/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.42 - (hide annotations) (download)
Fri Jan 14 03:07:38 2005 UTC (9 years, 8 months ago) by tocharian
Branch: MAIN
Changes since 1.41: +9 -2 lines
Updates security fixes and adds squashfs 2.1 support.  Thanks to Peter S. Mazinger for grsecurity patches as well.

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3     # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.41 2004/12/24 19:45:08 plasmaroo Exp $
4    
5     *hardened-sources-2.4.28-r2 (13 Jan 2005)
6    
7     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
8     +hardened-sources-2.4.28-r2.ebuild:
9     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
10     Mazinger for grsecurity patches as well.
11 plasmaroo 1.41
12     *hardened-sources-2.4.28-r1 (23 Dec 2004)
13    
14     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
15     Security bump. Thank tocharian for rolling a new patchset...
16 solar 1.40
17     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
18     +files/2.4.28-grsec-cmdline-race.patch,
19     +files/2.4.28-selinux-binfmt_a.out.patch,
20     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
21     - Round up remaining security patches that appear to be missing in 2.4.28. -
22     PaX standalone updated to current. hgpv=28.1
23 solar 1.39
24     *hardened-sources-2.4.28 (28 Nov 2004)
25    
26     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
27     security bump. Thank tocharian for rolling a new patchset
28 scox 1.31
29 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
30    
31     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
32     +hardened-sources-2.4.27-r3.ebuild:
33     Applies the new 2.4-27.2 patchball which updates
34     GRSecurity to the 2.0.1 version.
35    
36 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
37    
38     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
39     +hardened-sources-2.4.27-r2.ebuild:
40     Version bump.
41     This version uses the new 2.4-27.1 patchball which updates
42     both the SELinux PaX hooks patch and the SELinux headers.
43    
44 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
45    
46     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
47     +hardened-sources-2.4.27-r1.ebuild,
48     -hardened-sources-2.4.27.ebuild,
49     +files/2.4.27-cmdline-race.patch:
50     Version bump, fix for cmdline race. See bug #59905.
51    
52     *hardened-sources-2.4.26-r6 (09 Aug 2004)
53    
54     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
55     +hardened-sources-2.4.26-r6.ebuild,
56     -hardened-sources-2.4.26-r5.ebuild,
57     -hardened-sources-2.4.26-r4.ebuild,
58     +files/2.4.26-cmdline-race.patch:
59     Version bump, fix for cmdline race. See bug #59905.
60    
61 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
62    
63     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
64     +hardened-sources-2.4.27.ebuild,
65     +files/2.4.27-CAN-2004-0394.patch:
66     Ported the patchball to the 2.4.27 kernel version.
67    
68 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
69    
70     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
71     +hardened-sources-2.4.26-r5.ebuild:
72 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
73 scox 1.34 It adds the following features:
74     - Squashfs
75     - Ebtables
76     - Netdev random (core+drivers)
77     - Watchdog Timer (WDT) fix.
78    
79 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
80    
81     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
82     +hardened-sources-2.4.26-r4.ebuild,
83     +files/2.4.26-CAN-2004-0415.patch,
84     -hardened-sources-2.4.26-3:
85     Version bump, fix for CAN 0415, see bug #59378.
86    
87 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
88    
89     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
90     +hardened-sources-2.4.26-r3.ebuild,
91     +files/2.4.26-CAN-2004-0497.patch,
92     -hardened-sources-2.4.26-r2.ebuild:
93     Version bump, fixed CAN 0497, see bug #56171.
94    
95 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
96    
97     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
98 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
99 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
100     +files/2.4.26-CAN-2004-0535.patch,
101     -hardened-sources-2.4.26-r1.ebuild:
102     Fixes for both CAN 0495 and 0535, see bug #54976
103 pvdabeel 1.27
104 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
105     hardened-sources-2.4.26-r1.ebuild:
106     QA - fix use invocation
107 scox 1.28
108     *hardened-sources-2.4.26-r1 (22 June 2004)
109    
110     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
111     +hardened-sources-2.4.26-r1.ebuild,
112     +files/2.4.26-CAN-2004-0394.patch,
113     +files/2.4.26-signal-race.patch,
114     -hardened-sources-2.4.26.ebuild,
115     -hardened-sources-2.4.24-r3.ebuild:
116     Version bump for the CAN-2004-0394 issue and bug #53804
117     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
118    
119    
120 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
121     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
122     Masked hardened-sources-2.4.26.ebuild broken for ppc
123    
124     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
125     hardened-sources-2.4.24-r3.ebuild:
126     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
127 plasmaroo 1.25
128 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
129    
130     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
131     +hardened-sources-2.4.26.ebuild:
132     Updated hardened-sources for the 2.4.26 kernel
133     Removed broken components, updated almost everything.
134    
135 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
136    
137     17 Apr 2004; <plasmaroo@gentoo.org>
138     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
139     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
140     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
141     +hardened-sources-2.4.24-r3.ebuild:
142     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
143     vulnerabilities. Old revisions removed.
