/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.44 - (hide annotations) (download)
Tue Jan 18 00:21:14 2005 UTC (9 years, 11 months ago) by tocharian
Branch: MAIN
Changes since 1.43: +7 -1 lines
Fix SMP page fault handler vuln, and update device-mapper and evms patches.

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 tocharian 1.44 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.43 2005/01/14 12:48:10 tocharian Exp $
4    
5     *hardened-sources-2.4.28-r3 (17 Jan 2005)
6    
7     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
8     +hardened-sources-2.4.28-r3.ebuild:
9     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
10 tocharian 1.43
11     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
12     hardened-sources-2.4.28.ebuild:
13     Mark stable on x86.
14 tocharian 1.42
15     *hardened-sources-2.4.28-r2 (13 Jan 2005)
16    
17     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
18     +hardened-sources-2.4.28-r2.ebuild:
19     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
20     Mazinger for grsecurity patches as well.
21 plasmaroo 1.41
22     *hardened-sources-2.4.28-r1 (23 Dec 2004)
23    
24     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
25     Security bump. Thank tocharian for rolling a new patchset...
26 solar 1.40
27     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
28     +files/2.4.28-grsec-cmdline-race.patch,
29     +files/2.4.28-selinux-binfmt_a.out.patch,
30     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
31     - Round up remaining security patches that appear to be missing in 2.4.28. -
32     PaX standalone updated to current. hgpv=28.1
33 solar 1.39
34     *hardened-sources-2.4.28 (28 Nov 2004)
35    
36     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
37     security bump. Thank tocharian for rolling a new patchset
38 scox 1.31
39 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
40    
41     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
42     +hardened-sources-2.4.27-r3.ebuild:
43     Applies the new 2.4-27.2 patchball which updates
44     GRSecurity to the 2.0.1 version.
45    
46 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
47    
48     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
49     +hardened-sources-2.4.27-r2.ebuild:
50     Version bump.
51     This version uses the new 2.4-27.1 patchball which updates
52     both the SELinux PaX hooks patch and the SELinux headers.
53    
54 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
55    
56     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
57     +hardened-sources-2.4.27-r1.ebuild,
58     -hardened-sources-2.4.27.ebuild,
59     +files/2.4.27-cmdline-race.patch:
60     Version bump, fix for cmdline race. See bug #59905.
61    
62     *hardened-sources-2.4.26-r6 (09 Aug 2004)
63    
64     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
65     +hardened-sources-2.4.26-r6.ebuild,
66     -hardened-sources-2.4.26-r5.ebuild,
67     -hardened-sources-2.4.26-r4.ebuild,
68     +files/2.4.26-cmdline-race.patch:
69     Version bump, fix for cmdline race. See bug #59905.
70    
71 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
72    
73     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
74     +hardened-sources-2.4.27.ebuild,
75     +files/2.4.27-CAN-2004-0394.patch:
76     Ported the patchball to the 2.4.27 kernel version.
77    
78 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
79    
80     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
81     +hardened-sources-2.4.26-r5.ebuild:
82 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
83 scox 1.34 It adds the following features:
84     - Squashfs
85     - Ebtables
86     - Netdev random (core+drivers)
87     - Watchdog Timer (WDT) fix.
88    
89 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
90    
91     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
92     +hardened-sources-2.4.26-r4.ebuild,
93     +files/2.4.26-CAN-2004-0415.patch,
94     -hardened-sources-2.4.26-3:
95     Version bump, fix for CAN 0415, see bug #59378.
96    
97 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
98    
99     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
100     +hardened-sources-2.4.26-r3.ebuild,
101     +files/2.4.26-CAN-2004-0497.patch,
102     -hardened-sources-2.4.26-r2.ebuild:
103     Version bump, fixed CAN 0497, see bug #56171.
104    
105 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
106    
107     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
108 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
109 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
110     +files/2.4.26-CAN-2004-0535.patch,
111     -hardened-sources-2.4.26-r1.ebuild:
112     Fixes for both CAN 0495 and 0535, see bug #54976
113 pvdabeel 1.27
114 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
115     hardened-sources-2.4.26-r1.ebuild:
116     QA - fix use invocation
117 scox 1.28
118     *hardened-sources-2.4.26-r1 (22 June 2004)
119    
120     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
121     +hardened-sources-2.4.26-r1.ebuild,
122     +files/2.4.26-CAN-2004-0394.patch,
123     +files/2.4.26-signal-race.patch,
124     -hardened-sources-2.4.26.ebuild,
125     -hardened-sources-2.4.24-r3.ebuild:
126     Version bump for the CAN-2004-0394 issue and bug #53804
127     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
128    
129    
130 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
131     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
132     Masked hardened-sources-2.4.26.ebuild broken for ppc
133    
134     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
135     hardened-sources-2.4.24-r3.ebuild:
136     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
137 plasmaroo 1.25
138 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
139    
140     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
141     +hardened-sources-2.4.26.ebuild:
142     Updated hardened-sources for the 2.4.26 kernel
143     Removed broken components, updated almost everything.
144    
145 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
146    
147     17 Apr 2004; <plasmaroo@gentoo.org>
148     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
149     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
150     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
151     +hardened-sources-2.4.24-r3.ebuild:
152     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
153     vulnerabilities. Old revisions removed.
