/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.51 - (hide annotations) (download)
Wed Mar 30 08:04:58 2005 UTC (9 years, 6 months ago) by scox
Branch: MAIN
Changes since 1.50: +15 -2 lines
Added hardened-sources-2.4.29.ebuild
(Portage version: 2.0.51.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 scox 1.51 # $Header: $
4 tocharian 1.50
5 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
6    
7     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
8     +hardened-sources-2.4.29.ebuild:
9     New hardened-patches-2.4-29.0 patchball.
10     Removed SELinux support, upgraded GRSecurity to 2.1.4.
11    
12     *hardened-sources-2.4.28-r5 (06 Mar 2005)
13    
14     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
15     +hardened-sources-2.4.28-r5.ebuild:
16     Added a fix for a PaX vulnerability.
17    
18     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
19 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
20     Stable on x86
21 solar 1.49
22     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
23     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
24     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
25     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
26     - fixed/added RDEPEND= in all kernel-2 ebuilds
27 tocharian 1.48
28     *hardened-sources-2.4.28-r4 (21 Jan 2005)
29    
30     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
31     +hardened-sources-2.4.28-r4.ebuild:
32     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
33     backport of neighbour hash updates.
34 tocharian 1.47
35     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
36     hardened-sources-2.4.28-r3.ebuild:
37     Stable on x86
38 tseng 1.46
39     *hardened-sources-2.6.10-r3 (20 Jan 2005)
40    
41     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
42     +hardened-sources-2.6.10-r3.ebuild:
43     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
44     in 2005.0
45 tocharian 1.45
46     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
47     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
48     hardened-sources-2.4.28-r2.ebuild:
49     Mark stable on x86
50 tocharian 1.44
51     *hardened-sources-2.4.28-r3 (17 Jan 2005)
52    
53     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
54     +hardened-sources-2.4.28-r3.ebuild:
55     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
56 tocharian 1.43
57     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
58     hardened-sources-2.4.28.ebuild:
59     Mark stable on x86.
60 tocharian 1.42
61     *hardened-sources-2.4.28-r2 (13 Jan 2005)
62    
63     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
64     +hardened-sources-2.4.28-r2.ebuild:
65     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
66     Mazinger for grsecurity patches as well.
67 plasmaroo 1.41
68     *hardened-sources-2.4.28-r1 (23 Dec 2004)
69    
70     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
71     Security bump. Thank tocharian for rolling a new patchset...
72 solar 1.40
73     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
74     +files/2.4.28-grsec-cmdline-race.patch,
75     +files/2.4.28-selinux-binfmt_a.out.patch,
76     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
77     - Round up remaining security patches that appear to be missing in 2.4.28. -
78     PaX standalone updated to current. hgpv=28.1
79 solar 1.39
80     *hardened-sources-2.4.28 (28 Nov 2004)
81    
82     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
83     security bump. Thank tocharian for rolling a new patchset
84 scox 1.31
85 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
86    
87     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
88     +hardened-sources-2.4.27-r3.ebuild:
89     Applies the new 2.4-27.2 patchball which updates
90     GRSecurity to the 2.0.1 version.
91    
92 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
93    
94     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
95     +hardened-sources-2.4.27-r2.ebuild:
96     Version bump.
97     This version uses the new 2.4-27.1 patchball which updates
98     both the SELinux PaX hooks patch and the SELinux headers.
99    
100 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
101    
102     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
103     +hardened-sources-2.4.27-r1.ebuild,
104     -hardened-sources-2.4.27.ebuild,
105     +files/2.4.27-cmdline-race.patch:
106     Version bump, fix for cmdline race. See bug #59905.
107    
108     *hardened-sources-2.4.26-r6 (09 Aug 2004)
109    
110     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
111     +hardened-sources-2.4.26-r6.ebuild,
112     -hardened-sources-2.4.26-r5.ebuild,
113     -hardened-sources-2.4.26-r4.ebuild,
114     +files/2.4.26-cmdline-race.patch:
115     Version bump, fix for cmdline race. See bug #59905.
116    
117 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
118    
119     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
120     +hardened-sources-2.4.27.ebuild,
121     +files/2.4.27-CAN-2004-0394.patch:
122     Ported the patchball to the 2.4.27 kernel version.
123    
124 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
125    
126     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
127     +hardened-sources-2.4.26-r5.ebuild:
128 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
129 scox 1.34 It adds the following features:
130     - Squashfs
131     - Ebtables
132     - Netdev random (core+drivers)
133     - Watchdog Timer (WDT) fix.
