/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.113 - (hide annotations) (download)
Wed Oct 18 21:31:32 2006 UTC (7 years, 11 months ago) by solar
Branch: MAIN
Changes since 1.112: +4 -1 lines
- mark 2.6.17-r1 stable
(Portage version: 2.1.2_pre1)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.113 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.112 2006/08/27 11:49:20 phreak Exp $
4    
5     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
6     - mark 2.6.17-r1 stable
7 phreak 1.112
8     27 Aug 2006; Christian Heim <phreak@gentoo.org>
9     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
10     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
11 phreak 1.111
12     *hardened-sources-2.6.17-r1 (26 Aug 2006)
13    
14     26 Aug 2006; Christian Heim <phreak@gentoo.org>
15     +hardened-sources-2.6.17-r1.ebuild:
16     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
17     grsecurity patch.
18 phreak 1.110
19     *hardened-sources-2.6.17 (17 Aug 2006)
20    
21     17 Aug 2006; Christian Heim <phreak@gentoo.org>
22     +hardened-sources-2.6.17.ebuild:
23     Bumping the hardened-sources-2.6 series to 2.6.17, using
24     genpatches-2.6.17-6.base.
25 solar 1.109
26     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
27     - stable on x86 and amd64
28 solar 1.108
29     *hardened-sources-2.6.16-r11 (15 Jul 2006)
30    
31     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
32     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
33     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
34     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
35     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
36     crusty ebuilds
37 johnm 1.107
38     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
39     hardened-sources-2.6.16-r10.ebuild:
40     marking stable on x86 and amd64
41 solar 1.106
42     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
43     - 2.4.32-r6 stable on x86. RSBAC state unknown
44 kang 1.105
45     *hardened-sources-2.4.32-r7 (10 Jul 2006)
46    
47     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
48     +hardened-sources-2.4.32-r7.ebuild:
49     Bump PaX for RSBAC to test-17
50 johnm 1.104
51     *hardened-sources-2.6.16-r9 (03 Jul 2006)
52    
53     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
54     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
55     hardened-sources-2.6.16 bump to latest -base.
56 solar 1.103
57     *hardened-sources-2.4.32-r6 (30 Jun 2006)
58    
59     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
60     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
61     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
62     sysctl controlable resource logging
63 johnm 1.102
64     *hardened-sources-2.6.16-r7 (05 Jun 2006)
65    
66     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
67     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
68     push new 2.6.16 release in preparation for stable
69 solar 1.101
70     22 May 2006; <solar@gentoo.org> :
71     - redigest bug 134002
72 kang 1.100
73     *hardened-sources-2.4.32-r5 (16 May 2006)
74    
75     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
76     +hardened-sources-2.4.32-r5.ebuild:
77     Fixes rsbac common patching (new patch in new -r5 patchset)
78 solar 1.99
79     *hardened-sources-2.4.32-r4 (13 May 2006)
80    
81     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
82     +hardened-sources-2.4.32-r4.ebuild:
83     - security bumps
84 johnm 1.98
85     *hardened-sources-2.6.16-r6 (03 May 2006)
86    
87     03 May 2006; John Mylchreest <johnm@gentoo.org>
88     +hardened-sources-2.6.16-r6.ebuild:
89     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
90 johnm 1.97
91     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
92     hardened-sources-2.6.14-r8.ebuild:
93     fix x86_64 build problem, this will delay the digest issue again for a short
94     while but it will sort itself out
95 johnm 1.96
96     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
97     hardened-sources-2.6.14-r8.ebuild:
98     bump hardened patchset
99 antarus 1.94
100     27 Apr 2006; Alec Warner <antarus@gentoo.org>
101     files/digest-hardened-sources-2.4.32-r2,
102     files/digest-hardened-sources-2.4.32-r3,
103     files/digest-hardened-sources-2.6.14-r8, Manifest:
104     Fixing duff SHA256 digests: Bug # 131293
105 johnm 1.93
106 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
107    
108     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
109     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
110     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
111     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
112     cleanup of old uneccessary sources
113    
114 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
115     fix digest
116 johnm 1.92
117     *hardened-sources-2.6.14-r8 (20 Apr 2006)
118    
119     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
