/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.92 - (hide annotations) (download)
Thu Apr 20 21:09:21 2006 UTC (8 years, 4 months ago) by johnm
Branch: MAIN
Changes since 1.91: +7 -1 lines
fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
(Portage version: 2.1_pre9-r1)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 johnm 1.92 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.91 2006/04/20 17:50:07 johnm Exp $
4    
5     *hardened-sources-2.6.14-r8 (20 Apr 2006)
6    
7     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
8     +hardened-sources-2.6.14-r8.ebuild:
9     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
10 johnm 1.91
11     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
12     Turning on gpg-signing again, and recomitting
13 johnm 1.90
14     *hardened-sources-2.6.16-r4 (20 Apr 2006)
15    
16     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
17     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
18     +hardened-sources-2.6.16-r4.ebuild:
19     Fix numerous security vulns
20 solar 1.89
21     *hardened-sources-2.4.32-r3 (16 Apr 2006)
22    
23     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
24     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
25     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
26     - security bump for bug #112791. Removed old ebuilds
27 johnm 1.88
28     *hardened-sources-2.6.16-r3 (15 Apr 2006)
29    
30     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
31     +hardened-sources-2.6.16-r3.ebuild:
32     Removing silly localversion which I missed
33 johnm 1.87
34     *hardened-sources-2.6.14-r7 (14 Apr 2006)
35    
36     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
37     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
38     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
39 johnm 1.86
40     *hardened-sources-2.6.16-r2 (13 Apr 2006)
41    
42     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
43     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
44     +hardened-sources-2.6.16-r2.ebuild:
45     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
46     labels, dropping USERGROUP define fixes, since these were merged mainstream.
47 johnm 1.85
48     *hardened-sources-2.6.16-r1 (11 Apr 2006)
49    
50     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
51     +hardened-sources-2.6.16-r1.ebuild:
52     Bumping to include ppc build fix and 2.6.16.3
53 tsunam 1.84
54     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
55     hardened-sources-2.6.14-r6.ebuild:
56     Stable on x86; bug #127718
57 johnm 1.83
58     *hardened-sources-2.6.16 (31 Mar 2006)
59    
60     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
61     +hardened-sources-2.6.16.ebuild:
62     Bumping to new version of grsec, and kernel base. New squashfs. Based on
63     2.6.16.1
64 cryos 1.82
65     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
66     hardened-sources-2.6.14-r6.ebuild:
67     Stable on amd64, bug 127718.
68 nixnut 1.81
69     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
70     Stable on ppc. Bug #127718
71 johnm 1.80
72     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
73     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
74     -hardened-sources-2.6.14-r4.ebuild:
75     Cleanup.
76 johnm 1.79
77     *hardened-sources-2.6.14-r6 (15 Mar 2006)
78    
79     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
80     +hardened-sources-2.6.14-r6.ebuild:
81     Fixes grsec policy recreation bug and adds a
82     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
83 solar 1.78
84     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
85     - stable on x86
86 hansmi 1.77
87     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
88     hardened-sources-2.6.14-r5.ebuild:
89     Stable on ppc.
90 johnm 1.76
91     *hardened-sources-2.6.14-r5 (01 Feb 2006)
92    
93     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
94     +hardened-sources-2.6.14-r5.ebuild:
95     fixing every known exploit
96 solar 1.75
97     *hardened-sources-2.4.32-r2 (26 Jan 2006)
98    
99     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
100     +hardened-sources-2.4.32-r2.ebuild:
101     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
102 solar 1.74
103     *hardened-sources-2.6.14-r4 (12 Jan 2006)
104    
105     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
106     - version bump for new genpatches which fix up a few sec holes
107 solar 1.73
108     *hardened-sources-2.4.32-r1 (05 Jan 2006)
109    
110     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
111     - revision bump to add misc vital linux kernel security patches.
112 johnm 1.72
113     *hardened-sources-2.6.14-r3 (30 Dec 2005)
114    
115     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
116     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
117     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
118 johnm 1.71
119     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
120     hardened-sources-2.6.14-r2.ebuild:
121     making x86 & amd64 stable following testing.
122 johnm 1.70
123     *hardened-sources-2.6.14-r2 (27 Dec 2005)
124    
125     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
126     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
127     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
128     network hooks.
