/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.40 - (hide annotations) (download)
Mon Nov 29 02:45:14 2004 UTC (10 years ago) by solar
Branch: MAIN
Changes since 1.39: +8 -1 lines
- Round up remaining security patches that appear to be missing in 2.4.28. -  PaX standalone updated to current. hgpv=28.1

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 agriffis 1.30 # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.40 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.39 2004/11/28 18:10:26 solar Exp $
4    
5     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
6     +files/2.4.28-grsec-cmdline-race.patch,
7     +files/2.4.28-selinux-binfmt_a.out.patch,
8     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
9     - Round up remaining security patches that appear to be missing in 2.4.28. -
10     PaX standalone updated to current. hgpv=28.1
11 solar 1.39
12     *hardened-sources-2.4.28 (28 Nov 2004)
13    
14     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
15     security bump. Thank tocharian for rolling a new patchset
16 scox 1.31
17 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
18    
19     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
20     +hardened-sources-2.4.27-r3.ebuild:
21     Applies the new 2.4-27.2 patchball which updates
22     GRSecurity to the 2.0.1 version.
23    
24 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
25    
26     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
27     +hardened-sources-2.4.27-r2.ebuild:
28     Version bump.
29     This version uses the new 2.4-27.1 patchball which updates
30     both the SELinux PaX hooks patch and the SELinux headers.
31    
32 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
33    
34     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
35     +hardened-sources-2.4.27-r1.ebuild,
36     -hardened-sources-2.4.27.ebuild,
37     +files/2.4.27-cmdline-race.patch:
38     Version bump, fix for cmdline race. See bug #59905.
39    
40     *hardened-sources-2.4.26-r6 (09 Aug 2004)
41    
42     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
43     +hardened-sources-2.4.26-r6.ebuild,
44     -hardened-sources-2.4.26-r5.ebuild,
45     -hardened-sources-2.4.26-r4.ebuild,
46     +files/2.4.26-cmdline-race.patch:
47     Version bump, fix for cmdline race. See bug #59905.
48    
49 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
50    
51     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
52     +hardened-sources-2.4.27.ebuild,
53     +files/2.4.27-CAN-2004-0394.patch:
54     Ported the patchball to the 2.4.27 kernel version.
55    
56 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
57    
58     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
59     +hardened-sources-2.4.26-r5.ebuild:
60 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
61 scox 1.34 It adds the following features:
62     - Squashfs
63     - Ebtables
64     - Netdev random (core+drivers)
65     - Watchdog Timer (WDT) fix.
66    
67 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
68    
69     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
70     +hardened-sources-2.4.26-r4.ebuild,
71     +files/2.4.26-CAN-2004-0415.patch,
72     -hardened-sources-2.4.26-3:
73     Version bump, fix for CAN 0415, see bug #59378.
74    
75 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
76    
77     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
78     +hardened-sources-2.4.26-r3.ebuild,
79     +files/2.4.26-CAN-2004-0497.patch,
80     -hardened-sources-2.4.26-r2.ebuild:
81     Version bump, fixed CAN 0497, see bug #56171.
82    
83 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
84    
85     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
86 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
87 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
88     +files/2.4.26-CAN-2004-0535.patch,
89     -hardened-sources-2.4.26-r1.ebuild:
90     Fixes for both CAN 0495 and 0535, see bug #54976
91 pvdabeel 1.27
92 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
93     hardened-sources-2.4.26-r1.ebuild:
94     QA - fix use invocation
95 scox 1.28
96     *hardened-sources-2.4.26-r1 (22 June 2004)
97    
98     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
99     +hardened-sources-2.4.26-r1.ebuild,
100     +files/2.4.26-CAN-2004-0394.patch,
101     +files/2.4.26-signal-race.patch,
102     -hardened-sources-2.4.26.ebuild,
103     -hardened-sources-2.4.24-r3.ebuild:
104     Version bump for the CAN-2004-0394 issue and bug #53804
105     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
106    
107    
108 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
109     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
110     Masked hardened-sources-2.4.26.ebuild broken for ppc
111    
112     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
113     hardened-sources-2.4.24-r3.ebuild:
114     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
115 plasmaroo 1.25
116 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
117    
118     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
119     +hardened-sources-2.4.26.ebuild:
120     Updated hardened-sources for the 2.4.26 kernel
121     Removed broken components, updated almost everything.
122    
123 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
124    
125     17 Apr 2004; <plasmaroo@gentoo.org>
126     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
127     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
128     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
129     +hardened-sources-2.4.24-r3.ebuild:
130     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
131     vulnerabilities. Old revisions removed.
132 plasmaroo 1.24
133     *hardened-sources-2.4.24-r2 (15 Apr 2004)
134    
135     15 Apr 2004; <plasmaroo@gentoo.org>
136     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
137     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
138     Version bump for the CAN-2004-0109 issue; bug #47881.
139 aliz 1.23
140     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
141     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
142     Add eutils to inherit.
143 plasmaroo 1.22
144     *hardened-sources-2.4.24-r1 (19 Feb 2004)
145    
146     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
147     files/hardened-sources-2.4.24.munmap.patch:
148     Added the patch for the mremap/munmap vulnerability. Bug #42024.
149 scox 1.19
150 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
151 scox 1.26
152 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
153     hardened-sources-2.4.24.ebuild:
154     Version bump, updated most of the components.
155     This release includes the following:
156    
157     - Hardened security
158     - Netfilter patch-o-matic 20031219
159     - FreeSWAN 2.04 & x509 1.4.8
160     - EVMS 2.2.2
161     - XFS 1.3.1
162     - cryptoloop jari
163     - grsecurity 2.0-rc4
164     - SELinux
165     - PaX 200402060000
166     - PaX Obscurity 200308302223
167     - Others...