120     +hardened-sources-2.6.14-r8.ebuild:
121     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
122 johnm 1.91
123     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
124     Turning on gpg-signing again, and recomitting
125 johnm 1.90
126     *hardened-sources-2.6.16-r4 (20 Apr 2006)
127    
128     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
129     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
130     +hardened-sources-2.6.16-r4.ebuild:
131     Fix numerous security vulns
132 solar 1.89
133     *hardened-sources-2.4.32-r3 (16 Apr 2006)
134    
135     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
136     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
137     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
138     - security bump for bug #112791. Removed old ebuilds
139 johnm 1.88
140     *hardened-sources-2.6.16-r3 (15 Apr 2006)
141    
142     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
143     +hardened-sources-2.6.16-r3.ebuild:
144     Removing silly localversion which I missed
145 johnm 1.87
146     *hardened-sources-2.6.14-r7 (14 Apr 2006)
147    
148     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
149     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
150     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
151 johnm 1.86
152     *hardened-sources-2.6.16-r2 (13 Apr 2006)
153    
154     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
155     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
156     +hardened-sources-2.6.16-r2.ebuild:
157     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
158     labels, dropping USERGROUP define fixes, since these were merged mainstream.
159 johnm 1.85
160     *hardened-sources-2.6.16-r1 (11 Apr 2006)
161    
162     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
163     +hardened-sources-2.6.16-r1.ebuild:
164     Bumping to include ppc build fix and 2.6.16.3
165 tsunam 1.84
166     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
167     hardened-sources-2.6.14-r6.ebuild:
168     Stable on x86; bug #127718
169 johnm 1.83
170     *hardened-sources-2.6.16 (31 Mar 2006)
171    
172     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
173     +hardened-sources-2.6.16.ebuild:
174     Bumping to new version of grsec, and kernel base. New squashfs. Based on
175     2.6.16.1
176 cryos 1.82
177     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
178     hardened-sources-2.6.14-r6.ebuild:
179     Stable on amd64, bug 127718.
180 nixnut 1.81
181     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
182     Stable on ppc. Bug #127718
183 johnm 1.80
184     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
185     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
186     -hardened-sources-2.6.14-r4.ebuild:
187     Cleanup.
188 johnm 1.79
189     *hardened-sources-2.6.14-r6 (15 Mar 2006)
190    
191     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
192     +hardened-sources-2.6.14-r6.ebuild:
193     Fixes grsec policy recreation bug and adds a
194     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
195 solar 1.78
196     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
197     - stable on x86
198 hansmi 1.77
199     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
200     hardened-sources-2.6.14-r5.ebuild:
201     Stable on ppc.
202 johnm 1.76
203     *hardened-sources-2.6.14-r5 (01 Feb 2006)
204    
205     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
206     +hardened-sources-2.6.14-r5.ebuild:
207     fixing every known exploit
208 solar 1.75
209     *hardened-sources-2.4.32-r2 (26 Jan 2006)
210    
211     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
212     +hardened-sources-2.4.32-r2.ebuild:
213     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
214 solar 1.74
215     *hardened-sources-2.6.14-r4 (12 Jan 2006)
216    
217     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
218     - version bump for new genpatches which fix up a few sec holes
219 solar 1.73
220     *hardened-sources-2.4.32-r1 (05 Jan 2006)
221    
222     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
223     - revision bump to add misc vital linux kernel security patches.
224 johnm 1.72
225     *hardened-sources-2.6.14-r3 (30 Dec 2005)
226    
227     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
228     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
229     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
230 johnm 1.71
231     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
232     hardened-sources-2.6.14-r2.ebuild:
233     making x86 & amd64 stable following testing.
234 johnm 1.70
235     *hardened-sources-2.6.14-r2 (27 Dec 2005)
236    
237     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
238     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
239     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
240     network hooks.
