/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.52 - (hide annotations) (download)
Tue Apr 19 01:01:00 2005 UTC (9 years, 8 months ago) by solar
Branch: MAIN
Changes since 1.51: +8 -1 lines
- 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded use
(Portage version: 2.0.51.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 tocharian 1.42 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.52 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.51 2005/03/30 08:04:58 scox Exp $
4    
5     *hardened-sources-2.4.30 (18 Apr 2005)
6    
7     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
8     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
9     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
10     use
11 tocharian 1.50
12 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
13    
14     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
15     +hardened-sources-2.4.29.ebuild:
16     New hardened-patches-2.4-29.0 patchball.
17     Removed SELinux support, upgraded GRSecurity to 2.1.4.
18    
19     *hardened-sources-2.4.28-r5 (06 Mar 2005)
20    
21     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
22     +hardened-sources-2.4.28-r5.ebuild:
23     Added a fix for a PaX vulnerability.
24    
25     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
26 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
27     Stable on x86
28 solar 1.49
29     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
30     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
31     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
32     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
33     - fixed/added RDEPEND= in all kernel-2 ebuilds
34 tocharian 1.48
35     *hardened-sources-2.4.28-r4 (21 Jan 2005)
36    
37     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
38     +hardened-sources-2.4.28-r4.ebuild:
39     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
40     backport of neighbour hash updates.
41 tocharian 1.47
42     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
43     hardened-sources-2.4.28-r3.ebuild:
44     Stable on x86
45 tseng 1.46
46     *hardened-sources-2.6.10-r3 (20 Jan 2005)
47    
48     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
49     +hardened-sources-2.6.10-r3.ebuild:
50     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
51     in 2005.0
52 tocharian 1.45
53     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
54     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
55     hardened-sources-2.4.28-r2.ebuild:
56     Mark stable on x86
57 tocharian 1.44
58     *hardened-sources-2.4.28-r3 (17 Jan 2005)
59    
60     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
61     +hardened-sources-2.4.28-r3.ebuild:
62     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
63 tocharian 1.43
64     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
65     hardened-sources-2.4.28.ebuild:
66     Mark stable on x86.
67 tocharian 1.42
68     *hardened-sources-2.4.28-r2 (13 Jan 2005)
69    
70     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
71     +hardened-sources-2.4.28-r2.ebuild:
72     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
73     Mazinger for grsecurity patches as well.
74 plasmaroo 1.41
75     *hardened-sources-2.4.28-r1 (23 Dec 2004)
76    
77     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
78     Security bump. Thank tocharian for rolling a new patchset...
79 solar 1.40
80     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
81     +files/2.4.28-grsec-cmdline-race.patch,
82     +files/2.4.28-selinux-binfmt_a.out.patch,
83     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
84     - Round up remaining security patches that appear to be missing in 2.4.28. -
85     PaX standalone updated to current. hgpv=28.1
86 solar 1.39
87     *hardened-sources-2.4.28 (28 Nov 2004)
88    
89     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
90     security bump. Thank tocharian for rolling a new patchset
91 scox 1.31
92 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
93    
94     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
95     +hardened-sources-2.4.27-r3.ebuild:
96     Applies the new 2.4-27.2 patchball which updates
97     GRSecurity to the 2.0.1 version.
98    
99 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
100    
101     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
102     +hardened-sources-2.4.27-r2.ebuild:
103     Version bump.
104     This version uses the new 2.4-27.1 patchball which updates
105     both the SELinux PaX hooks patch and the SELinux headers.
106    
107 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
108    
109     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
110     +hardened-sources-2.4.27-r1.ebuild,
111     -hardened-sources-2.4.27.ebuild,
112     +files/2.4.27-cmdline-race.patch:
113     Version bump, fix for cmdline race. See bug #59905.
114    
115     *hardened-sources-2.4.26-r6 (09 Aug 2004)
116    
117     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
118     +hardened-sources-2.4.26-r6.ebuild,
119     -hardened-sources-2.4.26-r5.ebuild,
120     -hardened-sources-2.4.26-r4.ebuild,
121     +files/2.4.26-cmdline-race.patch:
122     Version bump, fix for cmdline race. See bug #59905.
123    
124 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
125    
126     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
127     +hardened-sources-2.4.27.ebuild,
128     +files/2.4.27-CAN-2004-0394.patch:
129     Ported the patchball to the 2.4.27 kernel version.
130    
131 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
132    
133     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
134     +hardened-sources-2.4.26-r5.ebuild:
135 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
136 scox 1.34 It adds the following features:
137     - Squashfs
138     - Ebtables
139     - Netdev random (core+drivers)
140     - Watchdog Timer (WDT) fix.
