/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.46 - (hide annotations) (download)
Fri Jan 21 00:34:40 2005 UTC (9 years, 9 months ago) by tseng
Branch: MAIN
Changes since 1.45: +8 -1 lines
Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge in 2005.0

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 tseng 1.46 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.45 2005/01/18 00:32:37 tocharian Exp $
4    
5     *hardened-sources-2.6.10-r3 (20 Jan 2005)
6    
7     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
8     +hardened-sources-2.6.10-r3.ebuild:
9     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
10     in 2005.0
11 tocharian 1.45
12     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
13     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
14     hardened-sources-2.4.28-r2.ebuild:
15     Mark stable on x86
16 tocharian 1.44
17     *hardened-sources-2.4.28-r3 (17 Jan 2005)
18    
19     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
20     +hardened-sources-2.4.28-r3.ebuild:
21     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
22 tocharian 1.43
23     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
24     hardened-sources-2.4.28.ebuild:
25     Mark stable on x86.
26 tocharian 1.42
27     *hardened-sources-2.4.28-r2 (13 Jan 2005)
28    
29     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
30     +hardened-sources-2.4.28-r2.ebuild:
31     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
32     Mazinger for grsecurity patches as well.
33 plasmaroo 1.41
34     *hardened-sources-2.4.28-r1 (23 Dec 2004)
35    
36     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
37     Security bump. Thank tocharian for rolling a new patchset...
38 solar 1.40
39     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
40     +files/2.4.28-grsec-cmdline-race.patch,
41     +files/2.4.28-selinux-binfmt_a.out.patch,
42     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
43     - Round up remaining security patches that appear to be missing in 2.4.28. -
44     PaX standalone updated to current. hgpv=28.1
45 solar 1.39
46     *hardened-sources-2.4.28 (28 Nov 2004)
47    
48     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
49     security bump. Thank tocharian for rolling a new patchset
50 scox 1.31
51 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
52    
53     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
54     +hardened-sources-2.4.27-r3.ebuild:
55     Applies the new 2.4-27.2 patchball which updates
56     GRSecurity to the 2.0.1 version.
57    
58 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
59    
60     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
61     +hardened-sources-2.4.27-r2.ebuild:
62     Version bump.
63     This version uses the new 2.4-27.1 patchball which updates
64     both the SELinux PaX hooks patch and the SELinux headers.
65    
66 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
67    
68     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
69     +hardened-sources-2.4.27-r1.ebuild,
70     -hardened-sources-2.4.27.ebuild,
71     +files/2.4.27-cmdline-race.patch:
72     Version bump, fix for cmdline race. See bug #59905.
73    
74     *hardened-sources-2.4.26-r6 (09 Aug 2004)
75    
76     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
77     +hardened-sources-2.4.26-r6.ebuild,
78     -hardened-sources-2.4.26-r5.ebuild,
79     -hardened-sources-2.4.26-r4.ebuild,
80     +files/2.4.26-cmdline-race.patch:
81     Version bump, fix for cmdline race. See bug #59905.
82    
83 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
84    
85     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
86     +hardened-sources-2.4.27.ebuild,
87     +files/2.4.27-CAN-2004-0394.patch:
88     Ported the patchball to the 2.4.27 kernel version.
89    
90 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
91    
92     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
93     +hardened-sources-2.4.26-r5.ebuild:
94 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
95 scox 1.34 It adds the following features:
96     - Squashfs
97     - Ebtables
98     - Netdev random (core+drivers)
99     - Watchdog Timer (WDT) fix.
