SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for kernel-headers-2.6.19.1-1tr.i586.rpm :
Fri Dec 15 13:00:00 2006 Bipin S 2.6.19.1-1tr
- New upstream.
- SECURITY FIX: A vulnerability has been identified which could be
exploited by malicious users to bypass security restrictions.
This issue is due to an error in the \"do_coredump()\" [fs/exec.c]
function where the \"flag\" variable is set but never used, which
could be exploited by attackers to manipulate certain files.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-6304 to this issue.

Tue Dec 5 13:00:00 2006 Bipin S 2.6.19-1tr
- New upstream.
- Enabled mptsas driver.

Wed Nov 29 13:00:00 2006 Bipin S 2.6.17.14-2tr
- Module megaraid_sas added.

Tue Oct 17 14:00:00 2006 Bipin S 2.6.17.14-1tr
- New upstream.
- SECURITY FIX: A vulnerability has been identified due to an error
in the ULE (Unidirectional Lightweight Encapsulation) decapsulation
code [drivers/media/dvb/dvb-core/dvb_net.c] that does not properly
handle malformed packets with a SNDU (Sub Network Data Unit) length
of 0, which could be exploited by attackers to crash a vulnerable
system, creating a denial of service condition.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-4623 to this issue.

Thu Aug 24 14:00:00 2006 Bipin S 2.6.17.11-1tr
- New upstream.

Wed Aug 23 14:00:00 2006 Bipin S 2.6.17.10-1tr
- New upstream.
- SECURITY FIX: A vulnerability has been identified caused due to
an error in the SCTP module within the \"sctp_make_abort_user()\"
function and can be exploited to execute arbitrary code with
escalated privileges.

- A vulnerability has been identified in Linux Kernel, which is due
to an error in the Universal Disk Format (UDF) module when
truncating certain files, which could be exploited by malicious
users to panic a vulnerable system, creating a denial of service
condition.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-3745 and CVE-2006-4145 to this issue.

Wed Aug 9 14:00:00 2006 Bipin S 2.6.17.8-1tr
- New upstream.
- SECURITY FIX: Linux kernel 2.6.x, when using both NFS and EXT3,
allows remote attackers to cause a denial of service (file system
panic) via a crafted UDP packet with a V2 lookup procedure that
specifies a bad file handle (inode number), which triggers an error
and causes an exported directory to be remounted read-only.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-3468 to this issue.

Thu Jul 20 14:00:00 2006 Nived Gopalan 2.6.17.6-1tr
- New upstream.
- Upgraded 3ware 9xxx RAID driver, Bug #1823.
- SECURITY FIX: A vulnerability has been reported in the Linux kernel,
which can be exploited by malicious, local users to gain escalated
privileges. The vulnerability is caused due to a race condition in
\"/proc\" when changing file status. Successful exploitation allows
execution of arbitrary code with root privileges.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-3626 to this issue.

Mon Jul 3 14:00:00 2006 Bipin S 2.6.17.3-1tr
- New upstream.
- SECURITY FIX: SCTP conntrack (ip_conntrack_proto_sctp.c) in
netfilter allows remote attackers to cause a denial of service
(crash) via a packet without any chunks, which causes a variable
to contain an invalid value that is later used to dereference a
pointer.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-2934 to this issue.

Tue Jun 20 14:00:00 2006 Bipin S 2.6.17.1-1tr
- New upstream.
- Module qlogicfc successfully replaced with qla2xxx.
- Added scsi_transport_spi to initrd module list.
- SECURITY FIX: A race condition error in the \"posix-cpu-timers.c\"
script that does not prevent another CPU from attaching the timer
to an exiting process, which could be exploited by attackers to
cause a denial of service.
- Flaw due to errors in \"powerpc/kernel/signal_32.c\" and
\"powerpc/kernel/signal_32.c\", which could allow userspace to
provoke a machine check on 32-bit kernels.
- An infinite loop in \"netfilter/xt_sctp.c\", which could be exploited
by attackers to exhaust all available memory resources, creating
a denial of service condition.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-2445, CVE-2006-2448 and
CVE-2006-3085 to this issue.

Tue Jun 6 14:00:00 2006 Bipin S 2.6.16.20-1tr
- New upstream.

Wed May 31 14:00:00 2006 Bipin S 2.6.16.19-1tr
- SECURITY Fix: Pavel Kankovsky discovered that the getsockopt()
function, when called with an SO_ORIGINAL_DST argument, does not
properly clear the returned structure, so that a random piece of
kernel memory is exposed to the user. This could potentially
reveal sensitive data like passwords or encryption keys.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-1343 to this issue.

Tue May 23 14:00:00 2006 Bipin S 2.6.16.18-1tr
- SECURITY Fix: A race condition in the \"do_add_counters()\" function
in netfilter can be exploited by local users to read kernel memory
or cause the system to crash via a race condition that produces a
size value that is different from the size of the allocated memory.
- An input validation error in SCTP when processing a HB-ACK chunk
with a specially-crafted parameter length can be exploited to cause
out-of-bounds memory access. This can potentially cause the system
to crash.
- An error in SCTP chunk length calculation during parameter
processing can be exploited to cause out-of-bounds memory access.
This can potentially cause the system to crash.
- A vulnerability has been reported which is caused due to some errors
within the \"snmp_trap_decode()\" function when handling certain SNMP
packets. This can be exploited to cause memory corruption due to
incorrect freeing of memory, which can potentially cause the system
to crash.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-0039, CVE-2006-1857, CVE-2006-1858
and CVE-2006-2444 to these issue.

