/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.81 - (hide annotations) (download)
Tue Mar 28 16:04:59 2006 UTC (8 years, 7 months ago) by nixnut
Branch: MAIN
Changes since 1.80: +4 -1 lines
Stable on ppc. Bug 127718
(Portage version: 2.1_pre5-r4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.81 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.80 2006/03/15 21:52:25 johnm Exp $
4    
5     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
6     Stable on ppc. Bug #127718
7 johnm 1.80
8     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
9     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
10     -hardened-sources-2.6.14-r4.ebuild:
11     Cleanup.
12 johnm 1.79
13     *hardened-sources-2.6.14-r6 (15 Mar 2006)
14    
15     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
16     +hardened-sources-2.6.14-r6.ebuild:
17     Fixes grsec policy recreation bug and adds a
18     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
19 solar 1.78
20     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
21     - stable on x86
22 hansmi 1.77
23     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
24     hardened-sources-2.6.14-r5.ebuild:
25     Stable on ppc.
26 johnm 1.76
27     *hardened-sources-2.6.14-r5 (01 Feb 2006)
28    
29     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
30     +hardened-sources-2.6.14-r5.ebuild:
31     fixing every known exploit
32 solar 1.75
33     *hardened-sources-2.4.32-r2 (26 Jan 2006)
34    
35     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
36     +hardened-sources-2.4.32-r2.ebuild:
37     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
38 solar 1.74
39     *hardened-sources-2.6.14-r4 (12 Jan 2006)
40    
41     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
42     - version bump for new genpatches which fix up a few sec holes
43 solar 1.73
44     *hardened-sources-2.4.32-r1 (05 Jan 2006)
45    
46     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
47     - revision bump to add misc vital linux kernel security patches.
48 johnm 1.72
49     *hardened-sources-2.6.14-r3 (30 Dec 2005)
50    
51     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
52     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
53     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
54 johnm 1.71
55     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
56     hardened-sources-2.6.14-r2.ebuild:
57     making x86 & amd64 stable following testing.
58 johnm 1.70
59     *hardened-sources-2.6.14-r2 (27 Dec 2005)
60    
61     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
62     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
63     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
64     network hooks.
65 johnm 1.69
66     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
67     hardened-sources-2.6.14-r1.ebuild:
68     bumping to stable early for sec fix on x86 & amd64
69 johnm 1.68
70     *hardened-sources-2.6.14-r1 (05 Dec 2005)
71    
72     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
73     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
74     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
75 solar 1.67
76     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
77     - stable on x86 security bug #114227 CAN-2005-3257
78 kang 1.66
79     *hardened-sources-2.4.32 (19 Nov 2005)
80    
81     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
82     +hardened-sources-2.4.32.ebuild:
83     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
84     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
85     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
86     rsbac >> /etc/portage/package.use)
87 johnm 1.65
88     *hardened-sources-2.6.14 (14 Nov 2005)
89    
90     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
91     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
92     Bumping 2.6 series to 2.6.14.2
93 johnm 1.64
94     *hardened-sources-2.6.13-r2 (20 Oct 2005)
95    
96     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
97     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
98     +hardened-sources-2.6.13-r2.ebuild:
99     Fixes minor build error in ppc.
100 johnm 1.63
101     *hardened-sources-2.6.13-r1 (17 Oct 2005)
102    
103     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
104     +hardened-sources-2.6.13-r1.ebuild:
105     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
106     2.6.13.4, fixes some major amd64 stability problems.
107 johnm 1.62
108     *hardened-sources-2.6.13 (16 Sep 2005)
109    
110     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
111     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
112     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
113     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
114     users should test this thoroughly.
115 solar 1.61
116     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
117     - stable on x86
118 johnm 1.60
119     *hardened-sources-2.6.11-r15 (27 Jun 2005)
120    
121     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
122     +hardened-sources-2.6.11-r15.ebuild:
123     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
124     grsec redefining curr_ip struct.
