/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.87 - (hide annotations) (download)
Fri Apr 14 18:48:29 2006 UTC (8 years, 7 months ago) by johnm
Branch: MAIN
Changes since 1.86: +7 -1 lines
Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
(Portage version: 2.1_pre7-r5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 johnm 1.87 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.86 2006/04/13 09:25:25 johnm Exp $
4    
5     *hardened-sources-2.6.14-r7 (14 Apr 2006)
6    
7     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
8     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
9     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
10 johnm 1.86
11     *hardened-sources-2.6.16-r2 (13 Apr 2006)
12    
13     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
14     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
15     +hardened-sources-2.6.16-r2.ebuild:
16     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
17     labels, dropping USERGROUP define fixes, since these were merged mainstream.
18 johnm 1.85
19     *hardened-sources-2.6.16-r1 (11 Apr 2006)
20    
21     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
22     +hardened-sources-2.6.16-r1.ebuild:
23     Bumping to include ppc build fix and 2.6.16.3
24 tsunam 1.84
25     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
26     hardened-sources-2.6.14-r6.ebuild:
27     Stable on x86; bug #127718
28 johnm 1.83
29     *hardened-sources-2.6.16 (31 Mar 2006)
30    
31     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
32     +hardened-sources-2.6.16.ebuild:
33     Bumping to new version of grsec, and kernel base. New squashfs. Based on
34     2.6.16.1
35 cryos 1.82
36     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
37     hardened-sources-2.6.14-r6.ebuild:
38     Stable on amd64, bug 127718.
39 nixnut 1.81
40     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
41     Stable on ppc. Bug #127718
42 johnm 1.80
43     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
44     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
45     -hardened-sources-2.6.14-r4.ebuild:
46     Cleanup.
47 johnm 1.79
48     *hardened-sources-2.6.14-r6 (15 Mar 2006)
49    
50     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
51     +hardened-sources-2.6.14-r6.ebuild:
52     Fixes grsec policy recreation bug and adds a
53     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
54 solar 1.78
55     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
56     - stable on x86
57 hansmi 1.77
58     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
59     hardened-sources-2.6.14-r5.ebuild:
60     Stable on ppc.
61 johnm 1.76
62     *hardened-sources-2.6.14-r5 (01 Feb 2006)
63    
64     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
65     +hardened-sources-2.6.14-r5.ebuild:
66     fixing every known exploit
67 solar 1.75
68     *hardened-sources-2.4.32-r2 (26 Jan 2006)
69    
70     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
71     +hardened-sources-2.4.32-r2.ebuild:
72     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
73 solar 1.74
74     *hardened-sources-2.6.14-r4 (12 Jan 2006)
75    
76     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
77     - version bump for new genpatches which fix up a few sec holes
78 solar 1.73
79     *hardened-sources-2.4.32-r1 (05 Jan 2006)
80    
81     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
82     - revision bump to add misc vital linux kernel security patches.
83 johnm 1.72
84     *hardened-sources-2.6.14-r3 (30 Dec 2005)
85    
86     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
87     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
88     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
89 johnm 1.71
90     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
91     hardened-sources-2.6.14-r2.ebuild:
92     making x86 & amd64 stable following testing.
93 johnm 1.70
94     *hardened-sources-2.6.14-r2 (27 Dec 2005)
95    
96     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
97     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
98     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
99     network hooks.
100 johnm 1.69
101     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
102     hardened-sources-2.6.14-r1.ebuild:
103     bumping to stable early for sec fix on x86 & amd64
104 johnm 1.68
105     *hardened-sources-2.6.14-r1 (05 Dec 2005)
106    
107     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
108     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
109     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
110 solar 1.67
111     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
112     - stable on x86 security bug #114227 CAN-2005-3257
113 kang 1.66
114     *hardened-sources-2.4.32 (19 Nov 2005)
115    
116     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
117     +hardened-sources-2.4.32.ebuild:
118     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
119     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
120     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
121     rsbac >> /etc/portage/package.use)
122 johnm 1.65
123     *hardened-sources-2.6.14 (14 Nov 2005)
124    
125     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
126     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
127     Bumping 2.6 series to 2.6.14.2
128 johnm 1.64
129     *hardened-sources-2.6.13-r2 (20 Oct 2005)
130    
131     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
132     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
133     +hardened-sources-2.6.13-r2.ebuild:
134     Fixes minor build error in ppc.
135 johnm 1.63
136     *hardened-sources-2.6.13-r1 (17 Oct 2005)
137    
138     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
139     +hardened-sources-2.6.13-r1.ebuild:
140     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
141     2.6.13.4, fixes some major amd64 stability problems.
142 johnm 1.62
143     *hardened-sources-2.6.13 (16 Sep 2005)
144    
145     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
146     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
147     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
148     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
149     users should test this thoroughly.