Mon May 15 14:00:00 2006 Bipin S 2.6.16.16-1tr
- SECURITY Fix: Memory leak in __setlease in fs/locks.c allows
attackers to cause a denial of service (memory consumption) via
unspecified actions related to an \"uninitialised return value,\"
aka \"slab leak.\"
- lease_init in fs/locks.c allows attackers to cause a denial of
service (fcntl_setlease lockup) via actions that cause lease_init
to free a lock that might not have been allocated on the stack.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-1859 and CVE-2006-1860 to these issue.

Wed May 10 14:00:00 2006 Bipin S 2.6.16.15-1tr
- SECURITY Fix: An error in the Stream Control Transmission Protocol
(SCTP) code that uses incorrect state table entries when certain
ECNE chunks are received in CLOSED state, could be exploited by
attackers to cause a kernel panic via a specially crafted packet.
- An error exist when handling incoming IP-fragmented SCTP control
chunks, which could be exploited by attackers to cause a kernel
panic via a specially crafted packet.
- Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (infinite recursion and crash) via a packet that contains
two or more DATA fragments, which causes an skb pointer to refer
back to itself when the full message is reassembled, leading to
infinite recursion in the sctp_skb_pull function
- Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (deadlock) via a large number of small messages to a receiver
application that cannot process the messages quickly enough, which
leads to \"spillover of the receive buffer.\"

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-2271, CVE-2006-2272, CVE-2006-2274 and
CVE-2006-2275 to these issue.

Tue May 9 14:00:00 2006 Bipin S 2.6.16.14-1tr
- SECURITY Fix: A vulnerability has been identified due to an input
validation error when processing arguments containing backslash
(\"\\\\\") characters passed to certain commands (e.g. \"cd\"),
which could be exploited by authenticated attackers to escape
chroot restrictions for a CIFS or SMBFS mounted filesystem.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1864 to this issue.

Thu May 4 14:00:00 2006 Nived Gopalan 2.6.16.13-1tr
- New Upstream.
- SECURITY Fix: A vulnerability has been reported in Linux Kernel, which
can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to missing checks on SCTP chunk sizes
in the SCTP-netfilter code and may result in an infinite loop exhausting
system resources.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1527 to this issue.

Tue Apr 25 14:00:00 2006 Bipin S 2.6.16.11-1tr
- New Upstream.
- SECURITY Fix: Directory traversal vulnerability in CIFS which allows
local users to escape chroot restrictions for an SMB-mounted filesystem
via \"..\\\\\" sequences.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1863 to this issue.

Wed Apr 19 14:00:00 2006 Bipin S 2.6.16.9-1tr
- SECURITY Fix: A vulnerability has been identified in Linux Kernel,
which could be exploited by local attackers to disclose sensitive
information. This flaw is due to an error where AMD K7/K8 CPUs
only saving/restoring the FOP/FIP/FDP x87 registers in FXSAVE when
an exception is pending, which could cause x87 instruction
information to be leaked between processes.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1056 to these issue.

Tue Apr 18 14:00:00 2006 Bipin S 2.6.16.8-1tr
- New Upstream.
- SECURITY Fix: A vulnerability has been identified in Linux Kernel,
which could be exploited by attackers to bypass security restrictions.
This flaw is due to errors in the \"ipc/shm.c\" and \"mm/madvise.c\" files
that do not properly validate shared memory permissions, which could
be exploited by attackers to gain write access to read-only \"tmpfs\"
files or shared memory via a specially crafted \"madvise\" call.
- A vulnerability has been identified in Linux Kernel, which could be
exploited by local attackers to cause a denial of service. This flaw
is due to a NULL pointer dereference in \"ip_route_input\" and
\"inet_rtm_getroute\" [net/ipv4/route.c] when handling a specially
crafted \"route\" command for a multicast IP address, which could be
exploited by malicious users to crash a vulnerable system, creating
a denial of service condition.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-1524 and CVE-2006-1525 to these issues.

Wed Apr 12 14:00:00 2006 Bipin S 2.6.16.5-1tr
- New Upstream.
- SECURITY Fix: The sys_add_key function in the keyring code allows
local users to cause a denial of service (OOPS) via keyctl requests
that add a key to a user key instead of a keyring key, which causes
an invalid memory dereference.
- The __group_complete_signal function in the RCU signal handling
(signal.c) in Linux kernel 2.6.16, and possibly other versions, has
unknown impact and attack vectors related to improper use of BUG_ON.
- A vulnerability has been reported in Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

The vulnerability is caused due to an error when the kernel returns
program control using SYSRET on Intel EM64T CPUs. The may cause a DoS
due to the way Intel EM64T CPUs handle uncanonical return addresses
when a user has been able to change the frames.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1522, CVE-2006-1523 and CVE-2006-0744
to this issue.

Thu Apr 6 14:00:00 2006 Bipin S 2.6.16.1-2tr
- SECURITY Fix: The fill_write_buffer function in sysfs/file.c does
not zero terminate a buffer when a length of PAGE_SIZE or more is
requested, which might allow local users to cause a denial of
service (crash) by causing an out-of-bounds read.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1055 to this issue.

Tue Mar 28 14:00:00 2006 Bipin S 2.6.16.1-1tr
- New Upstream.
- SECURITY Fix: Marco Ivaldi has reported a weakness caused due to
an error within the \"ip_push_pending_frames()\" function when
creating a packet in reply to a received SYN/ACK packet. This
causes RST packets to be sent with a IP ID value that is incremented
per packet. This can potentially be exploited to conduct idle
scan attacks.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1242 to this issue.

