[kernel] r10507 - in people/waldi/xen-extra/linux-2.6.18-xen-3/debian: . config-update config-update/amd64 config-update/i386

Mon Feb 11 18:42:44 UTC 2008

Author: waldi
Date: Mon Feb 11 18:24:19 2008
New Revision: 10507

Log:
* debian: Update to 2.6.18.dfsg.1-18etch1.
* debian/changelog: Update.
* debian/config-update/amd64/defines,
  debian/config-update/i386/defines: Set kernel arch.
* debian/config-update/defines
  - Update supported hypervisors.
  - Set abi to xen-3.1-2.


Added:
   people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/i386/defines
Modified:
   people/waldi/xen-extra/linux-2.6.18-xen-3/debian/   (props changed)
   people/waldi/xen-extra/linux-2.6.18-xen-3/debian/changelog
   people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/amd64/defines
   people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/defines

Modified: people/waldi/xen-extra/linux-2.6.18-xen-3/debian/changelog
==============================================================================

--- people/waldi/xen-extra/linux-2.6.18-xen-3/debian/changelog	(original)
+++ people/waldi/xen-extra/linux-2.6.18-xen-3/debian/changelog	Mon Feb 11 18:24:19 2008
@@ -1,8 +1,71 @@
-linux-2.6.18-xen-3 (2.6.18.dfsg.1-16+xen.1) kernel-waldi-xen-extra; urgency=low
+linux-2.6.18-xen-3 (2.6.18.dfsg.1-18etch1+xen.1) kernel-waldi-xen-extra; urgency=low
 
   * Update Xen patch to 3.1 branch, 3.1.1 release.
 
- -- Bastian Blank <waldi at debian.org>  Sun, 14 Oct 2007 02:54:48 +0200
+ -- Bastian Blank <waldi at debian.org>  Mon, 11 Feb 2008 01:43:25 +0100
+
+linux-2.6 (2.6.18.dfsg.1-18etch1) stable-security; urgency=high
+
+  * bugfix/vmsplice-security.patch
+    [SECURITY] Fix missing access check in vmsplice.
+    See CVE-2008-0010, CVE-2008-0600
+  * bugfix/all/vserver/proc-link-security.patch
+    [SECURITY][vserver] Fix access checks for the links in /proc/$pid.
+
+ -- Bastian Blank <waldi at debian.org>  Sun, 10 Feb 2008 18:37:05 +0100
+
+linux-2.6 (2.6.18.dfsg.1-18) stable; urgency=high
+
+  [ Martin Michlmayr ]
+  * [mips] Fix network on Cobalt RaQ1, thanks Thomas Bogendoerfer
+    (closes: #460337).
+
+  [ dann frazier ]
+  * [ia64] Fix an issue with unaligned accesses and certain floating point
+    instructions that can result in silent user data corruption
+    (closes: #461493).
+  * Update abi reference files for ABI 6
+
+ -- dann frazier <dannf at debian.org>  Fri, 25 Jan 2008 00:08:38 -0700
+
+linux-2.6 (2.6.18.dfsg.1-17etch1) stable-security; urgency=high
+
+  * bugfix/i4l-isdn_ioctl-mem-overrun.patch
+    [SECURITY] Fix potential isdn ioctl memory overrun
+    See CVE-2007-6151
+  * bugfix/vfs-use-access-mode-flag.patch
+    [SECURITY] Use the access mode flag instead of the open flag when
+    testing access mode for a directory. Modify
+    features/all/vserver/vs2.0.2.2-rc9.patch to apply on top of this
+    See CVE-2008-0001
+  * bugfix/fat-move-ioctl-compat-code.patch, bugfix/fat-fix-compat-ioctls.patch
+    [SECURITY][ABI Changer] Fix kernel_dirent corruption in the compat layer
+    for fat ioctls
+    See CVE-2007-2878
+  * bugfix/proc-snd-page-alloc-mem-leak.patch
+    [SECURITY][ABI Changer] Fix an issue in the alsa subsystem that allows a
+    local user to read potentially sensitive kernel memory from the proc
+    filesystem
+    See CVE-2007-4571
+  * Bump ABI to 6.
+
+ -- dann frazier <dannf at debian.org>  Tue, 22 Jan 2008 10:07:04 -0700
+
+linux-2.6 (2.6.18.dfsg.1-17) stable; urgency=high
+
+  * [futex] Fix address computation in compat code, fixing hangs
+    on sparc64. (closes: #433187)
+  * [x86_64] Mask the NX bit in mk_pte_phys to avoid triggering a RSVD type
+    page fault on non-NX capable systems which causes a crash.
+    (closes: #414742)
+  * [fusion] Avoid holding the device busy for too long in the low level
+    driver, which was causing filesystems in VMWare guests to get remounted
+    read-only under load. (closes: #453120)
+  * Add UNUSUAL_DEV entries for supertop usb drives which require the
+    IGNORE_RESIDUE flag. (closes: #455856)
+  * [sparc64] Enable CONFIG_USB_SERIAL (closes: #412740)
+
+ -- dann frazier <dannf at debian.org>  Fri, 21 Dec 2007 18:19:31 -0700
 