150 solar 1.61
151     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
152     - stable on x86
153 johnm 1.60
154     *hardened-sources-2.6.11-r15 (27 Jun 2005)
155    
156     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
157     +hardened-sources-2.6.11-r15.ebuild:
158     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
159     grsec redefining curr_ip struct.
160 solar 1.59
161     *hardened-sources-2.4.31 (20 Jun 2005)
162    
163     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
164     initial import of 2.4.31 tree
165 johnm 1.58
166     *hardened-sources-2.6.11-r14 (14 Jun 2005)
167    
168     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
169     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
170     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
171     naming scheme to abide by genpatches
172 johnm 1.57
173     *hardened-sources-2.6.11-r13 (18 May 2005)
174    
175     18 May 2005; John Mylchreest <johnm@gentoo.org>
176     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
177     Managed to mangle the Makefile patch from grsec, to miss out the grsec
178     target. sorry about that. Fixes bug #93022
179 johnm 1.56
180     *hardened-sources-2.6.11-r12 (17 May 2005)
181    
182     17 May 2005; John Mylchreest <johnm@gentoo.org>
183     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
184     +hardened-sources-2.6.11-r12.ebuild:
185     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
186     merges in genpatches-base
187 johnm 1.55
188     *hardened-sources-2.6.11-r12 (17 May 2005)
189    
190     17 May 2005; John Mylchreest <johnm@gentoo.org>
191     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
192     +hardened-sources-2.6.11-r12.ebuild:
193     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
194     merges in genpatches-base
195 solar 1.54
196     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
197     -files/2.4.27-cmdline-race.patch,
198     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
199     -files/2.4.28-grsec-binfmt_a.out.patch,
200     -files/2.4.28-grsec-cmdline-race.patch,
201     -files/2.4.28-selinux-binfmt_a.out.patch,
202     -files/2.4.28-selinux-cmdline-race.patch,
203     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
204     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
205     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
206     cleanup..
207 solar 1.53
208     *hardened-sources-2.4.30-r1 (21 Apr 2005)
209    
210     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
211     - disable aout by default
212 solar 1.52
213     *hardened-sources-2.4.30 (18 Apr 2005)
214    
215     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
216     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
217     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
218     use
219 tocharian 1.50
220 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
221    
222     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
223     +hardened-sources-2.4.29.ebuild:
224     New hardened-patches-2.4-29.0 patchball.
225     Removed SELinux support, upgraded GRSecurity to 2.1.4.
226    
227     *hardened-sources-2.4.28-r5 (06 Mar 2005)
228    
229     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
230     +hardened-sources-2.4.28-r5.ebuild:
231     Added a fix for a PaX vulnerability.
232    
233     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
234 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
235     Stable on x86
236 solar 1.49
237     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
238     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
239     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
240     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
241     - fixed/added RDEPEND= in all kernel-2 ebuilds
242 tocharian 1.48
243     *hardened-sources-2.4.28-r4 (21 Jan 2005)
244    
245     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
246     +hardened-sources-2.4.28-r4.ebuild:
247     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
248     backport of neighbour hash updates.
249 tocharian 1.47
250     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
251     hardened-sources-2.4.28-r3.ebuild:
252     Stable on x86
253 tseng 1.46
254     *hardened-sources-2.6.10-r3 (20 Jan 2005)
255    
256     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
257     +hardened-sources-2.6.10-r3.ebuild:
258     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
259     in 2005.0
260 tocharian 1.45
261     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
262     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
263     hardened-sources-2.4.28-r2.ebuild:
264     Mark stable on x86
265 tocharian 1.44
266     *hardened-sources-2.4.28-r3 (17 Jan 2005)
267    
268     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
269     +hardened-sources-2.4.28-r3.ebuild:
270     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
271 tocharian 1.43
272     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
273     hardened-sources-2.4.28.ebuild:
274     Mark stable on x86.
275 tocharian 1.42
276     *hardened-sources-2.4.28-r2 (13 Jan 2005)
277    
278     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
279     +hardened-sources-2.4.28-r2.ebuild:
280     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
281     Mazinger for grsecurity patches as well.
282 plasmaroo 1.41
283     *hardened-sources-2.4.28-r1 (23 Dec 2004)
284    
285     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
286     Security bump. Thank tocharian for rolling a new patchset...
287 solar 1.40
288     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
289     +files/2.4.28-grsec-cmdline-race.patch,
290     +files/2.4.28-selinux-binfmt_a.out.patch,
291     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
292     - Round up remaining security patches that appear to be missing in 2.4.28. -
293     PaX standalone updated to current. hgpv=28.1
294 solar 1.39
295     *hardened-sources-2.4.28 (28 Nov 2004)
296    
297     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
298     security bump. Thank tocharian for rolling a new patchset
299 scox 1.31
300 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
301    
302     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
303     +hardened-sources-2.4.27-r3.ebuild:
304     Applies the new 2.4-27.2 patchball which updates
305     GRSecurity to the 2.0.1 version.
306    
307 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
308    
309     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
310     +hardened-sources-2.4.27-r2.ebuild:
311     Version bump.
312     This version uses the new 2.4-27.1 patchball which updates
313     both the SELinux PaX hooks patch and the SELinux headers.