Wed Mar 22 13:00:00 2006 Nived Gopalan 2.6.16-1tr
- New Upstream.
- Upgraded 3ware 9xxx RAID driver.
- SECURITY Fix: An integer overflow error exists within the \"do_replace()\"
function in Netfilter. This can be exploited to cause a buffer overflow
and allows the overwrite of arbitrary amounts of kernel memory when
data is copied from user space.
- Insufficient memory allocation in \"drivers/usb/gadget/rndis.c\" when
handling NDIS response to OID_GEN_SUPPORTED_LIST may cause kernel memory
corruption.

Thu Mar 2 13:00:00 2006 Bipin S 2.6.15.6-1tr
- New Upstream
- SECURITY Fix: With certain types of ftruncate() activity on 2.6
kernels, XFS can end up exposing stale data off disk to a user,
putting extents where holes should be.
- An error in the \"nfs_get_user_pages()\" function due to insufficient
checks on the return value returned by the \"get_user_pages()\" function
can be exploited to cause a local DoS by performing an O_DIRECT write
to an NFS file where the user buffer starts with a valid mapped page,
but also contains an unmapped page.
- Missing checks for bad elf entry addresses can be exploited to cause an
endless recursive fault on Intel systems, which results in a local DoS.
- unaligned.c erroneously marked die_if_kernel() with a \"noreturn\"
attribute.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-0554, CVE-2006-0555, CVE-2006-0741 and
CVE-2006-0742 to these issues.

Mon Feb 20 13:00:00 2006 Bipin S 2.6.15.4-2tr
- Added mptspi in /etc/mkinitrd/modules to fix upgrades from 2.6.12.6
to higher versions.

Tue Feb 14 13:00:00 2006 Ajith Thampi 2.6.15.4-1tr
- New Upstream

Wed Feb 8 13:00:00 2006 Ajith Thampi 2.6.15.3-1tr
- New Upstream
- SECURITY Fix: Linux kernel before 2.6.15.3 down to 2.6.12, while
constructing an ICMP response, does not properly handle when the
ip_options_echo function in icmp.c fails, which allows remote attackers
to cause a denial of service (crash) via vectors such as (1) record-route
and (2) timestamp IP options with the needaddr bit set and a truncated value.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0454 to this issue.

Tue Jan 24 13:00:00 2006 Nived Gopalan 2.6.15.1-1tr
- New Upstream.
- Added L7-filter patch for iptables/Netfilter.
- ip6t_random module not included with this release due to issues with
netfilter-random patch and kernel 2.6.15.x
- SECURITY Fix: Missing validation of the \"nlmsg_len\" value in
\"netlink_rcv_skb()\" can cause an infinite loop which can be exploited
by local users to cause a DoS by setting the value to 0.
- An error in the PPTP NAT helper in the handling of inbound
PPTP_IN_CALL_REQUEST packets can cause an error in offset calculation.
This can be exploited to cause random memory corruption and can crash
the kernel.
- ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in
Linux kernel 2.6.14, and other versions, allows local users to cause a
denial of service via a crafted outbound packet that causes an incorrect
offset to be calculated from pointer arithmetic when non-linear SKBs
(socket buffers) are used.
- Stefan Rompf has reported a vulnerability caused due to the \"dm-crypt\"
driver failing to clear memory before freeing it. This can be exploited
by local users to obtain sensitive information.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-0035, CVE-2006-0036, CVE-2006-0037 and
CVE-2006-0095 to these issues.

Wed Dec 21 13:00:00 2005 Ajith Thampi 2.6.14.4-1tr
- New Upstream

Mon Dec 5 13:00:00 2005 Nived Gopalan 2.6.14.3-1tr
- New Upstream.
- SECURITY Fix: Memory leak in the VFS file lease handling in locks.c
allows local users to cause a denial of service via certain Samba
activities that cause an fasync entry to be re-allocated by the
fcntl_setlease function after the fasync queue has already been cleaned
by the locks_delete_lock function.
- The auto-reap of child processes in Linux kernel 2.6 includes processes
with ptrace attached, which leads to a dangling ptrace reference and
allows local users to cause a denial of service (crash).
- The time_out_leases function in locks.c allows local users to cause a
denial of service (kernel log message consumption) by causing a large
number of broken leases, which is recorded to the log using the printk
function.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2005-3807, CVE-2005-3784 and CVE-2005-3857 to
these issues.

Fri Nov 11 13:00:00 2005 Ajith Thampi 2.6.14.2-1tr
- New Upstream.
- SECURITY Fix: Al Viro discovered an exploitable hole in sysctl
unregistration affecting 2.6 kernels. This leads to Oops and possibly
more.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-2709 to this issue.

Mon Nov 7 13:00:00 2005 Ajith Thampi 2.6.14-1tr
- New Upstream
- Added ipv4 AH, ESP and IPCOMP modules support. Bug #1367

Wed Oct 12 14:00:00 2005 Ajith Thampi 2.6.13.4-1tr
- New Upstream
- SECURITY Fix: The sys_set_mempolicy function in mempolicy.c in Linux
kernel 2.6.x allows local users to cause a denial of service
(kernel BUG()) via a negative first argument.
- Race condition in Linux 2.6, when threads are sharing memory mapping
via CLONE_VM (such as linuxthreads and vfork), might allow local users
to cause a denial of service (deadlock) by triggering a core dump while
waiting for a thread that has just performed an exec.
- fs/exec.c in Linux 2.6, when one thread is tracing another thread that
shares the same memory map, might allow local users to cause a denial
of service (deadlock) by forcing a core dump when the traced thread is
in the TASK_TRACED state.
- The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to cause
a denial of service (oops) by using hfsplus to mount a filesystem that is
not hfsplus.
- Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6,
when running on an SMP system that is operating under a heavy load, might
allow remote attackers to cause a denial of service (crash) via a series
of packets that cause a value to be modified after it has been read but
before it has been locked.
- Memory leak in \"/security/keys/request_key_auth.c\" can potentially be
exploited by non-privileged users to cause a DoS.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2005-3053, CVE-2005-3106, CVE-2005-3107,
CVE-2005-3108, CVE-2005-3109, CVE-2005-3110, CVE-2005-3119.

