/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.105 - (hide annotations) (download)
Tue Jul 11 10:50:41 2006 UTC (8 years, 1 month ago) by kang
Branch: MAIN
Changes since 1.104: +7 -1 lines
Bump PaX for RSBAC to test-17
(Portage version: 2.1.1_pre2-r6)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 kang 1.105 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.104 2006/07/03 17:25:56 johnm Exp $
4    
5     *hardened-sources-2.4.32-r7 (10 Jul 2006)
6    
7     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
8     +hardened-sources-2.4.32-r7.ebuild:
9     Bump PaX for RSBAC to test-17
10 johnm 1.104
11     *hardened-sources-2.6.16-r9 (03 Jul 2006)
12    
13     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
14     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
15     hardened-sources-2.6.16 bump to latest -base.
16 solar 1.103
17     *hardened-sources-2.4.32-r6 (30 Jun 2006)
18    
19     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
20     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
21     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
22     sysctl controlable resource logging
23 johnm 1.102
24     *hardened-sources-2.6.16-r7 (05 Jun 2006)
25    
26     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
27     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
28     push new 2.6.16 release in preparation for stable
29 solar 1.101
30     22 May 2006; <solar@gentoo.org> :
31     - redigest bug 134002
32 kang 1.100
33     *hardened-sources-2.4.32-r5 (16 May 2006)
34    
35     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
36     +hardened-sources-2.4.32-r5.ebuild:
37     Fixes rsbac common patching (new patch in new -r5 patchset)
38 solar 1.99
39     *hardened-sources-2.4.32-r4 (13 May 2006)
40    
41     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
42     +hardened-sources-2.4.32-r4.ebuild:
43     - security bumps
44 johnm 1.98
45     *hardened-sources-2.6.16-r6 (03 May 2006)
46    
47     03 May 2006; John Mylchreest <johnm@gentoo.org>
48     +hardened-sources-2.6.16-r6.ebuild:
49     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
50 johnm 1.97
51     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
52     hardened-sources-2.6.14-r8.ebuild:
53     fix x86_64 build problem, this will delay the digest issue again for a short
54     while but it will sort itself out
55 johnm 1.96
56     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
57     hardened-sources-2.6.14-r8.ebuild:
58     bump hardened patchset
59 antarus 1.94
60     27 Apr 2006; Alec Warner <antarus@gentoo.org>
61     files/digest-hardened-sources-2.4.32-r2,
62     files/digest-hardened-sources-2.4.32-r3,
63     files/digest-hardened-sources-2.6.14-r8, Manifest:
64     Fixing duff SHA256 digests: Bug # 131293
65 johnm 1.93
66 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
67    
68     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
69     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
70     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
71     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
72     cleanup of old uneccessary sources
73    
74 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
75     fix digest
76 johnm 1.92
77     *hardened-sources-2.6.14-r8 (20 Apr 2006)
78    
79     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
80     +hardened-sources-2.6.14-r8.ebuild:
81     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
82 johnm 1.91
83     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
84     Turning on gpg-signing again, and recomitting
85 johnm 1.90
86     *hardened-sources-2.6.16-r4 (20 Apr 2006)
87    
88     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
89     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
90     +hardened-sources-2.6.16-r4.ebuild:
91     Fix numerous security vulns
92 solar 1.89
93     *hardened-sources-2.4.32-r3 (16 Apr 2006)
94    
95     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
96     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
97     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
98     - security bump for bug #112791. Removed old ebuilds
99 johnm 1.88
100     *hardened-sources-2.6.16-r3 (15 Apr 2006)
101    
102     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
103     +hardened-sources-2.6.16-r3.ebuild:
104     Removing silly localversion which I missed
105 johnm 1.87
106     *hardened-sources-2.6.14-r7 (14 Apr 2006)
107    
108     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
109     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
110     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
111 johnm 1.86
112     *hardened-sources-2.6.16-r2 (13 Apr 2006)
113    
114     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
115     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
116     +hardened-sources-2.6.16-r2.ebuild:
117     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
118     labels, dropping USERGROUP define fixes, since these were merged mainstream.
