fai-kernels (1.9.1sarge7) oldstable; urgency=low

  * Build against kerenl-tree-2.6.8-17

 -- dann frazier <dannf@debian.org>  Sat, 16 Jun 2007 07:05:53 -0600

fai-kernels (1.9.1sarge6) oldstable-security; urgency=high

  * NMU by the Security Team
  * Build against kernel-tree-2.6.8-10sarge7:
    * [ERRATA] smbfs-honor-mount-opts-2.dpatch
      Fix some regressions with respect to file types (e.g., symlinks)
      introduced by the fix for CVE-2006-5871 in 2.6.8-16sarge6
    * mincore_hang.dpatch
      [SECURITY] Fix a potential deadlock in mincore, thanks to Marcel
      Holtmann for the patch.
      See CVE-2006-4814
    * mincore-fixes.dpatch
      This patch includes a few fixes, necessary for mincore_hang.dpatch to
      apply cleanly.
    * dev_queue_xmit-error-path.dpatch
      [SECURITY] Correct an error path in dev_queue_xmit() to rebalance
      local_bh_enable() calls. Patch from Vasily Averin.
      See CVE-2006-6535
    * dvb-core-handle-0-length-ule-sndu.dpatch
      [SECURITY] Avoid sending invalid ULE packets which may not properly
      handled by the receiving side triggering a crash. This is a backport
      of the patch that went into 2.6.17.y. It would be better to fix the
      receiving end, but no patch for the era kernel has been developed yet.
      See CVE-2006-4623
    * bluetooth-capi-size-checks.dpatch
      [SECURITY] Add additional length checks to avoid potential remote
      DoS attacks in the handling of CAPI messages in the bluetooth driver
      See CVE-2006-6106
    * __find_get_block_slow-race.dpatch
      [SECURITY] Fix infinite loop in __find_get_block_slow that can
      be triggered by mounting and accessing a malicious iso9660 or NTFS
      filesystem
      See CVE-2006-5757, CVE-2006-6060
    * listxattr-mem-corruption.dpatch
      [SECURITY] Fix userspace corruption vulnerability caused by
      incorrectly promoted return values in bad_inode_ops
      This patches changes the kernel ABI.
      See CVE-2006-5753
    * aio-fix-nr_pages-init.dpatch
      [SECURITY] Fix initialization of info->nr_pages in aio_setup_ring() to
      avoid a race that can lead to a system crash
      See CVE-2006-5754
    * unmap_hugepage_area-check-null-pte.dpatch
      [SECURITY] Fix a potential DoS (crash) in unmap_hugepage_area().
      No kernel-image builds appear to compile this code, so this fix is only
      for users that compile their own kernels with the Debian source and
      enable/use huge pages.
      See CVE-2005-4811
    * ext3-fsfuzz.dpatch
      [SECURITY] Fix a DoS vulnerability that can be triggered by a local
      user with the ability to mount a corrupted ext3 filesystem
      See CVE-2006-6053
    * hfs-no-root-inode.dpatch
      [SECURITY] Fix bug in HFS where hfs_fill_super returns success even
      if no root inode is found. On an SELinux-enabled system, this can
      be used to trigger a local DoS. Debian does not enable SELinux by
      default.
      See CVE-2006-6056
    * ipv6_fl_socklist-no-share.dpatch
      [SECURITY] Fix local DoS vulnerability caused by inadvertently sharing
      ipv6_fl_socklist between the listening socket and the socket created
      for connection.
      See CVE-2007-1592
    * core-dump-unreadable-PT_INTERP.dpatch
      [SECURITY] Fix a vulnerability that allows local users to read
      otherwise unreadable (but executable) files by triggering a core dump.
      See CVE-2007-0958
    * appletalk-length-mismatch.dpatch
      [SECURITY] Fix a remote DoS (crash) in appletalk
      Depends upon appletalk-endianness-annotations.dpatch
      See CVE-2007-1357

