/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.49 - (hide annotations) (download)
Mon Jan 24 01:56:13 2005 UTC (9 years, 5 months ago) by solar
Branch: MAIN
Changes since 1.48: +7 -1 lines
- fixed/added RDEPEND= in all kernel-2 ebuilds
(Portage version: 2.0.51-r13)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.49 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.48 2005/01/22 03:08:36 tocharian Exp $
4    
5     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
6     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
7     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
8     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
9     - fixed/added RDEPEND= in all kernel-2 ebuilds
10 tocharian 1.48
11     *hardened-sources-2.4.28-r4 (21 Jan 2005)
12    
13     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
14     +hardened-sources-2.4.28-r4.ebuild:
15     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
16     backport of neighbour hash updates.
17 tocharian 1.47
18     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
19     hardened-sources-2.4.28-r3.ebuild:
20     Stable on x86
21 tseng 1.46
22     *hardened-sources-2.6.10-r3 (20 Jan 2005)
23    
24     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
25     +hardened-sources-2.6.10-r3.ebuild:
26     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
27     in 2005.0
28 tocharian 1.45
29     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
30     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
31     hardened-sources-2.4.28-r2.ebuild:
32     Mark stable on x86
33 tocharian 1.44
34     *hardened-sources-2.4.28-r3 (17 Jan 2005)
35    
36     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
37     +hardened-sources-2.4.28-r3.ebuild:
38     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
39 tocharian 1.43
40     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
41     hardened-sources-2.4.28.ebuild:
42     Mark stable on x86.
43 tocharian 1.42
44     *hardened-sources-2.4.28-r2 (13 Jan 2005)
45    
46     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
47     +hardened-sources-2.4.28-r2.ebuild:
48     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
49     Mazinger for grsecurity patches as well.
50 plasmaroo 1.41
51     *hardened-sources-2.4.28-r1 (23 Dec 2004)
52    
53     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
54     Security bump. Thank tocharian for rolling a new patchset...
55 solar 1.40
56     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
57     +files/2.4.28-grsec-cmdline-race.patch,
58     +files/2.4.28-selinux-binfmt_a.out.patch,
59     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
60     - Round up remaining security patches that appear to be missing in 2.4.28. -
61     PaX standalone updated to current. hgpv=28.1
62 solar 1.39
63     *hardened-sources-2.4.28 (28 Nov 2004)
64    
65     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
66     security bump. Thank tocharian for rolling a new patchset
67 scox 1.31
68 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
69    
70     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
71     +hardened-sources-2.4.27-r3.ebuild:
72     Applies the new 2.4-27.2 patchball which updates
73     GRSecurity to the 2.0.1 version.
74    
75 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
76    
77     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
78     +hardened-sources-2.4.27-r2.ebuild:
79     Version bump.
80     This version uses the new 2.4-27.1 patchball which updates
81     both the SELinux PaX hooks patch and the SELinux headers.
82    
83 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
84    
85     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
86     +hardened-sources-2.4.27-r1.ebuild,
87     -hardened-sources-2.4.27.ebuild,
88     +files/2.4.27-cmdline-race.patch:
89     Version bump, fix for cmdline race. See bug #59905.
90    
91     *hardened-sources-2.4.26-r6 (09 Aug 2004)
92    
93     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
94     +hardened-sources-2.4.26-r6.ebuild,
95     -hardened-sources-2.4.26-r5.ebuild,
96     -hardened-sources-2.4.26-r4.ebuild,
97     +files/2.4.26-cmdline-race.patch:
98     Version bump, fix for cmdline race. See bug #59905.
99    
100 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
101    
102     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
103     +hardened-sources-2.4.27.ebuild,
104     +files/2.4.27-CAN-2004-0394.patch:
105     Ported the patchball to the 2.4.27 kernel version.
106    
107 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
108    
109     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
110     +hardened-sources-2.4.26-r5.ebuild:
111 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
112 scox 1.34 It adds the following features:
113     - Squashfs
114     - Ebtables
115     - Netdev random (core+drivers)
116     - Watchdog Timer (WDT) fix.