129 johnm 1.69
130     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
131     hardened-sources-2.6.14-r1.ebuild:
132     bumping to stable early for sec fix on x86 & amd64
133 johnm 1.68
134     *hardened-sources-2.6.14-r1 (05 Dec 2005)
135    
136     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
137     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
138     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
139 solar 1.67
140     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
141     - stable on x86 security bug #114227 CAN-2005-3257
142 kang 1.66
143     *hardened-sources-2.4.32 (19 Nov 2005)
144    
145     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
146     +hardened-sources-2.4.32.ebuild:
147     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
148     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
149     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
150     rsbac >> /etc/portage/package.use)
151 johnm 1.65
152     *hardened-sources-2.6.14 (14 Nov 2005)
153    
154     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
155     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
156     Bumping 2.6 series to 2.6.14.2
157 johnm 1.64
158     *hardened-sources-2.6.13-r2 (20 Oct 2005)
159    
160     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
161     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
162     +hardened-sources-2.6.13-r2.ebuild:
163     Fixes minor build error in ppc.
164 johnm 1.63
165     *hardened-sources-2.6.13-r1 (17 Oct 2005)
166    
167     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
168     +hardened-sources-2.6.13-r1.ebuild:
169     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
170     2.6.13.4, fixes some major amd64 stability problems.
171 johnm 1.62
172     *hardened-sources-2.6.13 (16 Sep 2005)
173    
174     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
175     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
176     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
177     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
178     users should test this thoroughly.
179 solar 1.61
180     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
181     - stable on x86
182 johnm 1.60
183     *hardened-sources-2.6.11-r15 (27 Jun 2005)
184    
185     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
186     +hardened-sources-2.6.11-r15.ebuild:
187     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
188     grsec redefining curr_ip struct.
189 solar 1.59
190     *hardened-sources-2.4.31 (20 Jun 2005)
191    
192     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
193     initial import of 2.4.31 tree
194 johnm 1.58
195     *hardened-sources-2.6.11-r14 (14 Jun 2005)
196    
197     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
198     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
199     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
200     naming scheme to abide by genpatches
201 johnm 1.57
202     *hardened-sources-2.6.11-r13 (18 May 2005)
203    
204     18 May 2005; John Mylchreest <johnm@gentoo.org>
205     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
206     Managed to mangle the Makefile patch from grsec, to miss out the grsec
207     target. sorry about that. Fixes bug #93022
208 johnm 1.56
209     *hardened-sources-2.6.11-r12 (17 May 2005)
210    
211     17 May 2005; John Mylchreest <johnm@gentoo.org>
212     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
213     +hardened-sources-2.6.11-r12.ebuild:
214     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
215     merges in genpatches-base
216 johnm 1.55
217     *hardened-sources-2.6.11-r12 (17 May 2005)
218    
219     17 May 2005; John Mylchreest <johnm@gentoo.org>
220     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
221     +hardened-sources-2.6.11-r12.ebuild:
222     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
223     merges in genpatches-base
224 solar 1.54
225     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
226     -files/2.4.27-cmdline-race.patch,
227     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
228     -files/2.4.28-grsec-binfmt_a.out.patch,
229     -files/2.4.28-grsec-cmdline-race.patch,
230     -files/2.4.28-selinux-binfmt_a.out.patch,
231     -files/2.4.28-selinux-cmdline-race.patch,
232     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
233     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
234     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
235     cleanup..
236 solar 1.53
237     *hardened-sources-2.4.30-r1 (21 Apr 2005)
238    
239     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
240     - disable aout by default
241 solar 1.52
242     *hardened-sources-2.4.30 (18 Apr 2005)
243    
244     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
245     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
246     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
247     use
248 tocharian 1.50
249 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
250    
251     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
252     +hardened-sources-2.4.29.ebuild:
253     New hardened-patches-2.4-29.0 patchball.
254     Removed SELinux support, upgraded GRSecurity to 2.1.4.
255    
256     *hardened-sources-2.4.28-r5 (06 Mar 2005)
257    
258     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
259     +hardened-sources-2.4.28-r5.ebuild:
260     Added a fix for a PaX vulnerability.
261    
262     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
263 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
264     Stable on x86
265 solar 1.49
266     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
267     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
268     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
269     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
270     - fixed/added RDEPEND= in all kernel-2 ebuilds
271 tocharian 1.48
272     *hardened-sources-2.4.28-r4 (21 Jan 2005)
273    
274     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
275     +hardened-sources-2.4.28-r4.ebuild:
276     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
277     backport of neighbour hash updates.