Tue Oct 4 14:00:00 2005 Ajith Thampi 2.6.13.3-1tr
- New Upstream

Fri Sep 30 14:00:00 2005 Ajith Thampi 2.6.13.2-1tr
- New Upstream
- Fixes CAN-2005-2490 and CAN-2005-2492.
- SECURITY Fix: Jan Blunck discovered a Denial of Service vulnerability
in the procfs interface of the SCSI driver. By repeatedly reading
/proc/scsi/sg/devices, a local attacker could eventually exhaust
kernel memory. (CAN-2005-2800)
- A Denial of Service vulnerability was detected in the stack segment
fault handler. A local attacker could exploit this by causing stack
fault exceptions under special circumstances (scheduling), which lead
to a kernel crash. (CAN-2005-1767)
- Vasiliy Averin discovered a Denial of Service vulnerability in the
\"tiocgdev\" ioctl call and in the \"routing_ioctl\" function. By calling
fget() and fput() in special ways, a local attacker could exploit this
to destroy file descriptor structures and crash the kernel.
(CAN-2005-3044)
- md has been renamed to md-mod from 2.6.13
- md5 has been compiled in-built here on

Wed Sep 14 14:00:00 2005 Ajith Thampi 2.6.12.6-3tr
- Fix unchecked __get_user that could be tricked into generating a
memory read on an arbitrary address. The result of the read is not
returned directly but you may be able to divine some information about
it, or use the read to cause a crash on some architectures by reading
hardware state.(CAN-2005-2492)
- Al Viro reported a flaw in sendmsg(). \"When we copy 32bit ->msg_control
contents to kernel, we walk the same userland data twice without sanity
checks on the second pass. Moreover, if original looks small enough, we
end up copying to on-stack array.\" (CAN-2005-2490)

Mon Sep 5 14:00:00 2005 Erlend Midttun 2.6.12.6-2tr
- Added 3w-9xxx-linux-src-2.6-9.2.1.1.tgz

Tue Aug 30 14:00:00 2005 Erlend Midttun 2.6.12.6-1tr
- New upstream with the following fixes (from the announcement):
Bhavesh P. Davda:
NPTL signal delivery deadlock fix

Chris Wright:
Linux 2.6.12.6

Herbert Xu:
Restrict socket policy loading to CAP_NET_ADMIN - CAN-2005-2555

Jan Blunck:
sg.c: fix a memory leak in devices seq_file implementation (2nd)

lepton:
fix gl_skb/skb type error in genelink driver in usbnet

Linus Torvalds:
Revert unnecessary zlib_inflate/inftrees.c fix

Patrick McHardy:
Fix DST leak in icmp_push_reply()
Fix SKB leak in ip6_input_finish()

Tue Aug 16 14:00:00 2005 Syed Shabir Zakiullah 2.6.12.5-1tr
- New Upstream, Bug #1191
- SECURITY FIX:
- Error during attempt to join key management session can leave semaphore pinned
(CAN-2005-2098)
- Destruction of failed keyring oopses (CAN-2005-2099)
- Update in-kernel zlib routines (CAN-2005-2458, CAN-2005-2459)

- Fixed broken symlinks issue, Bug #1177

Wed Aug 10 14:00:00 2005 Syed Shabir Zakiullah 2.6.12.4-2tr
- Enabled Extended matches in QoS, Fix Bug #1167.

Mon Aug 8 14:00:00 2005 Syed Shabir Zakiullah 2.6.12.4-1tr
- New Upstream, Fix Bug #1155.

Wed Jul 27 14:00:00 2005 Syed Shabir Zakiullah 2.6.11.12-6tr
- Now use AUTOACTIVATE correctly as expected in tsl-fixboot, removed --make-default
option (AUTOACTIVATE will handle this).

Fri Jul 22 14:00:00 2005 Syed Shabir Zakiullah 2.6.11.12-5tr
- Added support for standard serial ports. Fix Bug #1093.

Mon Jul 18 14:00:00 2005 Syed Shabir Zakiullah 2.6.11.12-4tr
- Added support for Large Block Devices (greater than 2TB). Fix Bug #1070.

Thu Jul 14 14:00:00 2005 Syed Shabir Zakiullah 2.6.11.12-3tr
- Added CONNMARK support in kernel and enabled CONFIG_IP_NF_MATCH_CONNMARK and
CONFIG_IP_NF_TARGET_CONNMARK modules. Fix Bug #1081.

Thu Jun 30 14:00:00 2005 Chr. H. Toldnes 2.6.11.12-1tr
- Added kernel-headers and kernel-smp-headers packages to ease external
module compilation

Tue Jun 28 14:00:00 2005 Ajith Thampi 2.6.11.12-1tr
- New Upstream
- Re-add lost Tulip Card Support, Bug #178
- Add IPX protocol support, reference Bug #983

Tue Jun 7 14:00:00 2005 Oystein Viggen 2.6.11.11-4tr
- Redo config files with more options enabled

Wed Jun 1 14:00:00 2005 Syed S. Zakiullah 2.6.11.11-3tr
- Added a patch which adds option for CONFIG_IP_NF_MATCH_RANDOM and CONFIG_IP6_NF_MATCH_RANDOM
which allows packets to match randomly following a given probability. (Ref. Bug. #739).
- Added XFS Posix ACL support. (Ref. Bug. #66).

