/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.50 - (hide annotations) (download)
Thu Jan 27 06:31:15 2005 UTC (9 years, 10 months ago) by tocharian
Branch: MAIN
Changes since 1.49: +5 -1 lines
2.4.28-r4 stable on x86
(Portage version: 2.0.51-r14)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 tocharian 1.50 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.49 2005/01/24 01:56:13 solar Exp $
4    
5     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
6     hardened-sources-2.4.28-r4.ebuild:
7     Stable on x86
8 solar 1.49
9     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
10     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
11     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
12     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
13     - fixed/added RDEPEND= in all kernel-2 ebuilds
14 tocharian 1.48
15     *hardened-sources-2.4.28-r4 (21 Jan 2005)
16    
17     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
18     +hardened-sources-2.4.28-r4.ebuild:
19     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
20     backport of neighbour hash updates.
21 tocharian 1.47
22     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
23     hardened-sources-2.4.28-r3.ebuild:
24     Stable on x86
25 tseng 1.46
26     *hardened-sources-2.6.10-r3 (20 Jan 2005)
27    
28     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
29     +hardened-sources-2.6.10-r3.ebuild:
30     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
31     in 2005.0
32 tocharian 1.45
33     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
34     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
35     hardened-sources-2.4.28-r2.ebuild:
36     Mark stable on x86
37 tocharian 1.44
38     *hardened-sources-2.4.28-r3 (17 Jan 2005)
39    
40     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
41     +hardened-sources-2.4.28-r3.ebuild:
42     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
43 tocharian 1.43
44     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
45     hardened-sources-2.4.28.ebuild:
46     Mark stable on x86.
47 tocharian 1.42
48     *hardened-sources-2.4.28-r2 (13 Jan 2005)
49    
50     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
51     +hardened-sources-2.4.28-r2.ebuild:
52     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
53     Mazinger for grsecurity patches as well.
54 plasmaroo 1.41
55     *hardened-sources-2.4.28-r1 (23 Dec 2004)
56    
57     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
58     Security bump. Thank tocharian for rolling a new patchset...
59 solar 1.40
60     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
61     +files/2.4.28-grsec-cmdline-race.patch,
62     +files/2.4.28-selinux-binfmt_a.out.patch,
63     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
64     - Round up remaining security patches that appear to be missing in 2.4.28. -
65     PaX standalone updated to current. hgpv=28.1
66 solar 1.39
67     *hardened-sources-2.4.28 (28 Nov 2004)
68    
69     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
70     security bump. Thank tocharian for rolling a new patchset
71 scox 1.31
72 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
73    
74     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
75     +hardened-sources-2.4.27-r3.ebuild:
76     Applies the new 2.4-27.2 patchball which updates
77     GRSecurity to the 2.0.1 version.
78    
79 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
80    
81     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
82     +hardened-sources-2.4.27-r2.ebuild:
83     Version bump.
84     This version uses the new 2.4-27.1 patchball which updates
85     both the SELinux PaX hooks patch and the SELinux headers.
86    
87 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
88    
89     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
90     +hardened-sources-2.4.27-r1.ebuild,
91     -hardened-sources-2.4.27.ebuild,
92     +files/2.4.27-cmdline-race.patch:
93     Version bump, fix for cmdline race. See bug #59905.
94    
95     *hardened-sources-2.4.26-r6 (09 Aug 2004)
96    
97     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
98     +hardened-sources-2.4.26-r6.ebuild,
99     -hardened-sources-2.4.26-r5.ebuild,
100     -hardened-sources-2.4.26-r4.ebuild,
101     +files/2.4.26-cmdline-race.patch:
102     Version bump, fix for cmdline race. See bug #59905.
103    
104 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
105    
106     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
107     +hardened-sources-2.4.27.ebuild,
108     +files/2.4.27-CAN-2004-0394.patch:
109     Ported the patchball to the 2.4.27 kernel version.
110    
111 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
112    
113     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
114     +hardened-sources-2.4.26-r5.ebuild:
115 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
116 scox 1.34 It adds the following features:
117     - Squashfs
118     - Ebtables
119     - Netdev random (core+drivers)
120     - Watchdog Timer (WDT) fix.
