/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.106 - (hide annotations) (download)
Thu Jul 13 22:01:46 2006 UTC (8 years, 5 months ago) by solar
Branch: MAIN
Changes since 1.105: +4 -1 lines
- 2.4.32-r6 stable on x86. RSBAC state unknown
(Portage version: 2.1-r1)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.106 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.105 2006/07/11 10:50:41 kang Exp $
4    
5     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
6     - 2.4.32-r6 stable on x86. RSBAC state unknown
7 kang 1.105
8     *hardened-sources-2.4.32-r7 (10 Jul 2006)
9    
10     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
11     +hardened-sources-2.4.32-r7.ebuild:
12     Bump PaX for RSBAC to test-17
13 johnm 1.104
14     *hardened-sources-2.6.16-r9 (03 Jul 2006)
15    
16     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
17     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
18     hardened-sources-2.6.16 bump to latest -base.
19 solar 1.103
20     *hardened-sources-2.4.32-r6 (30 Jun 2006)
21    
22     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
23     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
24     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
25     sysctl controlable resource logging
26 johnm 1.102
27     *hardened-sources-2.6.16-r7 (05 Jun 2006)
28    
29     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
30     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
31     push new 2.6.16 release in preparation for stable
32 solar 1.101
33     22 May 2006; <solar@gentoo.org> :
34     - redigest bug 134002
35 kang 1.100
36     *hardened-sources-2.4.32-r5 (16 May 2006)
37    
38     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
39     +hardened-sources-2.4.32-r5.ebuild:
40     Fixes rsbac common patching (new patch in new -r5 patchset)
41 solar 1.99
42     *hardened-sources-2.4.32-r4 (13 May 2006)
43    
44     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
45     +hardened-sources-2.4.32-r4.ebuild:
46     - security bumps
47 johnm 1.98
48     *hardened-sources-2.6.16-r6 (03 May 2006)
49    
50     03 May 2006; John Mylchreest <johnm@gentoo.org>
51     +hardened-sources-2.6.16-r6.ebuild:
52     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
53 johnm 1.97
54     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
55     hardened-sources-2.6.14-r8.ebuild:
56     fix x86_64 build problem, this will delay the digest issue again for a short
57     while but it will sort itself out
58 johnm 1.96
59     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
60     hardened-sources-2.6.14-r8.ebuild:
61     bump hardened patchset
62 antarus 1.94
63     27 Apr 2006; Alec Warner <antarus@gentoo.org>
64     files/digest-hardened-sources-2.4.32-r2,
65     files/digest-hardened-sources-2.4.32-r3,
66     files/digest-hardened-sources-2.6.14-r8, Manifest:
67     Fixing duff SHA256 digests: Bug # 131293
68 johnm 1.93
69 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
70    
71     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
72     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
73     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
74     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
75     cleanup of old uneccessary sources
76    
77 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
78     fix digest
79 johnm 1.92
80     *hardened-sources-2.6.14-r8 (20 Apr 2006)
81    
82     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
83     +hardened-sources-2.6.14-r8.ebuild:
84     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
85 johnm 1.91
86     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
87     Turning on gpg-signing again, and recomitting
88 johnm 1.90
89     *hardened-sources-2.6.16-r4 (20 Apr 2006)
90    
91     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
92     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
93     +hardened-sources-2.6.16-r4.ebuild:
94     Fix numerous security vulns
95 solar 1.89
96     *hardened-sources-2.4.32-r3 (16 Apr 2006)
97    
98     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
99     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
100     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
101     - security bump for bug #112791. Removed old ebuilds
102 johnm 1.88
103     *hardened-sources-2.6.16-r3 (15 Apr 2006)
104    
105     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
106     +hardened-sources-2.6.16-r3.ebuild:
107     Removing silly localversion which I missed
108 johnm 1.87
109     *hardened-sources-2.6.14-r7 (14 Apr 2006)
110    
111     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
112     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
113     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
114 johnm 1.86
115     *hardened-sources-2.6.16-r2 (13 Apr 2006)
116    
117     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
118     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
119     +hardened-sources-2.6.16-r2.ebuild:
120     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
121     labels, dropping USERGROUP define fixes, since these were merged mainstream.
