/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.47 - (hide annotations) (download)
Sat Jan 22 00:25:49 2005 UTC (9 years, 8 months ago) by tocharian
Branch: MAIN
Changes since 1.46: +5 -1 lines
Mark 2.4.28-r3 stable on x86

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 tocharian 1.47 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.46 2005/01/21 00:34:40 tseng Exp $
4    
5     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
6     hardened-sources-2.4.28-r3.ebuild:
7     Stable on x86
8 tseng 1.46
9     *hardened-sources-2.6.10-r3 (20 Jan 2005)
10    
11     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
12     +hardened-sources-2.6.10-r3.ebuild:
13     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
14     in 2005.0
15 tocharian 1.45
16     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
17     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
18     hardened-sources-2.4.28-r2.ebuild:
19     Mark stable on x86
20 tocharian 1.44
21     *hardened-sources-2.4.28-r3 (17 Jan 2005)
22    
23     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
24     +hardened-sources-2.4.28-r3.ebuild:
25     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
26 tocharian 1.43
27     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
28     hardened-sources-2.4.28.ebuild:
29     Mark stable on x86.
30 tocharian 1.42
31     *hardened-sources-2.4.28-r2 (13 Jan 2005)
32    
33     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
34     +hardened-sources-2.4.28-r2.ebuild:
35     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
36     Mazinger for grsecurity patches as well.
37 plasmaroo 1.41
38     *hardened-sources-2.4.28-r1 (23 Dec 2004)
39    
40     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
41     Security bump. Thank tocharian for rolling a new patchset...
42 solar 1.40
43     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
44     +files/2.4.28-grsec-cmdline-race.patch,
45     +files/2.4.28-selinux-binfmt_a.out.patch,
46     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
47     - Round up remaining security patches that appear to be missing in 2.4.28. -
48     PaX standalone updated to current. hgpv=28.1
49 solar 1.39
50     *hardened-sources-2.4.28 (28 Nov 2004)
51    
52     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
53     security bump. Thank tocharian for rolling a new patchset
54 scox 1.31
55 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
56    
57     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
58     +hardened-sources-2.4.27-r3.ebuild:
59     Applies the new 2.4-27.2 patchball which updates
60     GRSecurity to the 2.0.1 version.
61    
62 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
63    
64     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
65     +hardened-sources-2.4.27-r2.ebuild:
66     Version bump.
67     This version uses the new 2.4-27.1 patchball which updates
68     both the SELinux PaX hooks patch and the SELinux headers.
69    
70 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
71    
72     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
73     +hardened-sources-2.4.27-r1.ebuild,
74     -hardened-sources-2.4.27.ebuild,
75     +files/2.4.27-cmdline-race.patch:
76     Version bump, fix for cmdline race. See bug #59905.
77    
78     *hardened-sources-2.4.26-r6 (09 Aug 2004)
79    
80     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
81     +hardened-sources-2.4.26-r6.ebuild,
82     -hardened-sources-2.4.26-r5.ebuild,
83     -hardened-sources-2.4.26-r4.ebuild,
84     +files/2.4.26-cmdline-race.patch:
85     Version bump, fix for cmdline race. See bug #59905.
86    
87 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
88    
89     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
90     +hardened-sources-2.4.27.ebuild,
91     +files/2.4.27-CAN-2004-0394.patch:
92     Ported the patchball to the 2.4.27 kernel version.
93    
94 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
95    
96     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
97     +hardened-sources-2.4.26-r5.ebuild:
98 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
99 scox 1.34 It adds the following features:
100     - Squashfs
101     - Ebtables
102     - Netdev random (core+drivers)
103     - Watchdog Timer (WDT) fix.