119 johnm 1.85
120     *hardened-sources-2.6.16-r1 (11 Apr 2006)
121    
122     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
123     +hardened-sources-2.6.16-r1.ebuild:
124     Bumping to include ppc build fix and 2.6.16.3
125 tsunam 1.84
126     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
127     hardened-sources-2.6.14-r6.ebuild:
128     Stable on x86; bug #127718
129 johnm 1.83
130     *hardened-sources-2.6.16 (31 Mar 2006)
131    
132     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
133     +hardened-sources-2.6.16.ebuild:
134     Bumping to new version of grsec, and kernel base. New squashfs. Based on
135     2.6.16.1
136 cryos 1.82
137     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
138     hardened-sources-2.6.14-r6.ebuild:
139     Stable on amd64, bug 127718.
140 nixnut 1.81
141     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
142     Stable on ppc. Bug #127718
143 johnm 1.80
144     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
145     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
146     -hardened-sources-2.6.14-r4.ebuild:
147     Cleanup.
148 johnm 1.79
149     *hardened-sources-2.6.14-r6 (15 Mar 2006)
150    
151     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
152     +hardened-sources-2.6.14-r6.ebuild:
153     Fixes grsec policy recreation bug and adds a
154     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
155 solar 1.78
156     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
157     - stable on x86
158 hansmi 1.77
159     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
160     hardened-sources-2.6.14-r5.ebuild:
161     Stable on ppc.
162 johnm 1.76
163     *hardened-sources-2.6.14-r5 (01 Feb 2006)
164    
165     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
166     +hardened-sources-2.6.14-r5.ebuild:
167     fixing every known exploit
168 solar 1.75
169     *hardened-sources-2.4.32-r2 (26 Jan 2006)
170    
171     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
172     +hardened-sources-2.4.32-r2.ebuild:
173     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
174 solar 1.74
175     *hardened-sources-2.6.14-r4 (12 Jan 2006)
176    
177     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
178     - version bump for new genpatches which fix up a few sec holes
179 solar 1.73
180     *hardened-sources-2.4.32-r1 (05 Jan 2006)
181    
182     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
183     - revision bump to add misc vital linux kernel security patches.
184 johnm 1.72
185     *hardened-sources-2.6.14-r3 (30 Dec 2005)
186    
187     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
188     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
189     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
190 johnm 1.71
191     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
192     hardened-sources-2.6.14-r2.ebuild:
193     making x86 & amd64 stable following testing.
194 johnm 1.70
195     *hardened-sources-2.6.14-r2 (27 Dec 2005)
196    
197     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
198     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
199     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
200     network hooks.
201 johnm 1.69
202     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
203     hardened-sources-2.6.14-r1.ebuild:
204     bumping to stable early for sec fix on x86 & amd64
205 johnm 1.68
206     *hardened-sources-2.6.14-r1 (05 Dec 2005)
207    
208     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
209     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
210     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
211 solar 1.67
212     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
213     - stable on x86 security bug #114227 CAN-2005-3257
214 kang 1.66
215     *hardened-sources-2.4.32 (19 Nov 2005)
216    
217     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
218     +hardened-sources-2.4.32.ebuild:
219     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
220     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
221     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
222     rsbac >> /etc/portage/package.use)
223 johnm 1.65
224     *hardened-sources-2.6.14 (14 Nov 2005)
225    
226     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
227     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
228     Bumping 2.6 series to 2.6.14.2
229 johnm 1.64
230     *hardened-sources-2.6.13-r2 (20 Oct 2005)
231    
232     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
233     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
234     +hardened-sources-2.6.13-r2.ebuild:
235     Fixes minor build error in ppc.
236 johnm 1.63
237     *hardened-sources-2.6.13-r1 (17 Oct 2005)
238    
239     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
240     +hardened-sources-2.6.13-r1.ebuild:
241     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
242     2.6.13.4, fixes some major amd64 stability problems.
243 johnm 1.62
244     *hardened-sources-2.6.13 (16 Sep 2005)
245    
246     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
247     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
248     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
249     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
250     users should test this thoroughly.
251 solar 1.61
252     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
253     - stable on x86
254 johnm 1.60
255     *hardened-sources-2.6.11-r15 (27 Jun 2005)
256    
257     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
258     +hardened-sources-2.6.11-r15.ebuild:
259     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
260     grsec redefining curr_ip struct.