117    
118 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
119    
120     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
121     +hardened-sources-2.4.26-r4.ebuild,
122     +files/2.4.26-CAN-2004-0415.patch,
123     -hardened-sources-2.4.26-3:
124     Version bump, fix for CAN 0415, see bug #59378.
125    
126 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
127    
128     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
129     +hardened-sources-2.4.26-r3.ebuild,
130     +files/2.4.26-CAN-2004-0497.patch,
131     -hardened-sources-2.4.26-r2.ebuild:
132     Version bump, fixed CAN 0497, see bug #56171.
133    
134 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
135    
136     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
137 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
138 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
139     +files/2.4.26-CAN-2004-0535.patch,
140     -hardened-sources-2.4.26-r1.ebuild:
141     Fixes for both CAN 0495 and 0535, see bug #54976
142 pvdabeel 1.27
143 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
144     hardened-sources-2.4.26-r1.ebuild:
145     QA - fix use invocation
146 scox 1.28
147     *hardened-sources-2.4.26-r1 (22 June 2004)
148    
149     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
150     +hardened-sources-2.4.26-r1.ebuild,
151     +files/2.4.26-CAN-2004-0394.patch,
152     +files/2.4.26-signal-race.patch,
153     -hardened-sources-2.4.26.ebuild,
154     -hardened-sources-2.4.24-r3.ebuild:
155     Version bump for the CAN-2004-0394 issue and bug #53804
156     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
157    
158    
159 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
160     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
161     Masked hardened-sources-2.4.26.ebuild broken for ppc
162    
163     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
164     hardened-sources-2.4.24-r3.ebuild:
165     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
166 plasmaroo 1.25
167 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
168    
169     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
170     +hardened-sources-2.4.26.ebuild:
171     Updated hardened-sources for the 2.4.26 kernel
172     Removed broken components, updated almost everything.
173    
174 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
175    
176     17 Apr 2004; <plasmaroo@gentoo.org>
177     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
178     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
179     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
180     +hardened-sources-2.4.24-r3.ebuild:
181     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
182     vulnerabilities. Old revisions removed.
183 plasmaroo 1.24
184     *hardened-sources-2.4.24-r2 (15 Apr 2004)
185    
186     15 Apr 2004; <plasmaroo@gentoo.org>
187     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
188     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
189     Version bump for the CAN-2004-0109 issue; bug #47881.
190 aliz 1.23
191     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
192     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
193     Add eutils to inherit.
194 plasmaroo 1.22
195     *hardened-sources-2.4.24-r1 (19 Feb 2004)
196    
197     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
198     files/hardened-sources-2.4.24.munmap.patch:
199     Added the patch for the mremap/munmap vulnerability. Bug #42024.
200 scox 1.19
201 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
202 scox 1.26
203 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
204     hardened-sources-2.4.24.ebuild:
205     Version bump, updated most of the components.
206     This release includes the following:
207    
208     - Hardened security
209     - Netfilter patch-o-matic 20031219
210     - FreeSWAN 2.04 & x509 1.4.8
211     - EVMS 2.2.2
212     - XFS 1.3.1
213     - cryptoloop jari
214     - grsecurity 2.0-rc4
215     - SELinux
216     - PaX 200402060000
217     - PaX Obscurity 200308302223
218     - Others...
219    
220     Neither -ck nor systrace are included anymore.
221    
222 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
223    
224     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
225     hardened-sources-2.4.22-r2.ebuild:
226 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
227 scox 1.19
228     *hardened-sources-2.4.22-r1 (02 Dec 2003)
229 iggy 1.17
230     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
231 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
232 iggy 1.16
233     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
234 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
235     Version bump for the 'do_brk' vulnerability.
236 iggy 1.15
237     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
238     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
239     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
240     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
241 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
242 frogger 1.14
243     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
244     hardened-sources-2.4.22.ebuild:
245 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
246     components. These are no longer handled in the kernel
247     so this code was not necessary.