125 solar 1.59
126     *hardened-sources-2.4.31 (20 Jun 2005)
127    
128     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
129     initial import of 2.4.31 tree
130 johnm 1.58
131     *hardened-sources-2.6.11-r14 (14 Jun 2005)
132    
133     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
134     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
135     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
136     naming scheme to abide by genpatches
137 johnm 1.57
138     *hardened-sources-2.6.11-r13 (18 May 2005)
139    
140     18 May 2005; John Mylchreest <johnm@gentoo.org>
141     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
142     Managed to mangle the Makefile patch from grsec, to miss out the grsec
143     target. sorry about that. Fixes bug #93022
144 johnm 1.56
145     *hardened-sources-2.6.11-r12 (17 May 2005)
146    
147     17 May 2005; John Mylchreest <johnm@gentoo.org>
148     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
149     +hardened-sources-2.6.11-r12.ebuild:
150     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
151     merges in genpatches-base
152 johnm 1.55
153     *hardened-sources-2.6.11-r12 (17 May 2005)
154    
155     17 May 2005; John Mylchreest <johnm@gentoo.org>
156     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
157     +hardened-sources-2.6.11-r12.ebuild:
158     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
159     merges in genpatches-base
160 solar 1.54
161     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
162     -files/2.4.27-cmdline-race.patch,
163     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
164     -files/2.4.28-grsec-binfmt_a.out.patch,
165     -files/2.4.28-grsec-cmdline-race.patch,
166     -files/2.4.28-selinux-binfmt_a.out.patch,
167     -files/2.4.28-selinux-cmdline-race.patch,
168     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
169     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
170     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
171     cleanup..
172 solar 1.53
173     *hardened-sources-2.4.30-r1 (21 Apr 2005)
174    
175     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
176     - disable aout by default
177 solar 1.52
178     *hardened-sources-2.4.30 (18 Apr 2005)
179    
180     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
181     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
182     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
183     use
184 tocharian 1.50
185 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
186    
187     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
188     +hardened-sources-2.4.29.ebuild:
189     New hardened-patches-2.4-29.0 patchball.
190     Removed SELinux support, upgraded GRSecurity to 2.1.4.
191    
192     *hardened-sources-2.4.28-r5 (06 Mar 2005)
193    
194     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
195     +hardened-sources-2.4.28-r5.ebuild:
196     Added a fix for a PaX vulnerability.
197    
198     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
199 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
200     Stable on x86
201 solar 1.49
202     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
203     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
204     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
205     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
206     - fixed/added RDEPEND= in all kernel-2 ebuilds
207 tocharian 1.48
208     *hardened-sources-2.4.28-r4 (21 Jan 2005)
209    
210     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
211     +hardened-sources-2.4.28-r4.ebuild:
212     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
213     backport of neighbour hash updates.
214 tocharian 1.47
215     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
216     hardened-sources-2.4.28-r3.ebuild:
217     Stable on x86
218 tseng 1.46
219     *hardened-sources-2.6.10-r3 (20 Jan 2005)
220    
221     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
222     +hardened-sources-2.6.10-r3.ebuild:
223     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
224     in 2005.0
225 tocharian 1.45
226     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
227     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
228     hardened-sources-2.4.28-r2.ebuild:
229     Mark stable on x86
230 tocharian 1.44
231     *hardened-sources-2.4.28-r3 (17 Jan 2005)
232    
233     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
234     +hardened-sources-2.4.28-r3.ebuild:
235     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
236 tocharian 1.43
237     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
238     hardened-sources-2.4.28.ebuild:
239     Mark stable on x86.
240 tocharian 1.42
241     *hardened-sources-2.4.28-r2 (13 Jan 2005)
242    
243     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
244     +hardened-sources-2.4.28-r2.ebuild:
245     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
246     Mazinger for grsecurity patches as well.
247 plasmaroo 1.41
248     *hardened-sources-2.4.28-r1 (23 Dec 2004)
249    
250     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
251     Security bump. Thank tocharian for rolling a new patchset...
252 solar 1.40
253     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
254     +files/2.4.28-grsec-cmdline-race.patch,
255     +files/2.4.28-selinux-binfmt_a.out.patch,
256     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
257     - Round up remaining security patches that appear to be missing in 2.4.28. -
258     PaX standalone updated to current. hgpv=28.1
259 solar 1.39
260     *hardened-sources-2.4.28 (28 Nov 2004)
261    
262     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
263     security bump. Thank tocharian for rolling a new patchset
264 scox 1.31
265 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
266    
267     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
268     +hardened-sources-2.4.27-r3.ebuild:
269     Applies the new 2.4-27.2 patchball which updates
270     GRSecurity to the 2.0.1 version.
271    
272 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
273    
274     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
275     +hardened-sources-2.4.27-r2.ebuild:
276     Version bump.
277     This version uses the new 2.4-27.1 patchball which updates
278     both the SELinux PaX hooks patch and the SELinux headers.