122 johnm 1.85
123     *hardened-sources-2.6.16-r1 (11 Apr 2006)
124    
125     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
126     +hardened-sources-2.6.16-r1.ebuild:
127     Bumping to include ppc build fix and 2.6.16.3
128 tsunam 1.84
129     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
130     hardened-sources-2.6.14-r6.ebuild:
131     Stable on x86; bug #127718
132 johnm 1.83
133     *hardened-sources-2.6.16 (31 Mar 2006)
134    
135     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
136     +hardened-sources-2.6.16.ebuild:
137     Bumping to new version of grsec, and kernel base. New squashfs. Based on
138     2.6.16.1
139 cryos 1.82
140     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
141     hardened-sources-2.6.14-r6.ebuild:
142     Stable on amd64, bug 127718.
143 nixnut 1.81
144     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
145     Stable on ppc. Bug #127718
146 johnm 1.80
147     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
148     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
149     -hardened-sources-2.6.14-r4.ebuild:
150     Cleanup.
151 johnm 1.79
152     *hardened-sources-2.6.14-r6 (15 Mar 2006)
153    
154     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
155     +hardened-sources-2.6.14-r6.ebuild:
156     Fixes grsec policy recreation bug and adds a
157     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
158 solar 1.78
159     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
160     - stable on x86
161 hansmi 1.77
162     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
163     hardened-sources-2.6.14-r5.ebuild:
164     Stable on ppc.
165 johnm 1.76
166     *hardened-sources-2.6.14-r5 (01 Feb 2006)
167    
168     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
169     +hardened-sources-2.6.14-r5.ebuild:
170     fixing every known exploit
171 solar 1.75
172     *hardened-sources-2.4.32-r2 (26 Jan 2006)
173    
174     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
175     +hardened-sources-2.4.32-r2.ebuild:
176     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
177 solar 1.74
178     *hardened-sources-2.6.14-r4 (12 Jan 2006)
179    
180     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
181     - version bump for new genpatches which fix up a few sec holes
182 solar 1.73
183     *hardened-sources-2.4.32-r1 (05 Jan 2006)
184    
185     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
186     - revision bump to add misc vital linux kernel security patches.
187 johnm 1.72
188     *hardened-sources-2.6.14-r3 (30 Dec 2005)
189    
190     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
191     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
192     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
193 johnm 1.71
194     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
195     hardened-sources-2.6.14-r2.ebuild:
196     making x86 & amd64 stable following testing.
197 johnm 1.70
198     *hardened-sources-2.6.14-r2 (27 Dec 2005)
199    
200     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
201     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
202     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
203     network hooks.
204 johnm 1.69
205     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
206     hardened-sources-2.6.14-r1.ebuild:
207     bumping to stable early for sec fix on x86 & amd64
208 johnm 1.68
209     *hardened-sources-2.6.14-r1 (05 Dec 2005)
210    
211     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
212     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
213     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
214 solar 1.67
215     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
216     - stable on x86 security bug #114227 CAN-2005-3257
217 kang 1.66
218     *hardened-sources-2.4.32 (19 Nov 2005)
219    
220     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
221     +hardened-sources-2.4.32.ebuild:
222     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
223     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
224     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
225     rsbac >> /etc/portage/package.use)
226 johnm 1.65
227     *hardened-sources-2.6.14 (14 Nov 2005)
228    
229     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
230     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
231     Bumping 2.6 series to 2.6.14.2
232 johnm 1.64
233     *hardened-sources-2.6.13-r2 (20 Oct 2005)
234    
235     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
236     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
237     +hardened-sources-2.6.13-r2.ebuild:
238     Fixes minor build error in ppc.
239 johnm 1.63
240     *hardened-sources-2.6.13-r1 (17 Oct 2005)
241    
242     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
243     +hardened-sources-2.6.13-r1.ebuild:
244     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
245     2.6.13.4, fixes some major amd64 stability problems.
246 johnm 1.62
247     *hardened-sources-2.6.13 (16 Sep 2005)
248    
249     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
250     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
251     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
252     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
253     users should test this thoroughly.
254 solar 1.61
255     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
256     - stable on x86
257 johnm 1.60
258     *hardened-sources-2.6.11-r15 (27 Jun 2005)
259    
260     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
261     +hardened-sources-2.6.11-r15.ebuild:
262     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
263     grsec redefining curr_ip struct.
