kernel-image-2.4.27-arm (2.4.27-2sarge3) stable-security; urgency=high

  * Build against kernel-tree-2.4.27-10sarge3:
    * 207_smbfs-chroot-escape.diff
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1864
    * 208_ia64-die_if_kernel-returns.diff
      [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
      an incorrect 'noreturn' attribute on die_if_kernel()
      See CVE-2006-0742
    * 209_sctp-discard-unexpected-in-closed.diff
      [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
      received in CLOSED state instead of calling BUG()
      See CVE-2006-2271
    * 210_ipv4-id-no-increment.diff
      [SECURITY] Fix vulnerability that allows remote attackers to conduct an
      Idle Scan attack, bypassing intended protections against such attacks
      See CVE-2006-1242
    * 211_usb-gadget-rndis-bufoverflow.diff
      [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation
      that allows for a remote DoS attack (kmalloc'd memory corruption)
      See CVE-2006-1368
    * 212_ipv4-sin_zero_clear.diff
      [SECURITY] Fix local information leak in af_inet code
      See CVE-2006-1343
    * 213_madvise_remove-restrict.diff
      [SECURITY] Fix vulnerability that allows local users to bypass IPC
      permissions and replace portions of read-only tmpfs files with zeroes.
      See CVE-2006-1524
    * 214_mcast-ip-route-null-deref.diff
      [SECURITY] Fix local DoS vulnerability that allows local users to panic
      a system by requesting a route for a multicast IP
      See CVE-2006-1525
    * 215_sctp-fragment-recurse.diff
      [SECURITY] Fix remote DoS vulnerability that can lead to infinite
      recursion when a packet containing two or more DATA fragments is received
      See CVE-2006-2274
    * 216_sctp-fragmented-receive-fix.diff
      [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
      COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
      See CVE-2006-2272
    * 217_amd64-fp-reg-leak.diff
      [SECURITY][amd64] Fix an information leak that allows a process to see
      a portion of the floating point state of other processes, possibly
      exposing sensitive information.
      See CVE-2006-1056
    * 218_do_add_counters-race.diff
      [SECURITY] Fix race condition in the do_add_counters() function in
      netfilter that allows local users with CAP_NET_ADMIN capabilities to
      read kernel memory
      See CVE-2006-0039
    * 219_sctp-hb-ack-overflow.diff
      [SECURITY] Fix a remote buffer overflow that can result from a badly
      formatted HB-ACK chunk
      See CVE-2006-1857
    * 220_sctp-param-bound-checks.diff
      [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
      checking code
      See CVE-2006-1858
    * 221_netfilter-do_replace-overflow.diff
      [SECURITY] Fix buffer overflow in netfilter do_replace which can could
      be triggered by users with CAP_NET_ADMIN rights.
      See CVE-2006-0038
    * 222_binfmt-bad-elf-entry-address.diff
      [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
      code on em64t processors
      See CVE-2006-0741

 -- dann frazier <dannf@debian.org>  Mon, 29 May 2006 17:13:43 -0600

kernel-image-2.4.27-arm (2.4.27-2sarge2) stable-security; urgency=high

  * Build against kernel-source-2.4.27 (2.4.27-10sarge2)

 -- dann frazier <dannf@debian.org>  Thu,  9 Feb 2006 00:54:44 -0700

kernel-image-2.4.27-arm (2.4.27-2sarge1) stable-security; urgency=high

  * Build against kernel-source-2.4.27 (2.4.27-10sarge1)
  * Build against kernel-patch-2.4.27-arm (2.4.27-1sarge1)
  * Add build dependency on gcc-2.95.  This packages FTBFS with the
    default compiler in sarge.  gcc-2.95 was used to build the
    sarge version of this package.

 -- dann frazier <dannf@debian.org>  Mon, 28 Nov 2005 21:44:43 -0700

kernel-image-2.4.27-arm (2.4.27-2) unstable; urgency=low

  * Rebuild to avoid bug #296443

 -- Vincent Sanders <vince@debian.org>  Tue, 22 Feb 2005 13:42:01 +0000

kernel-image-2.4.27-arm (2.4.27-1) unstable; urgency=low

  * Updated source package to fix issue with some bootloaders and their 
    inability to use non zImage tagged kernels.
  * Update netwinder config to use VESA VGA framebuffer driver

 -- Vincent Sanders <vince@debian.org>  Thu, 18 Nov 2004 12:35:28 +0000

kernel-image-2.4.27-arm (2.4.27) unstable; urgency=high

  * Initial 2.4.27 build from new source package
  * All kernel configs for new kernels taken from 2.4.26 images and
    updated as required.

 -- Vincent Sanders <vince@debian.org>  Thu, 19 Aug 2004 19:52:28 +0100