279    
280 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
281    
282     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
283     +hardened-sources-2.4.27-r1.ebuild,
284     -hardened-sources-2.4.27.ebuild,
285     +files/2.4.27-cmdline-race.patch:
286     Version bump, fix for cmdline race. See bug #59905.
287    
288     *hardened-sources-2.4.26-r6 (09 Aug 2004)
289    
290     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
291     +hardened-sources-2.4.26-r6.ebuild,
292     -hardened-sources-2.4.26-r5.ebuild,
293     -hardened-sources-2.4.26-r4.ebuild,
294     +files/2.4.26-cmdline-race.patch:
295     Version bump, fix for cmdline race. See bug #59905.
296    
297 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
298    
299     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
300     +hardened-sources-2.4.27.ebuild,
301     +files/2.4.27-CAN-2004-0394.patch:
302     Ported the patchball to the 2.4.27 kernel version.
303    
304 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
305    
306     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
307     +hardened-sources-2.4.26-r5.ebuild:
308 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
309 scox 1.34 It adds the following features:
310     - Squashfs
311     - Ebtables
312     - Netdev random (core+drivers)
313     - Watchdog Timer (WDT) fix.
314    
315 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
316    
317     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
318     +hardened-sources-2.4.26-r4.ebuild,
319     +files/2.4.26-CAN-2004-0415.patch,
320     -hardened-sources-2.4.26-3:
321     Version bump, fix for CAN 0415, see bug #59378.
322    
323 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
324    
325     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
326     +hardened-sources-2.4.26-r3.ebuild,
327     +files/2.4.26-CAN-2004-0497.patch,
328     -hardened-sources-2.4.26-r2.ebuild:
329     Version bump, fixed CAN 0497, see bug #56171.
330    
331 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
332    
333     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
334 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
335 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
336     +files/2.4.26-CAN-2004-0535.patch,
337     -hardened-sources-2.4.26-r1.ebuild:
338     Fixes for both CAN 0495 and 0535, see bug #54976
339 pvdabeel 1.27
340 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
341     hardened-sources-2.4.26-r1.ebuild:
342     QA - fix use invocation
343 scox 1.28
344     *hardened-sources-2.4.26-r1 (22 June 2004)
345    
346     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
347     +hardened-sources-2.4.26-r1.ebuild,
348     +files/2.4.26-CAN-2004-0394.patch,
349     +files/2.4.26-signal-race.patch,
350     -hardened-sources-2.4.26.ebuild,
351     -hardened-sources-2.4.24-r3.ebuild:
352     Version bump for the CAN-2004-0394 issue and bug #53804
353     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
354    
355    
356 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
357     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
358     Masked hardened-sources-2.4.26.ebuild broken for ppc
359    
360     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
361     hardened-sources-2.4.24-r3.ebuild:
362     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
363 plasmaroo 1.25
364 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
365    
366     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
367     +hardened-sources-2.4.26.ebuild:
368     Updated hardened-sources for the 2.4.26 kernel
369     Removed broken components, updated almost everything.
370    
371 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
372    
373     17 Apr 2004; <plasmaroo@gentoo.org>
374     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
375     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
376     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
377     +hardened-sources-2.4.24-r3.ebuild:
378     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
379     vulnerabilities. Old revisions removed.
380 plasmaroo 1.24
381     *hardened-sources-2.4.24-r2 (15 Apr 2004)
382    
383     15 Apr 2004; <plasmaroo@gentoo.org>
384     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
385     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
386     Version bump for the CAN-2004-0109 issue; bug #47881.
387 aliz 1.23
388     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
389     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
390     Add eutils to inherit.
391 plasmaroo 1.22
392     *hardened-sources-2.4.24-r1 (19 Feb 2004)
393    
394     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
395     files/hardened-sources-2.4.24.munmap.patch:
396     Added the patch for the mremap/munmap vulnerability. Bug #42024.
397 scox 1.19
398 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
399 scox 1.26
400 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
401     hardened-sources-2.4.24.ebuild:
402     Version bump, updated most of the components.
403     This release includes the following:
404    
405     - Hardened security
406     - Netfilter patch-o-matic 20031219
407     - FreeSWAN 2.04 & x509 1.4.8
408     - EVMS 2.2.2
409     - XFS 1.3.1
410     - cryptoloop jari
411     - grsecurity 2.0-rc4
412     - SELinux
413     - PaX 200402060000
414     - PaX Obscurity 200308302223
415     - Others...