264 solar 1.59
265     *hardened-sources-2.4.31 (20 Jun 2005)
266    
267     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
268     initial import of 2.4.31 tree
269 johnm 1.58
270     *hardened-sources-2.6.11-r14 (14 Jun 2005)
271    
272     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
273     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
274     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
275     naming scheme to abide by genpatches
276 johnm 1.57
277     *hardened-sources-2.6.11-r13 (18 May 2005)
278    
279     18 May 2005; John Mylchreest <johnm@gentoo.org>
280     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
281     Managed to mangle the Makefile patch from grsec, to miss out the grsec
282     target. sorry about that. Fixes bug #93022
283 johnm 1.56
284     *hardened-sources-2.6.11-r12 (17 May 2005)
285    
286     17 May 2005; John Mylchreest <johnm@gentoo.org>
287     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
288     +hardened-sources-2.6.11-r12.ebuild:
289     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
290     merges in genpatches-base
291 johnm 1.55
292     *hardened-sources-2.6.11-r12 (17 May 2005)
293    
294     17 May 2005; John Mylchreest <johnm@gentoo.org>
295     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
296     +hardened-sources-2.6.11-r12.ebuild:
297     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
298     merges in genpatches-base
299 solar 1.54
300     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
301     -files/2.4.27-cmdline-race.patch,
302     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
303     -files/2.4.28-grsec-binfmt_a.out.patch,
304     -files/2.4.28-grsec-cmdline-race.patch,
305     -files/2.4.28-selinux-binfmt_a.out.patch,
306     -files/2.4.28-selinux-cmdline-race.patch,
307     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
308     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
309     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
310     cleanup..
311 solar 1.53
312     *hardened-sources-2.4.30-r1 (21 Apr 2005)
313    
314     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
315     - disable aout by default
316 solar 1.52
317     *hardened-sources-2.4.30 (18 Apr 2005)
318    
319     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
320     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
321     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
322     use
323 tocharian 1.50
324 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
325    
326     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
327     +hardened-sources-2.4.29.ebuild:
328     New hardened-patches-2.4-29.0 patchball.
329     Removed SELinux support, upgraded GRSecurity to 2.1.4.
330    
331     *hardened-sources-2.4.28-r5 (06 Mar 2005)
332    
333     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
334     +hardened-sources-2.4.28-r5.ebuild:
335     Added a fix for a PaX vulnerability.
336    
337     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
338 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
339     Stable on x86
340 solar 1.49
341     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
342     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
343     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
344     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
345     - fixed/added RDEPEND= in all kernel-2 ebuilds
346 tocharian 1.48
347     *hardened-sources-2.4.28-r4 (21 Jan 2005)
348    
349     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
350     +hardened-sources-2.4.28-r4.ebuild:
351     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
352     backport of neighbour hash updates.
353 tocharian 1.47
354     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
355     hardened-sources-2.4.28-r3.ebuild:
356     Stable on x86
357 tseng 1.46
358     *hardened-sources-2.6.10-r3 (20 Jan 2005)
359    
360     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
361     +hardened-sources-2.6.10-r3.ebuild:
362     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
363     in 2005.0
364 tocharian 1.45
365     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
366     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
367     hardened-sources-2.4.28-r2.ebuild:
368     Mark stable on x86
369 tocharian 1.44
370     *hardened-sources-2.4.28-r3 (17 Jan 2005)
371    
372     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
373     +hardened-sources-2.4.28-r3.ebuild:
374     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
375 tocharian 1.43
376     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
377     hardened-sources-2.4.28.ebuild:
378     Mark stable on x86.
379 tocharian 1.42
380     *hardened-sources-2.4.28-r2 (13 Jan 2005)
381    
382     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
383     +hardened-sources-2.4.28-r2.ebuild:
384     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
385     Mazinger for grsecurity patches as well.
386 plasmaroo 1.41
387     *hardened-sources-2.4.28-r1 (23 Dec 2004)
388    
389     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
390     Security bump. Thank tocharian for rolling a new patchset...
391 solar 1.40
392     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
393     +files/2.4.28-grsec-cmdline-race.patch,
394     +files/2.4.28-selinux-binfmt_a.out.patch,
395     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
396     - Round up remaining security patches that appear to be missing in 2.4.28. -
397     PaX standalone updated to current. hgpv=28.1
398 solar 1.39
399     *hardened-sources-2.4.28 (28 Nov 2004)
400    
401     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
402     security bump. Thank tocharian for rolling a new patchset
403 scox 1.31
404 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
405    
406     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
407     +hardened-sources-2.4.27-r3.ebuild:
408     Applies the new 2.4-27.2 patchball which updates
409     GRSecurity to the 2.0.1 version.
410    
411 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
412    
413     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
414     +hardened-sources-2.4.27-r2.ebuild:
415     Version bump.
416     This version uses the new 2.4-27.1 patchball which updates
417     both the SELinux PaX hooks patch and the SELinux headers.