 -- dann frazier <dannf@debian.org>  Tue, 29 May 2007 18:09:51 -0600

fai-kernels (1.9.1sarge5) stable-security; urgency=low

  * NMU by the Security Team
  * Build against kernel-tree-2.4.27-10sarge5:
    * 233_ia64-sparc-cross-region-mappings.diff
      [SECURITY] Prevent cross-region mappings on ia64 and sparc which
      could be used in a local DoS attack (system crash)
      See CVE-2006-4538
    * 234_atm-clip-freed-skb-deref.diff
      [SECURITY] Avoid dereferencing an already freed skb, preventing a
      potential remote DoS (system crash) vector
      See CVE-2006-4997
    * 235_ppc-alignment-exception-table-check.diff
      [SECURITY][ppc] Avoid potential DoS which can be triggered by some
      futex ops
      See CVE-2006-5649
    * 236_s390-uaccess-memleak.diff
      [SECURITY][s390] Fix memory leak in copy_from_user by clearing the
      remaining bytes of the kernel buffer after a fault on the userspace
      address in copy_from_user()
      See CVE-2006-5174
    * 237_smbfs-honor-mount-opts.diff
      Honor uid, gid and mode mount options for smbfs even when unix extensions
      are enabled (closes: #310982)
      See CVE-2006-5871
    * 238_ppc-hid0-dos.diff
      [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on
      PPC970 at boot time
      See CVE-2006-4093
  * Build against kernel-tree-2.6.8-16sarge6:
    * perfmon-fd-refcnt.dpatch
      [SECURITY][ia64] Fix file descriptor leak in perfmonctl
      system call which could be used as a local denial of service attack
      by depleting the system of file descriptors
      See CVE-2006-3741
    * ia64-sparc-cross-region-mappings.dpatch
      [SECURITY] Prevent cross-region mappings on ia64 and sparc which
      could be used in a local DoS attack (system crash)
      See CVE-2006-4538
    * __block_prepare_write-recovery.dpatch
      [SECURITY] Fix an information leak in __block_prepare_write()
      See CVE-2006-4813
    * atm-clip-freed-skb-deref.dpatch
      [SECURITY] Avoid dereferencing an already freed skb, preventing a
      potential remote DoS (system crash) vector
      See CVE-2006-4997
    * ip6_flowlabel-lockup.dpatch
      [SECURITY] Fix local DoS attack vector (lockups, oopses) in the
      sequence handling for /proc/net/ip6_flowlabel
      See CVE-2006-5619
    * ppc-alignment-exception-table-check.dpatch
      [SECURITY][ppc] Avoid potential DoS which can be triggered by some
      futex ops
      See CVE-2006-5649
    * s390-uaccess-memleak.dpatch
      [SECURITY][s390] Fix memory leak in copy_from_user by clearing the
      remaining bytes of the kernel buffer after a fault on the userspace
      address in copy_from_user()
      See CVE-2006-5174
    * smbfs-honor-mount-opts.dpatch
      Honor uid, gid and mode mount options for smbfs even when unix extensions
      are enabled
      See CVE-2006-5871
    * bridge-get_fdb_entries-overflow.dpatch
      Protect against possible overflow in get_fdb_entries
      See CVE-2006-5751