416    
417     Neither -ck nor systrace are included anymore.
418    
419 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
420    
421     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
422     hardened-sources-2.4.22-r2.ebuild:
423 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
424 scox 1.19
425     *hardened-sources-2.4.22-r1 (02 Dec 2003)
426 iggy 1.17
427     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
428 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
429 iggy 1.16
430     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
431 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
432     Version bump for the 'do_brk' vulnerability.
433 iggy 1.15
434     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
435     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
436     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
437     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
438 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
439 frogger 1.14
440     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
441     hardened-sources-2.4.22.ebuild:
442 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
443     components. These are no longer handled in the kernel
444     so this code was not necessary.
445 frogger 1.13
446     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
447     New 2.4.22 based hardened-sources thanks to
448     Phil West <p.west@computer.org>.
449    
450     These sources include:
451 plasmaroo 1.18 - New SELinux API
452     - Updated CK-base
453     - Updated GRSec
454     - Systrace
455     - SuperFreeS/WAN 1.99.8
456     - Propolice kernel build support
457     - EVMS
458     - Other various security related patches
459 frogger 1.11
460 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
461    
462     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
463     Updated hardened-sources based on the 2.4.21 Linux kernel.
464     This includes updates to most major components such as:
465 plasmaroo 1.18 - ck-base-0306300059
466     - selinux-2.4-2003071106
467     - grsecurity-2.0-rc1
468     - Updated IPTables patch-o-matic
469     - Updated SuperFreeS/WAN
470    
471 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
472     updated patch set ready for the 2.4.21 based kernel.
473    
474 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
475     Initial import of hardened-sources-2.4.20-r4. This revision
476     includes only a few changes, but one of these is an important
477     security fix. It is recommended all users of hardened-sources
478     upgrade to this release.
479 plasmaroo 1.18
480 frogger 1.11 - ioperm bug fix
481     - fixed compilation failure when building without GRSec
482 plasmaroo 1.18
483 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
484     due to time constraints, but is planned for inclusion in the near
485     future.
486 msterret 1.10
487     *hardened-sources-2.4.20-r2 (12 Jun 2003)
488    
489     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
490     hardened-sources-2.4.20-r3.ebuild:
491 plasmaroo 1.18 Add Header...
492 frogger 1.9
493     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
494     hardened-sources-2.4.20-r3.ebuild:
495     Removed warnings from ebuild. This kernel should be safe to
496     use at this point.
497 frogger 1.8
498     *hardened-sources-2.4.20-r3 (08 Jun 2003)
499    
500     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
501     hardened-sources-2.4.20-r3.ebuild:
502     New revision. Includes the following changes over -r2:
503 plasmaroo 1.18
504 frogger 1.8 - ck7-base (O(1), preempt, low latency)
505     - Super FreeS/WAN 1.99.7rc2
506     - PaX for the LSM/SELinux branch
507     - GRSecurity 2.0-pre4 (role based access control)
508     - Systrace 1.3
509     - EXT3 fixes
510     - EVMS 2.0.1
511     - GCC 3.1+ compile optimizations
512     - ProPolice kernel build support
513     - Hashing table security fixes
514 frogger 1.3
515     *hardened-sources-2.4.20-r1 (09 Apr 2003)
516 frogger 1.7
517     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
518     Initial import of hardened-sources-r2. This new
519     ebuild includes many new performance and security
520     related patches. As in -r1, it will patch in
521     LSM/SELinux if "selinux" is in USE, otherwise it
522     will patch in GRSecurity. The following patches
523     are included in this revision:
524 plasmaroo 1.18
525 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
526     (pulled from the base CK patch)
527     - ptrace exploit patch for the LSM kernel
528     (the GRSec patch already fixes this)
529     - LSM 2.4-2003040709
530     - SELinux 2.4-2003040709
531     - Systrace v1.2
532     - IPTables patch-o-matic base patches - 20030107
533     - CryptoAPI 2.4.20.1 w/ loop-jari patch
534     - Super FreeS/WAN 1.99.6.1
535     - GRSecurity 1.9.9g
536     - MPPE
537     - EXT3 data journal fix
538     - CIPE 1.5.4
539 frogger 1.6
540     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
541     hardened-sources-2.4.20-r1.ebuild, manifest:
542 plasmaroo 1.18 Updated to install flask components correctly for selinux.
543 frogger 1.5
544     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
545     hardened-sources-2.4.20-r1.ebuild:
546     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
547     is patched in instead. Ptrace patches for selinux have also been added. In
548     either case, systrace support will be patched in as well.
549 frogger 1.3
550     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
551     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
552 plasmaroo 1.18 Revision bump for new sources.
553 frogger 1.4
554 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
555 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
556 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
557 method 1.1
558 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
559    
560 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
561     hardened-sources-2.4.20.ebuild:
562 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20