/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.103 - (hide annotations) (download)
Fri Jun 30 23:40:58 2006 UTC (8 years, 5 months ago) by solar
Branch: MAIN
Changes since 1.102: +8 -1 lines
- backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity sysctl controlable resource logging. Mark 2.4.32-r4 stable on x86
(Portage version: 3679-svn)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.103 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.102 2006/06/05 18:27:37 johnm Exp $
4    
5     *hardened-sources-2.4.32-r6 (30 Jun 2006)
6    
7     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
8     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
9     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
10     sysctl controlable resource logging
11 johnm 1.102
12     *hardened-sources-2.6.16-r7 (05 Jun 2006)
13    
14     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
15     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
16     push new 2.6.16 release in preparation for stable
17 solar 1.101
18     22 May 2006; <solar@gentoo.org> :
19     - redigest bug 134002
20 kang 1.100
21     *hardened-sources-2.4.32-r5 (16 May 2006)
22    
23     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
24     +hardened-sources-2.4.32-r5.ebuild:
25     Fixes rsbac common patching (new patch in new -r5 patchset)
26 solar 1.99
27     *hardened-sources-2.4.32-r4 (13 May 2006)
28    
29     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
30     +hardened-sources-2.4.32-r4.ebuild:
31     - security bumps
32 johnm 1.98
33     *hardened-sources-2.6.16-r6 (03 May 2006)
34    
35     03 May 2006; John Mylchreest <johnm@gentoo.org>
36     +hardened-sources-2.6.16-r6.ebuild:
37     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
38 johnm 1.97
39     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
40     hardened-sources-2.6.14-r8.ebuild:
41     fix x86_64 build problem, this will delay the digest issue again for a short
42     while but it will sort itself out
43 johnm 1.96
44     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
45     hardened-sources-2.6.14-r8.ebuild:
46     bump hardened patchset
47 antarus 1.94
48     27 Apr 2006; Alec Warner <antarus@gentoo.org>
49     files/digest-hardened-sources-2.4.32-r2,
50     files/digest-hardened-sources-2.4.32-r3,
51     files/digest-hardened-sources-2.6.14-r8, Manifest:
52     Fixing duff SHA256 digests: Bug # 131293
53 johnm 1.93
54 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
55    
56     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
57     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
58     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
59     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
60     cleanup of old uneccessary sources
61    
62 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
63     fix digest
64 johnm 1.92
65     *hardened-sources-2.6.14-r8 (20 Apr 2006)
66    
67     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
68     +hardened-sources-2.6.14-r8.ebuild:
69     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
70 johnm 1.91
71     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
72     Turning on gpg-signing again, and recomitting
73 johnm 1.90
74     *hardened-sources-2.6.16-r4 (20 Apr 2006)
75    
76     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
77     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
78     +hardened-sources-2.6.16-r4.ebuild:
79     Fix numerous security vulns
80 solar 1.89
81     *hardened-sources-2.4.32-r3 (16 Apr 2006)
82    
83     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
84     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
85     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
86     - security bump for bug #112791. Removed old ebuilds
87 johnm 1.88
88     *hardened-sources-2.6.16-r3 (15 Apr 2006)
89    
90     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
91     +hardened-sources-2.6.16-r3.ebuild:
92     Removing silly localversion which I missed
93 johnm 1.87
94     *hardened-sources-2.6.14-r7 (14 Apr 2006)
95    
96     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
97     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
98     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
99 johnm 1.86
100     *hardened-sources-2.6.16-r2 (13 Apr 2006)
101    
102     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
103     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
104     +hardened-sources-2.6.16-r2.ebuild:
105     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
106     labels, dropping USERGROUP define fixes, since these were merged mainstream.
107 johnm 1.85
108     *hardened-sources-2.6.16-r1 (11 Apr 2006)
109    
110     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
111     +hardened-sources-2.6.16-r1.ebuild:
112     Bumping to include ppc build fix and 2.6.16.3
113 tsunam 1.84
114     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
115     hardened-sources-2.6.14-r6.ebuild:
116     Stable on x86; bug #127718
117 johnm 1.83
118     *hardened-sources-2.6.16 (31 Mar 2006)
119    
120     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
121     +hardened-sources-2.6.16.ebuild:
122     Bumping to new version of grsec, and kernel base. New squashfs. Based on
123     2.6.16.1
124 cryos 1.82
125     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
126     hardened-sources-2.6.14-r6.ebuild:
127     Stable on amd64, bug 127718.
128 nixnut 1.81
129     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
130     Stable on ppc. Bug #127718
131 johnm 1.80
132     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
133     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
134     -hardened-sources-2.6.14-r4.ebuild:
135     Cleanup.
136 johnm 1.79
137     *hardened-sources-2.6.14-r6 (15 Mar 2006)
138    
139     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
140     +hardened-sources-2.6.14-r6.ebuild:
141     Fixes grsec policy recreation bug and adds a
142     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
143 solar 1.78
144     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
145     - stable on x86
146 hansmi 1.77
147     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
148     hardened-sources-2.6.14-r5.ebuild:
149     Stable on ppc.
150 johnm 1.76
151     *hardened-sources-2.6.14-r5 (01 Feb 2006)
152    
153     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
154     +hardened-sources-2.6.14-r5.ebuild:
155     fixing every known exploit
156 solar 1.75
157     *hardened-sources-2.4.32-r2 (26 Jan 2006)
158    
159     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
160     +hardened-sources-2.4.32-r2.ebuild:
161     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
162 solar 1.74
163     *hardened-sources-2.6.14-r4 (12 Jan 2006)
164    
165     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
166     - version bump for new genpatches which fix up a few sec holes
167 solar 1.73
168     *hardened-sources-2.4.32-r1 (05 Jan 2006)
169    
170     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
171     - revision bump to add misc vital linux kernel security patches.
172 johnm 1.72
173     *hardened-sources-2.6.14-r3 (30 Dec 2005)
174    
175     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
176     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
177     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
178 johnm 1.71
179     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
180     hardened-sources-2.6.14-r2.ebuild:
181     making x86 & amd64 stable following testing.
182 johnm 1.70
183     *hardened-sources-2.6.14-r2 (27 Dec 2005)
184    
185     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
186     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
187     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
188     network hooks.
189 johnm 1.69
190     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
191     hardened-sources-2.6.14-r1.ebuild:
192     bumping to stable early for sec fix on x86 & amd64
193 johnm 1.68
194     *hardened-sources-2.6.14-r1 (05 Dec 2005)
195    
196     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
197     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
198     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
199 solar 1.67
200     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
201     - stable on x86 security bug #114227 CAN-2005-3257
202 kang 1.66
203     *hardened-sources-2.4.32 (19 Nov 2005)
204    
205     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
206     +hardened-sources-2.4.32.ebuild:
207     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
208     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
209     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
210     rsbac >> /etc/portage/package.use)
211 johnm 1.65
212     *hardened-sources-2.6.14 (14 Nov 2005)
213    
214     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
215     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
216     Bumping 2.6 series to 2.6.14.2
217 johnm 1.64
218     *hardened-sources-2.6.13-r2 (20 Oct 2005)
219    
220     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
221     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
222     +hardened-sources-2.6.13-r2.ebuild:
223     Fixes minor build error in ppc.
224 johnm 1.63
225     *hardened-sources-2.6.13-r1 (17 Oct 2005)
226    
227     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
228     +hardened-sources-2.6.13-r1.ebuild:
229     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
230     2.6.13.4, fixes some major amd64 stability problems.
231 johnm 1.62
232     *hardened-sources-2.6.13 (16 Sep 2005)
233    
234     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
235     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
236     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
237     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
238     users should test this thoroughly.
239 solar 1.61
240     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
241     - stable on x86
242 johnm 1.60
243     *hardened-sources-2.6.11-r15 (27 Jun 2005)
244    
245     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
246     +hardened-sources-2.6.11-r15.ebuild:
247     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
248     grsec redefining curr_ip struct.
249 solar 1.59
250     *hardened-sources-2.4.31 (20 Jun 2005)
251    
252     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
253     initial import of 2.4.31 tree
254 johnm 1.58
255     *hardened-sources-2.6.11-r14 (14 Jun 2005)
256    
257     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
258     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
259     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
260     naming scheme to abide by genpatches
261 johnm 1.57
262     *hardened-sources-2.6.11-r13 (18 May 2005)
263    
264     18 May 2005; John Mylchreest <johnm@gentoo.org>
265     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
266     Managed to mangle the Makefile patch from grsec, to miss out the grsec
267     target. sorry about that. Fixes bug #93022
268 johnm 1.56
269     *hardened-sources-2.6.11-r12 (17 May 2005)
270    
271     17 May 2005; John Mylchreest <johnm@gentoo.org>
272     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
273     +hardened-sources-2.6.11-r12.ebuild:
274     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
275     merges in genpatches-base
276 johnm 1.55
277     *hardened-sources-2.6.11-r12 (17 May 2005)
278    
279     17 May 2005; John Mylchreest <johnm@gentoo.org>
280     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
281     +hardened-sources-2.6.11-r12.ebuild:
282     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
283     merges in genpatches-base
284 solar 1.54
285     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
286     -files/2.4.27-cmdline-race.patch,
287     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
288     -files/2.4.28-grsec-binfmt_a.out.patch,
289     -files/2.4.28-grsec-cmdline-race.patch,
290     -files/2.4.28-selinux-binfmt_a.out.patch,
291     -files/2.4.28-selinux-cmdline-race.patch,
292     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
293     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
294     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
295     cleanup..