 linux-2.6 (2.6.18.dfsg.1-16) stable; urgency=high
 
@@ -51,6 +114,53 @@
 
  -- dann frazier <dannf at debian.org>  Mon, 17 Sep 2007 16:56:07 -0600
 
+linux-2.6 (2.6.18.dfsg.1-13etch6) stable-security; urgency=high
+
+  * bugfix/isdn-net-overflow.patch
+    [SECURITY] Fix potential overflows in the ISDN subsystem
+    See CVE-2007-6063
+  * bugfix/coredump-only-to-same-uid.patch
+    [SECURITY] Fix an issue where core dumping over a file that
+    already exists retains the ownership of the original file
+    See CVE-2007-6206
+  * bugfix/hrtimer-large-relative-timeouts-overflow.patch
+    [SECURITY] Avoid overflow in hrtimers due to large relative timeouts
+    See CVE-2007-5966
+  * bugfix/minixfs-printk-hang.patch
+    [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
+    filesystem that would otherwise cause a system to hang (printk storm)
+    See CVE-2006-6058
+  * bugfix/tmpfs-restore-clear_highpage.patch
+    [SECURITY] Fix a theoretical kernel memory leak in the tmpfs filesystem
+    See CVE-2007-6417
+
+ -- dann frazier <dannf at debian.org>  Tue, 18 Dec 2007 08:01:00 -0700
+
+linux-2.6 (2.6.18.dfsg.1-13etch5) stable-security; urgency=high
+
+  * bugfix/sysfs_readdir-NULL-deref-1.patch,
+    bugfix/sysfs_readdir-NULL-deref-2.patch,
+    bugfix/sysfs-fix-condition-check.patch
+    [SECURITY] Fix potential NULL pointer dereference which can lead to
+    a local DoS (kernel oops)
+    See CVE-2007-3104
+  * bugfix/ieee80211-underflow.patch
+    [SECURITY] Fix integer overflow in ieee80211 which makes it possible
+    for a malicious frame to crash a system using a driver built on top of
+    the Linux 802.11 wireless code.
+    See CVE-2007-4997
+  * bugfix/wait_task_stopped-hang.patch
+    [SECURITY] wait_task_stopped was incorrectly testing for TASK_TRACED -
+    check p->exit_state instead avoiding a potential system hang
+    See CVE-2007-5500
+  * bugfix/cifs-better-failed-mount-errors.patch,
+    bugfix/cifs-corrupt-server-response-overflow.patch
+    [SECURITY][CIFS] Fix multiple overflows that can be remotely triggered
+    by a server sending a corrupt response.
+    See CVE-2007-5904
+
+ -- dann frazier <dannf at debian.org>  Thu, 29 Nov 2007 08:33:39 -0700
+
 linux-2.6 (2.6.18.dfsg.1-13etch4) stable-security; urgency=high
 
   [ Bastian Blank ]

Modified: people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/amd64/defines
==============================================================================
--- people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/amd64/defines	(original)
+++ people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/amd64/defines	Mon Feb 11 18:24:19 2008
@@ -1,3 +1,6 @@
+[base]
+kernel-arch: x86_64
+
 [xen_base]
 enabled: true
 

Modified: people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/defines
==============================================================================
--- people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/defines	(original)
+++ people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/defines	Mon Feb 11 18:24:19 2008
@@ -1,5 +1,5 @@
 [abi]
-abiname: xen-3.1-1
+abiname: xen-3.1-2
 
 [base]
 arches:
@@ -23,6 +23,7 @@
 [xen]
 dom0-support: true
 versions:
+ 3.2-1
  3.1-1
  3.0.4-1
 

Added: people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/i386/defines
==============================================================================
--- (empty file)
+++ people/waldi/xen-extra/linux-2.6.18-xen-3/debian/config-update/i386/defines	Mon Feb 11 18:24:19 2008
@@ -0,0 +1,2 @@
+[base]
+kernel-arch: i386