261 solar 1.59
262     *hardened-sources-2.4.31 (20 Jun 2005)
263    
264     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
265     initial import of 2.4.31 tree
266 johnm 1.58
267     *hardened-sources-2.6.11-r14 (14 Jun 2005)
268    
269     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
270     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
271     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
272     naming scheme to abide by genpatches
273 johnm 1.57
274     *hardened-sources-2.6.11-r13 (18 May 2005)
275    
276     18 May 2005; John Mylchreest <johnm@gentoo.org>
277     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
278     Managed to mangle the Makefile patch from grsec, to miss out the grsec
279     target. sorry about that. Fixes bug #93022
280 johnm 1.56
281     *hardened-sources-2.6.11-r12 (17 May 2005)
282    
283     17 May 2005; John Mylchreest <johnm@gentoo.org>
284     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
285     +hardened-sources-2.6.11-r12.ebuild:
286     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
287     merges in genpatches-base
288 johnm 1.55
289     *hardened-sources-2.6.11-r12 (17 May 2005)
290    
291     17 May 2005; John Mylchreest <johnm@gentoo.org>
292     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
293     +hardened-sources-2.6.11-r12.ebuild:
294     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
295     merges in genpatches-base
296 solar 1.54
297     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
298     -files/2.4.27-cmdline-race.patch,
299     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
300     -files/2.4.28-grsec-binfmt_a.out.patch,
301     -files/2.4.28-grsec-cmdline-race.patch,
302     -files/2.4.28-selinux-binfmt_a.out.patch,
303     -files/2.4.28-selinux-cmdline-race.patch,
304     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
305     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
306     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
307     cleanup..
308 solar 1.53
309     *hardened-sources-2.4.30-r1 (21 Apr 2005)
310    
311     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
312     - disable aout by default
313 solar 1.52
314     *hardened-sources-2.4.30 (18 Apr 2005)
315    
316     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
317     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
318     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
319     use
320 tocharian 1.50
321 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
322    
323     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
324     +hardened-sources-2.4.29.ebuild:
325     New hardened-patches-2.4-29.0 patchball.
326     Removed SELinux support, upgraded GRSecurity to 2.1.4.
327    
328     *hardened-sources-2.4.28-r5 (06 Mar 2005)
329    
330     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
331     +hardened-sources-2.4.28-r5.ebuild:
332     Added a fix for a PaX vulnerability.
333    
334     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
335 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
336     Stable on x86
337 solar 1.49
338     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
339     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
340     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
341     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
342     - fixed/added RDEPEND= in all kernel-2 ebuilds
343 tocharian 1.48
344     *hardened-sources-2.4.28-r4 (21 Jan 2005)
345    
346     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
347     +hardened-sources-2.4.28-r4.ebuild:
348     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
349     backport of neighbour hash updates.
350 tocharian 1.47
351     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
352     hardened-sources-2.4.28-r3.ebuild:
353     Stable on x86
354 tseng 1.46
355     *hardened-sources-2.6.10-r3 (20 Jan 2005)
356    
357     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
358     +hardened-sources-2.6.10-r3.ebuild:
359     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
360     in 2005.0
361 tocharian 1.45
362     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
363     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
364     hardened-sources-2.4.28-r2.ebuild:
365     Mark stable on x86
366 tocharian 1.44
367     *hardened-sources-2.4.28-r3 (17 Jan 2005)
368    
369     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
370     +hardened-sources-2.4.28-r3.ebuild:
371     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
372 tocharian 1.43
373     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
374     hardened-sources-2.4.28.ebuild:
375     Mark stable on x86.
376 tocharian 1.42
377     *hardened-sources-2.4.28-r2 (13 Jan 2005)
378    
379     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
380     +hardened-sources-2.4.28-r2.ebuild:
381     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
382     Mazinger for grsecurity patches as well.
383 plasmaroo 1.41
384     *hardened-sources-2.4.28-r1 (23 Dec 2004)
385    
386     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
387     Security bump. Thank tocharian for rolling a new patchset...
388 solar 1.40
389     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
390     +files/2.4.28-grsec-cmdline-race.patch,
391     +files/2.4.28-selinux-binfmt_a.out.patch,
392     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
393     - Round up remaining security patches that appear to be missing in 2.4.28. -
394     PaX standalone updated to current. hgpv=28.1
395 solar 1.39
396     *hardened-sources-2.4.28 (28 Nov 2004)
397    
398     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
399     security bump. Thank tocharian for rolling a new patchset
400 scox 1.31
401 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
402    
403     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
404     +hardened-sources-2.4.27-r3.ebuild:
405     Applies the new 2.4-27.2 patchball which updates
406     GRSecurity to the 2.0.1 version.
407    
408 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
409    
410     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
411     +hardened-sources-2.4.27-r2.ebuild:
412     Version bump.
413     This version uses the new 2.4-27.1 patchball which updates
414     both the SELinux PaX hooks patch and the SELinux headers.