296 solar 1.53
297     *hardened-sources-2.4.30-r1 (21 Apr 2005)
298    
299     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
300     - disable aout by default
301 solar 1.52
302     *hardened-sources-2.4.30 (18 Apr 2005)
303    
304     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
305     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
306     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
307     use
308 tocharian 1.50
309 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
310    
311     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
312     +hardened-sources-2.4.29.ebuild:
313     New hardened-patches-2.4-29.0 patchball.
314     Removed SELinux support, upgraded GRSecurity to 2.1.4.
315    
316     *hardened-sources-2.4.28-r5 (06 Mar 2005)
317    
318     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
319     +hardened-sources-2.4.28-r5.ebuild:
320     Added a fix for a PaX vulnerability.
321    
322     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
323 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
324     Stable on x86
325 solar 1.49
326     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
327     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
328     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
329     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
330     - fixed/added RDEPEND= in all kernel-2 ebuilds
331 tocharian 1.48
332     *hardened-sources-2.4.28-r4 (21 Jan 2005)
333    
334     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
335     +hardened-sources-2.4.28-r4.ebuild:
336     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
337     backport of neighbour hash updates.
338 tocharian 1.47
339     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
340     hardened-sources-2.4.28-r3.ebuild:
341     Stable on x86
342 tseng 1.46
343     *hardened-sources-2.6.10-r3 (20 Jan 2005)
344    
345     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
346     +hardened-sources-2.6.10-r3.ebuild:
347     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
348     in 2005.0
349 tocharian 1.45
350     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
351     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
352     hardened-sources-2.4.28-r2.ebuild:
353     Mark stable on x86
354 tocharian 1.44
355     *hardened-sources-2.4.28-r3 (17 Jan 2005)
356    
357     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
358     +hardened-sources-2.4.28-r3.ebuild:
359     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
360 tocharian 1.43
361     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
362     hardened-sources-2.4.28.ebuild:
363     Mark stable on x86.
364 tocharian 1.42
365     *hardened-sources-2.4.28-r2 (13 Jan 2005)
366    
367     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
368     +hardened-sources-2.4.28-r2.ebuild:
369     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
370     Mazinger for grsecurity patches as well.
371 plasmaroo 1.41
372     *hardened-sources-2.4.28-r1 (23 Dec 2004)
373    
374     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
375     Security bump. Thank tocharian for rolling a new patchset...
376 solar 1.40
377     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
378     +files/2.4.28-grsec-cmdline-race.patch,
379     +files/2.4.28-selinux-binfmt_a.out.patch,
380     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
381     - Round up remaining security patches that appear to be missing in 2.4.28. -
382     PaX standalone updated to current. hgpv=28.1
383 solar 1.39
384     *hardened-sources-2.4.28 (28 Nov 2004)
385    
386     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
387     security bump. Thank tocharian for rolling a new patchset
388 scox 1.31
389 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
390    
391     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
392     +hardened-sources-2.4.27-r3.ebuild:
393     Applies the new 2.4-27.2 patchball which updates
394     GRSecurity to the 2.0.1 version.
395    
396 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
397    
398     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
399     +hardened-sources-2.4.27-r2.ebuild:
400     Version bump.
401     This version uses the new 2.4-27.1 patchball which updates
402     both the SELinux PaX hooks patch and the SELinux headers.