100    
101 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
102    
103     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
104     +hardened-sources-2.4.26-r4.ebuild,
105     +files/2.4.26-CAN-2004-0415.patch,
106     -hardened-sources-2.4.26-3:
107     Version bump, fix for CAN 0415, see bug #59378.
108    
109 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
110    
111     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
112     +hardened-sources-2.4.26-r3.ebuild,
113     +files/2.4.26-CAN-2004-0497.patch,
114     -hardened-sources-2.4.26-r2.ebuild:
115     Version bump, fixed CAN 0497, see bug #56171.
116    
117 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
118    
119     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
120 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
121 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
122     +files/2.4.26-CAN-2004-0535.patch,
123     -hardened-sources-2.4.26-r1.ebuild:
124     Fixes for both CAN 0495 and 0535, see bug #54976
125 pvdabeel 1.27
126 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
127     hardened-sources-2.4.26-r1.ebuild:
128     QA - fix use invocation
129 scox 1.28
130     *hardened-sources-2.4.26-r1 (22 June 2004)
131    
132     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
133     +hardened-sources-2.4.26-r1.ebuild,
134     +files/2.4.26-CAN-2004-0394.patch,
135     +files/2.4.26-signal-race.patch,
136     -hardened-sources-2.4.26.ebuild,
137     -hardened-sources-2.4.24-r3.ebuild:
138     Version bump for the CAN-2004-0394 issue and bug #53804
139     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
140    
141    
142 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
143     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
144     Masked hardened-sources-2.4.26.ebuild broken for ppc
145    
146     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
147     hardened-sources-2.4.24-r3.ebuild:
148     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
149 plasmaroo 1.25
150 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
151    
152     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
153     +hardened-sources-2.4.26.ebuild:
154     Updated hardened-sources for the 2.4.26 kernel
155     Removed broken components, updated almost everything.
156    
157 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
158    
159     17 Apr 2004; <plasmaroo@gentoo.org>
160     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
161     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
162     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
163     +hardened-sources-2.4.24-r3.ebuild:
164     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
165     vulnerabilities. Old revisions removed.
166 plasmaroo 1.24
167     *hardened-sources-2.4.24-r2 (15 Apr 2004)
168    
169     15 Apr 2004; <plasmaroo@gentoo.org>
170     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
171     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
172     Version bump for the CAN-2004-0109 issue; bug #47881.
173 aliz 1.23
174     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
175     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
176     Add eutils to inherit.
177 plasmaroo 1.22
178     *hardened-sources-2.4.24-r1 (19 Feb 2004)
179    
180     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
181     files/hardened-sources-2.4.24.munmap.patch:
182     Added the patch for the mremap/munmap vulnerability. Bug #42024.
183 scox 1.19
184 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
185 scox 1.26
186 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
187     hardened-sources-2.4.24.ebuild:
188     Version bump, updated most of the components.
189     This release includes the following:
190    
191     - Hardened security
192     - Netfilter patch-o-matic 20031219
193     - FreeSWAN 2.04 & x509 1.4.8
194     - EVMS 2.2.2
195     - XFS 1.3.1
196     - cryptoloop jari
197     - grsecurity 2.0-rc4
198     - SELinux
199     - PaX 200402060000
200     - PaX Obscurity 200308302223
201     - Others...
202    
203     Neither -ck nor systrace are included anymore.
204    
205 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
206    
207     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
208     hardened-sources-2.4.22-r2.ebuild:
209 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
210 scox 1.19
211     *hardened-sources-2.4.22-r1 (02 Dec 2003)
212 iggy 1.17
213     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
214 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
215 iggy 1.16
216     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
217 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
218     Version bump for the 'do_brk' vulnerability.
219 iggy 1.15
220     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
221     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
222     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
223     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
224 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
225 frogger 1.14
226     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
227     hardened-sources-2.4.22.ebuild:
228 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
229     components. These are no longer handled in the kernel
230     so this code was not necessary.
