Version in base suite: 2.6.8-15
Version in overlay suite: 2.6.8-15sarge1

Base version: kernel-image-2.6.8-ia64_2.6.8-15
Target version: kernel-image-2.6.8-ia64_2.6.8-15sarge1
Base file: /org/ftp.debian.org/ftp/pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15.dsc
Target file: /org/ftp.debian.org/ftp/pool/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc

diff -Nru /tmp/nfASzuJH3V/kernel-image-2.6.8-ia64-2.6.8/debian/changelog /tmp/zHEfj3tWTI/kernel-image-2.6.8-ia64-2.6.8/debian/changelog
--- /tmp/nfASzuJH3V/kernel-image-2.6.8-ia64-2.6.8/debian/changelog	2007-05-26 10:03:52.000000000 +0000
+++ /tmp/zHEfj3tWTI/kernel-image-2.6.8-ia64-2.6.8/debian/changelog	2008-02-19 08:39:26.000000000 +0000
@@ -1,3 +1,82 @@
+kernel-image-2.6.8-ia64 (2.6.8-15sarge1) oldstable-security; urgency=high
+
+  * Rebuild against kernel-tree-2.6.8-17sarge1
+    * compat_sys_mount-NULL-data_page.dpatch
+      [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page
+      See CVE-2006-7203
+    * pppoe-socket-release-mem-leak.dpatch
+      [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released
+      after connect but before PPPIOCGCHAN ioctl is called upon it
+      See CVE-2007-2525
+    * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch
+      [SECURITY] Fix out of bounds condition in dn_fib_props[]
+      See CVE-2007-2172
+    * aacraid-ioctl-perm-check.dpatch
+      [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
+      See CVE-2007-4308
+    * reset-pdeathsig-on-suid.dpatch
+      [SECURITY] Fix potential privilege escalation caused by improper
+      clearing of the child process' pdeath signal.
+      See CVE-2007-3848
+    * bluetooth-l2cap-hci-info-leaks.dpatch
+      [SECURITY] Fix information leaks in setsockopt() implementations
+      See CVE-2007-1353
+    * coredump-only-to-same-uid.dpatch
+      [SECURITY] Fix an issue where core dumping over a file that
+      already exists retains the ownership of the original file
+      See CVE-2007-6206
+    * i4l-isdn_ioctl-mem-overrun.dpatch
+      [SECURITY] Fix potential isdn ioctl memory overrun
+      See CVE-2007-6151
+    * cramfs-check-block-length.dpatch
+      [SECURITY] Add a sanity check of the block length in cramfs_readpage to
+      avoid a potential oops condition
+      See CVE-2006-5823
+    * ext2-skip-pages-past-num-blocks.dpatch
+      [SECURITY] Add some sanity checking for a corrupted i_size in
+      ext2_find_entry()
+      See CVE-2006-6054
+    * minixfs-printk-hang.dpatch
+      [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
+      filesystem that would otherwise cause a system to hang (printk storm)
+      See CVE-2006-6058
+    * isdn-net-overflow.dpatch
+      [SECURITY] Fix potential overflows in the ISDN subsystem
+      See CVE-2007-6063
+    * prevent-stack-growth-into-hugetlb-region.dpatch
+      [SECURITY] Prevent OOPS during stack expansion when the VMA crosses
+      into address space reserved for hugetlb pages.
+      See CVE-2007-3739
+    * cifs-honor-umask.dpatch
+      [SECURITY] Make CIFS honor a process' umask
+      See CVE-2007-3740
+    * hugetlb-prio_tree-unit-fix.dpatch
+      [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree
+      which could be used to trigger a BUG_ON() call in exit_mmap.
+      See CVE-2007-4133
+    * amd64-zero-extend-32bit-ptrace.dpatch
+      [SECURITY] Zero extend all registers after ptrace in 32-bit entry path.
+      See CVE-2007-4573
+    * usb-pwc-disconnect-block.dpatch
+      [SECURITY] Fix issue with unplugging webcams that use the pwc driver.
+      If userspace still has the device open it can result, the driver would
+      wait for the device to close, blocking the USB subsystem.
+      See CVE-2007-5093
+    * powerpc-chrp-null-deref.dpatch
+      [SECURITY][powerpc] Fix NULL pointer dereference if get_property
+      fails on the subarchitecture
+      See CVE-2007-6694
+    * random-bound-check-ordering.dpatch
+      [SECURITY] Fix stack-based buffer overflow in the random number
+      generator
+      See CVE-2007-3105
+    * mmap-VM_DONTEXPAND.dpatch
+      [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
+      a fault handler but do not bounds check the offset argument
+      See CVE-2008-0007
+
+ -- dann frazier <dannf@debian.org>  Tue, 19 Feb 2008 01:37:42 -0700
+
 kernel-image-2.6.8-ia64 (2.6.8-15) oldstable; urgency=high
 
   * Rebuild against kernel-tree-2.6.8-17
diff -Nru /tmp/nfASzuJH3V/kernel-image-2.6.8-ia64-2.6.8/debian/control /tmp/zHEfj3tWTI/kernel-image-2.6.8-ia64-2.6.8/debian/control
--- /tmp/nfASzuJH3V/kernel-image-2.6.8-ia64-2.6.8/debian/control	2007-05-26 10:03:51.000000000 +0000
+++ /tmp/zHEfj3tWTI/kernel-image-2.6.8-ia64-2.6.8/debian/control	2008-02-19 08:39:43.000000000 +0000
@@ -4,7 +4,7 @@
 Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
 Uploaders: dann frazier <dannf@debian.org>
 Standards-Version: 3.6.1
-Build-Depends: debhelper (>= 2), kernel-package (>= 8.054), kernel-tree-2.6.8-17, module-init-tools
+Build-Depends: debhelper (>= 2), kernel-package (>= 8.054), kernel-tree-2.6.8-17sarge1, module-init-tools
 
 Package: kernel-headers-2.6.8-4
 Architecture: ia64