403    
404 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
405    
406     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
407     +hardened-sources-2.4.27-r1.ebuild,
408     -hardened-sources-2.4.27.ebuild,
409     +files/2.4.27-cmdline-race.patch:
410     Version bump, fix for cmdline race. See bug #59905.
411    
412     *hardened-sources-2.4.26-r6 (09 Aug 2004)
413    
414     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
415     +hardened-sources-2.4.26-r6.ebuild,
416     -hardened-sources-2.4.26-r5.ebuild,
417     -hardened-sources-2.4.26-r4.ebuild,
418     +files/2.4.26-cmdline-race.patch:
419     Version bump, fix for cmdline race. See bug #59905.
420    
421 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
422    
423     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
424     +hardened-sources-2.4.27.ebuild,
425     +files/2.4.27-CAN-2004-0394.patch:
426     Ported the patchball to the 2.4.27 kernel version.
427    
428 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
429    
430     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
431     +hardened-sources-2.4.26-r5.ebuild:
432 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
433 scox 1.34 It adds the following features:
434     - Squashfs
435     - Ebtables
436     - Netdev random (core+drivers)
437     - Watchdog Timer (WDT) fix.
438    
439 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
440    
441     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
442     +hardened-sources-2.4.26-r4.ebuild,
443     +files/2.4.26-CAN-2004-0415.patch,
444     -hardened-sources-2.4.26-3:
445     Version bump, fix for CAN 0415, see bug #59378.
446    
447 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
448    
449     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
450     +hardened-sources-2.4.26-r3.ebuild,
451     +files/2.4.26-CAN-2004-0497.patch,
452     -hardened-sources-2.4.26-r2.ebuild:
453     Version bump, fixed CAN 0497, see bug #56171.
454    
455 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
456    
457     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
458 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
459 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
460     +files/2.4.26-CAN-2004-0535.patch,
461     -hardened-sources-2.4.26-r1.ebuild:
462     Fixes for both CAN 0495 and 0535, see bug #54976
463 pvdabeel 1.27
464 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
465     hardened-sources-2.4.26-r1.ebuild:
466     QA - fix use invocation
467 scox 1.28
468     *hardened-sources-2.4.26-r1 (22 June 2004)
469    
470     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
471     +hardened-sources-2.4.26-r1.ebuild,
472     +files/2.4.26-CAN-2004-0394.patch,
473     +files/2.4.26-signal-race.patch,
474     -hardened-sources-2.4.26.ebuild,
475     -hardened-sources-2.4.24-r3.ebuild:
476     Version bump for the CAN-2004-0394 issue and bug #53804
477     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
478    
479    
480 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
481     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
482     Masked hardened-sources-2.4.26.ebuild broken for ppc
483    
484     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
485     hardened-sources-2.4.24-r3.ebuild:
486     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
487 plasmaroo 1.25
488 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
489    
490     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
491     +hardened-sources-2.4.26.ebuild:
492     Updated hardened-sources for the 2.4.26 kernel
493     Removed broken components, updated almost everything.
494    
495 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
496    
497     17 Apr 2004; <plasmaroo@gentoo.org>
498     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
499     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
500     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
501     +hardened-sources-2.4.24-r3.ebuild:
502     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
503     vulnerabilities. Old revisions removed.
504 plasmaroo 1.24
505     *hardened-sources-2.4.24-r2 (15 Apr 2004)
506    
507     15 Apr 2004; <plasmaroo@gentoo.org>
508     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
509     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
510     Version bump for the CAN-2004-0109 issue; bug #47881.
511 aliz 1.23
512     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
513     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
514     Add eutils to inherit.
515 plasmaroo 1.22
516     *hardened-sources-2.4.24-r1 (19 Feb 2004)
517    
518     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
519     files/hardened-sources-2.4.24.munmap.patch:
520     Added the patch for the mremap/munmap vulnerability. Bug #42024.
521 scox 1.19
522 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
523 scox 1.26
524 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
525     hardened-sources-2.4.24.ebuild:
526     Version bump, updated most of the components.
527     This release includes the following:
528    
529     - Hardened security
530     - Netfilter patch-o-matic 20031219
531     - FreeSWAN 2.04 & x509 1.4.8
532     - EVMS 2.2.2
533     - XFS 1.3.1
534     - cryptoloop jari
535     - grsecurity 2.0-rc4
536     - SELinux
537     - PaX 200402060000
538     - PaX Obscurity 200308302223
539     - Others...
540    
541     Neither -ck nor systrace are included anymore.
542    
543 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
544    
545     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
546     hardened-sources-2.4.22-r2.ebuild:
547 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
548 scox 1.19
549     *hardened-sources-2.4.22-r1 (02 Dec 2003)
550 iggy 1.17
551     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
552 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
553 iggy 1.16
554     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
555 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
556     Version bump for the 'do_brk' vulnerability.
557 iggy 1.15
558     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
559     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
560     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
561     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
562 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
563 frogger 1.14
564     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
565     hardened-sources-2.4.22.ebuild:
566 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
567     components. These are no longer handled in the kernel
568     so this code was not necessary.