Wed Jun 1 14:00:00 2005 Oystein Viggen 2.6.11.11-2tr
- Readd -fno-stack-protector for gcc-3.4

Mon May 30 14:00:00 2005 Syed S. Zakiullah 2.6.11.11-1tr
- New Upstream

Fri May 20 14:00:00 2005 Ajith Thampi 2.6.11.10-3tr
- Update PreReq with tsl-utils-1.6-10tr and tsl-initrd

Wed May 18 14:00:00 2005 Ajith Thampi 2.6.11.10-2tr
- Set PF_KEY sockets needed by ipsec
- introducing the new tsl-fixboot in %post and %preun to make new
kernel the default.

Tue May 17 14:00:00 2005 Ajith Thampi 2.6.11.10-1tr
- New Upstream

Fri May 13 14:00:00 2005 Ajith Thampi 2.6.11.9-2tr
- Absence of smp support in kernel-smp? Set. Bug #665

Thu May 12 14:00:00 2005 Ajith Thampi 2.6.11.9-1tr
- New Upstream
- Buffer Overflow Fix, A locally exploitable flaw has been found in the
Linux ELF binary format loader\'s core dump function that allows
local users to gain root privileges and also execute arbitrary
code at kernel privilege level. (CAN-2005-1263)
- Added Module Unloading Support, Bug #656

Mon May 2 14:00:00 2005 Ajith Thampi 2.6.11.8-2tr
- JFS Support added as loadable modules and not built-in, Bug #555

Sat Apr 30 14:00:00 2005 Ajith Thampi 2.6.11.8-1tr
- New upstream

Wed Apr 27 14:00:00 2005 Ajith Thampi 2.6.11.7-4tr
- Added i2c patch
- Rebuilt without stack protector for gcc-4.0

Mon Apr 25 14:00:00 2005 Ajith Thampi 2.6.11.7-3tr
- Added PreReq of module-init-tools instead of modutils

Thu Apr 21 14:00:00 2005 Ajith Thampi 2.6.11.7-2tr
- RAID Support added as loadable modules and not built-in, Bug #401
- Added ALSA Support

Fri Apr 8 14:00:00 2005 Ajith Thampi 2.6.11.7-1tr
- New upstream.

Wed Apr 6 14:00:00 2005 Ajith Thampi 2.6.11.6-2tr
- Added Tulip Card Support, Bug #178

Tue Mar 29 14:00:00 2005 Erlend Midttun 2.6.11.6-1tr
- New upstream.

Wed Mar 16 13:00:00 2005 Erlend Midttun 2.6.11.4-1tr
- New upstream.

Sun Mar 13 13:00:00 2005 Erlend Midttun 2.6.11.3-1tr
- New upstream.

Fri Mar 11 13:00:00 2005 Erlend Midttun 2.6.11.2-2tr
- Fix localversion.

Thu Mar 10 13:00:00 2005 Erlend Midttun 2.6.11.2-1tr
- New upstream.

Wed Mar 9 13:00:00 2005 Syed Shabir Zakiullah 2.6.10-4tr
- compiled with CONFIG_BLK_DEV_RAM_SIZE=8192 to make initrd to compress

Mon Feb 28 13:00:00 2005 Syed Shabir Zakiullah 2.6.10-3tr
- Added boot-delay-retry-v3.patch

Fri Feb 25 13:00:00 2005 Syed Shabir Zakiullah 2.6.10-2tr
- Applied Device Mapper patches

Tue Feb 8 13:00:00 2005 Ajith Thampi 2.6.10-1tr
- new upstream with fixes

Fri Feb 4 13:00:00 2005 Ajith Thampi 2.6.9-8tr
- removed the BOOT kernel

Tue Dec 7 13:00:00 2004 Raghu 2.6.9-6tr
- New Upstream 2.6.9 - recompiled with gcc-3.4.3

Wed Nov 24 13:00:00 2004 Erlend Midttun 2.4.28-4tr
- No longer Provide various kernel-firewall.

Sat Nov 20 13:00:00 2004 Erlend Midttun 2.4.28-3tr
- Rebuilt with new tag.

Thu Nov 18 13:00:00 2004 Erlend Midttun 2.4.28-2tr
- Add -fno-stack-protector to Makefile in kernel-source

Wed Nov 17 13:00:00 2004 Erlend Midttun 2.4.28-1tr
- New upstream.

Mon Nov 8 13:00:00 2004 Oystein Viggen 2.4.27-8tr
- Fix firewall symlinks (for upgrade from older versions of the OS)

Tue Oct 19 14:00:00 2004 Erlend Midttun 2.4.27-7tr
- Now try with USB keyboard too

Fri Oct 1 14:00:00 2004 Syed Shabir 2.4.27-6tr
- Applied OpenSwan NAT and kernel Patches
- Removed Old FreeSwan patches

Wed Sep 22 14:00:00 2004 Erlend Midttun 2.4.27-4tr
- New megaraid driver. No show, maybe try later.
- Fix Conflicts/Obsoletes error

Tue Sep 21 14:00:00 2004 Erlend Midttun 2.4.27-3tr
- Now compile in CONFIG_BLK_DEV_SIIMAGE

Mon Aug 30 14:00:00 2004 Erlend Midttun 2.4.27-2tr
- Added support for DMA on ESB_3

Sun Aug 8 14:00:00 2004 Erlend Midttun 2.4.27-1tr
- New upstream. Fixes lots of bugs including security related ones.