141    
142 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
143    
144     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
145     +hardened-sources-2.4.26-r4.ebuild,
146     +files/2.4.26-CAN-2004-0415.patch,
147     -hardened-sources-2.4.26-3:
148     Version bump, fix for CAN 0415, see bug #59378.
149    
150 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
151    
152     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
153     +hardened-sources-2.4.26-r3.ebuild,
154     +files/2.4.26-CAN-2004-0497.patch,
155     -hardened-sources-2.4.26-r2.ebuild:
156     Version bump, fixed CAN 0497, see bug #56171.
157    
158 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
159    
160     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
161 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
162 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
163     +files/2.4.26-CAN-2004-0535.patch,
164     -hardened-sources-2.4.26-r1.ebuild:
165     Fixes for both CAN 0495 and 0535, see bug #54976
166 pvdabeel 1.27
167 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
168     hardened-sources-2.4.26-r1.ebuild:
169     QA - fix use invocation
170 scox 1.28
171     *hardened-sources-2.4.26-r1 (22 June 2004)
172    
173     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
174     +hardened-sources-2.4.26-r1.ebuild,
175     +files/2.4.26-CAN-2004-0394.patch,
176     +files/2.4.26-signal-race.patch,
177     -hardened-sources-2.4.26.ebuild,
178     -hardened-sources-2.4.24-r3.ebuild:
179     Version bump for the CAN-2004-0394 issue and bug #53804
180     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
181    
182    
183 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
184     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
185     Masked hardened-sources-2.4.26.ebuild broken for ppc
186    
187     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
188     hardened-sources-2.4.24-r3.ebuild:
189     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
190 plasmaroo 1.25
191 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
192    
193     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
194     +hardened-sources-2.4.26.ebuild:
195     Updated hardened-sources for the 2.4.26 kernel
196     Removed broken components, updated almost everything.
197    
198 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
199    
200     17 Apr 2004; <plasmaroo@gentoo.org>
201     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
202     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
203     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
204     +hardened-sources-2.4.24-r3.ebuild:
205     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
206     vulnerabilities. Old revisions removed.
207 plasmaroo 1.24
208     *hardened-sources-2.4.24-r2 (15 Apr 2004)
209    
210     15 Apr 2004; <plasmaroo@gentoo.org>
211     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
212     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
213     Version bump for the CAN-2004-0109 issue; bug #47881.
214 aliz 1.23
215     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
216     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
217     Add eutils to inherit.
218 plasmaroo 1.22
219     *hardened-sources-2.4.24-r1 (19 Feb 2004)
220    
221     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
222     files/hardened-sources-2.4.24.munmap.patch:
223     Added the patch for the mremap/munmap vulnerability. Bug #42024.
224 scox 1.19
225 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
226 scox 1.26
227 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
228     hardened-sources-2.4.24.ebuild:
229     Version bump, updated most of the components.
230     This release includes the following:
231    
232     - Hardened security
233     - Netfilter patch-o-matic 20031219
234     - FreeSWAN 2.04 & x509 1.4.8
235     - EVMS 2.2.2
236     - XFS 1.3.1
237     - cryptoloop jari
238     - grsecurity 2.0-rc4
239     - SELinux
240     - PaX 200402060000
241     - PaX Obscurity 200308302223
242     - Others...
243    
244     Neither -ck nor systrace are included anymore.
245    
246 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
247    
248     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
249     hardened-sources-2.4.22-r2.ebuild:
250 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
251 scox 1.19
252     *hardened-sources-2.4.22-r1 (02 Dec 2003)
253 iggy 1.17
254     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
255 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
256 iggy 1.16
257     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
258 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
259     Version bump for the 'do_brk' vulnerability.
260 iggy 1.15
261     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
262     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
263     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
264     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
265 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
266 frogger 1.14
267     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
268     hardened-sources-2.4.22.ebuild:
269 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
270     components. These are no longer handled in the kernel
271     so this code was not necessary.