144 plasmaroo 1.24
145     *hardened-sources-2.4.24-r2 (15 Apr 2004)
146    
147     15 Apr 2004; <plasmaroo@gentoo.org>
148     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
149     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
150     Version bump for the CAN-2004-0109 issue; bug #47881.
151 aliz 1.23
152     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
153     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
154     Add eutils to inherit.
155 plasmaroo 1.22
156     *hardened-sources-2.4.24-r1 (19 Feb 2004)
157    
158     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
159     files/hardened-sources-2.4.24.munmap.patch:
160     Added the patch for the mremap/munmap vulnerability. Bug #42024.
161 scox 1.19
162 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
163 scox 1.26
164 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
165     hardened-sources-2.4.24.ebuild:
166     Version bump, updated most of the components.
167     This release includes the following:
168    
169     - Hardened security
170     - Netfilter patch-o-matic 20031219
171     - FreeSWAN 2.04 & x509 1.4.8
172     - EVMS 2.2.2
173     - XFS 1.3.1
174     - cryptoloop jari
175     - grsecurity 2.0-rc4
176     - SELinux
177     - PaX 200402060000
178     - PaX Obscurity 200308302223
179     - Others...
180    
181     Neither -ck nor systrace are included anymore.
182    
183 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
184    
185     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
186     hardened-sources-2.4.22-r2.ebuild:
187 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
188 scox 1.19
189     *hardened-sources-2.4.22-r1 (02 Dec 2003)
190 iggy 1.17
191     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
192 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
193 iggy 1.16
194     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
195 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
196     Version bump for the 'do_brk' vulnerability.
197 iggy 1.15
198     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
199     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
200     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
201     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
202 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
203 frogger 1.14
204     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
205     hardened-sources-2.4.22.ebuild:
206 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
207     components. These are no longer handled in the kernel
208     so this code was not necessary.
209 frogger 1.13
210     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
211     New 2.4.22 based hardened-sources thanks to
212     Phil West <p.west@computer.org>.
213    
214     These sources include:
215 plasmaroo 1.18 - New SELinux API
216     - Updated CK-base
217     - Updated GRSec
218     - Systrace
219     - SuperFreeS/WAN 1.99.8
220     - Propolice kernel build support
221     - EVMS
222     - Other various security related patches
223 frogger 1.11
224 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
225    
226     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
227     Updated hardened-sources based on the 2.4.21 Linux kernel.
228     This includes updates to most major components such as:
229 plasmaroo 1.18 - ck-base-0306300059
230     - selinux-2.4-2003071106
231     - grsecurity-2.0-rc1
232     - Updated IPTables patch-o-matic
233     - Updated SuperFreeS/WAN
234    
235 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
236     updated patch set ready for the 2.4.21 based kernel.
237    
238 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
239     Initial import of hardened-sources-2.4.20-r4. This revision
240     includes only a few changes, but one of these is an important
241     security fix. It is recommended all users of hardened-sources
242     upgrade to this release.
243 plasmaroo 1.18
244 frogger 1.11 - ioperm bug fix
245     - fixed compilation failure when building without GRSec
246 plasmaroo 1.18
247 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
248     due to time constraints, but is planned for inclusion in the near
249     future.
250 msterret 1.10
251     *hardened-sources-2.4.20-r2 (12 Jun 2003)
252    
253     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
254     hardened-sources-2.4.20-r3.ebuild:
255 plasmaroo 1.18 Add Header...
256 frogger 1.9
257     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
258     hardened-sources-2.4.20-r3.ebuild:
259     Removed warnings from ebuild. This kernel should be safe to
260     use at this point.
261 frogger 1.8
262     *hardened-sources-2.4.20-r3 (08 Jun 2003)
263    
264     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
265     hardened-sources-2.4.20-r3.ebuild:
266     New revision. Includes the following changes over -r2:
267 plasmaroo 1.18
268 frogger 1.8 - ck7-base (O(1), preempt, low latency)
269     - Super FreeS/WAN 1.99.7rc2
270     - PaX for the LSM/SELinux branch
271     - GRSecurity 2.0-pre4 (role based access control)
272     - Systrace 1.3
273     - EXT3 fixes
274     - EVMS 2.0.1
275     - GCC 3.1+ compile optimizations
276     - ProPolice kernel build support
277     - Hashing table security fixes
278 frogger 1.3
279     *hardened-sources-2.4.20-r1 (09 Apr 2003)
280 frogger 1.7
281     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
282     Initial import of hardened-sources-r2. This new
283     ebuild includes many new performance and security
284     related patches. As in -r1, it will patch in
285     LSM/SELinux if "selinux" is in USE, otherwise it
286     will patch in GRSecurity. The following patches
287     are included in this revision:
288 plasmaroo 1.18
289 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
290     (pulled from the base CK patch)
291     - ptrace exploit patch for the LSM kernel
292     (the GRSec patch already fixes this)
293     - LSM 2.4-2003040709
294     - SELinux 2.4-2003040709
295     - Systrace v1.2
296     - IPTables patch-o-matic base patches - 20030107
297     - CryptoAPI 2.4.20.1 w/ loop-jari patch
298     - Super FreeS/WAN 1.99.6.1
299     - GRSecurity 1.9.9g
300     - MPPE
301     - EXT3 data journal fix
302     - CIPE 1.5.4
303 frogger 1.6
304     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
305     hardened-sources-2.4.20-r1.ebuild, manifest:
306 plasmaroo 1.18 Updated to install flask components correctly for selinux.
307 frogger 1.5
308     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
309     hardened-sources-2.4.20-r1.ebuild:
310     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
311     is patched in instead. Ptrace patches for selinux have also been added. In
312     either case, systrace support will be patched in as well.
313 frogger 1.3
314     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
315     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
316 plasmaroo 1.18 Revision bump for new sources.
317 frogger 1.4
318 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
319 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
320 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
321 method 1.1
322 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
323    
324 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
325     hardened-sources-2.4.20.ebuild:
326 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20