 -- dann frazier <dannf@debian.org>  Thu,  7 Dec 2006 10:11:45 -0700

fai-kernels (1.9.1sarge4) stable-security; urgency=high

  * NMU by the Security Team
  * Build against kernel-tree-2.6.8-16sarge5:
    * [ERRATA] madvise_remove-restrict.dpatch
      [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with
      CVE-2006-1524. However, this patch fixes an mprotect issue that was
      split off from the original report into CVE-2006-2071. 2.6.8 is not
      vulnerable to CVE-2006-1524 the madvise_remove issue.
      See CVE-2006-2071
    * fs-ext3-bad-nfs-handle.dpatch
      [SECURITY] James McKenzie discovered a Denial of Service vulnerability
      in the NFS driver. When exporting an ext3 file system over NFS, a remote
      attacker could exploit this to trigger a file system panic by sending
      a specially crafted UDP packet.
      See CVE-2006-3468
    * direct-io-write-mem-leak.dpatch
      [SECURITY] Fix memory leak in O_DIRECT write.
      See CVE-2004-2660
    * nfs-handle-long-symlinks.dpatch
      [SECURITY] Fix buffer overflow in NFS readline handling that allows a
      remote server to cause a denial of service (crash) via a long symlink
      See CVE-2005-4798
    * cdrom-bad-cgc.buflen-assign.dpatch
      [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
      be used by a local user to trigger a buffer overflow via a specially
      crafted DVD, USB stick, or similar automatically mounted device.
      See CVE-2006-2935
    * usb-serial-ftdi_sio-dos.patch
      [SECURITY] fix userspace DoS in ftdi_sio driver
      See CVE-2006-2936
    * selinux-tracer-SID-fix.dpatch
      [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
      users from changing the tracer SID to the SID of another process
      See CVE-2006-1052
    * netfilter-SO_ORIGINAL_DST-leak.dpatch
      [SECURITY] Fix information leak in SO_ORIGINAL_DST
      See CVE-2006-1343
    * sg-no-mmap-VM_IO.dpatch
      [SECURITY] Fix DoS vulnerability whereby a local user could attempt
      a dio/mmap and cause the sg driver to oops.
      See CVE-2006-1528
    * exit-bogus-bugon.dpatch
      [SECURITY] Remove bogus BUG() in exit.c which could be maliciously
      triggered by a local user
      See CVE-2006-1855
    * readv-writev-missing-lsm-check.dpatch,
      readv-writev-missing-lsm-check-compat.dpatch
      [SECURITY] Add missing file_permission callback in readv/writev syscalls
      See CVE-2006-1856
    * snmp-nat-mem-corruption-fix.dpatch
      [SECURITY] Fix memory corruption in snmp_trap_decode
      See CVE-2006-2444
    * kfree_skb-race.dpatch
      [SECURITY] Fix race between kfree_skb and __skb_unlink
      See CVE-2006-2446
    * hppa-mb-extraneous-semicolon.dpatch,
      sparc32-mb-extraneous-semicolons.dpatch,
      sparc64-mb-extraneous-semicolons.dpatch:
      Fix a syntax error caused by extranous semicolons in smp_mb() macros
      which resulted in a build failure with kfree_skb-race.dpatch
    * sctp-priv-elevation.dpatch
      [SECURITY] Fix SCTP privelege escalation
      See CVE-2006-3745
    * sctp-priv-elevation-2.dpatch
      [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch
      See CVE-2006-4535
    * ppc-hid0-dos.dpatch
      [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on
      PPC970 at boot time
      See CVE-2006-4093
    * udf-deadlock.dpatch
      [SECURITY] Fix possible UDF deadlock and memory corruption
      See CVE-2006-4145
  * Build against kernel-tree-2.4.27-10sarge4
    * [ERRATA] 213_madvise_remove-restrict.diff
      [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with
      CVE-2006-1524. However, this patch fixes an mprotect issue that was
      split off from the original report into CVE-2006-2071. 2.4.27 is not
      vulnerable to CVE-2006-1524 the madvise_remove issue.
      See CVE-2006-2071
    * 223_nfs-handle-long-symlinks.diff
      [SECURITY] Fix buffer overflow in NFS readline handling that allows a
      remote server to cause a denial of service (crash) via a long symlink
      See CVE-2005-4798
    * 224_cdrom-bad-cgc.buflen-assign.diff
      [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially
      be used by a local user to trigger a buffer overflow via a specially
      crafted DVD, USB stick, or similar automatically mounted device.
      See CVE-2006-2935
    * 225_sg-no-mmap-VM_IO.diff
      [SECURITY] Fix DoS vulnerability whereby a local user could attempt
      a dio/mmap and cause the sg driver to oops.
      See CVE-2006-1528
    * 226_snmp-nat-mem-corruption-fix.diff
      [SECURITY] Fix memory corruption in snmp_trap_decode
      See CVE-2006-2444
    * 227_kfree_skb.diff
      [SECURITY] Fix race between kfree_skb and __skb_unlink
      See CVE-2006-2446
    * 228_sparc-mb-extraneous-semicolons.diff
      Fix a syntax error caused by extranous semicolons in smp_mb() macros
      which resulted in a build failure with 227_kfree_skb.diff
    * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
      [SECURITY] Fix SCTP privelege escalation
      See CVE-2006-3745
    * 231_udf-deadlock.diff
      [SECURITY] Fix possible UDF deadlock and memory corruption
      See CVE-2006-4145
    * 232_sparc-membar-extraneous-semicolons.diff
      Fix an additional syntax error caused by extraneous semicolons
      in membar macros on sparc