104    
105 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
106    
107     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
108     +hardened-sources-2.4.26-r4.ebuild,
109     +files/2.4.26-CAN-2004-0415.patch,
110     -hardened-sources-2.4.26-3:
111     Version bump, fix for CAN 0415, see bug #59378.
112    
113 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
114    
115     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
116     +hardened-sources-2.4.26-r3.ebuild,
117     +files/2.4.26-CAN-2004-0497.patch,
118     -hardened-sources-2.4.26-r2.ebuild:
119     Version bump, fixed CAN 0497, see bug #56171.
120    
121 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
122    
123     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
124 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
125 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
126     +files/2.4.26-CAN-2004-0535.patch,
127     -hardened-sources-2.4.26-r1.ebuild:
128     Fixes for both CAN 0495 and 0535, see bug #54976
129 pvdabeel 1.27
130 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
131     hardened-sources-2.4.26-r1.ebuild:
132     QA - fix use invocation
133 scox 1.28
134     *hardened-sources-2.4.26-r1 (22 June 2004)
135    
136     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
137     +hardened-sources-2.4.26-r1.ebuild,
138     +files/2.4.26-CAN-2004-0394.patch,
139     +files/2.4.26-signal-race.patch,
140     -hardened-sources-2.4.26.ebuild,
141     -hardened-sources-2.4.24-r3.ebuild:
142     Version bump for the CAN-2004-0394 issue and bug #53804
143     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
144    
145    
146 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
147     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
148     Masked hardened-sources-2.4.26.ebuild broken for ppc
149    
150     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
151     hardened-sources-2.4.24-r3.ebuild:
152     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
153 plasmaroo 1.25
154 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
155    
156     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
157     +hardened-sources-2.4.26.ebuild:
158     Updated hardened-sources for the 2.4.26 kernel
159     Removed broken components, updated almost everything.
160    
161 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
162    
163     17 Apr 2004; <plasmaroo@gentoo.org>
164     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
165     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
166     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
167     +hardened-sources-2.4.24-r3.ebuild:
168     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
169     vulnerabilities. Old revisions removed.
170 plasmaroo 1.24
171     *hardened-sources-2.4.24-r2 (15 Apr 2004)
172    
173     15 Apr 2004; <plasmaroo@gentoo.org>
174     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
175     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
176     Version bump for the CAN-2004-0109 issue; bug #47881.
177 aliz 1.23
178     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
179     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
180     Add eutils to inherit.
181 plasmaroo 1.22
182     *hardened-sources-2.4.24-r1 (19 Feb 2004)
183    
184     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
185     files/hardened-sources-2.4.24.munmap.patch:
186     Added the patch for the mremap/munmap vulnerability. Bug #42024.
187 scox 1.19
188 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
189 scox 1.26
190 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
191     hardened-sources-2.4.24.ebuild:
192     Version bump, updated most of the components.
193     This release includes the following:
194    
195     - Hardened security
196     - Netfilter patch-o-matic 20031219
197     - FreeSWAN 2.04 & x509 1.4.8
198     - EVMS 2.2.2
199     - XFS 1.3.1
200     - cryptoloop jari
201     - grsecurity 2.0-rc4
202     - SELinux
203     - PaX 200402060000
204     - PaX Obscurity 200308302223
205     - Others...
206    
207     Neither -ck nor systrace are included anymore.
208    
209 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
210    
211     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
212     hardened-sources-2.4.22-r2.ebuild:
213 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
214 scox 1.19
215     *hardened-sources-2.4.22-r1 (02 Dec 2003)
216 iggy 1.17
217     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
218 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
219 iggy 1.16
220     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
221 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
222     Version bump for the 'do_brk' vulnerability.
223 iggy 1.15
224     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
225     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
226     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
227     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
228 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
229 frogger 1.14
230     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
231     hardened-sources-2.4.22.ebuild:
232 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
233     components. These are no longer handled in the kernel
234     so this code was not necessary.