569 frogger 1.13
570     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
571     New 2.4.22 based hardened-sources thanks to
572     Phil West <p.west@computer.org>.
573    
574     These sources include:
575 plasmaroo 1.18 - New SELinux API
576     - Updated CK-base
577     - Updated GRSec
578     - Systrace
579     - SuperFreeS/WAN 1.99.8
580     - Propolice kernel build support
581     - EVMS
582     - Other various security related patches
583 frogger 1.11
584 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
585    
586     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
587     Updated hardened-sources based on the 2.4.21 Linux kernel.
588     This includes updates to most major components such as:
589 plasmaroo 1.18 - ck-base-0306300059
590     - selinux-2.4-2003071106
591     - grsecurity-2.0-rc1
592     - Updated IPTables patch-o-matic
593     - Updated SuperFreeS/WAN
594    
595 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
596     updated patch set ready for the 2.4.21 based kernel.
597    
598 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
599     Initial import of hardened-sources-2.4.20-r4. This revision
600     includes only a few changes, but one of these is an important
601     security fix. It is recommended all users of hardened-sources
602     upgrade to this release.
603 plasmaroo 1.18
604 frogger 1.11 - ioperm bug fix
605     - fixed compilation failure when building without GRSec
606 plasmaroo 1.18
607 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
608     due to time constraints, but is planned for inclusion in the near
609     future.
610 msterret 1.10
611     *hardened-sources-2.4.20-r2 (12 Jun 2003)
612    
613     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
614     hardened-sources-2.4.20-r3.ebuild:
615 plasmaroo 1.18 Add Header...
616 frogger 1.9
617     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
618     hardened-sources-2.4.20-r3.ebuild:
619     Removed warnings from ebuild. This kernel should be safe to
620     use at this point.
621 frogger 1.8
622     *hardened-sources-2.4.20-r3 (08 Jun 2003)
623    
624     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
625     hardened-sources-2.4.20-r3.ebuild:
626     New revision. Includes the following changes over -r2:
627 plasmaroo 1.18
628 frogger 1.8 - ck7-base (O(1), preempt, low latency)
629     - Super FreeS/WAN 1.99.7rc2
630     - PaX for the LSM/SELinux branch
631     - GRSecurity 2.0-pre4 (role based access control)
632     - Systrace 1.3
633     - EXT3 fixes
634     - EVMS 2.0.1
635     - GCC 3.1+ compile optimizations
636     - ProPolice kernel build support
637     - Hashing table security fixes
638 frogger 1.3
639     *hardened-sources-2.4.20-r1 (09 Apr 2003)
640 frogger 1.7
641     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
642     Initial import of hardened-sources-r2. This new
643     ebuild includes many new performance and security
644     related patches. As in -r1, it will patch in
645     LSM/SELinux if "selinux" is in USE, otherwise it
646     will patch in GRSecurity. The following patches
647     are included in this revision:
648 plasmaroo 1.18
649 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
650     (pulled from the base CK patch)
651     - ptrace exploit patch for the LSM kernel
652     (the GRSec patch already fixes this)
653     - LSM 2.4-2003040709
654     - SELinux 2.4-2003040709
655     - Systrace v1.2
656     - IPTables patch-o-matic base patches - 20030107
657     - CryptoAPI 2.4.20.1 w/ loop-jari patch
658     - Super FreeS/WAN 1.99.6.1
659     - GRSecurity 1.9.9g
660     - MPPE
661     - EXT3 data journal fix
662     - CIPE 1.5.4
663 frogger 1.6
664     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
665     hardened-sources-2.4.20-r1.ebuild, manifest:
666 plasmaroo 1.18 Updated to install flask components correctly for selinux.
667 frogger 1.5
668     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
669     hardened-sources-2.4.20-r1.ebuild:
670     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
671     is patched in instead. Ptrace patches for selinux have also been added. In
672     either case, systrace support will be patched in as well.
673 frogger 1.3
674     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
675     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
676 plasmaroo 1.18 Revision bump for new sources.
677 frogger 1.4
678 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
679 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
680 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
681 method 1.1
682 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
683    
684 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
685     hardened-sources-2.4.20.ebuild:
686 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20