314    
315 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
316    
317     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
318     +hardened-sources-2.4.27-r1.ebuild,
319     -hardened-sources-2.4.27.ebuild,
320     +files/2.4.27-cmdline-race.patch:
321     Version bump, fix for cmdline race. See bug #59905.
322    
323     *hardened-sources-2.4.26-r6 (09 Aug 2004)
324    
325     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
326     +hardened-sources-2.4.26-r6.ebuild,
327     -hardened-sources-2.4.26-r5.ebuild,
328     -hardened-sources-2.4.26-r4.ebuild,
329     +files/2.4.26-cmdline-race.patch:
330     Version bump, fix for cmdline race. See bug #59905.
331    
332 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
333    
334     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
335     +hardened-sources-2.4.27.ebuild,
336     +files/2.4.27-CAN-2004-0394.patch:
337     Ported the patchball to the 2.4.27 kernel version.
338    
339 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
340    
341     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
342     +hardened-sources-2.4.26-r5.ebuild:
343 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
344 scox 1.34 It adds the following features:
345     - Squashfs
346     - Ebtables
347     - Netdev random (core+drivers)
348     - Watchdog Timer (WDT) fix.
349    
350 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
351    
352     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
353     +hardened-sources-2.4.26-r4.ebuild,
354     +files/2.4.26-CAN-2004-0415.patch,
355     -hardened-sources-2.4.26-3:
356     Version bump, fix for CAN 0415, see bug #59378.
357    
358 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
359    
360     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
361     +hardened-sources-2.4.26-r3.ebuild,
362     +files/2.4.26-CAN-2004-0497.patch,
363     -hardened-sources-2.4.26-r2.ebuild:
364     Version bump, fixed CAN 0497, see bug #56171.
365    
366 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
367    
368     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
369 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
370 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
371     +files/2.4.26-CAN-2004-0535.patch,
372     -hardened-sources-2.4.26-r1.ebuild:
373     Fixes for both CAN 0495 and 0535, see bug #54976
374 pvdabeel 1.27
375 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
376     hardened-sources-2.4.26-r1.ebuild:
377     QA - fix use invocation
378 scox 1.28
379     *hardened-sources-2.4.26-r1 (22 June 2004)
380    
381     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
382     +hardened-sources-2.4.26-r1.ebuild,
383     +files/2.4.26-CAN-2004-0394.patch,
384     +files/2.4.26-signal-race.patch,
385     -hardened-sources-2.4.26.ebuild,
386     -hardened-sources-2.4.24-r3.ebuild:
387     Version bump for the CAN-2004-0394 issue and bug #53804
388     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
389    
390    
391 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
392     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
393     Masked hardened-sources-2.4.26.ebuild broken for ppc
394    
395     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
396     hardened-sources-2.4.24-r3.ebuild:
397     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
398 plasmaroo 1.25
399 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
400    
401     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
402     +hardened-sources-2.4.26.ebuild:
403     Updated hardened-sources for the 2.4.26 kernel
404     Removed broken components, updated almost everything.
405    
406 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
407    
408     17 Apr 2004; <plasmaroo@gentoo.org>
409     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
410     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
411     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
412     +hardened-sources-2.4.24-r3.ebuild:
413     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
414     vulnerabilities. Old revisions removed.
415 plasmaroo 1.24
416     *hardened-sources-2.4.24-r2 (15 Apr 2004)
417    
418     15 Apr 2004; <plasmaroo@gentoo.org>
419     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
420     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
421     Version bump for the CAN-2004-0109 issue; bug #47881.
422 aliz 1.23
423     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
424     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
425     Add eutils to inherit.
426 plasmaroo 1.22
427     *hardened-sources-2.4.24-r1 (19 Feb 2004)
428    
429     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
430     files/hardened-sources-2.4.24.munmap.patch:
431     Added the patch for the mremap/munmap vulnerability. Bug #42024.
432 scox 1.19
433 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
434 scox 1.26
435 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
436     hardened-sources-2.4.24.ebuild:
437     Version bump, updated most of the components.
438     This release includes the following:
439    
440     - Hardened security
441     - Netfilter patch-o-matic 20031219
442     - FreeSWAN 2.04 & x509 1.4.8
443     - EVMS 2.2.2
444     - XFS 1.3.1
445     - cryptoloop jari
446     - grsecurity 2.0-rc4
447     - SELinux
448     - PaX 200402060000
449     - PaX Obscurity 200308302223
450     - Others...