272 frogger 1.13
273     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
274     New 2.4.22 based hardened-sources thanks to
275     Phil West <p.west@computer.org>.
276    
277     These sources include:
278 plasmaroo 1.18 - New SELinux API
279     - Updated CK-base
280     - Updated GRSec
281     - Systrace
282     - SuperFreeS/WAN 1.99.8
283     - Propolice kernel build support
284     - EVMS
285     - Other various security related patches
286 frogger 1.11
287 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
288    
289     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
290     Updated hardened-sources based on the 2.4.21 Linux kernel.
291     This includes updates to most major components such as:
292 plasmaroo 1.18 - ck-base-0306300059
293     - selinux-2.4-2003071106
294     - grsecurity-2.0-rc1
295     - Updated IPTables patch-o-matic
296     - Updated SuperFreeS/WAN
297    
298 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
299     updated patch set ready for the 2.4.21 based kernel.
300    
301 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
302     Initial import of hardened-sources-2.4.20-r4. This revision
303     includes only a few changes, but one of these is an important
304     security fix. It is recommended all users of hardened-sources
305     upgrade to this release.
306 plasmaroo 1.18
307 frogger 1.11 - ioperm bug fix
308     - fixed compilation failure when building without GRSec
309 plasmaroo 1.18
310 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
311     due to time constraints, but is planned for inclusion in the near
312     future.
313 msterret 1.10
314     *hardened-sources-2.4.20-r2 (12 Jun 2003)
315    
316     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
317     hardened-sources-2.4.20-r3.ebuild:
318 plasmaroo 1.18 Add Header...
319 frogger 1.9
320     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
321     hardened-sources-2.4.20-r3.ebuild:
322     Removed warnings from ebuild. This kernel should be safe to
323     use at this point.
324 frogger 1.8
325     *hardened-sources-2.4.20-r3 (08 Jun 2003)
326    
327     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
328     hardened-sources-2.4.20-r3.ebuild:
329     New revision. Includes the following changes over -r2:
330 plasmaroo 1.18
331 frogger 1.8 - ck7-base (O(1), preempt, low latency)
332     - Super FreeS/WAN 1.99.7rc2
333     - PaX for the LSM/SELinux branch
334     - GRSecurity 2.0-pre4 (role based access control)
335     - Systrace 1.3
336     - EXT3 fixes
337     - EVMS 2.0.1
338     - GCC 3.1+ compile optimizations
339     - ProPolice kernel build support
340     - Hashing table security fixes
341 frogger 1.3
342     *hardened-sources-2.4.20-r1 (09 Apr 2003)
343 frogger 1.7
344     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
345     Initial import of hardened-sources-r2. This new
346     ebuild includes many new performance and security
347     related patches. As in -r1, it will patch in
348     LSM/SELinux if "selinux" is in USE, otherwise it
349     will patch in GRSecurity. The following patches
350     are included in this revision:
351 plasmaroo 1.18
352 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
353     (pulled from the base CK patch)
354     - ptrace exploit patch for the LSM kernel
355     (the GRSec patch already fixes this)
356     - LSM 2.4-2003040709
357     - SELinux 2.4-2003040709
358     - Systrace v1.2
359     - IPTables patch-o-matic base patches - 20030107
360     - CryptoAPI 2.4.20.1 w/ loop-jari patch
361     - Super FreeS/WAN 1.99.6.1
362     - GRSecurity 1.9.9g
363     - MPPE
364     - EXT3 data journal fix
365     - CIPE 1.5.4
366 frogger 1.6
367     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
368     hardened-sources-2.4.20-r1.ebuild, manifest:
369 plasmaroo 1.18 Updated to install flask components correctly for selinux.
370 frogger 1.5
371     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
372     hardened-sources-2.4.20-r1.ebuild:
373     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
374     is patched in instead. Ptrace patches for selinux have also been added. In
375     either case, systrace support will be patched in as well.
376 frogger 1.3
377     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
378     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
379 plasmaroo 1.18 Revision bump for new sources.
380 frogger 1.4
381 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
382 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
383 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
384 method 1.1
385 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
386    
387 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
388     hardened-sources-2.4.20.ebuild:
389 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20