kernel-image-2.6.8-m68k (2.6.8-4sarge4) stable-security; urgency=high

  * Build against kernel-tree-2.6.8-16sarge4:
    * proc-environ-race-1.dpatch, proc-environ-race-2.dpatch
      [SECURITY] Fix local root vulnerability caused by a race in proc
      See CVE-2006-3626

 -- dann frazier <dannf@debian.org>  Sun, 16 Jul 2006 23:37:19 -0600

kernel-image-2.6.8-m68k (2.6.8-4sarge3) stable-security; urgency=high

  * Build against kernel-tree-2.4.27-10sarge3:
    * 207_smbfs-chroot-escape.diff
      [SECURITY] Fix directory traversal vulnerability in smbfs that permits
      local users to escape chroot restrictions
      See CVE-2006-1864
    * 208_ia64-die_if_kernel-returns.diff
      [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by
      an incorrect 'noreturn' attribute on die_if_kernel()
      See CVE-2006-0742
    * 209_sctp-discard-unexpected-in-closed.diff
      [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks
      received in CLOSED state instead of calling BUG()
      See CVE-2006-2271
    * 210_ipv4-id-no-increment.diff
      [SECURITY] Fix vulnerability that allows remote attackers to conduct an
      Idle Scan attack, bypassing intended protections against such attacks
      See CVE-2006-1242
    * 211_usb-gadget-rndis-bufoverflow.diff
      [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation
      that allows for a remote DoS attack (kmalloc'd memory corruption)
      See CVE-2006-1368
    * 212_ipv4-sin_zero_clear.diff
      [SECURITY] Fix local information leak in af_inet code
      See CVE-2006-1343
    * 213_madvise_remove-restrict.diff
      [SECURITY] Fix vulnerability that allows local users to bypass IPC
      permissions and replace portions of read-only tmpfs files with zeroes.
      See CVE-2006-1524
    * 214_mcast-ip-route-null-deref.diff
      [SECURITY] Fix local DoS vulnerability that allows local users to panic
      a system by requesting a route for a multicast IP
      See CVE-2006-1525
    * 215_sctp-fragment-recurse.diff
      [SECURITY] Fix remote DoS vulnerability that can lead to infinite
      recursion when a packet containing two or more DATA fragments is received
      See CVE-2006-2274
    * 216_sctp-fragmented-receive-fix.diff
      [SECURITY] Fix remote DoS vulnerability that allows IP fragmented
      COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
      See CVE-2006-2272
    * 217_amd64-fp-reg-leak.diff
      [SECURITY][amd64] Fix an information leak that allows a process to see
      a portion of the floating point state of other processes, possibly
      exposing sensitive information.
      See CVE-2006-1056
    * 218_do_add_counters-race.diff
      [SECURITY] Fix race condition in the do_add_counters() function in
      netfilter that allows local users with CAP_NET_ADMIN capabilities to
      read kernel memory
      See CVE-2006-0039
    * 219_sctp-hb-ack-overflow.diff
      [SECURITY] Fix a remote buffer overflow that can result from a badly
      formatted HB-ACK chunk
      See CVE-2006-1857
    * 220_sctp-param-bound-checks.diff
      [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter
      checking code
      See CVE-2006-1858
    * 221_netfilter-do_replace-overflow.diff
      [SECURITY] Fix buffer overflow in netfilter do_replace which can could
      be triggered by users with CAP_NET_ADMIN rights.
      See CVE-2006-0038
    * 222_binfmt-bad-elf-entry-address.diff
      [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
      code on em64t processors
      See CVE-2006-0741

 -- dann frazier <dannf@debian.org>  Wed, 31 May 2006 17:05:18 -0600

kernel-image-2.6.8-m68k (2.6.8-4sarge2) stable-security; urgency=high

  * Build against kernel-tree-2.6.8-16sarge2

 -- Christian T. Steigies <cts@debian.org>  Sat, 11 Feb 2006 10:39:52 +0100

kernel-image-2.6.8-m68k (2.6.8-4sarge1) stable-security; urgency=high

  * rebuild with kernel-tree-2.6.8 (2.6.8-16sarge1)

 -- Christian T. Steigies <cts@debian.org>  Wed, 23 Nov 2005 11:58:06 +0100

kernel-image-2.6.8-m68k (2.6.8-4) unstable; urgency=high

  * rebuild with the latest kernel-source (2.6.8-14), but build-dep on
    kernel-tree-2.6.8-13 to keep ABI compatibility
  * use a few ideas from i386 kernel-image package for selecting config 
    and to determine kernel-tree version
  * this needs to go into sarge so that m68k kernel-images can be rebuilt
    from sarge sources

 -- Christian T. Steigies <cts@debian.org>  Fri, 18 Mar 2005 11:49:13 +0100

kernel-image-2.6.8-m68k (2.6.8-3) unstable; urgency=low

  * rebuild with kernel-source-2.6.8-12

 -- Christian T. Steigies <cts@debian.org>  Tue, 11 Jan 2005 20:07:30 +0100

kernel-image-2.6.8-m68k (2.6.8-2) unstable; urgency=low

  * do not build-depend on gcc-2.95

 -- Christian T. Steigies <cts@debian.org>  Sat,  4 Dec 2004 22:10:58 +0100

kernel-image-2.6.8-m68k (2.6.8-1) unstable; urgency=low

  * Initial release.

 -- Christian T. Steigies <cts@debian.org>  Thu, 19 Aug 2004 14:14:02 +0200
