/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.90 - (hide annotations) (download)
Thu Apr 20 17:48:26 2006 UTC (8 years, 4 months ago) by johnm
Branch: MAIN
Changes since 1.89: +8 -1 lines
Fix numerous security vulns
(Portage version: 2.1_pre9-r1)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 johnm 1.90 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.89 2006/04/17 02:37:10 solar Exp $
4    
5     *hardened-sources-2.6.16-r4 (20 Apr 2006)
6    
7     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
8     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
9     +hardened-sources-2.6.16-r4.ebuild:
10     Fix numerous security vulns
11 solar 1.89
12     *hardened-sources-2.4.32-r3 (16 Apr 2006)
13    
14     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
15     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
16     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
17     - security bump for bug #112791. Removed old ebuilds
18 johnm 1.88
19     *hardened-sources-2.6.16-r3 (15 Apr 2006)
20    
21     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
22     +hardened-sources-2.6.16-r3.ebuild:
23     Removing silly localversion which I missed
24 johnm 1.87
25     *hardened-sources-2.6.14-r7 (14 Apr 2006)
26    
27     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
28     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
29     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
30 johnm 1.86
31     *hardened-sources-2.6.16-r2 (13 Apr 2006)
32    
33     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
34     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
35     +hardened-sources-2.6.16-r2.ebuild:
36     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
37     labels, dropping USERGROUP define fixes, since these were merged mainstream.
38 johnm 1.85
39     *hardened-sources-2.6.16-r1 (11 Apr 2006)
40    
41     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
42     +hardened-sources-2.6.16-r1.ebuild:
43     Bumping to include ppc build fix and 2.6.16.3
44 tsunam 1.84
45     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
46     hardened-sources-2.6.14-r6.ebuild:
47     Stable on x86; bug #127718
48 johnm 1.83
49     *hardened-sources-2.6.16 (31 Mar 2006)
50    
51     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
52     +hardened-sources-2.6.16.ebuild:
53     Bumping to new version of grsec, and kernel base. New squashfs. Based on
54     2.6.16.1
55 cryos 1.82
56     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
57     hardened-sources-2.6.14-r6.ebuild:
58     Stable on amd64, bug 127718.
59 nixnut 1.81
60     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
61     Stable on ppc. Bug #127718
62 johnm 1.80
63     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
64     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
65     -hardened-sources-2.6.14-r4.ebuild:
66     Cleanup.
67 johnm 1.79
68     *hardened-sources-2.6.14-r6 (15 Mar 2006)
69    
70     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
71     +hardened-sources-2.6.14-r6.ebuild:
72     Fixes grsec policy recreation bug and adds a
73     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
74 solar 1.78
75     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
76     - stable on x86
77 hansmi 1.77
78     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
79     hardened-sources-2.6.14-r5.ebuild:
80     Stable on ppc.
81 johnm 1.76
82     *hardened-sources-2.6.14-r5 (01 Feb 2006)
83    
84     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
85     +hardened-sources-2.6.14-r5.ebuild:
86     fixing every known exploit
87 solar 1.75
88     *hardened-sources-2.4.32-r2 (26 Jan 2006)
89    
90     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
91     +hardened-sources-2.4.32-r2.ebuild:
92     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
93 solar 1.74
94     *hardened-sources-2.6.14-r4 (12 Jan 2006)
95    
96     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
97     - version bump for new genpatches which fix up a few sec holes
98 solar 1.73
99     *hardened-sources-2.4.32-r1 (05 Jan 2006)
100    
101     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
102     - revision bump to add misc vital linux kernel security patches.
103 johnm 1.72
104     *hardened-sources-2.6.14-r3 (30 Dec 2005)
105    
106     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
107     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
108     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
109 johnm 1.71
110     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
111     hardened-sources-2.6.14-r2.ebuild:
112     making x86 & amd64 stable following testing.
113 johnm 1.70
114     *hardened-sources-2.6.14-r2 (27 Dec 2005)
115    
116     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
117     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
118     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
119     network hooks.
