audit_tree.c untag_chunk()
      + fix more leaks in audit_tree.c tag_chunk()
    - ipv6: skb_dst() can be NULL in ipv6_hop_jumbo(). (CVE-2010-0006)
    - Fix DMA mapping for i915 driver (Closes: #558237, #567352)
      + drm: remove address mask param for drm_pci_alloc()
      + agp/intel-agp: Clear entire GTT on startup
  * e1000,e1000e: Discard all fragments of received over-length packets
    (CVE-2009-4536, CVE-2009-4538)
  * Enable the '686' configuration options in '686-vserver' packages and
    the '686-bigmem' configuration options in '686-bigmem-vserver' packages
    (Closes: #566213)
  * Add stable release 2.6.32.5:
    - inotify: do not reuse watch descriptors (Closes: #561880)
    - megaraid_sas: remove sysfs poll_mode_io world writeable permissions
      (CVE-2009-3939) (Closes: #562975)
  * Force distribution=UNRELEASED in debian/bin/test-patches so that it
    works in released source packages
  * Add stable release 2.6.32.6
  * postinst: Enable escape sequences in debconf notes (Closes: #566539)
  * Add 3w-sas driver for LSI 3ware 9750 SAS controllers
  * aufs2: Update to snapshot from 2010-01-25 (Closes: #567391)
  * cdc_ether: Do not set link down initially; not all devices send link
    change interrupts (Closes: #567689)
  * Add stable release 2.6.32.7:
    - clockevent: Don't remove broadcast device on halt or CPU hotplug
      (Closes: #566547)
  * sfc: Apply fixes from 2.6.33-rc{5,6}
  * Set ABI to 1.

  [ Ian Campbell ]
  * xen: Enable up to 32G of guest memory on i386.

  [ Julien Cristau ]
  * drm/i915: disable powersave by default (closes: #564807)

  [ Bastian Blank ]
  * Enable all NCP file system options.
  * [amd64] Make AGP support again built-in to fullfill the not completely
    documented dependency with GART IOMMU support. (closes: #561552)
  * Enable dynamic minor allocations for ALSA, DVB and USB. (closes: #510593)

  [ maximilian attems ]
  * [topconfig] set MEMORY_FAILURE, 9P_FSCACHE, INFINIBAND_IPOIB_CM
    (closes: #565494), ITCO_VENDOR_SUPPORT (closes: #525232), PCIEASPM
    (closes: #545417), HWPOISON_INJECT.
  * Enable easier debugging of Power Managment code. (closes: #478315)
  * Pass `DEB_MAINT_PARAMS' to hook scripts. (closes: #563161)
  * Enable more mobile IPv6 needs. (closes: #528834)

  [ dann frazier ]
  * [vserver] explicitly disable CFS_HARD_LIMITS
  * Enable FUNCTION_TRACER and STACK_TRACER (Closes: #563847)

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 31 Jan 2010 23:09:28 +0000

linux-2.6 (2.6.32-5) unstable; urgency=low

  [ Ben Hutchings ]
  * sfc: Apply fixes from 2.6.33-rc3
  * ath5k: Fix eeprom checksum check for custom sized eeproms
    (Closes: #563136)

  [ maximilian attems ]
  * topconfig unset USB_ISP1362_HCD FTBFS on armel and useless.
    (closes: #564156)
  * topconfig set PATA_ATP867X, PATA_RDC, SND_CS5535AUDIO, PM_RUNTIME,
    ATA_VERBOSE_ERROR, RTC_DRV_WM831X, RTC_DRV_PCF2123, RTC_DRV_AB3100,
    SND_HDA_PATCH_LOADER, DEVTMPFS (closes: #560040).
  * [x86] set RTL8192E, TOPSTAR_LAPTOP, I2C_SCMI.
  * Explicitly disable diverse staging drivers.

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 10 Jan 2010 03:22:23 +0000

linux-2.6 (2.6.32-4) unstable; urgency=low

  [ Ben Hutchings ]
  * Correct comments referring to dpkg --print-installation-architecture
    in maintainer scripts (Closes: #558077)
  * modules: Skip empty sections when exporting section notes
    (Closes: #563036)
  * via-velocity: Give RX descriptors to the NIC later on open or MTU change
    (Closes: #508527)
  * dmfe/tulip: Let dmfe handle DM910x except for SPARC on-board chips
    (Closes: #515533)
  * Add stable release 2.6.32.3:
    - ath5k: fix SWI calibration interrupt storm (may fix #563466)
    - iwl3945: disable power save (Closes: #563693)
    - rt2x00: Disable powersaving for rt61pci and rt2800pci (may fix #561087)

  [ maximilian attems ]
  * topconfig set CAN_EMS_USB, BT_MRVL, BT_MRVL_SDIO, BE2ISCSI, SCSI_PMCRAID,
    SCSI_BFA_FC, USB_GL860, USB_GSPCA_JEILINJ, I2C_SI4713, RADIO_SI4713,
    RADIO_SI470X, DVB_USB_FRIIO, EDAC_I3200, SENSORS_TMP421, SENSORS_WM8350,
    SBC_FITPC2_WATCHDOG, TOUCHSCREEN_MCS5000, UIO_PCI_GENERIC, KSZ8842,
    KS8851, KS8851_MLL, MISDN_AVMFRITZ, MISDN_SPEEDFAX, MISDN_INFINEON,
    MISDN_W6692, MISDN_NETJET, INPUT_WINBOND_CIR, BATTERY_DS2782, MFD_WM831X,
    MFD_MC13783, MTD_SST25L, TOUCHSCREEN_USB_E2I, INPUT_WM831X_ON,
    SENSORS_WM831X, WM831X_WATCHDOG, AB3100_OTP, REGULATOR_WM831X,
    REGULATOR_MC13783, REGULATOR_AB3100, REGULATOR_TPS65023,
    REGULATOR_TPS6507X, VIDEO_SAA7164, DVB_PT1, BACKLIGHT_WM831X,
    SND_HDA_CODEC_CIRRUS, USB_ISP1362_HCD, LEDS_WM831X_STATUS,
    MTD_ONENAND_GENERIC, B43_SDIO, B43_PHY_LP, KEYBOARD_ADP5588, QT2160,
    KEYBOARD_LM8323, KEYBOARD_MAX7359, KEYBOARD_OPENCORES, MOUSE_PS2_SENTELIC,
    WM831X_POWER.
  * [x86] set ACPI_POWER_METER, ACPI_PROCESSOR_AGGREGATOR, SFI,
    EDAC_DECODE_MCE.
  * Set MOUSE_PS2_ELANTECH for various EeePc. (closes: #522920)

  [ dann frazier ]
  * Fix vserver build on ia64 (Closes: #563356)
  * Fix vserver build on s390 (Closes: #563355)

  [ Martin Michlmayr ]
  * Report model information on armel when filing a bug.
  * ARM: Add an earlyprintk debug console (Catalin Marinas)
  * [armel] Enable EARLY_PRINTK.

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 07 Jan 2010 03:33:39 +0000

linux-2.6 (2.6.32-3) unstable; urgency=high

  * The "Not a Suitable Christmas Present" release

  [ Martin Michlmayr ]
  * [armel/orion5x] Build MTD_CFI_AMDSTD into the kernel again since
    it's needed on the D-Link DNS-323 (thanks Manuel Roeder).
    (Closes: #562205)

  [ dann frazier ]
  * Input: ALPS - add support for touchpads with 4-directional button
  * Input: ALPS - add interleaved protocol support (Dell E6x00 series)
    (Closes: #561589)
  * Re-enable vserver

  [ Ben Hutchings ]
  * sfc: Apply changes from 2.6.33-rc1 adding support for SFC9000 family
  * Add stable release 2.6.32.2:
    - KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031)
    - hfs: fix a potential buffer overflow (CVE-2009-4020)
  * radeon: fix crtc vblank update for r600 (regression in 2.6.32.2)
  * ia64: Include <linux/personality.h> header in <asm/fcntl.h>; fixes
    FTBFS
  * r8169: Allow RTL8168D v1 and v2 to be used without firmware files
    (Closes: #561309)
  * Enable vmxnet3 (VMware guest paravirt net driver) (Closes: #562046)

 -- Ben Hutchings <ben@decadent.org.uk>  Thu, 24 Dec 2009 04:28:55 +0000

linux-2.6 (2.6.32-2) unstable; urgency=high

  [ Bastian Blank ]
  * Allow memory hot-add and -remove if possible.
  * Enable USB suspend.
  * Enable kernel samepage merging. (closes: #558200)
  * [s390]
    - Enable SECCOMP.
    - Enable z/VM Watchdog Timer.

  [ Moritz Muehlenhoff ]
  * Disable cryptoloop (Closes: #559755)
  * Initial work on a README.source file as suggested by current policy

  [ Ben Hutchings ]
  * aufs2: Update to snapshot from 2009-12-05
  * postinst: Fix failure paths in check for missing firmware
    (Closes: #560263)
  * atl1c: Fix system hang when link drops (Closes: #559577)
  * netfilter: xtables: fix conntrack match v1 ipt-save output
    (Closes: #556587)

  [ Aurelien Jarno ]
  * Add support for the sparc64 architecture.

  [ dann frazier ]
  * Add stable release 2.6.32.1:
    - ext4: Fix double-free of blocks with EXT4_IOC_MOVE_EXT (CVE-2009-4306)
    - ext4: avoid divide by zero when trying to mount a corrupted file system
      (CVE-2009-4307)
    - ext4: Fix insufficient checks in EXT4_IOC_MOVE_EXT (CVE-2009-4131)

 -- Ben Hutchings <ben@decadent.org.uk>  Wed, 16 Dec 2009 21:42:49 +0000

linux-2.6 (2.6.32-1) unstable; urgency=low

  * New upstream release candidate:
  - Fixes wifi with rt73usb (Closes: #555640)

  [ Martin Michlmayr ]
  * [armel/kirkwood] Turn on USB_SUSPEND (on the request of a SheevaPlug
    user).
  * [mips/4kc-malta, mips/5kc-malta] Compile USB as a module rather than
    into the kernel.

  [ Bastian Blank ]
  * Enable PCI_MSI.
  * [powerpc] Properly enable Apple PMU battery.
  * [mips/mipsel] Drop remaining OSS drivers.
  * [powerpc] Enable PCIe support.
  * Move contents of linux-support package to /usr/share.
  * Make linux-patch package depend against python.
  * Use python-support instead of python-central.
  * Always enable software watchdog support.
  * Always enable complete USB mass storage support.
  * [amd64, powerpc, sparc] Build USB support as module.
  * [amd64] Build AGP support as module.
  * Always enable dummy net driver support.
  * Drop linux-tree package, it have no users left.

  [ Ben Hutchings ]
  * Re-enable accidentally omitted drivers, thanks to Uwe Kleine-König
    (Closes: #558011):
    - Atheros wireless drivers (ar9170, ath5k, ath9k)
    - TI wl12xx wireless drivers (wl1251_spi, wl1251_sdio and wl1271
      replace wl12xx)
    - Silicon Labs Si470x FM Radio Receiver driver (radio-usb-si470x)
  * Add 'removable' option to the mmc module. Setting this to 0 causes
    MMC/SD cards to be assumed non-removable, and filesystems on them
    will remain mounted over a suspend/resume cycle. (Closes: #504391)
  * Add MODULE_FIRMWARE declarations to many drivers that lacked them, so
    that missing firmware will be reported automatically during upgrades
  * atl1e: Remove broken implementation of TSO for TCP/IPv6
    (Closes: #558426) and allow other hardware offloads to be disabled in
    case they are also buggy
  * usbnet: Set link down initially for drivers that update link state
    (Closes: #444043)
  * aufs2: Update to snapshot from 2009-11-29
  * i915: Enable auto-loading even though CONFIG_DRM_I915_KMS is not set

  [ dann frazier ]
  * mac80211 (CVE-2009-4026, CVE-2009-4027):
    - fix two remote exploits
    - fix spurious delBA handling

 -- Bastian Blank <waldi@debian.org>  Sun, 06 Dec 2009 18:17:39 +0100

linux-2.6 (2.6.32~rc8-1~experimental.1) unstable; urgency=low

  [ Ben Hutchings ]
  * New upstream release candidate.
    - slip: Clean up create and destroy	 (Closes: #408635)
    - signal: Fix alternate signal stack check (Closes: #544905)
  * README.Debian: Add brief information about building specific binary
    packages (Closes: #546182)
  * lgs8gxx: Remove firmware for lgs8g75 and use request_firmware() to
    load it
  * r8169: Remove firmware for RTL8168D v1 and v2 and use
    request_firmware() to load it
  * DocBook: Fix build breakage
  * Hide WPA authentication parameters and comments when including network
    configuration in bug reports

  [ Bastian Blank ]
  * [mips] Don't force EMBEDDED on.
  * [sparc] Don't builtin Ext2 support.
  * Enable PERF_EVENTS, EVENT_PROFILE, CRYPTO_VMAC, CRYPTO_GHASH, TREE_RCU.
  * Use SLUB as default SLAB allocator.

  [ Martin Michlmayr ]
  * [armel] Make some options modular (since there's no reason for them
    to be built in): FTL, NFTL, MTD_CFI_AMDSTD, MTD_CFI_STAA.
  * [armel/orion5x, armel/kirkwood] Enable ISDN (requested by Markus
    Krebs).
  * Add patch from Albin Tonnerre to add HAVE_KERNEL_LZMA to arm.
  * [armel] Enable KERNEL_LZMA, i.e. compress kernels with lzma to get
    much better compression.
  * [armel] Re-enable options that were turned off recently because of
    size constraints: DEBUG_USER, DEBUG_KERNEL, BOOT_TRACER, ARM_UNWIND,
    BLK_DEV_IO_TRACE and SECURITY_SELINUX.

  [ maximilian attems ]
  * Simplify postinst nuke reverse symlinks handling. Patch from
    Sebastian Andrzej Siewior <sebastian@breakpoint.cc>.

 -- Bastian Blank <waldi@debian.org>  Sat, 21 Nov 2009 21:41:45 +0100

linux-2.6 (2.6.31-2) unstable; urgency=low

  [ Martin Michlmayr ]
  * [armel/orion5x, armel/kirkwood] Make sure VGA_CONSOLE is disabled,
    otherwise the kernel won't boot.
  * [armel/kirkwood] Enable CRYPTO_DEV_MV_CESA (Closes: #552270).
  * [armel/kirkwood, armel/orion5x] Enable ORION_WATCHDOG (the
    name of the config variable changed).
  * Add OpenRD-Client support again.
  * Add QNAP TS-41x support.
  * [armel/orion5x, armel/kirkwood] Enable ISDN (requested by Markus
    Krebs).
  * Fix a build failure of the ISDN hisax elsa driver on ARM.
  * mips: fix build of vmlinux.lds (Closes: #552422).

  [ Ben Hutchings ]
  * postinst: Accept absolute paths in modules.dep generated by the
    lenny version of module-init-tools (Closes: #552610)
  * aufs2: Remove incorrect static assertion (Closes: #554120)
  * Add stable release 2.6.31.6:
    - fs: pipe.c null pointer dereference (CVE-2009-3547)
    - KEYS: get_instantiation_keyring() should inc the keyring refcount
      in all cases (CVE-2009-3624)
    - netlink: fix typo in initialization (CVE-2009-3612)
  * Undo PCMCIA ABI change in 2.6.31.6
  * Hide wireless keys and wake-on-LAN password when including network
    configuration in bug reports
  * Add Geode LX/NX to list of 686-class processors

  [ Bastian Blank ]
  * [powerpc] Remove SMP warning from PowerMac cpufreq (Closes: #554124)

  [ maximilian Attems ]
  * Really fix making a debian kernel installable without kernel-img.conf.
    Thanks for patch to Sebastian Andrzej Siewior <sebastian@breakpoint.cc>.
    (closes: #555093).

 -- Ben Hutchings <ben@decadent.org.uk>  Sun, 15 Nov 2009 18:47:49 +0000

linux-2.6 (2.6.31-1) unstable; urgency=low

  [ Ben Hutchings ]
  * Include aufs2, marked as staging (Closes: #541828)
  * Include speakup modules under staging
  * Add stable release 2.6.31.5
  * [x86_64] Enable NUMA_EMU (Closes: #541389)

  [ Martin Michlmayr ]
  * CPUidle: always return with interrupts enabled.
  * [armel/orion5x, armel/kirkwood] Enable FB since some Kirkwood
    machines have a VGA chip (e.g. OpenRD-Client) and because it's
    possible to use a DisplayLink USB virtual graphics adapter.

  [ maximilian attems ]
  * [alpha] Disable SND_MIXART, causes gcc ICE.
  * [x86] Enable modular X86_MCE_INJECT.
  * [x86_32] Set LSM_MMAP_MIN_ADDR to zero to unbreak dosemu and 16-bit Wine,
    ia64 and x86_64 to 65536 otherwise default to 32768.
  * Unset UEVENT_HELPER_PATH to save some boot cycles.

  [ Bastian Blank ]
  * Set ABI to 1.
  * Enable Apple PMU battery. (closes: #544264)

 -- Bastian Blank <waldi@debian.org>  Sat, 24 Oct 2009 19:17:30 +0200

linux-2.6 (2.6.31-1~experimental.2) experimental; urgency=low

  [ Ben Hutchings ]
  * Include more information in bug reports:
    - Model information
    - Firmware package status
    - Network configuration and status (optional)
    - USB device list
  * nfs: Avoid overrun when copying client IP address string
    (Closes: #549002)
  * Add support for DEB_BUILD_OPTIONS=parallel=N (Closes: #458560)
  * sfc: Fix initial link state
  * Improve package descriptions
    - Clarify the differences between i386 flavours (Closes: #414690)
    - Simplify wording of the description template
  * Add stable release 2.6.31.3
  * Remove /usr/include/scsi from linux-libc-dev; these headers are
    provided by libc6-dev (Closes: #550130)
  * Remove dummy dot-files from linux-libc-dev
  * hfsplus: Refuse to mount volumes larger than 2TB, which may otherwise
    be corrupted (Closes: #550010)
  * Add stable release 2.6.31.4
    - x86: Don't leak 64-bit kernel register values to 32-bit processes
      (CVE-2009-2910)
    - appletalk: Fix skb leak when ipddp interface is not loaded
      (CVE-2009-2903)

  [ maximilian attems ]
  * Add stable release 2.6.31.2
    - ax25: Fix signed comparison in the sockopt handler (CVE-2009-2909)
    - PM / yenta: Fix cardbus suspend/resume regression (Closes: #522828)

  [ dann frazier ]
  * [sparc] build zImage by default, fixes build
  * [ia64] Fix call to elilo in postinst

 -- maximilian attems <maks@debian.org>  Mon, 12 Oct 2009 23:54:52 +0200

linux-2.6 (2.6.31-1~experimental.1) experimental; urgency=low

  * New upstream release.
    - Support for W83627DHG-P (closes: #535646).
    - Restore MAC address and MTU change operations on Orinoco and others
      (Closes: #536455)
    - Remove incorrect ACPI blacklisting of ASUS P4B266 mainboards
      (Closes: #525625)
    - atl1c fixes for Eee PC model 1005HA-H. (closes: #538410)
    - parisc64-smp boot fix on J5600. (closes: #539369)
    - parisc: Fix GOT overflow during module load on 64bit kernel
      (closes: #539378)
    - xfs: fix freeing of inodes not yet added to the inode cache
      (Closes: #527517)
    - IPv6: add "disable" module parameter support to ipv6.ko.
      (closes: #542470)
    - IPv6: avoid wraparound for expired preferred lifetime
      (Closes: #518710)
    - Fixes lockups with older dual-CPU machines (Closes: #542551)
    - x86, pat: Allow ISA memory range uncacheable mapping requests
      (Closes: #538159)
    - drm/i915: Hook connector to encoder during load detection
      (Closes: #522358)
    - module: workaround duplicate section names (Closes: #545229)
    - b43: Add fw capabilities (Closes: #533357)
    - procfs: Fix idle time in uptime (Closes: #545981)
    - e1000, e1000e, igb, ixgb, ixgbe: Fix initial link state
      (Closes: #546041)
    - CIFS: Handle port= mount option correctly (Closes: #524142)
    - i915: Prevent screen flickering in X11 (Closes: #545377)
    - hppa: Ensure broadcast tlb purge runs single threaded
      (Closes: #539215)

  [ maximilian attems ]
  * [powerpc64] Enable modular RTC_DRV_PS3, PS3_VRAM.
    (Closes: #528694)
  * Set new NETFILTER_XT_MATCH_OSF, FIREWIRE_NET, SND_CTXFI, USB_XHCI_HCD,
    IEEE802154, CAN_DEV, EEPROM_MAX6875, DM_LOG_USERSPACE, DM_MULTIPATH_QL,
    DM_MULTIPATH_ST, LIBERTAS_SPI, CAN_SJA1000, CAN_SJA1000_PLATFORM,
    CAN_EMS_PCI, CAN_KVASER_PCI, CB710_CORE, CNIC, RT2800USB,
    USB_NET_INT51X1, SND_LX6464ES, BLK_DEV_OSD, SCSI_BNX2_ISCSI, IWM,
    IEEE802154_DRIVERS, TOUCHSCREEN_EETI, TOUCHSCREEN_W90X900,
    BATTERY_MAX17040, SENSORS_TMP401, REGULATOR_USERSPACE_CONSUMER,
    REGULATOR_MAX1586, REGULATOR_LP3971, MEDIA_SUPPORT, CUSE,
    WL12XX, PPS, AB3100_CORE, SND_HDA_INPUT_JACK,MMC_SDHCI_PLTFM,
    MMC_CB710, MMC_VIA_SDMMC, LEDS_LP3944, RTC_DRV_RX8025,
    SMARTJOYPLUS_FF, USB_CDC_PHONET, USB_GSPCA_SN9C20X, MOUSE_SYNAPTICS_I2C,
    PCIEAER_INJECT.
  * Disable v4l1 ov511 and quickcam_messenger drivers.
  * [x86_64] Enable HW_RANDOM_VIA.
  * [x86] Keep divers staging stuff enabled.
  * [x86] Enable RT3070, COMEDI_PCMCIA_DRIVERS, ACERHDF, EDAC_AMD64,
    XEN_DEV_EVTCHN, XEN_SYS_HYPERVISOR, PERF_COUNTERS,
    CC_STACKPROTECTOR, DEFAULT_MMAP_MIN_ADDR=65536.
  * rtl8192su: remove firmware and disable.
  * Newer Standards-Version 3.8.2 without changes.
  * Allow install in chroot without do_initrd check for piuparts.
  * Cleanup Maintainer scripts from ancient pre linux-2.6 assumptions.
    (Also closes: #536333)
  * Disable DEVKMEM.
  * [ppc, sparc] Enable EFI_PARTITION. (closes: #540486)
  * Disable old USB_DEVICE_CLASS. (Closes: #510279)
  * Drop yaird initramfs generator support.
  * Add stable release 2.6.31.1.
  * Enable PREEMPT_VOLUNTARY.

  [ Ben Hutchings ]
  * mga: remove unnecessary change from firmware-loading patch
  * cxgb3: remove PHY firmware and use request_firmware() to load it
  * Add firmware-linux-free package containing DFSG-free firmware
  * av7110: include firmware source and binary
  * snd-cs46xx: reenable using external firmware (closes: #464197,
    but note that Debian cannot currently distribute the firmware),
    thanks to Kalle Olavi Niemitalo <kon@iki.fi>
  * ib_ipath: remove firmware for QLogic IBA7220 and use
    request_firmware() to load it
  * dvb-usb-af9005: remove initialisation script derived from Windows
    driver and use request_firmware() to extract it at run-time
    (closes: #494119)
  * Add warning on upgrade to a new upstream version where the system
    appears to be missing necessary firmware files (closes: #541702)
  * qla1280: Release spinlock when requesting firmware (closes: #543244)
  * r128: Add test for initialisation to all ioctls that require it
    (closes: #541630)
  * rt{2860,2870,3070}sta: Use existing CCITT CRC implementation on
    firmware rather than adding an equivalent variant of ITU-T CRC
  * rd: Build as a module since we do not require initrd support
  * x86: Fix crash in text_poke_early() on 486-class processors
    (Closes: #515982)
  * intel-agp: Fix cache flushing on i8xx chipsets, avoiding graphics
    corruption and GPU lock-ups (Closes: #541307)
  * Generate architecture-qualified package relations as needed for
    flavours that exist for multiple architectures (Closes: #278729)
  * Prompt bug reporters to run the kernel version they're reporting on
    or otherwise record boot messages
  * Include PCI device list in bug reports even if the running kernel
    doesn't match

  [ Martin Michlmayr ]
  * [armel/orion5x, armel/kirkwood] Set GPIO_SYSFS=y since these
    platforms have been converted to GPIOLIB.
  * [armel/orion5x, armel/kirkwood] Disable MARVELL_PHY since it may
    lead to conflicts with the built-in Ethernet.
  * Add features from 2.6.32:
    - crypto: mv_cesa - Add support for Orion5X crypto engine
  * [armel/orion5x] Enable CRYPTO_DEV_MV_CESA.
  * Disable SYS_HAS_EARLY_PRINTK on SGI IP22 to work around a hang
    during bootup (Closes: #507557)
  * [armel] Enable BPQETHER (on the request of Iain Young) and some
    other AX25 drivers.

  [ Bastian Blank ]
  * Disable staging drivers by default.
  * Force all bugs against images to be reported to linux-2.6.
    (closes: #539176)
  * [arm] Remove old arm architecture.
  * Use kernel architecture for libc-dev build.

  [ Moritz Muehlenhoff ]
  * Fix Linus' name in copyright file (Closes: #530620)
  * More verbose explanation on difference between Alpha flavour
    (Closes: #497230)
  * Add Vcs-Svn and Vcs-Browser stanzas pointing to the SVN branch
    used for development in unstable. There are other branches
    used for experimental (trunk), oldstable and stable, but Vcs-*
    doesn't yet provide the ability to distinguish branches in a
    more fine-grained manner. (Closes: #471495)
  * Update Standards-Version to 3.8.3, no changes needed
  * Disable PROM console support (Closes: #525958)
  * Make the description of linux-support a little more verbose
    (Closes: #400825)
  * This upload fixes the following security issues:
    - CVE-2009-3290 (2.6.31)
    - CVE-2009-3288 (2.6.31.1)
    - CVE-2009-3280 (2.6.31.1)
    - CVE-2009-3234 (2.6.31.1)
    - CVE-2009-3043 (2.6.31)
    - CVE-2009-3002 (2.6.31)
    - CVE-2009-3001 (2.6.31)
    - CVE-2009-2844 (2.6.31)
    - CVE-2009-2695 (2.6.31)
    - CVE-2009-2691 (2.6.31)

  [ dann frazier ]
  * n_tty: Fix echo race
  * [ia64] Stop disabling CONFIG_HOTPLUG_CPU, which was blocking
    CONFIG_KEXEC from being enabled
  * [hppa] Disable CONFIG_AB3100_CORE, it fails to build

 -- maximilian attems <maks@debian.org>  Sun, 04 Oct 2009 20:27:05 +0200

linux-2.6 (2.6.30-8) unstable; urgency=low

  [ Martin Michlmayr ]
  * Disable SYS_HAS_EARLY_PRINTK on SGI IP22 to work around a hang
    during bootup (Closes: #507557)
  * module: workaround duplicate section names to fix a panic on
    boot on hppa (Closes: #545229).
  * Add stable release 2.6.30.8.
  * [armel/kirkwood] Add Marvell OpenRD-Client support (Dhaval Vasa).
    Thanks Stefan Kaltenbrunner.

 -- Bastian Blank <waldi@debian.org>  Fri, 25 Sep 2009 23:47:56 +0200

linux-2.6 (2.6.30-7) unstable; urgency=low

  [ Martin Michlmayr ]
  * [armel/kirkwood] Enable eSATA on QNAP TS-219P (John Holland).
  * [armel/kirkwood] Marvell OpenRD-Base board support (Dhaval Vasa).
  * [armel/kirkwood] Initialise SATA for OpenRD-Base (Ron Lee).
  * [armel/kirkwood] Enable SATA_AHCI.

  [ Ben Hutchings ]
  * qla1280: Release spinlock when requesting firmware (closes: #543244)
  * r128: Add test for initialisation to all ioctls that require it
    (closes: #541630)
  * [i386] Fix crash in text_poke_early() on 486-class processors
    (Closes: #515982)
  * intel-agp: Fix cache flushing on i8xx chipsets, avoiding graphics
    corruption and GPU lock-ups (Closes: #541307)
  * [i386] Allow ISA memory range uncacheable mapping requests
    (Closes: #538159)
  * Fix idle time in /proc/uptime (Closes: #545981)
  * e1000, e1000e, igb, ixgb, ixgbe, sfc: Fix initial link state
    (Closes: #546041)

  [ Bastian Blank ]
  * Add stable release 2.6.30.5.
    - drm/i915: Hook connector to encoder during load detection
      (fixes tv/vga detect) (Closes: #522358)
  * Add stable release 2.6.30.6.
    - x86: Fix lock-up on SMP Pentium Pro, Pentium 2, Pentium 3, and
      Athlon MP systems (Closes: #542551)
    - NET: Fix information leaks from getsockname() (CVE-2009-3001,
      CVE-2009-3002)
    - iwl3945/rfkill: Reenable radio when hardware switch turned back on
      (Closes: #530554)
  * Bump ABI to 2.
  * Apply missing fixes:
    - block: fix sg SG_DXFER_TO_FROM_DEV regression.
    - sched_rt: Fix overload bug on rt group scheduling.
  * Add stable release 2.6.30.7.
  * [sparc] Disable PROM console. (closes: #525958)

 -- Bastian Blank <waldi@debian.org>  Wed, 16 Sep 2009 17:23:13 +0200

linux-2.6 (2.6.30-6) unstable; urgency=high

  [ Bastian Blank ]
  * Set default low address space protection to default value.

  [ dann frazier ]
  * Make sock_sendpage() use kernel_sendpage() (CVE-2009-2692)
  * flat: fix uninitialized ptr with shared libs
  * [parisc] isa-eeprom - Fix loff_t usage
  * do_sigaltstack: avoid copying 'stack_t' as a structure to user space
  * posix-timers: Fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW

 -- Bastian Blank <waldi@debian.org>  Sat, 15 Aug 2009 15:50:02 +0200

linux-2.6 (2.6.30-5) unstable; urgency=high

  [ maximilian attems ]
  * Add stable release 2.6.30.4.
    - cifs: fix regression with O_EXCL creates and optimize away lookup
      (closes: #536426)
    - ecryptfs: check tag 11 literal data buffer size (CVE-2009-2406)
    - ecryptfs: check tag 3 package encrypted size (CVE-2009-2407)
  * Ignore nf_conntrack ABI change.
  * Revert to keep ABI:
    - block: fix sg SG_DXFER_TO_FROM_DEV regression.
    - sched_rt: Fix overload bug on rt group scheduling.
  * [hppa]: Ignore any ABI (broke on 2.6.30.2).

 -- maximilian attems <maks@debian.org>  Mon, 03 Aug 2009 12:08:56 +0200

linux-2.6 (2.6.30-4) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.30.2.
  * Fix pci access in x86 startup code. (closes: #537783)
  * Ignore ABI changes.
  * Include all plattform and mach specific headers on arm.

  [ maximilian attems ]
  * Add stable release 2.6.30.3.

 -- Bastian Blank <waldi@debian.org>  Thu, 30 Jul 2009 11:55:11 +0200

linux-2.6 (2.6.30-3) unstable; urgency=low

  [ Bastian Blank ]
  * Build-Depend against cpio. (closes: #536196)

  [ Martin Michlmayr ]
  * [arm] Export __cpu_flush_dcache_page.

  [ Aurelien Jarno ]
  * [ia64] Fix asm/fpu.h includes.

  [ dann frazier ]
  * Fix NULL pointer dereference in tun_chr_pool() (CVE-2009-1897)
  * personality: fix PER_CLEAR_ON_SETID (CVE-2009-1895)
  * Add -fno-delete-null-pointer-checks to CFLAGS

 -- Bastian Blank <waldi@debian.org>  Sat, 18 Jul 2009 10:00:01 +0200

linux-2.6 (2.6.30-2) unstable; urgency=low

  [ dann frazier ]
  * [powerpc] Use generic rtc (closes: #535354)
  * [parisc]
    - ensure broadcast tlb purge runs single threaded
    - fix ldcw inline assembler
    (closes: #535844)

  [ Bastian Blank ]
  * Add stable release 2.6.30.1:
    - KVM: x86: check for cr3 validity in ioctl_set_sregs (CVE-2009-2287)
    - ALSA: intel8x0 - Fix PCM position craziness (closes: #533780)
    - ide-cd: prevent null pointer deref via cdrom_newpc_intr (closes: #535342)
  * Ignore ABI changes.

  [ maximilian attems ]
  * [alpha] Add upstream smp buildfix.
  * [parisc] Disable vxge and niu.

 -- Bastian Blank <waldi@debian.org>  Tue, 07 Jul 2009 14:45:43 +0200

linux-2.6 (2.6.30-1) unstable; urgency=low

  * New upstream release.
    - radeonfb: suspend/resume for ATI Mobility Radeon RV350.
      (closes: #506964)
    - tcp: fix MSG_PEEK race check (closes: #513695)
    - e100 fixes (closes: #527056)
    - mos7840: fix miscalculation of minor numbers (closes: #498293)
    - reiserfs update (closes: #531804)
    - bluetooth stack suspend/resume (closes: #508426, #529785)
    - e1000e: Remove mutex_trylock and associated WARN on failure
      (closes: #524699)

  [ maximilian attems ]
  * [sparc] Enable BLK_DEV_CRYPTOLOOP. (closes: #521829)
  * Enable PATA_JMICRON instead of legacy BLK_DEV_JMICRON.
    (closes: #431500, #458493)
  * Set new NILFS2, AT76C50X_USB, MWL8K, P54_SPI, AR9170_USB,
    NETFILTER_XT_MATCH_CLUSTER, RDS, SCSI_MPT2SAS, SCSI_OSD_INITIATOR,
    ETHOC, IGBVF, VXGE, TOUCHSCREEN_AD7877, SENSORS_ATK0110,
    NETFILTER_XT_TARGET_LED, 3C359, HW_RANDOM_TIMERIOMEM, SENSORS_G760A,
    SENSORS_LTC4215, SENSORS_LM95241, USB_GSPCA_MR97310A, USB_GSPCA_SQ905,
    USB_GSPCA_SQ905C, USB_PWC_INPUT_EVDEV, DVB_USB_CE6230, SND_INDIGOIOX,
    SND_INDIGODJX, USB_SERIAL_CP210X, USB_SERIAL_QUALCOMM,
    USB_SERIAL_SYMBOL, ISL29003, SERIAL_MAX3100, VIDEO_HDPVR, VIDEO_CX231XX,
    DRAGONRISE_FF, LEDS_LP5521, LEDS_DAC124S085, LEDS_BD2802,
    UIO_AEC, CRYPTO_ZLIB, REGULATOR_FIXED_VOLTAGE, NOP_USB_XCEIV,
    POHMELFS, FSCACHE, CACHEFILES, EXOFS, NFS_FSCACHE, AFS_FSCACHE,
    MTD_NAND_NANDSIM, STRIP_ASM_SYMS, FCOE_FNIC, USB_NET_CDC_EEM,
    PCI_IOV, ASYNC_TX_DMA, ROMFS_BACKED_BY_BOTH, DETECT_HUNG_TASK.
  * [amd64, i386] Set new DELL_WMI, EDAC_AMD8131, EDAC_AMD8111, X86_PAT, DMAR,
    X86_CPU_DEBUG, CRYPTO_AES_NI_INTEL, X86_X2APIC.
  * Newer Standards-Version 3.8.1 without changes.
  * xfs: fix freeing memory in xfs_getbmap().

  [ Ben Hutchings ]
  * Remove firmware from drivers/staging (closes: #521553)
    - make rt2860sta and rt2870sta use request_firmware(),
      thanks to Darren Salt
  * Remove some sourceless firmware not included in Debian kernel images

  [ Martin Michlmayr ]
  * [mipsel/r5k-cobalt] Enable SCSI_SYM53C8XX_2 (closes: #526836).
  * [arm/iop32x, arm/ixp4xx, arm/orion5x] Turn off BOOT_TRACER,
    BLK_DEV_IO_TRACE, CONTEXT_SWITCH_TRACER, ARM_UNWIND and
    SECURITY_SELINUX because of size constraints.
  * [mips/sb1-bcm91250a] There is a platform PATA driver for SWARM IDE
    these days, so disable IDE and build in ATA, SCSI and BLK_DEV_SD.
  * [mips/sb1-bcm91250a, mips/sb1a-bcm91480b] Compile in SB1250_MAC and
    BROADCOM_PHY.
  * [mips/r4k-ip22] Enable NET_ISA and various ISA network modules on
    the request of Damian Dimmich since they might be useful on the
    SGI Indigo2.
  * Add patches from git.marvell.com:
    - alternative copy_to_user: more precise fallback threshold
    - lower overhead with alternative copy_to_user for small copies
    - Kirkwood: Add CPU idle driver
    - Kirkwood: clock gating for unused peripherals

  [ Aurelien Jarno ]
  * [mips(el)/sb1-bcm91250a] Set CONFIG_SCSI_AIC7XXX=y, it is needed
    on the build daemons.
  * topconfig set CONFIG_RD_GZIP, CONFIG_RD_BZIP2, CONFIG_RD_LZMA.

  [ Bastian Blank ]
  * [i386] Disable PentiumPro errata workaround.
  * [i386] Enable support for big SMP systems.
  * Disable OSS.
  * [s390] Use Sparse Memory layout.
  * [amd64, i386, powerpc, sparc] Make IPv6 support built-in.
  * Centralize Sound core options.
  * Centralize Power Management options.
  * Centralize CPU Frequency scaling options.
  * [sparc] Enable CPU Frequency scaling.
  * Enable Network console logging support.
  * [s390/s390x-tape] Add image.
  * [s390/s390, s390/s390-tape] Remove images.
  * [i386/486] Enable High Memory Support.
  * [i386] Allocate pagetables from High Memory.
  * [amd64, i386] Write protect kernel read-only data structures.
  * [amd64, i386] Make kernel relocatable.
  * Move images and headers into kernel section.

  [ dann frazier ]
  * Enable bnx2x, using firmware-split patches from net-next and mirroring
    the per-subarch config settings used for bnx2

 -- Bastian Blank <waldi@debian.org>  Sun, 14 Jun 2009 11:45:08 +0200

linux-2.6 (2.6.29-5) unstable; urgency=low

  [ dann frazier ]
  * [ia64] Backport rtc-efi driver from mainline

  [ maximilian attems ]
  * qla1280: Fix off-by-some error in firmware loading. (closes: #527265)

  [ Martin Michlmayr ]
  * Broadcom SB: fix locking in set_irq_affinity.
  * mmc: load mvsdio automatically when it's a platform device.
  * mmc: mvsdio: ignore high speed timing requests from the core
  * USB: ftdi_sio: add vendor/product id for the Marvell SheevaPlug.

  [ Bastian Blank ]
  * Add stable release 2.6.29.3:
    - ath9k: Fix FIF_BCN_PRBRESP_PROMISC handling
    - tracing: x86, mmiotrace: fix range test
    - sched: account system time properly
    - rndis_wlan: fix initialization order for workqueue&workers
    - mm: fix Committed_AS underflow on large NR_CPUS environment
    - Ignore madvise(MADV_WILLNEED) for hugetlbfs-backed regions
    - clockevents: prevent endless loop in tick_handle_periodic()
    - intel-iommu: Avoid panic() for DRHD at address zero.
    - intel-iommu: Fix oops in device_to_iommu() when devices not found.
    - intel-iommu: Fix device-to-iommu mapping for PCI-PCI bridges.
    - cs5536: define dma_sff_read_status() method
    - proc: avoid information leaks to non-privileged processes
    - ath5k: fix buffer overrun in rate debug code
    - mv643xx_eth: OOM handling fixes
    - mv643xx_eth: 64bit mib counter read fix
    - check_unsafe_exec: s/lock_task_sighand/rcu_read_lock/
    - do_execve() must not clear fs->in_exec if it was set by another thread
    - check_unsafe_exec() doesn't care about signal handlers sharing
    - New locking/refcounting for fs_struct
    - Take fs_struct handling to new file (fs/fs_struct.c)
    - Get rid of bumping fs_struct refcount in pivot_root(2)
    - Kill unsharing fs_struct in __set_personality()
    - Annotate struct fs_struct's usage count restriction
    - fix setuid sometimes wouldn't
    - fix setuid sometimes doesn't
    - compat_do_execve should unshare_files
    - powerpc: Sanitize stack pointer in signal handling code
    - ACPI: Revert conflicting workaround for BIOS w/ mangled PRT entries
    - USB: serial: fix lifetime and locking problems
    - ptrace: ptrace_attach: fix the usage of ->cred_exec_mutex
    - kbuild: fix Module.markers permission error under cygwin
    - pagemap: require aligned-length, non-null reads of /proc/pid/pagemap
    - drm/i915: allow tiled front buffers on 965+
    - bio: fix memcpy corruption in bio_copy_user_iov()
    - PCI quirk: disable MSI on VIA VT3364 chipsets
    - ASoC: Fix offset of freqmode in WM8580 PLL configuration
    - x86/PCI: don't call e820_all_mapped with -1 in the mmconfig case
    - x86-64: fix FPU corruption with signals and preemption
    - drm/i915: add support for G41 chipset
    - unreached code in selinux_ip_postroute_iptables_compat() (CVE-2009-1184)
    - PCI: fix incorrect mask of PM No_Soft_Reset bit
    - exit_notify: kill the wrong capable(CAP_KILL) check (CVE-2009-1337)
    - crypto: ixp4xx - Fix handling of chained sg buffers
    - block: include empty disks in /proc/diskstats
    - b44: Use kernel DMA addresses for the kernel DMA API
    - virtio-rng: Remove false BUG for spurious callbacks
    - USB: Unusual Device support for Gold MP3 Player Energy
    - KVM: x86: release time_page on vcpu destruction
    - KVM: Fix overlapping check for memory slots
    - KVM: MMU: disable global page optimization
    - KVM: MMU: Fix off-by-one calculating large page count
    - mac80211: fix basic rate bitmap calculation
    - ALSA: us122l: add snd_us122l_free()
    - thinkpad-acpi: fix LED blinking through timer trigger
    - b43: Refresh RX poison on buffer recycling
    - b43: Poison RX buffers
    - mac80211: Fix bug in getting rx status for frames pending in reorder
      buffer
    - forcedeth: Fix resume from hibernation regression.
  * Ignore ABI change.

  [ Jurij Smakov ]
  * [sparc] Fix build

 -- Bastian Blank <waldi@debian.org>  Sun, 17 May 2009 12:45:13 +0200

linux-2.6 (2.6.29-4) unstable; urgency=low

  [ maximilian attems ]
  * drm/i915: allow tiled front buffers on 965+.

  [ Martin Michlmayr ]
  * Extend erase timeout in M25P80 SPI Flash driver (Peter Horton).
  * Add driver for GMT G760A fan speed PWM controller chip.
  * [arm/orion5x] Enable SENSORS_G760A.
  * Add patches from git.marvell.com:
    - allow for alternative __copy_to_user/__clear_user implementations
    - alternative copy_to_user/clear_user implementation copy_user
  * [arm/orion5x, armel/kirkwood] Enable UACCESS_WITH_MEMCPY.
  * [MMC] give Sandisk/Kingston SDHC cards some slack before the SWITCH
    command.

  [ dann frazier ]
  * [parisc] Fix macro expansion in atomic.h fixing PHONET compilation issue
  * [parisc] reenable PHONET
  * Btrfs: fix __ucmpdi2 compile bug on 32 bit builds

  [ Stephen R. Marenka ]
  * [m68k] Add 2.6.29 patches.
  * [m68k] Enable RTC for aranym (2.6.29 solution).