134    
135 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
136    
137     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
138     +hardened-sources-2.4.26-r4.ebuild,
139     +files/2.4.26-CAN-2004-0415.patch,
140     -hardened-sources-2.4.26-3:
141     Version bump, fix for CAN 0415, see bug #59378.
142    
143 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
144    
145     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
146     +hardened-sources-2.4.26-r3.ebuild,
147     +files/2.4.26-CAN-2004-0497.patch,
148     -hardened-sources-2.4.26-r2.ebuild:
149     Version bump, fixed CAN 0497, see bug #56171.
150    
151 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
152    
153     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
154 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
155 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
156     +files/2.4.26-CAN-2004-0535.patch,
157     -hardened-sources-2.4.26-r1.ebuild:
158     Fixes for both CAN 0495 and 0535, see bug #54976
159 pvdabeel 1.27
160 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
161     hardened-sources-2.4.26-r1.ebuild:
162     QA - fix use invocation
163 scox 1.28
164     *hardened-sources-2.4.26-r1 (22 June 2004)
165    
166     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
167     +hardened-sources-2.4.26-r1.ebuild,
168     +files/2.4.26-CAN-2004-0394.patch,
169     +files/2.4.26-signal-race.patch,
170     -hardened-sources-2.4.26.ebuild,
171     -hardened-sources-2.4.24-r3.ebuild:
172     Version bump for the CAN-2004-0394 issue and bug #53804
173     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
174    
175    
176 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
177     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
178     Masked hardened-sources-2.4.26.ebuild broken for ppc
179    
180     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
181     hardened-sources-2.4.24-r3.ebuild:
182     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
183 plasmaroo 1.25
184 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
185    
186     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
187     +hardened-sources-2.4.26.ebuild:
188     Updated hardened-sources for the 2.4.26 kernel
189     Removed broken components, updated almost everything.
190    
191 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
192    
193     17 Apr 2004; <plasmaroo@gentoo.org>
194     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
195     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
196     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
197     +hardened-sources-2.4.24-r3.ebuild:
198     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
199     vulnerabilities. Old revisions removed.
200 plasmaroo 1.24
201     *hardened-sources-2.4.24-r2 (15 Apr 2004)
202    
203     15 Apr 2004; <plasmaroo@gentoo.org>
204     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
205     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
206     Version bump for the CAN-2004-0109 issue; bug #47881.
207 aliz 1.23
208     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
209     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
210     Add eutils to inherit.
211 plasmaroo 1.22
212     *hardened-sources-2.4.24-r1 (19 Feb 2004)
213    
214     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
215     files/hardened-sources-2.4.24.munmap.patch:
216     Added the patch for the mremap/munmap vulnerability. Bug #42024.
217 scox 1.19
218 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
219 scox 1.26
220 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
221     hardened-sources-2.4.24.ebuild:
222     Version bump, updated most of the components.
223     This release includes the following:
224    
225     - Hardened security
226     - Netfilter patch-o-matic 20031219
227     - FreeSWAN 2.04 & x509 1.4.8
228     - EVMS 2.2.2
229     - XFS 1.3.1
230     - cryptoloop jari
231     - grsecurity 2.0-rc4
232     - SELinux
233     - PaX 200402060000
234     - PaX Obscurity 200308302223
235     - Others...
236    
237     Neither -ck nor systrace are included anymore.
238    
239 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
240    
241     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
242     hardened-sources-2.4.22-r2.ebuild:
243 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
244 scox 1.19
245     *hardened-sources-2.4.22-r1 (02 Dec 2003)
246 iggy 1.17
247     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
248 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
249 iggy 1.16
250     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
251 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
252     Version bump for the 'do_brk' vulnerability.
253 iggy 1.15
254     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
255     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
256     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
257     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
258 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
259 frogger 1.14
260     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
261     hardened-sources-2.4.22.ebuild:
262 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
263     components. These are no longer handled in the kernel
264     so this code was not necessary.