120 johnm 1.69
121     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
122     hardened-sources-2.6.14-r1.ebuild:
123     bumping to stable early for sec fix on x86 & amd64
124 johnm 1.68
125     *hardened-sources-2.6.14-r1 (05 Dec 2005)
126    
127     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
128     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
129     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
130 solar 1.67
131     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
132     - stable on x86 security bug #114227 CAN-2005-3257
133 kang 1.66
134     *hardened-sources-2.4.32 (19 Nov 2005)
135    
136     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
137     +hardened-sources-2.4.32.ebuild:
138     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
139     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
140     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
141     rsbac >> /etc/portage/package.use)
142 johnm 1.65
143     *hardened-sources-2.6.14 (14 Nov 2005)
144    
145     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
146     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
147     Bumping 2.6 series to 2.6.14.2
148 johnm 1.64
149     *hardened-sources-2.6.13-r2 (20 Oct 2005)
150    
151     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
152     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
153     +hardened-sources-2.6.13-r2.ebuild:
154     Fixes minor build error in ppc.
155 johnm 1.63
156     *hardened-sources-2.6.13-r1 (17 Oct 2005)
157    
158     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
159     +hardened-sources-2.6.13-r1.ebuild:
160     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
161     2.6.13.4, fixes some major amd64 stability problems.
162 johnm 1.62
163     *hardened-sources-2.6.13 (16 Sep 2005)
164    
165     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
166     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
167     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
168     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
169     users should test this thoroughly.
170 solar 1.61
171     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
172     - stable on x86
173 johnm 1.60
174     *hardened-sources-2.6.11-r15 (27 Jun 2005)
175    
176     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
177     +hardened-sources-2.6.11-r15.ebuild:
178     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
179     grsec redefining curr_ip struct.
180 solar 1.59
181     *hardened-sources-2.4.31 (20 Jun 2005)
182    
183     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
184     initial import of 2.4.31 tree
185 johnm 1.58
186     *hardened-sources-2.6.11-r14 (14 Jun 2005)
187    
188     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
189     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
190     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
191     naming scheme to abide by genpatches
192 johnm 1.57
193     *hardened-sources-2.6.11-r13 (18 May 2005)
194    
195     18 May 2005; John Mylchreest <johnm@gentoo.org>
196     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
197     Managed to mangle the Makefile patch from grsec, to miss out the grsec
198     target. sorry about that. Fixes bug #93022
199 johnm 1.56
200     *hardened-sources-2.6.11-r12 (17 May 2005)
201    
202     17 May 2005; John Mylchreest <johnm@gentoo.org>
203     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
204     +hardened-sources-2.6.11-r12.ebuild:
205     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
206     merges in genpatches-base
207 johnm 1.55
208     *hardened-sources-2.6.11-r12 (17 May 2005)
209    
210     17 May 2005; John Mylchreest <johnm@gentoo.org>
211     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
212     +hardened-sources-2.6.11-r12.ebuild:
213     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
214     merges in genpatches-base
215 solar 1.54
216     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
217     -files/2.4.27-cmdline-race.patch,
218     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
219     -files/2.4.28-grsec-binfmt_a.out.patch,
220     -files/2.4.28-grsec-cmdline-race.patch,
221     -files/2.4.28-selinux-binfmt_a.out.patch,
222     -files/2.4.28-selinux-cmdline-race.patch,
223     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
224     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
225     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
226     cleanup..
227 solar 1.53
228     *hardened-sources-2.4.30-r1 (21 Apr 2005)
229    
230     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
231     - disable aout by default
232 solar 1.52
233     *hardened-sources-2.4.30 (18 Apr 2005)
234    
235     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
236     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
237     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
238     use
239 tocharian 1.50
240 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
241    
242     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
243     +hardened-sources-2.4.29.ebuild:
244     New hardened-patches-2.4-29.0 patchball.
245     Removed SELinux support, upgraded GRSecurity to 2.1.4.
246    
247     *hardened-sources-2.4.28-r5 (06 Mar 2005)
248    
249     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
250     +hardened-sources-2.4.28-r5.ebuild:
251     Added a fix for a PaX vulnerability.
252    
253     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
254 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
255     Stable on x86
256 solar 1.49
257     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
258     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
259     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
260     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
261     - fixed/added RDEPEND= in all kernel-2 ebuilds
262 tocharian 1.48
263     *hardened-sources-2.4.28-r4 (21 Jan 2005)
264    
265     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
266     +hardened-sources-2.4.28-r4.ebuild:
267     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
268     backport of neighbour hash updates.