415    
416 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
417    
418     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
419     +hardened-sources-2.4.27-r1.ebuild,
420     -hardened-sources-2.4.27.ebuild,
421     +files/2.4.27-cmdline-race.patch:
422     Version bump, fix for cmdline race. See bug #59905.
423    
424     *hardened-sources-2.4.26-r6 (09 Aug 2004)
425    
426     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
427     +hardened-sources-2.4.26-r6.ebuild,
428     -hardened-sources-2.4.26-r5.ebuild,
429     -hardened-sources-2.4.26-r4.ebuild,
430     +files/2.4.26-cmdline-race.patch:
431     Version bump, fix for cmdline race. See bug #59905.
432    
433 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
434    
435     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
436     +hardened-sources-2.4.27.ebuild,
437     +files/2.4.27-CAN-2004-0394.patch:
438     Ported the patchball to the 2.4.27 kernel version.
439    
440 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
441    
442     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
443     +hardened-sources-2.4.26-r5.ebuild:
444 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
445 scox 1.34 It adds the following features:
446     - Squashfs
447     - Ebtables
448     - Netdev random (core+drivers)
449     - Watchdog Timer (WDT) fix.
450    
451 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
452    
453     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
454     +hardened-sources-2.4.26-r4.ebuild,
455     +files/2.4.26-CAN-2004-0415.patch,
456     -hardened-sources-2.4.26-3:
457     Version bump, fix for CAN 0415, see bug #59378.
458    
459 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
460    
461     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
462     +hardened-sources-2.4.26-r3.ebuild,
463     +files/2.4.26-CAN-2004-0497.patch,
464     -hardened-sources-2.4.26-r2.ebuild:
465     Version bump, fixed CAN 0497, see bug #56171.
466    
467 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
468    
469     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
470 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
471 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
472     +files/2.4.26-CAN-2004-0535.patch,
473     -hardened-sources-2.4.26-r1.ebuild:
474     Fixes for both CAN 0495 and 0535, see bug #54976
475 pvdabeel 1.27
476 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
477     hardened-sources-2.4.26-r1.ebuild:
478     QA - fix use invocation
479 scox 1.28
480     *hardened-sources-2.4.26-r1 (22 June 2004)
481    
482     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
483     +hardened-sources-2.4.26-r1.ebuild,
484     +files/2.4.26-CAN-2004-0394.patch,
485     +files/2.4.26-signal-race.patch,
486     -hardened-sources-2.4.26.ebuild,
487     -hardened-sources-2.4.24-r3.ebuild:
488     Version bump for the CAN-2004-0394 issue and bug #53804
489     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
490    
491    
492 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
493     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
494     Masked hardened-sources-2.4.26.ebuild broken for ppc
495    
496     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
497     hardened-sources-2.4.24-r3.ebuild:
498     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
499 plasmaroo 1.25
500 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
501    
502     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
503     +hardened-sources-2.4.26.ebuild:
504     Updated hardened-sources for the 2.4.26 kernel
505     Removed broken components, updated almost everything.
506    
507 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
508    
509     17 Apr 2004; <plasmaroo@gentoo.org>
510     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
511     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
512     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
513     +hardened-sources-2.4.24-r3.ebuild:
514     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
515     vulnerabilities. Old revisions removed.
516 plasmaroo 1.24
517     *hardened-sources-2.4.24-r2 (15 Apr 2004)
518    
519     15 Apr 2004; <plasmaroo@gentoo.org>
520     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
521     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
522     Version bump for the CAN-2004-0109 issue; bug #47881.
523 aliz 1.23
524     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
525     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
526     Add eutils to inherit.
527 plasmaroo 1.22
528     *hardened-sources-2.4.24-r1 (19 Feb 2004)
529    
530     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
531     files/hardened-sources-2.4.24.munmap.patch:
532     Added the patch for the mremap/munmap vulnerability. Bug #42024.
533 scox 1.19
534 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
535 scox 1.26
536 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
537     hardened-sources-2.4.24.ebuild:
538     Version bump, updated most of the components.
539     This release includes the following:
540    
541     - Hardened security
542     - Netfilter patch-o-matic 20031219
543     - FreeSWAN 2.04 & x509 1.4.8
544     - EVMS 2.2.2
545     - XFS 1.3.1
546     - cryptoloop jari
547     - grsecurity 2.0-rc4
548     - SELinux
549     - PaX 200402060000
550     - PaX Obscurity 200308302223
551     - Others...