  [ Bastian Blank ]
  * Add stable release 2.6.29.2:
    - Bonding: fix zero address hole bug in arp_ip_target list
    - skge: fix occasional BUG during MTU change
    - scsi: mpt: suppress debugobjects warning
    - hugetlbfs: return negative error code for bad mount option
    - NFS: Fix the XDR iovec calculation in nfs3_xdr_setaclargs
    - gso: Fix support for linear packets
    - agp: zero pages before sending to userspace
    - virtio: fix suspend when using virtio_balloon
    - Revert "console ASCII glyph 1:1 mapping"
    - Input: gameport - fix attach driver code
    - x86, PAT: Remove page granularity tracking for vm_insert_pfn maps
    - KVM: is_long_mode() should check for EFER.LMA
    - KVM: VMX: Update necessary state when guest enters long mode
    - KVM: fix kvm_vm_ioctl_deassign_device
    - KVM: MMU: handle compound pages in kvm_is_mmio_pfn
    - KVM: Reset PIT irq injection logic when the PIT IRQ is unmasked
    - KVM: Interrupt mask notifiers for ioapic
    - KVM: Add CONFIG_HAVE_KVM_IRQCHIP
    - KVM: Fix missing smp tlb flush in invlpg
    - USB: usb-storage: augment unusual_devs entry for Simple Tech/Datafab
    - USB: fix oops in cdc-wdm in case of malformed descriptors
    - USB: ftdi_sio: add vendor/project id for JETI specbos 1201 spectrometer
    - usb gadget: fix ethernet link reports to ethtool
    - x86: disable X86_PTRACE_BTS for now
    - SCSI: sg: fix q->queue_lock on scsi_error_handler path
    - SCSI: sg: avoid blk_put_request/blk_rq_unmap_user in interrupt
    - SCSI: sg: fix races with ioctl(SG_IO)
    - SCSI: sg: fix races during device removal
    - mm: pass correct mm when growing stack
    - pata_hpt37x: fix HPT370 DMA timeouts
    - hpt366: fix HPT370 DMA timeouts
    - powerpc: Fix data-corrupting bug in __futex_atomic_op
    - ALSA: hda - Fix the cmd cache keys for amp verbs
    - sfc: Match calls to netif_napi_add() and netif_napi_del()
    - tty: Fix leak in ti-usb
    - spi: spi_write_then_read() bugfixes
    - add some long-missing capabilities to fs_mask
    - hrtimer: fix rq->lock inversion (again)
    - x86: fix broken irq migration logic while cleaning up multiple vectors
    - sched: do not count frozen tasks toward load
    - dm kcopyd: fix callback race
    - dm kcopyd: prepare for callback race fix
    - posix-timers: fix RLIMIT_CPU && setitimer(CPUCLOCK_PROF)
    - posix-timers: fix RLIMIT_CPU && fork()
    - posixtimers, sched: Fix posix clock monotonicity
    - cap_prctl: don't set error to 0 at 'no_change'
    - SCSI: libiscsi: fix iscsi pool error path
    - SCSI: libiscsi: fix iscsi pool error path
    - sparc64: Fix bug in ("sparc64: Flush TLB before releasing pages.")
    - ALSA: hda - add missing comma in ad1884_slave_vols
    - splice: fix deadlock in splicing to file
    - netfilter: {ip, ip6, arp}_tables: fix incorrect loop detection
    - kprobes: Fix locking imbalance in kretprobes
    - acer-wmi: Blacklist Acer Aspire One
    - crypto: shash - Fix unaligned calculation with short length
    - net/netrom: Fix socket locking
    - af_rose/x25: Sanity check the maximum user frame size
    - dm table: fix upgrade mode race
    - dm: path selector use module refcount directly
    - dm target: use module refcount directly
    - dm snapshot: avoid having two exceptions for the same chunk
    - dm snapshot: avoid dropping lock in __find_pending_exception
    - dm snapshot: refactor __find_pending_exception
    - dm io: make sync_io uninterruptible
    - dm raid1: switch read_record from kmalloc to slab to save memory
    - vfs: skip I_CLEAR state inodes
    - dm: preserve bi_io_vec when resubmitting bios
    - ixgbe: Fix potential memory leak/driver panic issue while setting up Tx &
      Rx ring parameters
    - mm: do_xip_mapping_read: fix length calculation
    - mm: define a UNIQUE value for AS_UNEVICTABLE flag
    - sysctl: fix suid_dumpable and lease-break-time sysctls
    - cpumask: fix slab corruption caused by alloc_cpumask_var_node()
    - ide-atapi: start DMA after issuing a packet command
    - ide: drivers/ide/ide-atapi.c needs <linux/scatterlist.h>
    - V4L/DVB (10943): cx88: Prevent general protection fault on rmmod
    - r8169: Reset IntrStatus after chip reset
    - md/raid1 - don't assume newly allocated bvecs are initialised.
    - SCSI: sg: fix iovec bugs introduced by the block layer conversion
    - drm/i915: fix TV mode setting in property change
    - drm/i915: only set TV mode when any property changed
    - drm: Use pgprot_writecombine in GEM GTT mapping to get the right bits for
      !PAT.
    - drm/i915: check for -EINVAL from vm_insert_pfn
    - drm/i915: Check for dev->primary->master before dereference.
    - drm/i915: Sync crt hotplug detection with intel video driver
    - drm/i915: Read the right SDVO register when detecting SVDO/HDMI.
    - drm/i915: Change DCC tiling detection case to cover only mobile parts.
    - dock: fix dereference after kfree()
    - ACPI: cap off P-state transition latency from buggy BIOSes
    - x86, setup: mark %esi as clobbered in E820 BIOS call
    - tracing/core: fix early free of cpumasks
    - rt2x00: Fix SLAB corruption during rmmod
    - ext4: fix locking typo in mballoc which could cause soft lockup hangs
    - ext4: fix typo which causes a memory leak on error path
    - MIPS: Compat: Zero upper 32-bit of offset_high and offset_low.
    - PCI/x86: detect host bridge config space size w/o using quirks
    - ide: Fix code dealing with sleeping devices in do_ide_request()
    - fbdev: fix info->lock deadlock in fbcon_event_notify()
    - fbmem: fix fb_info->lock and mm->mmap_sem circular locking dependency
    - security/smack: fix oops when setting a size 0 SMACK64 xattr
  * Bump ABI to 2.
  * [sparc] Make the kernels again 64bit. (closes: #525926)

 -- Bastian Blank <waldi@debian.org>  Sun, 03 May 2009 09:38:42 +0200

linux-2.6 (2.6.29-3) unstable; urgency=low

  [ maximilian attems ]
  * [powerpc] Pipe mkimage postinst call to stderr for debconf.
    Thanks Jordi Mallach <jordi@debian.org> for the patch. (closes: #518231)
  * [parisc] Disable PHONET.
  * [sparc] Disable BTRFS.

  [ Bastian Blank ]
  * [alpha] Fix location of kernel image.
  * Add source link to headers packages. (closes: #523726)

  [ Martin Michlmayr ]
  * Add some sata_mv fixes for Kirkwood from Marvell:
    - use new sata phy register settings for new devices
    - increate the IORDY timeout for the soc controllers

 -- maximilian attems <maks@debian.org>  Fri, 17 Apr 2009 10:36:03 +0200

linux-2.6 (2.6.29-2) unstable; urgency=low

  [ Martin Michlmayr ]
  * [arm/ixp4xx] Build in LEDS_TRIGGER_TIMER (closes: #521141).
  * [mips*/4kc-malta, mips*/5kc-malta] Build in RTC_DRV_CMOS.

  [ maximilian attems ]
  * linux-libc-dev: Bump versioned replaces libdrm-dev.
  * parisc: hardcode gcc-4.3 usage.
  * Postrm cleanup new module-init-tools 3.7 files.

  [ Bastian Blank ]
  * Install all needed Makefiles into common headers package.
    (closes: #521472)
  * Add stable release 2.6.29.1:
    - V4L: v4l2-common: remove incorrect MODULE test
    - sparc64: Fix reset hangs on Niagara systems.
    - sparc64: Flush TLB before releasing pages.
    - sparc64: Fix MM refcount check in smp_flush_tlb_pending().
    - KVM: MMU: Fix another largepage memory leak
    - cfg80211: fix incorrect assumption on last_request for 11d
    - lguest: fix spurious BUG_ON() on invalid guest stack.
    - lguest: wire up pte_update/pte_update_defer
    - VM, x86, PAT: Change is_linear_pfn_mapping to not use vm_pgoff
    - x86: mtrr: don't modify RdDram/WrDram bits of fixed MTRRs
    - x86: ptrace, bts: fix an unreachable statement
    - x86: fix 64k corruption-check
    - x86, uv: fix cpumask iterator in uv_bau_init()
    - x86, PAT, PCI: Change vma prot in pci_mmap to reflect inherited prot
    - Add a missing unlock_kernel() in raw_open()
    - fuse: fix fuse_file_lseek returning with lock held
    - ARM: 5435/1: fix compile warning in sanity_check_meminfo()
    - ARM: twl4030 - leak fix
    - ARM: fix leak in iop13xx/pci
    - ARM: cumana: Fix a long standing bogon
    - ARM: 5428/1: Module relocation update for R_ARM_V4BX
    - ARM: pxa: fix overlay being un-necessarily initialized on pxa25x
    - DVB: firedtv: FireDTV S2 problems with tuning solved
    - cfg80211: force last_request to be set for OLD_REG if regdom is EU
    - CIFS: Fix memory overwrite when saving nativeFileSystem field during mount
    - ath5k: warn and correct rate for unknown hw rate indexes
    - ath5k: disable MIB interrupts
    - b43: fix b43_plcp_get_bitrate_idx_ofdm return type
    - ath9k: fix dma mapping leak of rx buffer upon rmmod
    - ath5k: use spin_lock_irqsave for beacon lock
    - cifs: fix buffer format byte on NT Rename/hardlink
    - ath9k: downgrade xmit queue full message to xmit debug
    - KVM: SVM: set accessed bit for VMCB segment selectors
    - KVM: VMX: Don't allow uninhibited access to EFER on i386
    - USB: add quirk to avoid config and interface strings
    - USB: gadget: fix rndis regression
    - USB: usb-storage: increase max_sectors for tape drives
    - USB: fix USB_STORAGE_CYPRESS_ATACB
    - USB: EHCI: add software retry for transaction errors
    - xfrm: spin_lock() should be spin_unlock() in xfrm_state.c
    - ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c)
    - GRO: Disable GRO on legacy netif_rx path (closes: #521691)
    - bridge: bad error handling when adding invalid ether address
    - dnet: drivers/net/dnet.c needs <linux/io.h>
    - udp: Wrong locking code in udp seq_file infrastructure
    - netfilter: nf_conntrack_tcp: fix unaligned memory access in tcp_sack

  [ dann frazier ]
  * bnx2: correct firmware revisions (closes: #522049)
  * [mips] Zero upper 32-bits of compat llseek (closes: #521016)

 -- Bastian Blank <waldi@debian.org>  Sat, 04 Apr 2009 15:13:33 +0200

linux-2.6 (2.6.29-1) unstable; urgency=low

  * New upstream release
    - tg3 use request_firmware and firmware nuked.
    - acenic use request_firmware and firmware nuked.
    - e100 use request_firmware and firmware nuked. (closes: #494308)
    - cassini use request_firmware and firmware nuked.
    - starfire use request_firmware and firmware nuked. (closes: #501152)
    - cxgb3 use request_firmware and firmware nuked.
    - NR_CPUS setting no longer affects size of modules. (closes: #516709)
    - orinoco: use KERN_DEBUG for link status messages. (closes: #447549)
    - [CIFS] Fix oops in cifs_strfromUCS_le mounting to servers which do
      not specify their OS. (closes: #463402)
    - fixes conflict between <asm/byteorder.h> and <endian.h> on mips
      (closes: #519761)

  [ maximilian attems ]
  * topconfig set new NET_NS, NET_SCH_DRR, NET_CLS_CGROUP, LIB80211,
    SCSI_CXGB3_ISCSI, NATIONAL_PHY, STE10XP, LSI_ET1011C_PHY, BTRFS_FS,
    SQUASHFS, PCI_STUB, WIMAX, MTD_LPDDR, EEPROM_AT24, EEPROM_AT25,
    EEPROM_LEGACY, BLK_DEV_IT8172, SMSC9420, WIMAX_I2400M_USB,
    WIMAX_I2400M_SDIO, MISDN_HFCUSB, SENSORS_ADT7475, SENSORS_LTC4245,
    RADIO_TEA5764, SND_HDA_CODEC_INTELHDMI, RT2860, RT2870, RTL8187SE,
    LIBFC, FCOE, ATL1C, JOYSTICK_WALKERA0701, TOUCHSCREEN_WACOM_W8001,
    TOUCHSCREEN_TSC2007, W1_SLAVE_DS2431, WM8350_POWER, SOC_CAMERA_MT9T031,
    SOC_CAMERA_TW9910, SOC_CAMERA_OV772X, USB_STV06XX, USB_GSPCA_OV534,
    DVB_LGDT3304, WM8350_WATCHDOG, SMSC_SCH311X_WDT, SND_HRTIMER,
    SND_HDA_RECONFIG, GREENASIA_FF, USB_SERIAL_SIEMENS_MPI,
    USB_SERIAL_OPTICON, LEDS_ALIX2, LEDS_WM8350, OCFS2_FS_POSIX_ACL,
    BTRFS_FS_POSIX_ACL, ATM_SOLOS, MFD_PCF50633, PCF50633_ADC, PCF50633_GPIO,
    REGULATOR_PCF50633, DVB_S921, EDAC_I5400, RTC_DRV_PCF50633,
    INPUT_PCF50633_PMU, CHARGER_PCF50633, DEVPTS_MULTIPLE_INSTANCES,
    SCHED_OMIT_FRAME_POINTER, DCB, IXGBE_DCB, SFC_MTD, BE2NET, DNET.
  * topconfig enable SND_HDA_HWDEP for sound debugging purpose.
  * topconfig enable USB_HIDDEV (closes: #517771)
  * [x86] set DELL_LAPTOP, COMEDI, X86_PTRACE_BTS, XENFS, XEN_COMPAT_XENFS,
    X86_REROUTE_FOR_BROKEN_BOOT_IRQS, OPTIMIZE_INLINING.
  * [x86] unset DRM_I915_KMS due to upgrade path from Lenny override with
    modeset module param.
  * temp.image.plain/preinst: Consistent output.
  * [x86_64] set SPARSE_IRQ, NUMA_MIGRATE_IRQ_DESC, TREE_RCU.
  * [x86_32] set BLK_DEV_CS5536.
  * [powerpc] set PHANTOM, HP_ILO, MV643XX_ETH, MOUSE_BCM5974, VIRTUALIZATION.
  * topconfig unset legacy SCSI_PROC_FS, PCMCIA_IOCTL, ACPI_PROCFS_POWER,
    ACPI_PROC_EVENT.

  [ Bastian Blank ]
  * Use external source directory for all builds.
  * Use external source directory for all header packages.
  * Use dh_prep.
  * Update copyright file.
  * [s390/s390] Disable BTRFS.
  * [sparc] Use sparc as kernel architecture.
  * Update kconfig report changes patch.
  * [s390] Enable KVM.
  * Use debhelper compat level 7.

  [ Martin Michlmayr ]
  * [mips/r4k-ip22] Build in RTC_DRV_DS1286.
  * [mips/r5k-ip32] Build in RTC_DRV_CMOS (Closes: #516775).
  * [arm/versatile, arm/iop32x, arm/ixp4xx] Make LLC2 modular.
  * [arm, mips, mipsel] Make MII modular.
  * [arm/ixp4xx] Make IXP4XX_WATCHDOG modular.
  * topconfig: Disable NET_DSA since this hardware is special purpose and
    the option cannot be made modular at the moment and bloats the kernel
    image too much.
  * [arm, armel] Enable various V4L USB devices. (Closes: #518582)
  * [arm/orion5x] Build the SENSORS_LM75 module since it's needed on the
    D-Link DNS-323.
  * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable INPUT_TOUCHSCREEN.
  * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable INPUT_JOYDEV, GAMEPORT
    and INPUT_JOYSTICK (Closes: #520433).
  * [arm/iop32x, arm/ixp4xx, arm/orion5x] Add a size check to ensure that
    the kernel will fit in flash.
  * Add patches from git.marvell.com to improve Kirkwood support:
    - make gpio /input/output validation separate
    - MPP initialization code
    - SDIO driver for Marvell SoCs
    - SDIO driver registration for DB6281 and RD6281
    - register internal devices in a common place
    - Marvell SheevaPlug support
    - SheevaPlug USB Power Enable setup
    - SheevaPlug LED support
    - Hook up I2C on Kirkwood
    - Add support for QNAP TS-119/TS-219 Turbo NAS
  * [armel/kirkwood] Add an image for Marvell's Kirkwood platform.

  [ Ben Hutchings ]
  * Remove firmware from drivers and make them use request_firmware():
    - mga (closes: #502666)
    - qla1280 (closes: #502667)
    - r128 (closes: #494007)
    - radeon (closes: #494009)
    - tehuti (closes: #501153)
    - typhoon (closes: #502669)

 -- Bastian Blank <waldi@debian.org>  Tue, 24 Mar 2009 14:32:11 +0100

linux-2.6 (2.6.28-1) unstable; urgency=low

  * New upstream release
    - new btusb. (closes: #505184)
    - iwlagn driver for Intel Wifi Link 5100 and 5300. (closes: #501157)
    - drm git branch vblank-rework merged. (closes: #456219)
    - netfilter.h got in.h include. (closes: #487103)
    - netlink errno propageted. (closes: #489340)
    - agp g41 support (closes: #513228)
    - Includes atl2 driver (Closes: #500065)
    - Fixes loading of video module on Samsung systems
      (Closes: #475319, #495697)
    - Fix rf_kill handling of iwl3945 driver (Closes: #503688)
    - Fix adjtimex frequency offset (Closes: #432877)
    - Fix oopses with Canon PIXMA MP150 (Closes: #487725)
    - Fix excessive interrrupts with compiz (Closes: #456219)
    - dsp56k: use request_firmware and firmware nuked (closes: #494010)
    - dabusb: use request_firmware and firmware nuked (closes: #502663)
    - kaweth: use request_firmware and firmware nuked (closes: #502665)

  [ maximilian attems ]
  * Reenable new Juju firewire stack.
  * topconfig set ATH9K, IWL5000, IP_NF_SECURITY, IP6_NF_SECURITY,
    BRIDGE_EBT_IP6, BT_HCIBTUSB, TOUCHSCREEN_INEXIO, TOUCHSCREEN_TOUCHIT213,
    VIRTIO_CONSOLE, VIDEO_ZORAN_ZR36060, USB_VIDEO_CLASS_INPUT_EVDEV,
    USB_GSPCA, USB_S2255, OCFS2_FS_STATS, OMFS_FS, CRYPTO_RMD128,
    CRYPTO_RMD160, CRYPTO_RMD256, CRYPTO_RMD320, VLAN_8021Q_GVRP, HP_WMI,
    COMPAL_LAPTOP, SCSI_DH, SCSI_DH_RDAC, SCSI_DH_HP_SW, SCSI_DH_EMC,
    SCSI_DH_ALUA, MAC80211_HWSIM, USB_HSO, BLK_DEV_INTEGRITY, SGI_XP, SGI_GRU,
    TLAN, ATM_IA, ATM_FORE200E, MISDN, I2C_HELPER_AUTO, I2C_ISCH,
    I2C_NFORCE2_S4985, AT24, SENSORS_AD7414, SENSORS_ADCXX,
    SOC_CAMERA_PLATFORM, VIDEO_SH_MOBILE_CEU, DVB_USB_DW2102, DVB_USB_ANYSEE,
    DVB_SIANO_SMS1XXX, DVB_DRX397XD, MMC_SDHCI_PCI (closes: #507150),
    MMC_SDRICOH_CS (closes: #509979), EDAC_I5100, RTC_DRV_M41T94,
    RTC_DRV_DS1305, UBIFS, EXT4 (closes: #512266), CGROUP_FREEZER,
    NETFILTER_TPROXY, NETFILTER_XT_TARGET_TPROXY, NETFILTER_XT_MATCH_RECENT,
    NETFILTER_XT_MATCH_SOCKET, NET_ACT_SKBEDIT, PHONET, NET_9P_RDMA, ATL2, JME,
    ENIC, MLX4_EN, USB_NET_SMSC95XX, I7300_IDLE, NET_SCH_MULTIQ, ICS932S401,
    PANASONIC_LAPTOP, QLGE, LIBERTAS_THINFIRM, LIBERTAS_THINFIRM_USB,
    INPUT_CM109, W1_SLAVE_BQ27000, SENSORS_ADT7462, SENSORS_MAX1111,
    SENSORS_LIS3LV02D, MFD_WM8400, MFD_WM8350_I2C, SOC_CAMERA_MT9M111,
    USB_M5602, USB_GSPCA_CONEX, USB_GSPCA_ETOMS, USB_GSPCA_FINEPIX,
    USB_GSPCA_MARS, USB_GSPCA_OV519, USB_GSPCA_PAC207, USB_GSPCA_PAC7311,
    USB_GSPCA_SONIXB, USB_GSPCA_SONIXJ, USB_GSPCA_SPCA500, USB_GSPCA_SPCA501,
    USB_GSPCA_SPCA505, USB_GSPCA_SPCA506, USB_GSPCA_SPCA508, USB_GSPCA_SPCA561,
    USB_GSPCA_STK014, USB_GSPCA_SUNPLUS, USB_GSPCA_T613, USB_GSPCA_TV8532,
    USB_GSPCA_VC032X, USB_GSPCA_ZC3XX, C2PORT, C2PORT_DURAMAR_2150,
    W83697UG_WDT, USB_MR800, DVB_USB_CINERGY_T2, DVB_USB_DTV5100,
    DVB_USB_AF9015, DVB_DM1105, DVB_LGS8GL5, DVB_DUMMY_FE,
    SND_HDA_CODEC_NVHDMI, SND_USB_US122L, USB_VST, LEDS_PCA9532, LEDS_HP_DISK,
    LEDS_PCA955X, LEDS_TRIGGER_BACKLIGHT, EDAC_X38, RTC_DRV_RX8581,
    RTC_DRV_DS1390, RTC_DRV_DS3234, RTC_DRV_DS1286, RTC_DRV_M48T35,
    RTC_DRV_BQ4802, RTC_DRV_WM8350, UNEVICTABLE_LRU, MAC80211_RC_MINSTREL,
    BATTERY_BQ27x00, REGULATOR, REGULATOR_BQ24022, REGULATOR_WM8350,
    REGULATOR_WM8400, FB_VIA, FB_METRONOME, FB_MB862XX, UIO_SERCOS3,
    CORE_DUMP_DEFAULT_ELF_HEADERS, NET_DSA, NET_DSA_MV88E6060,
    NET_DSA_MV88E6131, NET_DSA_MV88E6123_61_65, IT87_WDT,
    BACKLIGHT_MBP_NVIDIA, SND_HDA_INPUT_BEEP, USB_WUSB, USB_TMC, IDE_GD,
    IDE_GD_ATA, IDE_GD_ATAPI, PCMCIA_IBMTR, USB_EMI62, USB_EMI26, USB_SEVSEG,
    UWB, UWB_WLP, UWB_I1480U, UWB_I1480U_WLP, CRYPTO_FIPS, ANSI_CPRNG,
    CRC_T10DIF, STAGING, ET131X, CRYPTO_ANSI_CPRNG, PRISM2_USB, HID_COMPAT,
    SYSCTL_SYSCALL_CHECK, BOOT_TRACER.
  * [x86] set MOUSE_BCM5974, X86_RESERVE_LOW_64K, OPROFILE_IBS,
    MICROCODE_INTEL, MICROCODE_AMD, X86_VERBOSE_BOOTUP, MTRR_SANITIZER,
    CRYPTO_CRC32C_INTEL, STRICT_DEVMEM.
  * [x86_64] set AMD_IOMMU, INTR_REMAP.
  * [x86_32] set TOUCHSCREEN_HTCPEN, MOUSE_PS2_OLPC.
  * Add stable releases 2.6.28.1-6.
  * Turn off SYSFS_DEPRECATED* for newer udev and proper /sys/.
  * linux-libc-dev: Add versioned replaces libdrm-dev. (closes: #513604)
  * topconfig: Enable MACVLAN. (closes: #504611)
  * [ppc] BAYCOM_PAR, BAYCOM_EPP.
  * [x86_64] set NR_CPUS to 512. (closes: #491309)
  * [686-bigmem] set modular XEN_FBDEV_FRONTEND.
  * Newer Standards-Version 3.8.0 without changes.
  * Use update-initramfs for initramfs-tools.
  * Fix preinst and postinst call to not use deprecated mkinitramfs-kpkg
    interfaces.

  [ Martin Michlmayr ]
  * [mips/r4k-ip22, mips/sb1-bcm91250a] Don't build in ISO9660.
  * [mipsel/r5k-cobalt] Enable INPUT_COBALT_BTNS.
  * [mipsel/r5k-cobalt] Enable the new Cobalt LCD driver (FB_COBALT).
  * [mips/r4k-ip22] Enable the new ALSA sound driver (SND_SGI_HAL2).
  * [arm/iop32x, arm/ixp4xx] Don't build in KEYBOARD_ATKBD, MOUSE_PS2,
    SERIO, JFFS2_FS, and CRAMFS.
  * [arm/iop32x, arm/ixp4xx] Unset DEBUG_KERNEL so the kernel will
    fit in flash.
  * [arm/orion5x] Unset FIXED_PHY to work around a clash with fixed
    mdio bus and mv643xx_eth.
  * Migrate arm, armel, mips and mipsel away from kernel-package.

  [ Ian Campbell ]
  * [x86]: Enable Xen guest support in amd64 flavour. (closes: #495590)

  [ dann frazier ]
  * [x86, ia64] Enable ACPI_PCI_SLOT

  [ Bastian Blank ]
  * Make gcc-4.3 the default compiler. (closes: #463295)
  * Add optional image size check.
  * debian/rules.real: Setup image installation rules for alpha, hppa,
    ia64 and sparc.
  * Remove support to build images using kernel-package.

 -- maximilian attems <maks@debian.org>  Wed, 18 Feb 2009 16:36:04 +0100

linux-2.6 (2.6.26-12) unstable; urgency=high

  [ Ian Campbell ]
  * xen: fix ACPI processor throttling for when processor id is -1. (closes: #502849)

  [ dann frazier ]
  * Make sendmsg() block during UNIX garbage collection (CVE-2008-5300)
  * Fix race conditions between inotify removal and umount (CVE-2008-5182)
  * Fix DoS when calling svc_listen twice on the same socket while reading
    /proc/net/atm/*vc (CVE-2008-5079)

  [ Bastian Blank ]
  * [openvz, vserver] Fix descriptions.
  * [sparc] Enable Sun Logical Domains support. (closes: #501684)
  * Fix coexistence of pata_marvell and ahci. (closes: #507432)
  * [sparc] Support Intergraph graphics chips. (closes: #508108)

 -- Bastian Blank <waldi@debian.org>  Mon, 15 Dec 2008 12:57:18 +0100

linux-2.6 (2.6.26-11) unstable; urgency=low

  [ Bastian Blank ]
  * [sparc] Reintroduce dummy PCI host controller to workaround broken X.org.
  * [sparc] Fix size checks in PCI maps.
  * Add stable release 2.6.26.8:
    - netfilter: restore lost ifdef guarding defrag exception
    - netfilter: snmp nat leaks memory in case of failure
    - netfilter: xt_iprange: fix range inversion match
    - ACPI: dock: avoid check _STA method
    - ACPI: video: fix brightness allocation
    - sparc64: Fix race in arch/sparc64/kernel/trampoline.S
    - math-emu: Fix signalling of underflow and inexact while packing result.
    - tcpv6: fix option space offsets with md5
    - net: Fix netdev_run_todo dead-lock
    - scx200_i2c: Add missing class parameter
    - DVB: s5h1411: Power down s5h1411 when not in use
    - DVB: s5h1411: Perform s5h1411 soft reset after tuning
    - DVB: s5h1411: bugfix: Setting serial or parallel mode could destroy bits
    - V4L: pvrusb2: Keep MPEG PTSs from drifting away
    - ACPI: Always report a sync event after a lid state change
    - ALSA: use correct lock in snd_ctl_dev_disconnect()
    - file caps: always start with clear bprm->caps_*
    - libertas: fix buffer overrun
    - net: Fix recursive descent in __scm_destroy().
    - SCSI: qla2xxx: Skip FDMI registration on ISP21xx/22xx parts.
      (Closes: #502552)
    - edac cell: fix incorrect edac_mode
    - ext[234]: Avoid printk floods in the face of directory corruption
      (CVE-2008-3528)
    - gpiolib: fix oops in gpio_get_value_cansleep()
  * Override ABI changes.
  * [xen] Update description. (closes: #505961)
  * Revert parts of 2.6.26.6 to fix resume breakage. (closes: #504167)
    - clockevents: prevent multiple init/shutdown
    - clockevents: broadcast fixup possible waiters

  [ dann frazier ]
  * Fix buffer overflow in hfsplus (CVE-2008-4933)
  * Fix BUG() in hfsplus (CVE-2008-4934)
  * Fix stack corruption in hfs (CVE-2008-5025)
  * Fix oops in tvaudio when controlling bass/treble (CVE-2008-5033)

  [ Martin Michlmayr ]
  * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable support for more partition
    tables, including MAC_PARTITION (requested by Benoît Knecht).
  * leds-pca9532: Fix memory leak and properly handle errors (Sven Wegener)
  * leds-pca9532: Move i2c work to a workqueque (Riku Voipio). (closes:
    #506116)

 -- Bastian Blank <waldi@debian.org>  Wed, 26 Nov 2008 11:43:48 +0100

linux-2.6 (2.6.26-10) unstable; urgency=low

  [ dann frazier ]
  * sctp: Fix possible kernel panic in sctp_sf_abort_violation (CVE-2008-4618)

  [ Martin Michlmayr ]
  * DNS-323: add support for revision B1 machines (Matthew Palmer).
  * ext3/ext4: Add support for non-native signed/unsigned htree hash
    algorithms (Theodore Ts'o). (closes: #493957)
  * [arm/ixp4xx] Enable USB_ACM (closes: #504723).

  [ Bastian Blank ]
  * agp: Fix stolen memory counting on Intel G4X. (closes: #502606)
  * Add stable release 2.6.26.7:
    - security: avoid calling a NULL function pointer in drivers/video/tvaudio.c
    - DVB: au0828: add support for another USB id for Hauppauge HVR950Q
    - drm/i915: fix ioremap of a user address for non-root (CVE-2008-3831)
    - ACPI: Ignore _BQC object when registering backlight device
    - hwmon: (it87) Prevent power-off on Shuttle SN68PT
    - Check mapped ranges on sysfs resource files
    - x86: avoid dereferencing beyond stack + THREAD_SIZE
    - PCI: disable ASPM on pre-1.1 PCIe devices
    - PCI: disable ASPM per ACPI FADT setting
    - V4L/DVB (9053): fix buffer overflow in uvc-video
    - V4L/DVB (8617): uvcvideo: don't use stack-based buffers for USB transfers.
    - V4L/DVB (8498): uvcvideo: Return sensible min and max values when querying
      a boolean control.
    - V4L: zr36067: Fix RGBR pixel format
    - V4L: bttv: Prevent NULL pointer dereference in radio_open
    - libata: fix EH action overwriting in ata_eh_reset()
    - libata: always do follow-up SRST if hardreset returned -EAGAIN
    - fbcon_set_all_vcs: fix kernel crash when switching the rotated consoles
    - modules: fix module "notes" kobject leak
    - b43legacy: Fix failure in rate-adjustment mechanism
    - CIFS: make sure we have the right resume info before calling CIFSFindNext
    - sched_rt.c: resch needed in rt_rq_enqueue() for the root rt_rq
    - tty: Termios locking - sort out real_tty confusions and lock reads
    - x86, early_ioremap: fix fencepost error
    - x86: improve UP kernel when CPU-hotplug and SMP is enabled
    - x86: Reserve FIRST_DEVICE_VECTOR in used_vectors bitmap.
  * [xen] Remove pte file workaround.

  [ Ian Campbell ]
  * [xen] Disable usage of PAT. (closes: #503821)

 -- Bastian Blank <waldi@debian.org>  Sat, 08 Nov 2008 10:50:58 +0100

linux-2.6 (2.6.26-9) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.26.6:
    - mm owner: fix race between swapoff and exit
    - rtc: fix kernel panic on second use of SIGIO nofitication
    - fbcon: fix monochrome color value calculation
    - ALSA: snd-powermac: HP detection for 1st iMac G3 SL
    - ALSA: snd-powermac: mixers for PowerMac G4 AGP
    - sparc64: Fix missing devices due to PCI bridge test in
      of_create_pci_dev().
    - sparc64: Fix disappearing PCI devices on e3500.
    - sparc64: Fix OOPS in psycho_pcierr_intr_other().
    - sparc64: Fix interrupt register calculations on Psycho and Sabre.
    - sparc64: Fix PCI error interrupt registry on PSYCHO.
    - udp: Fix rcv socket locking
    - sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH
      (CVE-2008-4576)
    - sctp: do not enable peer features if we can't do them.
    - ipsec: Fix pskb_expand_head corruption in xfrm_state_check_space
    - netlink: fix overrun in attribute iteration
    - niu: panic on reset
    - ipv6: Fix OOPS in ip6_dst_lookup_tail().
    - XFRM,IPv6: initialize ip6_dst_blackhole_ops.kmem_cachep
    - af_key: Free dumping state on socket close
    - pcmcia: Fix broken abuse of dev->driver_data
    - clockevents: remove WARN_ON which was used to gather information
    - ntp: fix calculation of the next jiffie to trigger RTC sync
    - x86: HPET: read back compare register before reading counter
    - x86: HPET fix moronic 32/64bit thinko
    - clockevents: broadcast fixup possible waiters
    - HPET: make minimum reprogramming delta useful
    - clockevents: prevent endless loop lockup
    - clockevents: prevent multiple init/shutdown
    - clockevents: enforce reprogram in oneshot setup
    - clockevents: prevent endless loop in periodic broadcast handler
    - clockevents: prevent clockevent event_handler ending up handler_noop
    - x86: fix memmap=exactmap boot argument
    - x86: add io delay quirk for Presario F700
    - ACPI: Avoid bogus EC timeout when EC is in Polling mode
    - x86: fix SMP alternatives: use mutex instead of spinlock, text_poke is
      sleepable
    - rtc: fix deadlock
    - mm: dirty page tracking race fix
    - x86-64: fix overlap of modules and fixmap areas
    - x86: PAT proper tracking of set_memory_uc and friends
    - x86: fix oprofile + hibernation badness
    - x86: fdiv bug detection fix
    - rt2x00: Use ieee80211_hw->workqueue again
    - x86: Fix 27-rc crash on vsmp due to paravirt during module load
    - sg: disable interrupts inside sg_copy_buffer
    - ocfs2: Increment the reference count of an already-active stack.
    - APIC routing fix
    - sched: fix process time monotonicity
    - block: submit_bh() inadvertently discards barrier flag on a sync write
    - x64, fpu: fix possible FPU leakage in error conditions
    - x86-64: Clean up save/restore_i387() usage
    - KVM: SVM: fix guest global tlb flushes with NPT
    - KVM: SVM: fix random segfaults with NPT enabled
    - ALSA: remove unneeded power_mutex lock in snd_pcm_drop
    - ALSA: fix locking in snd_pcm_open*() and snd_rawmidi_open*()
    - ALSA: oxygen: fix distorted output on AK4396-based cards
    - ALSA: hda - Fix model for Dell Inspiron 1525
    - SCSI: qla2xxx: Defer enablement of RISC interrupts until ISP
      initialization completes.
    - USB: fix hcd interrupt disabling
    - smb.h: do not include linux/time.h in userspace
    - pxa2xx_spi: fix build breakage
    - pxa2xx_spi: chipselect bugfixes
    - pxa2xx_spi: dma bugfixes
    - mm: mark the correct zone as full when scanning zonelists
    - async_tx: fix the bug in async_tx_run_dependencies
    - drivers/mmc/card/block.c: fix refcount leak in mmc_block_open()
    - ixgbe: initialize interrupt throttle rate
    - i2c-dev: Return correct error code on class_create() failure
    - x86-32: AMD c1e force timer broadcast late
  * [x86] Update patch to detect not properly announced cmos RTC devices.
  * [xen] Overtake hvc console by default.

  [ maximilian attems ]
  * [openvz] ip: NULL pointer dereferrence in tcp_v(4|6)_send_ack
    (closes: #500472)
  * [openvz] unset NF_CONNTRACK_IPV6 for now until abi bump.

  [ Stephen R. Marenka ]
  * [m68k] add patches to fix atari ethernec per Michael Schmitz:
    atari-ethernec-IRQF_SHARED.diff and atari-ethernec-fixes.diff.
  * [m68k] add mac-esp-fix-for-quadras-with-two-esp-chips.diff to fix macs
    with dual scsi busses and a problem with xorg, per Finn Thain.
  * [m68k] add atari-atari_keyb_init-operator-precedence.diff per
    Michael Schmitz.
  * [m68k] more mac patches, per Finn Thain.

  [ Martin Michlmayr ]
  * [arm/ixp4xx] Enable USB_ATM and USB_SPEEDTOUCH (closes: #502182).
  * [arm/iop32x, arm/orion5x] Likewise.
  * DNS-323: read MAC address from flash (Matthew Palmer).

  [ dann frazier ]
  * Restrict access to the DRM_I915_HWS_ADDR ioctl (CVE-2008-3831)
  * Don't allow splicing to files opened with O_APPEND (CVE-2008-4554)

 -- Bastian Blank <waldi@debian.org>  Sat, 18 Oct 2008 12:14:22 +0200

linux-2.6 (2.6.26-8) unstable; urgency=medium

  [ dann frazier ]
  * [x86] Fix broken LDT access in VMI (CVE-2008-4410)
  * ata: Fix off-by-one-error that causes errors when reading a
    block on the LBA28-LBA48 boundary
  * [s390] prevent ptrace padding area read/write in 31-bit mode
    (CVE-2008-1514)

  [ Bastian Blank ]
  * Fix generation of i386 Xen image information.
  * [i386] Restrict the usage of long NOPs. (closes: #464962)
  * Fix access to uninitialized user keyring. (closes: #500279)
  * [x86] Fix detection of non-PNP RTC devices. (closes: #499230)

 -- Bastian Blank <waldi@debian.org>  Thu, 09 Oct 2008 12:07:21 +0200

linux-2.6 (2.6.26-7) unstable; urgency=low

  [ Bastian Blank ]
  * [xen] Add SuSE Xen patch. (closes: #495895)
  * Only register notifiers in braille console if used, fixes Insert key.
    (closes: #494374)
  * Fix ACPI EC GPE storm detection. (closes: #494546)
  * Disable useless support for ISP1760 USB host controller.
    (closes: #498304)
  * rt61pci: Add a sleep after firmware upload. (closes: #498828)

  [ Stephen R. Marenka ]
  * [m68k] Set CONFIG_ATARI_ETHERNEC=m for atari, since it only works
    in modular form.
  * [m68k] Enable CONFIG_ADB_PMU68K=y for mac.
  * [m68k] Add atari-aranym-nf-wrappers.diff patch to fix atari LBD
    problems, set CONFIG_LBD=y for atari.

  [ Martin Michlmayr ]
  * [arm/orion5x] Enable CONFIG_ATALK (requested by Ben Schwarz).
  * [arm/versatile] Enable CONFIG_VFP. (closes: #499463)
  * ath5k: Fix bad udelay calls on AR5210 code (Nick Kossifidis).
  * [arm] No longer disable ATH5K.

  [ dann frazier ]
  * Add missing capability checks in sbni_ioctl (CVE-2008-3525)

 -- Bastian Blank <waldi@debian.org>  Wed, 01 Oct 2008 09:02:30 +0200

linux-2.6 (2.6.26-6) unstable; urgency=low

  [ maximilian attems ]
  * [openvz] Enable checkpointing. (closes: #497292)

  [ Bastian Blank ]
  * Allow forced module loading again. (closes: #494144)
  * Set IEEE 802.11 (wireless) regulatory domain default to EU.
    (closes: #497971)
  * [i386] Enable IDE ACPI support. Override ABI changes. (closes: #470528)
  * [i386/686-bigmem] Promote to generic subarch. (closes: #476120)

  [ Martin Michlmayr ]
  * Fix dead 21041 ethernet after ifconfig down (Thomas Bogendoerfer).

  [ dann frazier ]
  * [hppa] Enable the FPU before using it, fixes booting on A500s
    with our CONFIG_PRINTK_TIME=y setting. (closes: #499458)

 -- Bastian Blank <waldi@debian.org>  Wed, 24 Sep 2008 12:06:47 +0200

linux-2.6 (2.6.26-5) unstable; urgency=low

  [ Martin Michlmayr ]
  * Backport power-off method for Kurobox Pro.
  * [arm/versatile] Really enable CONFIG_RTC_DRV_PL031 (closes: #484432).

  [ Stephen R. Marenka ]
  * [m68k] Set CONFIG_LBD=n for atari, since it conflicts with nfblock.

  [ Bastian Blank ]
  * Reenable SiS SATA support. (closes: #496603)
  * [amd64,i386] Disable new-style SiS PATA support.
  * Add stable release 2.6.26.4:
    - sata_mv: don't issue two DMA commands concurrently
    - KVM: MMU: Fix torn shadow pte
    - x86: work around MTRR mask setting, v2
    - nfsd: fix buffer overrun decoding NFSv4 acl (CVE-2008-3915)
    - sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports
      (CVE-2008-3911)
    - r8169: balance pci_map / pci_unmap pair
    - tg3: Fix firmware event timeouts
    - crypto: authenc - Avoid using clobbered request pointer
    - sparc64: Fix cmdline_memory_size handling bugs.
    - sparc64: Fix overshoot in nid_range().
    - ipsec: Fix deadlock in xfrm_state management. (closes: #497796)
    - sctp: fix random memory dereference with SCTP_HMAC_IDENT option.
    - sctp: correct bounds check in sctp_setsockopt_auth_key
    - sch_prio: Fix nla_parse_nested_compat() regression
    - sctp: add verification checks to SCTP_AUTH_KEY option
    - sctp: fix potential panics in the SCTP-AUTH API.
    - udp: Drop socket lock for encapsulated packets
    - pkt_sched: Fix actions referencing
    - pkt_sched: Fix return value corruption in HTB and TBF.
    - netns: Add network namespace argument to rt6_fill_node() and
      ipv6_dev_get_saddr()
    - ipv6: Fix OOPS, ip -f inet6 route get fec0::1, linux-2.6.26,
      ip6_route_output, rt6_fill_node+0x175 (CVE-2008-3686)
    - AX.25: Fix sysctl registration if !CONFIG_AX25_DAMA_SLAVE
    - mm: make setup_zone_migrate_reserve() aware of overlapping nodes
    - 8250: improve workaround for UARTs that don't re-assert THRE correctly
    - rtc_time_to_tm: fix signed/unsigned arithmetic
    - drivers/char/random.c: fix a race which can lead to a bogus BUG()
    - cifs: fix O_APPEND on directio mounts
    - atl1: disable TSO by default
    - forcedeth: fix checksum flag
    - bio: fix bio_copy_kern() handling of bio->bv_len
    - bio: fix __bio_copy_iov() handling of bio->bv_len
    - ALSA: oxygen: prevent muting of nonexistent AC97 controls
    - S390 dasd: fix data size for PSF/PRSSD command
    - x86: fix "kernel won't boot on a Cyrix MediaGXm (Geode)"
    - x86: work around MTRR mask setting
    - USB: cdc-acm: don't unlock acm->mutex on error path
    - binfmt_misc: fix false -ENOEXEC when coupled with other binary handlers
    - fbdefio: add set_page_dirty handler to deferred IO FB
    - eeepc-laptop: fix use after free
    - PCI: fix reference leak in pci_get_dev_by_id()
    - cramfs: fix named-pipe handling
  * Override ABI changes.
  * [hppa] Disable new-style RTC support. Override ABI changes.

  [ maximilian attems ]
  * openvz: Add upstream fixes up to 24cebf40278cb071ff8b. (closes: #497528)

 -- Bastian Blank <waldi@debian.org>  Wed, 10 Sep 2008 12:55:16 +0200

linux-2.6 (2.6.26-4) unstable; urgency=low

  [ maximilian attems ]
  * x86: Reset ACPI_PROCFS_POWER for Lenny as buggy apps depend on it.
    (closes: #495541)
  * x86: ACPI: Fix thermal shutdowns
  * openvz: Add upstream fixes up to 0f14912e3d2251aff. (closes: #494384)
  * Add stable release 2.6.26.3:
    - USB: fix interface unregistration logic
    - usb-storage: unusual_devs entries for iRiver T10 and Datafab CF+SM reader
    - usb-serial: don't release unregistered minors
    - usb-storage: revert DMA-alignment change for Wireless USB
    - usb-storage: automatically recognize bad residues
    - USB: ftdi_sio: Add USB Product Id for ELV HS485
    - qla2xxx: Set an rport's dev_loss_tmo value in a consistent manner.
    - dccp: change L/R must have at least one byte in the dccpsf_val field
      (CVE-2008-3276)
    - KVM: Avoid instruction emulation when event delivery is pending
    - cs5520: add enablebits checking
    - acer-wmi: Fix wireless and bluetooth on early AMW0 v2 laptops
    - USB: usb-storage: quirk around v1.11 firmware on Nikon D4
    - radeonfb: fix accel engine hangs
    - radeon: misc corrections
    - sparc64: Fix global reg snapshotting on self-cpu.
    - sparc64: Do not clobber %g7 in setcontext() trap.
    - sparc64: Fix end-of-stack checking in save_stack_trace().
    - sparc64: Fix recursion in stack overflow detection handling.
    - sparc64: Make global reg dumping even more useful.
    - sparc64: Implement IRQ stacks.
    - sparc64: Handle stack trace attempts before irqstacks are setup.
    - PCI: Limit VPD length for Broadcom 5708S
    - ide: it821x in pass-through mode segfaults in 2.6.26-stable
    - syncookies: Make sure ECN is disabled
    - USB: ftdi_sio: add support for Luminance Stellaris Evaluation/Development
      Kits
    - i2c: Fix NULL pointer dereference in i2c_new_probed_device
    - SCSI: hptiop: add more PCI device IDs
    - SCSI: ses: fix VPD inquiry overrun
    - SCSI: scsi_transport_spi: fix oops in revalidate
    - CIFS: Fix compiler warning on 64-bit
    - x86: fix spin_is_contended()
    - matrox maven: fix a broken error path
    - i2c: Let users select algorithm drivers manually again
    - CIFS: properly account for new user= field in SPNEGO upcall string
      allocation
    - x86: fix setup code crashes on my old 486 box
    - KVM: ia64: Fix irq disabling leak in error handling code
    - mlock() fix return values
    - rtl8187: Fix lockups due to concurrent access to config routine
    - KVM: task switch: segment base is linear address
    - KVM: task switch: use seg regs provided by subarch instead of reading
      from GDT
    - KVM: task switch: translate guest segment limit to virt-extension byte
      granular field
    - r8169: avoid thrashing PCI conf space above RTL_GIGA_MAC_VER_06
    - sparc64: FUTEX_OP_ANDN fix
    - posix-timers: do_schedule_next_timer: fix the setting of ->si_overrun
    - posix-timers: fix posix_timer_event() vs dequeue_signal() race
    - vt8623fb: fix kernel oops
    - ide-cd: fix endianity for the error message in cdrom_read_capacity
    - qla2xxx: Add dev_loss_tmo_callbk/terminate_rport_io callback support.
    - random32: seeding improvement
    - CIFS: mount of IPC$ breaks with iget patch
    - CIFS: if get root inode fails during mount, cleanup tree connection
    - crypto: padlock - fix VIA PadLock instruction usage with
      irq_ts_save/restore()
    - ipvs: Fix possible deadlock in estimator code
    - SCSI: block: Fix miscalculation of sg_io timeout in CDROM_SEND_PACKET
      handler.
    - ALSA: asoc: restrict sample rate and size in Freescale MPC8610 sound
      drivers
    - ALSA: ASoC: fix SNDCTL_DSP_SYNC support in Freescale 8610 sound drivers
    - USB: pl2023: Remove USB id (4348:5523) handled by ch341
    - relay: fix "full buffer with exactly full last subbuffer" accounting
      problem
    - ipv6: Fix ip6_xmit to send fragments if ipfragok is true
    - x86: amd opteron TOM2 mask val fix

  [ dann frazier ]
  * [ia64] Fix boot-time hang w/ PRINTK_TIME by ensuring that cpu0 can access
    per-cpu vars in early boot
  * delay calls to sched_clock() until after sched_clock_init() to prevent
    inaccurate printk timings on ia64 and presumably other architectures

  [ Ian Campbell ]
  * [xen] import upstream fix to fb-defio driver used by Xen framebuffer.