121    
122 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
123    
124     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
125     +hardened-sources-2.4.26-r4.ebuild,
126     +files/2.4.26-CAN-2004-0415.patch,
127     -hardened-sources-2.4.26-3:
128     Version bump, fix for CAN 0415, see bug #59378.
129    
130 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
131    
132     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
133     +hardened-sources-2.4.26-r3.ebuild,
134     +files/2.4.26-CAN-2004-0497.patch,
135     -hardened-sources-2.4.26-r2.ebuild:
136     Version bump, fixed CAN 0497, see bug #56171.
137    
138 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
139    
140     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
141 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
142 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
143     +files/2.4.26-CAN-2004-0535.patch,
144     -hardened-sources-2.4.26-r1.ebuild:
145     Fixes for both CAN 0495 and 0535, see bug #54976
146 pvdabeel 1.27
147 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
148     hardened-sources-2.4.26-r1.ebuild:
149     QA - fix use invocation
150 scox 1.28
151     *hardened-sources-2.4.26-r1 (22 June 2004)
152    
153     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
154     +hardened-sources-2.4.26-r1.ebuild,
155     +files/2.4.26-CAN-2004-0394.patch,
156     +files/2.4.26-signal-race.patch,
157     -hardened-sources-2.4.26.ebuild,
158     -hardened-sources-2.4.24-r3.ebuild:
159     Version bump for the CAN-2004-0394 issue and bug #53804
160     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
161    
162    
163 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
164     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
165     Masked hardened-sources-2.4.26.ebuild broken for ppc
166    
167     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
168     hardened-sources-2.4.24-r3.ebuild:
169     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
170 plasmaroo 1.25
171 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
172    
173     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
174     +hardened-sources-2.4.26.ebuild:
175     Updated hardened-sources for the 2.4.26 kernel
176     Removed broken components, updated almost everything.
177    
178 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
179    
180     17 Apr 2004; <plasmaroo@gentoo.org>
181     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
182     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
183     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
184     +hardened-sources-2.4.24-r3.ebuild:
185     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
186     vulnerabilities. Old revisions removed.
187 plasmaroo 1.24
188     *hardened-sources-2.4.24-r2 (15 Apr 2004)
189    
190     15 Apr 2004; <plasmaroo@gentoo.org>
191     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
192     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
193     Version bump for the CAN-2004-0109 issue; bug #47881.
194 aliz 1.23
195     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
196     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
197     Add eutils to inherit.
198 plasmaroo 1.22
199     *hardened-sources-2.4.24-r1 (19 Feb 2004)
200    
201     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
202     files/hardened-sources-2.4.24.munmap.patch:
203     Added the patch for the mremap/munmap vulnerability. Bug #42024.
204 scox 1.19
205 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
206 scox 1.26
207 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
208     hardened-sources-2.4.24.ebuild:
209     Version bump, updated most of the components.
210     This release includes the following:
211    
212     - Hardened security
213     - Netfilter patch-o-matic 20031219
214     - FreeSWAN 2.04 & x509 1.4.8
215     - EVMS 2.2.2
216     - XFS 1.3.1
217     - cryptoloop jari
218     - grsecurity 2.0-rc4
219     - SELinux
220     - PaX 200402060000
221     - PaX Obscurity 200308302223
222     - Others...
223    
224     Neither -ck nor systrace are included anymore.
225    
226 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
227    
228     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
229     hardened-sources-2.4.22-r2.ebuild:
230 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
231 scox 1.19
232     *hardened-sources-2.4.22-r1 (02 Dec 2003)
233 iggy 1.17
234     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
235 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
236 iggy 1.16
237     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
238 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
239     Version bump for the 'do_brk' vulnerability.
240 iggy 1.15
241     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
242     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
243     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
244     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
245 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
246 frogger 1.14
247     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
248     hardened-sources-2.4.22.ebuild:
249 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
250     components. These are no longer handled in the kernel
251     so this code was not necessary.