265 frogger 1.13
266     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
267     New 2.4.22 based hardened-sources thanks to
268     Phil West <p.west@computer.org>.
269    
270     These sources include:
271 plasmaroo 1.18 - New SELinux API
272     - Updated CK-base
273     - Updated GRSec
274     - Systrace
275     - SuperFreeS/WAN 1.99.8
276     - Propolice kernel build support
277     - EVMS
278     - Other various security related patches
279 frogger 1.11
280 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
281    
282     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
283     Updated hardened-sources based on the 2.4.21 Linux kernel.
284     This includes updates to most major components such as:
285 plasmaroo 1.18 - ck-base-0306300059
286     - selinux-2.4-2003071106
287     - grsecurity-2.0-rc1
288     - Updated IPTables patch-o-matic
289     - Updated SuperFreeS/WAN
290    
291 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
292     updated patch set ready for the 2.4.21 based kernel.
293    
294 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
295     Initial import of hardened-sources-2.4.20-r4. This revision
296     includes only a few changes, but one of these is an important
297     security fix. It is recommended all users of hardened-sources
298     upgrade to this release.
299 plasmaroo 1.18
300 frogger 1.11 - ioperm bug fix
301     - fixed compilation failure when building without GRSec
302 plasmaroo 1.18
303 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
304     due to time constraints, but is planned for inclusion in the near
305     future.
306 msterret 1.10
307     *hardened-sources-2.4.20-r2 (12 Jun 2003)
308    
309     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
310     hardened-sources-2.4.20-r3.ebuild:
311 plasmaroo 1.18 Add Header...
312 frogger 1.9
313     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
314     hardened-sources-2.4.20-r3.ebuild:
315     Removed warnings from ebuild. This kernel should be safe to
316     use at this point.
317 frogger 1.8
318     *hardened-sources-2.4.20-r3 (08 Jun 2003)
319    
320     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
321     hardened-sources-2.4.20-r3.ebuild:
322     New revision. Includes the following changes over -r2:
323 plasmaroo 1.18
324 frogger 1.8 - ck7-base (O(1), preempt, low latency)
325     - Super FreeS/WAN 1.99.7rc2
326     - PaX for the LSM/SELinux branch
327     - GRSecurity 2.0-pre4 (role based access control)
328     - Systrace 1.3
329     - EXT3 fixes
330     - EVMS 2.0.1
331     - GCC 3.1+ compile optimizations
332     - ProPolice kernel build support
333     - Hashing table security fixes
334 frogger 1.3
335     *hardened-sources-2.4.20-r1 (09 Apr 2003)
336 frogger 1.7
337     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
338     Initial import of hardened-sources-r2. This new
339     ebuild includes many new performance and security
340     related patches. As in -r1, it will patch in
341     LSM/SELinux if "selinux" is in USE, otherwise it
342     will patch in GRSecurity. The following patches
343     are included in this revision:
344 plasmaroo 1.18
345 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
346     (pulled from the base CK patch)
347     - ptrace exploit patch for the LSM kernel
348     (the GRSec patch already fixes this)
349     - LSM 2.4-2003040709
350     - SELinux 2.4-2003040709
351     - Systrace v1.2
352     - IPTables patch-o-matic base patches - 20030107
353     - CryptoAPI 2.4.20.1 w/ loop-jari patch
354     - Super FreeS/WAN 1.99.6.1
355     - GRSecurity 1.9.9g
356     - MPPE
357     - EXT3 data journal fix
358     - CIPE 1.5.4
359 frogger 1.6
360     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
361     hardened-sources-2.4.20-r1.ebuild, manifest:
362 plasmaroo 1.18 Updated to install flask components correctly for selinux.
363 frogger 1.5
364     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
365     hardened-sources-2.4.20-r1.ebuild:
366     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
367     is patched in instead. Ptrace patches for selinux have also been added. In
368     either case, systrace support will be patched in as well.
369 frogger 1.3
370     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
371     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
372 plasmaroo 1.18 Revision bump for new sources.
373 frogger 1.4
374 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
375 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
376 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
377 method 1.1
378 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
379    
380 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
381     hardened-sources-2.4.20.ebuild:
382 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20