269 tocharian 1.47
270     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
271     hardened-sources-2.4.28-r3.ebuild:
272     Stable on x86
273 tseng 1.46
274     *hardened-sources-2.6.10-r3 (20 Jan 2005)
275    
276     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
277     +hardened-sources-2.6.10-r3.ebuild:
278     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
279     in 2005.0
280 tocharian 1.45
281     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
282     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
283     hardened-sources-2.4.28-r2.ebuild:
284     Mark stable on x86
285 tocharian 1.44
286     *hardened-sources-2.4.28-r3 (17 Jan 2005)
287    
288     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
289     +hardened-sources-2.4.28-r3.ebuild:
290     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
291 tocharian 1.43
292     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
293     hardened-sources-2.4.28.ebuild:
294     Mark stable on x86.
295 tocharian 1.42
296     *hardened-sources-2.4.28-r2 (13 Jan 2005)
297    
298     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
299     +hardened-sources-2.4.28-r2.ebuild:
300     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
301     Mazinger for grsecurity patches as well.
302 plasmaroo 1.41
303     *hardened-sources-2.4.28-r1 (23 Dec 2004)
304    
305     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
306     Security bump. Thank tocharian for rolling a new patchset...
307 solar 1.40
308     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
309     +files/2.4.28-grsec-cmdline-race.patch,
310     +files/2.4.28-selinux-binfmt_a.out.patch,
311     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
312     - Round up remaining security patches that appear to be missing in 2.4.28. -
313     PaX standalone updated to current. hgpv=28.1
314 solar 1.39
315     *hardened-sources-2.4.28 (28 Nov 2004)
316    
317     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
318     security bump. Thank tocharian for rolling a new patchset
319 scox 1.31
320 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
321    
322     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
323     +hardened-sources-2.4.27-r3.ebuild:
324     Applies the new 2.4-27.2 patchball which updates
325     GRSecurity to the 2.0.1 version.
326    
327 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
328    
329     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
330     +hardened-sources-2.4.27-r2.ebuild:
331     Version bump.
332     This version uses the new 2.4-27.1 patchball which updates
333     both the SELinux PaX hooks patch and the SELinux headers.
334    
335 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
336    
337     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
338     +hardened-sources-2.4.27-r1.ebuild,
339     -hardened-sources-2.4.27.ebuild,
340     +files/2.4.27-cmdline-race.patch:
341     Version bump, fix for cmdline race. See bug #59905.
342    
343     *hardened-sources-2.4.26-r6 (09 Aug 2004)
344    
345     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
346     +hardened-sources-2.4.26-r6.ebuild,
347     -hardened-sources-2.4.26-r5.ebuild,
348     -hardened-sources-2.4.26-r4.ebuild,
349     +files/2.4.26-cmdline-race.patch:
350     Version bump, fix for cmdline race. See bug #59905.
351    
352 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
353    
354     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
355     +hardened-sources-2.4.27.ebuild,
356     +files/2.4.27-CAN-2004-0394.patch:
357     Ported the patchball to the 2.4.27 kernel version.
358    
359 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
360    
361     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
362     +hardened-sources-2.4.26-r5.ebuild:
363 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
364 scox 1.34 It adds the following features:
365     - Squashfs
366     - Ebtables
367     - Netdev random (core+drivers)
368     - Watchdog Timer (WDT) fix.