418    
419 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
420    
421     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
422     +hardened-sources-2.4.27-r1.ebuild,
423     -hardened-sources-2.4.27.ebuild,
424     +files/2.4.27-cmdline-race.patch:
425     Version bump, fix for cmdline race. See bug #59905.
426    
427     *hardened-sources-2.4.26-r6 (09 Aug 2004)
428    
429     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
430     +hardened-sources-2.4.26-r6.ebuild,
431     -hardened-sources-2.4.26-r5.ebuild,
432     -hardened-sources-2.4.26-r4.ebuild,
433     +files/2.4.26-cmdline-race.patch:
434     Version bump, fix for cmdline race. See bug #59905.
435    
436 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
437    
438     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
439     +hardened-sources-2.4.27.ebuild,
440     +files/2.4.27-CAN-2004-0394.patch:
441     Ported the patchball to the 2.4.27 kernel version.
442    
443 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
444    
445     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
446     +hardened-sources-2.4.26-r5.ebuild:
447 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
448 scox 1.34 It adds the following features:
449     - Squashfs
450     - Ebtables
451     - Netdev random (core+drivers)
452     - Watchdog Timer (WDT) fix.
453    
454 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
455    
456     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
457     +hardened-sources-2.4.26-r4.ebuild,
458     +files/2.4.26-CAN-2004-0415.patch,
459     -hardened-sources-2.4.26-3:
460     Version bump, fix for CAN 0415, see bug #59378.
461    
462 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
463    
464     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
465     +hardened-sources-2.4.26-r3.ebuild,
466     +files/2.4.26-CAN-2004-0497.patch,
467     -hardened-sources-2.4.26-r2.ebuild:
468     Version bump, fixed CAN 0497, see bug #56171.
469    
470 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
471    
472     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
473 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
474 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
475     +files/2.4.26-CAN-2004-0535.patch,
476     -hardened-sources-2.4.26-r1.ebuild:
477     Fixes for both CAN 0495 and 0535, see bug #54976
478 pvdabeel 1.27
479 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
480     hardened-sources-2.4.26-r1.ebuild:
481     QA - fix use invocation
482 scox 1.28
483     *hardened-sources-2.4.26-r1 (22 June 2004)
484    
485     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
486     +hardened-sources-2.4.26-r1.ebuild,
487     +files/2.4.26-CAN-2004-0394.patch,
488     +files/2.4.26-signal-race.patch,
489     -hardened-sources-2.4.26.ebuild,
490     -hardened-sources-2.4.24-r3.ebuild:
491     Version bump for the CAN-2004-0394 issue and bug #53804
492     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
493    
494    
495 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
496     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
497     Masked hardened-sources-2.4.26.ebuild broken for ppc
498    
499     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
500     hardened-sources-2.4.24-r3.ebuild:
501     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
502 plasmaroo 1.25
503 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
504    
505     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
506     +hardened-sources-2.4.26.ebuild:
507     Updated hardened-sources for the 2.4.26 kernel
508     Removed broken components, updated almost everything.
509    
510 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
511    
512     17 Apr 2004; <plasmaroo@gentoo.org>
513     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
514     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
515     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
516     +hardened-sources-2.4.24-r3.ebuild:
517     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
518     vulnerabilities. Old revisions removed.
519 plasmaroo 1.24
520     *hardened-sources-2.4.24-r2 (15 Apr 2004)
521    
522     15 Apr 2004; <plasmaroo@gentoo.org>
523     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
524     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
525     Version bump for the CAN-2004-0109 issue; bug #47881.
526 aliz 1.23
527     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
528     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
529     Add eutils to inherit.
530 plasmaroo 1.22
531     *hardened-sources-2.4.24-r1 (19 Feb 2004)
532    
533     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
534     files/hardened-sources-2.4.24.munmap.patch:
535     Added the patch for the mremap/munmap vulnerability. Bug #42024.
536 scox 1.19
537 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
538 scox 1.26
539 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
540     hardened-sources-2.4.24.ebuild:
541     Version bump, updated most of the components.
542     This release includes the following:
543    
544     - Hardened security
545     - Netfilter patch-o-matic 20031219
546     - FreeSWAN 2.04 & x509 1.4.8
547     - EVMS 2.2.2
548     - XFS 1.3.1
549     - cryptoloop jari
550     - grsecurity 2.0-rc4
551     - SELinux
552     - PaX 200402060000
553     - PaX Obscurity 200308302223
554     - Others...