252 frogger 1.13
253     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
254     New 2.4.22 based hardened-sources thanks to
255     Phil West <p.west@computer.org>.
256    
257     These sources include:
258 plasmaroo 1.18 - New SELinux API
259     - Updated CK-base
260     - Updated GRSec
261     - Systrace
262     - SuperFreeS/WAN 1.99.8
263     - Propolice kernel build support
264     - EVMS
265     - Other various security related patches
266 frogger 1.11
267 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
268    
269     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
270     Updated hardened-sources based on the 2.4.21 Linux kernel.
271     This includes updates to most major components such as:
272 plasmaroo 1.18 - ck-base-0306300059
273     - selinux-2.4-2003071106
274     - grsecurity-2.0-rc1
275     - Updated IPTables patch-o-matic
276     - Updated SuperFreeS/WAN
277    
278 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
279     updated patch set ready for the 2.4.21 based kernel.
280    
281 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
282     Initial import of hardened-sources-2.4.20-r4. This revision
283     includes only a few changes, but one of these is an important
284     security fix. It is recommended all users of hardened-sources
285     upgrade to this release.
286 plasmaroo 1.18
287 frogger 1.11 - ioperm bug fix
288     - fixed compilation failure when building without GRSec
289 plasmaroo 1.18
290 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
291     due to time constraints, but is planned for inclusion in the near
292     future.
293 msterret 1.10
294     *hardened-sources-2.4.20-r2 (12 Jun 2003)
295    
296     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
297     hardened-sources-2.4.20-r3.ebuild:
298 plasmaroo 1.18 Add Header...
299 frogger 1.9
300     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
301     hardened-sources-2.4.20-r3.ebuild:
302     Removed warnings from ebuild. This kernel should be safe to
303     use at this point.
304 frogger 1.8
305     *hardened-sources-2.4.20-r3 (08 Jun 2003)
306    
307     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
308     hardened-sources-2.4.20-r3.ebuild:
309     New revision. Includes the following changes over -r2:
310 plasmaroo 1.18
311 frogger 1.8 - ck7-base (O(1), preempt, low latency)
312     - Super FreeS/WAN 1.99.7rc2
313     - PaX for the LSM/SELinux branch
314     - GRSecurity 2.0-pre4 (role based access control)
315     - Systrace 1.3
316     - EXT3 fixes
317     - EVMS 2.0.1
318     - GCC 3.1+ compile optimizations
319     - ProPolice kernel build support
320     - Hashing table security fixes
321 frogger 1.3
322     *hardened-sources-2.4.20-r1 (09 Apr 2003)
323 frogger 1.7
324     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
325     Initial import of hardened-sources-r2. This new
326     ebuild includes many new performance and security
327     related patches. As in -r1, it will patch in
328     LSM/SELinux if "selinux" is in USE, otherwise it
329     will patch in GRSecurity. The following patches
330     are included in this revision:
331 plasmaroo 1.18
332 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
333     (pulled from the base CK patch)
334     - ptrace exploit patch for the LSM kernel
335     (the GRSec patch already fixes this)
336     - LSM 2.4-2003040709
337     - SELinux 2.4-2003040709
338     - Systrace v1.2
339     - IPTables patch-o-matic base patches - 20030107
340     - CryptoAPI 2.4.20.1 w/ loop-jari patch
341     - Super FreeS/WAN 1.99.6.1
342     - GRSecurity 1.9.9g
343     - MPPE
344     - EXT3 data journal fix
345     - CIPE 1.5.4
346 frogger 1.6
347     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
348     hardened-sources-2.4.20-r1.ebuild, manifest:
349 plasmaroo 1.18 Updated to install flask components correctly for selinux.
350 frogger 1.5
351     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
352     hardened-sources-2.4.20-r1.ebuild:
353     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
354     is patched in instead. Ptrace patches for selinux have also been added. In
355     either case, systrace support will be patched in as well.
356 frogger 1.3
357     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
358     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
359 plasmaroo 1.18 Revision bump for new sources.
360 frogger 1.4
361 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
362 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
363 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
364 method 1.1
365 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
366    
367 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
368     hardened-sources-2.4.20.ebuild:
369 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20