 -- dann frazier <dannf@debian.org>  Thu, 14 Sep 2006 23:49:06 -0600

fai-kernels (1.9.1sarge3) stable-security; urgency=high

  * NMU by the Security Team
  * Build against kernel-tree-2.6.8-16sarge4
    * proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
      [SECURITY] Fix local root vulnerability caused by a race in proc
      See CVE-2006-3626

 -- dann frazier <dannf@debian.org>  Mon, 17 Jul 2006 18:48:10 -0600

fai-kernels (1.9.1sarge2) stable-security; urgency=high

  * NMU by the Security Team
  * Build against kernel-tree-2.4.27-10sarge3:
    * 207_smbfs-chroot-escape.diff
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1864
    * 208_ia64-die_if_kernel-returns.diff
      [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
      an incorrect 'noreturn' attribute on die_if_kernel()
      See CVE-2006-0742
    * 209_sctp-discard-unexpected-in-closed.diff
      [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
      received in CLOSED state instead of calling BUG()
      See CVE-2006-2271
    * 210_ipv4-id-no-increment.diff
      [SECURITY] Fix vulnerability that allows remote attackers to conduct an
      Idle Scan attack, bypassing intended protections against such attacks
      See CVE-2006-1242
    * 211_usb-gadget-rndis-bufoverflow.diff
      [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation
      that allows for a remote DoS attack (kmalloc'd memory corruption)
      See CVE-2006-1368
    * 212_ipv4-sin_zero_clear.diff
      [SECURITY] Fix local information leak in af_inet code
      See CVE-2006-1343
    * 213_madvise_remove-restrict.diff
      [SECURITY] Fix vulnerability that allows local users to bypass IPC
      permissions and replace portions of read-only tmpfs files with zeroes.
      See CVE-2006-1524
    * 214_mcast-ip-route-null-deref.diff
      [SECURITY] Fix local DoS vulnerability that allows local users to panic
      a system by requesting a route for a multicast IP
      See CVE-2006-1525
    * 215_sctp-fragment-recurse.diff
      [SECURITY] Fix remote DoS vulnerability that can lead to infinite
      recursion when a packet containing two or more DATA fragments is received
      See CVE-2006-2274
    * 216_sctp-fragmented-receive-fix.diff
      [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
      COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
      See CVE-2006-2272
    * 217_amd64-fp-reg-leak.diff
      [SECURITY][amd64] Fix an information leak that allows a process to see
      a portion of the floating point state of other processes, possibly
      exposing sensitive information.
      See CVE-2006-1056
    * 218_do_add_counters-race.diff
      [SECURITY] Fix race condition in the do_add_counters() function in
      netfilter that allows local users with CAP_NET_ADMIN capabilities to
      read kernel memory
      See CVE-2006-0039
    * 219_sctp-hb-ack-overflow.diff
      [SECURITY] Fix a remote buffer overflow that can result from a badly
      formatted HB-ACK chunk
      See CVE-2006-1857
    * 220_sctp-param-bound-checks.diff
      [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
      checking code
      See CVE-2006-1858
    * 221_netfilter-do_replace-overflow.diff
      [SECURITY] Fix buffer overflow in netfilter do_replace which can could
      be triggered by users with CAP_NET_ADMIN rights.
      See CVE-2006-0038
    * 222_binfmt-bad-elf-entry-address.diff
      [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
      code on em64t processors
      See CVE-2006-0741
  * Build against kernel-tree-2.6.8-16sarge3:
    * net-protocol-mod-refcounts-pre.dpatch, net-protocol-mod-refcounts.dpatch
      [SECURITY] Fix potential DoS (panic) cause by inconsistent reference
      counting in network protocol modules.
      See CVE-2005-3359
    * netfilter-do_replace-overflow.dpatch
      [SECURITY] Fix buffer overflow in netfilter do_replace which can could
      be triggered by users with CAP_NET_ADMIN rights.