555    
556     Neither -ck nor systrace are included anymore.
557    
558 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
559    
560     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
561     hardened-sources-2.4.22-r2.ebuild:
562 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
563 scox 1.19
564     *hardened-sources-2.4.22-r1 (02 Dec 2003)
565 iggy 1.17
566     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
567 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
568 iggy 1.16
569     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
570 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
571     Version bump for the 'do_brk' vulnerability.
572 iggy 1.15
573     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
574     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
575     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
576     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
577 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
578 frogger 1.14
579     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
580     hardened-sources-2.4.22.ebuild:
581 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
582     components. These are no longer handled in the kernel
583     so this code was not necessary.
584 frogger 1.13
585     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
586     New 2.4.22 based hardened-sources thanks to
587     Phil West <p.west@computer.org>.
588    
589     These sources include:
590 plasmaroo 1.18 - New SELinux API
591     - Updated CK-base
592     - Updated GRSec
593     - Systrace
594     - SuperFreeS/WAN 1.99.8
595     - Propolice kernel build support
596     - EVMS
597     - Other various security related patches
598 frogger 1.11
599 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
600    
601     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
602     Updated hardened-sources based on the 2.4.21 Linux kernel.
603     This includes updates to most major components such as:
604 plasmaroo 1.18 - ck-base-0306300059
605     - selinux-2.4-2003071106
606     - grsecurity-2.0-rc1
607     - Updated IPTables patch-o-matic
608     - Updated SuperFreeS/WAN
609    
610 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
611     updated patch set ready for the 2.4.21 based kernel.
612    
613 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
614     Initial import of hardened-sources-2.4.20-r4. This revision
615     includes only a few changes, but one of these is an important
616     security fix. It is recommended all users of hardened-sources
617     upgrade to this release.
618 plasmaroo 1.18
619 frogger 1.11 - ioperm bug fix
620     - fixed compilation failure when building without GRSec
621 plasmaroo 1.18
622 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
623     due to time constraints, but is planned for inclusion in the near
624     future.
625 msterret 1.10
626     *hardened-sources-2.4.20-r2 (12 Jun 2003)
627    
628     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
629     hardened-sources-2.4.20-r3.ebuild:
630 plasmaroo 1.18 Add Header...
631 frogger 1.9
632     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
633     hardened-sources-2.4.20-r3.ebuild:
634     Removed warnings from ebuild. This kernel should be safe to
635     use at this point.
636 frogger 1.8
637     *hardened-sources-2.4.20-r3 (08 Jun 2003)
638    
639     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
640     hardened-sources-2.4.20-r3.ebuild:
641     New revision. Includes the following changes over -r2:
642 plasmaroo 1.18
643 frogger 1.8 - ck7-base (O(1), preempt, low latency)
644     - Super FreeS/WAN 1.99.7rc2
645     - PaX for the LSM/SELinux branch
646     - GRSecurity 2.0-pre4 (role based access control)
647     - Systrace 1.3
648     - EXT3 fixes
649     - EVMS 2.0.1
650     - GCC 3.1+ compile optimizations
651     - ProPolice kernel build support
652     - Hashing table security fixes
653 frogger 1.3
654     *hardened-sources-2.4.20-r1 (09 Apr 2003)
655 frogger 1.7
656     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
657     Initial import of hardened-sources-r2. This new
658     ebuild includes many new performance and security
659     related patches. As in -r1, it will patch in
660     LSM/SELinux if "selinux" is in USE, otherwise it
661     will patch in GRSecurity. The following patches
662     are included in this revision:
663 plasmaroo 1.18
664 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
665     (pulled from the base CK patch)
666     - ptrace exploit patch for the LSM kernel
667     (the GRSec patch already fixes this)
668     - LSM 2.4-2003040709
669     - SELinux 2.4-2003040709
670     - Systrace v1.2
671     - IPTables patch-o-matic base patches - 20030107
672     - CryptoAPI 2.4.20.1 w/ loop-jari patch
673     - Super FreeS/WAN 1.99.6.1
674     - GRSecurity 1.9.9g
675     - MPPE
676     - EXT3 data journal fix
677     - CIPE 1.5.4
678 frogger 1.6
679     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
680     hardened-sources-2.4.20-r1.ebuild, manifest:
681 plasmaroo 1.18 Updated to install flask components correctly for selinux.
682 frogger 1.5
683     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
684     hardened-sources-2.4.20-r1.ebuild:
685     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
686     is patched in instead. Ptrace patches for selinux have also been added. In
687     either case, systrace support will be patched in as well.
688 frogger 1.3
689     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
690     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
691 plasmaroo 1.18 Revision bump for new sources.
692 frogger 1.4
693 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
694 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
695 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
696 method 1.1
697 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
698    
699 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
700     hardened-sources-2.4.20.ebuild:
701 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20