241 johnm 1.69
242     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
243     hardened-sources-2.6.14-r1.ebuild:
244     bumping to stable early for sec fix on x86 & amd64
245 johnm 1.68
246     *hardened-sources-2.6.14-r1 (05 Dec 2005)
247    
248     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
249     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
250     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
251 solar 1.67
252     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
253     - stable on x86 security bug #114227 CAN-2005-3257
254 kang 1.66
255     *hardened-sources-2.4.32 (19 Nov 2005)
256    
257     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
258     +hardened-sources-2.4.32.ebuild:
259     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
260     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
261     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
262     rsbac >> /etc/portage/package.use)
263 johnm 1.65
264     *hardened-sources-2.6.14 (14 Nov 2005)
265    
266     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
267     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
268     Bumping 2.6 series to 2.6.14.2
269 johnm 1.64
270     *hardened-sources-2.6.13-r2 (20 Oct 2005)
271    
272     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
273     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
274     +hardened-sources-2.6.13-r2.ebuild:
275     Fixes minor build error in ppc.
276 johnm 1.63
277     *hardened-sources-2.6.13-r1 (17 Oct 2005)
278    
279     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
280     +hardened-sources-2.6.13-r1.ebuild:
281     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
282     2.6.13.4, fixes some major amd64 stability problems.
283 johnm 1.62
284     *hardened-sources-2.6.13 (16 Sep 2005)
285    
286     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
287     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
288     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
289     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
290     users should test this thoroughly.
291 solar 1.61
292     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
293     - stable on x86
294 johnm 1.60
295     *hardened-sources-2.6.11-r15 (27 Jun 2005)
296    
297     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
298     +hardened-sources-2.6.11-r15.ebuild:
299     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
300     grsec redefining curr_ip struct.
301 solar 1.59
302     *hardened-sources-2.4.31 (20 Jun 2005)
303    
304     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
305     initial import of 2.4.31 tree
306 johnm 1.58
307     *hardened-sources-2.6.11-r14 (14 Jun 2005)
308    
309     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
310     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
311     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
312     naming scheme to abide by genpatches
313 johnm 1.57
314     *hardened-sources-2.6.11-r13 (18 May 2005)
315    
316     18 May 2005; John Mylchreest <johnm@gentoo.org>
317     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
318     Managed to mangle the Makefile patch from grsec, to miss out the grsec
319     target. sorry about that. Fixes bug #93022
320 johnm 1.56
321     *hardened-sources-2.6.11-r12 (17 May 2005)
322    
323     17 May 2005; John Mylchreest <johnm@gentoo.org>
324     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
325     +hardened-sources-2.6.11-r12.ebuild:
326     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
327     merges in genpatches-base
328 johnm 1.55
329     *hardened-sources-2.6.11-r12 (17 May 2005)
330    
331     17 May 2005; John Mylchreest <johnm@gentoo.org>
332     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
333     +hardened-sources-2.6.11-r12.ebuild:
334     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
335     merges in genpatches-base
336 solar 1.54
337     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
338     -files/2.4.27-cmdline-race.patch,
339     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
340     -files/2.4.28-grsec-binfmt_a.out.patch,
341     -files/2.4.28-grsec-cmdline-race.patch,
342     -files/2.4.28-selinux-binfmt_a.out.patch,
343     -files/2.4.28-selinux-cmdline-race.patch,
344     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
345     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
346     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
347     cleanup..
348 solar 1.53
349     *hardened-sources-2.4.30-r1 (21 Apr 2005)
350    
351     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
352     - disable aout by default
353 solar 1.52
354     *hardened-sources-2.4.30 (18 Apr 2005)
355    
356     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
357     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
358     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
359     use
360 tocharian 1.50
361 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
362    
363     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
364     +hardened-sources-2.4.29.ebuild:
365     New hardened-patches-2.4-29.0 patchball.
366     Removed SELinux support, upgraded GRSecurity to 2.1.4.
367    
368     *hardened-sources-2.4.28-r5 (06 Mar 2005)
369    
370     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
371     +hardened-sources-2.4.28-r5.ebuild:
372     Added a fix for a PaX vulnerability.
373    
374     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
375 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
376     Stable on x86
377 solar 1.49
378     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
379     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
380     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
381     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
382     - fixed/added RDEPEND= in all kernel-2 ebuilds
383 tocharian 1.48
384     *hardened-sources-2.4.28-r4 (21 Jan 2005)
385    
386     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
387     +hardened-sources-2.4.28-r4.ebuild:
388     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
389     backport of neighbour hash updates.