      See CVE-2006-0038
    * sys_mbind-sanity-checking.dpatch
      [SECURITY] Make sure maxnodes is safe size before calculating nlongs in
      get_nodes() to prevent a local DoS vulnerability.
      See CVE-2006-0557
    * smbfs-chroot-escape.dpatch
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1864
    * perfmon-exit-race.dpatch
      [SECURITY][ia64] Fix local denial of service vulnerability (oops) in
      the ia64 perfmon subsystem
      See CVE-2006-0558
    * ia64-die_if_kernel-returns.dpatch
      [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
      an incorrect 'noreturn' attribute on die_if_kernel()
      See CVE-2006-0742
    * smbfs-chroot-escape.dpatch
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1863
    * binfmt-bad-elf-entry-address.dpatch
      [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
      code on em64t processors
      See CVE-2006-0741
    * em64t-uncanonical-return-addr.dpatch
      [SECURITY][amd64] Fix local DoS vulnerability on em64t systems that
      arises when returning program control using SYSRET
      See CVE-2006-0744
    * sctp-discard-unexpected-in-closed.dpatch
      [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
      received in CLOSED state instead of calling BUG()
      See CVE-2006-2271
    * ipv4-id-no-increment.dpatch
      [SECURITY] Fix vulnerability that allows remote attackers to conduct an
      Idle Scan attack, bypassing intended protections against such attacks
      See CVE-2006-1242
    * usb-gadget-rndis-bufoverflow.dpatch
      [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation that
      allows for a remote DoS attack (kmalloc'd memory corruption)
      See CVE-2006-1368
    * group_complete_signal-BUG_ON.dpatch
      [SECURITY] Fix improper use of BUG_ON in __group_complete_signal()
      See CVE-2006-1523
    * madvise_remove-restrict.dpatch
      [SECURITY] Fix vulnerability that allows local users to bypass IPC
      permissions and replace portions of read-only tmpfs files with zeroes.
      See CVE-2006-1524
    * mcast-ip-route-null-deref.dpatch
      [SECURITY] Fix local DoS vulnerability that allows local users to panic
      a system by requesting a route for a multicast IP
      See CVE-2006-1525
    * sctp-fragment-recurse.dpatch
      [SECURITY] Fix remote DoS vulnerability that can lead to infinite
      recursion when a packet containing two or more DATA fragments is received
      See CVE-2006-2274
    * sctp-fragmented-receive-fix.dpatch
      [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
      COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
      See CVE-2006-2272
    * amd64-fp-reg-leak-dep[1-3].dpatch, amd64-fp-reg-leak.dpatch
      [SECURITY][amd64] Fix an information leak that allows a process to see
      a portion of the floating point state of other processes, possibly
      exposing sensitive information.
      See CVE-2006-1056
    * do_add_counters-race.dpatch
      [SECURITY] Fix race condition in the do_add_counters() function in
      netfilter that allows local users with CAP_NET_ADMIN capabilities to
      read kernel memory
      See CVE-2006-0039
    * s390-strnlen_user-return.dpatch
      [SECURITY][s390] Fix local DoS on s390 that may result from strnlen_user
      returning a value that is too large
      See CVE-2006-0456
    * xfs-ftruncate-leak.dpatch
      [SECURITY] Fix leak in the ftruncate call in the XFS filesystem that may
      permit local users to view sensitive information
      See CVE-2006-0554
    * nfs-another-O_DIRECT-fix.dpatch
      [SECURITY] Fix a potential local DoS vulnerability in the NFS O_DIRECT
      code
      See CVE-2006-0555
    * sctp-hb-ack-overflow.dpatch
      [SECURITY] Fix a remote buffer overflow that can result from a badly
      formatted HB-ACK chunk
      See CVE-2006-1857
    * sctp-param-bound-checks.dpatch
      [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
      checking code
      See CVE-2006-1858