  [ Bastian Blank ]
  * [powerpc] Enable proper RTC support. (closes: #484693)

  [ Martin Michlmayr ]
  * Add Marvell Orion fixes:
    - sata_mv: add the Gen IIE flag to the SoC devices.
    - sata_mv: don't avoid clearing interrupt status on SoC host adapters

  [ dann frazier ]
  * Fix overflow condition in sctp_setsockopt_auth_key (CVE-2008-3526)
  * Fix panics that may occur if SCTP AUTH is disabled (CVE-2008-3792)
  * [x86] Fix memory leak in the copy_user routine
    (CVE-2008-0598, closes: #490910)

 -- Bastian Blank <waldi@debian.org>  Thu, 28 Aug 2008 08:46:42 +0200

linux-2.6 (2.6.26-3) unstable; urgency=low

  [ Bastian Blank ]
  * Disable Emagic Audiowerk 2 soundcard support. The PCI IDs clashes with
    many DVB cards.
  * Update VServer patch to 2.3.0.35.
  * [armel/versatile] Override ABI changes.
  * [i386/686-bigmem] Add VServer image.

  [ Aurelien Jarno ]
  * [armel/versatile] Disable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for
    dynticks. (closes: #494842)

  [ Martin Michlmayr ]
  * Fix PCIe on the Kurobox Pro (Lennert Buytenhek).
  * Fix regressions caused by the "use software GSO for SG+CSUM capable
    netdevices" patch:
    - loopback: Enable TSO (Herbert Xu)
    - net: Preserve netfilter attributes in skb_gso_segment using
      __copy_skb_header (Herbert Xu)

  [ dann frazier ]
  * [amd64] Fix typo in TOM2 mask value, preventing a hang on some opteron
    systems. (closes: #494365)

 -- Bastian Blank <waldi@debian.org>  Mon, 18 Aug 2008 15:34:38 +0200

linux-2.6 (2.6.26-2) unstable; urgency=low

  [ Bastian Blank ]
  * [powerpc] Install arch/powerpc/lib/crtsavres.o into the headers, it is
    used during module linking.
  * Add stable release 2.6.26.1:
    - Fix off-by-one error in iov_iter_advance()
    - ath5k: don't enable MSI, we cannot handle it yet
    - b43legacy: Release mutex in error handling code
    - cpufreq acpi: only call _PPC after cpufreq ACPI init funcs got called already
    - VFS: increase pseudo-filesystem block size to PAGE_SIZE
    - markers: fix markers read barrier for multiple probes
    - tmpfs: fix kernel BUG in shmem_delete_inode
    - mpc52xx_psc_spi: fix block transfer
    - ixgbe: remove device ID for unsupported device
    - UML - Fix boot crash
    - eCryptfs: use page_alloc not kmalloc to get a page of memory
    - x86: fix kernel_physical_mapping_init() for large x86 systems
    - DVB: cx23885: SRAM changes for the 885 and 887 silicon parts
    - DVB: cx23885: Reallocated the sram to avoid concurrent VIDB/C issues
    - DVB: cx23885: DVB Transport cards using DVB port VIDB/TS1 did not stream
    - DVB: cx23885: Ensure PAD_CTRL is always reset to a sensible default
    - V4L: cx23885: Bugfix for concurrent use of /dev/video0 and /dev/video1
    - V4L: saa7134: Copy tuner data earlier to avoid overwriting manual tuner type
    - V4L: uvcvideo: Add support for Medion Akoya Mini E1210 integrated webcam
    - V4L: uvcvideo: Make input device support optional
    - V4L: uvcvideo: Don't free URB buffers on suspend
    - V4L: uvcvideo: Use GFP_NOIO when allocating memory during resume
    - V4L: uvcvideo: Fix a buffer overflow in format descriptor parsing
    - DVB: dib0700: add support for Hauppauge Nova-TD Stick 52009
    - V4L: cx18: Upgrade to newer firmware & update documentation
    - ALSA: trident - pause s/pdif output
    - myri10ge: do not use mgp->max_intr_slots before loading the firmware
    - myri10ge: do not forget to setup the single slice pointers
    - iop-adma: fix platform driver hotplug/coldplug
    - sparc64: Do not define BIO_VMERGE_BOUNDARY.
    - sparc64: Fix cpufreq notifier registry.
    - sparc64: Fix lockdep issues in LDC protocol layer.
    - tcp: Clear probes_out more aggressively in tcp_ack().
    - ARM: fix fls() for 64-bit arguments
    - vmlinux.lds: move __attribute__((__cold__)) functions back into final .text section
    - rtc-at91rm9200: avoid spurious irqs
    - ide-cd: fix oops when using growisofs
    - x86: fix crash due to missing debugctlmsr on AMD K6-3
    - cpusets: fix wrong domain attr updates
    - proc: fix /proc/*/pagemap some more
    - Fix build on COMPAT platforms when CONFIG_EPOLL is disabled
    - markers: fix duplicate modpost entry
    - x86, suspend, acpi: enter Big Real Mode
    - USB: fix usb serial pm counter decrement for disconnected interfaces
    - x86 reboot quirks: add Dell Precision WorkStation T5400
    - Fix typos from signal_32/64.h merge
    - rcu: fix rcu_try_flip_waitack_needed() to prevent grace-period stall
    - Patch Upstream: x86 ptrace: fix PTRACE_GETFPXREGS error
    - KVM: MMU: Fix potential race setting upper shadow ptes on nonpae hosts
    - KVM: MMU: nuke shadowed pgtable pages and ptes on memslot destruction
    - KVM: x86 emulator: Fix HLT instruction
    - KVM: VMX: Add ept_sync_context in flush_tlb
    - KVM: mmu_shrink: kvm_mmu_zap_page requires slots_lock to be held
    - KVM: SVM: fix suspend/resume support
    - KVM: VMX: Fix a wrong usage of vmcs_config
    - isofs: fix minor filesystem corruption
    - quota: fix possible infinite loop in quota code
    - hdlcdrv: Fix CRC calculation.
    - ipv6: __KERNEL__ ifdef struct ipv6_devconf
    - ipv6: use timer pending
    - udplite: Protection against coverage value wrap-around
    - pxamci: trivial fix of DMA alignment register bit clearing
  * [sparc] Install asm-sparc headers again.
  * Force RTC on by default and set clock on startup. Override ABI changes.
  * [i386, amd64] Make the CMOS RTC support builtin. (closes: #493567)
  * Add stable release 2.6.26.2:
    - sound: ensure device number is valid in snd_seq_oss_synth_make_info
    - Ath5k: kill tasklets on shutdown
    - Ath5k: fix memory corruption
    - vfs: fix lookup on deleted directory
    - ALSA: emu10k1 - Fix inverted Analog/Digital mixer switch on Audigy2
    - ALSA: hda - Add missing Thinkpad Z60m support
    - ALSA: hda - Fix DMA position inaccuracy
    - ALSA: hda - Fix wrong volumes in AD1988 auto-probe mode
    - Add compat handler for PTRACE_GETSIGINFO
    - Bluetooth: Signal user-space for HIDP and BNEP socket errors
    - Input: i8042 - add Acer Aspire 1360 to nomux blacklist
    - Input: i8042 - add Gericom Bellagio to nomux blacklist
    - Input: i8042 - add Intel D845PESV to nopnp list
    - jbd: fix race between free buffer and commit transaction
    - NFS: Ensure we zap only the access and acl caches when setting new acls
    - SCSI: ch: fix ch_remove oops
    - linear: correct disk numbering error check
    - netfilter: xt_time: fix time's time_mt()'s use of do_div()
    - Kprobe smoke test lockdep warning
    - Close race in md_probe
    - x86: io delay - add checking for NULL early param
    - x86: idle process - add checking for NULL early param
    - SCSI: bsg: fix bsg_mutex hang with device removal
    - netfilter: nf_nat_sip: c= is optional for session
    - romfs_readpage: don't report errors for pages beyond i_size
    - ftrace: remove unneeded documentation

  [ Martin Michlmayr ]
  * METH: fix MAC address setup (Thomas Bogendoerfer)
  * Export the reset button of the QNAP TS-409.
  * net: use software GSO for SG+CSUM capable netdevices (Lennert Buytenhek)

  [ dann frazier ]
  * device_create interface changed between 2.6.26 and 2.6.27; adjust hpilo
    backport appropriately. Fixes a NULL pointer dereference in ilo_probe().

 -- Bastian Blank <waldi@debian.org>  Fri, 08 Aug 2008 08:09:00 +0200

linux-2.6 (2.6.26-1) unstable; urgency=low

  * New upstream release see http://kernelnewbies.org/Linux_2_6_26
    - UDF 2.50 support. (closes: #480910)
    - mmc: increase power up delay (closes: #481190)
    - snd-hda-intel suspend troubles fixed. (closes: #469727, #481613, #480034)
    - cifs QueryUnixPathInfo fix (closes: #480995)
    - r8169 oops in r8169_get_mac_version (closes: #471892)
    - netfilter headers cleanup (closes: #482331)
    - iwlwifi led support (closes: #469095)
    - ath5k associates on AR5213A (closes: #463785)
    - T42 suspend fix (closes: #485873)
    - cpuidle acpi driver: fix oops on AC<->DC (closes: #477201)
    - opti621 ide fixes (closes: #475561)
    - ssh connection hangs with mac80211 (closes: #486089)
    - ocfs2: Allow uid/gid/perm changes of symlinks (closes: #479475)
    - xircom_tulip_cb: oboslete driver removed (closes: #416900)
    - r8169 properly detect link status (closes: #487586)
    - iwl3945 connection + support fixes (closes: #481436, #482196)
    - longrun cpufreq min freq fix (closes: #468149)
    - emux midi synthesizer SOFT_PEDAL-release event (closes: #474312)
    - vmemmap fixes to use smaller pages (closes: #483489)
    - x86 freeze fixes (closes: #482100, #482074)
    - xen boot failure fix (closes: #488284)
    - gdb read floating-point and SSE registers (closes: #485375)
    - USB_PERSIST is default on (closes: #489963)
    - alsa snd-hda Dell Inspiron fix (closes: #490649)
    - ipw2200: queue direct scans (closes: #487721)
    - better gcc-4.3 support (closes: #492301)
    - iwl3945 monitor mode. (closes: #482387)

  [ maximilian attems ]
  * topconfig set CRYPTO_CTS, SND_PCSP, SND_AW2, IWL4965_LEDS, IWL3945_LEDS,
    RT2400PCI_LEDS, RT2500PCI_LEDS, RT61PCI_LEDS, RT2500USB_LEDS,
    RT73USB_LEDS, NF_CT_PROTO_DCCP, BRIDGE_EBT_NFLOG, IWLWIFI_RFKILL,
    USB_SERIAL_SPCP8X5, USB_STORAGE_CYPRESS_ATACB, DVB_ISL6405, DVB_AU8522,
    VIDEO_EM28XX_DVB, VIDEO_CX18, VIDEO_AU0828, SOC_CAMERA_MT9M001,
    SOC_CAMERA_MT9V022, DVB_TUNER_ITD1000, VIDEO_PVRUSB2_DVB, USB_C67X00_HCD,
    USB_ISP1760_HCD, HTC_PASIC3, I2C_PCA_PLATFORM, TOUCHSCREEN_WM97XX,
    JOYSTICK_ZHENHUA, SFC, ACCESSIBILITY, UIO_SMX, LOGIRUMBLEPAD2_FF,
    A11Y_BRAILLE_CONSOLE, EDS_TRIGGER_DEFAULT_ON, VIDEO_ALLOW_V4L1, ATA_ACPI,
    SATA_PMP, ATA_SFF, USB_SERIAL_MOTOROLA, USB_WDM, MAC80211_MESH,
    IPV6_MROUTE, IPV6_PIMSM_V2, MTD_AR7_PARTS, SENSORS_IBMAEM, PATA_SCH,
    CGROUP_DEVICE, USB_ISIGHTFW, HW_RANDOM_VIRTIO, RTC_DRV_FM3130,
    USB_VIDEO_CLASS, CIFS_DFS_UPCALL.
  * [amd64, i386]: KVM_CLOCK, KVM_GUEST, ISCSI_IBFT_FIND, ISCSI_IBFT, THERMAL,
    EEEPC_LAPTOP, FB_N411, THERMAL_HWMON.
  * [amd64]: Enable SCSI_DPT_I2O as 64 bit now.
  * Reenable USB_SERIAL_EDGEPORT, USB_SERIAL_EDGEPORT_TI. (closes: #480195)
  * Enable TCP_MD5SIG for BGP sessions. (closes: #443742)
  * Add recognised alsa cards to bug report.
  * topconfig: Enable HYSDN, no longer broken on smp.
  * Add request_firmware patch for keyspan. (closes: #448900)
  * [x86]: Enable dma engine. (closes: #473331)
  * [ppc64]: Enable IBMEBUS and EHEA. (closes: #484888)
  * topconfig: Enable PROFILING across all flavours. (closes: #484885)
  * 486: enable OLPC support thanks Andres Salomon for merge.
    Kconfig variable patch by Robert Millan (closes: #485063).
  * Add request_firmware patch for ip2.
  * Add request_firmware patch for acenic. (closes: #284221)
  * [x86, ia64]: Set HPET_RTC_IRQ. (closes: #479709, #476970)
  * [ppc]: Set SND_VIRMIDI. (closes: #290090)
  * Fallback for userspace compatibility to old IEEE 1394 FireWire stack.
    (closes: #451367, #475295, #478419)
  * [x86]: Enable modular FB_UVESA. (closes: #473180)
  * JFFS2 enable summary and compressor support. (closes: #488242)
  * Add OLPC sdhci quirks. Thanks Andres Salomon <dilinger@debian.org>
    (closes: #485192)
  * [ppc]: Enable RTC_DRV_PPC. (closes: #484693) Thanks for the patch to
    Geoff Levand <geoffrey.levand@am.sony.com>.
  * Enable BLK_DEV_BSG for SG v4 support.
  * [amd64] Enable default disabled memtest boot param.
  * topconfig: Enable PATA_SIS instead of SATA_SIS. (closes: #485609)
  * Add OpenVZ countainer flavour for amd64, i386. (closes: #392015)
  * atl1e driver for Atheros(R) L1e Fast Ethernet. (closes: #492029)
  * [ALSA] hda - Add ICH9 controller support (8086:2911)
  * [ALSA] hda - support intel DG33 motherboards
  * HP iLO driver
  * Input: i8042 - add Arima-Rioworks HDAMB board to noloop list
    (closes: #489190) thanks Guillaume Morin <guillaume@morinfr.org>

  [ Martin Michlmayr ]
  * [arm/orion5x] Update the config to reflect upstream renaming this
    subarch.
  * [arm/orion5x] Add some patches from Marvell's Orion tree:
    - Feroceon: speed up flushing of the entire cache
    - support for 5281 D0 stepping
    - cache align destination pointer when copying memory for some processors
    - cache align memset and memzero
    - DMA engine driver for Marvell XOR engine
    - Orion hardware watchdog support
  * [arm/orion5x] Enable NETCONSOLE.
  * [arm/orion5x] Disable more SCSI drivers.
  * [arm/ixp4xx] Disable most ATA and more SCSI and network drivers.
  * [arm/versatile] Enable CONFIG_RTC_DRV_PL031 (closes: #484432).
  * [arm/iop32x, arm/ixp4xx, arm/versatile] Enable ARM_THUMB (closes: #484524).
  * [arm/iop32x] Add LED driver for Thecus N2100 (Riku Voipio).
  * [mips/r5k-ip32] Enable USB.
  * [arm/orion5x, arm/iop32x, arm/ixp4xx, mipsel/r5k-cobalt] Enable HAMRADIO
    on the request of Heinz Janssen.
  * [arm/orion5x] Add support for QNAP TS-409 and HP mv2120; thanks
    Sylver Bruneau.
  * [mips] Add patches from Thomas Bogendoerfer:
    - gbefb: fix cmap FIFO timeout (closes: #487257)
    - IP32: Enable FAST-20 for onboard scsi
    - IP32: SGI O2 sound driver
  * [arm/ixp4xx] Add support for Freecom FSG-3 (Rod Whitby).
  * [arm/ixp4xx] Enable CONFIG_MACH_DSMG600.
  * [arm/iop32x] Unset NET_DMA since it actually leads to worse network
    performance.
  * [arm/orion5x] Fix a boot crash on the Kurobox Pro.
  * [arm/orion5x] use better key codes for the TS-209/TS-409 buttons
  * [arm/orion5x] export red SATA lights on TS-409, fix SATA presence/activity
  * [arm] Enable KEXEC (closes: #492268).
  * [arm/orion5x] Enable USB_PRINTER, requested by Mike Arthur.
  * [arm/orion5x] Enable binfmt aout, x25, wireless and ATM.
  * [arm/iop32x, arm/orion5x] Enable USB_SISUSBVGA.
  * [arm] xfs: pack some shortform dir2 structures for the ARM old ABI
    architecture (closes: #414932).

  [ Ian Campbell ]
  * Readme.build updated on how to generate orig tarballs.
  * Forward port vmlinuz-target.patch.
  * Enable Xen save/restore and memory ballooning for Xen enabled kernels.

  [ Bastian Blank ]
  * [powerpc/powerpc-miboot] Disable. (closes: #481358)
  * [powerpc/powerpc64] Support IBM Cell based plattforms and PS3.
    (closes: #462529)
  * [s390] Synchronize block device, network bridge, network scheduler and CRC
    support.
  * [s390] Enable support for PCI-attached cryptographic adapters.
  * Use control group as base for group CPU scheduler. This reenabled
    traditional nice behaviour. (closes: #489223)
  * Bump yaird dependencies to at least 0.0.13.
  * Reenable SECCOMP. There is no longer additional overhead.
    (closes: #474648)
  * Export symbol required for MOL again. (closes: #460667)
  * [powerpc/powerpc64] Fix console selection in LPAR environment.
    (closes: #492703)
  * Fix several userspace compatibility problems.

  [ Christian T. Steigies ]
  * [m68k] enable SERIAL_CONSOLE for amiga and atari

  [ Thiemo Seufer ]
  * [mips] Fix logic bug in atomic_sub_if_positive.

  [ Stephen R. Marenka ]
  * [m68k] Update pending m68k patches.
  * [m68k] Enable nfcon and nfblock for atari.
  * [m68k] Change compiler to default.

  [ Aurelien Jarno ]
  * [arm/versatile] Switch scsi/ext3/smc91x to modules now that we have proper
    d-i support. Remove options defined in toplevel config file.

 -- Bastian Blank <waldi@debian.org>  Wed, 30 Jul 2008 10:17:29 +0200

linux-2.6 (2.6.25-7) unstable; urgency=high

  * Add stable release 2.6.25.10:
    - TTY: fix for tty operations bugs (CVE-2008-2812)
    - sched: fix cpu hotplug
    - IB/mthca: Clear ICM pages before handing to FW
    - DRM: enable bus mastering on i915 at resume time
    - x86: shift bits the right way in native_read_tscp
    - x86_64 ptrace: fix sys32_ptrace task_struct leak (CVE-2008-3077)
    - ptrace GET/SET FPXREGS broken
    - futexes: fix fault handling in futex_lock_pi
    - x86: fix cpu hotplug crash
  * Add stable release 2.6.25.11:
    - x86: fix ldt limit for 64 bit

 -- maximilian attems <maks@debian.org>  Mon, 14 Jul 2008 10:58:14 +0200

linux-2.6 (2.6.25-6) unstable; urgency=high

  [ maximilian attems ]
  * Add stable release 2.6.25.7:
    - double-free of inode on alloc_file() failure exit in create_write_pipe()
    - m68k: Add ext2_find_{first,next}_bit() for ext4
    - bluetooth: fix locking bug in the rfcomm socket cleanup handling
    - serial: fix enable_irq_wake/disable_irq_wake imbalance in serial_core.c
    - bttv: Fix a deadlock in the bttv driver (closes: #487594)
    - forcedeth: msi interrupts
    - CPUFREQ: Fix format string bug.
    - mmc: wbsd: initialize tasklets before requesting interrupt
    - ecryptfs: fix missed mutex_unlock
    - mac80211: send association event on IBSS create
    - bluetooth: rfcomm_dev_state_change deadlock fix
    - sunhv: Fix locking in non-paged I/O case.
    - cassini: Only use chip checksum for ipv4 packets.
    - ipwireless: Fix blocked sending
    - net: Fix call to ->change_rx_flags(dev, IFF_MULTICAST) in
      dev_change_flags()
    - fbdev: export symbol fb_mode_option
    - ipsec: Use the correct ip_local_out function
    - tcp: fix skb vs fack_count out-of-sync condition
    - tcp FRTO: Fix fallback to conventional recovery
    - tcp FRTO: SACK variant is errorneously used with NewReno
    - tcp FRTO: work-around inorder receivers
    - tcp: Fix inconsistency source (CA_Open only when !tcp_left_out(tp))
    - l2tp: avoid skb truesize bug if headroom is increased
    - l2tp: Fix possible WARN_ON from socket code when UDP socket is closed
    - l2tp: Fix possible oops if transmitting or receiving when tunnel goes down
    - ax25: Fix NULL pointer dereference and lockup.
    - sound: emu10k1 - fix system hang with Audigy2 ZS Notebook PCMCIA card
    - tcp: Allow send-limited cwnd to grow up to max_burst when gso disabled
    - tcp: Limit cwnd growth when deferring for GSO
    - af_key: Fix selector family initialization.
    - hgafb: resource management fix
    - cifs: fix oops on mount when CONFIG_CIFS_DFS_UPCALL is enabled
    - b43: Fix controller restart crash
    - ssb: Fix context assertion in ssb_pcicore_dev_irqvecs_enable
    - eCryptfs: protect crypt_stat->flags in ecryptfs_open()
    - cciss: add new hardware support
    - ecryptfs: add missing lock around notify_change
    - ecryptfs: clean up (un)lock_parent
    - Add 'rd' alias to new brd ramdisk driver
    - net_sched: cls_api: fix return value for non-existant classifiers
    - vlan: Correctly handle device notifications for layered VLAN devices
    - IB/umem: Avoid sign problems when demoting npages to integer
    - x86: fix recursive dependencies
    - can: Fix copy_from_user() results interpretation
    - Kconfig: introduce ARCH_DEFCONFIG to DEFCONFIG_LIST
    - tcp: TCP connection times out if ICMP frag needed is delayed
    - ALSA: hda - Fix resume of auto-config mode with Realtek codecs
    - netlink: Fix nla_parse_nested_compat() to call nla_parse() directly
  * Add stable release 2.6.25.9:
    - Add return value to reserve_bootmem_node()
    - x86: use BOOTMEM_EXCLUSIVE on 32-bit
    - sctp: Make sure N * sizeof(union sctp_addr) does not overflow.
    - hwmon: (lm85) Fix function RANGE_TO_REG()
    - hwmon: (adt7473) Initialize max_duty_at_overheat before use
    - x86: set PAE PHYSICAL_MASK_SHIFT to 44 bits.
    - Reinstate ZERO_PAGE optimization in 'get_user_pages()' and fix XIP
    - watchdog: hpwdt: fix use of inline assembly
    - Fix ZERO_PAGE breakage with vmware
    - atl1: relax eeprom mac address error check

  [ Martin Michlmayr]
  * [arm/orion5x] Enable INPUT_EVDEV and KEYBOARD_GPIO.

  [ Steve Langasek ]
  * Enable CONFIG_CIFS_EXPERIMENTAL and CONFIG_CIFS_UPCALL, required for
    CIFS mounts to be able to use Kerberos authentication.  Closes: #480663.

  [ Bastian Blank ]
  * Add stable release 2.6.25.8:
    - x86: disable mwait for AMD family 10H/11H CPUs
    - x86: remove mwait capability C-state check
    - nf_conntrack_h323: fix memory leak in module initialization error path
    - nf_conntrack_h323: fix module unload crash
    - nf_conntrack: fix ctnetlink related crash in nf_nat_setup_info()
    - SCSI: sr: fix corrupt CD data after media change and delay
    - ACPICA: Ignore ACPI table signature for Load() operator
    - scsi_host regression: fix scsi host leak
    - b43: Fix possible NULL pointer dereference in DMA code
    - b43: Fix noise calculation WARN_ON
    - virtio_net: Fix skb->csum_start computation
    - opti621: remove DMA support
    - opti621: disable read prefetch
    - Fix tty speed handling on 8250
    - x86-64: Fix "bytes left to copy" return value for copy_from_user()
   * Fix alpha build due too inconsistent kallsyms data.

 -- maximilian attems <maks@debian.org>  Fri, 27 Jun 2008 00:33:53 +0200

linux-2.6 (2.6.25-5) unstable; urgency=low

  [ maximilian attems ]
  [ Bastian Blank ]
  * Reenable VServer images.

  [ maximilian attems ]
  * Add stable release 2.6.25.5:
    - asn1: additional sanity checking during BER decoding (CVE-2008-1673)
  * Add stable release 2.6.25.6:
    - atl1: fix 4G memory corruption bug
    - capabilities: remain source compatible with 32-bit raw legacy capability
      support.
    - usb-serial: Use ftdi_sio driver for RATOC REX-USB60F
    - cpufreq: fix null object access on Transmeta CPU
    - Smack: fuse mount hang fix
    - cgroups: remove node_ prefix_from ns subsystem
    - XFS: Fix memory corruption with small buffer reads
    - x86: don't read maxlvt before checking if APIC is mapped
    - USB: option: add new Dell 5520 HSDPA variant
    - md: do not compute parity unless it is on a failed drive
    - md: fix uninitialized use of mddev->recovery_wait
    - md: fix prexor vs sync_request race
    - HID: split Numlock emulation quirk from HID_QUIRK_APPLE_HAS_FN.
    - USB: do not handle device 1410:5010 in 'option' driver
    - USB: unusual_devs: Add support for GI 0401 SD-Card interface
    - USB: add Telstra NextG CDMA id to option driver
    - USB: fix build errors in ohci-omap.c and ohci-sm501.c
    - USB: add TELIT HDSPA UC864-E modem to option driver
    - memory_hotplug: always initialize pageblock bitmap
    - x86: fix bad pmd ffff810000207xxx(9090909090909090)
    - USB: add Zoom Telephonics Model 3095F V.92 USB Mini External modem to
      cdc-acm
    - x86: prevent PGE flush from interruption/preemption
    - IPoIB: Test for NULL broadcast object in ipiob_mcast_join_finish()
    - i386: fix asm constraint in do_IRQ()
    - i2c-nforce2: Disable the second SMBus channel on the DFI Lanparty NF4
      Expert
    - i2c/max6875: Really prevent 24RF08 corruption
    - brk: make sys_brk() honor COMPAT_BRK when computing lower bound
    - Revert "PCI: remove default PCI expansion ROM memory allocation"
    - PS3: gelic: fix memory leak
    - eCryptfs: remove unnecessary page decrypt call
    - netfilter: nf_conntrack_expect: fix error path unwind in
      nf_conntrack_expect_init()
    - netfilter: xt_connlimit: fix accouning when receive RST packet in
      ESTABLISHED state
    - netfilter: nf_conntrack_ipv6: fix inconsistent lock state in
      nf_ct_frag6_gather()
    - POWERPC Bolt in SLB entry for kernel stack on secondary cpus
    - netfilter: xt_iprange: module aliases for xt_iprange
    - x86: user_regset_view table fix for ia32 on 64-bit
    - x86: if we cannot calibrate the TSC, we panic.
    - CIFS: Fix UNC path prefix on QueryUnixPathInfo to have correct slash
    - x86, fpu: fix CONFIG_PREEMPT=y corruption of application's FPU stack
    - libata: force hardreset if link is in powersave mode
    - x86: fix setup of cyc2ns in tsc_64.c
    - x86: distangle user disabled TSC from unstable
    - x86: disable TSC for sched_clock() when calibration failed
    - pagemap: fix bug in add_to_pagemap, require aligned-length reads of
      /proc/pid/pagemap
    - ext3/4: fix uninitialized bs in ext3/4_xattr_set_handle()
    - proc: calculate the correct /proc/<pid> link count
    - CPUFREQ: Make acpi-cpufreq more robust against BIOS freq changes behind
      our back.
    - USB: remove PICDEM FS USB demo (04d8:000c) device from ldusb
    - types.h: don't expose struct ustat to userspace

  [ Bastian Blank ]
  * Ignore ABI change in internal XFS symbol.

 -- Bastian Blank <waldi@debian.org>  Thu, 12 Jun 2008 08:47:11 +0200

linux-2.6 (2.6.25-4) unstable; urgency=low

  [ maximilian attems ]
  * Fix arm Kconfig logic disabling random drivers. (closes: #481410)
  * Add stable release 2.6.25.4:
    - OHCI: fix regression upon awakening from hibernation
    - V4L/DVB (7473): PATCH for various Dibcom based devices
    - {nfnetlink, ip, ip6}_queue: fix skb_over_panic when enlarging packets
    - dccp: return -EINVAL on invalid feature length
    - md: fix raid5 'repair' operations
    - sparc: Fix SA_ONSTACK signal handling.
    - sparc: Fix fork/clone/vfork system call restart.
    - sparc64: Stop creating dummy root PCI host controller devices.
    - sparc64: Fix wedged irq regression.
    - SPARC64: Fix args to 64-bit sys_semctl() via sys_ipc().
    - serial: Fix sparc driver name strings.
    - sparc: Fix ptrace() detach.
    - sparc: Fix mremap address range validation.
    - sparc: Fix debugger syscall restart interactions.
    - sparc32: Don't twiddle PT_DTRACE in exec.
    - r8169: fix oops in r8169_get_mac_version
    - SCSI: aha152x: Fix oops on module removal
    - SCSI: aha152x: fix init suspiciously returned 1, it should follow
      0/-E convention
    - sch_htb: remove from event queue in htb_parent_to_leaf()
    - i2c-piix4: Blacklist two mainboards
    - SCSI: qla1280: Fix queue depth problem
    - ipvs: fix oops in backup for fwmark conn templates
    - USB: airprime: unlock mutex instead of trying to lock it again
    - rtc: rtc_time_to_tm: use unsigned arithmetic
    - SCSI: libiscsi regression in 2.6.25: fix nop timer handling
    - SCSI: libiscsi regression in 2.6.25: fix setting of recv timer
    - can: Fix can_send() handling on dev_queue_xmit() failures
    - macvlan: Fix memleak on device removal/crash on module removal
    - nf_conntrack: padding breaks conntrack hash on ARM
    - sparc: sunzilog uart order
    - r8169: fix past rtl_chip_info array size for unknown chipsets
    - x86: use defconfigs from x86/configs/*
    - vt: fix canonical input in UTF-8 mode
    - ata_piix: verify SIDPR access before enabling it
    - serial: access after NULL check in uart_flush_buffer()
    - x86: sysfs cpu?/topology is empty in 2.6.25 (32-bit Intel system)
    - XFRM: AUDIT: Fix flowlabel text format ambibuity.
  * Update userspace merged HZ alpha fixed version.
  * Backport netfilter: Move linux/types.h inclusions outside of #ifdef
    __KERNEL__. (closes: #479899)
  * types.h: don't expose struct ustat to userspace. (closes: #429064)

  [ Bastian Blank ]
  * Fix ABI changes from: ipvs: fix oops in backup for fwmark conn templates

 -- maximilian attems <maks@debian.org>  Tue, 27 May 2008 11:46:11 +0200

linux-2.6 (2.6.25-3) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.25.3:
    - sit: Add missing kfree_skb() on pskb_may_pull() failure.
    - sparc: Fix mmap VA span checking.
    - CRYPTO: eseqiv: Fix off-by-one encryption
    - CRYPTO: authenc: Fix async crypto crash in crypto_authenc_genicv()
    - CRYPTO: cryptd: Correct kzalloc error test
    - CRYPTO: api: Fix scatterwalk_sg_chain
    - x86 PCI: call dmi_check_pciprobe()
    - b43: Fix some TX/RX locking issues
    - kprobes/arm: fix decoding of arithmetic immediate instructions
    - kprobes/arm: fix cache flush address for instruction stub
    - b43: Fix dual-PHY devices
    - POWERPC: mpc5200: Fix unterminated of_device_id table
    - reiserfs: Unpack tails on quota files
    - sched: fix hrtick_start_fair and CPU-Hotplug
    - vfs: fix permission checking in sys_utimensat
    - md: fix use after free when removing rdev via sysfs
    - mm: fix usemap initialization
    - 2.6.25 regression: powertop says 120K wakeups/sec

  [ maximilian attems ]
  * Redisable old dup prism54 driver.
  * Reenable accidentaly disabled SIS190. (closes: #478773)
  * Add lmkl patch to unbreak HZ userspace aka perl5.10 build fix.
    (closes: #480130)

  [ Martin Michlmayr ]
  * [armel] Disable some SCSI drives (that are disabled on arm) so the
    ramdisk will fit in flash on NSLU2 (closes: #480310).

 -- maximilian attems <maks@debian.org>  Wed, 14 May 2008 11:16:56 +0200

linux-2.6 (2.6.25-2) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.25.1:
    - Fix dnotify/close race (CVE-2008-1375)
    - V4L: Fix VIDIOCGAP corruption in ivtv
    - USB: log an error message when USB enumeration fails
    - USB: OHCI: fix bug in controller resume
    - SCSI: qla2xxx: Correct regression in relogin code.
    - rose: Socket lock was not released before returning to user space
    - x86, pci: fix off-by-one errors in some pirq warnings
    - hrtimer: timeout too long when using HRTIMER_CB_SOFTIRQ
    - RDMA/nes: Fix adapter reset after PXE boot
    - rtc-pcf8583 build fix
    - JFFS2: Fix free space leak with in-band cleanmarkers
    - SELinux: no BUG_ON(!ss_initialized) in selinux_clone_mnt_opts
    - tehuti: check register size (CVE-2008-1675)
    - IPSEC: Fix catch-22 with algorithm IDs above 31
    - alpha: unbreak OSF/1 (a.out) binaries
    - tehuti: move ioctl perm check closer to function start (CVE-2008-1675)
    - aio: io_getevents() should return if io_destroy() is invoked
    - mm: fix possible off-by-one in walk_pte_range()
    - TCP: Increase the max_burst threshold from 3 to tp->reordering.
    - ssb: Fix all-ones boardflags
    - cgroup: fix a race condition in manipulating tsk->cg_list
    - drivers/net/tehuti: use proper capability check for raw IO access
    - tg3: 5701 DMA corruption fix
    - V4L: tea5761: bugzilla #10462: tea5761 autodetection code were broken
    - b43: Workaround invalid bluetooth settings
    - b43: Add more btcoexist workarounds
    - b43: Workaround DMA quirks
    - dm snapshot: fix chunksize sector conversion
    - x86: Fix 32-bit x86 MSI-X allocation leakage
    - RTNETLINK: Fix bogus ASSERT_RTNL warning
    - net: Fix wrong interpretation of some copy_to_user() results.
    - dz: test after postfix decrement fails in dz_console_putchar()
    - RDMA/nes: Free IRQ before killing tasklet
    - S2io: Fix memory leak during free_tx_buffers
    - S2io: Version update for memory leak fix during free_tx_buffers
    - USB: Add HP hs2300 Broadband Wireless Module to sierra.c
    - V4L: cx88: enable radio GPIO correctly
    - hrtimer: raise softirq unlocked to avoid circular lock dependency
    - tcp: tcp_probe buffer overflow and incorrect return value
  * [ide] Add upstream piix patch for asus eee pc. (closes: #479217)

  [ Christian T. Steigies ]
  * [m68k] Add patches for 2.6.25.
  * [m68k] Disable EXT4DEV_FS for now.
  * [m68k] Enable SCSI_MAC_ESP for mac.

  [ Ian Campbell ]
  * [x86]: Enable Xen guest support in all i386 flavours.

  [ Bastian Blank ]
  * Add stable release 2.6.25.2:
    - fix SMP ordering hole in fcntl_setlk() (CVE-2008-1669)

 -- Bastian Blank <waldi@debian.org>  Thu, 08 May 2008 14:46:48 +0200

linux-2.6 (2.6.25-1) unstable; urgency=low

  * New upstream release (closes: #456799, #468440, #475161, #475134, #475441)
    - Add oabi shim for fstatat64 (closes: #462677)

  [ maximilian attems ]
  * topconfig set NOZOMI, CRYPTO_SEQIV, CRYPTO_CTR, CRYPTO_GCM, CRYPTO_CCM,
    CRYPTO_SALSA20, CRYPTO_LZO, CRYPTO_DEV_HIFN_795X, USB_SI470X,
    USB_STKWEBCAM, VIDEO_PVRUSB2_ONAIR_USB2, VIDEO_PVRUSB2_ONAIR_CREATOR,
    VIDEO_EM28XX_ALSA, CRYPTO_DEV_HIFN_795X_RNG, PCF8575, TPS65010, RTL8180,
    ENC28J60, R6040, CAN, NETFILTER_XT_MATCH_OWNER, MAC80211_RC_DEFAULT_PI,
    NETFILTER_XT_TARGET_RATEEST, NETFILTER_XT_TARGET_TCPOPTSTRIP,
    NETFILTER_XT_MATCH_IPRANGE, NETFILTER_XT_MATCH_RATEEST, SND_OXYGEN,
    SND_HIFIER, SND_VIRTUOSO, USB_NET_RNDIS_WLAN, USB_ANNOUNCE_NEW_DEVICES,
    USB_SERIAL_IUU, NET_CLS_FLOW, INFINIBAND_NES, RTC_DRV_R9701,
    RTC_DRV_DS1511, MEMSTICK, SENSORS_W83L786NG, SENSORS_ADS7828, IPWIRELESS,
    RISCOM8, IGB, UTS_NS, IPC_NS, IPV6_ROUTE_INFO, ENCLOSURE_SERVICES,
    SCSI_ENCLOSURE, SENSORS_ADT7473, SCSI_MVSAS, REALTEK_PHY, RTC_DRV_S35390A,
    MEMSTICK_JMICRON_38X, IWL4965_HT.
  * [amd64] Enable CRYPTO_SALSA20_X86_64, EDAC_I3000, EFI, EFI_VARS, I8K,
    PARAVIRT_GUEST, PARAVIRT, VIRTIO_PCI, VIRTIO_BALLOON, SPARSEMEM_VMEMMAP.
  * [amd64, i386]: Enable LEDS_CLEVO_MAIL, INPUT_APANEL, ACER_WMI,
    THINKPAD_ACPI_HOTKEY_POLL, HP_WATCHDOG, THINKPAD_ACPI_VIDEO,
    VIRTION_CONSOLE, ACPI_WMI, IO_DELAY_0X80.
  * topconfig disable PARPORT_PC_FIFO due to instabilities.
    (closes: #366165, #388309, #406056, #407816, #453911)
  * [amd64, i386]: Enable SONYPI_COMPAT for better sony laptop support.
  * topconfig: Enable HID_FF for some HID devices. (closes: #441348)
  * topconfig: Enable IPV6_ROUTER_PREF for multi-homed net. (closes: #449247)
  * topconfig: Set UTF8 as default encoding. (closes: #417324)
  * Tighten yaird dependency. (closes: #403171)
  * Configs general cleanup, centralize USB_NET, disable IRDA_DEBUG.
  * postinst: Nuke confusing postinst message. (closes: #465512)
  * [sparc]: Enable SCSI_SCAN_ASYNC.
  * [i386]: Enable TC1100_WMI, SND_SIS7019, CRYPTO_SALSA20_586.
  * topconfig: Centralize old IEEE80211 stack options. (closes: #470558)
  * control.source.in: Newer standard version without changes.
  * copyright: adapt to latest lintian recommendation.
  * input: Add 4 additional exports for modular speakup and braille support.
  * firewire: Add firewire-git.patch for latest firewire tree features.
  * 686: Set USB_PERSIST for eee pc suspend support. (closes: #468213)
  * topconfig disable PATA_SIS as sis5513 enabled. (closes: #475525)
  * [xen]: Support direct load of bzImage under Xen. (closes: #474509)
    Thanks Ian Campbell <ijc@hellion.org.uk> for patches.
  * [xen]: Module autoprobing support for frontend drivers.
  * [arm]: Don't ovverride topconfig SENSORS_W83792D setting.
    (closes: #477745)

  [ Martin Michlmayr ]
  * [arm/armel] Add a kernel for Orion based devices, such as the QNAP
    TS-109/TS-209.
  * [mips(el)/sb1*] Enable SB1250_MAC (thanks Thomas Bogendoerfer).
  * [mipsel/r5k-cobalt] Enable DUMMY_CONSOLE since this might
    fix the debian-installer startup hang on Qube 2700.
  * [arm/footbridge] Disable KEYS and SECURITY for smaller d-i image.
  * [arm/footbridge] Build NFS as a module to make the image smaller.
  * [mips/r5k-ip32] Don't build in NFS.
  * [mips/r5k-ip32] Use the generic config options for NFS, which will
    enable NFSv4. (closes: #471007)
  * [mips/r5k-ip32] Enable R8169, requested by Giuseppe Sacco.
  * [arm/iop32x] Enable MACH_EM7210. (closes: #473136)
  * [arm/orion] Add patch to set the MAC address on QNAP TS-109/TS-209
    (Lennert Buytenhek).
  * [arm/orion] Add support for Buffalo Linkstation Pro/Live (Byron Bradley).
  * [arm/orion] Fix hang when Write Allocate is enabled (Lennert Buytenhek).
  * [arm/orion] Add support for QNAP TS-409 (Sylver Bruneau).
  * [arm/orion] Add preliminary support for HP mv2120.

  [ Daniel Baumann ]
  * Added patch from unionfs upstream to export release_open_intent symbol.

  [ Gordon Farquharson ]
  * [arm/ixp4xx] Use GPIO LED driver as opposed to ixp4xx LED driver.
  * [arm/ixp4xx] Fix ixp4xx-beeper module so that udev loads it
    automatically.
  * [arm/iop32x] Enable support for the GLAN Tank flash chip (M29W400DB).
  * [arm/iop32x] Do not build the ARTOP PATA driver (PATA_ARTOP).
  * [arm/iop32x] Register the F75375 device in the GLAN Tank platform code.
  * Prevent physmap from calling request_module() too early.
  * [arm/ixp4xx] Fix used_sram_bitmap corruption in qmgr_release_queue().

  [ Aurelien Jarno ]
  * [mips/mipsel] Enable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for dynticks
    and true high-resolution timers on 4kc-malta and 5kc-malta flavours.
  * [i386, amd64] Set modular VIRTIO, VIRTIO_RING, VIRTIO_BLK, VIRTIO_NET.

  [ Bastian Blank ]
  * Remove binary only firmwares for:
    - Broadcom NetXtremeII 10Gb support
  * Disable now broken drivers:
    - Broadcom NetXtremeII 10Gb support
  * Fix broken drivers:
    - Broadcom NetXtremeII support
  * [powerpc] Use new wrapper install support.
  * [s390] Enable DM_MULTIPATH_EMC.
  * Enable AF_RXRPC, RXKAD, PRINTK_TIME, DEBUG_KERNEL, SCHED_DEBUG,
    TIMER_STATS, DEBUG_FS.
  * Disable R3964, USB_GADGET.
  * [hppa] Enable several filesystems.
  * Make NLS modular.
  * [i386/486] Make ext2 modular.
  * [alpha,amd64,i386] Make ATM modular.
  * [powerpc/powerpc64] Support PA Semi based plattforms. (closes: #463200)
  * Follow upstream change for default TCP congestion control.
    (closes: #477589)

  [ Steve Langasek ]
  * topconfig: Enable CONFIG_CIFS_WEAK_PW_HASH, required for compatibility
    with legacy (pre-NTLM) fileservers.

  [ Christian Perrier ]
  * Debconf template rewrite + mark them as translatable.
    Thanks to Justin B Rye <jbr@edlug.org.uk> for review.

 -- Bastian Blank <waldi@debian.org>  Fri, 25 Apr 2008 16:27:23 +0200

linux-2.6 (2.6.24-6) unstable; urgency=high

  [ Martin Michlmayr ]
  * [armel] Fix FTBFS on armel by enabling CONFIG_USB_USBNET=m in
    armel/config, as it was done for arm/config already.
  * [armel] Add oabi shim for fstatat64 (Riku Voipio)

  [ Gordon Farquharson ]
  * [arm/iop32x] Do not build the ARTOP PATA driver (PATA_ARTOP).
  * [arm/iop32x] Enable MTD_CMDLINE_PARTS.

  [ Kyle McMartin ]
  * [hppa] fix pdc_console panic at boot (closes: #476292).
  * [hppa] properly flush user signal tramps
  * [hppa] special case futex cmpxchg on kernel space NULL (closes: 476285).

 -- Bastian Blank <waldi@debian.org>  Fri, 18 Apr 2008 19:41:30 +0200

linux-2.6 (2.6.24-5) unstable; urgency=low

  [ Gordon Farquharson ]
  * [arm] Enable asix driver (USB_NET_AX8817X).
  * [arm] Enable CONFIG_USB_CATC, CONFIG_USB_KAWETH, CONFIG_USB_PEGASUS,
          and CONFIG_USB_RTL8150.
  * [arm/ixp4xx] Update Ethernet driver (closes: #471062).
  * [arm/ixp4xx] Add HSS driver.