390 tocharian 1.47
391     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
392     hardened-sources-2.4.28-r3.ebuild:
393     Stable on x86
394 tseng 1.46
395     *hardened-sources-2.6.10-r3 (20 Jan 2005)
396    
397     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
398     +hardened-sources-2.6.10-r3.ebuild:
399     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
400     in 2005.0
401 tocharian 1.45
402     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
403     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
404     hardened-sources-2.4.28-r2.ebuild:
405     Mark stable on x86
406 tocharian 1.44
407     *hardened-sources-2.4.28-r3 (17 Jan 2005)
408    
409     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
410     +hardened-sources-2.4.28-r3.ebuild:
411     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
412 tocharian 1.43
413     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
414     hardened-sources-2.4.28.ebuild:
415     Mark stable on x86.
416 tocharian 1.42
417     *hardened-sources-2.4.28-r2 (13 Jan 2005)
418    
419     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
420     +hardened-sources-2.4.28-r2.ebuild:
421     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
422     Mazinger for grsecurity patches as well.
423 plasmaroo 1.41
424     *hardened-sources-2.4.28-r1 (23 Dec 2004)
425    
426     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
427     Security bump. Thank tocharian for rolling a new patchset...
428 solar 1.40
429     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
430     +files/2.4.28-grsec-cmdline-race.patch,
431     +files/2.4.28-selinux-binfmt_a.out.patch,
432     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
433     - Round up remaining security patches that appear to be missing in 2.4.28. -
434     PaX standalone updated to current. hgpv=28.1
435 solar 1.39
436     *hardened-sources-2.4.28 (28 Nov 2004)
437    
438     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
439     security bump. Thank tocharian for rolling a new patchset
440 scox 1.31
441 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
442    
443     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
444     +hardened-sources-2.4.27-r3.ebuild:
445     Applies the new 2.4-27.2 patchball which updates
446     GRSecurity to the 2.0.1 version.
447    
448 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
449    
450     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
451     +hardened-sources-2.4.27-r2.ebuild:
452     Version bump.
453     This version uses the new 2.4-27.1 patchball which updates
454     both the SELinux PaX hooks patch and the SELinux headers.
455    
456 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
457    
458     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
459     +hardened-sources-2.4.27-r1.ebuild,
460     -hardened-sources-2.4.27.ebuild,
461     +files/2.4.27-cmdline-race.patch:
462     Version bump, fix for cmdline race. See bug #59905.
463    
464     *hardened-sources-2.4.26-r6 (09 Aug 2004)
465    
466     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
467     +hardened-sources-2.4.26-r6.ebuild,
468     -hardened-sources-2.4.26-r5.ebuild,
469     -hardened-sources-2.4.26-r4.ebuild,
470     +files/2.4.26-cmdline-race.patch:
471     Version bump, fix for cmdline race. See bug #59905.
472    
473 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
474    
475     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
476     +hardened-sources-2.4.27.ebuild,
477     +files/2.4.27-CAN-2004-0394.patch:
478     Ported the patchball to the 2.4.27 kernel version.
479    
480 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
481    
482     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
483     +hardened-sources-2.4.26-r5.ebuild:
484 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
485 scox 1.34 It adds the following features:
486     - Squashfs
487     - Ebtables
488     - Netdev random (core+drivers)
489     - Watchdog Timer (WDT) fix.