Thu Jun 17 14:00:00 2004 Oystein Viggen 2.4.26-3tr
- Various security fixes from Alexander Viro, CAN-2004-0495

Tue Jun 15 14:00:00 2004 Oystein Viggen 2.4.26-2tr
- Patch fpu crash, CAN-2004-0554

Thu May 13 14:00:00 2004 Erlend Midttun 2.4.26-1tr
- New upstream.

Wed Apr 21 14:00:00 2004 Erlend Midttun 2.4.25-8tr
- Merged patch 14 and 15.

Tue Apr 20 14:00:00 2004 Erlend Midttun 2.4.25-7tr
- Added patch 14 and 15 to fix bugs with mcast_msfilter

Wed Apr 14 14:00:00 2004 Erlend Midttun 2.4.25-6tr
- Added patches 10, 11, 12, 13 to fix CAN-2004-0177, CAN-2004-0109 CAN-2004-0133

Tue Mar 23 13:00:00 2004 Chr. Toldnes 2.4.25-4tr
- Added the hpt366 and hpt34x modules to the BOOT kernel

Thu Feb 19 13:00:00 2004 Erlend Midttun 2.4.25-1em
- New upstream.
- Added CONFIG_PPP_FILTER and CONFIG_PPP_MULTILINK on request.

Thu Feb 5 13:00:00 2004 Chr. Toldnes 2.4.24-3tr
- Added USB keyboard support in the BOOT kernel
- Added some bugfix patches from lkml

Fri Jan 30 13:00:00 2004 Chr. Toldnes 2.4.24-2tr
- Build without stack protection

Fri Jan 23 13:00:00 2004 Erlend Midttun 2.4.24-1tr
- Compiled serverworks in.
- New upstream.

Thu Jan 22 13:00:00 2004 Chr. Toldnes 2.4.23-9tr
- Fixed problem relating to usb hid devices reconnection

Tue Jan 20 13:00:00 2004 Erlend Midttun 2.4.23-8tr
- Added quota support.
- Added serverworks to -BOOT kernel.

Mon Jan 19 13:00:00 2004 Oddvar Broenstad 2.4.23-7tr
- Quick temporary fix for iptables recent match extenxsion

Fri Jan 9 13:00:00 2004 Chr. Toldnes 2.4.23-6tr
- cleanup

Fri Jan 9 13:00:00 2004 Chr. Toldnes 2.4.23-5tr
- Added CONFIG_PDC202XX_FORCE=y to enable full speed on promise controllers.
- Changed kernel-source tar.bz2 back to plain directory
- Use kernel-source-2.6.19.1-1tr to not conflict with vanilla kernels

Tue Jan 6 13:00:00 2004 Chr. Toldnes 2.4.23-4tr
- Now untaring correct source in %post source... Thanks Gerald.

Mon Jan 5 13:00:00 2004 Chr. Toldnes 2.4.23-3tr
- Added mremap fix
- Correct build symlink
- Added documentation: README-kernel-module-compilation.txt
- Added untaring of source in %post source
- Added Conflicts: swup_install-if-upgrade

Mon Dec 15 13:00:00 2003 Chr. Toldnes 2.4.23-2tr
- Added rtc fix
- Readded external megaraid stuff.

Sun Nov 30 13:00:00 2003 Chr. Toldnes 2.4.23-1tr
- New upstream version: 2.4.23
- Removed patch 110, included upstream.
- added create-freeswan-kernelpatch.sh as Source
- updated README-kernel-upgrade-howto.txt
- New freeswan/x509: 2.04/1.4.8
- Added TODO section in spec.
- Removed external megaraid stuff

Mon Sep 15 14:00:00 2003 Chr. Toldnes 2.4.22-4tr
- Added kernel-config-generator
- Added README-kernel-upgrade-howto.txt

Sat Aug 30 14:00:00 2003 Chr. Toldnes 2.4.22-3tr
- added lvm-patch-generator
- added lvm-1.0.7

Sat Aug 30 14:00:00 2003 Chr. Toldnes 2.4.22-2tr
- Now megaraid stuff is sources.
- New upstream ipvs: 1.0.10

Mon Aug 25 14:00:00 2003 Chr. Toldnes 2.4.22-1tr
- New upstream version: 2.4.22
- CONFIG_MODVERSIONS=n
- Removed patch: 1-9, 120, 122, 130, 140, 141, 160, 161
- New upstream megaraid version

Tue Aug 19 14:00:00 2003 Chr. Toldnes 2.4.21-15tr
- Rebuilt and retagged

Fri Aug 15 14:00:00 2003 Omar Kilani 2.4.21-14ok
- Changed CONFIG_BLK_DEV_MD=m to CONFIG_BLK_DEV_MD=y to support autodetect.

Thu Jul 10 14:00:00 2003 Erlend Midttun 2.4.21-13tr
- Added bunch of patches. 5 - 9.

Sat Jul 5 14:00:00 2003 Gerald Dachs 2.4.21-12gd
- Added nfsd module to boot kernel

Fri Jul 4 14:00:00 2003 Chr. Toldnes 2.4.21-11tr
- Some bugfixing in fs and kernel src dirs.

Thu Jul 3 14:00:00 2003 Erlend Midttun 2.4.21-10tr
- Added a way to recreate the header files for linux-headers.

Tue Jul 1 14:00:00 2003 Goetz Bock 2.4.21-9bg
- fixed modversion.h file
- updated isdn drivers for HiSax cards.