  [ Bastian Blank ]
  * [s390/s390-tape]: Override localversion correctly.
  * Add stable release 2.6.24.3:
    - x86_64: CPA, fix cache attribute inconsistency bug
    - bonding: fix NULL pointer deref in startup processing
    - POWERPC: Revert chrp_pci_fixup_vt8231_ata devinit to fix libata on pegasos
    - PCMCIA: Fix station address detection in smc
    - SCSI: gdth: scan for scsi devices
    - USB: fix pm counter leak in usblp
    - S390: Fix futex_atomic_cmpxchg_std inline assembly.
    - genirq: do not leave interupts enabled on free_irq
    - hrtimer: catch expired CLOCK_REALTIME timers early
    - hrtimer: check relative timeouts for overflow
    - SLUB: Deal with annoying gcc warning on kfree()
    - hrtimer: fix *rmtp/restarts handling in compat_sys_nanosleep()
    - hrtimer: fix *rmtp handling in hrtimer_nanosleep()
    - Disable G5 NAP mode during SMU commands on U3
    - Be more robust about bad arguments in get_user_pages()
    - AUDIT: Increase skb->truesize in audit_expand
    - BLUETOOTH: Add conn add/del workqueues to avoid connection fail.
    - INET: Prevent out-of-sync truesize on ip_fragment slow path
    - INET_DIAG: Fix inet_diag_lock_handler error path.
    - IPCOMP: Fetch nexthdr before ipch is destroyed
    - IPCOMP: Fix reception of incompressible packets
    - IPV4: fib: fix route replacement, fib_info is shared
    - IPV4: fib_trie: apply fixes from fib_hash
    - PKT_SCHED: ematch: oops from uninitialized variable (resend)
    - SELinux: Fix double free in selinux_netlbl_sock_setsid()
    - TC: oops in em_meta
    - TCP: Fix a bug in strategy_allowed_congestion_control
    - SCSI: sd: handle bad lba in sense information
    - Fix dl2k constants
    - XFS: Fix oops in xfs_file_readdir()
    - hugetlb: add locking for overcommit sysctl
    - inotify: fix check for one-shot watches before destroying them
    - NFS: Fix a potential file corruption issue when writing
    - NETFILTER: nf_conntrack_tcp: conntrack reopening fix
    - SPARC/SPARC64: Fix usage of .section .sched.text in assembler code.
  * Add stable release 2.6.24.4:
    - S390 futex: let futex_atomic_cmpxchg_pt survive early functional tests.
    - slab: NUMA slab allocator migration bugfix
    - relay: fix subbuf_splice_actor() adding too many pages
    - BLUETOOTH: Fix bugs in previous conn add/del workqueue changes.
    - SCSI advansys: Fix bug in AdvLoadMicrocode
    - async_tx: avoid the async xor_zero_sum path when src_cnt > device->max_xor
    - aio: bad AIO race in aio_complete() leads to process hang
    - jbd: correctly unescape journal data blocks
    - jbd2: correctly unescape journal data blocks
    - zisofs: fix readpage() outside i_size
    - NETFILTER: nfnetlink_log: fix computation of netlink skb size
    - NETFILTER: nfnetlink_queue: fix computation of allocated size for netlink skb
    - NETFILTER: xt_time: fix failure to match on Sundays
    - sched_nr_migrate wrong mode bits
    - nfsd: fix oops on access from high-numbered ports
    - sched: fix race in schedule()
    - SCSI: mpt fusion: don't oops if NumPhys==0
    - SCSI: gdth: fix to internal commands execution
    - SCSI: gdth: bugfix for the at-exit problems
    - Fix default compose table initialization
    - x86: don't use P6_NOPs if compiling with CONFIG_X86_GENERIC
    - SCSI: fix BUG when sum(scatterlist) > bufflen
    - USB: ehci: handle large bulk URBs correctly (again)
    - USB: ftdi_sio - really enable EM1010PC
    - USB: ftdi_sio: Workaround for broken Matrix Orbital serial port
    - VT notifier fix for VT switch
    - eCryptfs: make ecryptfs_prepare_write decrypt the page
    - ioat: fix 'ack' handling, driver must ensure that 'ack' is zero
    - macb: Fix speed setting
    - x86: move out tick_nohz_stop_sched_tick() call from the loop
    - atmel_spi: fix clock polarity
    - b43: Backport bcm4311 fix
    - arcmsr: fix IRQs disabled warning spew
    - e1000e: Fix CRC stripping in hardware context bug
    - PCI x86: always use conf1 to access config space below 256 bytes
    - moduleparam: fix alpha, ia64 and ppc64 compile failures
    - pata_hpt*, pata_serverworks: fix UDMA masking
    - SCSI advansys: fix overrun_buf aligned bug
    - NETFILTER: fix ebtable targets return
    - NETFILTER: Fix incorrect use of skb_make_writable
    - NETFILTER: nfnetlink_queue: fix SKB_LINEAR_ASSERT when mangling packet data
    - spi: pxa2xx_spi clock polarity fix
    - ufs: fix parenthesisation in ufs_set_fs_state()
    - hugetlb: ensure we do not reference a surplus page after handing it to buddy
    - file capabilities: simplify signal check
    - futex: runtime enable pi and robust functionality
    - futex: fix init order
    - ARM pxa: fix clock lookup to find specific device clocks
    - x86: replace LOCK_PREFIX in futex.h
    - SCSI aic94xx: fix REQ_TASK_ABORT and REQ_DEVICE_RESET
    - SCSI gdth: don't call pci_free_consistent under spinlock
    - SCSI ips: fix data buffer accessors conversion bug
    - usb-storage: don't access beyond the end of the sg buffer
    - fuse: fix permission checking
    - CRYPTO xts: Use proper alignment
    - CRYPTO xcbc: Fix crash with IPsec
    - SCSI ips: handle scsi_add_host() failure, and other err cleanups
    - x86: adjust enable_NMI_through_LVT0()
    - drivers: fix dma_get_required_mask
    - iov_iter_advance() fix
    - x86: Clear DF before calling signal handler (closes: #469058)
    - ub: fix up the conversion to sg_init_table()
    - MIPS: Mark all but i8259 interrupts as no-probe.
    - IRQ_NOPROBE helper functions
    - IPCOMP: Disable BH on output when using shared tfm
    - IPCONFIG: The kernel gets no IP from some DHCP servers
    - IPV4: Remove IP_TOS setting privilege checks.
    - IPV6: dst_entry leak in ip4ip6_err.
    - IPV6: Fix IPsec datagram fragmentation
    - NET: Fix race in dev_close(). (Bug 9750)
    - NET: Messed multicast lists after dev_mc_sync/unsync (closes: #466719)
    - NIU: Bump driver version and release date.
    - NIU: Fix BMAC alternate MAC address indexing.
    - NIU: More BMAC alt MAC address fixes.
    - TCP: Improve ipv4 established hash function.
    - SPARC: Fix link errors with gcc-4.3
    - SPARC64: Loosen checks in exception table handling.

  [ Martin Michlmayr ]
  * [mips/r4k-ip22] Enable BLK_DEV_LOOP and BLK_DEV_CRYPTOLOOP.
  * [mips/r5k-ip32] Enable BLK_DEV_LOOP and BLK_DEV_CRYPTOLOOP.
  * [mips/r4k-ip22] Enable PPP, PPPOE and SLIP.
  * [mips/r5k-ip32] Enable PPP, PPPOE and SLIP.
  * Don't check the section size when we're cross compiling.

  [ dann frazier ]
  * Remove cap_task_kill (closes: #463669)

 -- Bastian Blank <waldi@debian.org>  Thu, 27 Mar 2008 12:40:16 +0100

linux-2.6 (2.6.24-4) unstable; urgency=low

  * Add stable release 2.6.24.1:
    - splice: missing user pointer access verification (CVE-2008-0009/10)
    - drm: the drm really should call pci_set_master..
    - Driver core: Revert "Fix Firmware class name collision"
    - fix writev regression: pan hanging unkillable and un-straceable
    - sched: fix high wake up latencies with FAIR_USER_SCHED
    - sched: let +nice tasks have smaller impact
    - b43: Reject new firmware early
    - selinux: fix labeling of /proc/net inodes
    - b43legacy: fix DMA slot resource leakage
    - b43legacy: drop packets we are not able to encrypt
    - b43legacy: fix suspend/resume
    - b43legacy: fix PIO crash
    - b43: Fix dma-slot resource leakage
    - b43: Drop packets we are not able to encrypt
    - b43: Fix suspend/resume
    - sky2: fix for WOL on some devices
    - sky2: restore multicast addresses after recovery
    - x86: restore correct module name for apm
    - ACPI: update ACPI blacklist
    - PCI: Fix fakephp deadlock
    - sys_remap_file_pages: fix ->vm_file accounting
    - lockdep: annotate epoll
    - forcedeth: mac address mcp77/79
    - USB: Fix usb_serial_driver structure for Kobil cardreader driver.
    - USB: handle idVendor of 0x0000
    - USB: fix usbtest halt check on big endian systems
    - USB: storage: Add unusual_dev for HP r707
    - USB: Variant of the Dell Wireless 5520 driver
    - USB: use GFP_NOIO in reset path
    - USB: ftdi driver - add support for optical probe device
    - USB: pl2303: add support for RATOC REX-USB60F
    - USB: remove duplicate entry in Option driver and Pl2303 driver for Huawei modem
    - USB: sierra: add support for Onda H600/Zte MF330 datacard to USB Driver for Sierra Wireless
    - USB: ftdi-sio: Patch to add vendor/device id for ATK_16IC CCD
    - USB: ftdi_sio - enabling multiple ELV devices, adding EM1010PC
    - USB: sierra driver - add devices
    - USB: Adding YC Cable USB Serial device to pl2303
    - USB: Sierra - Add support for Aircard 881U
    - USB: add support for 4348:5523 WinChipHead USB->RS 232 adapter
    - USB: CP2101 New Device IDs
    - usb gadget: fix fsl_usb2_udc potential OOPS
    - USB: keyspan: Fix oops
    - vm audit: add VM_DONTEXPAND to mmap for drivers that need it (CVE-2008-0007)
    - slab: fix bootstrap on memoryless node
    - DVB: cx23885: add missing subsystem ID for Hauppauge HVR1800 Retail

  [ Martin Michlmayr ]
  * [arm/ixp4xx] Enble ATA_OVER_ETH, requested by Nicola Fankhauser.
  * [arm/iop32x] Enble ATA_OVER_ETH.

  [ Bastian Blank ]
  * Add stable release 2.6.24.2:
    - splice: fix user pointer access in get_iovec_page_array()
    (CVE-2008-0600, closes: #464945)

 -- Bastian Blank <waldi@debian.org>  Mon, 11 Feb 2008 12:29:23 +0100

linux-2.6 (2.6.24-3) unstable; urgency=low

  [ maximilian attems ]
  * [scsi]: hptiop: add more adapter models and fixes.
  * [amd64, i386]: Reenable ACPI_PROCFS_POWER. (closes: #463253)

  [ Gordon Farquharson ]
  * [arm/ixp4xx] Update Ethernet driver so that it can be loaded by udev
    automatically.

  [ Martin Michlmayr ]
  * [mips/r5k-ip32] Enable R8169, requested by Giuseppe Sacco. (Closes:
    #463705)

 -- Bastian Blank <waldi@debian.org>  Wed, 06 Feb 2008 13:05:18 +0100

linux-2.6 (2.6.24-2) unstable; urgency=low

  [ Bastian Blank ]
  * Fix broken merge of flavour specific settings.
    - [i386]: Recommends are fixed.
    - [s390/s390-tape]: Built as small image again.

  [ maximilian attems ]
  * Disable old dup prism54 driver.
  * Stable queue: slab: fix bootstrap on memoryless node.

  [ Aurelien Jarno ]
  * [arm]: Remove options that are present in topconfig from config.versatile.
  * [arm]: Turn off B44 since it fails to compile on armel.

 -- Bastian Blank <waldi@debian.org>  Thu, 31 Jan 2008 17:37:00 +0100

linux-2.6 (2.6.24-1) unstable; urgency=low

  * New upstream release
    (closes: #461639)

  [ Martin Michlmayr ]
  * Don't build the AdvanSys driver on ARM since it fails to compile.
  * Disable ATH5K on ARM since it fails to compile.
  * [arm/iop32x] Activate DMADEVICES.
  * [mips/mipsel] Turn off CONFIG_NIU since it fails to compile.

  [ maximilian attems ]
  * [amd64, i386]: Enable ACPI_SYSFS_POWER and disable ACPI_PROCFS_POWER.
  * [fw] Sync with latest git-ieee1394 for sbp2 fixes.

  [ Bastian Blank ]
  * Kill reboot warning from old templates.
  * Fix strange default value for link_in_boot. (closes: #425056)
  * [powerpc/powerpc]: Enable Efika support.
  * [powerpc]: Lower mkvmlinuz to the state of a bootloader.
  * [powerpc]: Remove ppc and m68k include dirs from headers.
  * Remove versions from relations fullfilled in stable.

  [ Aurelien Jarno ]
  * [arm]: Update versatile config.

  [ Gordon Farquharson ]
  * [arm/ixp4xx] Change the ixp4xx network driver from the driver
    written by Christian Hohnstaedt to the driver written by Krzysztof
    Hasala which has partially been accepted upstream.

 -- Bastian Blank <waldi@debian.org>  Sat, 26 Jan 2008 11:35:11 +0100

linux-2.6 (2.6.24~rc8-1~experimental.1) experimental; urgency=low

  * New upstream release
    (closes: #454776, #458142, #457992, #458899, #426124, #459732, #455566).

  [ maximilian attems ]
  * New upstream release, rebase dfsg stuff plus drivers-atm.patch,
    scripts-kconfig-reportoldconfig.patch.
  * [amd64, powerpc] Set HIGH_RES_TIMERS and NO_HZ (closes: #458312).
  * topconfig set NETFILTER_XT_MATCH_TIME, NET_ACT_NAT, KSDAZZLE_DONGLE,
    KS959_DONGLE, NET_9P_FD, IP1000, VETH, IXGBE, NIU, TEHUTI, LIBERTAS_CS,
    LIBERTAS_SDIO, RT2X00, SENSORS_ADT7470, SENSORS_I5K_AMB, SENSORS_F71882FG,
    SENSORS_FSCHMD, SENSORS_IBMPEX, CRYPTO_XTS, CRYPTO_SEED, CRYPTO_AUTHENC,
    DVB_S5H1409, DVB_TUNER_MT2131, INET_LRO, MMC_RICOH_MMC, MMC_SPI,
    RTC_DRV_DS1374, VIDEO_CX23885, VIDEO_FB_IVTV, USB_SERIAL_CH341,
    SCSI_SRP_TGT_ATTRS, ADM8211, MTD_INTEL_VR_NOR, MTD_ALAUDA,
    MTD_ONENAND_2X_PROGRAM, MTD_ONENAND_SIM, DM_MULTIPATH_HP, FUJITSU_LAPTOP,
    QUOTA_NETLINK_INTERFACE, DM_UEVENT, SCSI_FC_TGT_ATTRS, SSB, BT_HCIUART_LL,
    BT_HCIBTSDIO, MTD_OOPS, CGROUPS, MDIO_BITBANG, HIDRAW, P54, SDIO_UART,
    NETCONSOLE_DYNAMIC, SECURITY_FILE_CAPABILITIES.
  * Disable smbfs in topconfig, not supported upstream, use cifs.
  * Disable bcm43xx, deprecated by upstream. Enable B43 (needs v4 firmware)
    and B43LEGACY (needs v3 firmware).
  * [i386]: Set SND_SC6000, EDAC_I3000, EDAC_I5000, SBC7240_WDT,
    NET_9P_VIRTIO, FB_GEODE_LX, VIRTIO_NET, VIRTIO_BLK.
  * Set USB_EHCI_TT_NEWSCHED fills USB 2.0 bandwith better. (closes: #454797)
  * postrm: Nuke initramfs sha1sum on linux-image removal. (closes: #420245)
  * Unifiy BSD_PROCESS_ACCT settings across configs. (closes: #455892)
  * Reenable DABUSB as firmware is BSD licensed.
  * [hppa]: Disable OCFS2, due build trouble.
  * topconfig: Enable delay accounting TASKSTATS. (closes: #433204)
  * Add git-ieee1394.patch for latest firewire fixes.
  * [i386] Enable PARAVIRT_GUEST. (closes: #457562)
  * [amd64, i386] Enable CPU_IDLE for software-controlled idle pm.
  * [amd64, i386] Enable IT8712F_WDT, FB_EFI.
  * Add and enable at76.patch wireless driver for Atmel USB cards.
  * Add and enable ath5k.patch wireless driver for Atheros 5xxx cards.
  * Unify VLAN_8021Q setting, needed also on r5k-cobalt.
  * Double max SERIAL_8250_NR_UARTS to 32. (closes: #440807)
  * topconfig: Enable AUDITSYSCALL for better SELinux support.

  [ Bastian Blank ]
  * [amd64, i386]: Set kernel architecture to x86.
  * [i386]: Remove linux-libc-dev arch override.

  [ Martin Michlmayr ]
  * [mipsel/r5k-cobalt] Enable the new LEDs driver for Cobalt RaQ.
  * [arm/iop32x] Re-enable USB_NET and PPP, thanks Daniel Hess (closes:
    #456416).
  * [arm/iop32x] Enable BSD_PROCESS_ACCT and POSIX_MQUEUE (closes: #455892).
  * [mips] Disable AdvanSys SCSI since it doesn't compile.
  * [arm/ixp4xx] Enable IP_ADVANCED_ROUTER, requested by Oliver Urbann.
  * [arm/iop32x] Enable IP_ADVANCED_ROUTER.

  [ dann frazier ]
  * [ia64]: Enable BLK_CPQ_DA

  [ Frederik Schüler ]
  * Add GFS2 locking symbols export patch.

  [ Aurelien Jarno ]
  * [mips/mipsel] Remove QEMU flavour, as the Malta platform is now correctly
    emulated in QEMU.

  [ Christian T. Steigies ]
  * [m68k]: Update patches from linux-m68k CVS
  * [m68k]: Enable building for bvme6000, mvme147, and mvme16x again

 -- Bastian Blank <waldi@debian.org>  Fri, 18 Jan 2008 12:23:26 +0100

linux-2.6 (2.6.23-2) unstable; urgency=low

  [ dann frazier ]
  * [ia64]: Enable BLK_CPQ_DA

  [ Gordon Farquharson ]
  * [arm/iop32x] Use the new i2c framework to load rtc-rs5c372 for the
    GLAN Tank.

  [ Frederik Schüler ]
  * Export gfs2 locking symbols required to build gfs1 module.

  [ maximilian attems ]
  * [ppc] Reenable PMAC_BACKLIGHT.
  * [sparc] Add davem get_cpu() SunFire boot patch. (closes: #440720)
  * Add stable release 2.6.23.10:
    - IPV4: Remove bogus ifdef mess in arp_process
    - KVM: x86 emulator: Use emulator_write_emulated and not emulator_write_std
    - KVM: SVM: Fix FPU leak while emulating clts
    - revert "dpt_i2o: convert to SCSI hotplug model"
    - KVM: x86 emulator: fix access registers for instructions with ModR/M
      byte and Mod = 3
    - KVM: x86 emulator: invd instruction
    - KVM: SVM: Intercept the 'invd' and 'wbinvd' instructions
    - KVM: Skip pio instruction when it is emulated, not executed
    - KVM: VMX: Force vm86 mode if setting flags during real mode
    - forcedeth: new mcp79 pci ids
    - forcedeth boot delay fix
    - PFKEY: Sending an SADB_GET responds with an SADB_GET
    - rd: fix data corruption on memory pressure.
    - create /sys/.../power when CONFIG_PM is set
    - USB: fix up EHCI startup synchronization
    - RXRPC: Add missing select on CRYPTO
    - KVM: VMX: Reset mmu context when entering real mode
    - NET: random : secure_tcp_sequence_number should not assume
      CONFIG_KTIME_SCALAR
    - NET: Corrects a bug in ip_rt_acct_read()
    - NETFILTER: Fix NULL pointer dereference in nf_nat_move_storage()
    - netfilter: Fix kernel panic with REDIRECT target.
    - IPV6: Restore IPv6 when MTU is big enough
    - UNIX: EOF on non-blocking SOCK_SEQPACKET
    - x86 setup: add a near jump to serialize %cr0 on 386/486
    - Fix synchronize_irq races with IRQ handler
    - CRYPTO api: Fix potential race in crypto_remove_spawn
    - TCP: Fix TCP header misalignment
    - tmpfs: restore missing clear_highpage (CVE-2007-6417)
    - TCP: MTUprobe: fix potential sk_send_head corruption
    - NETFILTER: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK
    - fb_ddc: fix DDC lines quirk
    - VLAN: Fix nested VLAN transmit bug
    - I4L: fix isdn_ioctl memory overrun vulnerability (CVE-2007-6151)
    - isdn: avoid copying overly-long strings
    - nf_nat: fix memset error
    - esp_scsi: fix reset cleanup spinlock recursion
    - libertas: properly account for queue commands
    - KVM: Fix hang on uniprocessor
    - USB: make the microtek driver and HAL cooperate
    - TEXTSEARCH: Do not allow zero length patterns in the textsearch
      infrastructure
    - XFRM: Fix leak of expired xfrm_states
    - NETFILTER: xt_TCPMSS: remove network triggerable WARN_ON
    - BRIDGE: Lost call to br_fdb_fini() in br_init() error path
    - DECNET: dn_nl_deladdr() almost always returns no error
    - BRIDGE: Properly dereference the br_should_route_hook
    - PKT_SCHED: Check subqueue status before calling hard_start_xmit
    - Freezer: Fix APM emulation breakage
    - XFS: Make xfsbufd threads freezable
    - TCP: Problem bug with sysctl_tcp_congestion_control function
    - wait_task_stopped(): pass correct exit_code to wait_noreap_copyout()
    - KVM: x86 emulator: implement 'movnti mem, reg'
    - TCP: illinois: Incorrect beta usage
    - futex: fix for futex_wait signal stack corruption
    - libata: kill spurious NCQ completion detection
    - hrtimers: avoid overflow for large relative timeouts (CVE-2007-5966)
    - Input: ALPS - add support for model found in Dell Vostro 1400
      (closes: #448818)
    - PNP: increase the maximum number of resources
    - sched: some proc entries are missed in sched_domain sys_ctl debug code
    - ATM: [he] initialize lock and tasklet earlier
  * Add stable release 2.6.23.11:
    - BRIDGE: Section fix.
    - Revert "Freezer: Fix APM emulation breakage"
  * Backport fix for CVE-2007-5938
    - iwlwifi: fix possible NULL dereference in iwl_set_rate()
  * Add stable release 2.6.23.12:
    - Revert "PNP: increase the maximum number of resources"
  * VM/Security: add security hook to do_brk (CVE-2007-6434)
  * security: protect from stack expantion into low vm addresses
  * [hppa]: Disable OCFS2, due build trouble.

  [ Aurelien Jarno ]
  * [arm/versatile] Disable ACENIC and MYRI10GE as they are useless on this
    platform.
  * Add em28xx-dv100.patch to add support for Pinnacle Dazzle DVC 100.

  [ Bastian Blank ]
  * Fix abi change in 2.6.23.10.

 -- maximilian attems <maks@debian.org>  Fri, 21 Dec 2007 11:47:55 +0100

linux-2.6 (2.6.23-1) unstable; urgency=low

  * New upstream release (closes: #447682).
    - r8169: fix confusion between hardware and IP header alignment
      (closes: #452069).

  [ maximilian attems ]
  * [ppc] Enable for powerpc config the ams (Apple Motion Sensor).
    (closes: #426210)
  * Add to linux-doc the missing toplevel text files.
    (closes: #360876, #438697)
  * Set CONFIG_BLK_DEV_IO_TRACE for blktrace(8) support. (closes: #418442)
  * ipw2200: Enable IPW2200_RADIOTAP and IPW2200_PROMISCUOUS for optional
    rtap interface. (closes: #432555)
  * Enable in topconfig NF_CT_PROTO_UDPLITE, NETFILTER_XT_TARGET_TRACE,
    NETFILTER_XT_MATCH_CONNLIMIT, NETFILTER_XT_MATCH_U32, SENSORS_ABITUGURU3,
    SENSORS_LM93, SENSORS_DME1737, SENSORS_THMC50, DVB_USB_AF9005,
    DVB_USB_AF9005_REMOTE, CRC7, I2C_TAOS_EVM, DS1682, SENSORS_TSL2550,
    SPI_LM70_LLP, SPI_TLE62X0, W1_SLAVE_DS2760, TUNER_TEA5761, NET_9P,
    DM_MULTIPATH_RDAC, NET_SCH_RR, EEPROM_93CX6, PPPOL2TP, CRYPTO_HW, UIO,
    UIO_CIF, SND_CS5530, RTL8187, PC300TOO, TCG_TIS, SCSI_SAS_ATA,
    PATA_MARVELL.
  * [i386] Enable lguest.
  * [amd64, i386] Enable VIDEO_OUTPUT_CONTROL, NETDEVICES_MULTIQUEUE.
  * linux-image bugscript add cmdline.
  * [amd64, i386, ia64]: Enable DMIID, ACPI_PROC_EVENT.
  * Enable TCG_TPM various userspace accesses it. (closes: #439020)
  * Add and enable IWLWIFI.
  * Add git-ieee1394.patch for latest firewire fixes.
  * [ipv6] Enable IPV6_MULTIPLE_TABLES, IPV6_SUBTREES. (closes: #441226)
  * Add and enable E1000E.
  * Add stable release 2.6.23.1:
    - libata: sata_mv: more S/G fixes

  [ Martin Michlmayr ]
  * [mips] Add a bcm1480 PCI build fix.
  * Update Riku Voipio's Fintek F75375/SP driver to the latest version.
  * [arm/iop32x] Set the fan on Thecus N2100 to full speed (Riku Voipio).
  * [arm/iop32x] Remove the IPv6 and filesystem info from the config file
    so we will get the values from the main config file.  This should
    enable NFSv4 and ip6tables support requested by Wouter Verhelst.
  * [arm/iop32x] Remove even more options to receive the default options.
  * [arm/ixp4xx] Remove a lot of options to receive the default options.
  * [mips/r4k-ip22] Remove a lot of options to receive the default options.
    This will enable ISCSI requested by Martin Zobel-Helas.
  * [mips/r5k-ip32] Remove a lot of options to receive the default options.
    This will enable PCI Ethernet devices requested by Giuseppe Sacco.
  * [mipsel/r5k-cobalt] Remove a lot of options to receive the default
    options.
  * [mipsel/r5k-cobalt] Enable the modern Cobalt LEDs driver.
  * [arm/iop32x] Enable Intel IOP ADMA support.
  * [arm] Mark BCM43XX as broken on ARM.
  * [mips/r4k-ip22] Disable EARLY PRINTK because it breaks serial console.
  * [mips] Add some IP22 fixes from Thomas Bogendoerfer:
    - Fix broken EISA interrupt setup by switching to generic i8259
    - Fix broken eeprom access by using __raw_readl/__raw_writel

  [ Bastian Blank ]
  * Add unpriviledged only Xen support.
  * [i386] Drop k7 images.
  * Drop maybe IETF document. (closes: #423040)
  * Drop drivers because of binary only firmwares:
    - DABUSB driver
    - COPS LocalTalk PC support
    - Digi Intl. RightSwitch SE-X support
    - 3Com 3C359 Token Link Velocity XL adapter support
    - SMC ISA/MCA adapter support
    - EMI 6|2m USB Audio interface support
    - EMI 2|6 USB Audio interface support
    - Computone IntelliPort Plus serial support
  * Remove binary only firmwares for:
    - Alteon AceNIC/3Com 3C985/NetGear GA620 Gigabit support
    - Broadcom Tigon3 support
    - USB Keyspan USA-xxx Serial Driver
    - Korg 1212 IO
    - ESS Allegro/Maestro3
    - Yamaha YMF724/740/744/754
    - Technotrend/Hauppauge Nova-USB devices
    - YAM driver for AX.25
    - MyriCOM Gigabit Ethernet support
    - PTI Qlogic, ISP Driver
    - Cirrus Logic (Sound Fusion) CS4280/CS461x/CS462x/CS463x
    - Madge Ambassador (Collage PCI 155 Server)
    - PCA-200E support
    - SBA-200E support
    - Broadcom NetXtremeII support
  * Disable now broken drivers:
    - Alteon AceNIC/3Com 3C985/NetGear GA620 Gigabit support
    - USB Keyspan USA-xxx Serial Driver
    - Technotrend/Hauppauge Nova-USB devices
    - YAM driver for AX.25
    - MyriCOM Gigabit Ethernet support
    - PTI Qlogic, ISP Driver
    - Cirrus Logic (Sound Fusion) CS4280/CS461x/CS462x/CS463x
    - Madge Ambassador (Collage PCI 155 Server)
    - PCA-200E support
    - SBA-200E support
    - Broadcom NetXtremeII support
  * Add -common to common header package names.
  * Drop provides from common header packages.
  * Update plain image type.
  * Put only a config dump into linux-support.

  [ Aurelien Jarno ]
  * [mips, mipsel] Add a 64-bit image (5kc-malta) for the MIPS Malta board.
    (closes: #435677)
    [sparc] Enable r8169 module on sparc64 and sparc64-smp flavours (closes:
    #431977)

  [ Frederik Schüler ]
  * Move all PATA options into the global config file, exept PATA_ARTOP
    (arm/ixp4xx) and PATA_MPC52xx (powerpc).
  * Move new global options into the global config file
  * Clean up new amd64 options

  [ dann frazier ]
  * [ia64] Re-enable various unintentionally disabled config options
  * Enable hugetlbfs on i386, amd64, sparc64 and powerpc64. Closes: #450939

  [ Bastian Blank ]
  * Add stable release 2.6.23.2:
    - BLOCK: Fix bad sharing of tag busy list on queues with shared tag maps
    - fix tmpfs BUG and AOP_WRITEPAGE_ACTIVATE
    - Fix compat futex hangs. (closes: #433187)
    - sched: keep utime/stime monotonic
    - fix the softlockup watchdog to actually work
    - splice: fix double kunmap() in vmsplice copy path
    - writeback: don't propagate AOP_WRITEPAGE_ACTIVATE
    - SLUB: Fix memory leak by not reusing cpu_slab
    - HOWTO: update ja_JP/HOWTO with latest changes
    - fix param_sysfs_builtin name length check
    - param_sysfs_builtin memchr argument fix
    - Remove broken ptrace() special-case code from file mapping
    - locks: fix possible infinite loop in posix deadlock detection
    - lockdep: fix mismatched lockdep_depth/curr_chain_hash
  * Add stable release 2.6.23.3:
    - revert "x86_64: allocate sparsemem memmap above 4G"
    - x86: fix TSC clock source calibration error
    - x86 setup: sizeof() is unsigned, unbreak comparisons
    - x86 setup: handle boot loaders which set up the stack incorrectly
    - x86: fix global_flush_tlb() bug
    - xfs: eagerly remove vmap mappings to avoid upsetting Xen
    - xen: fix incorrect vcpu_register_vcpu_info hypercall argument
    - xen: deal with stale cr3 values when unpinning pagetables
    - xen: add batch completion callbacks
    - UML - kill subprocesses on exit
    - UML - stop using libc asm/user.h
    - UML - Fix kernel vs libc symbols clash
    - UML - Stop using libc asm/page.h
    - POWERPC: Make sure to of_node_get() the result of pci_device_to_OF_node()
    - POWERPC: Fix handling of stfiwx math emulation
    - MIPS: R1: Fix hazard barriers to make kernels work on R2 also.
    - MIPS: MT: Fix bug in multithreaded kernels.
    - Fix sparc64 MAP_FIXED handling of framebuffer mmaps
    - Fix sparc64 niagara optimized RAID xor asm
  * Add stable release 2.6.23.4:
    - mac80211: make ieee802_11_parse_elems return void
    - mac80211: only honor IW_SCAN_THIS_ESSID in STA, IBSS, and AP modes
    - mac80211: honor IW_SCAN_THIS_ESSID in siwscan ioctl
    - mac80211: store SSID in sta_bss_list
    - mac80211: store channel info in sta_bss_list
    - mac80211: reorder association debug output
    - ieee80211: fix TKIP QoS bug
    - NETFILTER: nf_conntrack_tcp: fix connection reopening
    - Fix netlink timeouts.
    - Fix crypto_alloc_comp() error checking.
    - Fix SET_VLAN_INGRESS_PRIORITY_CMD error return.
    - Fix VLAN address syncing.
    - Fix endianness bug in U32 classifier.
    - Fix TEQL oops.
    - Fix error returns in sys_socketpair()
    - softmac: fix wext MLME request reason code endianness
    - Fix kernel_accept() return handling.
    - TCP: Fix size calculation in sk_stream_alloc_pskb
    - Fix SKB_WITH_OVERHEAD calculations.
    - Fix 9P protocol build
    - Fix advertised packet scheduler timer resolution
    - Add get_unaligned to ieee80211_get_radiotap_len
    - mac80211: Improve sanity checks on injected packets
    - mac80211: filter locally-originated multicast frames
  * Add stable release 2.6.23.5:
    - zd1211rw, fix oops when ejecting install media
    - rtl8187: Fix more frag bit checking, rts duration calc
    - ipw2100: send WEXT scan events
    - zd1201: avoid null ptr access of skb->dev
    - sky2: fix power settings on Yukon XL
    - sky2: ethtool register reserved area blackout
    - sky2: status ring race fix
    - skge: XM PHY handling fixes
    - Fix L2TP oopses.
    - TG3: Fix performance regression on 5705.
    - forcedeth: add MCP77 device IDs
    - forcedeth msi bugfix
    - ehea: 64K page kernel support fix
    - libertas: fix endianness breakage
    - libertas: more endianness breakage
  * Add stable release 2.6.23.6:
    - ACPI: suspend: Wrong order of GPE restore.
    - ACPI: sleep: Fix GPE suspend cleanup
    - libata: backport ATA_FLAG_NO_SRST and ATA_FLAG_ASSUME_ATA, part 2
    - libata: backport ATA_FLAG_NO_SRST and ATA_FLAG_ASSUME_ATA
    - libata: add HTS542525K9SA00 to NCQ blacklist
    - radeon: set the address to access the GART table on the CPU side correctly
    - Char: moxa, fix and optimise empty timer
    - Char: rocket, fix dynamic_dev tty
    - hptiop: avoid buffer overflow when returning sense data
    - ide: Fix cs5535 driver accessing beyond array boundary
    - ide: Fix siimage driver accessing beyond array boundary
    - ide: Add ide_get_paired_drive() helper
    - ide: fix serverworks.c UDMA regression
    - i4l: fix random freezes with AVM B1 drivers
    - i4l: Fix random hard freeze with AVM c4 card
    - ALSA: hda-codec - Add array terminator for dmic in STAC codec
    - USB: usbserial - fix potential deadlock between write() and IRQ
    - USB: add URB_FREE_BUFFER to permissible flags
    - USB: mutual exclusion for EHCI init and port resets
    - usb-gadget-ether: prevent oops caused by error interrupt race
    - USB: remove USB_QUIRK_NO_AUTOSUSPEND
    - MSI: Use correct data offset for 32-bit MSI in read_msi_msg()
    - md: raid5: fix clearing of biofill operations
    - md: fix an unsigned compare to allow creation of bitmaps with v1.0 metadata
    - dm: fix thaw_bdev
    - dm delay: fix status
    - libata: sync NCQ blacklist with upstream
    - ALSA: hdsp - Fix zero division
    - ALSA: emu10k1 - Fix memory corruption
    - ALSA: Fix build error without CONFIG_HAS_DMA
    - ALSA: fix selector unit bug affecting some USB speakerphones
    - ALSA: hda-codec - Avoid zero NID in line_out_pins[] of STAC codecs
    - IB/mthca: Use mmiowb() to avoid firmware commands getting jumbled up
    - IB/uverbs: Fix checking of userspace object ownership
    - hwmon/lm87: Disable VID when it should be
    - hwmon/lm87: Fix a division by zero
    - hwmon/w83627hf: Don't assume bank 0
    - hwmon/w83627hf: Fix setting fan min right after driver load
    - i915: fix vbl swap allocation size.
    - POWERPC: Fix platinumfb framebuffer
  * Add stable release 2.6.23.7:
    - NFS: Fix a writeback race...
    - ocfs2: fix write() performance regression
    - minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058)
  * Add stable release 2.6.23.8:
    - wait_task_stopped: Check p->exit_state instead of TASK_TRACED (CVE-2007-5500)
    - TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501)
  * Add stable release 2.6.23.9:
    - ipw2200: batch non-user-requested scan result notifications
    - USB: Nikon D40X unusual_devs entry
    - USB: unusual_devs modification for Nikon D200
    - softlockup: use cpu_clock() instead of sched_clock()
    - softlockup watchdog fixes and cleanups
    - x86: fix freeze in x86_64 RTC update code in time_64.c
    - ntp: fix typo that makes sync_cmos_clock erratic
    - x86: return correct error code from child_rip in x86_64 entry.S
    - x86: NX bit handling in change_page_attr()
    - x86: mark read_crX() asm code as volatile
    - x86: fix off-by-one in find_next_zero_string
    - i386: avoid temporarily inconsistent pte-s
    - libcrc32c: keep intermediate crc state in cpu order
    - geode: Fix not inplace encryption
    - Fix divide-by-zero in the 2.6.23 scheduler code
    - ACPI: VIDEO: Adjust current level to closest available one.
    - libata: sata_sis: use correct S/G table size
    - sata_sis: fix SCR read breakage
    - reiserfs: don't drop PG_dirty when releasing sub-page-sized dirty file
    - x86: disable preemption in delay_tsc()
    - dmaengine: fix broken device refcounting
    - nfsd4: recheck for secure ports in fh_verify
    - knfsd: fix spurious EINVAL errors on first access of new filesystem
    - raid5: fix unending write sequence
    - oProfile: oops when profile_pc() returns ~0LU
    - drivers/video/ps3fb: fix memset size error
    - i2c/eeprom: Hide Sony Vaio serial numbers
    - i2c/eeprom: Recognize VGN as a valid Sony Vaio name prefix
    - i2c-pasemi: Fix NACK detection

 -- maximilian attems <maks@debian.org>  Fri, 30 Nov 2007 11:40:09 +0100

linux-2.6 (2.6.22-6) unstable; urgency=low

  [ Martin Michlmayr ]
  * [mips] Add IP22 (SGI Indy) patches from Thomas Bogendoerfer:
    - Disable EARLY PRINTK because it breaks serial.
    - fix wrong argument order.
    - wrong check for second HPC.  Closes: #448488

  [ maximilian attems ]
  * Add stable release 2.6.22.11 - minus ipv6 abi breaker:
    - libertas: fix endianness breakage
    - libertas: more endianness breakage
    - Fix ROSE module unload oops.
    - Add get_unaligned to ieee80211_get_radiotap_len
    - Fix ipv6 redirect processing, leads to TAHI failures.
    - i915: fix vbl swap allocation size.
    - Fix ESP host instance numbering.
    - Fix TCP MD5 on big-endian.
    - Fix zero length socket write() semantics.
    - Fix sys_ipc() SEMCTL on sparc64.
    - Fix TCP initial sequence number selection.
    - lockdep: fix mismatched lockdep_depth/curr_chain_hash
    - V4L: ivtv: fix udma yuv bug
    - Fix TCP's ->fastpath_cnt_hit handling.
    - hwmon/lm87: Fix a division by zero
    - hwmon/lm87: Disable VID when it should be
    - hwmon/w83627hf: Fix setting fan min right after driver load
    - hwmon/w83627hf: Don't assume bank 0
    - netdrvr: natsemi: Fix device removal bug
    - Fix ieee80211 handling of bogus hdrlength field
    - mac80211: filter locally-originated multicast frames
    - POWERPC: Fix handling of stfiwx math emulation
    - dm9601: Fix receive MTU
    - firewire: fix unloading of fw-ohci while devices are attached
    - Fix cls_u32 error return handling.
    - ACPI: disable lower idle C-states across suspend/resume
  * Add stable release 2.6.22.12-rc1:
    - genirq: cleanup mismerge artifact
    - genirq: suppress resend of level interrupts
    - genirq: mark io_apic level interrupts to avoid resend
    - IB/uverbs: Fix checking of userspace object ownership
    - minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058)
    - param_sysfs_builtin memchr argument fix
    - x86: fix global_flush_tlb() bug
    - dm snapshot: fix invalidation deadlock
    - Revert "x86_64: allocate sparsemem memmap above 4G"

  [ Bastian Blank ]
  * Update vserver patch to 2.2.0.5.
    - Ignore symbols from never to be merged patch.

 -- maximilian attems <maks@debian.org>  Sun,  4 Nov 2007 17:35:51 +0100

linux-2.6 (2.6.22-5) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.22.6:
    - USB: allow retry on descriptor fetch errors
    - PCI: lets kill the 'PCI hidden behind bridge' message
    - Netfilter: Missing Kbuild entry for netfilter
    - Fix soft-fp underflow handling.
    - SPARC64: Fix sparc64 task stack traces.
    - TCP: Do not autobind ports for TCP sockets
    - DCCP: Fix DCCP GFP_KERNEL allocation in atomic context
    - NET: Share correct feature code between bridging and bonding
    - SNAP: Fix SNAP protocol header accesses.
    - NET: Fix missing rcu unlock in __sock_create()
    - IPv6: Invalid semicolon after if statement
    - TCP: Fix TCP rate-halving on bidirectional flows.
    - TCP: Fix TCP handling of SACK in bidirectional flows.
    - uml: fix previous request size limit fix
    - usb: add PRODUCT, TYPE to usb-interface events
    - PPP: Fix PPP buffer sizing.
    - ocfs2: Fix bad source start calculation during kernel writes
    - signalfd: fix interaction with posix-timers
    - signalfd: make it group-wide, fix posix-timers scheduling
    - USB: fix DoS in pwc USB video driver
    - sky2: don't clear phy power bits
    - PCI: disable MSI on RS690
    - PCI: disable MSI on RD580
    - PCI: disable MSI on RX790
    - IPV6: Fix kernel panic while send SCTP data with IP fragments
    - i386: fix lazy mode vmalloc synchronization for paravirt
  * Set abi to 3.
  * Add stable release 2.6.22.7: (CVE-2007-4573)
    - x86_64: Zero extend all registers after ptrace in 32bit entry path.
  * Add stable release 2.6.22.8: (CVE-2007-4571)
    - Convert snd-page-alloc proc file to use seq_file
  * Add stable release 2.6.22.9:
    - 3w-9xxx: Fix dma mask setting
    - Fix pktgen src_mac handling.
    - nfs: fix oops re sysctls and V4 support
    - DVB: get_dvb_firmware: update script for new location of tda10046 firmware
    - afs: mntput called before dput
    - disable sys_timerfd()
    - Fix "Fix DAC960 driver on machines which don't support 64-bit DMA"
    - futex_compat: fix list traversal bugs
    - MTD: Initialise s_flags in get_sb_mtd_aux()
    - Fix sparc64 v100 platform booting.
    - Fix IPV6 DAD handling
    - ext34: ensure do_split leaves enough free space in both blocks
    - dir_index: error out instead of BUG on corrupt dx dirs
    - Fix oops in vlan and bridging code
    - V4L: ivtv: fix VIDIOC_S_FBUF: new OSD values were never set
    - crypto: blkcipher_get_spot() handling of buffer at end of page
    - Fix datagram recvmsg NULL iov handling regression.
    - Handle snd_una in tcp_cwnd_down()
    - Fix TCP DSACK cwnd handling
    - JFFS2: fix write deadlock regression
    - hwmon: End of I/O region off-by-one
    - Fix debug regression in video/pwc
    - splice: fix direct splice error handling
    - Fix race with shared tag queue maps
    - Fix ipv6 source address handling.
    - POWERPC: Flush registers to proper task context
    - bcm43xx: Fix cancellation of work queue crashes
    - Fix DAC960 driver on machines which don't support 64-bit DMA
    - DVB: get_dvb_firmware: update script for new location of sp8870 firmware
    - USB: fix linked list insertion bugfix for usb core
    - Correctly close old nfsd/lockd sockets.
    - Fix IPSEC AH4 options handling
    - setpgid(child) fails if the child was forked by sub-thread
    - sigqueue_free: fix the race with collect_signal()
    - Fix decnet device address listing.
    - Fix inet_diag OOPS.
    - Leases can be hidden by flocks
    - kconfig: oldconfig shall not set symbols if it does not need to
    - MTD: Makefile fix for mtdsuper
    - firewire: fw-ohci: ignore failure of pci_set_power_state
      (fix suspend regression)
    - ieee1394: ohci1394: fix initialization if built non-modular
    - Fix device address listing for ipv4.
    - Fix tc_ematch kbuild
    - V4L: cx88: Avoid a NULL pointer dereference during mpeg_open()
    - DVB: b2c2-flexcop: fix Airstar HD5000 tuning regression
    - fix realtek phy id in forcedeth
    - rpc: fix garbage in printk in svc_tcp_accept()
    - Fix IPV6 append OOPS.
    - Fix ipv6 double-sock-release with MSG_CONFIRM
    - ACPI: Validate XSDT, use RSDT if XSDT fails
  * Update vserver patch to 2.2.0.4.
  * Add stable release 2.6.22.10:
    - i386: Use global flag to disable broken local apic timer on AMD CPUs.
    - Fix timer_stats printout of events/sec
    - libata: update drive blacklists
    - i2c-algo-bit: Read block data bugfix
    - scsi_transport_spi: fix domain validation failure from incorrect width
      setting
    - Fix SMP poweroff hangs
    - Fix ppp_mppe kernel stack usage.
    - sky2: reduce impact of watchdog timer
    - sky2: fix VLAN receive processing
    - sky2: fix transmit state on resume
    - SELinux: clear parent death signal on SID transitions
    - NLM: Fix a circular lock dependency in lockd
    - NLM: Fix a memory leak in nlmsvc_testlock

  [ Martin Michlmayr ]
  * [mips] Add a fix so qemu NE2000 will work again.
  * [mipsel/r5k-cobalt] Enable MTD.
  * [mips] Backport "Fix CONFIG_BUILD_ELF64 kernels with symbols in
    CKSEG0" to fix crash on boot on IP32 (SGI O2).  Closes: #444104.

  [ Steve Langasek ]
  * Set CONFIG_MATHEMU=y on alpha, which is required for proper fp math on
    at least ev4-ev56 systems.  Closes: #411813.
  * linux-image packages need to depend on a newer version of coreutils,
    because of the use of readlink -q -m inherited from kernel-package.
    Closes: #413311.

  [ Bastian Blank ]
  * Fix tainted check in bug scripts.

  [ dann frazier ]
  * [ia64] Re-enable various unintentionally disabled config options

 -- Maximilian Attems <maks@debian.org>  Thu, 11 Oct 2007 13:31:38 +0000

linux-2.6 (2.6.22-4) unstable; urgency=low

  [ dann frazier ]
  * [hppa] Use generic compat_sys_getdents (closes: #431773)

  [ Martin Michlmayr ]
  * [powerpc] Fix PS/2 keyboard detection on Pegasos (closes: #435378).

  [ Emanuele Rocca ]
  * [sparc] Add patch to fix PCI config space accesses on sun4u.
  * [sparc] Disable CONFIG_SCSI_SCAN_ASYNC.