369    
370 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
371    
372     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
373     +hardened-sources-2.4.26-r4.ebuild,
374     +files/2.4.26-CAN-2004-0415.patch,
375     -hardened-sources-2.4.26-3:
376     Version bump, fix for CAN 0415, see bug #59378.
377    
378 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
379    
380     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
381     +hardened-sources-2.4.26-r3.ebuild,
382     +files/2.4.26-CAN-2004-0497.patch,
383     -hardened-sources-2.4.26-r2.ebuild:
384     Version bump, fixed CAN 0497, see bug #56171.
385    
386 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
387    
388     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
389 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
390 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
391     +files/2.4.26-CAN-2004-0535.patch,
392     -hardened-sources-2.4.26-r1.ebuild:
393     Fixes for both CAN 0495 and 0535, see bug #54976
394 pvdabeel 1.27
395 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
396     hardened-sources-2.4.26-r1.ebuild:
397     QA - fix use invocation
398 scox 1.28
399     *hardened-sources-2.4.26-r1 (22 June 2004)
400    
401     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
402     +hardened-sources-2.4.26-r1.ebuild,
403     +files/2.4.26-CAN-2004-0394.patch,
404     +files/2.4.26-signal-race.patch,
405     -hardened-sources-2.4.26.ebuild,
406     -hardened-sources-2.4.24-r3.ebuild:
407     Version bump for the CAN-2004-0394 issue and bug #53804
408     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
409    
410    
411 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
412     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
413     Masked hardened-sources-2.4.26.ebuild broken for ppc
414    
415     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
416     hardened-sources-2.4.24-r3.ebuild:
417     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
418 plasmaroo 1.25
419 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
420    
421     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
422     +hardened-sources-2.4.26.ebuild:
423     Updated hardened-sources for the 2.4.26 kernel
424     Removed broken components, updated almost everything.
425    
426 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
427    
428     17 Apr 2004; <plasmaroo@gentoo.org>
429     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
430     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
431     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
432     +hardened-sources-2.4.24-r3.ebuild:
433     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
434     vulnerabilities. Old revisions removed.
435 plasmaroo 1.24
436     *hardened-sources-2.4.24-r2 (15 Apr 2004)
437    
438     15 Apr 2004; <plasmaroo@gentoo.org>
439     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
440     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
441     Version bump for the CAN-2004-0109 issue; bug #47881.
442 aliz 1.23
443     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
444     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
445     Add eutils to inherit.
446 plasmaroo 1.22
447     *hardened-sources-2.4.24-r1 (19 Feb 2004)
448    
449     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
450     files/hardened-sources-2.4.24.munmap.patch:
451     Added the patch for the mremap/munmap vulnerability. Bug #42024.
452 scox 1.19
453 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
454 scox 1.26
455 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
456     hardened-sources-2.4.24.ebuild:
457     Version bump, updated most of the components.
458     This release includes the following:
459    
460     - Hardened security
461     - Netfilter patch-o-matic 20031219
462     - FreeSWAN 2.04 & x509 1.4.8
463     - EVMS 2.2.2
464     - XFS 1.3.1
465     - cryptoloop jari
466     - grsecurity 2.0-rc4
467     - SELinux
468     - PaX 200402060000
469     - PaX Obscurity 200308302223
470     - Others...
471    
472     Neither -ck nor systrace are included anymore.
473    
474 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
475    
476     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
477     hardened-sources-2.4.22-r2.ebuild:
478 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
479 scox 1.19
480     *hardened-sources-2.4.22-r1 (02 Dec 2003)
481 iggy 1.17
482     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
483 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
484 iggy 1.16
485     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
486 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
487     Version bump for the 'do_brk' vulnerability.
488 iggy 1.15
489     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
490     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
491     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
492     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
493 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
494 frogger 1.14
495     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
496     hardened-sources-2.4.22.ebuild:
497 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
498     components. These are no longer handled in the kernel
499     so this code was not necessary.