168    
169     Neither -ck nor systrace are included anymore.
170    
171 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
172    
173     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
174     hardened-sources-2.4.22-r2.ebuild:
175 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
176 scox 1.19
177     *hardened-sources-2.4.22-r1 (02 Dec 2003)
178 iggy 1.17
179     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
180 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
181 iggy 1.16
182     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
183 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
184     Version bump for the 'do_brk' vulnerability.
185 iggy 1.15
186     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
187     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
188     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
189     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
190 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
191 frogger 1.14
192     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
193     hardened-sources-2.4.22.ebuild:
194 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
195     components. These are no longer handled in the kernel
196     so this code was not necessary.
197 frogger 1.13
198     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
199     New 2.4.22 based hardened-sources thanks to
200     Phil West <p.west@computer.org>.
201    
202     These sources include:
203 plasmaroo 1.18 - New SELinux API
204     - Updated CK-base
205     - Updated GRSec
206     - Systrace
207     - SuperFreeS/WAN 1.99.8
208     - Propolice kernel build support
209     - EVMS
210     - Other various security related patches
211 frogger 1.11
212 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
213    
214     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
215     Updated hardened-sources based on the 2.4.21 Linux kernel.
216     This includes updates to most major components such as:
217 plasmaroo 1.18 - ck-base-0306300059
218     - selinux-2.4-2003071106
219     - grsecurity-2.0-rc1
220     - Updated IPTables patch-o-matic
221     - Updated SuperFreeS/WAN
222    
223 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
224     updated patch set ready for the 2.4.21 based kernel.
225    
226 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
227     Initial import of hardened-sources-2.4.20-r4. This revision
228     includes only a few changes, but one of these is an important
229     security fix. It is recommended all users of hardened-sources
230     upgrade to this release.
231 plasmaroo 1.18
232 frogger 1.11 - ioperm bug fix
233     - fixed compilation failure when building without GRSec
234 plasmaroo 1.18
235 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
236     due to time constraints, but is planned for inclusion in the near
237     future.
238 msterret 1.10
239     *hardened-sources-2.4.20-r2 (12 Jun 2003)
240    
241     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
242     hardened-sources-2.4.20-r3.ebuild:
243 plasmaroo 1.18 Add Header...
244 frogger 1.9
245     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
246     hardened-sources-2.4.20-r3.ebuild:
247     Removed warnings from ebuild. This kernel should be safe to
248     use at this point.
249 frogger 1.8
250     *hardened-sources-2.4.20-r3 (08 Jun 2003)
251    
252     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
253     hardened-sources-2.4.20-r3.ebuild:
254     New revision. Includes the following changes over -r2:
255 plasmaroo 1.18
256 frogger 1.8 - ck7-base (O(1), preempt, low latency)
257     - Super FreeS/WAN 1.99.7rc2
258     - PaX for the LSM/SELinux branch
259     - GRSecurity 2.0-pre4 (role based access control)
260     - Systrace 1.3
261     - EXT3 fixes
262     - EVMS 2.0.1
263     - GCC 3.1+ compile optimizations
264     - ProPolice kernel build support
265     - Hashing table security fixes
266 frogger 1.3
267     *hardened-sources-2.4.20-r1 (09 Apr 2003)
268 frogger 1.7
269     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
270     Initial import of hardened-sources-r2. This new
271     ebuild includes many new performance and security
272     related patches. As in -r1, it will patch in
273     LSM/SELinux if "selinux" is in USE, otherwise it
274     will patch in GRSecurity. The following patches
275     are included in this revision:
276 plasmaroo 1.18
277 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
278     (pulled from the base CK patch)
279     - ptrace exploit patch for the LSM kernel
280     (the GRSec patch already fixes this)
281     - LSM 2.4-2003040709
282     - SELinux 2.4-2003040709
283     - Systrace v1.2
284     - IPTables patch-o-matic base patches - 20030107
285     - CryptoAPI 2.4.20.1 w/ loop-jari patch
286     - Super FreeS/WAN 1.99.6.1
287     - GRSecurity 1.9.9g
288     - MPPE
289     - EXT3 data journal fix
290     - CIPE 1.5.4
291 frogger 1.6
292     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
293     hardened-sources-2.4.20-r1.ebuild, manifest:
294 plasmaroo 1.18 Updated to install flask components correctly for selinux.
295 frogger 1.5
296     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
297     hardened-sources-2.4.20-r1.ebuild:
298     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
299     is patched in instead. Ptrace patches for selinux have also been added. In
300     either case, systrace support will be patched in as well.
301 frogger 1.3
302     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
303     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
304 plasmaroo 1.18 Revision bump for new sources.
305 frogger 1.4
306 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
307 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
308 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
309 method 1.1
310 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
311    
312 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
313     hardened-sources-2.4.20.ebuild:
314 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20