  [ maximilian attems ]
  * Add stable release 2.6.22.2:
    - usb-serial: Fix edgeport regression on non-EPiC devices
    - Missing header include in ipt_iprange.h
    - drivers/video/macmodes.c:mac_find_mode() mustn't be __devinit
    - Fix ipv6 tunnel endianness bug.
    - aacraid: fix security hole
    - USB: cdc-acm: fix sysfs attribute registration bug
    - USB: fix warning caused by autosuspend counter going negative
    - Fix sparc32 memset()
    - Fix leak on /proc/lockdep_stats
    - Fix leaks on /proc/{*/sched, sched_debug, timer_list, timer_stats}
    - futex: pass nr_wake2 to futex_wake_op
    - md: handle writes to broken raid10 arrays gracefully
    - forcedeth bug fix: cicada phy
    - forcedeth bug fix: vitesse phy
    - forcedeth bug fix: realtek phy
    - ACPI: dock: fix opps after dock driver fails to initialize
    - pcmcia: give socket time to power down
    - drm/i915: Fix i965 secured batchbuffer usage (CVE-2007-3851)
    - Fix console write locking in sparc drivers.
    - Sparc64 bootup assembler bug
    - IPV6: /proc/net/anycast6 unbalanced inet6_dev refcnt
    - make timerfd return a u64 and fix the __put_user
    - Fix error queue socket lookup in ipv6
    - Input: lifebook - fix an oops on Panasonic CF-18
    - readahead: MIN_RA_PAGES/MAX_RA_PAGES macros
    - V4L: Add check for valid control ID to v4l2_ctrl_next
    - V4L: ivtv: fix broken VBI output support
    - V4L: ivtv: fix DMA timeout when capturing VBI + another stream
    - V4L: ivtv: Add locking to ensure stream setup is atomic
    - V4L: wm8775/wm8739: Fix memory leak when unloading module
    - do not limit locked memory when RLIMIT_MEMLOCK is RLIM_INFINITY
    - Include serial_reg.h with userspace headers (closes: #433755)
    - TCP FRTO retransmit bug fix
    - Fix rfkill IRQ flags.
    - nfsd: fix possible read-ahead cache and export table corruption
    - nfsd: fix possible oops on re-insertion of rpcsec_gss modules
    - jbd commit: fix transaction dropping
    - jbd2 commit: fix transaction dropping
    - softmac: Fix ESSID problem
    - uml: limit request size on COWed devices
    - UML: exports for hostfs
    - splice: fix double page unlock
    - cfq-iosched: fix async queue behaviour
    - cr_backlight_probe() allocates too little storage for struct cr_panel
    - sx: switch subven and subid values
    - hugetlb: fix race in alloc_fresh_huge_page()
    - KVM: SVM: Reliably detect if SVM was disabled by BIOS
    - dm io: fix another panic on large request
    - md: raid10: fix use-after-free of bio
    - fs: 9p/conv.c error path fix
    - Fix sparc32 udelay() rounding errors.
    - sony-laptop: fix bug in event handling
    - eCryptfs: ecryptfs_setattr() bugfix
    - Hangup TTY before releasing rfcomm_dev
    - dm io: fix panic on large request
    - dm raid1: fix status
    - dm snapshot: permit invalid activation
    - "ext4_ext_put_in_cache" uses __u32 to receive physical block number
    - destroy_workqueue() can livelock
    - USB: fix for ftdi_sio quirk handling
    - Fix TC deadlock.
    - Fix IPCOMP crashes.
    - gen estimator timer unload race
    - Netfilter: Fix logging regression
    - Fix user struct leakage with locked IPC shem segment
    - Fix reported task file values in sense data
    - gen estimator deadlock fix
    - Netpoll leak
    - dm: disable barriers
    - firewire: fw-sbp2: set correct maximum payload (fixes CardBus adapters)
    - fw-ohci: fix "scheduling while atomic"
    - firewire: fix memory leak of fw_request instances
    - ieee1394: revert "sbp2: enforce 32bit DMA mapping"
    - libata: add FUJITSU MHV2080BH to NCQ blacklist
    - i386: HPET, check if the counter works
    - CPU online file permission
    - acpi-cpufreq: Proper ReadModifyWrite of PERF_CTL MSR
    - Keep rfcomm_dev on the list until it is freed
    - SCTP scope_id handling fix
    - Fix ipv6 link down handling.
    - Fix TCP IPV6 MD5 bug.
    - sysfs: release mutex when kmalloc() failed in sysfs_open_file().
    - nf_conntrack: don't track locally generated special ICMP error
  * Bump abi due to firewire, ivtv and xrfm changes.
  * Add stable release 2.6.22.3:
    - fix oops in __audit_signal_info()
    - direct-io: fix error-path crashes
    - powerpc: Fix size check for hugetlbfs
    - stifb: detect cards in double buffer mode more reliably
    - pata_atiixp: add SB700 PCI ID
    - PPC: Revert "[POWERPC] Add 'mdio' to bus scan id list for platforms
      with QE UEC"
    - random: fix bound check ordering (CVE-2007-3105)
    - softmac: Fix deadlock of wx_set_essid with assoc work
    - PPC: Revert "[POWERPC] Don't complain if size-cells == 0 in prom_parse()"
    - ata_piix: update map 10b for ich8m
    - CPUFREQ: ondemand: fix tickless accounting and software coordination bug
    - CPUFREQ: ondemand: add a check to avoid negative load calculation
  * Add stable release 2.6.22.4:
    - Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848)
  * Add stable release 2.6.22.5:
    - x86_64: Check for .cfi_rel_offset in CFI probe
    - x86_64: Change PMDS invocation to single macro
    - i386: Handle P6s without performance counters in nmi watchdog
    - revert "x86, serial: convert legacy COM ports to platform devices"
    - ACPICA: Fixed possible corruption of global GPE list
    - ACPICA: Clear reserved fields for incoming ACPI 1.0 FADTs
    - i386: Fix double fault handler
    - JFFS2 locking regression fix.
    - r8169: avoid needless NAPI poll scheduling
    - Linux 2.6.22.5
    - AVR32: Fix atomic_add_unless() and atomic_sub_unless()
    - i386: allow debuggers to access the vsyscall page with compat vDSO
    - hwmon: (smsc47m1) restore missing name attribute
    - hwmon: fix w83781d temp sensor type setting
    - Hibernation: do not try to mark invalid PFNs as nosave
    - sky2: restore workarounds for lost interrupts
    - sky2: carrier management
    - sky2: check for more work before leaving NAPI
    - sky2: check drop truncated packets
    - forcedeth: fix random hang in forcedeth driver when using netconsole
    - libata: add ATI SB700 device IDs to AHCI driver

  [ dann frazier ]
  * [ia64] Restore config cleanup now that its safe to break the ABI

  [ Bastian Blank ]
  * Update vserver patch to 2.2.0.3.

 -- Bastian Blank <waldi@debian.org>  Thu, 30 Aug 2007 20:19:44 +0200

linux-2.6 (2.6.22-3) unstable; urgency=low

  [ dann frazier ]
  * [ia64] Config cleanup in 2.6.22-2 broke the ABI; revert most of it
    for now (everything but the efivars and sym53c8xx modules)

  [ Martin Michlmayr ]
  * [mipsel/r5k-cobalt] Fix a typo in the config file.
  * [mipsel/4kc-malta] Update the config file, thanks Aurelien Jarno.
  * [mipsel] Add patch from Yoichi Yuasa to fix IDE on Cobalt.

 -- Bastian Blank <waldi@debian.org>  Sun, 29 Jul 2007 13:47:38 +0200

linux-2.6 (2.6.22-2) unstable; urgency=low

  [ Steve Langasek ]
  * [alpha] request_irq-retval.patch: capture the return value of all
    request_irq() calls in sys_titan.c to suppress the warning (and
    build failure with -Werror); failures still aren't being handled, but
    there's nothing that needs to be done -- or nothing that can be done
    -- if these requests fail anyway.

  [ Christian T. Steigies ]
  * Add module.lds to kernel headers (closes: #396220)
  * Enable INPUT_UINPUT on mac
  * Add 2.6.22 patches from linux-m68k CVS

  [ maximilian attems ]
  * Add stable release 2.6.22.1:
    - nf_conntrack_h323: add checking of out-of-range on choices' index values
      (CVE-2007-3642)

  [ dann frazier ]
  * [ia64] Re-enable various config options which were unintentionally
    disabled somewhere between 2.6.21 and 2.6.22
  * [ia64] Re-enable vserver flavour - this was somehow lost when 2.6.22
    was merged from trunk to the sid branch

  [ Bastian Blank ]
  * Update vserver patch to 2.2.0.3-rc1.

 -- Bastian Blank <waldi@debian.org>  Mon, 23 Jul 2007 09:38:01 +0200

linux-2.6 (2.6.22-1) unstable; urgency=low

  [ Bastian Blank ]
  * Drop asfs options.
  * Drop linux-libc-headers references.
  * Update vserver patch to 2.2.0-rc5.

  [ maximilian attems ]
  * Fullfils policy 3.7.2.2.
  * Add Sempron to the k7 image description (closes: #384737)
    Thanks Robert Millan <rmh@aybabtu.com>.
  * [powerpc] Enable CONFIG_ADB_PMU_LED.
  * [hppa] Disable a bunch of topconfig enabled fb devices. Thanks Frank
    Lichtenheld <djpig@debian.org> for build fix.

  [ Christian T. Steigies ]
  * Add module.lds to kernel headers
  * Enable INPUT_UINPUT on mac
  * Add 2.6.22 patches from linux-m68k CVS

  [ dann frazier ]
  * Enable vserver flavour for ia64 (closes: #423232)

 -- Bastian Blank <waldi@debian.org>  Sun, 15 Jul 2007 15:03:40 +0200

linux-2.6 (2.6.22~rc5-1~experimental.1) experimental; urgency=low

  [ Bastian Blank ]
  * [powerpc]: Disable prep.
  * [powerpc]: Disable apm emulation.
  * Drop inactive members from Uploaders.

  [ maximilian attems ]
  * Cleanup configs of old unused variables.
  * Enable TCP_CONG_YEAH, TCP_CONG_ILLINOIS, NF_CONNTRACK_SANE, DM_DELAY,
    GIGASET_M101, SATA_INIC162X, VIDEO_IVTV, USB_ZR364XX, INFINIBAND_CXGB3,
    MLX4_INFINIBAND, SPI_AT25, MFD_SM501, DVB_USB_M920X, DVB_USB_GL861,
    DVB_USB_AU6610, DVB_USB_OPERA1, SENSORS_AD7418, SENSORS_ADM1029,
    SENSORS_F75375S, SENSORS_CORETEMP, SENSORS_MAX6650, SENSORS_APPLESMC,
    I2C_SIMTEC, I2C_TINY_USB, SC92031, LIBERTAS_USB, RFKILL, RFKILL_INPUT,
    MTD_UBI, SND_USB_CAIAQ, SND_USB_CAIAQ_INPUT, USB_BERRY_CHARGE,
    RTC_DRV_MAX6900, SUNRPC_BIND34, SND_PORTMAN2X4, FB_VT8623, FUSION_LAN,
    DISPLAY_SUPPORT, FB_ARK, FB_SM501
    and disable SCSI_ESP_CORE, SPI_SPIDEV, CRYPT_CRYPTD, SYSV68_PARTITION,
    MOUSE_PS2_TOUCHKIT, INPUT_POLLDEV in topconfig.
  * [amd64, i386]: Take care of the renaming acpi-ibm to thinkpad-acpi.
    Enable KINGSUN_DONGLE, AF_RXRPC, RXKAD, MTD_NAND_PLATFORM, BLINK, PHANTOM,
    BACKLIGHT_PROGEAR, FB_HECUBA, FB_LE80578, FB_CARILLO_RANCH.
    Disable OSS_OBSOLETE.
  * Enable WLAN_PRE80211 and WLAN_80211 on all archs with NET_RADIO enabled.
  * Fix RTC_INTF_{DEV,SYSFS,PROC}=y where enabled modular.
  * Enable new wirless stack mac80211 and improved wireless conf api.
  * Enable new USB Touchscreen Driver on all configs with touchscreens.
  * Enable the newly added crypto algorythm: fcrypt, pcbc and camellia.
  * Unify CONFIG_TR to toplevel config, also enable new drivers 3C359
    and SMCTR.
  * Enable the moved USB tablets config options where wacom is enabled.
  * [i386] Enable driver for Crystalfontz 128x64 2-color LCD.
  * [amd64] Enable KS0108 LCD controller.
  * Enable the new firewire stack labeled to be more simple and robust.
  * [i386] Enable VMI paravirtualized interface.
  * [powerpc] Enable fb for IBM GXT4500P adaptor.
  * [amd64] Enable timerstats too.

  [ Martin Michlmayr ]
  * mipsel/r5k-cobalt: Use the new RTC system.

  [ dann frazier ]
  * Add Xen licensing info to the copyright file. (closes: #368912)

  [ Gordon Farquharson ]
  * arm: Mark CHELSIO_T3, NETXEN_NIC, BCM43XX, VIDEO_BT848,
    DVB_B2C2_FLEXCOP, and DVB_BUDGET as broken on ARM.
  * arm/ixp4xx: Add support for the new generic I2C GPIO driver on the
    NSLU2 and the NAS100D. Thanks to Michael-Luke Jones and Rod Whitby.
  * arm/ixp4xx: Update Artop PATA support patch for the NAS 100d.

  [ Christian T. Steigies ]
  * m68k: Disable already included patches (611, 618, 630)

 -- Bastian Blank <waldi@debian.org>  Tue, 19 Jun 2007 17:49:52 +0200

linux-2.6 (2.6.21-6) unstable; urgency=low

  * Add stable release 2.6.21.6:
    - nf_conntrack_h323: add checking of out-of-range on choices' index values
      (CVE-2007-3642)
  * Update vserver patch to 2.2.0.

 -- Bastian Blank <waldi@debian.org>  Tue, 10 Jul 2007 18:36:17 +0200

linux-2.6 (2.6.21-5) unstable; urgency=low

  [ Christian T. Steigies ]
  * [m68k] Add atari isa and scsi fixes

  [ maximilian attems ]
  * Add stable release 2.6.21.4:
    - cpuset: prevent information leak in cpuset_tasks_read (CVE-2007-2875)
    - random: fix error in entropy extraction (CVE-2007-2453 1 of 2)
    - random: fix seeding with zero entropy (CVE-2007-2453 2 of 2)
    - NETFILTER: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr
      dereference (CVE-2007-2876)
  * Add stable release 2.6.21.5:
    - acpi: fix potential call to a freed memory section.
    - USB: set the correct Interrupt interval in usb_bulk_msg
    - i386: Fix K8/core2 oprofile on multiple CPUs
    - ntfs_init_locked_inode(): fix array indexing
    - ALSA: wm8750 typo fix
    - neofb: Fix pseudo_palette array overrun in neofb_setcolreg
    - e1000: disable polling before registering netdevice
    - timer statistics: fix race
    - x86: fix oprofile double free
    - ALSA: usb-audio: explicitly match Logitech QuickCam
    - zd1211rw: Add AL2230S RF support
    - IPV4: Correct rp_filter help text.
    - Fix AF_UNIX OOPS
    - ICMP: Fix icmp_errors_use_inbound_ifaddr sysctl
    - NET: Fix BMSR_100{HALF,FULL}2 defines in linux/mii.h
    - SPARC64: Fix _PAGE_EXEC_4U check in sun4u I-TLB miss handler.
    - SPARC64: Don't be picky about virtual-dma values on sun4v.
    - SPARC64: Fix two bugs wrt. kernel 4MB TSB.
    - cciss: fix pci_driver.shutdown while device is still active
    - fix compat console unimap regression
    - timer stats: speedups
    - SPARC: Linux always started with 9600 8N1
    - pci_ids: update patch for Intel ICH9M
    - PCI: quirk disable MSI on via vt3351
    - UML - Improve host PTRACE_SYSEMU check
    - NET: parse ip:port strings correctly in in4_pton
    - Char: cyclades, fix deadlock
    - IPSEC: Fix panic when using inter address familiy IPsec on loopback.
    - TCP: Use default 32768-61000 outgoing port range in all cases.
    - TG3: Fix link problem on Dell's onboard 5906.
    - fuse: fix mknod of regular file
    - md: Avoid overflow in raid0 calculation with large components.
    - md: Don't write more than is required of the last page of a bitmap
    - make freezeable workqueues singlethread
    - tty: fix leakage of -ERESTARTSYS to userland
    - V4L/DVB (5593): Budget-ci: Fix tuning for TDM 1316 (160..200 MHz)
    - Input: i8042 - fix AUX port detection with some chips
    - SCSI: aacraid: Correct sa platform support.
      (Was: [Bug 8469] Bad EIP value on pentium3 SMP kernel-2.6.21.1)
    - BLUETOOTH: Fix locking in hci_sock_dev_event().
    - hpt366: don't check enablebits for HPT36x
    - ieee1394: eth1394: bring back a parent device
    - NET: Fix race condition about network device name allocation.
    - ALSA: hda-intel - Probe additional slots only if necessary
    - ALSA: hda-intel - Fix detection of audio codec on Toshiba A100
    - ahci: disable 64bit dma on sb600
    - i386: HPET, check if the counter works
    - Ignore bogus ACPI info for offline CPUs
    - NOHZ: Rate limit the local softirq pending warning output
    - Prevent going idle with softirq pending
    - Work around Dell E520 BIOS reboot bug
    - NET: "wrong timeout value" in sk_wait_data() v2
    - IPV6 ROUTE: No longer handle ::/0 specially.
    - x86_64: allocate sparsemem memmap above 4G
  * Bump ABI to 2.

  [ Bastian Blank ]
  * Back out ABI fixing changes.
  * Update vserver patch to 2.2.0-rc3.

 -- Bastian Blank <waldi@debian.org>  Fri, 22 Jun 2007 12:39:47 +0200

linux-2.6 (2.6.21-4) unstable; urgency=low

  * [powerpc] Fix mkvmlinuz support.
  * [s390] Add exception handler for diagnose 224.

 -- Bastian Blank <waldi@debian.org>  Sat, 26 May 2007 14:08:44 +0200

linux-2.6 (2.6.21-3) unstable; urgency=low

  [ Gordon Farquharson ]
  * arm/ixp4xx: Add patch to set NSLU2 timer frequency.

  [ maximilian attems ]
  * sparc64: enable USB_SERIAL. (closes: #412740)
  * Apply stable 2.6.21.1.
  * Add stable release 2.6.21.2:
    - slob: fix page order calculation on not 4KB page
    - libata-sff: Undo bug introduced with pci_iomap changes
    - kbuild: fixdep segfault on pathological string-o-death
    - IPMI: fix SI address space settings
    - IPV6: Reverse sense of promisc tests in ip6_mc_input
    - iop: fix iop_getttimeoffset
    - iop13xx: fix i/o address translation
    - arm: fix handling of svc mode undefined instructions
    - CPUFREQ: powernow-k7: fix MHz rounding issue with perflib
    - CPUFREQ: Support rev H AMD64s in powernow-k8
    - CPUFREQ: Correct revision mask for powernow-k8
    - JFS: Fix race waking up jfsIO kernel thread
    - IPV6: Send ICMPv6 error on scope violations.
    - SPARC64: Add missing cpus_empty() check in hypervisor xcall handling.
    - SPARC64: Fix recursion in PROM tree building.
    - SERIAL SUNHV: Add an ID string.
    - SPARC64: Bump PROMINTR_MAX to 32.
    - SPARC64: Be more resiliant with PCI I/O space regs.
    - oom: fix constraint deadlock
    - fix for bugzilla 8426: massive slowdown on SCSI CD/DVD drive connected to
      mptspi driver
    - x86_64 : Fix vgettimeofday()
    - IPV6: Fix slab corruption running ip6sic
    - IPSEC: Check validity of direction in xfrm_policy_byid
    - CRYPTO: api: Read module pointer before freeing algorithm
    - NET_SCHED: prio qdisc boundary condition
    - reiserfs: suppress lockdep warning
    - USB HID: hiddev - fix race between hiddev_send_event() and
      hiddev_release()
    - NETFILTER: {ip,nf}_nat_proto_gre: do not modify/corrupt GREv0 packets
      through NAT
    - fix leaky resv_huge_pages when cpuset is in use
    - ACPI: Fix 2.6.21 boot regression on P4/HT
    - TG3: Fix TSO bugs.
    - TG3: Remove reset during MAC address changes.
    - TG3: Update version and reldate.
    - BNX2: Fix TSO problem with small MSS.
    - BNX2: Block MII access when ifdown.
    - BNX2: Save PCI state during suspend.
    - BNX2: Update version and reldate.
    - sis900: Allocate rx replacement buffer before rx operation
    - knfsd: Avoid use of unitialised variables on error path when nfs exports.
    - knfsd: rpc: fix server-side wrapping of krb5i replies
    - md: Avoid a possibility that a read error can wrongly propagate through
    - md/raid1 to a filesystem.
    - fat: fix VFAT compat ioctls on 64-bit systems
    - NETFILTER: {ip,nf}_conntrack: fix use-after-free in helper destroy
      callback invocation
    - ppp: Fix ppp_deflate issues with recent zlib_inflate changes
    - NETPOLL: Fix TX queue overflow in trapped mode.
    - NETPOLL: Remove CONFIG_NETPOLL_RX
    - cxacru: Fix infinite loop when trying to cancel polling task
    - TCP: zero out rx_opt in tcp_disconnect()
    - ipv6: track device renames in snmp6
    - skge: default WOL should be magic only (rev2)
    - skge: allow WOL except for known broken chips
    - sky2: allow 88E8056
    - sky2: 88e8071 support not ready
    - skge: crash on shutdown/suspend
    - sky2: fix oops on shutdown
    - udf: decrement correct link count in udf_rmdir
    - ALSA: hda-codec - Fix resume of STAC92xx codecs
    - sata_via: add missing PM hooks
    - driver-core: don't free devt_attr till the device is released
    - pci-quirks: disable MSI on RS400-200 and RS480
    - highres/dyntick: prevent xtime lock contention
    - clocksource: fix resume logic
    - smc911x: fix compilation breakage wjen debug is on
    - SCTP: Fix sctp_getsockopt_local_addrs_old() to use local storage.
    - SCTP: Correctly copy addresses in sctp_copy_laddrs
    - SCTP: Prevent OOPS if hmac modules didn't load
    - IPV6: Do no rely on skb->dst before it is assigned.
    - IPV6 ROUTE: Assign rt6i_idev for ip6_{prohibit,blk_hole}_entry.

  [ Christian T. Steigies ]
  * m68k: enable ATARI_SCSI and ATARI_ROM_ISA

  [ Bastian Blank ]
  * Fix linux/version.h in linux-libc-dev.
  * Make it possible to specifiy special CFLAGS.
  * [hppa] Reenable.
  * [hppa] Workaround hppa64 failure.
  * [hppa] Fix debugging in lws syscalls.
  * Fix abi change.
  * Add stable release 2.6.21.3:
    - [PATCH] GEODE-AES: Allow in-place operations [CVE-2007-2451]

 -- Bastian Blank <waldi@debian.org>  Fri, 25 May 2007 10:57:48 +0200

linux-2.6 (2.6.21-2) unstable; urgency=low

  [ Christian T. Steigies ]
  * m68k: fix atari scc patch
  * m68k: install compressed vmlinuz images so the post-inst script can find it

  [ Steve Langasek ]
  * [alpha] isa-mapping-support.patch: add isa_page_to_bus and
    isa_bus_to_virt defines to complement the existing isa_virt_to_bus
    define; untested, but these should all be straightforward on alpha and
    defining them is certainly a better option for getting user feedback
    than disabling the affected drivers.

  [ Bastian Blank ]
  * [powerpc] Readd mkvmlinuz support. (closes: #419033)
  * [sparc]: Disable sparc32 image.
  * [hppa]: Temporary disable all images.

 -- Bastian Blank <waldi@debian.org>  Fri, 18 May 2007 19:52:36 +0200

linux-2.6 (2.6.21-1) unstable; urgency=low

  [ maximilian attems ]
  * New upstream release see http://kernelnewbies.org/Linux_2_6_21
    (closes: #423874)
  * Disable CONFIG_IP_ROUTE_MULTIPATH_CACHED in topconfig.
  * Enable CONFIG_IP6_NF_MATCH_MH, CONFIG_CHELSIO_T3, CONFIG_USB_NET_DM9601,
    CONFIG_NETFILTER_XT_TARGET_TCPMSS, CONFIG_RTC_DRV_CMOS,
    CONFIG_ASUS_LAPTOP, CONFIG_SONY_LAPTOP, CONFIG_DVB_TUNER_QT1010,
    CONFIG_USB_IOWARRIOR, CONFIG_ATL1 in topconfig.
  * [i386] Enable CONFIG_ACPI_BAY, CONFIG_X86_LONGHAUL, CONFIG_BLK_DEV_DELKIN,
    CONFIG_BLK_DEV_IT8213, CONFIG_BLK_DEV_TC86C001, CONFIG_INPUT_ATLAS_BTNS,
    CONFIG_SENSORS_ADM1029, CONFIG_FB_SVGALIB, CONFIG_FB_S3,
    CONFIG_USB_KC2190, CONFIG_KS0108.
  * Add stable release 2.6.21.1:
    - IPV4: Fix OOPS'er added to netlink fib.
    - IPV6: Fix for RT0 header ipv6 change.
  * [i386] Enable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for dynticks and true
    high-resolution timers.
  * [i386] Enable CONFIG_TIMER_STATS to collect stats about kernel/userspace
    timer aka power usage (see powertop). (closes: #423694)
  * [i386] Disable obsolete CONFIG_IRQBALANCE due to bad timer behaviour.

  [ Martin Michlmayr ]
  * Add armel (arm with EABI) support.  Thanks, Lennert Buytenhek and
    Joey Hess.  (closes: #410853)
  * Mark CHELSIO_T3 as broken on ARM.
  * Take arch/arm/tools/mach-types from current git to fix build failure
    because MACH_TYPE_EP80219 is not defined.
  * mips/sb1: Don't build CONFIG_ATA into the kernel.
  * mips/sb1: Unset CONFIG_USB_{KBD,MOUSE} since the generic HID is used.
  * arm/iop32x: Don't build CONFIG_ATA into the kernel.
  * arm/ixp4xx: Enable more SATA drivers.
  * arm/ixp4xx: Enable PATA_ARTOP which is needed by the nas100d.
  * arm/ixp4xx: Set CONFIG_USB_EHCI_TT_NEWSCHED.
  * mips/4kc-malta: Add an image for the MIPS Malta board.  Thanks,
    Aurelien Jarno. (closes: #421377)

  [ Emanuele Rocca ]
  * sparc: Enable CONFIG_SCSI_QLOGIC_1280. (closes: #423177)

  [ Christian T. Steigies ]
  * Add m68k patches for 2.6.21
  * Add type: plain to [image] in arch/m68k/defines to fix missing
    Modules.symvers problem

  [ Steve Langasek ]
  * Revert change to disable image building on alpha.

  [ Bastian Blank ]
  * Update vserver patch to 2.2.0-rc1.

 -- Bastian Blank <waldi@debian.org>  Wed, 16 May 2007 13:46:38 +0200

linux-2.6 (2.6.20-3) unstable; urgency=low

  [ Gordon Farquharson ]
  * arm: Mark CONFIG_MTD_NAND_CAFE and CONFIG_NETXEN_NIC as broken to
    fix FTBFS.

  [ Bastian Blank ]
  * Disable new pata drivers. (closes: #419458)
  * Disable pata in ata_piix.

 -- Bastian Blank <waldi@debian.org>  Tue, 24 Apr 2007 09:54:44 +0200

linux-2.6 (2.6.20-2) unstable; urgency=low

  [ Bastian Blank ]
  * Rename linux-libc-headers into linux-libc-dev.
  * [mips] Drop sb1250 uart support.
  * [alpha] Temporary disable alpha images.
  * Add stable release 2.6.20.7:
    - Linux 2.6.20.7
    - Update libata drive blacklist to the latest from 2.6.21
    - fix page leak during core dump
    - revert "retries in ext4_prepare_write() violate ordering requirements"
    - revert "retries in ext3_prepare_write() violate ordering requirements"
    - libata: Clear tf before doing request sense (take 3)
    - fix lba48 bug in libata fill_result_tf()
    - ahci.c: walkaround for SB600 SATA internal error issue
    - libata bugfix: preserve LBA bit for HDIO_DRIVE_TASK
    - softmac: avoid assert in ieee80211softmac_wx_get_rate
    - knfsd: allow nfsd READDIR to return 64bit cookies
    - Fix TCP slow_start_after_idle sysctl
    - Fix tcindex classifier ABI borkage...
    - Fix IPSEC replay window handling
    - Fix TCP receiver side SWS handling.
    - Fix scsi sense handling
    - Fix length validation in rawv6_sendmsg()
    - NETFILTER: ipt_CLUSTERIP: fix oops in checkentry function
    - 8139too: RTNL and flush_scheduled_work deadlock
    - Fix calculation for size of filemap_attr array in md/bitmap.
    - HID: Do not discard truncated input reports
    - DVB: pluto2: fix incorrect TSCR register setting
    - DVB: tda10086: fix DiSEqC message length
    - sky2: phy workarounds for Yukon EC-U A1
    - sky2: turn on clocks when doing resume
    - sky2: turn carrier off when down
    - skge: turn carrier off when down
    - sky2: reliable recovery
    - i386: fix file_read_actor() and pipe_read() for original i386 systems
    - kbuild: fix dependency generation

  [ dann frazier ]
  * [hppa] Add parisc arch patch from Kyle McMartin
  * [hppa] Enable CONFIG_TULIP_MMIO (closes: #332962)
  * [hppa] Disable ni52 driver, it doesn't build (and wouldn't work if it did)

 -- Bastian Blank <waldi@debian.org>  Sun, 15 Apr 2007 16:04:16 +0200

linux-2.6 (2.6.20-1) unstable; urgency=low

  [ Martin Michlmayr ]
  * mipsel: Drop DECstation support (both r3k-kn02 and r4k-kn04).
  * arm: Drop RiscPC (rpc) support.
  * arm: Update configs for 2.6.19-rc6.
  * arm: source drivers/ata/Kconfig so SATA can be enabled on ARM.
  * arm/footbridge: Unset SATA.
  * arm/s3c2410: Drop this flavour since no such device is supported
    in debian-installer and the ARM build resources are limited.

  [ Sven Luther ]
  * [powerpc] Added Genesi Efika support patch

  [ Bastian Blank ]
  * Remove legacy pty support. (closes: #338404)
  * Enable new scsi parts.
  * powerpc: Enable ibmvscsis.
  * Add stable release 2.6.20.1:
    - Linux 2.6.20.1
    - [PATCH] Fix a free-wrong-pointer bug in nfs/acl server (CVE-2007-0772)
  * Add stable release 2.6.20.2:
    - Linux 2.6.20.2
    - IPV6: Handle np->opt being NULL in ipv6_getsockopt_sticky() [CVE-2007-1000]
    - x86-64: survive having no irq mapping for a vector
    - Fix buffer overflow in Omnikey CardMan 4040 driver (CVE-2007-0005)
    - TCP: Fix minisock tcp_create_openreq_child() typo.
    - gfs2: fix locking mistake
    - ATA: convert GSI to irq on ia64
    - pktcdvd: Correctly set cmd_len field in pkt_generic_packet
    - video/aty/mach64_ct.c: fix bogus delay loop
    - revert "drivers/net/tulip/dmfe: support basic carrier detection"
    - throttle_vm_writeout(): don't loop on GFP_NOFS and GFP_NOIO allocations
    - fix section mismatch warning in lockdep
    - ueagle-atm.c needs sched.h
    - kvm: Fix asm constraint for lldt instruction
    - lockdep: forward declare struct task_struct
    - Char: specialix, isr have 2 params
    - buffer: memorder fix
    - kernel/time/clocksource.c needs struct task_struct on m68k
    - m32r: build fix for processors without ISA_DSP_LEVEL2
    - hugetlb: preserve hugetlb pte dirty state
    - enable mouse button 2+3 emulation for x86 macs
    - v9fs_vfs_mkdir(): fix a double free
    - ufs: restore back support of openstep
    - Fix MTRR compat ioctl
    - kexec: Fix CONFIG_SMP=n compilation V2 (ia64)
    - NLM: Fix double free in __nlm_async_call
    - RPM: fix double free in portmapper code
    - Revert "[PATCH] LOG2: Alter get_order() so that it can make use of ilog2() on a constant"
    - Backport of psmouse suspend/shutdown cleanups
    - USB: usbnet driver bugfix
    - sched: fix SMT scheduler bug
    - tty_io: fix race in master pty close/slave pty close path
    - forcedeth: disable msix
    - export blk_recount_segments
    - Fix reference counting (memory leak) problem in __nfulnl_send() and callers related to packet queueing.
    - Fix anycast procfs device leak
    - Don't add anycast reference to device multiple times
    - Fix TCP MD5 locking.
    - Fix %100 cpu spinning on sparc64
    - Fix skb data reallocation handling in IPSEC
    - Fix xfrm_add_sa_expire() return value
    - Fix interrupt probing on E450 sparc64 systems
    - HID: fix possible double-free on error path in hid parser
    - POWERPC: Fix performance monitor exception
    - libata: add missing CONFIG_PM in LLDs
    - libata: add missing PM callbacks
    - bcm43xx: Fix assertion failures in interrupt handler
    - mmc: Power quirk for ENE controllers
    - UML - Fix 2.6.20 hang
    - fix umask when noACL kernel meets extN tuned for ACLs
    - sata_sil: ignore and clear spurious IRQs while executing commands by polling
    - swsusp: Fix possible oops in userland interface
    - Fix posix-cpu-timer breakage caused by stale p->last_ran value
    - V4L: cx88-blackbird: allow usage of 376836 and 262144 sized firmware images
    - V4L: fix cx25840 firmware loading
    - DVB: digitv: open nxt6000 i2c_gate for TDED4 tuner handling
    - DVB: cxusb: fix firmware patch for big endian systems
    - V4L: pvrusb2: Handle larger cx2341x firmware images
    - V4L: pvrusb2: Fix video corruption on stream start
    - dvbdev: fix illegal re-usage of fileoperations struct
    - md: Fix raid10 recovery problem.
    - bcm43xx: fix for 4309
    - i386: Fix broken CONFIG_COMPAT_VDSO on i386
    - x86: Don't require the vDSO for handling a.out signals
    - x86_64: Fix wrong gcc check in bitops.h
    - sky2: transmit timeout deadlock
    - sky2: dont flush good pause frames
    - Fix oops in xfrm_audit_log()
    - Prevent pseudo garbage in SYN's advertized window
    - Fix IPX module unload
    - Clear TCP segmentation offload state in ipt_REJECT
    - Fix atmarp.h for userspace
    - UHCI: fix port resume problem
    - Fix recently introduced problem with shutting down a busy NFS server.
    - Avoid using nfsd process pools on SMP machines.
    - EHCI: turn off remote wakeup during shutdown
    - IPV6: HASHTABLES: Use appropriate seed for caluculating ehash index.
    - MTD: Fatal regression in drivers/mtd/redboot.c in 2.6.20
    - Kconfig: FAULT_INJECTION can be selected only if LOCKDEP is enabled.
    - USB HID: Fix USB vendor and product IDs endianness for USB HID devices
    - Fix null pointer dereference in appledisplay driver
    - ieee1394: fix host device registering when nodemgr disabled
    - ieee1394: video1394: DMA fix
    - Fix compile error for e500 core based processors
    - md: Avoid possible BUG_ON in md bitmap handling.
    - Fix allocation failure handling in multicast
    - Fix TCP FIN handling
    - Fix ATM initcall ordering.
    - Fix various bugs with aligned reads in RAID5.
    - hda-intel - Don't try to probe invalid codecs
    - usbaudio - Fix Oops with unconventional sample rates
    - usbaudio - Fix Oops with broken usb descriptors
    - USB: fix concurrent buffer access in the hub driver
    - Missing critical phys_to_virt in lib/swiotlb.c
    - AGP: intel-agp bugfix
    - bcm43xx: Fix for oops on ampdu status
    - bcm43xx: Fix for oops on resume
    - ide: fix drive side 80c cable check
    - Keys: Fix key serial number collision handling
    - knfsd: Fix a race in closing NFSd connections.
    - pata_amd: fix an obvious bug in cable detection
    - prism54: correct assignment of DOT1XENABLE in WE-19 codepaths
    - rtc-pcf8563: detect polarity of century bit automatically
    - x86_64: fix 2.6.18 regression - PTRACE_OLDSETOPTIONS should be accepted
    - ocfs2: ocfs2_link() journal credits update
  * Update xen patch to changeset 48670 from fedora 2.6.20 branch.
  * Support xen versions 3.0.4-1 and 3.0.3-1.

  [ Rod Whitby ]
  * arm/ixp4xx: Enable PATA_ARTOP for the nas100d and dsmg600.
  * arm/ixp4xx: Enable RTC for the nas100d
  * Add nas100d Ethernet MAC setup support.
  * Add temporary hack to get Artop PATA support going on the nas100d.

  [ maximilian attems ]
  * i386: Enable kvm.
  * Add stable release 2.6.20.3:
    - Fix sparc64 device register probing
    - Fix bug 7994 sleeping function called from invalid context
    - Fix timewait jiffies
    - Fix UDP header pointer after pskb_trim_rcsum()
    - Fix compat_getsockopt
    - bcm43xx: Fix problem with >1 GB RAM
    - nfnetlink_log: fix NULL pointer dereference
    - nfnetlink_log: fix possible NULL pointer dereference
    - conntrack: fix {nf, ip}_ct_iterate_cleanup endless loops
    - nf_conntrack/nf_nat: fix incorrect config ifdefs
    - tcp conntrack: accept SYN|URG as valid
    - nfnetlink_log: fix reference leak
    - nfnetlink_log: fix use after free
    - nf_conntrack: fix incorrect classification of IPv6 fragments as
      ESTABLISHED
    - nfnetlink_log: zero-terminate prefix
    - nfnetlink_log: fix crash on bridged packet
    - Fix callback bug in connector
    - fix for bugzilla #7544 (keyspan USB-to-serial converter)
    - ip6_route_me_harder should take into account mark
  * Add myself to uploaders field, entry got lost after 2.6.16-2
  * Add stable release 2.6.20.4:
    - fix deadlock in audit_log_task_context()
    - EHCI: add delay to bus_resume before accessing ports
    - Copy over mac_len when cloning an skb
    - fix read past end of array in md/linear.c
    - oom fix: prevent oom from killing a process with children/sibling unkillable
    - Fix sparc64 hugepage bugs
    - Fix page allocation debugging on sparc64
    - Fix niagara memory corruption
    - Input: i8042 - really suppress ACK/NAK during panic blink
    - Input: i8042 - fix AUX IRQ delivery check
    - Input: i8042 - another attempt to fix AUX delivery checks
    - Fix rtm_to_ifaddr() error return.
    - r8169: fix a race between PCI probe and dev_open
    - futex: PI state locking fix
    - adjust legacy IDE resource setting (v2)
    - UML - arch_prctl should set thread fs
    - gdth: fix oops in gdth_copy_cmd()
    - Fix extraneous IPSEC larval SA creation
    - IA64: fix NULL pointer in ia64/irq_chip-mask/unmask function
    - st: fix Tape dies if wrong block size used, bug 7919
    - Fix ipv6 flow label inheritance
    - NETFILTER: nfnetlink_log: fix reference counting
    - mm: fix madvise infinine loop
    - Fix another NULL pointer deref in ipv6_sockglue.c
    - NetLabel: Verify sensitivity level has a valid CIPSO mapping
    - Fix GFP_KERNEL with preemption disabled in fib_trie
    - IrDA: irttp_dup spin_lock initialisation
    - hda-intel - Fix codec probe with ATI controllers
    - hrtimer: prevent overrun DoS in hrtimer_forward()
    - fix MTIME_SEC_MAX on 32-bit
    - nfs: nfs_getattr() can't call nfs_sync_mapping_range() for non-regular files
    - dio: invalidate clean pages before dio write
    - initialise pi_lock if CONFIG_RT_MUTEXES=N
  * Add stable release 2.6.20.5:
    - FRA_{DST,SRC} are le16 for decnet
    - CIFS: reset mode when client notices that ATTR_READONLY is no longer set
    - ide: clear bmdma status in ide_intr() for ICHx controllers (revised #4)
    - ide: remove clearing bmdma status from cdrom_decode_status() (rev #4)
    - NET: Fix sock_attach_fd() failure in sys_accept()
    - DCCP: Fix exploitable hole in DCCP socket options
    - ide: revert "ide: fix drive side 80c cable check, take 2" for now
    - generic_serial: fix decoding of baud rate
    - IPV6: Fix ipv6 round-robin locking.
    - VIDEO: Fix FFB DAC revision probing
    - PPP: Fix PPP skb leak
    - V4L: msp_attach must return 0 if no msp3400 was found.
    - CRYPTO: api: scatterwalk_copychunks() fails to advance through scatterlist
    - APPLETALK: Fix a remotely triggerable crash (CVE-2007-1357)
    - UML - fix epoll
    - UML - host VDSO fix
    - UML - Fix static linking
    - UML - use correct register file size everywhere
    - libata: sata_mv: don't touch reserved bits in EDMA config register
    - libata: sata_mv: Fix 50xx irq mask
    - libata bugfix: HDIO_DRIVE_TASK
    - V4L: Fix SECAM handling on saa7115
    - DVB: fix nxt200x rf input switching
    - SPARC: Fix sparc builds with gcc-4.2.x
    - V4L: saa7146: Fix allocation of clipping memory
    - uml: fix unreasonably long udelay
    - NET: Fix packet classidier NULL pointer OOPS
    - NET_SCHED: Fix ingress qdisc locking.
    - sata_nv: delay on switching between NCQ and non-NCQ commands
    - dvb-core: fix several locking related problems
    - ieee1394: dv1394: fix CardBus card ejection
    - CIFS: Allow reset of file to ATTR_NORMAL when archive bit not set
    - jmicron: make ide jmicron driver play nice with libata ones
    - libata: clear TF before IDENTIFYing
    - NET: Fix FIB rules compatability
    - DVB: isl6421: don't reference freed memory
    - V4L: radio: Fix error in Kbuild file
    - i2o: block IO errors on i2o disk
  * Add stable release 2.6.20.6:
    - CRYPTO api: Use the right value when advancing scatterwalk_copychunks
    - uml: fix static linking for real

  [ Gordon Farquharson ]
  * Disable broken config options on ARM.

  [ Frederik Schüler ]
  * Disable NAPI on forcedeth, it is broken.

  [ dann frazier ]
  * Hardcode the output of the scripts under arch/ia64/scripts as executed
    in an etch environment so that we can build out of tree modules correctly
    (re-add; patch seems to have been dropped during a merge.)
    See: #392592
  * Allow '.' and '+' in the target dist field of the changelog. dpkg has
    supported this since 1.13.20, see #361171.

 -- Bastian Blank <waldi@debian.org>  Mon, 09 Apr 2007 19:21:52 +0200

linux-2.6 (2.6.18.dfsg.1-10) unstable; urgency=low

  [ maximilian attems ]
  * Add patches out of stable queue 2.6.18
    - [amd64] Don't leak NT bit into next task (CVE-2006-5755)
    - IB/srp: Fix FMR mapping for 32-bit kernels and addresses above 4G
    - SCSI: add missing cdb clearing in scsi_execute()
  * Xen postinst: Use takeover for update-initramfs. Makes postinst idempotent.
    On creation it should always overwrite. (closes: #401183)
  * Hand-picked from stable release 2.6.16.38:
    - i2c-viapro: Add support for the VT8237A and VT8251
    - PCI: irq: irq and pci_ids patch for Intel ICH9
    - i2c-i801: SMBus patch for Intel ICH9
    - fix the UML compilation
    - drm: allow detection of new VIA chipsets
    - drm: Add the P4VM800PRO PCI ID.
    - rio: typo in bitwise AND expression.
    - i2c-mv64xxx: Fix random oops at boot
    - i2c: fix broken ds1337 initialization
    - [SUNKBD]: Fix sunkbd_enable(sunkbd, 0); obvious.
    - Call init_timer() for ISDN PPP CCP reset state timer (CVE-2006-5749)
    - V4L: cx88: Fix leadtek_eeprom tagging
    - SPI/MTD: mtd_dataflash oops prevention
    - grow_buffers() infinite loop fix (CVE-2006-5757/CVE-2006-6060)
    - corrupted cramfs filesystems cause kernel oops (CVE-2006-5823)
    - ext2: skip pages past number of blocks in ext2_find_entry
      (CVE-2006-6054)
    - handle ext3 directory corruption better (CVE-2006-6053)
    - hfs_fill_super returns success even if no root inode (CVE-2006-6056)
      backout previous fix, was not complete.
    - Fix for shmem_truncate_range() BUG_ON()
    - ebtables: check struct type before computing gap
    - [IPV4/IPV6]: Fix inet{,6} device initialization order.
    - [IPV6] Fix joining all-node multicast group.
    - [SOUND] Sparc CS4231: Use 64 for period_bytes_min
  * [PKTGEN]: Convert to kthread API. Thanks David Miller for patch.
  * [IDE] Add driver for Jmicron  JMB36x devices by Alan Cox.
    Enable jmicron on i386 and amd64 archs.
  * Hand-picked from stable release 2.6.16.39:
    - atiixp: hang fix
    - V4L/DVB: Flexcop-usb: fix debug printk
    - V4L/DVB: Fix uninitialised variable in dvb_frontend_swzigzag
    - read_zero_pagealigned() locking fix
    - adfs: fix filename handling
    - sparc32: add offset in pci_map_sg()
    - cdrom: set default timeout to 7 seconds
    - [SCSI] qla1280 command timeout
    - [SCSI] qla1280 bus reset typo
    - [Bluetooth] Check if DLC is still attached to the TTY
    - [Bluetooth] Fix uninitialized return value for RFCOMM sendmsg()
    - [Bluetooth] Return EINPROGRESS for non-blocking socket calls
    - [Bluetooth] Handle command complete event for exit periodic inquiry
    - [Bluetooth] Fix compat ioctl for BNEP, CMTP and HIDP
    - [Bluetooth] Add locking for bt_proto array manipulation
    - i386: fix CPU hotplug with 2GB VMSPLIT

  [ dann frazier ]
  * Fix raid1 recovery (closes: #406181)

  [ Jurij Smakov ]
  * Add dtlb-prot-bug-niagara.patch by David Miller, fixing the bug in the
    Niagara's DTLB-PROT trap.