490    
491 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
492    
493     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
494     +hardened-sources-2.4.26-r4.ebuild,
495     +files/2.4.26-CAN-2004-0415.patch,
496     -hardened-sources-2.4.26-3:
497     Version bump, fix for CAN 0415, see bug #59378.
498    
499 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
500    
501     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
502     +hardened-sources-2.4.26-r3.ebuild,
503     +files/2.4.26-CAN-2004-0497.patch,
504     -hardened-sources-2.4.26-r2.ebuild:
505     Version bump, fixed CAN 0497, see bug #56171.
506    
507 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
508    
509     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
510 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
511 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
512     +files/2.4.26-CAN-2004-0535.patch,
513     -hardened-sources-2.4.26-r1.ebuild:
514     Fixes for both CAN 0495 and 0535, see bug #54976
515 pvdabeel 1.27
516 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
517     hardened-sources-2.4.26-r1.ebuild:
518     QA - fix use invocation
519 scox 1.28
520     *hardened-sources-2.4.26-r1 (22 June 2004)
521    
522     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
523     +hardened-sources-2.4.26-r1.ebuild,
524     +files/2.4.26-CAN-2004-0394.patch,
525     +files/2.4.26-signal-race.patch,
526     -hardened-sources-2.4.26.ebuild,
527     -hardened-sources-2.4.24-r3.ebuild:
528     Version bump for the CAN-2004-0394 issue and bug #53804
529     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
530    
531    
532 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
533     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
534     Masked hardened-sources-2.4.26.ebuild broken for ppc
535    
536     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
537     hardened-sources-2.4.24-r3.ebuild:
538     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
539 plasmaroo 1.25
540 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
541    
542     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
543     +hardened-sources-2.4.26.ebuild:
544     Updated hardened-sources for the 2.4.26 kernel
545     Removed broken components, updated almost everything.
546    
547 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
548    
549     17 Apr 2004; <plasmaroo@gentoo.org>
550     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
551     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
552     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
553     +hardened-sources-2.4.24-r3.ebuild:
554     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
555     vulnerabilities. Old revisions removed.
556 plasmaroo 1.24
557     *hardened-sources-2.4.24-r2 (15 Apr 2004)
558    
559     15 Apr 2004; <plasmaroo@gentoo.org>
560     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
561     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
562     Version bump for the CAN-2004-0109 issue; bug #47881.
563 aliz 1.23
564     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
565     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
566     Add eutils to inherit.
567 plasmaroo 1.22
568     *hardened-sources-2.4.24-r1 (19 Feb 2004)
569    
570     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
571     files/hardened-sources-2.4.24.munmap.patch:
572     Added the patch for the mremap/munmap vulnerability. Bug #42024.
573 scox 1.19
574 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
575 scox 1.26
576 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
577     hardened-sources-2.4.24.ebuild:
578     Version bump, updated most of the components.
579     This release includes the following:
580    
581     - Hardened security
582     - Netfilter patch-o-matic 20031219
583     - FreeSWAN 2.04 & x509 1.4.8
584     - EVMS 2.2.2
585     - XFS 1.3.1
586     - cryptoloop jari
587     - grsecurity 2.0-rc4
588     - SELinux
589     - PaX 200402060000
590     - PaX Obscurity 200308302223
591     - Others...
592    
593     Neither -ck nor systrace are included anymore.
594    
595 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
596    
597     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
598     hardened-sources-2.4.22-r2.ebuild:
599 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
600 scox 1.19
601     *hardened-sources-2.4.22-r1 (02 Dec 2003)
602 iggy 1.17
603     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
604 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
605 iggy 1.16
606     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
607 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
608     Version bump for the 'do_brk' vulnerability.
609 iggy 1.15
610     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
611     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
612     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
613     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
614 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
615 frogger 1.14
616     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
617     hardened-sources-2.4.22.ebuild:
618 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
619     components. These are no longer handled in the kernel
620     so this code was not necessary.