Tue Jul 1 14:00:00 2003 Goetz Bock 2.4.21-8bg
- made the patch numbers compact again
- added i2c and lm_sensors (patch 160, 161)
- added wireless hostAP driver (patch 170)
- added new megaraid driver (patch 180)
- config updated: vga mode selection suport, activated i2c and lm_sensors
firewall is no actually router. It adds: advanced routing, IPsec, QoS,
bridging, IP tunneling, IPVS, vlan, ISDN and wireless drivers, bluetooth

Mon Jun 30 14:00:00 2003 Goetz Bock 2.4.21-7bg
- added nfsd to -BOOT, we need it for the live system for the PXE installer
- updated IPVS to 1.0.9

Sun Jun 29 14:00:00 2003 Goetz Bock 2.4.21-6bg
- unified the .config files. smp now only adds smp and firewall adds
IPsec, QoS, advanced routing (incl. multicast), ethernet bridging,
eb-tables, and ip tunneling
- removed i2c
- renamed two patches to start with linux-2.4.21 (120 and 220)

Tue Jun 24 14:00:00 2003 Erlend Midttun 2.4.21-5tr
- Big change in .config files.

Wed Jun 18 14:00:00 2003 Erlend Midttun 2.4.21-4tr
- Big rebuild

Tue Jun 17 14:00:00 2003 Erlend Midttun 2.4.21-3em
- IDE modules, take II.

Mon Jun 16 14:00:00 2003 Erlend Midttun 2.4.21-2em
- Recreated freeswan patch.
- Tried to get the correct IDE modules.
- No longer own kernel.h, we leave that to linux-headers.

Sat Jun 14 14:00:00 2003 Roland Kruse 2.4.21-1rk
- Picked up 2.4.21
- Patch 4,5,10-14 no longer applied (check!)
- Note: Patch120 rebuilt, patch 220 replaced from:
http://cvs.netfilter.org/~checkout~/netfilter/patch-o-matic//extra/pptp-conntrack-nat.patch
- Configs need checking.

Thu Jun 5 14:00:00 2003 Erlend Midttun 2.4.20-28em
- In fact, leave /lib/modules to filesystem.
- Added wireless.
- Added APIC and IOAPIC
- Removed devfs

Wed Jun 4 14:00:00 2003 Erlend Midttun 2.4.20-27em
- Remove useless directories under /lib/modules/kernelver.

Mon May 26 14:00:00 2003 Erlend Midttun 2.4.20-26em
- fileutils -> coreutils.

Sat May 17 14:00:00 2003 Erlend Midttun 2.4.20-25em
- GCC 3.3 does not like multiline literals.

Fri May 16 14:00:00 2003 Erlend Midttun 2.4.20-24em
- New FreeSWAN version 2.00.
- Simplified creation of patch a lot.

Thu May 8 14:00:00 2003 Erlend Midttun 2.4.20-23em
- LVM is now a module.

Thu Apr 24 14:00:00 2003 Erlend Midttun 2.4.20-22em
- version.h take II.

Wed Apr 23 14:00:00 2003 Christian H. Toldnes 2.4.20-21ct
- Now all binary kernels, and the source package provides \'swup_install-only\'

Wed Apr 23 14:00:00 2003 Christian H. Toldnes 2.4.20-20ct
- Use /sbin/tsl-fixboot.sh in %post sections
- Nicer PreReqs

Tue Apr 22 14:00:00 2003 Erlend Midttun 2.4.20-19em
- Mode flexible version.h\'s

Fri Apr 11 14:00:00 2003 Christian H. Toldnes 2.4.20-18ct
- All binary kernels creates initrd, and uses symlinks during install.
(Waiting untill after Beta1 to use the /sbin/tsl-fixboot.sh script.)

Tue Apr 8 14:00:00 2003 Erlend Midttun 2.4.20-17em
- Removed unapplied patches.

Mon Mar 24 13:00:00 2003 Erlend Midttun 2.4.20-16em
- Rebuilt against glibc 2.3.2.

Thu Mar 20 13:00:00 2003 Erlend Midttun 2.4.20-15em
- Added patch against CAN-2003-0127
- Added XDR patches against CERT CA-2002-25 and CA-2003-10
- Now also apply the netfilter bridge patches
- Added LSI support
- Added I2O something

Thu Mar 6 13:00:00 2003 Goetz Bock 2.4.20-14bg
- my new box needs I2O, so I\'ve added that as modules
- and it comes with a IPMI card, so I\'ve added that patch as well
- and I\'ve created a further configuration with all my patches applied
configured as modular as possible: allmodular. By setting allmodular to 0
it will not be compiled.

Sun Mar 2 13:00:00 2003 Gerald Dachs 2.4.20-12em
- Added connection tracking and NAT support for PPTP (Patch220)

Tue Feb 25 13:00:00 2003 Erlend Midttun 2.4.20-11em
- Added PPPoE support.

Tue Feb 25 13:00:00 2003 Gerald Dachs 2.4.20-11gd
- Diald needs SLIP

Tue Feb 25 13:00:00 2003 Erlend Midttun 2.4.20-11em
- Added Appletalk modules.

Mon Feb 10 13:00:00 2003 Erlend Midttun 2.4.20-9em
- Now even with Mylex support.

Tue Jan 21 13:00:00 2003 Erlend Midttun 2.4.20-8em
- Some error in the packaging left us with a corrupt .tar.bz2.

Tue Jan 21 13:00:00 2003 Erlend Midttun 2.4.20-7em
- Attempting to stabilize by disabling most of the features.
- Removed pre-2.4 changelog entries.

Fri Jan 10 13:00:00 2003 Goetz Bock 2.4.20-6bg
- added ethernet bridge tables and bridge firewalling patch
- disabled vserver support

Fri Jan 10 13:00:00 2003 Erlend Midttun 2.4.20-4em
- Added config options for XSentry.