  [ Bastian Blank ]
  * i386: Add amd64 image. (closes: #379090)

 -- Bastian Blank <waldi@debian.org>  Fri,  2 Feb 2007 12:50:35 +0100

linux-2.6 (2.6.18.dfsg.1-9) unstable; urgency=low

  [ Martin Michlmayr ]
  * arm/iop32x: Enable CONFIG_IP_NF_CONNTRACK_EVENTS and _NETLINK.
  * arm/ixp4xx: Enable some more I2C sensor modules.
  * arm/ixp4xx: Enable CONFIG_USB_NET_RNDIS_HOST.
  * arm/footbridge: Enable CONFIG_NATSEMI.
  * Revert mm/msync patches because they cause filesystem corruption
    (closes: #401006, #401980, #402707) ...
  * ... and add an alternative msync patch from Hugh Dickins that
    doesn't depend on the mm changes (closes: #394392).
  * mips: provide pci_get_legacy_ide_irq needed by some IDE drivers
    (see #404950).
  * arm: Implement flush_anon_page(), which is needed for FUSE
    (closes: #402876) and possibly dm-crypt/LUKS (see #403426).
  * arm: Turn off PCI burst on the Cyber2010, otherwise X11 on
    Netwinder will crash.
  * arm/iop32x: Enable CONFIG_IEEE80211_SOFTMAC and drivers based
    on it.
  * arm/ixp4xx: Upgrade to version 0.3.1 of the IXP4xx NPE Ethernet
    driver.  This version fixes stuck connections, e.g. with scp and
    NFS (closes: #404447).
  * arm/ixp4xx: Enable CONFIG_VIDEO_CPIA_USB.
  * arm/ixp4xx: Enable CONFIG_ISCSI_TCP.
  * arm/iop32x: Likewise.

  [ Bastian Blank ]
  * Bump ABI to 4.
  * Update vserver patch to 2.0.2.2-rc9. (closes: #402743, #403790)
  * Update xen patch to changeset 36186 from Fedora 2.6.18 branch.
  * i386/xen: Build only the pae version. (closes: #390862)
  * hppa: Override host type when necessary.
  * Fix tg3 reset. (closes: #405085)

  [ dann frazier ]
  * Fix potential fragmentation attacks in ip6_tables (CVE-2006-4572)
  * Backport a number of fixes for the cciss driver
    - Fix a bug with 1TB disks caused by converting total_size to an int
    - Claim devices that are of the HP RAID class and have a valid cciss sig
    - Make NR_CMDS a per-controller define - most can do 1024 commands, but
      the E200 family can only support 128
    - Change the SSID on the E500 as a workaround for a firmware bug
    - Disable prefetch on the P600 controller. An ASIC bug may result in
      prefetching beyond the end of physical memory
    - Increase blk_queue_max_sectors from 512 to 2048 to increase performance
    - Map out more memor for the PCI config table, required to reach offset
      0x214 to disable DMA on the P600
    - Set a default raid level on a volume that either does not support
      reading the geometry or reports an invalid geometry for whatever reason
      to avoid problems with buggy firmware
    - Revert change that replaed XFER_READ/XFER_WRITE macros with
      h->cciss_read/h->cciss_write that caused command timeouts on older
      controllers on ia32 (closes: #402787)
  * Fix mincore hang (CVE-2006-4814)
  * ia64: turn on IOC4 modules for SGI Altix systems. Thanks to Stephane Larose
    for suggesting this.
  * Add versioned build dep on findutils to make sure the system find command
    supports the -execdir action (closes: #405150)
  * Hardcode the output of the scripts under arch/ia64/scripts as executed
    in an etch environment so that we can build out of tree modules correctly
    (closes: #392592)
  * Update unusual_devs entry for ipod to fix an eject issue (closes: #406124)
  * Re-add verify_pmtmr_rate, resolving problems seen on older K6 ASUS
    boards where the ACPI PM timer runs too fast (closes: #394753)
  * Avoid condition where /proc/swaps header may not be printed
    (closes: #292318)
  * [hppa] disable XFS until it works (closes: #350482)

  [ Norbert Tretkowski ]
  * libata: handle 0xff status properly. (closes: #391867)
  * alpha: enabled CONFIG_SCSI_ARCMSR. (closes: #401187)
  * removed BROKEN_ON_SMP dependency from I2C_ELEKTOR. (closes: #402253)

  [ Christian T. Steigies ]
  * m68k/atari: enable keyboard, mouse and fb drivers
  * m68k/atari: fixes for ethernec and video driver by Michael Schmitz
  * m68k/atari: fixes for scsi driver by Michael Schmitz
  * m68k/mac: fixes for mace and cuda driver by Finn Thain
  * m68k/atari: fixes for ide driver by Michael Schmitz
  * m68k/atari: fixes for ide driver by Michael Schmitz
  * m68k/atari: fixes for ethernec and atakeyb driver by Michael Schmitz, build ethernec as module
  * m68k/mac: fixes for mace and adb driver by Finn Thain

  [ maximilian attems ]
  * Add stable release 2.6.18.6:
    - EBTABLES: Fix wraparounds in ebt_entries verification.
    - EBTABLES: Verify that ebt_entries have zero ->distinguisher.
    - EBTABLES: Deal with the worst-case behaviour in loop checks.
    - EBTABLES: Prevent wraparounds in checks for entry components' sizes.
    - skip data conversion in compat_sys_mount when data_page is NULL
    - bonding: incorrect bonding state reported via ioctl
    - x86-64: Mark rdtsc as sync only for netburst, not for core2
      (closes: #406767)
    - dm crypt: Fix data corruption with dm-crypt over RAID5 (closes: #402812)
    - forcedeth: Disable INTx when enabling MSI in forcedeth
    - PKT_SCHED act_gact: division by zero
    - XFRM: Use output device disable_xfrm for forwarded packets
    - IPSEC: Fix inetpeer leak in ipv4 xfrm dst entries.
    - V4L: Fix broken TUNER_LG_NTSC_TAPE radio support
    - m32r: make userspace headers platform-independent
    - IrDA: Incorrect TTP header reservation
    - SUNHME: Fix for sunhme failures on x86
    - Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)
    - softmac: remove netif_tx_disable when scanning
    - DVB: lgdt330x: fix signal / lock status detection bug
    - dm snapshot: fix freeing pending exception
    - NET_SCHED: policer: restore compatibility with old iproute binaries
    - NETFILTER: ip_tables: revision support for compat code
    - ARM: Add sys_*at syscalls
    - ieee1394: ohci1394: add PPC_PMAC platform code to driver probe
    - softirq: remove BUG_ONs which can incorrectly trigger
  * Hand-picked from stable release 2.6.16.30:
    - [PPPOE]: Advertise PPPoE MTU
  * Hand-picked from stable release 2.6.16.31:
    - [NETFILTER]: Fix ip6_tables extension header bypass bug (CVE-2006-4572)
    - fix RARP ic_servaddr breakage
  * Hand-picked from stable release 2.6.16.32:
    - drivers/telephony/ixj: fix an array overrun
    - flush D-cache in failure path
  * Hand-picked from stable release 2.6.16.33:
    - Add new PHY to sis900 supported list
    - ipmi_si_intf.c: fix "&& 0xff" typos
    - drivers/scsi/psi240i.c: fix an array overrun
  * Hand-picked from stable release 2.6.16.34:
    - [IPX]: Annotate and fix IPX checksum
    - [IGMP]: Fix IGMPV3_EXP() normalization bit shift value.
  * Hand-picked from stable release 2.6.16.35:
    - sgiioc4: Disable module unload
    - Fix a masking bug in the 6pack driver.
    - drivers/usb/input/ati_remote.c: fix cut'n'paste error
    - proper flags type of spin_lock_irqsave()
  * Hand-picked from stable release 2.6.16.37:
    - [CRYPTO] sha512: Fix sha384 block size
    - [SCSI] gdth: Fix && typos
    - Fix SUNRPC wakeup/execute race condition
  * Enable DEBUG_FS for usbmon in generic config. Don't disable it on alpha,
    amd64, hppa and ia64. (closes: 378542)
  * Backport a number of upstream fixes for the r8169 driver, needed for
    network performance (closes: 388870, 400524)
    - r8169: more alignment for the 0x8168
    - r8169: phy program update
    - r8169: more magic during initialization of the hardware
    - r8169: perform a PHY reset before any other operation at boot time
    - r8169: Fix iteration variable sign
    - r8169: remove extraneous Cmd{Tx/Rx}Enb write
  * sound: hda: detect ALC883 on MSI K9A Platinum motherboards (MS-7280)
    patch from Leonard Norrgard <leonard.norrgard@refactor.fi>
  * tulip: Add i386 specific patch to remove duplicate pci ids.
    Thanks Jurij Smakov <jurij@wooyd.org> (closes: #334104, #405203)
  * amd64, i386: Disable SK98LIN as SKGE is the modern capable driver.
    (closes: 405196)
  * Backout net-bcm43xx_netdev_watchdog.patch and push 2.6.18.2 fix.
    (closes: 402475)

  [ Jurij Smakov ]
  * Add bugfix/sparc/isa-dev-no-reg.patch to make sure that
    isa_dev_get_resource() can deal with devices which do not have a 'reg'
    PROM property. Failure to handle such devices properly resulted in an
    oops during boot on Netra X1. Thanks to Richard Mortimer for debugging
    and patch. (closes: #404216)
  * Add bugfix/sparc/ehci-hub-contol-alignment.patch to prevent unaligned
    memory accesses in ehci-hub-control() by adding an alignment attribute
    to the tbuf array declaration. Thanks to David Miller for the patch.

  [ Sven Luther ]
  * [powerpc] Enable CONFIG_PMAC_BACKLIGHT_LEGACY (Closes: #407671).

 -- Bastian Blank <waldi@debian.org>  Wed, 24 Jan 2007 13:21:51 +0100

linux-2.6 (2.6.18-8) unstable; urgency=low

  * Fix relations in the generated control file. (closes: #400544)
  * Add stable release 2.6.18.4:
    - bridge: fix possible overflow in get_fdb_entries (CVE-2006-5751)
  * Add stable release 2.6.18.5:
    - pcmcia: fix 'rmmod pcmcia' with unbound devices
    - BLUETOOTH: Fix unaligned access in hci_send_to_sock.
    - alpha: Fix ALPHA_EV56 dependencies typo
    - TG3: Add missing unlock in tg3_open() error path.
    - softmac: fix a slab corruption in WEP restricted key association
    - AGP: Allocate AGP pages with GFP_DMA32 by default
    - V4L: Do not enable VIDEO_V4L2 unconditionally
    - bcm43xx: Drain TX status before starting IRQs
    - fuse: fix Oops in lookup
    - UDP: Make udp_encap_rcv use pskb_may_pull
    - NETFILTER: Missing check for CAP_NET_ADMIN in iptables compat layer
    - NETFILTER: ip_tables: compat error way cleanup
    - NETFILTER: ip_tables: fix module refcount leaks in compat error paths
    - NETFILTER: Missed and reordered checks in {arp,ip,ip6}_tables
    - NETFILTER: arp_tables: missing unregistration on module unload
    - NETFILTER: Kconfig: fix xt_physdev dependencies
    - NETFILTER: xt_CONNSECMARK: fix Kconfig dependencies
    - NETFILTER: H.323 conntrack: fix crash with CONFIG_IP_NF_CT_ACCT
    - IA64: bte_unaligned_copy() transfers one extra cache line.
    - x86 microcode: don't check the size
    - scsi: clear garbage after CDBs on SG_IO
    - IPV6: Fix address/interface handling in UDP and DCCP, according to the scoping architecture.
  * Revert abi changing patch from 2.6.18.5.

 -- Bastian Blank <waldi@debian.org>  Sun, 10 Dec 2006 17:51:53 +0100

linux-2.6 (2.6.18-7) unstable; urgency=low

  [ Bastian Blank ]
  * Emit conflict lines for initramfs generators. (closes: #400305)
  * Update vserver patch to 2.0.2.2-rc8.
  * s390: Add patch to fix posix types.

  [ Martin Michlmayr ]
  * r8169: Add an option to ignore parity errors.
  * r8169: Ignore parity errors on the Thecus N2100.
  * rtc: Add patch from Riku Voipio to get RS5C372 going on the N2100.
  * arm/iop32x: Build RS5C372 support into the kernel.

  [ maximilian attems ]
  * hfs: Fix up error handling in HFS. (MOKB-14-11-2006)
  * sata: Avoid null pointer dereference in SATA Promise.
  * cifs: Set CIFS preferred IO size.

  [ Jurij Smakov ]
  * Add bugfix/sunhme-pci-enable.patch, fixing the failure of sunhme
    driver on x86/PCI hosts due to missing pci_enable_device() and
    pci_set_master() calls, lost during code refactoring upstream.
    (closes: #397460)

 -- Bastian Blank <waldi@debian.org>  Mon,  4 Dec 2006 15:20:30 +0100

linux-2.6 (2.6.18-6) unstable; urgency=low

  [ maximilian attems ]
  * Enable the new ACT modules globally. They were already set for amd64, hppa
    and mips/mipsel - needed by newer iproute2. (closes: #395882, #398172)
  * Fix msync() for LSB 3.1 compliance, backport fedora patches from 2.6.19
   - mm: tracking shared dirty pages
   - mm: balance dirty pages
   - mm: optimize the new mprotect() code a bit
   - mm: small cleanup of install_page()
   - mm: fixup do_wp_page()
   - mm: msync() cleanup (closes: #394392)
  * [amd64,i386] Enable CONFIG_USB_APPLETOUCH=m (closes: #382298)
  * Add stable release 2.6.18.3:
    - x86_64: Fix FPU corruption
    - e1000: Fix regression: garbled stats and irq allocation during swsusp
    - POWERPC: Make alignment exception always check exception table
    - usbtouchscreen: use endpoint address from endpoint descriptor
    - fix via586 irq routing for pirq 5
    - init_reap_node() initialization fix
    - CPUFREQ: Make acpi-cpufreq unsticky again.
    - SPARC64: Fix futex_atomic_cmpxchg_inatomic implementation.
    - SPARC: Fix missed bump of NR_SYSCALLS.
    - NET: __alloc_pages() failures reported due to fragmentation
    - pci: don't try to remove sysfs files before they are setup.
    - fix UFS superblock alignment issues
    - NET: Set truesize in pskb_copy
    - block: Fix bad data direction in SG_IO (closes: #394690)
    - cpqarray: fix iostat
    - cciss: fix iostat
    - Char: isicom, fix close bug
    - TCP: Don't use highmem in tcp hash size calculation.
    - S390: user readable uninitialised kernel memory, take 2.
    - correct keymapping on Powerbook built-in USB ISO keyboards
    - USB: failure in usblp's error path
    - Input: psmouse - fix attribute access on 64-bit systems
    - Fix sys_move_pages when a NULL node list is passed.
    - CIFS: report rename failure when target file is locked by Windows
    - CIFS: New POSIX locking code not setting rc properly to zero on successful
    - Patch for nvidia divide by zero error for 7600 pci-express card
      (maybe fixes 398258)
    - ipmi_si_intf.c sets bad class_mask with PCI_DEVICE_CLASS

  [ Steve Langasek ]
  * [alpha] new titan-video patch, for compatibility with TITAN and similar
    systems with non-standard VGA hose configs
  * [alpha] bugfix for srm_env module from upstream (Jan-Benedict Glaw),
    makes the module compatible with the current /proc interface so that
    reads no longer return EFAULT.  (closes: #353079)
  * Bump ABI to 3 for the msync fixes above.

  [ Martin Michlmayr ]
  * arm: Set CONFIG_BINFMT_MISC=m
  * arm/ixp4xx: Set CONFIG_ATM=m (and related modules) so CONFIG_USB_ATM has
    an effect.
  * arm/iop32x: Likewise.
  * arm/s3c2410: Unset CONFIG_PM_LEGACY.
  * arm/versatile: Fix Versatile PCI config byte accesses
  * arm/ixp4xx: Swap the disk 1 and disk 2 LED definitions so they're right.
  * mipsel/r5k-cobalt: Unset CONFIG_SCSI_SYM53C8XX_2 because the timeout is
    just too long.
  * arm/ixp4xx: Enable more V4L USB devices.

  [ dann frazier ]
  * Backport various SCTP changesets from 2.6.19, recommended by Vlad Yasevich
    (closes: #397946)
  * Add a "Scope of security support" section to README.Debian, recommended
    by Moritz Muehlenhoff

  [ Thiemo Seufer ]
  * Enable raid456 for mips/mipsel qemu kernel.

  [ dann frazier ]
  * The scope of the USR-61S2B unusual_dev entry was tightened, but too
    strictly. Loosen it to apply to additional devices with a smaller bcd.
    (closes: #396375)

  [ Sven Luther ]
  * Added support for TI ez430 development tool ID in ti_usb.
    Thanks to Oleg Verych for providing the patch.

  [ Christian T. Steigies ]
  * Added support for Atari EtherNEC, Aranym, video, keyboard, mouse, and serial
    by Michael Schmitz

  [ Bastian Blank ]
  * [i386] Reenable AVM isdn card modules. (closes: #386872)

 -- Bastian Blank <waldi@debian.org>  Tue, 21 Nov 2006 11:28:09 +0100

linux-2.6 (2.6.18-5) unstable; urgency=low

  [ maximilian attems ]
  * [s390] readd the fix for "S390: user readable uninitialised kernel memory
    (CVE-2006-5174)"
  * [s390] temporarily add patch queued for 2.6.18.3 fixing 32 bit opcodes and
    instructions.

  [ Thiemo Seufer ]
  * Fix build failure of hugetlbfs (closes: #397139).
  * Add kernel configuration for qemu's mips/mipsel emulation, thanks to
    Aurelien Jarno.

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2.2-rc6.
  * Update xen parts for vserver. (closes: #397281)

  [ dann frazier ]
  * [ia64] Move to upstream version of sal-flush-fix patch, which is slightly
    different than the early version added in 2.6.18-3.

  [ Frederik Schüler ]
  * [i386] Acticate CONFIG_SX for all flavours. (closes: #391275)

  [ Steve Langasek ]
  * [alpha] new asm-subarchs patch: tell the compiler that we're
    deliberately emitting ev56 or ev6 instructions, so that this code
    will still compile without having to cripple gcc-4.1's checking of
    whether the correct instruction set is used.  Closes: #397139.

  [ Martin Michlmayr ]
  * arm/ixp4xx: Enable CONFIG_USB_ATM.
  * arm/iop32x: Enable CONFIG_PPPOE.
  * arm/iop32x: Enable CONFIG_USB_ATM.

 -- Bastian Blank <waldi@debian.org>  Wed,  8 Nov 2006 17:15:55 +0100

linux-2.6 (2.6.18-4) unstable; urgency=low

  [ Norbert Tretkowski ]
  * [alpha] Switched to gcc-4.1.

  [ Jurij Smakov ]
  * [sparc] Remove sparc64-atyfb-xl-gr.patch, it does more harm than
    good in 2.6.18.
  * [sparc] Add bugfix/sparc/compat-alloc-user-space-alignment.patch
    (thanks to David Miller) to make sure that compat_alloc_user_space()
    always returns memory aligned on a 8-byte boundary on sparc. This
    prevents a number of unaligned memory accesses, like the ones in
    sys_msgrcv() and compat_sys_msgrcv(), triggered every 5 seconds whenever
    fakeroot is running.
  * [sparc] Add bugfix/sparc/bus-id-size.patch (thanks to David Miller)
    to ensure that the size of the strings stored in the bus_id field of
    struct device never exceeds the amount of memory allocated for them
    (20 bytes). It fixes the situations in which storing longer device
    names in this field would cause corruption of adjacent memory regions.
    (closes: #394697).
  * [sparc] Add bugfix/sparc/sunblade1k-boot-fix.patch (thanks to David
    Miller) to fix a boottime crash on SunBlade1000.
  * [sparc] Add bugfix/sparc/t1k-cpu-lockup.patch (thanks to David Miller)
    to prevent soft CPU lockup on T1000 servers, which can be triggered from
    userspace, resulting in denial of service.

  [ Martin Michlmayr ]
  * arm/iop32x: Fix the interrupt of the 2nd Ethernet slot on N2100.
  * arm/iop32x: Allow USB and serial to co-exist on N2100.
  * arm/ixp4xx: Add clocksource for Intel IXP4xx platforms.
  * arm: Enable CONFIG_AUDIT=y again.
  * arm/ixp4xx: Add the IXP4xx Ethernet driver.
  * arm/ixp4xx: Build LED support into the kernel.
  * Add a driver for Fintek F75375S/SP and F75373.
  * arm/iop32x: Build F75375S/SP support in.
  * arm/iop32x: Fix the size of the RedBoot config partition.

  [ maximilian attems ]
  * Add netpoll leak fix.
  * Add upstream forcedeth swsusp support.
  * r8169: PCI ID for Corega Gigabit network card.
  * r8169: the MMIO region of the 8167 stands behin BAR#1.
  * r8169: Add upstream fix for infinite loop during hotplug.
  * Bump build-dependency on kernel-package to 10.063.
  * r8169: pull revert mac address change support.
  * bcm43xx: Add full netdev watchout timeout patch. (closes: 392065)
    Thanks Sjoerd Simons <sjoerd@spring.luon.net> for the testing.
  * Add stable release 2.6.18.2:
    - Remove not yet released, revert the included patches.
    - Keep aboves bcm43xx fix, it's more complete.
    - Watchdog: sc1200wdt - fix missing pnp_unregister_driver()
    - fix missing ifdefs in syscall classes hookup for generic targets
    - JMB 368 PATA detection
    - usbfs: private mutex for open, release, and remove
    - sound/pci/au88x0/au88x0.c: ioremap balanced with iounmap
    - x86-64: Fix C3 timer test
    - Reintroduce NODES_SPAN_OTHER_NODES for powerpc
    - ALSA: emu10k1: Fix outl() in snd_emu10k1_resume_regs()
    - IB/mthca: Use mmiowb after doorbell ring
    - SCSI: DAC960: PCI id table fixup
    - ALSA: snd_rtctimer: handle RTC interrupts with a tasklet
    - JFS: pageno needs to be long
    - SPARC64: Fix central/FHC bus handling on Ex000 systems.
    - SPARC64: Fix memory corruption in pci_4u_free_consistent().
    - SPARC64: Fix PCI memory space root resource on Hummingbird.
      (closes: #392078)
    - Fix uninitialised spinlock in via-pmu-backlight code.
    - SCSI: aic7xxx: pause sequencer before touching SBLKCTL
    - IPoIB: Rejoin all multicast groups after a port event
    - ALSA: Dereference after free in snd_hwdep_release()
    - rtc-max6902: month conversion fix
    - NET: Fix skb_segment() handling of fully linear SKBs
    - SCTP: Always linearise packet on input
    - SCSI: aic7xxx: avoid checking SBLKCTL register for certain cards
    - IPV6: fix lockup via /proc/net/ip6_flowlabel [CVE-2006-5619]
    - fix Intel RNG detection
    - ISDN: check for userspace copy faults
    - ISDN: fix drivers, by handling errors thrown by ->readstat()
    - splice: fix pipe_to_file() ->prepare_write() error path
    - ALSA: Fix bug in snd-usb-usx2y's usX2Y_pcms_lock_check()
    - ALSA: Repair snd-usb-usx2y for usb 2.6.18
    - PCI: Remove quirk_via_abnormal_poweroff
    - Bluetooth: Check if DLC is still attached to the TTY
    - vmscan: Fix temp_priority race
    - Use min of two prio settings in calculating distress for reclaim
    - __div64_32 for 31 bit. Fixes funny clock speed on hercules emulator.
      (closes: 395247)
    - DVB: fix dvb_pll_attach for mt352/zl10353 in cx88-dvb, and nxt200x
    - fuse: fix hang on SMP
    - md: Fix bug where spares don't always get rebuilt properly when they become live.
    - md: Fix calculation of ->degraded for multipath and raid10
    - knfsd: Fix race that can disable NFS server.
    - md: check bio address after mapping through partitions.
    - fill_tgid: fix task_struct leak and possible oops
    - uml: fix processor selection to exclude unsupported processors and features
    - uml: remove warnings added by previous -stable patch
    - Fix sfuzz hanging on 2.6.18
    - SERIAL: Fix resume handling bug
    - SERIAL: Fix oops when removing suspended serial port
    - sky2: MSI test race and message
    - sky2: pause parameter adjustment
    - sky2: turn off PHY IRQ on shutdown
    - sky2: accept multicast pause frames
    - sky2: GMAC pause frame
    - sky2: 88E803X transmit lockup (2.6.18)
    - tcp: cubic scaling error
    - mm: fix a race condition under SMC + COW
    - ALSA: powermac - Fix Oops when conflicting with aoa driver
    - ALSA: Fix re-use of va_list
    - posix-cpu-timers: prevent signal delivery starvation
    - NFS: nfs_lookup - don't hash dentry when optimising away the lookup
    - uml: make Uml compile on FC6 kernel headers
    - Fix potential interrupts during alternative patching
  * Backport atkbd - supress "too many keys" error message.
  * [s390] Revert temporarly 2.6.18.1 "S390: user readable uninitialised
    kernel memory (CVE-2006-5174)" fix as it causes ftfbs

  [ Sven Luther ]
  * [powerpc] Added exception alignement patch from Benjamin Herrenschmidt.

  [ Frederik Schüler ]
  * Bump ABI to 2.
  * Update vserver patch to 2.0.2.2-rc4.

  [ Thiemo Seufer ]
  * Add patches from linux-mips.org's 2.6.18-stable branch:
    - bugfix/copy-user-highpage.patch, needed for cache alias handling
      on mips/mipsel/hppa.
    - bugfix/mips/syscall-wiring.patch, fixes TLS register access, and
      n32 rt_sigqueueinfo.
    - bugfix/mips/sb1-flush-cache-data-page.patch, missing cache flush
      on SB-1.
    - bugfix/mips/trylock.patch, fix trylock implementation for R1x000
      and R3xxx.
    - bugfix/mips/smp-cpu-bringup.patch, correct initialization of
      non-contiguous CPU topology.
    - bugfix/mips/header-exports.patch, clean up userland exports of
      kernel headers.
    - bugfix/mips/sb1-interrupt-handler.patch, fix broken interrupt
      routing on SB-1.
    - bugfix/mips/cache-alias.patch, fixes #387498 for mips/mipsel.
    - bugfix/mips/ip22-zilog-console.patch, fix long delays seen with
      SGI ip22 serial console.
    - bugfix/mips/signal-handling.patch, fixes a signal handling race
      condition shown with gdb.
    - bugfix/mips/sb1-duart-tts.patch, replaces mips-sb1-duart-tts.patch,
      use standard Linux names for SB-1 consoles.
    - bugfix/mips/wait-race.patch, correct behaviour of the idle loop.
    - bugfix/mips/sgi-ioc3.patch, checksumming fix for IOC3 network
      driver.
    - features/mips/qemu-kernel.patch, support for the mips/mipsel
      machine emulated by Qemu.
    - features/mips/backtrace.patch, reimplementation of stack analysis
      and backtrace printing, useful for in-kernel debugging.
    - bugfix/mips/dec-scsi.patch, replaces mips-dec-scsi.patch, fixes DSP
      SCSI driver for DECstations.
    - bugfix/mips/dec-serial.patch, replaces mips-dec-serial.patch, fix
      serial console handling on DECstations.

 -- Frederik Schüler <fs@debian.org>  Sat,  4 Nov 2006 18:45:02 +0100

linux-2.6 (2.6.18-3) unstable; urgency=low

  [ Bastian Blank ]
  * Fix home of patch apply script.
  * Unify CPUSET option. (closes: #391931)
  * Support xen version 3.0.3-1.
  * Add AHCI suspend support.
  * Add patch to support bindmount without nodev on vserver.
  * Update fedora xen patch to changeset 36252.

  [ Steve Langasek ]
  * [alpha] restore alpha-prctl.patch, which keeps disappearing every time
    there's a kernel upgrade :/

  [ Frederik Schüler ]
  * Activate CONFIG_NET_CLS_* globaly. (Closes: #389918)
  * Make CONFIG_EFI_VARS modular on i386. (Closes: #381951)
  * Activate CONFIG_SCSI_ARCMSR on amd64, powerpc, sparc too.
  * [vserver] Activate HARDCPU and HARDCPU_IDLE.
  * [vserver] Upgrade to vs2.0.2.2-rc2.

  [ maximilian attems ]
  * [mipsel] Disable CONFIG_SECURITY_SECLVL on DECstations too.
  * Add stable release 2.6.18.1:
   - add utsrelease.h to the dontdiff file
   - V4L: copy-paste bug in videodev.c
   - block layer: elv_iosched_show should get elv_list_lock
   - NETFILTER: NAT: fix NOTRACK checksum handling
   - bcm43xx: fix regressions in 2.6.18 (Closes: #392065)
   - x86-64: Calgary IOMMU: Fix off by one when calculating register space
     location
   - ide-generic: jmicron fix
   - scx200_hrt: fix precedence bug manifesting as 27x clock in 1 MHz mode
   - invalidate_inode_pages2(): ignore page refcounts
   - rtc driver rtc-pcf8563 century bit inversed
   - fbdev: correct buffer size limit in fbmem_read_proc()
   - mm: bug in set_page_dirty_buffers
   - TCP: Fix and simplify microsecond rtt sampling
   - MD: Fix problem where hot-added drives are not resynced.
   - IPV6: Disable SG for GSO unless we have checksum
   - PKT_SCHED: cls_basic: Use unsigned int when generating handle
   - sata_mv: fix oops
   - [SPARC64]: Kill bogus check from bootmem_init().
   - IPV6: bh_lock_sock_nested on tcp_v6_rcv
   - [CPUFREQ] Fix some more CPU hotplug locking.
   - SPARC64: Fix serious bug in sched_clock() on sparc64
   - Fix VIDIOC_ENUMSTD bug
   - load_module: no BUG if module_subsys uninitialized
   - i386: fix flat mode numa on a real numa system
   - cpu to node relationship fixup: map cpu to node
   - cpu to node relationship fixup: acpi_map_cpu2node
   - backlight: fix oops in __mutex_lock_slowpath during head
     /sys/class/graphics/fb0/*
   - do not free non slab allocated per_cpu_pageset
   - rtc: lockdep fix/workaround
   - powerpc: Fix ohare IDE irq workaround on old powermacs
   - sysfs: remove duplicated dput in sysfs_update_file
   - powerpc: fix building gdb against asm/ptrace.h
   - Remove offsetof() from user-visible <linux/stddef.h>
   - Clean up exported headers on CRIS
   - Fix v850 exported headers
   - Don't advertise (or allow) headers_{install,check} where inappropriate.
   - Remove UML header export
   - Remove ARM26 header export.
   - Fix H8300 exported headers.
   - Fix m68knommu exported headers
   - Fix exported headers for SPARC, SPARC64
   - Fix 'make headers_check' on m32r
   - Fix 'make headers_check' on sh64
   - Fix 'make headers_check' on sh
   - Fix ARM 'make headers_check'
   - One line per header in Kbuild files to reduce conflicts
   - sky2 network driver device ids
   - sky2: tx pause bug fix
   - netdrvr: lp486e: fix typo
   - mv643xx_eth: fix obvious typo, which caused build breakage
   - zone_reclaim: dynamic slab reclaim
   - Fix longstanding load balancing bug in the scheduler
   - jbd: fix commit of ordered data buffers
   - ALSA: Fix initiailization of user-space controls
   - USB: Allow compile in g_ether, fix typo
   - IB/mthca: Fix lid used for sending traps
   - S390: user readable uninitialised kernel memory (CVE-2006-5174)
   - zd1211rw: ZD1211B ASIC/FWT, not jointly decoder
   - V4L: pvrusb2: Limit hor res for 24xxx devices
   - V4L: pvrusb2: Suppress compiler warning
   - V4L: pvrusb2: improve 24XXX config option description
   - V4L: pvrusb2: Solve mutex deadlock
   - DVB: cx24123: fix PLL divisor setup
   - V4L: Fix msp343xG handling regression
   - UML: Fix UML build failure
   - uml: use DEFCONFIG_LIST to avoid reading host's config
   - uml: allow using again x86/x86_64 crypto code
   - NET_SCHED: Fix fallout from dev->qdisc RCU change
  * Add backported git patch remving BSD secure level - request by the
    Debian Security Team. (closes: 389282)
  * [powerpc] Add DAC960-ipr PCI id table fixup.
  * [powerpc] Fix uninitialised spinlock in via-pmu-backlight code.
  * Fix serial_cs resume handling.
  * Fix oops when removing suspended serial port.
  * Check if DLC is still attached to the TTY.
  * Add fedora backport of i965 DRM support.

  [ Martin Michlmayr ]
  * [mips] Apply some patches from linux-mips' linux-2.6.18-stable GIT tree:
    - The o32 fstatat syscall behaves differently on 32 and 64 bit kernels
    - fstatat syscall names
    - BCM1480: Mask pending interrupts against c0_status.im.
    - Cobalt: Time runs too quickly
    - Show actual CPU information in /proc/cpuinfo
    - Workaround for bug in gcc -EB / -EL options
    - Do not use -msym32 option for modules
    - Fix O32 personality(2) call with 0xffffffff argument
    - Use compat_sys_mount

  [ dann frazier ]
  * [ia64]: Fix booting on HP cell systems, thanks to Troy Heber
    - Enable CONFIG_HUGETLBFS
    - bugfix/ia64/sal-flush-fix.patch: delay sal cache flush
  * bugfix/sky2-receive-FIFO-fix.patch: fix sky2 hangs on some chips
    Thanks to Stephen Hemminger for the patch. (Closes: #391382)
  * features/all/drivers/cciss-support-for-gt-2TB-volumes.patch:
    Add support for > 2TB volumes
  * bugfix/sym2-dont-claim-raid-devs.patch: Prevent cpqarray/sym2 conflict
    by telling sym2 not to claim raid devices. (Closes: #391384)

  [ Sven Luther ]
  * [powerpc] Added AMD74xx driver module to the powerpc64 flavour
    (Closes: #391861).

  [ Kyle McMartin ]
  * [hppa] Force CROSS_COMPILE=hppa64-linux-gnu- (closes: #389296)

 -- Bastian Blank <waldi@debian.org>  Sat, 21 Oct 2006 15:59:43 +0200

linux-2.6 (2.6.18-2) unstable; urgency=low

  [ Bastian Blank ]
  * hppa: Fix compiler dependencies. (closes: #389296)
  * Make cfq the default io scheduler.
  * Add arcmsr (Areca) driver.
  * powerpc/prep: Fix compatibility asm symlink.
  * m68k: Disable initramfs support.

  [ Kyle McMartin ]
  * hppa: Add parisc patchset.

  [ Norbert Tretkowski ]
  * [alpha] Workaround undefined symbols by setting CONFIG_SCSI=y for smp flavour.
    (closes: #369517)

  [ Christian T. Steiges ]
  * m68k: Update patches for 2.6.18.
  * m68k: Re-Add m68k-as and m68k-macro patch which allow building with current binutils.
  * m68k: disable CONFIG_AUDIT for m68k.
  * m68k/mac: add m68k-no-backlight and m68k-fbcon patch.
  * m68k/mac: enable SONIC, disable all ADB but CUDA.

  [ Jurij Smakov ]
  * Add bugfix/proc-fb-reading.patch to fix the inconsistent behaviour
    of /proc/fb. (Closes: #388815)
  * sparc: Enable vserver flavour for sparc64. (Closes: #386656)

 -- Bastian Blank <waldi@debian.org>  Fri, 29 Sep 2006 14:12:19 +0200

linux-2.6 (2.6.18-1) unstable; urgency=low

  The unpruned release

  [ Martin Michlmayr ]
  * Bump build-dependency on kernel-package to 10.054.
  * arm/iop32x: Build ext2/3 as modules.
  * arm/iop32x: Disable CONFIG_EMBEDDED.
  * mipsel/r5k-cobalt: Enable ISDN.
  * arm/footbridge: Enable the CIFS module (closes: #274808).
  * arm/nslu2: Drop flavour since this machine is supported by arm/ixp4xx.
  * arm: Make get_unaligned() work with const pointers and GCC 4.1.
  * mipsel/r5k-cobalt: Enable CONFIG_BONDING as a module.
  * arm/iop32x: Likewise.
  * arm/ixp4xx: Likewise.
  * arm: Disable CONFIG_AUDIT for now since it's broken.

  [ Sven Luther ]
  * [powerpc] Enabled the -prep flavour. (Closes: #359025)
  * [powerpc] The sisfb framebuffer device is now builtin.
  * [powerpc] Updated the powerpc serial patch. This fixes the XServe serial
    port, but at the cost powermac pcmcia serial cards support.
    Thanks go to Mark Hymers for providing the patch.
    (Closes: #364637, #375194)
  * [powerpc] Added patch to fix oldworld/quik booting.
    Thanks fo to Christian Aichinger for investigating to Benjamin
    Herrenschmidt for providing the patch. (Closes: #366620, #375035).
  * [powerpc] Fixes hvc_console caused suspsend-to-disk breakage. Thanks to
    Andrew Morton for providing the patch. (Closes: #387178)
  * [powerpc] Disabled mv643xx_eth on powerpc64 flavours, as there never was a
    Marvell Discovery northbrige for 64bit powerpc cpus.

  [ Frederik Schüler ]
  * Remove obsolete options from amd64 and i386 configs.
  * Deactivate EVBUG.
  * Make PARPORT options global.
  * [i386] Add class definition for 486 flavour.

  [ maximilian attems ]
  * Enable CONFIG_PRINTER=m for all powerpc flavours.
  * Enable the new alsa CONFIG_SND_AOA framework for powerpc.
  * Add the merged advansys pci table patch.

  [ Bastian Blank ]
  * hppa: Use gcc-4.1.
  * Only provide 16 legacy ptys.

  [ Norbert Tretkowski ]
  * [alpha] Updated configs.
  * [alpha] Disabled CONFIG_AUDIT, broken.
  * [alpha] Added vserver flavour.

 -- Bastian Blank <waldi@debian.org>  Sun, 24 Sep 2006 15:55:37 +0200

linux-2.6 (2.6.17-9) unstable; urgency=medium

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2.
    - Fix possible priviledge escalation in remount code. (CVE-2006-4243)

  [ Frederik Schüler ]
  * Add stable release 2.5.17.12:
    - sky2: version 1.6.1
    - sky2: fix fiber support
    - sky2: MSI test timing
    - sky2: use dev_alloc_skb for receive buffers
    - sky2: clear status IRQ after empty
    - sky2: accept flow control
    - dm: Fix deadlock under high i/o load in raid1 setup.
    - Remove redundant up() in stop_machine()
    - Missing PCI id update for VIA IDE
    - PKTGEN: Fix oops when used with balance-tlb bonding
    - PKTGEN: Make sure skb->{nh,h} are initialized in fill_packet_ipv6() too.
    - Silent data corruption caused by XPC
    - uhci-hcd: fix list access bug
    - binfmt_elf: fix checks for bad address
    - [s390] bug in futex unqueue_me
    - fcntl(F_SETSIG) fix
    - IPV6 OOPS'er triggerable by any user
    - SCTP: Fix sctp_primitive_ABORT() call in sctp_close().
    - SPARC64: Fix X server crashes on sparc64
    - TG3: Disable TSO by default
    - dm: mirror sector offset fix
    - dm: fix block device initialisation
    - dm: add module ref counting
    - dm: fix mapped device ref counting
    - dm: add DMF_FREEING
    - dm: change minor_lock to spinlock
    - dm: move idr_pre_get
    - dm: fix idr minor allocation
    - dm snapshot: unify chunk_size
    - Have ext2 reject file handles with bad inode numbers early.
    - Allow per-route window scale limiting
    - bridge-netfilter: don't overwrite memory outside of skb
    - fix compilation error on IA64
    - Fix output framentation of paged-skbs
    - spectrum_cs: Fix firmware uploading errors
    - TEXTSEARCH: Fix Boyer Moore initialization bug
  * Add stable release 2.6.17.13:
    - lib: add idr_replace
    - pci_ids.h: add some VIA IDE identifiers
  * Remove patches merged upstream:
    - s390-kernel-futex-barrier.patch
  * Unpatch ia64-mman.h-fix.patch

 -- Bastian Blank <waldi@debian.org>  Wed, 13 Sep 2006 14:54:14 +0200

linux-2.6 (2.6.17-8) unstable; urgency=low

  [ Martin Michlmayr ]
  * arm/ixp4xx: Enable CONFIG_W1.

  [ dann frazier ]
  * sound-pci-hda-mac-mini-quirks.diff, sound-pci-hda-intel-d965.diff
    sound-pci-hda-mac-mini-intel945.diff:
    Updates to patch_sigmatel.c to add x86 mac-mini sound support
    Thanks to Matt Kraai. (closes: #384972)

  [ Kyle McMartin ]
  * hppa: Re-enable pa8800 fixing patches from James Bottomley.
    Pulled fresh from parisc-linux git tree.
  * ia64: Pull in compile-failure fix from Christian Cotte-Barrot.
    Pulled from linux-ia64 mailing list. Fix is correct.
  * hppa/alpha/mips: Fix compile-failure due to missing arch_mmap_check. Patch sent
    upstream to stable@kernel.org.

  [ dann frazier ]
  * sym2: only claim "Storage" class devices - the cpqarray driver should be
    used for 5c1510 devices in RAID mode. (closes: #380272)

  [ Bastian Blank ]
  * Backport change to allow all hypercalls for xen.

 -- Bastian Blank <waldi@debian.org>  Thu, 31 Aug 2006 12:12:51 +0200

linux-2.6 (2.6.17-7) unstable; urgency=low

  [ Martin Michlmayr ]
  * arm/iop32x: Enable CONFIG_BLK_DEV_OFFBOARD.
  * arm/iop32x: Unset CONFIG_BLK_DEV_AMD74XX since it fails on ARM
    with "Unknown symbol pci_get_legacy_ide_irq".
  * arm/iop32x: Enable a number of MD and DM modules.
  * arm/iop32x: Enable some more USB network modules.
  * mipsel/r5k-cobalt: Increase 8250 NR_UARTS and RUNTIME_UARTS to 4.
  * mipsel/r5k-cobalt: Fix MAC detection problem on Qube 2700.

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2-rc29.
  * Add stable release 2.6.17.10:
    - Fix possible UDF deadlock and memory corruption (CVE-2006-4145)
    - elv_unregister: fix possible crash on module unload
    - Fix sctp privilege elevation (CVE-2006-3745)

  [ maximilian attems ]
  * Add RAM range to longclass for -bigmem. (closes: 382799)
  * Add stable release 2.6.17.9:
    - powerpc: Clear HID0 attention enable on PPC970 at boot time
    (CVE-2006-4093)
  * Add stable release 2.6.17.11:
    - Fix ipv4 routing locking bug
    - disable debugging version of write_lock()
    - PCI: fix ICH6 quirks
    - 1394: fix for recently added firewire patch that breaks things on ppc
    - Fix IFLA_ADDRESS handling
    - Fix BeFS slab corruption
    - Fix timer race in dst GC code
    - Have ext3 reject file handles with bad inode numbers early
    - Kill HASH_HIGHMEM from route cache hash sizing
    - sys_getppid oopses on debug kernel
    - IA64: local DoS with corrupted ELFs
    - tpm: interrupt clear fix
    - ulog: fix panic on SMP kernels
    - dm: BUG/OOPS fix
    - MD: Fix a potential NULL dereference in md/raid1
    - ip_tables: fix table locking in ipt_do_table
    - swsusp: Fix swap_type_of
    - sky2: phy power problem on 88e805x
    - ipx: header length validation needed

  [ Frederik Schüler ]
  * Activate CONFIG_R8169_VLAN on amd64. (closes: #383707)
  * Activate EFI boot support on i386. (closes: #381951)

  [ dann frazier ]
  * Include module.lds in headers package if it exists. (closes: #342246)
  * Add Apple MacBook product IDs to usbhid and set
    CONFIG_USB_HIDINPUT_POWERBOOK=y on i386 and amd64. (closes: #383620)

 -- Bastian Blank <waldi@debian.org>  Thu, 24 Aug 2006 15:54:51 +0000

linux-2.6 (2.6.17-6) unstable; urgency=low

  [ maximilian attems ]
  * debian/arch/i386/defines: Activate 686-bigmem flavour for enterprise
  usage.
  * Add ubuntu pci table patch for scsi drivers advansys and fdomain.

  [ Martin Michlmayr ]
  * arm/armeb: Use gcc-4.1.
  * mips/mipsel: Use gcc-4.1.
  * arm/ixp4xx: Update config based on the NSLU2 config.
  * arm/s3c2410: Unset CONFIG_DEBUG_INFO.
  * arm/iop32x: xscale: don't mis-report 80219 as an iop32x
  * arm/iop32x: Add an MTD map for IOP3xx boards
  * arm/iop32x: Add support for the Thecus N2100.
  * arm/iop32x: Add support for the GLAN Tank.
  * arm/iop32x: Add a flavour for IOP32x based machines.

  [ Bastian Blank ]
  * Shrink short descriptions.
  * Make gcc-4.1 the default compiler.
  * [powerpc]: Use gcc-4.1.
  * Move latest and transitional packages to linux-latest-2.6.

  [ Frederik Schüler ]
  * [amd64] Add smp-alternatives backport.
  * [amd64] Drop smp flavours.
  * [amd64] Merge k8 and p4 flavours into a generic one, following upstreams
    advice.
  * Activate BSD_PROCESS_ACCT_V3.
  * Add stable release 2.6.17.8:
    - ALSA: Don't reject O_RDWR at opening PCM OSS
    - Add stable branch to maintainers file
    - tty serialize flush_to_ldisc
    - S390: fix futex_atomic_cmpxchg_inatomic
    - Fix budget-av compile failure
    - cond_resched() fix
    - e1000: add forgotten PCI ID for supported device
    - ext3: avoid triggering ext3_error on bad NFS file handle
    - ext3 -nobh option causes oops
    - Fix race related problem when adding items to and svcrpc auth cache.
    - ieee1394: sbp2: enable auto spin-up for Maxtor disks
    - invalidate_bdev() speedup
    - Sparc64 quad-float emulation fix
    - VLAN state handling fix
    - Update frag_list in pskb_trim
    - UHCI: Fix handling of short last packet
    - sky2: NAPI bug
    - i2c: Fix 'ignore' module parameter handling in i2c-core
    - scx200_acb: Fix the block transactions
    - scx200_acb: Fix the state machine
    - H.323 helper: fix possible NULL-ptr dereference
    - Don't allow chmod() on the /proc/<pid>/ files
    - PCI: fix issues with extended conf space when MMCONFIG disabled because of e820

  [ Sven Luther ]
  * [powerpc] Added console=hvsi0 too to CMDLINE to the powerpc64 flavour, for
    non-virtualized IBM power machines serial console.