552    
553     Neither -ck nor systrace are included anymore.
554    
555 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
556    
557     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
558     hardened-sources-2.4.22-r2.ebuild:
559 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
560 scox 1.19
561     *hardened-sources-2.4.22-r1 (02 Dec 2003)
562 iggy 1.17
563     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
564 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
565 iggy 1.16
566     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
567 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
568     Version bump for the 'do_brk' vulnerability.
569 iggy 1.15
570     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
571     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
572     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
573     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
574 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
575 frogger 1.14
576     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
577     hardened-sources-2.4.22.ebuild:
578 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
579     components. These are no longer handled in the kernel
580     so this code was not necessary.
581 frogger 1.13
582     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
583     New 2.4.22 based hardened-sources thanks to
584     Phil West <p.west@computer.org>.
585    
586     These sources include:
587 plasmaroo 1.18 - New SELinux API
588     - Updated CK-base
589     - Updated GRSec
590     - Systrace
591     - SuperFreeS/WAN 1.99.8
592     - Propolice kernel build support
593     - EVMS
594     - Other various security related patches
595 frogger 1.11
596 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
597    
598     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
599     Updated hardened-sources based on the 2.4.21 Linux kernel.
600     This includes updates to most major components such as:
601 plasmaroo 1.18 - ck-base-0306300059
602     - selinux-2.4-2003071106
603     - grsecurity-2.0-rc1
604     - Updated IPTables patch-o-matic
605     - Updated SuperFreeS/WAN
606    
607 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
608     updated patch set ready for the 2.4.21 based kernel.
609    
610 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
611     Initial import of hardened-sources-2.4.20-r4. This revision
612     includes only a few changes, but one of these is an important
613     security fix. It is recommended all users of hardened-sources
614     upgrade to this release.
615 plasmaroo 1.18
616 frogger 1.11 - ioperm bug fix
617     - fixed compilation failure when building without GRSec
618 plasmaroo 1.18
619 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
620     due to time constraints, but is planned for inclusion in the near
621     future.
622 msterret 1.10
623     *hardened-sources-2.4.20-r2 (12 Jun 2003)
624    
625     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
626     hardened-sources-2.4.20-r3.ebuild:
627 plasmaroo 1.18 Add Header...
628 frogger 1.9
629     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
630     hardened-sources-2.4.20-r3.ebuild:
631     Removed warnings from ebuild. This kernel should be safe to
632     use at this point.
633 frogger 1.8
634     *hardened-sources-2.4.20-r3 (08 Jun 2003)
635    
636     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
637     hardened-sources-2.4.20-r3.ebuild:
638     New revision. Includes the following changes over -r2:
639 plasmaroo 1.18
640 frogger 1.8 - ck7-base (O(1), preempt, low latency)
641     - Super FreeS/WAN 1.99.7rc2
642     - PaX for the LSM/SELinux branch
643     - GRSecurity 2.0-pre4 (role based access control)
644     - Systrace 1.3
645     - EXT3 fixes
646     - EVMS 2.0.1
647     - GCC 3.1+ compile optimizations
648     - ProPolice kernel build support
649     - Hashing table security fixes
650 frogger 1.3
651     *hardened-sources-2.4.20-r1 (09 Apr 2003)
652 frogger 1.7
653     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
654     Initial import of hardened-sources-r2. This new
655     ebuild includes many new performance and security
656     related patches. As in -r1, it will patch in
657     LSM/SELinux if "selinux" is in USE, otherwise it
658     will patch in GRSecurity. The following patches
659     are included in this revision:
660 plasmaroo 1.18
661 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
662     (pulled from the base CK patch)
663     - ptrace exploit patch for the LSM kernel
664     (the GRSec patch already fixes this)
665     - LSM 2.4-2003040709
666     - SELinux 2.4-2003040709
667     - Systrace v1.2
668     - IPTables patch-o-matic base patches - 20030107
669     - CryptoAPI 2.4.20.1 w/ loop-jari patch
670     - Super FreeS/WAN 1.99.6.1
671     - GRSecurity 1.9.9g
672     - MPPE
673     - EXT3 data journal fix
674     - CIPE 1.5.4
675 frogger 1.6
676     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
677     hardened-sources-2.4.20-r1.ebuild, manifest:
678 plasmaroo 1.18 Updated to install flask components correctly for selinux.
679 frogger 1.5
680     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
681     hardened-sources-2.4.20-r1.ebuild:
682     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
683     is patched in instead. Ptrace patches for selinux have also been added. In
684     either case, systrace support will be patched in as well.
685 frogger 1.3
686     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
687     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
688 plasmaroo 1.18 Revision bump for new sources.
689 frogger 1.4
690 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
691 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
692 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
693 method 1.1
694 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
695    
696 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
697     hardened-sources-2.4.20.ebuild:
698 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20