 -- dann frazier <dannf@debian.org>  Sat, 10 Jun 2006 12:12:24 -0600

fai-kernels (1.9.1sarge1) stable-security; urgency=high

  * NMU by the Security Team
  * Rebuild against kernel-tree-2.6.8-16sarge2 and kernel-tree-2.4.27-10sarge2
  * Don't export PATCH_THE_KERNEL=Yes - the kernel-source is already patched
  * Add build-dep on module-init-tools

 -- dann frazier <dannf@debian.org>  Mon, 27 Feb 2006 20:32:09 -0700

fai-kernels (1.9.1) unstable; urgency=high

  * recompile with new kernel sources
  * use kernel-tree-2.6.8-16 and kernel-tree-2.4.27-10

 -- Thomas Lange <lange@debian.org>  Tue, 31 May 2005 14:33:16 +0200

fai-kernels (1.9) unstable; urgency=high

  * provide kernel patchlevel in Build-depends to easier track security
    issues (closes: #297811)
  * build-depends on kernel-tree packges with abi version number
  * added README.security-updates, README.non-i386
  * prepare the rules files to support powerpc
  * added powerpc-kernel-configs
  * rules: set PATCH_THE_KERNEL=YES, so kernel-sources will be patched

 -- Thomas Lange <lange@debian.org>  Fri,  8 Apr 2005 16:05:45 +0200

fai-kernels (1.8.2) unstable; urgency=low

  * add SATA support for 2.4 kernel (closes: 286854)
  * add IA32_EMULATION (only usefull on x86-64)
  * disable math emulation to make kernel fit on a floppy (for 2.6 kernel)
  * ps2 mouse and serial mouse as module, disable autofs support (2.6 kernel)
  * rules: include file versions which sets the variables kversion and
    kversion24
  * disable HAMACHI and ARCNET in both kernel configs
  * enable options which are needed for fai bootcd kernel
  * use gcc 3.3.5 for compilation
  
 -- Thomas Lange <lange@debian.org>  Fri,  7 Jan 2005 11:58:37 +0100

fai-kernels (1.8.1) unstable; urgency=low

  * add POSIX ACL support for 2.4 kernel (closes: #279871)
  * add ReiserFS ACL support for 2.6 kernel

 -- Thomas Lange <lange@debian.org>  Tue,  9 Nov 2004 11:23:32 +0100

fai-kernels (1.8) unstable; urgency=medium

  * use kernel 2.4.27 and 2.6.8 (closes: #271244)
  * disable coda fs
  * added xfs for 2.4 kernel
  * added some network drivers
  * copy kernel config for 2.6 kernel to doc directory

 -- Thomas Lange <lange@debian.org>  Mon, 13 Sep 2004 11:20:35 +0200

fai-kernels (1.7.1) unstable; urgency=low

  * add Promise IDE drivers
  * add SATA drivers to 2.6 kernel

 -- Thomas Lange <lange@debian.org>  Tue,  3 Aug 2004 21:14:22 +0200

fai-kernels (1.7) unstable; urgency=low

  * use 2.4.26 kernel
  * add config for 2.6.7 kernel
  * add aic79xx scsi driver (closes: #241278)
  * control: reformat extended description

 -- Thomas Lange <lange@debian.org>  Thu, 22 Jul 2004 13:49:50 +0200

fai-kernels (1.6) unstable; urgency=low

  * use 2.4.24 kernel
  * rules: add --append-to-version, copy kernel config to doc directory,
    move value of DH_COMPAT in rules to new compat file
  * fai-kernel-config-2.4: add 3Com typhoon drivers, remove some PCMCIA
    drivers, enable highmem support
  * file kernel-version removed, set version in debian/rules
  
 -- Thomas Lange <lange@debian.org>  Tue,  3 Feb 2004 15:47:46 +0100

fai-kernels (1.5.3) unstable; urgency=low

  * add dependency on modutils (closes: #190895)