 -- Bastian Blank <waldi@debian.org>  Fri, 11 Aug 2006 19:58:06 +0200

linux-2.6 (2.6.17-5) unstable; urgency=low

  [ Martin Michlmayr ]
  * [arm/nslu2] Enable CONFIG_USB_EHCI_SPLIT_ISO.  Closes: #378554

  [ maximilian attems ]
  * Add stable release 2.6.17.7:
    - BLOCK: Fix bounce limit address check
    - v4l/dvb: Fix budget-av frontend detection
    - v4l/dvb: Fix CI on old KNC1 DVBC cards
    - v4l/dvb: Fix CI interface on PRO KNC1 cards
    - v4l/dvb: Backport fix to artec USB DVB devices
    - v4l/dvb: Backport the DISEQC regression fix to 2.6.17.x
    - v4l/dvb: stradis: dont export MODULE_DEVICE_TABLE
    - pnp: suppress request_irq() warning
    - generic_file_buffered_write(): handle zero-length iovec segments
    - serial 8250: sysrq deadlock fix
    - Reduce ACPI verbosity on null handle condition
    - ieee80211: TKIP requires CRC32
    - Make powernow-k7 work on SMP kernels.
    - via-velocity: the link is not correctly detected when the device starts
    - Add missing UFO initialisations
    - USB serial ftdi_sio: Prevent userspace DoS (CVE-2006-2936)
    - cdrom: fix bad cgc.buflen assignment
    - splice: fix problems with sys_tee()
    - fix fdset leakage
    - struct file leakage
    - XFS: corruption fix
    - v4l/dvb: Kconfig: fix description and dependencies for saa7115 module
    - dvb-bt8xx: fix frontend detection for DViCO FusionHDTV DVB-T Lite rev 1.2
    - IB/mthca: restore missing PCI registers after reset
    - v4l/dvb: Backport the budget driver DISEQC instability fix
    - Fix IPv4/DECnet routing rule dumping
    - pdflush: handle resume wakeups
    - x86_64: Fix modular pc speaker
    - Fix powernow-k8 SMP kernel on UP hardware bug.
    - ALSA: RME HDSP - fixed proc interface (missing {})
    - ALSA: au88x0 - Fix 64bit address of MPU401 MMIO port
    - ALSA: Fix a deadlock in snd-rtctimer
    - ALSA: Fix missing array terminators in AD1988 codec support
    - ALSA: Fix model for HP dc7600
    - ALSA: Fix mute switch on VAIO laptops with STAC7661
    - ALSA: fix the SND_FM801_TEA575X dependencies
    - ALSA: Fix undefined (missing) references in ISA MIRO sound driver
    - ALSA: Fix workaround for AD1988A rev2 codec
    - ALSA: hda-intel - Fix race in remove
    - Suppress irq handler mismatch messages in ALSA ISA drivers
    - PKT_SCHED: Fix illegal memory dereferences when dumping actions
    - PKT_SCHED: Return ENOENT if action module is unavailable
    - PKT_SCHED: Fix error handling while dumping actions
    - generic_file_buffered_write(): deadlock on vectored write
    - ethtool: oops in ethtool_set_pauseparam()
    - memory hotplug: solve config broken: undefined reference to `online_page'
  * Add budget-av-compile-fix.patch stable compile fix.
  * Enable in all configs setting SND_FM801_TEA575X SND_FM801_TEA575X_BOOL=y.

 -- Bastian Blank <waldi@debian.org>  Sat, 29 Jul 2006 13:30:06 +0200

linux-2.6 (2.6.17-4) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.17.5:
    - Fix nasty /proc vulnerability (CVE-2006-3626)
  * Add stable release 2.6.17.6:
    - Relax /proc fix a bit
  * Set section of images to admin.

  [ dann frazier ]
  * [ia64] Drop the non-SMP flavours; they are not well maintained upstream.
    Note that the non-SMP flavours have been identical to the SMP builds
    since 2.6.13-1; this was to avoid having to drop then re-add these
    flavours if upstream resolved the issue - but that never happened.
    Note that this is a measurable performance penalty on non-SMP systems.

 -- Bastian Blank <waldi@debian.org>  Mon, 17 Jul 2006 11:08:41 +0200

linux-2.6 (2.6.17-3) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.17.2:
    - ide-io: increase timeout value to allow for slave wakeup
    - NTFS: Critical bug fix (affects MIPS and possibly others)
    - Link error when futexes are disabled on 64bit architectures
    - SCTP: Reset rtt_in_progress for the chunk when processing its sack.
    - SPARC32: Fix iommu_flush_iotlb end address
    - ETHTOOL: Fix UFO typo
    - UML: fix uptime
    - x86: compile fix for asm-i386/alternatives.h
    - bcm43xx: init fix for possible Machine Check
    - SCTP: Fix persistent slowdown in sctp when a gap ack consumes rx buffer.
    - kbuild: bugfix with initramfs
    - Input: return correct size when reading modalias attribute
    - ohci1394: Fix broken suspend/resume in ohci1394
    - idr: fix race in idr code
    - USB: Whiteheat: fix firmware spurious errors
    - libata: minor patch for ATA_DFLAG_PIO
    - SCTP: Send only 1 window update SACK per message.
    - PFKEYV2: Fix inconsistent typing in struct sadb_x_kmprivate.
    - SCTP: Limit association max_retrans setting in setsockopt.
    - SCTP: Reject sctp packets with broadcast addresses.
    - IPV6: Sum real space for RTAs.
    - IPV6 ADDRCONF: Fix default source address selection without
      CONFIG_IPV6_PRIVACY
    - IPV6: Fix source address selection.
  * Add stable release 2.6.17.3:
    - NETFILTER: SCTP conntrack: fix crash triggered by packet without chunks
    [CVE-2006-2934]
  * Deapply merged sparc32-iotlb.patch.
  * Fix README.Debian: Correct svn location, remove old boot param bswap
    reference, the asfs patch is in the Debian kernel. Remove reference to
    AMD 768 erratum 10, it was solved in 2.6.12. Add wording corrections.
  * Set CONFIG_SERIAL_8250_RN_UARTS=16 for all archs beside mips/m68k unless
    explicitly set on a specific value. (closes: 377151)
  * Add stable release 2.6.17.4:
    - fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)

  [ Sven Luther ]
  * Re-enabled fs-asfs patch.

  [ Thiemo Seufer ]
  * [mips,mipsel] Fix sb1 interrupt handlers.
  * [mips,mipsel] Fix devfs-induced build failure in sb1250 serial driver.
  * [mips] SGI ip22 RTC was broken, fixed thanks to Julien Blache.
  * [mips] Fix SGI ip22 serial console, thanks to Julien Blache.

  [ Martin Michlmayr ]
  * [arm/nslu2] Enable HFS and some other filesystems.
  * [arm/nslu2] Unset CONFIG_USB_STORAGE_DEBUG.  Closes: #377853.

 -- Bastian Blank <waldi@debian.org>  Thu, 13 Jul 2006 13:14:53 +0200

linux-2.6 (2.6.17-2) unstable; urgency=low

  [ Jurij Smakov ]
  * [sparc] Switch to gcc-4.1 as it produces a working kernel,
    while gcc-4.0 does not. No ABI bump neccessary, because
    2.6.17-1 sparc binaries never made it to the archive.
  * [sparc32] Add sparc32-iotlb.patch to fix DMA errors on sparc32.

  [ Sven Luther ]
  * [powerpc] Added console=hvc0 default commandline option to powerpc64 flavour.
  * [powerpc] Fixed mkvmlinuz support, which was missing from -1. (Closes: #375645)
  * [powerpc] Added PowerBook HID support for last-gen PowerBook keyboards.
    (Closes: #307327)

  [ Martin Michlmayr ]
  * [mipsel] Fix compilation error in dz serial driver.
  * [mipsel] Update configs.
  * [mipsel] Add a build fix for the Cobalt early console support.
  * [arm/nslu2] Disable SE Linux support for now so the kernel fits into flash.

  [ Christian T. Steigies ]
  * [m68k] Update patches for 2.6.17.
  * [m68k] Add m68k-as and m68k-macro patch which allow building with current binutils.
  * [m68k] Disable all subarches but amiga and mac for official linux-images.

  [ Kyle McMartin ]
  * [hppa] Update patchset (2.6.17-pa6) from parisc-linux.org.
    Which fixes relocation errors in modules with 64-bit kernels, and
    a softlockup on non-SMP flavours with gettimeofday.

 -- Bastian Blank <waldi@debian.org>  Thu, 29 Jun 2006 18:49:35 +0200

linux-2.6 (2.6.17-1) unstable; urgency=low

  [ Frederik Schüler ]
  * New upstream release.
  * [amd64] Use gcc 4.1.
  * [amd64] Drop amd64-generic flavor. We will use amd64-k8 for the
    installer.

  [ Martin Michlmayr ]
  * [mips] Update patches for 2.6.17.
  * [arm] Update configs.
  * [armeb] Update configs.

  [ Thiemo Seufer ]
  * [mips] Fix SWARM FPU detection.
  * [mips] Update configurations.

  [ Kyle McMartin ]
  * [hppa] Set PDC_CHASSIS_WARN to y.
  * [hppa] Update patchset (2.6.17-pa2) from parisc-linux.org.
  * [hppa] Change NR_CPUS to 8 from 32 on both SMP flavours.
  * [hppa] Set PARISC_PAGE_SIZE to 4K on all platforms.

  [ Bastian Blank ]
  * [s390] Use gcc 4.1.
  * [i386] Enable REGPARM.
  * [i386] Use gcc 4.1.
  * [powerpc] Disable prep.

  [ dann frazier ]
  * [ia64] Update configs
  * [ia64] Use gcc 4.1.

  [ maximilian attems ]
  * Add stable release 2.6.17.1:
    - xt_sctp: fix endless loop caused by 0 chunk length (CVE-2006-3085)

 -- Bastian Blank <waldi@debian.org>  Thu, 22 Jun 2006 12:13:15 +0200

linux-2.6 (2.6.16+2.6.17-rc3-0experimental.1) experimental; urgency=low

  [ Frederik Schüler ]
  * New upstream release candidate.
  * Switch HZ from 1000 to 250, following upstreams default.
  * Activate CONFIG_BCM43XX_DEBUG.

  [ maximilian attems ]
  * Disable broken and known unsecure LSM modules: CONFIG_SECURITY_SECLVL,
    CONFIG_SECURITY_ROOTPLUG. Upstream plans to remove them for 2.6.18

 -- Frederik Schüler <fs@debian.org>  Sun,  7 May 2006 17:06:29 +0200

linux-2.6.16 (2.6.16-18) unstable; urgency=high

  [ Sven Luther ]
  * [powerpc] Added console=hvsi0 too to CMDLINE to the powerpc64 flavour,
    for non-virtualized IBM power machines serial console.

  [ dann frazier ]
  * fs-ext3-bad-nfs-handle.patch: avoid triggering ext3_error on bad NFS
    file handle (CVE-2006-3468)
  * cdrom-bad-cgc.buflen-assign.patch: fix buffer overflow in dvd_read_bca
  * usb-serial-ftdi_sio-dos.patch: fix userspace DoS in ftdi_sio driver

  [ Bastian Blank ]
  * Update xen patch to changeset 9762.

 -- Frederik Schüler <fs@debian.org>  Fri, 18 Aug 2006 20:29:17 +0200

linux-2.6.16 (2.6.16-17) unstable; urgency=high

  [ Martin Michlmayr ]
  * Add stable release 2.6.16.22:
    - powernow-k8 crash workaround
    - NTFS: Critical bug fix (affects MIPS and possibly others)
    - JFS: Fix multiple errors in metapage_releasepage
    - SPARC64: Fix D-cache corruption in mremap
    - SPARC64: Respect gfp_t argument to dma_alloc_coherent().
    - SPARC64: Fix missing fold at end of checksums.
    - scsi_lib.c: properly count the number of pages in scsi_req_map_sg()
    - I2O: Bugfixes to get I2O working again
    - Missed error checking for intent's filp in open_namei().
    - tmpfs: time granularity fix for [acm]time going backwards
    - USB: Whiteheat: fix firmware spurious errors
    - fs/namei.c: Call to file_permission() under a spinlock in do_lookup_path()
  * Add stable release 2.6.16.23:
    - revert PARPORT_SERIAL should depend on SERIAL_8250_PCI patch
    - NETFILTER: SCTP conntrack: fix crash triggered by packet without
      chunks (CVE-2006-2934)
  * Add stable release 2.6.16.24:
    - fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
  * Add stable release 2.6.16.25:
    - Fix nasty /proc vulnerability (CVE-2006-3626)
  * Relax /proc fix a bit (Linus Torvalds)

  * [arm/nslu2] Unset CONFIG_USB_STORAGE_DEBUG.  Closes: #377853.
  * [mips] SGI ip22 RTC was broken, fixed thanks to Julien Blache.
  * [mips] Fix SGI ip22 serial console, thanks to Julien Blache.

  [ Bastian Blank ]
  * Fix vserver patch.

 -- Bastian Blank <waldi@debian.org>  Sat, 15 Jul 2006 17:18:49 +0200

linux-2.6.16 (2.6.16-16) unstable; urgency=low

  [ Sven Luther ]
  * [powerpc] Added console=hvc0 default commandline option to powerpc64 flavour.
  * [powerpc] Now THERM_PM72 and all WINDFARMs are builtin, for better fan control.

  [ Martin Michlmayr ]
  * [arm/nslu2] Disable SE Linux support for now so the kernel fits into
    flash.  Closes: #376926.

  [ Bastian Blank ]
  * [powerpc,powerpc-miboot] Enable OpenFirmware device tree support.
    (closes: #376012)

 -- Bastian Blank <waldi@debian.org>  Sat,  8 Jul 2006 17:57:57 +0200

linux-2.6.16 (2.6.16-15) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.16.18:
    - NETFILTER: SNMP NAT: fix memory corruption (CVE-2006-2444)
  * Add stable release 2.6.16.19:
    - NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
  * Add stable release 2.6.16.20:
    - x86_64: Don't do syscall exit tracing twice
    - Altix: correct ioc4 port order
    - Input: psmouse - fix new device detection logic
    - PowerMac: force only suspend-to-disk to be valid
    - the latest consensus libata resume fix
    - Altix: correct ioc3 port order
    - Cpuset: might sleep checking zones allowed fix
    - ohci1394, sbp2: fix "scsi_add_device failed" with PL-3507 based devices
    - sbp2: backport read_capacity workaround for iPod
    - sbp2: fix check of return value of hpsb_allocate_and_register_addrspace
    - x86_64: x86_64 add crashdump trigger points
    - ipw2200: Filter unsupported channels out in ad-hoc mode
  * Add stable release 2.6.16.21:
    - check_process_timers: fix possible lockup
    - run_posix_cpu_timers: remove a bogus BUG_ON() (CVE-2006-2445)
    - xt_sctp: fix endless loop caused by 0 chunk length (CVE-2006-3085)
    - powerpc: Fix machine check problem on 32-bit kernels (CVE-2006-2448)

  [ Christian T. Steigies ]
  * [m68k] Add mac via patch from Finn Thain.
  * [m68k] Enable INPUT_EVDEV.

  [ Martin Michlmayr ]
  * [mips/b1-bcm91250a] Enable SMP.
  * [mips] Add a compile fix for the Maxine fb.
  * [mipsel] Add a patch that let's you enable serial console on DECstation.
  * [mipsel] Add a patch to get SCSI working on DECstation.
  * [mipsel] Handle memory-mapped RTC chips properly.
  * [mipsel] Add configs for r3k-kn02 and r4k-kn04 DECstation.
  * [arm] Allow RiscPC machines to boot an initrd (tagged list fix).
  * [arm/nslu2] Enable many modules.
  * [arm] Build loop support as a module.
  * [arm] Use the generic netfilter configuration.
  * [arm/footbridge] Enable sound.

  [ Kyle McMartin ]
  * [hppa] Pulled patch from cvs to fix build of kernel/ptrace.c which needs
    {read,write}_can_lock.
  * [hppa] Disable CONFIG_DETECT_SOFTLOCKUP to fix boot on pa8800 machines.

  [ Sven Luther ]
  * [powerpc,prep] Added a new ARCH=ppc PReP flavour, currently mostly a copy
    of the -powerpc one.
  * Upgraded mkvmlinuz dependency to mkvmlinuz 21.

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2-rc21.
  * Bump build-dependency on kernel-package to 10.049.

  [ Jurij Smakov ]
  * Add dcache-memory-corruption.patch to fix the mremap(), occasionally
    triggered on sparc in the form of dpkg database corruption. Affects
    sparc64, mips and generic includes. Thanks to David Miller, original
    patch is included in 2.6.17.
    Ref: http://marc.theaimsgroup.com/?l=linux-sparc&m=114920963824047&w=2
  * Add sparc32-iotlb.patch to fix the DMA errors encountered with latest
    kernels on sparc32, in particularly HyperSparcs. Thanks to Bob Breuer.
    Ref: http://marc.theaimsgroup.com/?l=linux-sparc&m=115077649707675&w=2

 -- Bastian Blank <waldi@debian.org>  Wed, 21 Jun 2006 14:09:11 +0200

linux-2.6 (2.6.16-14) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.16.16:
    - fs/locks.c: Fix lease_init (CVE-2006-1860)
  * Make i386 xen images recommend libc6-xen.
  * Update vserver patch to 2.0.2-rc20.
  * Update xen patch to changeset 9687.

  [ Christian T. Steigies ]
  * [m68k] Add generic m68k ide fix.
  * [m68k] Add cross-compile instructions.
  * [m68k] Enable INPUT_EVDEV for yaird.
  * [m68k] sun3 general compile and scsi fixes, enable sun3 SCSI again.

  [ dann frazier ]
  * cs4281 - Fix the check of timeout in probe to deal with variable HZ.
    (closes: #361197)

  [ Norbert Tretkowski ]
  * [alpha] Readded patch to support prctl syscall, got lost when upgrading
    to 2.6.16.

  [ Frederik Schüler ]
  * Add stable release 2.6.16.17:
    - SCTP: Validate the parameter length in HB-ACK chunk (CVE-2006-1857)
    - SCTP: Respect the real chunk length when walking parameters
      (CVE-2006-1858)
    - ptrace_attach: fix possible deadlock schenario with irqs
    - Fix ptrace_attach()/ptrace_traceme()/de_thread() race
    - page migration: Fix fallback behavior for dirty pages
    - add migratepage address space op to shmem
    - Remove cond_resched in gather_stats()
    - VIA quirk fixup, additional PCI IDs
    - PCI quirk: VIA IRQ fixup should only run for VIA southbridges
    - Fix udev device creation
    - limit request_fn recursion
    - PCI: correctly allocate return buffers for osc calls
    - selinux: check for failed kmalloc in security_sid_to_context()
    - TG3: ethtool always report port is TP.
    - Netfilter: do_add_counters race, possible oops or info leak
      (CVE-2006-0039)
    - scx200_acb: Fix resource name use after free
    - smbus unhiding kills thermal management
    - fs/compat.c: fix 'if (a |= b )' typo
    - smbfs: Fix slab corruption in samba error path
    - fs/locks.c: Fix sys_flock() race
    - USB: ub oops in block_uevent
    - via-rhine: zero pad short packets on Rhine I ethernet cards
    - md: Avoid oops when attempting to fix read errors on raid10

 -- Bastian Blank <waldi@debian.org>  Mon, 22 May 2006 14:56:11 +0200

linux-2.6 (2.6.16-13) unstable; urgency=low

  [ Frederik Schüler ]
  * Add stable release 2.6.16.14:
    - smbfs chroot issue (CVE-2006-1864)

  [ Bastian Blank ]
  * Don't make headers packages depend on images.
  * Bump abiname to 2. (closes: #366291)
  * Update vserver patch to 2.0.2-rc19.
  * Update xen patch to changeset 9668.
  * Remove abi fixes.
  * Add stable release 2.6.16.15:
    - SCTP: Allow spillover of receive buffer to avoid deadlock. (CVE-2006-2275)
    - SCTP: Fix panic's when receiving fragmented SCTP control chunks. (CVE-2006-2272)
    - SCTP: Fix state table entries for chunks received in CLOSED state. (CVE-2006-2271)
    - SCTP: Prevent possible infinite recursion with multiple bundled DATA. (CVE-2006-2274)
  * Switch HZ from 1000 to 250.

  [ Christian T. Steigies ]
  * [m68k] Add patches that allow building images for atari
  * [m68k] Enable atyfb driver for atari

 -- Bastian Blank <waldi@debian.org>  Wed, 10 May 2006 18:58:44 +0200

linux-2.6 (2.6.16-12) unstable; urgency=low

  [ Bastian Blank ]
  * Add stable release 2.6.16.12:
    - dm snapshot: fix kcopyd destructor
    - x86_64: Pass -32 to the assembler when compiling the 32bit vsyscall pages
    - for_each_possible_cpu
    - Simplify proc/devices and fix early termination regression
    - sonypi: correct detection of new ICH7-based laptops
    - MIPS: Fix tx49_blast_icache32_page_indexed.
    - NET: e1000: Update truesize with the length of the packet for packet split
    - i386: fix broken FP exception handling
    - tipar oops fix
    - USB: fix array overrun in drivers/usb/serial/option.c
    - Altix snsc: duplicate kobject fix
    - Alpha: strncpy() fix
    - LSM: add missing hook to do_compat_readv_writev()
    - Fix reiserfs deadlock
    - make vm86 call audit_syscall_exit
    - fix saa7129 support in saa7127 module for pvr350 tv out
    - dm flush queue EINTR
    - get_dvb_firmware: download nxt2002 firmware from new driver location
    - cxusb-bluebird: bug-fix: power down corrupts frontend
    - x86_64: Fix a race in the free_iommu path.
    - MIPS: Use "R" constraint for cache_op.
    - MIPS: R2 build fixes for gcc < 3.4.
    - cs5535_gpio.c: call cdev_del() during module_exit to unmap kobject references and other cleanups
    - MIPS: Fix branch emulation for floating-point exceptions.
    - x86/PAE: Fix pte_clear for the >4GB RAM case
  * Add stable release 2.6.16.13:
    - NETFILTER: SCTP conntrack: fix infinite loop (CVE-2006-1527)
  * Remove merged patches.
  * Rediff xen patch.
  * Bump build-dependency on kernel-package to 10.047.

  [ Martin Michlmayr ]
  * [arm] Enable cramfs for ixp4xx and rpc.

 -- Bastian Blank <waldi@debian.org>  Thu,  4 May 2006 11:37:26 +0200

linux-2.6 (2.6.16-11) unstable; urgency=low

  * Update vserver patch to 2.0.2-rc18.
    - Limit ccaps to root inside a guest (CVE-2006-2110)
  * Conflict with known broken grub versions. (closes: #361308)
  * Enable s390 vserver image.
  * Enable xen and xen-vserver images.
  * Use localversion for kernel-package images. (closes: #365505)

 -- Bastian Blank <waldi@debian.org>  Mon,  1 May 2006 16:38:45 +0200

linux-2.6 (2.6.16-10) unstable; urgency=low

  [ Norbert Tretkowski ]
  * [alpha] Added backport of for_each_possible_cpu() to fix alpha build.
    (closes: #364206)
  * Add stable release 2.6.16.10:
    - IPC: access to unmapped vmalloc area in grow_ary()
    - Add more prevent_tail_call()
    - alim15x3: ULI M-1573 south Bridge support
    - apm: fix Armada laptops again
    - fbdev: Fix return error of fb_write
    - Fix file lookup without ref
    - m41t00: fix bitmasks when writing to chip
    - Open IPMI BT overflow
    - x86: be careful about tailcall breakage for sys_open[at] too
    - x86: don't allow tail-calls in sys_ftruncate[64]()
    - IPV6: XFRM: Fix decoding session with preceding extension header(s).
    - IPV6: XFRM: Don't use old copy of pointer after pskb_may_pull().
    - IPV6: Ensure to have hop-by-hop options in our header of &sk_buff.
    - selinux: Fix MLS compatibility off-by-one bug
    - PPC: fix oops in alsa powermac driver
    - MTD_NAND_SHARPSL and MTD_NAND_NANDSIM should be tristate's
    - i2c-i801: Fix resume when PEC is used
    - Fix hotplug race during device registration
    - Fix truesize underflow
    - efficeon-agp: Add missing memory mask
    - 3ware 9000 disable local irqs during kmap_atomic
    - 3ware: kmap_atomic() fix

  [ maximilian attems ]
  * Add stable release 2.6.16.11:
    -  Don't allow a backslash in a path component (CVE-2006-1863)

 -- Bastian Blank <waldi@debian.org>  Tue, 25 Apr 2006 13:56:19 +0200

linux-2.6 (2.6.16-9) unstable; urgency=low

  [ maximilian attems ]
  * Add stable release 2.6.16.8:
    - ip_route_input panic fix (CVE-2006-1525)
  * Add stable release 2.6.16.9:
    - i386/x86-64: Fix x87 information leak between processes (CVE-2006-1056)

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2-rc17.

 -- Bastian Blank <waldi@debian.org>  Thu, 20 Apr 2006 15:37:28 +0200

linux-2.6 (2.6.16-8) unstable; urgency=low

  * Fix ABI-breakage introduced in -7. (closes: #363032)
  * Add stable release 2.6.16.6:
    - ext3: Fix missed mutex unlock
    - RLIMIT_CPU: fix handling of a zero limit
    - alpha: SMP boot fixes
    - m32r: security fix of {get, put}_user macros
    - m32r: Fix cpu_possible_map and cpu_present_map initialization for SMP kernel
    - shmat: stop mprotect from giving write permission to a readonly attachment (CVE-2006-1524)
    - powerpc: fix incorrect SA_ONSTACK behaviour for 64-bit processes
    - MPBL0010 driver sysfs permissions wide open
    - cciss: bug fix for crash when running hpacucli
    - fuse: fix oops in fuse_send_readpages()
    - Fix utime(2) in the case that no times parameter was passed in.
    - Fix buddy list race that could lead to page lru list corruptions
    - NETFILTER: Fix fragmentation issues with bridge netfilter
    - USB: remove __init from usb_console_setup
    - Fix suspend with traced tasks
    - isd200: limit to BLK_DEV_IDE
    - edac_752x needs CONFIG_HOTPLUG
    - fix non-leader exec under ptrace
    - sky2: bad memory reference on dual port cards
    - atm: clip causes unregister hang
    - powerpc: iSeries needs slb_initialize to be called
    - Fix block device symlink name
    - Incorrect signature sent on SMB Read
  * Add stable release 2.6.16.7:
    - fix MADV_REMOVE vulnerability (CVE-2006-1524 for real this time)

 -- Bastian Blank <waldi@debian.org>  Tue, 18 Apr 2006 16:22:31 +0200

linux-2.6 (2.6.16-7) unstable; urgency=low

  [ Frederik Schüler ]
  * Add stable release 2.6.16.3:
    - Keys: Fix oops when adding key to non-keyring (CVE-2006-1522)

  [ Bastian Blank ]
  * Add stable release 2.6.16.4:
    - RCU signal handling (CVE-2006-1523)

  [ Sven Luther ]
  * [powerpc] Transitioned mkvmlinuz support patch to the 2.6.16 ARCH=powerpc
    tree. PReP is broken in 2.6.16 though.

  [ maximilian attems ]
  * Add stable release 2.6.16.5:
   - x86_64: Clean up execve
   - x86_64: When user could have changed RIP always force IRET (CVE-2006-0744)
  * Disable CONFIG_SECCOMP (adds useless overhead on context-switch) -
    thanks to fs for checking abi.

  [ Christian T. Steigies ]
  * [m68k] update m68k patch and config to 2.6.16, temporarily disable atari

 -- Bastian Blank <waldi@debian.org>  Sat, 15 Apr 2006 13:56:05 +0200

linux-2.6 (2.6.16-6) unstable; urgency=medium

  [ Bastian Blank ]
  * Provide version infos in support package and don't longer rely on the
    changelog.
  * [amd64/i386] Enable cpu hotplug support.

  [ maximilian attems ]
  * Add stable release 2.6.16.2:
    - PCMCIA_SPECTRUM must select FW_LOADER
    - drivers/net/wireless/ipw2200.c: fix an array overun
    - AIRO{,_CS} <-> CRYPTO fixes
    - tlclk: fix handling of device major
    - fbcon: Fix big-endian bogosity in slow_imageblit()
    - Fix NULL pointer dereference in node_read_numastat()
    - USB: EHCI full speed ISO bugfixes
    - Mark longhaul driver as broken.
    - fib_trie.c node freeing fix
    - USB: Fix irda-usb use after use
    - sysfs: zero terminate sysfs write buffers (CVE-2006-1055)
    - USB: usbcore: usb_set_configuration oops (NULL ptr dereference)
    - pcmcia: permit single-character-identifiers
    - hostap: Fix EAPOL frame encryption
    - wrong error path in dup_fd() leading to oopses in RCU
    - {ip, nf}_conntrack_netlink: fix expectation notifier unregistration
    - isicom must select FW_LOADER
    - knfsd: Correct reserved reply space for read requests.
    - Fix module refcount leak in __set_personality()
    - sbp2: fix spinlock recursion
    - powerpc: make ISA floppies work again
    - opti9x - Fix compile without CONFIG_PNP
    - Add default entry for CTL Travel Master U553W
    - Fix the p4-clockmod N60 errata workaround.
    - kdump proc vmcore size oveflow fix

 -- Bastian Blank <waldi@debian.org>  Mon, 10 Apr 2006 16:09:51 +0200

linux-2.6 (2.6.16-5) unstable; urgency=low

  [ Bastian Blank ]
  * Provide real dependency packages for module building.
    - Add linux-headers-$version-$abiname-all and
      linux-headers-$version-$abiname-all-$arch.
  * Rename support package to linux-support-$version-$abiname.
  * Fix module package output.
  * Include .kernelrelease in headers packages. (closes: #359813)
  * Disable Cumana partition support completely. (closes: #359207)
  * Update vserver patch to 2.0.2-rc15.

  [ dann frazier ]
  * [ia64] initramfs-tools works now, no longer restrict initramfs-generators

 -- Bastian Blank <waldi@debian.org>  Mon,  3 Apr 2006 14:00:08 +0200

linux-2.6 (2.6.16-4) unstable; urgency=medium

  [ Martin Michlmayr ]
  * [arm/armeb] Update nslu2 config.
  * Add stable release 2.6.16.1:
    - Fix speedstep-smi assembly bug in speedstep_smi_ownership
    - DMI: fix DMI onboard device discovery
    - cciss: fix use-after-free in cciss_init_one
    - DM: Fix bug: BIO_RW_BARRIER requests to md/raid1 hang.
    - fix scheduler deadlock
    - proc: fix duplicate line in /proc/devices
    - rtc.h broke strace(1) builds
    - dm: bio split bvec fix
    - v9fs: assign dentry ops to negative dentries
    - i810fb_cursor(): use GFP_ATOMIC
    - NET: Ensure device name passed to SO_BINDTODEVICE is NULL terminated.
    - XFS writeout fix
    - sysfs: fix a kobject leak in sysfs_add_link on the error path
    - get_cpu_sysdev() signedness fix
    - firmware: fix BUG: in fw_realloc_buffer
    - sysfs: sysfs_remove_dir() needs to invalidate the dentry
    - TCP: Do not use inet->id of global tcp_socket when sending RST (CVE-2006-1242)
    - 2.6.xx: sata_mv: another critical fix
    - Kconfig: VIDEO_DECODER must select FW_LOADER
    - V4L/DVB (3324): Fix Samsung tuner frequency ranges
    - sata_mv: fix irq port status usage

 -- Bastian Blank <waldi@debian.org>  Tue, 28 Mar 2006 17:19:10 +0200

linux-2.6 (2.6.16-3) unstable; urgency=low

  [ Frederik Schüler ]
  * [amd64] Add asm-i386 to the linux-headers packages.

  [ Jonas Smedegaard ]
  * Tighten yaird dependency to at least 0.0.12-8 (supporting Linux
    2.6.16 uppercase hex in Kconfig and new IDE sysfs naming, and VIA
    IDE on powerpc).

  [ Martin Michlmayr ]
  * [arm/armeb] Enable CONFIG_NFSD on NSLU2 again.  Closes: #358709.
  * [arm/footbridge] CONFIG_NE2K_PCI should be a module, not built-in.
  * [arm/footbridge] Enable CONFIG_BLK_DEV_IDECD=m since the CATS can
    have a CD-ROM drive.
  * [mips/sb1*] Use ttyS rather than duart as the name for the serial
    console since the latter causes problems with debian-installer.

  [ Bastian Blank ]
  * Update vserver patch to 2.0.2-rc14.
    - Fix sendfile. (closes: #358391, #358752)

 -- Bastian Blank <waldi@debian.org>  Mon, 27 Mar 2006 16:08:20 +0200

linux-2.6 (2.6.16-2) unstable; urgency=low

  [ dann frazier ]
  * [ia64] Set unconfigured options:
      CONFIG_PNP_DEBUG=n and CONFIG_NET_SB1000=m
  * [hppa] Update config for 2.6.16

  [ Martin Michlmayr ]
  * [mips/mipsel] Put something in the generic config file because diff
    will otherwise remove the empty file, causing the build to fail.
  * [mipsel/r5k-cobalt] Set CONFIG_PACKET=y.
  * [arm] Set CONFIG_MACLIST=y for ixp4xx because nas100d needs it.

  [ Frederik Schüler ]
  * Add Maximilian Attems to uploaders list.

 -- Martin Michlmayr <tbm@cyrius.com>  Wed, 22 Mar 2006 15:15:14 +0000

linux-2.6 (2.6.16-1) unstable; urgency=low

  [ Bastian Blank ]
  * New upstream release.
  * Default to initramfs-tools 0.55 or higher on s390.

  [ maximilian attems ]
  * Default to initramfs-tools on arm and armeb.

  [ Martin Michlmayr ]
  * [mips/mipsel] Add an image for the Broadcom BCM91480B evaluation board
    (aka "BigSur").
  * [arm, armeb] Enable the netconsole module.
  * [mipsel/cobalt] Enable the netconsole module.
  * [mips] SB1: Fix interrupt disable hazard (Ralf Baechle).
  * [mips] SB1: Support for 1480 ethernet (Broadcom).
  * [mips] SB1: Support for NAPI (Tom Rix).
  * [mips] SB1: DUART support (Broadcom).
  * [mips] Work around bad code generation for <asm/io.h> (Ralf Baechle).
  * [mips] Fix VINO drivers when using a 64-bit kernel (Mikael Nousiainen).
  * [arm/armeb] Update configs for 2.6.16.
  * [mips/mipsel] Update configs for 2.6.16.
  * [arm/armeb] Enable the SMB module on NSLU2.
  * [mipsel] Enable parallel port modules for Cobalt since there are PCI
    cards that can be used in a Qube.
  * [mipsel] Enable the JFS module on Cobalt.

  [ dann frazier ]
  * [ia64] use yaird on ia64 until #357414 is fixed
  * [ia64] Update configs for 2.6.16

 -- Bastian Blank <waldi@debian.org>  Tue, 21 Mar 2006 16:12:16 +0100

linux-2.6 (2.6.15+2.6.16-rc5-0experimental.1) experimental; urgency=low

  [ Frederik Schüler ]
  * New upstream release candidate.

  [ Martin Michlmayr ]
  * Add initial mips/mipsel 2.6 kernels.
  * Important changes compared to the 2.4 kernels:
    - Drop the XXS1500 flavour since there's little interest in it.
    - Drop the LASAT flavour since these machines never went into
      production.
    - Drop the IP22 R5K (Indy, Indigo2) flavour since the IP22 R4K
      image now also works on machines with a R5K CPU.
    - Add an image for SGI IP32 (O2).
    - Rename the sb1-swarm-bn flavour to sb1-bcm91250a.
    - Enable PCI network (and other) modules on Cobalt.  Closes: #315895.
  * Add various MIPS related patches:
    - Fix iomap compilation on machines without COW.
    - Improve gettimeofday on MIPS.
    - Fix an oops on IP22 zerilog (serial console).
    - Improve IDE probing so it won't take so long on Cobalt.
    - Probe for IDE disks on SWARM.
    - Test whether there's a scache (fixes Cobalt crash).
    - Add Tulip fixes for Cobalt.
  * Fix a typo in the description of the linux-doc-* package,
    thanks Justin Pryzby.  Closes: #343424.
  * [arm] Enable nfs and nfsd modules.
  * [arm/footbride] Suggest nwutil (Netwinder utilities).

 -- Frederik Schüler <fs@debian.org>  Thu,  9 Mar 2006 14:13:17 +0000

linux-2.6 (2.6.15+2.6.16-rc4-0experimental.1) experimental; urgency=low

  [ Frederik Schüler ]
  * New upstream release.
  * Activate CONFIG_DVB_AV7110_OSD on alpha amd64 and ia64.
    Closes: #353292
  * Globally enable NAPI on all network card drivers which support it.

  [ maximilian attems ]
  * Drop fdutils from i386 and amd64 Suggests.
  * Swap lilo and grub Suggests for i386 and amd64.

  [ Jurij Smakov ]
  * Make sure that LOCALVERSION environment variable is not
    passed to a shell while invoking make-kpkg, since it
    appends it to the version string, breaking the build.
    Closes: #349472
  * [sparc32] Re-enable the building of sparc32 images.
  * [sparc64] Re-add (partial) sparc64-atyf-xl-gr.patch, since it
    was only partially applied upstream, so the problem (garbled
    screen output on SunBlade 100) is still present. Thanks to
    Luis Ortiz for pointing it out.
  * Bump the build-dep on kernel-package to 10.035, which fixes
    the problem with building documentation packages.

  [ Martin Michlmayr ]
  * [sparc] Add sys_newfstatat -> sys_fstatat64 fix from git.
  * [arm] Update configs for 2.6.16-rc3.
  * [armeb] Update configs for 2.6.16-rc3.
  * [arm/armeb] Fix compilation error on NSLU2 due to recent flash
    changes.
  * [arm/armeb] Fix a compilation error in the IXP4xx beeper support
    (Alessandro Zummo).

  [ Norbert Tretkowski ]
  * [alpha] Update arch/alpha/config* for 2.6.16-rc3.

 -- Bastian Blank <waldi@debian.org>  Fri, 24 Feb 2006 16:02:11 +0000

linux-2.6 (2.6.15-8) unstable; urgency=high

  [ maximilian attems ]
  * Add stable Release 2.6.15.5:
    - Fix deadlock in br_stp_disable_bridge
    - Fix a severe bug
    - i386: Move phys_proc_id/early intel workaround to correct function
    - ramfs: update dir mtime and ctime
    - sys_mbind sanity checking
    - Fix s390 build failure.
    - Revert skb_copy_datagram_iovec() recursion elimination.
    - s390: add #ifdef __KERNEL__ to asm-s390/setup.h
    - netfilter missing symbol has_bridge_parent
    - hugetlbfs mmap ENOMEM failure
    - IB/mthca: max_inline_data handling tweaks
    - it87: Fix oops on removal
    - hwmon it87: Probe i2c 0x2d only
    - reiserfs: disable automatic enabling of reiserfs inode attributes
    - Fix snd-usb-audio in 32-bit compat environment
    - dm: missing bdput/thaw_bdev at removal
    - dm: free minor after unlink gendisk
    - gbefb: IP32 gbefb depth change fix
    - shmdt cannot detach not-alined shm segment cleanly.
    - Address autoconfiguration does not work after device down/up cycle
    - gbefb: Set default of FB_GBE_MEM to 4 MB
    - XFS ftruncate() bug could expose stale data (CVE-2006-0554)
    - sys_signal: initialize ->sa_mask
    - do_sigaction: cleanup ->sa_mask manipulation
    - fix zap_thread's ptrace related problems
    - fix deadlock in ext2
    - cfi: init wait queue in chip struct
    - sd: fix memory corruption with broken mode page headers
    - sbp2: fix another deadlock after disconnection
    - skge: speed setting
    - skge: fix NAPI/irq race
    - skge: genesis phy initialization fix
    - skge: fix SMP race
    - x86_64: Check for bad elf entry address (CVE-2006-0741)
    - alsa: fix bogus snd_device_free() in opl3-oss.c
    - ppc32: Put cache flush routines back into .relocate_code section
    - sys32_signal() forgets to initialize ->sa_mask
    - Normal user can panic NFS client with direct I/O (CVE-2006-0555)
  * Deactivate merged duplicates: s390-klibc-buildfix.patch,
    powerpc-relocate_code.patch.
  * Add stable Release 2.6.15.6:
    - Don't reset rskq_defer_accept in reqsk_queue_alloc
    - fs/nfs/direct.c compile fix
    - mempolicy.c compile fix, make sure BITS_PER_BYTE is defined
    - [IA64] die_if_kernel() can return (CVE-2006-0742)

  [ Sven Luther ]
  * [powerpc] Disabled CONFIG_IEEE1394_SBP2_PHYS_DMA, which was broken on
    powerpc64, as it used the long deprecated bus_to_virt symbol.
    (Closes: #330225)
  * [powerpc] Fixed gettimeofday breakage causing clock drift.

 -- Bastian Blank <waldi@debian.org>  Mon,  6 Mar 2006 11:06:28 +0100

linux-2.6 (2.6.15-7) unstable; urgency=low

  [ Norbert Tretkowski ]
  * [alpha] Disabled CONFIG_ALPHA_LEGACY_START_ADDRESS for -alpha-generic and
    -alpha-smp flavours, and introduced a new -alpha-legacy flavour for MILO
    based machines, which has CONFIG_ALPHA_LEGACY_START_ADDRESS enabled.
    (closes: #352186)
  * [alpha] Added new patch to support prctl syscall. (closes: #349765)
  * [i386] Renamed kernel-image-2.6-486 to kernel-image-2.6-386, it's meant for
    transition only, and kernel-image-2.6-386 is the package name in sarge.

  [ Jurij Smakov ]
  * Bump build-dependency on kernel-package to 10.035, which is fixed
    to build the documentation packages again.
    Closes: #352000, #348332

  [ Frederik Schüler ]
  * Activate CONFIG_DVB_AV7110_OSD on alpha amd64 and ia64.
    Closes: #353292
  * Deactivate CONFIG_FB_ATY_XL_INIT on all architectures: it is broken and
    already removed in 2.6.16-rc.
    Closes: #353310

  [ Christian T. Steigies ]
  * [m68k] build in cirrusfb driver

 -- Bastian Blank <waldi@debian.org>  Tue, 21 Feb 2006 17:35:21 +0000

linux-2.6 (2.6.15-6) unstable; urgency=low

  [ Bastian Blank ]
  * Moved the mkvmlinuz support patch modification to a -1 version of the
    patch.

  [ maximilian attems ]
  * Add stable treee 2.6.15.4
    - PCMCIA=m, HOSTAP_CS=y is not a legal configuration
    - Input: iforce - do not return ENOMEM upon successful allocation
    - x86_64: Let impossible CPUs point to reference per cpu data
    - x86_64: Clear more state when ignoring empty node in SRAT parsing
    - x86_64: Dont record local apic ids when they are disabled in MADT
    - Fix keyctl usage of strnlen_user()
    - Kill compat_sys_clock_settime sign extension stub.
    - Input: grip - fix crash when accessing device
    - Input: db9 - fix possible crash with Saturn gamepads
    - Input: iforce - fix detection of USB devices
    - Fixed hardware RX checksum handling
    - SCSI: turn off ordered flush barriers
    - Input: mousedev - fix memory leak
    - seclvl settime fix
    - fix regression in xfs_buf_rele
    - md: remove slashes from disk names when creation dev names in sysfs
    - d_instantiate_unique / NFS inode leakage
    - dm-crypt: zero key before freeing it
    - bridge: netfilter races on device removal
    - bridge: fix RCU race on device removal
    - SELinux: fix size-128 slab leak
    - __cmpxchg() must really always be inlined
    - emu10k1 - Fix the confliction of 'Front' control
    - Input: sidewinder - fix an oops
  * Deactivate merged alpha-cmpxchg-inline.patch, sparc64-clock-settime.patch.

  [ Christian T. Steigies ]
  * [m68k] Add fix for m68k/buddha IDE and m68k/mac SCSI driver
  * [m68k] Patch by Peter Krummrich to stop flickering pixels with PicassoII
  * [m68k] make Amiga keyboard usable again, patch by Roman Zippel
  * [m68k] prevent wd33c93 SCSI driver from crashing the kernel, patch by Roman Zippel
  * [m68k] remove SBCs from VME descriptions (closes: #351924)

 -- Frederik Schüler <fs@debian.org>  Fri, 10 Feb 2006 15:33:21 +0000

linux-2.6 (2.6.15-5) unstable; urgency=low

  [ Martin Michlmayr ]
  * Add a fix for the input support for the ixp4xx beeper driver from
    2.6.16-rc2.
  * Add stable tree 2.6.15.3:
    - Fix extra dst release when ip_options_echo fails (CVE-2006-0454)

  [ Sven Luther ]
  * [powerpc] Removed -o root -g root option to mkvmlinuz support patch.
    (Closes: #351412)

 -- Sven Luther <luther@debian.org>  Tue,  7 Feb 2006 19:23:14 +0000

linux-2.6 (2.6.15-4) unstable; urgency=low

  [ Jurij Smakov ]
  * [sparc64] Add sparc64-clock-settime.patch to fix the incorrect
    handling of the clock_settime syscall arguments, which resulted
    in a hang when trying to set the date using 'date -s'. Patch
    by David Miller is applied upstream. Thanks to Ludovic Courtes
    and Frans Pop for reporting and testing.
    Ref: http://marc.theaimsgroup.com/?t=113861017400002&r=1&w=2

  [ Christian T. Steigies ]
  * [m68k] update m68k patch and config to 2.6.15
  * [m68k] SCSI drivers need to be built in until ramdisk generator tools
    supports loading scsi modules
  * [m68k] ISCSI and IDE-TAPE don't compile, disabled
  * [m68k] set CC_OPTIMIZE_FOR_SIZE=n
  * [m68k] added vmeints patch which fixes building for vme

  [ maximilian attems ]
  * Use initramfs-tools for ia64 - fixed klibc.
  * Add stable tree 2.6.15.2:
    - Fix double decrement of mqueue_mnt->mnt_count in sys_mq_open
    - (CVE-2005-3356)
    - Mask off GFP flags before swiotlb_alloc_coherent
    - usb-audio: don't use empty packets at start of playback
    - Make second arg to skb_reserved() signed.
    - Input: HID - fix an oops in PID initialization code
    - Fix oops in ufs_fill_super at mount time
    - Kill blk_attempt_remerge()
    - Fix i2o_scsi oops on abort
    - Fix mkiss locking bug
    - Fix timekeeping on sparc64 ultra-IIe machines
    - Someone broke reiserfs v3 mount options and this fixes it
  * Deactivate sparc64-jumping-time.patch, amd64-pppd-fix.patch incl in aboves.
  * Add s390-klibc-buildfix.patch, regression due to header file changes.