500 frogger 1.13
501     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
502     New 2.4.22 based hardened-sources thanks to
503     Phil West <p.west@computer.org>.
504    
505     These sources include:
506 plasmaroo 1.18 - New SELinux API
507     - Updated CK-base
508     - Updated GRSec
509     - Systrace
510     - SuperFreeS/WAN 1.99.8
511     - Propolice kernel build support
512     - EVMS
513     - Other various security related patches
514 frogger 1.11
515 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
516    
517     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
518     Updated hardened-sources based on the 2.4.21 Linux kernel.
519     This includes updates to most major components such as:
520 plasmaroo 1.18 - ck-base-0306300059
521     - selinux-2.4-2003071106
522     - grsecurity-2.0-rc1
523     - Updated IPTables patch-o-matic
524     - Updated SuperFreeS/WAN
525    
526 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
527     updated patch set ready for the 2.4.21 based kernel.
528    
529 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
530     Initial import of hardened-sources-2.4.20-r4. This revision
531     includes only a few changes, but one of these is an important
532     security fix. It is recommended all users of hardened-sources
533     upgrade to this release.
534 plasmaroo 1.18
535 frogger 1.11 - ioperm bug fix
536     - fixed compilation failure when building without GRSec
537 plasmaroo 1.18
538 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
539     due to time constraints, but is planned for inclusion in the near
540     future.
541 msterret 1.10
542     *hardened-sources-2.4.20-r2 (12 Jun 2003)
543    
544     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
545     hardened-sources-2.4.20-r3.ebuild:
546 plasmaroo 1.18 Add Header...
547 frogger 1.9
548     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
549     hardened-sources-2.4.20-r3.ebuild:
550     Removed warnings from ebuild. This kernel should be safe to
551     use at this point.
552 frogger 1.8
553     *hardened-sources-2.4.20-r3 (08 Jun 2003)
554    
555     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
556     hardened-sources-2.4.20-r3.ebuild:
557     New revision. Includes the following changes over -r2:
558 plasmaroo 1.18
559 frogger 1.8 - ck7-base (O(1), preempt, low latency)
560     - Super FreeS/WAN 1.99.7rc2
561     - PaX for the LSM/SELinux branch
562     - GRSecurity 2.0-pre4 (role based access control)
563     - Systrace 1.3
564     - EXT3 fixes
565     - EVMS 2.0.1
566     - GCC 3.1+ compile optimizations
567     - ProPolice kernel build support
568     - Hashing table security fixes
569 frogger 1.3
570     *hardened-sources-2.4.20-r1 (09 Apr 2003)
571 frogger 1.7
572     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
573     Initial import of hardened-sources-r2. This new
574     ebuild includes many new performance and security
575     related patches. As in -r1, it will patch in
576     LSM/SELinux if "selinux" is in USE, otherwise it
577     will patch in GRSecurity. The following patches
578     are included in this revision:
579 plasmaroo 1.18
580 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
581     (pulled from the base CK patch)
582     - ptrace exploit patch for the LSM kernel
583     (the GRSec patch already fixes this)
584     - LSM 2.4-2003040709
585     - SELinux 2.4-2003040709
586     - Systrace v1.2
587     - IPTables patch-o-matic base patches - 20030107
588     - CryptoAPI 2.4.20.1 w/ loop-jari patch
589     - Super FreeS/WAN 1.99.6.1
590     - GRSecurity 1.9.9g
591     - MPPE
592     - EXT3 data journal fix
593     - CIPE 1.5.4
594 frogger 1.6
595     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
596     hardened-sources-2.4.20-r1.ebuild, manifest:
597 plasmaroo 1.18 Updated to install flask components correctly for selinux.
598 frogger 1.5
599     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
600     hardened-sources-2.4.20-r1.ebuild:
601     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
602     is patched in instead. Ptrace patches for selinux have also been added. In
603     either case, systrace support will be patched in as well.
604 frogger 1.3
605     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
606     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
607 plasmaroo 1.18 Revision bump for new sources.
608 frogger 1.4
609 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
610 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
611 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
612 method 1.1
613 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
614    
615 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
616     hardened-sources-2.4.20.ebuild:
617 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20