154 plasmaroo 1.24
155     *hardened-sources-2.4.24-r2 (15 Apr 2004)
156    
157     15 Apr 2004; <plasmaroo@gentoo.org>
158     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
159     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
160     Version bump for the CAN-2004-0109 issue; bug #47881.
161 aliz 1.23
162     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
163     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
164     Add eutils to inherit.
165 plasmaroo 1.22
166     *hardened-sources-2.4.24-r1 (19 Feb 2004)
167    
168     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
169     files/hardened-sources-2.4.24.munmap.patch:
170     Added the patch for the mremap/munmap vulnerability. Bug #42024.
171 scox 1.19
172 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
173 scox 1.26
174 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
175     hardened-sources-2.4.24.ebuild:
176     Version bump, updated most of the components.
177     This release includes the following:
178    
179     - Hardened security
180     - Netfilter patch-o-matic 20031219
181     - FreeSWAN 2.04 & x509 1.4.8
182     - EVMS 2.2.2
183     - XFS 1.3.1
184     - cryptoloop jari
185     - grsecurity 2.0-rc4
186     - SELinux
187     - PaX 200402060000
188     - PaX Obscurity 200308302223
189     - Others...
190    
191     Neither -ck nor systrace are included anymore.
192    
193 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
194    
195     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
196     hardened-sources-2.4.22-r2.ebuild:
197 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
198 scox 1.19
199     *hardened-sources-2.4.22-r1 (02 Dec 2003)
200 iggy 1.17
201     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
202 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
203 iggy 1.16
204     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
205 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
206     Version bump for the 'do_brk' vulnerability.
207 iggy 1.15
208     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
209     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
210     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
211     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
212 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
213 frogger 1.14
214     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
215     hardened-sources-2.4.22.ebuild:
216 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
217     components. These are no longer handled in the kernel
218     so this code was not necessary.
219 frogger 1.13
220     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
221     New 2.4.22 based hardened-sources thanks to
222     Phil West <p.west@computer.org>.
223    
224     These sources include:
225 plasmaroo 1.18 - New SELinux API
226     - Updated CK-base
227     - Updated GRSec
228     - Systrace
229     - SuperFreeS/WAN 1.99.8
230     - Propolice kernel build support
231     - EVMS
232     - Other various security related patches
233 frogger 1.11
234 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
235    
236     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
237     Updated hardened-sources based on the 2.4.21 Linux kernel.
238     This includes updates to most major components such as:
239 plasmaroo 1.18 - ck-base-0306300059
240     - selinux-2.4-2003071106
241     - grsecurity-2.0-rc1
242     - Updated IPTables patch-o-matic
243     - Updated SuperFreeS/WAN
244    
245 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
246     updated patch set ready for the 2.4.21 based kernel.
247    
248 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
249     Initial import of hardened-sources-2.4.20-r4. This revision
250     includes only a few changes, but one of these is an important
251     security fix. It is recommended all users of hardened-sources
252     upgrade to this release.
253 plasmaroo 1.18
254 frogger 1.11 - ioperm bug fix
255     - fixed compilation failure when building without GRSec
256 plasmaroo 1.18
257 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
258     due to time constraints, but is planned for inclusion in the near
259     future.
260 msterret 1.10
261     *hardened-sources-2.4.20-r2 (12 Jun 2003)
262    
263     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
264     hardened-sources-2.4.20-r3.ebuild:
265 plasmaroo 1.18 Add Header...
266 frogger 1.9
267     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
268     hardened-sources-2.4.20-r3.ebuild:
269     Removed warnings from ebuild. This kernel should be safe to
270     use at this point.
271 frogger 1.8
272     *hardened-sources-2.4.20-r3 (08 Jun 2003)
273    
274     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
275     hardened-sources-2.4.20-r3.ebuild:
276     New revision. Includes the following changes over -r2:
277 plasmaroo 1.18
278 frogger 1.8 - ck7-base (O(1), preempt, low latency)
279     - Super FreeS/WAN 1.99.7rc2
280     - PaX for the LSM/SELinux branch
281     - GRSecurity 2.0-pre4 (role based access control)
282     - Systrace 1.3
283     - EXT3 fixes
284     - EVMS 2.0.1
285     - GCC 3.1+ compile optimizations
286     - ProPolice kernel build support
287     - Hashing table security fixes
288 frogger 1.3
289     *hardened-sources-2.4.20-r1 (09 Apr 2003)
290 frogger 1.7
291     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
292     Initial import of hardened-sources-r2. This new
293     ebuild includes many new performance and security
294     related patches. As in -r1, it will patch in
295     LSM/SELinux if "selinux" is in USE, otherwise it
296     will patch in GRSecurity. The following patches
297     are included in this revision:
298 plasmaroo 1.18
299 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
300     (pulled from the base CK patch)
301     - ptrace exploit patch for the LSM kernel
302     (the GRSec patch already fixes this)
303     - LSM 2.4-2003040709
304     - SELinux 2.4-2003040709
305     - Systrace v1.2
306     - IPTables patch-o-matic base patches - 20030107
307     - CryptoAPI 2.4.20.1 w/ loop-jari patch
308     - Super FreeS/WAN 1.99.6.1
309     - GRSecurity 1.9.9g
310     - MPPE
311     - EXT3 data journal fix
312     - CIPE 1.5.4
313 frogger 1.6
314     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
315     hardened-sources-2.4.20-r1.ebuild, manifest:
316 plasmaroo 1.18 Updated to install flask components correctly for selinux.
317 frogger 1.5
318     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
319     hardened-sources-2.4.20-r1.ebuild:
320     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
321     is patched in instead. Ptrace patches for selinux have also been added. In
322     either case, systrace support will be patched in as well.
323 frogger 1.3
324     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
325     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
326 plasmaroo 1.18 Revision bump for new sources.
327 frogger 1.4
328 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
329 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
330 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
331 method 1.1
332 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
333    
334 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
335     hardened-sources-2.4.20.ebuild:
336 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20