  [ Steve Langasek ]
  * [alpha] set __attribute__((always_inline)) on __cmpxchg(), to avoid
    wrong optimizations with -Os (Closes: #347556).

  [ Martin Michlmayr ]
  * Add input support for the ixp4xx beeper driver (Alessandro Zummo).
  * [arm] Add NSLU2 specific portion of ixp4xx beeper driver (Alessandro Zummo).
  * [arm/nslu2] Build PPP as a module.
  * [arm/nslu2] Enable wireless.
  * [arm/nslu2] Enable most USB modules.
  * [arm/nslu2] Enable ALSA and USB sound modules.
  * [arm/nslu2] Set 4 MB as the size of the initrd in the kernel cmd line.
  * [arm/footbridge] Set CONFIG_BLK_DEV_RAM_SIZE to 8192.
  * [armeb] Add support for big-endian ARM.
  * [armeb/nslu2] Use the nslu2 config from arm.

  [ Frederik Schüler ]
  * [amd64] Add amd64-pppd-fix.patch to fix kernel panic when using pppd.
    (Closes: #347711)
  * Add 64bit-vidiocswin-ioctl-fix.patch to fix VIDIOCSWIN ioctl on 64bit
    kernel 32bit userland setups. (Closes: #349338)

  [ Sven Luther ]
  * [powerpc] Adapted apus config file to be more modular and in sync with the
    other powerpc configs. Scsi drivers are disabled as they don't build
    cleanly though (need some esp stuff).
  * [powerpc] Default to initramfs-tools as initramfs generator, as klibc
    build is fixed now.

  [ Bastian Blank ]
  * [powerpc] Fix dependencies of image packages.

 -- maximilian attems <maks@sternwelten.at>  Wed,  1 Feb 2006 11:34:20 +0100

linux-2.6 (2.6.15-3) unstable; urgency=low

  [ Martin Michlmayr ]
  * [arm] Update configs for 2.6.15; closes: #347998.
  * [arm] Activate tmpfs.
  * [arm] Allow modules to be unloaded.
  * [arm] Enable CONFIG_INPUT_EVDEV since yaird needs this module in
    order to generate initrds.
  * [arm/footbridge] Activate IDEPCI so SL82C105 will really be
    compiled in.
  * [arm/footbridge] Activate the right network drivers (Tulip and
    NE2K).
  * [arm/footbridge] Enable more framebuffer drivers.
  * debian/patches/arm-fix-dc21285.patch: Fix compilation of DC21285
    flash driver.
  * [arm/footbridge] Enable MTD and the DC21285 flash driver.
  * [arm/footbridge] Enable RAID and LVM modules.
  * [arm/footbridge] Enable USB modules.
  * [arm/nslu2] Add an image for Network Storage Link for USB 2.0 Disk
    Drives.
  * debian/patches/arm-memory-h-page-shift.patch: Fix error "PAGE_SHIFT
    undeclared" (Rod Whitby).
  * debian/patches/mtdpart-redboot-fis-byteswap.patch: recognise a foreign
    endian RedBoot partition table (John Bowler).
  * debian/patches/maclist.patch: Add support for the maclist interface
    (John Bowler).
  * debian/patches/arm-nslu2-maclist.patch: Add NSLU2 maclist support
    (John Bowler).
  * [arm/nslu2] Activate maclist.

  [ maximilian attems ]
  * Add stable tree 2.6.15.1:
    - arch/sparc64/Kconfig: fix HUGETLB_PAGE_SIZE_64K dependencies
    - moxa serial: add proper capability check
    - fix /sys/class/net/<if>/wireless without dev->get_wireless_stats
    - Don't match tcp/udp source/destination port for IP fragments
    - Fix sys_fstat64() entry in 64-bit syscall table.
    - UFS: inode->i_sem is not released in error path
    - netlink oops fix due to incorrect error code
    - Fix onboard video on SPARC Blade 100 for 2.6.{13,14,15}
    - Fix DoS in netlink_rcv_skb() (CVE-2006-0035)
    - fix workqueue oops during cpu offline
    - Fix crash in ip_nat_pptp (CVE-2006-0036)
    - Fix another crash in ip_nat_pptp (CVE-2006-0037)
    - ppc32: Re-add embed_config.c to ml300/ep405
    - Fix ptrace/strace
    - vgacon: fix doublescan mode
    - BRIDGE: Fix faulty check in br_stp_recalculate_bridge_id()
    - skge: handle out of memory on ring changes
  * Drop merged patch:
    - sparc64-atyfb-xl-gr-final.patch

  [ Simon Horman ]
  * Fix booting on PReP machines
    (Closes: #348040)
    powerpc-relocate_code.patch

 -- Simon Horman <horms@verge.net.au>  Tue, 17 Jan 2006 18:01:17 +0900

linux-2.6 (2.6.15-2) unstable; urgency=low

  [ maximilian attems ]
  * Default to initramfs-tools as initramfs generator for amd64, hppa, i386,
    alpha and sparc. More archs will be added once klibc matures.
    (Closes: #346141, #343147, #341524, #346305)
  * Backport alsa patch for opl3 - Fix the unreleased resources.
    (Closes: #346273)
  * Readd buslogic-pci-id-table.patch.

  [ dann frazier ]
  * [ia64] Update config for 2.6.15.

  [ Frederik Schüler ]
  * Make CONFIG_IPW2100 a per-architecture option and deactivate it on all
    architectures but i386. (Closes: #344515)

  [ Sven Luther ]
  * Removed spurious file from powerpc-apus patch. (Closes: #346159)

  [ Norbert Tretkowski ]
  * Backport the generic irq framework for alpha. (closes: #339080)

  [ Bastian Blank ]
  * Remove pre-sarge conflict with hotplug.
  * Fix hppa diff to apply.
  * Make the latest packages depend on the corect version of the real images.
    (closes: #346366)

 -- Bastian Blank <waldi@debian.org>  Tue, 10 Jan 2006 16:54:21 +0100

linux-2.6 (2.6.15-1) unstable; urgency=low

  [ Sven Luther ]
  * New upstream release.
  * [powerpc] Now use ARCH=powerpc for 64bit powerpc flavours, 32bit still
    stays with ARCH=ppc for now.
  * [powerpc] Readded PReP Motorola PowerStack II Utah IDE interrupt
    (Closes: #345424)
  * [powerpc] Fixed apus patch.
  * Added make-kpkg --arch option support to gencontrol.py.
  * Added debian/bin/kconfig.ml to process config file snipplet, so we can
    preserve the pre 2.6.15 ordering of config file snipplets. Upto 2.6.15
    the kernel Kconfig magic apparently kept the later occuring config options,
    but it seems that this is no more the case. Instead of catting the config
    files together, not use the kconfig.ml script to read in the files from
    more generic to more specific, and keep only the more specific.

  [ Bastian Blank ]
  * [s390] Update configs.

  [ Kyle McMartin ]
  * [hppa] Snag latest hppa.diff from cvs.parisc-linux.org.
  * [hppa] Update configs for 2.6.15.
  * [hppa] Change parisc kernel names to something less ambiguous.

  [ dann frazier ]
  * [ia64] Update ia64 configs

  [ maximilian attems ]
  * Drop modular-ide.patch, nacked by ide upstream.  Prevents udev to load
    ide-generic and those successfull boots with initramfs-tools.
  * Disable CONFIG_USB_BANDWIDTH, causes major trouble for alsa usb cards.

  [ Norbert Tretkowski ]
  * [alpha] Removed conflict with initramfs-tools, thanks vorlon for finding
    the klibc bug!

  [ Jonas Smedegaard ]
  * Adjust short description of transitional package kernel-image-2.6-
    486 to mention 2.6 (not 2.6.12).
  * Clean duplicate Kconfig options.

  [ Frederik Schüler ]
  * Add updated version of drivers-scsi-megaraid_splitup.patch.
  * Deactivate CONFIG_IDE_TASK_IOCTL on alpha and ia64 and make it a global
    option.
  * Make CONFIG_VIDEO_SAA7134 a global option.
  * New option CONFIG_CC_OPTIMIZE_FOR_SIZE set per-arch.
  * Rename i386 368 flavour to 486.
  * Add myself to uploaders.
  * Readdition of qla2xxx drivers, as firmware license has been fixed.
  * Make CONFIG_PACKET, PACKET_MM and UNIX builtin on all architectures:
    statically linked has better performance then modules due to TLB issue.
  * clean up debian-patches dir: remove all obsolete patches:
    - alpha-compile-fix.patch: obsolete
    - amd64-int3-fix.patch: fixed since 2.6.12
    - net-ipconntrack-nat-fix.patch: merged upstream after 2.6.14 release
    - net-nf_queue-oops.patch: merged upstream after 2.6.14 release
    - qla2xxx-removed.patch: obsolete
  * Drop M386 support remains from the i386 386 flavour: built with M486
    from now on.

  [ Martin Michlmayr ]
  * [arm] Don't define "compiler" since GCC 4.x is the default now anyway.
  * [arm] Add descriptions for "class" and "longclass".
  * [arm] Compile CONFIG_BLK_DEV_SL82C105 support into the kernel on
    Footbridge.
  * [arm] Compile ext3 support into the kernel on Footbridge.
  * [arm] Turn on CONFIG_SERIAL_8250 support on Footbridge.

  [ Jurij Smakov ]
  * [sparc] Correct the patch for the atyfb framebuffer driver
    (sparc64-atyfb-xl-gr.patch) to finally fix the console and X
    image defects on Blade 100/150. The new patch is named
    sparc64-atyfb-xl-gr-final.patch to avoid the confusion.
    Thanks to Luis F. Ortiz for fixing the patch and Luigi Gangitano
    for testing it out.
  * Drop tty-locking-fixes9.patch, which was preventing the oops during
    shutdown on some sparc machines with serial console. Proper fix has
    been incorporated upstream.

  [ Simon Horman ]
  * Enable MKISS globally (closes: #340215)
  * Add recommends libc6-i686 to 686 and k7 image packages
    (closes: #278729)
  * Enable OBSOLETE_OSS_USB_DRIVER and USB_AUDIO
    as alsa snd-usb-audio still isn't quite there.
    I expect this to be re-disabled at some stage,
    possibly soon if it proves to be a source of bugs.
    (closes: #340388)

 -- Sven Luther <luther@debian.org>  Tue,  3 Jan 2006 06:48:07 +0000

linux-2.6 (2.6.14-7) unstable; urgency=low

  [ maximilian attems ]
  * Add stable tree 2.6.14.5 fixes:
    - setting ACLs on readonly mounted NFS filesystems (CVE-2005-3623)
    - Fix bridge-nf ipv6 length check
    - Perform SA switchover immediately.
    - Input: fix an OOPS in HID driver
    - Fix hardware checksum modification
    - kernel/params.c: fix sysfs access with CONFIG_MODULES=n
    - Fix RTNLGRP definitions in rtnetlink.h
    - Fix CTA_PROTO_NUM attribute size in ctnetlink
    - Fix unbalanced read_unlock_bh in ctnetlink
    - Fix NAT init order
    - Fix incorrect dependency for IP6_NF_TARGET_NFQUEUE
    - dpt_i2o fix for deadlock condition
    - SCSI: fix transfer direction in sd (kernel panic when ejecting iPod)
    - SCSI: fix transfer direction in scsi_lib and st
    - Fix hardware rx csum errors
    - Fix route lifetime.
    - apci: fix NULL deref in video/lcd/brightness
  * Disable CONFIG_USB_BANDWIDTH, causes major trouble on alsa usb cards.
    (Closes: #344939)

 -- maximilian attems <maks@sternwelten.at>  Tue, 27 Dec 2005 20:50:28 +0100

linux-2.6 (2.6.14-6) unstable; urgency=low

  [ Kyle McMartin ]
  * Change parisc kernel names to something less ambiguous.

  [ maximilian attems ]
  * Drop modular-ide.patch, nacked by ide upstream.  Prevents udev to load
    ide-generic and those successfull boots with initramfs-tools.
  * Add stable tree 2.6.14.4 with the following fixes:
    - drivers/scsi/dpt_i2o.c: fix a user-after-free
    - drivers/message/i2o/pci.c: fix a use-after-free
    - drivers/infiniband/core/mad.c: fix a use-after-free
    - DVB: BUDGET CI card depends on STV0297 demodulator
    - setkeys needs root
    - Fix listxattr() for generic security attributes
    - AGPGART: Fix serverworks TLB flush.
    - Fix crash when ptrace poking hugepage areas
    - I8K: fix /proc reporting of blank service tags
    - i82365: release all resources if no devices are found
    - bonding: fix feature consolidation
    - libata: locking rewrite (== fix)
    - cciss: bug fix for BIG_PASS_THRU
    - ALSA: nm256: reset workaround for Latitude CSx
    - cciss: bug fix for hpacucli
    - V4L/DVB: Fix analog NTSC for Thomson DTT 761X hybrid tuner
    - BRIDGE: recompute features when adding a new device
    - 32bit integer overflow in invalidate_inode_pages2()
    - USB: Adapt microtek driver to new scsi features
    - ide-floppy: software eject not working with LS-120 drive
    - Add try_to_freeze to kauditd
    - V4L/DVB (3135) Fix tuner init for Pinnacle PCTV Stereo
    - NETLINK: Fix processing of fib_lookup netlink messages
    - ACPI: fix HP nx8220 boot hang regression

  [ Norbert Tretkowski ]
  * [alpha] Removed conflict with initramfs-tools, thanks vorlon for finding
    the klibc bug!

  [ Frederik Schüler ]
  * Add updated drivers-scsi-megaraid_splitup.patch. (Closes: #317258)
  * Add ppc64-thermal-overtemp.patch to fix a thermal control bug in G5
    machines. (Closes: #343980)
  * Unpatch the following patches which are included in 2.6.14.4:
    - setkeys-needs-root-1.patch
    - setkeys-needs-root-2.patch
    - mm-invalidate_inode_pages2-overflow.patch
    - net-bonding-consolidation-fix.patch

 -- Frederik Schüler <fs@debian.org>  Tue, 20 Dec 2005 18:50:41 +0000

linux-2.6 (2.6.14-5) unstable; urgency=low

  [ dann frazier ]
  * ia64-new-assembler-fix.patch
    Fix ia64 builds with newer assembler (Closes: #341257)

  [ Sven Luther ]
  * [powerpc] incremented ramdisk size to 24576 from 8192, needed by the
    graphical installer, maybe we can bring this to 16384 later.

  [ Simon Horman ]
  * Add recommends libc6-i686 to 686 and k7 image packages
    (closes: #278729)
  * Enable OBSOLETE_OSS_USB_DRIVER and USB_AUDIO
    as alsa snd-usb-audio still isn't quite there.
    I expect this to be re-disabled at some stage,
    possibly soon if it proves to be a source of bugs.
    (closes: #340388)

  [ dann frazier ]
  * buslogic-pci-id-table.patch
    add a pci device id table to fix initramfs-tools discovery.
    (closes #342057)
  * fix feature consolidation in bonding driver.  (closes #340068)

 -- dann frazier <dannf@debian.org>  Thu,  8 Dec 2005 10:59:31 -0700

linux-2.6 (2.6.14-4) unstable; urgency=low

  [ dann frazier ]
  * setkeys-needs-root-1.patch, setkeys-needs-root-2.patch:
    [SECURITY] Require root privilege to write the current
    function key string entry of other user's terminals.
    See CVE-2005-3257 (Closes: #334113)

  [ Simon Horman ]
  * Enable MKISS globally (closes: #340215)
  * mm-invalidate_inode_pages2-overflow.patch
    [SECURITY] 32bit integer overflow in invalidate_inode_pages2() (local DoS)
  * ctnetlink-check-if-protoinfo-is-present.patch
    [SECURITY] ctnetlink: check if protoinfo is present (local DoS)
  * ctnetlink-fix-oops-when-no-icmp-id-info-in-message.patch
    [SECURITY] ctnetlink: Fix oops when no ICMP ID info in message (local DoS)

  [ Sven Luther ]
  * Re-added powerpc/apus patch, now that Roman Zippel merged it in.
  * Let's create asm-(ppc|ppc64) -> asm-powerpc symlink farm.  (Closes: #340571)

  [ maximilian attems ]
  * Add 2.6.14.3 patch - features changelog:
    - isdn/hardware/eicon/os_4bri.c: correct the xdiLoadFile() signature
    - x86_64/i386: Compute correct MTRR mask on early Noconas
    - PPTP helper: Fix endianness bug in GRE key / CallID NAT
    - nf_queue: Fix Ooops when no queue handler registered
    - ctnetlink: check if protoinfo is present
    - ip_conntrack: fix ftp/irc/tftp helpers on ports >= 32768
    - VFS: Fix memory leak with file leases
    - hwmon: Fix lm78 VID conversion
    - hwmon: Fix missing it87 fan div init
    - ppc64 memory model depends on NUMA
    - Generic HDLC WAN drivers - disable netif_carrier_off()
    - ctnetlink: Fix oops when no ICMP ID info in message
    - Don't auto-reap traced children
    - packet writing oops fix
    - PPTP helper: fix PNS-PAC expectation call id
    - NAT: Fix module refcount dropping too far
    - Fix soft lockup with ALSA rtc-timer
    - Fix calculation of AH length during filling ancillary data.
    - ip_conntrack TCP: Accept SYN+PUSH like SYN
    - refcount leak of proto when ctnetlink dumping tuple
    - Fix memory management error during setting up new advapi sockopts.
    - Fix sending extension headers before and including routing header.
    - hwmon: Fix missing boundary check when setting W83627THF in0 limits
  * Remove ctnetlink-check-if-protoinfo-is-present.patch,
    net-nf_queue-oops.patch - already included in 2.6.14.3.

  [ Frederik Schüler ]
  * Make CONFIG_PACKET, PACKET_MM and UNIX builtin on all architectures:
    statically linked has better performance then modules due to TLB issue.
  * Add myself to uploaders.

 -- Frederik Schüler <fs@debian.org>  Sat, 26 Nov 2005 13:18:41 +0100

linux-2.6 (2.6.14-3) unstable; urgency=low

  [ Norbert Tretkowski ]
  * [alpha] Switch to gcc 4.0.
  * [alpha] Conflict with initramfs-tools, klibc is broken on alpha.
  * [alpha] Enabled CONFIG_KOBJECT_UEVENT in arch/alphaconfig to fix trouble
    with latest udev, thanks to Uwe Schindler for reporting. (closes: #338911)
  * Bumped ABI revision:
    + ABI changes on sparc and alpha because of compiler switch.
    + 2.6.14.1 changes ABI of procfs.

  [ Sven Luther ]
  * Set default TCP congestion algorithm to NewReno + BIC (Closes: #337089)

  [ maximilian attems ]
  * Reenable CONFIG_SOFTWARE_SUSPEND on i386 and ppc, resume=/dev/<other device>
    must be set by boot loader. (Closes: #267600)
  * Set CONFIG_USB_SUSPEND on i386. Usefull for suspend to ram and apm suspend.
  * Add 2.6.14.1 patch:
    - Al Viro: CVE-2005-2709 sysctl unregistration oops
  * Add 2.6.14.2 patch:
    - airo.c/airo_cs.c: correct prototypes
    - fix XFS_QUOTA for modular XFS (closes: #337072)
    - USB: always export interface information for modalias
    - NET: Fix zero-size datagram reception
    - fix alpha breakage
    - Oops on suspend after on-the-fly switch to anticipatory i/o scheduler
    - ipvs: fix connection leak if expire_nodest_conn=1
    - Fix ptrace self-attach rule
    - fix signal->live leak in copy_process()
    - fix de_thread() vs send_group_sigqueue() race
    - prism54 : Fix frame length
    - tcp: BIC max increment too large
  * Remove alpha compile fix as contained in 2.6.14.2
  * Readd CONFIG_XFS_QUOTA=y.
  * Disable ACPI cutoff year on i386, was set to 2001.
    No need for acpi=force on boot.

  [ Jurij Smakov ]
  * Fix the install-image script to correctly include all the necessary
    stuff in scripts. (Closes: #336424)
  * Enable CONFIG_SND_ALI5451 on sparc.
  * Switch sparc to gcc-4.0. Thanks to Norbert for making sure it successfully
    builds a working kernel now.
  * Apply patch to fix ATI framebuffer output corruption on SunBlade 100
    (sparc64-atyfb-xl-gr.patch). Thanks to Luigi Gangitano. (Closes: #321200)
  * Disable CONFIG_PARPORT_PC_FIFO on sparc, since it causes a hang whenever
    something is sent to the parallel port device. Thanks to Attilla
    (boera at rdslink.ro) for pointing that out.

  [ Simon Horman ]
  * [386, AMD64] Set CONFIG_FRAMEBUFFER_CONSOLE=y instead of m.
    As vesadb now built into the kernel, after finally dropping the
    debian-specific patch to make it modular, make fbcons builtin too, else
    all sorts of weird stuff happens which is hard for the inird builders to
    automatically compenste for. (Closes: #336450)
  * Redisable CONFIG_SOFTWARE_SUSPEND on ppc/miboot as it required
    CONFIG_PM to compile.
  * [NETFILTER] nf_queue: Fix Ooops when no queue handler registered
    This is a regression introduced in 2.6.14.
    net-nf_queue-oops.patch. (Closes: #337713)
  * Make manuals with defconfig, as is required for kernel-package 10.008

  [ dann frazier ]
  * net-ipconntrack-nat-fix.patch - fix compilation of
    ip_conntrack_helper_pptp.c when NAT is disabled. (Closes: #336431)

  [ Christian T. Steigies ]
  * update m68k.diff to 2.6.14
  * add m68k-*vme* patches
  * disable macsonic driver until the dma patch is fixed
  * disable IEEE80211 drivers for all of m68k

  [ Frederik Schüler ]
  * activate CONFIG_SECURITY_NETWORK to fix SElinux operation.
    (Closes: #338543)

 -- Norbert Tretkowski <nobse@debian.org>  Mon, 14 Nov 2005 10:23:05 +0100

linux-2.6 (2.6.14-2) unstable; urgency=low

  [ Simon Horman ]
  * [SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
    This fix, included as part of the 2.6.13.4 patch in
    2.6.13+2.6.14-rc4-0experimental.1 is CVE-2005-3181
  * Fix genearation of .extraversion, again (closes: #333842)
  * Add missing kernel-arch and kernel-header-dirs to defines
    so headers get included. (closes: #336521)
    N.B: I only filled in arches where other's hadn't done so alread.
         Please fix if its wrong.
  * Allow powerpc64 to compile with AUDIT enabled but
    AUDITSYSCALL disabled. powerpc64-audit_sysctl-build.patch

  [ dann frazier ]
  * Update hppa.diff to 2.6.14-pa0

  [ Norbert Tretkowski ]
  * [alpha] New patch to include compiler.h in barrier.h, barrier() is used in
    non-SMP case.
  * [alpha] Added kernel-header-dirs and kernel-arch to debian/arch/alpha/defines
    to include asm-alpha in linux-headers package.
  * Added myself to Uploaders.

  [ Frederik Schüler ]
  * [amd64] use DISCONTIGMEM instead of SPARSEMEM on amd64-k8-smp flavour to
    fix bootup kernel panic.
  * [amd64] include asm-x86_64 in linux-headers package.
  * Deactivate AUDITSYSCALL globally, it slows down the kernel and is not
    needed for selinux at all.

 -- Simon Horman <horms@debian.org>  Tue,  1 Nov 2005 15:27:40 +0900

linux-2.6 (2.6.14-1) unstable; urgency=low

  [ Sven Luther ]
  * New upstream release.

  [ Norbert Tretkowski ]
  * [alpha] Update arch/alpha/config* for 2.6.14.

  [ Simon Horman ]
  * Fix misformatting of long description of
    linux-patch-debian-linux-patch-debian-X.Y.Z.
    templates/control.main.in
    (closes: #335088)
  * Make sure version is seeded in apply and unapply scripts.
    Actually changed in some earlier, post 2.6.12, release,
    but the changelog seems to be missing.
    (closes: #324583)

  [ dann frazier ]
  * [ia64] Disable the CONFIG_IA64_SGI_SN_XP module.  This forces
    CONFIG_GENERIC_ALLOCATOR and CONFIG_IA64_UNCACHED_ALLOCATOR to y, which
    appears to break on zx1 systems.

 -- Simon Horman <horms@debian.org>  Fri, 28 Oct 2005 16:26:03 +0900

linux-2.6 (2.6.13+2.6.14-rc5-0experimental.1) experimental; urgency=low

  [ Sven Luther ]
  * Upgraded to 2.6.14-rc5.

  [ Jonas Smedegaard ]
  * Quote variables in debian/rules.real and postinstall (making it
    safer to run with weird characters in path of build environment).

  [ Bastian Blank ]
  * Add some missing files from scripts to headers packages.
  * Add new patch powerpc-build-links.patch: Emit relative symlinks in
    arch/ppc{,64}/include.
  * Include arch/*/include into headers package.

 -- Sven Luther <luther@debian.org>  Tue, 25 Oct 2005 03:56:11 +0000

linux-2.6 (2.6.13+2.6.14-rc4-0experimental.1) experimental; urgency=low

  [ Sven Luther ]
  * Upgraded to 2.6.14-rc4.

  [ Simon Horman ]
  * Fix genearation of .extraversion (closes: #333842)

  [ dann frazier ]
  * Enhance the linux-source description to explain the types of patches
    Debian adds to it.  (closes: #258043)
  * Correct linux-patch-debian description.  It replaces the
    kernel-patch-debian packages, not the kernel-source packages.

  [ Jonas Smedegaard ]
  * Fix building from within a very long dir (all patches was applied at
    once - exhausting shell commandline, now applied one by one).
  * Add Simon Horman, Sven Luther and myself as Uploaders.

  [ Bastian Blank ]
  * Use list of revisions in patch scripts.
  * Use correct names for tarball and scripts.

  [ Jurij Smakov ]
  * [i386] Set the CONFIG_HPET_EMULATE_RTC option to make the clock
    work properly on certain Dell machines. This required setting the
    CONFIG_RTC option to 'y' instead of 'm'. (closes: #309909)
    [i386] Enable VIDEO_CX88 and VIDEO_CX88_DVB (both set to 'm') by
    popular demand. (closes: #330916)

  [ Norbert Tretkowski ]
  * [alpha] Update arch/alpha/config for 2.6.13.

  [ Kyle McMartin ]
  * [hppa] Oops. Fix linux-headers not including asm-parisc by adding
    headers_dirs = parisc to Makefile.inc.

  [ maximilian attems ]
  * Set CONFIG_FB_VESA=y for i386 and amd64 configs. (closes: #333003)

  [ Sven Luther ]
  * [powerpc] Fixed apus build, now use mkvmlinuz too to generate the vmlinuz
    kernel.
  * Fixed control.image.in to depend on :
      initramfs-tools | yaird | linux-ramdisk-tool
    where linux-ramdisk-tools is the virtual package provided by all
    initrd/initramfs generating tools.

  [ Frederik Schüler ]
  * deactivate FB_RIVA on all architectures.
  * deactivate BLK_DEV_IDESCSI on all architectures.
  * Added patch-2.6.13.4:
    - [SECURITY] key: plug request_key_auth memleak
      See CAN-2005-3119
    - [SECURITY] Fix drm 'debug' sysfs permissions
      See CAN-2005-3179
    - [SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
    - [SPARC64] Fix userland FPU state corruption.
    - BIC coding bug in Linux 2.6.13
    - [SECURITY] orinoco: Information leakage due to incorrect padding
      See CAN-2005-3180
    - ieee1394/sbp2: fixes for hot-unplug and module unloading

  [ Christian T. Steigies ]
  * disable CONFIG_EXT2_FS_XIP for m68k like on all(?) other arches
  * deactivate OKTAGON_SCSI for amiga/m68k until it can be compiled again
  * deactivate CONFIG_KEYBOARD_HIL_OLD, CONFIG_KEYBOARD_HIL, CONFIG_MOUSE_HIL,
    CONFIG_HIL_MLC, and CONFIG_HP_SDC for hp/m68k
  * update m68k.diff for 2.6.13
  * split out patches that do not intefere with other arches to
    patches-debian/m68k-*

 -- Bastian Blank <waldi@debian.org>  Fri, 21 Oct 2005 12:17:47 +0000

linux-2.6 (2.6.13-1) experimental; urgency=low

  * New upstream release "git booost":
    - new arch xtensa
    - kexec/kdump
    - execute-in-place
    - inotify (closes: #304387)
    - time-sharing cfq I/O scheduler
    - manual driver binding
    - voluntary preemption
    - user-space I/O initiation for InfiniBand
    - new speedy DES (crypto) implementation
    - uml "almost-skas" mode support
    - 250 HZ default (closes: #320366)
    - fixes all over (alsa, archs, ide, input, ntfs, scsi, swsusp, usb, ..)
    - orinoco driver updates (closes: #291684)
    - md, dm updates (closes: #317787)

  [ Frederik Schüler ]
  * [amd64] Added class and longclass descriptions for amd64 flavours.
  * [amd64] add amd64-tlb-flush-sigsegv-fix.patch: disable tlb flush
    filtering on smp systems to workaround processor errata.
  * backport kernel-api-documentation-generation-fix.diff from git to fix
    documentation build.
  * Added patch-2.6.13.1:
    - raw_sendmsg DoS (CAN-2005-2492)
    - 32bit sendmsg() flaw (CAN-2005-2490)
    - Reassembly trim not clearing CHECKSUM_HW
    - Use SA_SHIRQ in sparc specific code.
    - Fix boundary check in standard multi-block cipher processors
    - 2.6.13 breaks libpcap (and tcpdump)
    - x86: pci_assign_unassigned_resources() update
    - Fix PCI ROM mapping
    - aacraid: 2.6.13 aacraid bad BUG_ON fix
    - Kconfig: saa7134-dvb must select tda1004x

  [ Simon Horman ]
  * Disable BSDv3 accounting on hppa and alpha, it was already
    disabled on all other architectures. Also unify BSD accounting
    config into top level config, rather than per flavour configs.
  * [SECURITY] The seq_file memory leak fix included in 2.6.12-6
    as part of upstream's 2.6.12.6 patchset is now CAN-2005-2800.

  [ Jurij Smakov, Simon Horman ]
  * Ensure that only one kernel-manual/linux-manual package can
    be installed at a time to avoid file conflicts. (closes: #320042)

  [ Bastian Blank ]
  * Move audit, preempt and security settings to core config file.
  * Fix powerpc configuration.
  * Add debian version information to kernel version string.
  * Drop coreutils | fileutils dependencies.
  * Drop modular-vesafb patch. (closes: #222374, #289810)

  [ Christian T. Steigies ]
  * update m68k.diff for linux-2.6.13
  * add m68k-42_dma.patch and m68k-sonic.patch that will be in upstream 2.6.14
    (which makes sun3 build fail, needs fixing)

  [ maximilian attems ]
  * Drop drivers-add-scsi_changer.patch (merged)
  * Drop drivers-ide-dma-blacklist-toshiba.patch (merged)
  * Drop drivers-ide-__devinit.patch (merged)
  * Added patch-2.6.13.2:
    - USB: ftdi_sio: custom baud rate fix
    - Fix up more strange byte writes to the PCI_ROM_ADDRESS config word
    - Fix MPOL_F_VERIFY
    - jfs: jfs_delete_inode must call clear_inode
    - Fix DHCP + MASQUERADE problem
    - Sun HME: enable and map PCI ROM properly
    - Sun GEM ethernet: enable and map PCI ROM properly
    - hpt366: write the full 4 bytes of ROM address, not just low 1 byte
    - forcedeth: Initialize link settings in every nv_open()
    - Lost sockfd_put() in routing_ioctl()
    - lost fput in 32bit ioctl on x86-64
  * Added patch-2.6.13.3:
    - Fix fs/exec.c:788 (de_thread()) BUG_ON
    - Don't over-clamp window in tcp_clamp_window()
    - fix IPv6 per-socket multicast filtering in exact-match case
    - yenta oops fix
    - ipvs: ip_vs_ftp breaks connections using persistence
    - uml - Fix x86_64 page leak
    - skge: set mac address oops with bonding
    - tcp: set default congestion control correctly for incoming connections

  [ Sven Luther ]
  * [powerpc] Added hotplug support to the mv643xx_eth driver :
      powerpc-mv643xx-hotplug-support.patch
    thanks go to Nicolas Det for providing the patch.
  * [powerpc] Modified a couple of configuration options for the powerpc64
    flavour, fixes and enhances Apple G5 support (Closes: #323724, #328324)
  * [powerpc] Added powerpc-miboot flavour to use exclusively with oldworld
    powermac miboot floppies for debian-installer.
  * [powerpc] Checked upgraded version of the apus patches, separated them in
    a part which is safe to apply, and one which needs checking, and is thus
    not applied yet.

  [ Kyle McMartin ]
  * [hppa] Update hppa.diff to 2.6.13-pa4.
  * [hppa] Add space register fix to pacache.S to hppa.diff.

  [ dann frazier ]
  * Add a note to README.Debian that explains where users can find the .config
    files used to generate the linux-image packages.  Closes: #316809
  * [ia64] Workaround #325070 until upstream works out an acceptable solution.
    This bug breaks module loading on non-SMP ia64 kernels.  The workaround
    is to temporarily use an SMP config for the non-SMP kernels.  (Note that
    John Wright is running benchmarks to determine the overhead of running
    an SMP kernel on UP systems to help decide if this should be a
    permanent change).
  * [ia64] Update arch/ia64/config for 2.6.13

 -- Simon Horman <horms@debian.org>  Thu,  6 Oct 2005 15:45:21 +0900

linux-2.6 (2.6.12-6) unstable; urgency=high

  [ Andres Salomon, Bastian Blank ]
  * Change ATM and Classical-IP-over-ATM to be modular, instead of being
    statically included. (closes: #323143)

  [ Sven Luther ]
  * [powerpc] powerpc-pmac-sound-check.patch: Added pmac-sound sanity check.
  * [powerpc] powerpc-apus.patch:
    Added preliminary apus patch to package, not applied to kernel tree yet.

  [ Simon Horman ]
  * Unset CC_OPTIMIZE_FOR_SIZE in i386 config,
    it breaks iproute's (and other netlink users) ability
    to set routes. (closes: #322723)
  * Added 2.6.12.6
    - [SECURITY: CAN-2005-2555] Restrict socket policy loading to
      CAP_NET_ADMIN.
    - [SECURITY] Fix DST leak in icmp_push_reply().  Possible remote
      DoS?
    - [SECURITY] NPTL signal delivery deadlock fix; possible local
      DoS.
    - fix gl_skb/skb type error in genelink driver in usbnet
    - [SECURITY] fix a memory leak in devices seq_file implementation;
      local DoS.
    - [SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.

  [ Andres Salomon ]
  * [hppa] enable discontiguous memory support for 32bit hppa images, so
    they build.

 -- Andres Salomon <dilinger@debian.org>  Tue, 06 Sep 2005 10:14:35 -0400

linux-2.6 (2.6.12-5) unstable; urgency=low

  * Change ARM to use GCC 3.3 to avoid FTBFS errors with GCC 4
   (dann frazier)

  * Remove spurious double quote character from ia64 package descriptions.
    (dann frazier)

  * Add transitional meta packages (kernel-image-2.6-*) for ia64.
    (dann frazier)

  * Change fuzz factor to 1, stricter patch appliance. (Maximilian Attems)

  * Enabled CONFIG_THERM_PM72 on powerpc64 flavour. (Sven Luther)

 -- Bastian Blank <waldi@debian.org>  Tue, 16 Aug 2005 21:43:31 +0200

linux-2.6 (2.6.12-4) unstable; urgency=low

  * Supply correct subarch values for the powerpc images.

 -- Bastian Blank <waldi@debian.org>  Mon, 15 Aug 2005 21:06:18 +0200

linux-2.6 (2.6.12-3) unstable; urgency=low

  * Added reference to old kernel-* package names to make
    transition a little more obvious to end users.
    A Dan Jacobson special. (Simon Horman) Closes: #321167

  * By the time this makes it into the archive, it will
    be handling kernel-image-2.6-* packages. (Simon Horman)
    Closes: #321867

  * Link palinfo statically on ia64. (dann frazier) (Closes: #321885)

  * [hppa] :
    - Add hppa arch specific patch.
    - Build-Depend on binutils-hppa64 and gcc-4.0-hppa64.
    (Kyle McMartin)

  * Fix permissions in source tarball. (Bastian Blank) (Closes: #322409)

  * Enable the CONFIG_IP_ADVANCED_ROUTER and related options on
    sparc64 to sync with other architectures. (Jurij Smakov)
    Closes: #321236

  * Include all executables as well as *.sh and *.pl files found in
    scripts directory in the headers package. (Bastian Blank)
    Closes: #322612, #322680, #322765

  * Include m68k headers into the arch-common headers package on
    powerpc and make sure that all the directories are linked to
    properly from the flavour-specific headers packages. (Jurij Smakov)
    Closes: #322610

  * [powerpc] Enabled the powerpc64 flavour, now that we have a real biarch
    toolchain in sid. Many thanks go to GOTO Masanori and Matthias Klose as
    well as any other who worked on the biarch toolchain to make this happen.

  * Added 2.6.12.5 (Simon Horman)
    - Fix BUG() is triggered by a call to set_mempolicy() with a negativ
      first argument.
    - [amd64] Fix a SRAT handling on systems with dual cores.
    - [amd64] SMP timing problem
    - [security] Zlib fixes See CAN-2005-2458, CAN-2005-2459
      http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
      http://bugs.gentoo.org/show_bug.cgi
    - Add zlib deflateBound()
    - [security] Fix error during session join. See CAN-2005-2098
    - [security] Fix keyring destructor. See CAN-2005-2099
    - Module per-cpu alignment cannot always be met
      http://www.ussg.iu.edu/hypermail/linux/kernel/0409.0/0768.html
    Closes: #323039

 -- Bastian Blank <waldi@debian.org>  Mon, 15 Aug 2005 16:42:05 +0200

linux-2.6 (2.6.12-2) unstable; urgency=low

  * The Kernel Team offers its condolences to the family of Jens Schmalzing
    (jensen@debian), who died Saturday, July 30, 2005 in a tragic accident in
    Munich.  Jens was a member of the Kernel Team, and was instrumental in
    taking the powerpc kernel package to 2.6, as well as maintaining MOL
    and its kernel modules.

  * Add @longclass@ variable to control file autogeneration. (Andres Salomon)

  * Bump build-depends on kernel-package to a fixed version (>= 9.005).
    (Jurij Smakov, Sven Luther) (closes: #319657, #320422, #321625)

  * Change default ramdisk size for sparc to 16,384K to accomodate a fatter
    d-i initrd for netboot installs.
    (Joshua Kwan)

  * Don't build-depend on console-tools on s390. (Bastian Blank)

  * Add ARM support. (Vincent Sanders)

  * Add ia64 descriptions. (dann frazier)

  * Strip down the scripts dir in the headers packages. (Bastian Blank)

  * Add m68k support. (Christian T. Steigies)

  * Added 2.6.12.4 (Frederik Schüler)
    - Fix powernow oops on dual-core athlon
    - Fix early vlan adding leads to not functional device
    - sys_get_thread_area does not clear the returned argument
    - bio_clone fix
    - Fix possible overflow of sock->sk_policy (CAN-2005-2456)
      (closes: #321401)
    - Wait until all references to ip_conntrack_untracked are dropped on
      unload
    - Fix potential memory corruption in NAT code (aka memory NAT)
    - Fix deadlock in ip6_queue
    - Fix signedness issues in net/core/filter.c
    - x86_64 memleak from malicious 32bit elf program
    - rocket.c: Fix ldisc ref count handling
    - kbuild: build TAGS problem with O=

  * Enable CONFIG_6PACK=m for all archs (Andres Salomon)
    (closes: #319646)

  * Overhaul the generation of the control file. Now it is handled
    by debian/bin/gencontrol.py. The debian/control target in rules
    also fails now, since we don't want the control file generated
    during build. Arch-specific Depends and suggests are now generated
    correctly. (Bastian Blank) (Closes: #319896)

  * [powerpc] Fixed typo which made asm-ppc and asm-ppc64 not being included
    in the header package. (Sven Luther) (Closes: #320817)

  * Added list of flavours built to common header package. (Sven Luther)

 -- Bastian Blank <waldi@debian.org>  Tue, 09 Aug 2005 11:12:40 +0200

linux-2.6 (2.6.12-1) unstable; urgency=low

  * New upstream release:
    - "git rocks"
    - address space randomization
    - conversion of ide driver code to the device model
    - restored Philips webcam driver
    - new Broadcom bcm5706 gigabit driver
    - new resource limits for the audio community
    - Multipath device mapper
    - Intel HD Audio alsa driver
    - fixes + arch updates..
    - readdition of tg3 driver, as firmware license has been fixed

  * Dropped the following patches:
    - patch-2.6.11.*.patch (merged)
    - powerpc-ppc64-ibmvscsi.patch (Christoph didn't like it, and it failed
      to build anyways) (Sven Luther)
    - doc-post_halloween.patch (unless someone can come up w/ a valid
      reason for carrying around rapidly bitrotting documentation...)
      (Andres Salomon)
    - sparc32-hypersparc-srmmu.patch (dropped until sparc32 is working
      again, and we can figure out whether it's necessary)
    - fix-alpha-ext3-oops.patch (no longer needed, fixed by compiler)
    - x86-i486_emu.patch (buggy and insecure 80486 instruction emulation
      for 80386; we're no longer supporting this) (closes: #250468)
    - amd64-outs.patch (according to
      http://www.ussg.iu.edu/hypermail/linux/kernel/0502.3/1095.html, this
      is unnecessary for us) (Andres Salomon)
    - sparc64-rtc-mostek.patch (merged)
    - sparc64-compat-nanoseconds.patch (merged)
    - sparc64-sunsu-init-2.6.11.patch (merged)
    - sunsab-uart-update-timeout.patch (merged)
    - alpha-read-trylock.patch (different version got merged)
    - powerpc-prep-motorola-irq-fix.patch (merged)
    - drivers-media-video-saa7134-update.patch (merged)
    - drivers-media-video-saa7134-update-2.patch (merged)
    - drivers-media-video-pll-lib.patch (merged)
    - drivers-media-video-pll-lib-2.patch (merged)
    - drivers-media-video-tuner-update-1.patch (merged)
    - drivers-media-video-tuner-update-2.patch (merged)
    - drivers-media-video-v4l-mpeg-support.patch (merged)
    - drivers-media-video-mt352-update.patch (merged)
    - arch-ppc64-hugepage-aio-panic.patch (merged)
    - drivers-input-serio-nmouse.patch (merged)
    - sparc64-sb1500-clock-2.6.patch (merged)
    - docbook-allow-preprocessor-directives-... (merged)
    - docbook-fix-function-parameter-descriptin-in-fbmem.patch (merged)
    - docbook-move-kernel-doc-comment-next-to-function.patch (merged)
    - powerpc-therm-adt746x-new-i2c-fix.patch (merged)
    - powerpc-mv643xx-enet.patch (merged)
    - powerpc-mv643xx-eth-pegasos.patch (merged)
    - powerpc-pmac-agp-sleep.patch (merged)
    - drivers-input-serio-8042-resume.patch (merged)

  * Premiere of the common-source kernel package
    (Jurij Smakov, Andres Salomon)
    - build all architectures out of kernel source package
    - rename source and binary packages
    - create a common config for different architectures, and management
      tools to allow for easier modification of config options
    - drop default configs, autogenerate them instead; requires
      kernel-package >= 9.002.

  * Add 2.6.12.1 (Maximilian Attems)
    - Clean up subthread exec (CAN-2005-1913)
    - ia64 ptrace + sigrestore_context (CAN-2005-1761)

  * Add 2.6.12.2 (Frederik Schüler)
    - Fix two socket hashing bugs.
    -  ACPI: Make sure we call acpi_register_gsi() even for default PCI
       interrupt assignment
    - Add "memory" clobbers to the x86 inline asm of strncmp and friends
    - e1000: fix spinlock bug
    - fix remap_pte_range BUG
    - Fix typo in drivers/pci/pci-driver.c

  * Add 2.6.12.3 (Joshua Kwan)
    - Fix semaphore handling in __unregister_chrdev
    - Fix TT mode in UML.
    - Check for a null return in tty_ldisc_ref.
    - v4l: cx88 hue offset fix
    - Fix 8139cp breakage that occurs with tpm driver.
    - Fix the 6pack driver in SMP environments.
    - Switch to spinlocks in the shaper driver.
    - ppc32: stop misusing NTP's time_offset value
    - netfilter: go back to dropping conntrack references manually
    - ACPI: don't accept 0 as a PCI IRQ.

  * Enable CONFIG_SCSI_INITIO. (Maximilian Attems) (closes: #318121)

  * [powerpc] :
    - Added powerpc-mkvmlinuz-support patch which allows, together with
      kernel-package 9.0002 to add mkvmlinuz support to hand built packages.
    - Removed powerpc-ppc64-ibmvscsi.patch, FTBFS, and Christoph doesn't like
      it and thinks it is not needed.
    - Disabled swim3 on powerpc-smp, FTBFS.
    - Disabled software-suspend on powerpc-smp, FTBFS, amd64/i386 only smp code.
    - Rediffed and readded the G4 L2 hardware flush assist patch from Jacob Pan.
    (Sven Luther)

  * [sparc]
    - Drop sparc32 flavour for now. sparc32 kernel is currently in the
      category "too buggy for us to support". In spite of numerous efforts
      I still see occasional random filesystem corruptions in my tests.
      That does NOT mean that we are dropping sparc32 support, we will
      work with upstream trying to solve these problems for the next
      kernel release. Those interested in helping/testing are encouraged
      to subscribe to debian-sparc mailing list.
      (Jurij Smakov)

  * [alpha]
    - Renamed resulting binary packages for alpha, kernel-image-x.y.z-generic
      wasn't a generic kernel, it was a generic kernel for alpha machines, so
      we're now using linux-image-x.y.z-alpha-generic (and of course, the same
      change for the smp kernel-image). This change was postponed after the
      sarge release. (closes: #260003)
    (Norbert Tretkowski)

  * [amd64]
    - Now using the default compiler (gcc-4.0), thus we get rid of the
      annoying MAKEFLAGS="CC=gcc-3.4" make-kpkg... invocation for third-party
      modules.
      This release lacks 64bit kernels for i386 userland; support will be
      added in a later release as soon as the toolchain has stabilized again.
      (Frederik Schüler)

 -- Andres Salomon <dilinger@debian.org>  Wed, 20 Jul 2005 17:16:04 -0400