621 frogger 1.13
622     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
623     New 2.4.22 based hardened-sources thanks to
624     Phil West <p.west@computer.org>.
625    
626     These sources include:
627 plasmaroo 1.18 - New SELinux API
628     - Updated CK-base
629     - Updated GRSec
630     - Systrace
631     - SuperFreeS/WAN 1.99.8
632     - Propolice kernel build support
633     - EVMS
634     - Other various security related patches
635 frogger 1.11
636 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
637    
638     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
639     Updated hardened-sources based on the 2.4.21 Linux kernel.
640     This includes updates to most major components such as:
641 plasmaroo 1.18 - ck-base-0306300059
642     - selinux-2.4-2003071106
643     - grsecurity-2.0-rc1
644     - Updated IPTables patch-o-matic
645     - Updated SuperFreeS/WAN
646    
647 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
648     updated patch set ready for the 2.4.21 based kernel.
649    
650 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
651     Initial import of hardened-sources-2.4.20-r4. This revision
652     includes only a few changes, but one of these is an important
653     security fix. It is recommended all users of hardened-sources
654     upgrade to this release.
655 plasmaroo 1.18
656 frogger 1.11 - ioperm bug fix
657     - fixed compilation failure when building without GRSec
658 plasmaroo 1.18
659 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
660     due to time constraints, but is planned for inclusion in the near
661     future.
662 msterret 1.10
663     *hardened-sources-2.4.20-r2 (12 Jun 2003)
664    
665     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
666     hardened-sources-2.4.20-r3.ebuild:
667 plasmaroo 1.18 Add Header...
668 frogger 1.9
669     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
670     hardened-sources-2.4.20-r3.ebuild:
671     Removed warnings from ebuild. This kernel should be safe to
672     use at this point.
673 frogger 1.8
674     *hardened-sources-2.4.20-r3 (08 Jun 2003)
675    
676     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
677     hardened-sources-2.4.20-r3.ebuild:
678     New revision. Includes the following changes over -r2:
679 plasmaroo 1.18
680 frogger 1.8 - ck7-base (O(1), preempt, low latency)
681     - Super FreeS/WAN 1.99.7rc2
682     - PaX for the LSM/SELinux branch
683     - GRSecurity 2.0-pre4 (role based access control)
684     - Systrace 1.3
685     - EXT3 fixes
686     - EVMS 2.0.1
687     - GCC 3.1+ compile optimizations
688     - ProPolice kernel build support
689     - Hashing table security fixes
690 frogger 1.3
691     *hardened-sources-2.4.20-r1 (09 Apr 2003)
692 frogger 1.7
693     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
694     Initial import of hardened-sources-r2. This new
695     ebuild includes many new performance and security
696     related patches. As in -r1, it will patch in
697     LSM/SELinux if "selinux" is in USE, otherwise it
698     will patch in GRSecurity. The following patches
699     are included in this revision:
700 plasmaroo 1.18
701 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
702     (pulled from the base CK patch)
703     - ptrace exploit patch for the LSM kernel
704     (the GRSec patch already fixes this)
705     - LSM 2.4-2003040709
706     - SELinux 2.4-2003040709
707     - Systrace v1.2
708     - IPTables patch-o-matic base patches - 20030107
709     - CryptoAPI 2.4.20.1 w/ loop-jari patch
710     - Super FreeS/WAN 1.99.6.1
711     - GRSecurity 1.9.9g
712     - MPPE
713     - EXT3 data journal fix
714     - CIPE 1.5.4
715 frogger 1.6
716     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
717     hardened-sources-2.4.20-r1.ebuild, manifest:
718 plasmaroo 1.18 Updated to install flask components correctly for selinux.
719 frogger 1.5
720     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
721     hardened-sources-2.4.20-r1.ebuild:
722     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
723     is patched in instead. Ptrace patches for selinux have also been added. In
724     either case, systrace support will be patched in as well.
725 frogger 1.3
726     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
727     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
728 plasmaroo 1.18 Revision bump for new sources.
729 frogger 1.4
730 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
731 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
732 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
733 method 1.1
734 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
735    
736 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
737     hardened-sources-2.4.20.ebuild:
738 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20