Wed Jan 8 13:00:00 2003 Goetz Bock 2.4.20-5bg
- various fixes in 3bg and 4bg
- updated cryptoapi: 2.4.20.1
- added solucorp vserver support

Wed Jan 8 13:00:00 2003 Erlend Midttun 2.4.20-3em
- Preserve directory in source .tar.bz2.

Wed Jan 8 13:00:00 2003 Erlend Midttun 2.4.20-2em
- Added HIGHMEM support.

Sun Jan 5 13:00:00 2003 Goetz Bock 2.4.20-2bg
- added some features: cryptoapi, lm_sensors, hostap, uml, acpi
- updated some stuff: ipvs to 1.0.7, lvm to 1.0.6
- and a patches: ext3 corruption fix
- added highmem
- modularised to the MAX, even IDE drivers and base SCSI stuff

Wed Dec 4 13:00:00 2002 Erlend Midttun 2.4.20-1em
- Picked up 2.4.20.
- Added a few options to -BOOT config to make PXE install work again.

Sun Nov 24 13:00:00 2002 Gerald Dachs 2.4.19-15gd
- In boot kernel module af_packet.o was missing, anaconda needs it.

Fri Nov 15 13:00:00 2002 Erlend Midttun 2.4.19-14em
- Added patch to fix connection tracking bug.

Thu Nov 14 13:00:00 2002 Erlend Midttun 2.4.19-13em
- Some Requires is really a PreReq
- Added fix for cmdline bug.
- Added fix for DOS bug.

Wed Nov 6 13:00:00 2002 Roland Kruse 2.4.19-12rk
- Added \"Requires\" statement for kernel-smp subpackage to avoid it
being installed too early, breaking the %post script (mkinitrd etc).

Mon Nov 4 13:00:00 2002 Erlend Midttun 2.4.19-11em
- Now even supposed to work with new binutils.

Fri Nov 1 13:00:00 2002 Erlend Midttun 2.4.19-10em
- Compressed the kernel-source.
- Added another patch from advisory.

Tue Sep 24 14:00:00 2002 Erlend Midttun 2.4.19-9em
- Netfilter are now modules.
- Added magic sysreq.
- Added devfs on request.

Mon Sep 23 14:00:00 2002 Roland Kruse 2.4.19-8rk
- sundance patch for d-link DFE-580TX (Patch7)
- CONFIG_SUNDANCE=m in kernel-2.4.19-i586-BOOT.config

Sat Sep 21 14:00:00 2002 Gerald Dachs 2.4.19-7gd
- Added ppp-mppe (Patch6)

Mon Sep 9 14:00:00 2002 Roland Kruse 2.4.19-6rk
- Updated module-info (Source2)

Sat Sep 7 14:00:00 2002 Gerald Dachs 2.4.19-5gd
- Added IDE-SCSI; need by cdrecord
- ksymoops 2.4.6

Fri Aug 23 14:00:00 2002 Erlend Midttun 2.4.19-4em
- Removed /usr/include/{asm,linux} from this package as they are
supposed to be owned by a separate kernel-headers package.

Thu Aug 22 14:00:00 2002 Roland Kruse 2.4.19-3rk
- Added Adaptec Starfire driver: CONFIG_ADAPTEC_STARFIRE=m
- Added tmpfs: CONFIG_TMPFS=y

Tue Aug 20 14:00:00 2002 Erlend Midttun 2.4.19-2em
- Cleaned up BOOT config file.

Fri Aug 16 14:00:00 2002 Erlend Midttun 2.4.19-1em
- Picked up 2.4.19.
- New JFS.

Wed Jul 17 14:00:00 2002 Roland Kruse 2.4.18-7rk
- Removed installkernel, this is in mkinitrd package

Tue Jul 16 14:00:00 2002 Roland Kruse 2.4.18-6rk
- fixed ipsec items in kernel-2.4.18-i586-BOOT.config

Tue Jul 9 14:00:00 2002 Roland Kruse 2.4.18-5rk
- Updated to freeswan 1.98b
- Enabled CONFIG-IPSEC-IPCOMP and CONFIG-IPSEC-DEBUG in configs.

Mon Jun 10 14:00:00 2002 Goetz Bock 2.4.18-4bg
- added LVM 1.04

Sat Jun 8 14:00:00 2002 Gerald Dachs
- changed to jfs 1.0.19
- changed to freeswan 1.97
- added ipvs 1.0.2
- mkinitrd now executed in %post

Thu May 30 14:00:00 2002 Christain H. Toldnes
- Rebuild with -2ct tag.

Tue Feb 26 13:00:00 2002 Erlend Midttun
- Picked up the real 2.4.18

Tue Jan 22 13:00:00 2002 Gerald Dachs
- small changes in boot kernel config, I need every byte
- BOOT kernel has now cramfs for anaconda

Wed Jan 9 13:00:00 2002 Gerald Dachs
- new kernel version 2.4.17
- now freeswan 1.92 included

Sat Sep 29 14:00:00 2001 Gerald Dachs
- new kernel version 2.4.10
- SCSI generic enabled
- ext3 filesystem support
- jfs filesystem support
- patch against endless loop in /proc/partitions
- patch against bug in pppoe

Thu Aug 9 14:00:00 2001 Gerald Dachs
- new kernel version 2.4.7
- SCSI generic enabled

Sat Jul 7 14:00:00 2001 Gerald Dachs
- reiserfs patches

Sat Jul 7 14:00:00 2001 Gerald Dachs
- new kernel version 2.4.6


 
ICM