248 frogger 1.13
249     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
250     New 2.4.22 based hardened-sources thanks to
251     Phil West <p.west@computer.org>.
252    
253     These sources include:
254 plasmaroo 1.18 - New SELinux API
255     - Updated CK-base
256     - Updated GRSec
257     - Systrace
258     - SuperFreeS/WAN 1.99.8
259     - Propolice kernel build support
260     - EVMS
261     - Other various security related patches
262 frogger 1.11
263 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
264    
265     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
266     Updated hardened-sources based on the 2.4.21 Linux kernel.
267     This includes updates to most major components such as:
268 plasmaroo 1.18 - ck-base-0306300059
269     - selinux-2.4-2003071106
270     - grsecurity-2.0-rc1
271     - Updated IPTables patch-o-matic
272     - Updated SuperFreeS/WAN
273    
274 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
275     updated patch set ready for the 2.4.21 based kernel.
276    
277 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
278     Initial import of hardened-sources-2.4.20-r4. This revision
279     includes only a few changes, but one of these is an important
280     security fix. It is recommended all users of hardened-sources
281     upgrade to this release.
282 plasmaroo 1.18
283 frogger 1.11 - ioperm bug fix
284     - fixed compilation failure when building without GRSec
285 plasmaroo 1.18
286 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
287     due to time constraints, but is planned for inclusion in the near
288     future.
289 msterret 1.10
290     *hardened-sources-2.4.20-r2 (12 Jun 2003)
291    
292     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
293     hardened-sources-2.4.20-r3.ebuild:
294 plasmaroo 1.18 Add Header...
295 frogger 1.9
296     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
297     hardened-sources-2.4.20-r3.ebuild:
298     Removed warnings from ebuild. This kernel should be safe to
299     use at this point.
300 frogger 1.8
301     *hardened-sources-2.4.20-r3 (08 Jun 2003)
302    
303     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
304     hardened-sources-2.4.20-r3.ebuild:
305     New revision. Includes the following changes over -r2:
306 plasmaroo 1.18
307 frogger 1.8 - ck7-base (O(1), preempt, low latency)
308     - Super FreeS/WAN 1.99.7rc2
309     - PaX for the LSM/SELinux branch
310     - GRSecurity 2.0-pre4 (role based access control)
311     - Systrace 1.3
312     - EXT3 fixes
313     - EVMS 2.0.1
314     - GCC 3.1+ compile optimizations
315     - ProPolice kernel build support
316     - Hashing table security fixes
317 frogger 1.3
318     *hardened-sources-2.4.20-r1 (09 Apr 2003)
319 frogger 1.7
320     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
321     Initial import of hardened-sources-r2. This new
322     ebuild includes many new performance and security
323     related patches. As in -r1, it will patch in
324     LSM/SELinux if "selinux" is in USE, otherwise it
325     will patch in GRSecurity. The following patches
326     are included in this revision:
327 plasmaroo 1.18
328 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
329     (pulled from the base CK patch)
330     - ptrace exploit patch for the LSM kernel
331     (the GRSec patch already fixes this)
332     - LSM 2.4-2003040709
333     - SELinux 2.4-2003040709
334     - Systrace v1.2
335     - IPTables patch-o-matic base patches - 20030107
336     - CryptoAPI 2.4.20.1 w/ loop-jari patch
337     - Super FreeS/WAN 1.99.6.1
338     - GRSecurity 1.9.9g
339     - MPPE
340     - EXT3 data journal fix
341     - CIPE 1.5.4
342 frogger 1.6
343     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
344     hardened-sources-2.4.20-r1.ebuild, manifest:
345 plasmaroo 1.18 Updated to install flask components correctly for selinux.
346 frogger 1.5
347     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
348     hardened-sources-2.4.20-r1.ebuild:
349     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
350     is patched in instead. Ptrace patches for selinux have also been added. In
351     either case, systrace support will be patched in as well.
352 frogger 1.3
353     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
354     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
355 plasmaroo 1.18 Revision bump for new sources.
356 frogger 1.4
357 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
358 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
359 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
360 method 1.1
361 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
362    
363 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
364     hardened-sources-2.4.20.ebuild:
365 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20