235 frogger 1.13
236     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
237     New 2.4.22 based hardened-sources thanks to
238     Phil West <p.west@computer.org>.
239    
240     These sources include:
241 plasmaroo 1.18 - New SELinux API
242     - Updated CK-base
243     - Updated GRSec
244     - Systrace
245     - SuperFreeS/WAN 1.99.8
246     - Propolice kernel build support
247     - EVMS
248     - Other various security related patches
249 frogger 1.11
250 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
251    
252     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
253     Updated hardened-sources based on the 2.4.21 Linux kernel.
254     This includes updates to most major components such as:
255 plasmaroo 1.18 - ck-base-0306300059
256     - selinux-2.4-2003071106
257     - grsecurity-2.0-rc1
258     - Updated IPTables patch-o-matic
259     - Updated SuperFreeS/WAN
260    
261 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
262     updated patch set ready for the 2.4.21 based kernel.
263    
264 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
265     Initial import of hardened-sources-2.4.20-r4. This revision
266     includes only a few changes, but one of these is an important
267     security fix. It is recommended all users of hardened-sources
268     upgrade to this release.
269 plasmaroo 1.18
270 frogger 1.11 - ioperm bug fix
271     - fixed compilation failure when building without GRSec
272 plasmaroo 1.18
273 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
274     due to time constraints, but is planned for inclusion in the near
275     future.
276 msterret 1.10
277     *hardened-sources-2.4.20-r2 (12 Jun 2003)
278    
279     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
280     hardened-sources-2.4.20-r3.ebuild:
281 plasmaroo 1.18 Add Header...
282 frogger 1.9
283     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
284     hardened-sources-2.4.20-r3.ebuild:
285     Removed warnings from ebuild. This kernel should be safe to
286     use at this point.
287 frogger 1.8
288     *hardened-sources-2.4.20-r3 (08 Jun 2003)
289    
290     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
291     hardened-sources-2.4.20-r3.ebuild:
292     New revision. Includes the following changes over -r2:
293 plasmaroo 1.18
294 frogger 1.8 - ck7-base (O(1), preempt, low latency)
295     - Super FreeS/WAN 1.99.7rc2
296     - PaX for the LSM/SELinux branch
297     - GRSecurity 2.0-pre4 (role based access control)
298     - Systrace 1.3
299     - EXT3 fixes
300     - EVMS 2.0.1
301     - GCC 3.1+ compile optimizations
302     - ProPolice kernel build support
303     - Hashing table security fixes
304 frogger 1.3
305     *hardened-sources-2.4.20-r1 (09 Apr 2003)
306 frogger 1.7
307     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
308     Initial import of hardened-sources-r2. This new
309     ebuild includes many new performance and security
310     related patches. As in -r1, it will patch in
311     LSM/SELinux if "selinux" is in USE, otherwise it
312     will patch in GRSecurity. The following patches
313     are included in this revision:
314 plasmaroo 1.18
315 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
316     (pulled from the base CK patch)
317     - ptrace exploit patch for the LSM kernel
318     (the GRSec patch already fixes this)
319     - LSM 2.4-2003040709
320     - SELinux 2.4-2003040709
321     - Systrace v1.2
322     - IPTables patch-o-matic base patches - 20030107
323     - CryptoAPI 2.4.20.1 w/ loop-jari patch
324     - Super FreeS/WAN 1.99.6.1
325     - GRSecurity 1.9.9g
326     - MPPE
327     - EXT3 data journal fix
328     - CIPE 1.5.4
329 frogger 1.6
330     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
331     hardened-sources-2.4.20-r1.ebuild, manifest:
332 plasmaroo 1.18 Updated to install flask components correctly for selinux.
333 frogger 1.5
334     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
335     hardened-sources-2.4.20-r1.ebuild:
336     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
337     is patched in instead. Ptrace patches for selinux have also been added. In
338     either case, systrace support will be patched in as well.
339 frogger 1.3
340     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
341     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
342 plasmaroo 1.18 Revision bump for new sources.
343 frogger 1.4
344 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
345 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
346 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
347 method 1.1
348 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
349    
350 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
351     hardened-sources-2.4.20.ebuild:
352 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20