 -- Thomas Lange <lange@debian.org>  Tue, 29 Apr 2003 15:59:15 +0200

fai-kernels (1.5.2) unstable; urgency=high

  * kernel configuration now build with make oldconfig instead of
    make menuconfig (closes: #188633)
  * dependency on libncurses5-dev is not needed any more
  * add NEWS file
  
 -- Thomas Lange <lange@debian.org>  Wed, 23 Apr 2003 14:46:58 +0200

fai-kernels (1.5.1) unstable; urgency=low

  * add more network drivers for gigabit cards
  * README: list some network card drivers and their size, if someone need
    more space on the boot floppy

 -- Thomas Lange <lange@debian.org>  Mon,  7 Apr 2003 11:08:09 +0200

fai-kernels (1.5) unstable; urgency=low

  * use 2.4.20 kernel
  * debian/rules: build target only builds kernel version 2.4.x
  * debian/control: remove dependency on kernel-source-2.2.20
  * remove frame buffer support (and the penguin logo)
  * SCSI and IDE drivers are only availavle as modules
  * build target does not need root privileges (closes: #167102)
  * add build dependencies in control file
  * use new Intel NIC drivers, add tulip NIC driver
  * remove NFS server and quota support
  * ext2, loop, floppy now as modules
  * use even more kernel modules to reduce the size of the kernel image
  * disable FDDI drivers
  
 -- Thomas Lange <lange@debian.org>  Thu,  6 Feb 2003 15:53:45 +0100

fai-kernels (1.4) unstable; urgency=medium

  * remove setting of DEB_HOST_ARCH in rules file (closes: #146107)
  * add build-depends on bin86
  * merge the two 2.2.20 kernels to one that support both BOOTP and DHCP
  * override obsolete 1.3 version of this package, but add 2.4 kernel support

 -- Thomas Lange <lange@debian.org>  Thu, 16 May 2002 14:30:34 +0200

fai-kernels (1.3) unstable; urgency=low

  * add README to the Debian package
  * add info how to compile a 2.4.X kernel
  * new kernel-config-2.4 file
  * kernel 2.4.18 included in package
  
 -- Thomas Lange <lange@debian.org>  Wed,  8 May 2002 12:58:16 +0200

fai-kernels (1.2) unstable; urgency=low

  * update for kernel 2.2.20

 -- Thomas Lange <lange@debian.org>  Thu, 11 Apr 2002 11:45:47 +0200

fai-kernels (1.1.5) unstable; urgency=low

  * package depends on kernel-source-2.2.19 (closes: #133584)
  * use RTL8139TOO ethernet driver instead of RTL8139
  * added via-rhine ethernet driver
  
 -- Thomas Lange <lange@debian.org>  Mon, 18 Feb 2002 14:59:55 +0100

fai-kernels (1.1.4) unstable; urgency=low

  * add build-depends (closes: #123716)
  * don't use option I with tar, instead use a pipe and bzcat
  * Standards update to 3.5.6

 -- Thomas Lange <lange@debian.org>  Wed,  2 Jan 2002 15:08:13 +0100

fai-kernels (1.1.3) unstable; urgency=low

  * added driver for Promise IDE controlle (needs kernel boot parameter)

 -- Thomas Lange <lange@debian.org>  Fri, 16 Nov 2001 13:48:46 +0100

fai-kernels (1.1.2) unstable; urgency=low

  * kernel configuration slightly changed
  * added serial console support

 -- Thomas Lange <lange@debian.org>  Thu,  4 Oct 2001 13:01:46 +0200

fai-kernels (1.1.1) unstable; urgency=low

  * Build-Depends to kernel-source without version number (closes:
    #102040, #98117)

 -- Thomas Lange <lange@debian.org>  Mon, 23 Jul 2001 11:19:59 +0200

fai-kernels (1.1) unstable; urgency=low

  * first upload to Debian archive
  * Support for kernel 2.2.19
  * enhanced documentation
  
 -- Thomas Lange <lange@debian.org>  Tue,  8 May 2001 16:22:46 +0200

fai-kernels (1.0) unstable; urgency=low

  * Initial Release.

 -- Thomas Lange <lange@debian.org>  Wed, 29 Nov 2000 17:25:29 +0100