231 frogger 1.13
232     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
233     New 2.4.22 based hardened-sources thanks to
234     Phil West <p.west@computer.org>.
235    
236     These sources include:
237 plasmaroo 1.18 - New SELinux API
238     - Updated CK-base
239     - Updated GRSec
240     - Systrace
241     - SuperFreeS/WAN 1.99.8
242     - Propolice kernel build support
243     - EVMS
244     - Other various security related patches
245 frogger 1.11
246 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
247    
248     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
249     Updated hardened-sources based on the 2.4.21 Linux kernel.
250     This includes updates to most major components such as:
251 plasmaroo 1.18 - ck-base-0306300059
252     - selinux-2.4-2003071106
253     - grsecurity-2.0-rc1
254     - Updated IPTables patch-o-matic
255     - Updated SuperFreeS/WAN
256    
257 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
258     updated patch set ready for the 2.4.21 based kernel.
259    
260 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
261     Initial import of hardened-sources-2.4.20-r4. This revision
262     includes only a few changes, but one of these is an important
263     security fix. It is recommended all users of hardened-sources
264     upgrade to this release.
265 plasmaroo 1.18
266 frogger 1.11 - ioperm bug fix
267     - fixed compilation failure when building without GRSec
268 plasmaroo 1.18
269 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
270     due to time constraints, but is planned for inclusion in the near
271     future.
272 msterret 1.10
273     *hardened-sources-2.4.20-r2 (12 Jun 2003)
274    
275     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
276     hardened-sources-2.4.20-r3.ebuild:
277 plasmaroo 1.18 Add Header...
278 frogger 1.9
279     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
280     hardened-sources-2.4.20-r3.ebuild:
281     Removed warnings from ebuild. This kernel should be safe to
282     use at this point.
283 frogger 1.8
284     *hardened-sources-2.4.20-r3 (08 Jun 2003)
285    
286     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
287     hardened-sources-2.4.20-r3.ebuild:
288     New revision. Includes the following changes over -r2:
289 plasmaroo 1.18
290 frogger 1.8 - ck7-base (O(1), preempt, low latency)
291     - Super FreeS/WAN 1.99.7rc2
292     - PaX for the LSM/SELinux branch
293     - GRSecurity 2.0-pre4 (role based access control)
294     - Systrace 1.3
295     - EXT3 fixes
296     - EVMS 2.0.1
297     - GCC 3.1+ compile optimizations
298     - ProPolice kernel build support
299     - Hashing table security fixes
300 frogger 1.3
301     *hardened-sources-2.4.20-r1 (09 Apr 2003)
302 frogger 1.7
303     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
304     Initial import of hardened-sources-r2. This new
305     ebuild includes many new performance and security
306     related patches. As in -r1, it will patch in
307     LSM/SELinux if "selinux" is in USE, otherwise it
308     will patch in GRSecurity. The following patches
309     are included in this revision:
310 plasmaroo 1.18
311 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
312     (pulled from the base CK patch)
313     - ptrace exploit patch for the LSM kernel
314     (the GRSec patch already fixes this)
315     - LSM 2.4-2003040709
316     - SELinux 2.4-2003040709
317     - Systrace v1.2
318     - IPTables patch-o-matic base patches - 20030107
319     - CryptoAPI 2.4.20.1 w/ loop-jari patch
320     - Super FreeS/WAN 1.99.6.1
321     - GRSecurity 1.9.9g
322     - MPPE
323     - EXT3 data journal fix
324     - CIPE 1.5.4
325 frogger 1.6
326     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
327     hardened-sources-2.4.20-r1.ebuild, manifest:
328 plasmaroo 1.18 Updated to install flask components correctly for selinux.
329 frogger 1.5
330     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
331     hardened-sources-2.4.20-r1.ebuild:
332     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
333     is patched in instead. Ptrace patches for selinux have also been added. In
334     either case, systrace support will be patched in as well.
335 frogger 1.3
336     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
337     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
338 plasmaroo 1.18 Revision bump for new sources.
339 frogger 1.4
340 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
341 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
342 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
343 method 1.1
344 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
345    
346 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
347     hardened-sources-2.4.20.ebuild:
348 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20