451    
452     Neither -ck nor systrace are included anymore.
453    
454 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
455    
456     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
457     hardened-sources-2.4.22-r2.ebuild:
458 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
459 scox 1.19
460     *hardened-sources-2.4.22-r1 (02 Dec 2003)
461 iggy 1.17
462     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
463 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
464 iggy 1.16
465     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
466 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
467     Version bump for the 'do_brk' vulnerability.
468 iggy 1.15
469     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
470     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
471     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
472     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
473 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
474 frogger 1.14
475     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
476     hardened-sources-2.4.22.ebuild:
477 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
478     components. These are no longer handled in the kernel
479     so this code was not necessary.
480 frogger 1.13
481     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
482     New 2.4.22 based hardened-sources thanks to
483     Phil West <p.west@computer.org>.
484    
485     These sources include:
486 plasmaroo 1.18 - New SELinux API
487     - Updated CK-base
488     - Updated GRSec
489     - Systrace
490     - SuperFreeS/WAN 1.99.8
491     - Propolice kernel build support
492     - EVMS
493     - Other various security related patches
494 frogger 1.11
495 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
496    
497     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
498     Updated hardened-sources based on the 2.4.21 Linux kernel.
499     This includes updates to most major components such as:
500 plasmaroo 1.18 - ck-base-0306300059
501     - selinux-2.4-2003071106
502     - grsecurity-2.0-rc1
503     - Updated IPTables patch-o-matic
504     - Updated SuperFreeS/WAN
505    
506 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
507     updated patch set ready for the 2.4.21 based kernel.
508    
509 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
510     Initial import of hardened-sources-2.4.20-r4. This revision
511     includes only a few changes, but one of these is an important
512     security fix. It is recommended all users of hardened-sources
513     upgrade to this release.
514 plasmaroo 1.18
515 frogger 1.11 - ioperm bug fix
516     - fixed compilation failure when building without GRSec
517 plasmaroo 1.18
518 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
519     due to time constraints, but is planned for inclusion in the near
520     future.
521 msterret 1.10
522     *hardened-sources-2.4.20-r2 (12 Jun 2003)
523    
524     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
525     hardened-sources-2.4.20-r3.ebuild:
526 plasmaroo 1.18 Add Header...
527 frogger 1.9
528     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
529     hardened-sources-2.4.20-r3.ebuild:
530     Removed warnings from ebuild. This kernel should be safe to
531     use at this point.
532 frogger 1.8
533     *hardened-sources-2.4.20-r3 (08 Jun 2003)
534    
535     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
536     hardened-sources-2.4.20-r3.ebuild:
537     New revision. Includes the following changes over -r2:
538 plasmaroo 1.18
539 frogger 1.8 - ck7-base (O(1), preempt, low latency)
540     - Super FreeS/WAN 1.99.7rc2
541     - PaX for the LSM/SELinux branch
542     - GRSecurity 2.0-pre4 (role based access control)
543     - Systrace 1.3
544     - EXT3 fixes
545     - EVMS 2.0.1
546     - GCC 3.1+ compile optimizations
547     - ProPolice kernel build support
548     - Hashing table security fixes
549 frogger 1.3
550     *hardened-sources-2.4.20-r1 (09 Apr 2003)
551 frogger 1.7
552     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
553     Initial import of hardened-sources-r2. This new
554     ebuild includes many new performance and security
555     related patches. As in -r1, it will patch in
556     LSM/SELinux if "selinux" is in USE, otherwise it
557     will patch in GRSecurity. The following patches
558     are included in this revision:
559 plasmaroo 1.18
560 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
561     (pulled from the base CK patch)
562     - ptrace exploit patch for the LSM kernel
563     (the GRSec patch already fixes this)
564     - LSM 2.4-2003040709
565     - SELinux 2.4-2003040709
566     - Systrace v1.2
567     - IPTables patch-o-matic base patches - 20030107
568     - CryptoAPI 2.4.20.1 w/ loop-jari patch
569     - Super FreeS/WAN 1.99.6.1
570     - GRSecurity 1.9.9g
571     - MPPE
572     - EXT3 data journal fix
573     - CIPE 1.5.4
574 frogger 1.6
575     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
576     hardened-sources-2.4.20-r1.ebuild, manifest:
577 plasmaroo 1.18 Updated to install flask components correctly for selinux.
578 frogger 1.5
579     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
580     hardened-sources-2.4.20-r1.ebuild:
581     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
582     is patched in instead. Ptrace patches for selinux have also been added. In
583     either case, systrace support will be patched in as well.
584 frogger 1.3
585     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
586     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
587 plasmaroo 1.18 Revision bump for new sources.
588 frogger 1.4
589 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
590 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
591 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
592 method 1.1
593 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
594    
595 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
596     hardened-sources-2.4.20.ebuild:
597 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20