278 tocharian 1.47
279     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
280     hardened-sources-2.4.28-r3.ebuild:
281     Stable on x86
282 tseng 1.46
283     *hardened-sources-2.6.10-r3 (20 Jan 2005)
284    
285     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
286     +hardened-sources-2.6.10-r3.ebuild:
287     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
288     in 2005.0
289 tocharian 1.45
290     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
291     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
292     hardened-sources-2.4.28-r2.ebuild:
293     Mark stable on x86
294 tocharian 1.44
295     *hardened-sources-2.4.28-r3 (17 Jan 2005)
296    
297     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
298     +hardened-sources-2.4.28-r3.ebuild:
299     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
300 tocharian 1.43
301     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
302     hardened-sources-2.4.28.ebuild:
303     Mark stable on x86.
304 tocharian 1.42
305     *hardened-sources-2.4.28-r2 (13 Jan 2005)
306    
307     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
308     +hardened-sources-2.4.28-r2.ebuild:
309     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
310     Mazinger for grsecurity patches as well.
311 plasmaroo 1.41
312     *hardened-sources-2.4.28-r1 (23 Dec 2004)
313    
314     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
315     Security bump. Thank tocharian for rolling a new patchset...
316 solar 1.40
317     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
318     +files/2.4.28-grsec-cmdline-race.patch,
319     +files/2.4.28-selinux-binfmt_a.out.patch,
320     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
321     - Round up remaining security patches that appear to be missing in 2.4.28. -
322     PaX standalone updated to current. hgpv=28.1
323 solar 1.39
324     *hardened-sources-2.4.28 (28 Nov 2004)
325    
326     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
327     security bump. Thank tocharian for rolling a new patchset
328 scox 1.31
329 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
330    
331     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
332     +hardened-sources-2.4.27-r3.ebuild:
333     Applies the new 2.4-27.2 patchball which updates
334     GRSecurity to the 2.0.1 version.
335    
336 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
337    
338     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
339     +hardened-sources-2.4.27-r2.ebuild:
340     Version bump.
341     This version uses the new 2.4-27.1 patchball which updates
342     both the SELinux PaX hooks patch and the SELinux headers.
343    
344 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
345    
346     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
347     +hardened-sources-2.4.27-r1.ebuild,
348     -hardened-sources-2.4.27.ebuild,
349     +files/2.4.27-cmdline-race.patch:
350     Version bump, fix for cmdline race. See bug #59905.
351    
352     *hardened-sources-2.4.26-r6 (09 Aug 2004)
353    
354     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
355     +hardened-sources-2.4.26-r6.ebuild,
356     -hardened-sources-2.4.26-r5.ebuild,
357     -hardened-sources-2.4.26-r4.ebuild,
358     +files/2.4.26-cmdline-race.patch:
359     Version bump, fix for cmdline race. See bug #59905.
360    
361 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
362    
363     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
364     +hardened-sources-2.4.27.ebuild,
365     +files/2.4.27-CAN-2004-0394.patch:
366     Ported the patchball to the 2.4.27 kernel version.
367    
368 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
369    
370     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
371     +hardened-sources-2.4.26-r5.ebuild:
372 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
373 scox 1.34 It adds the following features:
374     - Squashfs
375     - Ebtables
376     - Netdev random (core+drivers)
377     - Watchdog Timer (WDT) fix.
378    
379 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
380    
381     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
382     +hardened-sources-2.4.26-r4.ebuild,
383     +files/2.4.26-CAN-2004-0415.patch,
384     -hardened-sources-2.4.26-3:
385     Version bump, fix for CAN 0415, see bug #59378.
386    
387 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
388    
389     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
390     +hardened-sources-2.4.26-r3.ebuild,
391     +files/2.4.26-CAN-2004-0497.patch,
392     -hardened-sources-2.4.26-r2.ebuild:
393     Version bump, fixed CAN 0497, see bug #56171.
394    
395 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
396    
397     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
398 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
399 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
400     +files/2.4.26-CAN-2004-0535.patch,
401     -hardened-sources-2.4.26-r1.ebuild:
402     Fixes for both CAN 0495 and 0535, see bug #54976
403 pvdabeel 1.27
404 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
405     hardened-sources-2.4.26-r1.ebuild:
406     QA - fix use invocation
407 scox 1.28
408     *hardened-sources-2.4.26-r1 (22 June 2004)
409    
410     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
411     +hardened-sources-2.4.26-r1.ebuild,
412     +files/2.4.26-CAN-2004-0394.patch,
413     +files/2.4.26-signal-race.patch,
414     -hardened-sources-2.4.26.ebuild,
415     -hardened-sources-2.4.24-r3.ebuild:
416     Version bump for the CAN-2004-0394 issue and bug #53804
417     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
418    
419    
420 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
421     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
422     Masked hardened-sources-2.4.26.ebuild broken for ppc
423    
424     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
425     hardened-sources-2.4.24-r3.ebuild:
426     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
427 plasmaroo 1.25
428 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
429    
430     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
431     +hardened-sources-2.4.26.ebuild:
432     Updated hardened-sources for the 2.4.26 kernel
433     Removed broken components, updated almost everything.
434    
435 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
436    
437     17 Apr 2004; <plasmaroo@gentoo.org>
438     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
439     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
440     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
441     +hardened-sources-2.4.24-r3.ebuild:
442     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
443     vulnerabilities. Old revisions removed.
444 plasmaroo 1.24
445     *hardened-sources-2.4.24-r2 (15 Apr 2004)
446    
447     15 Apr 2004; <plasmaroo@gentoo.org>
448     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
449     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
450     Version bump for the CAN-2004-0109 issue; bug #47881.
451 aliz 1.23
452     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
453     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
454     Add eutils to inherit.
455 plasmaroo 1.22
456     *hardened-sources-2.4.24-r1 (19 Feb 2004)
457    
458     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
459     files/hardened-sources-2.4.24.munmap.patch:
460     Added the patch for the mremap/munmap vulnerability. Bug #42024.
461 scox 1.19
462 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
463 scox 1.26
464 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
465     hardened-sources-2.4.24.ebuild:
466     Version bump, updated most of the components.
467     This release includes the following:
468    
469     - Hardened security
470     - Netfilter patch-o-matic 20031219
471     - FreeSWAN 2.04 & x509 1.4.8
472     - EVMS 2.2.2
473     - XFS 1.3.1
474     - cryptoloop jari
475     - grsecurity 2.0-rc4
476     - SELinux
477     - PaX 200402060000
478     - PaX Obscurity 200308302223
479     - Others...
480    
481     Neither -ck nor systrace are included anymore.
482    
483 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
484    
485     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
486     hardened-sources-2.4.22-r2.ebuild:
487 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
488 scox 1.19
489     *hardened-sources-2.4.22-r1 (02 Dec 2003)
490 iggy 1.17
491     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
492 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
493 iggy 1.16
494     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
495 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
496     Version bump for the 'do_brk' vulnerability.
497 iggy 1.15
498     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
499     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
500     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
501     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
502 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
503 frogger 1.14
504     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
505     hardened-sources-2.4.22.ebuild:
506 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
507     components. These are no longer handled in the kernel
508     so this code was not necessary.
509 frogger 1.13
510     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
511     New 2.4.22 based hardened-sources thanks to
512     Phil West <p.west@computer.org>.
513    
514     These sources include:
515 plasmaroo 1.18 - New SELinux API
516     - Updated CK-base
517     - Updated GRSec
518     - Systrace
519     - SuperFreeS/WAN 1.99.8
520     - Propolice kernel build support
521     - EVMS
522     - Other various security related patches
523 frogger 1.11
524 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
525    
526     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
527     Updated hardened-sources based on the 2.4.21 Linux kernel.
528     This includes updates to most major components such as:
529 plasmaroo 1.18 - ck-base-0306300059
530     - selinux-2.4-2003071106
531     - grsecurity-2.0-rc1
532     - Updated IPTables patch-o-matic
533     - Updated SuperFreeS/WAN
534    
535 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
536     updated patch set ready for the 2.4.21 based kernel.
537    
538 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
539     Initial import of hardened-sources-2.4.20-r4. This revision
540     includes only a few changes, but one of these is an important
541     security fix. It is recommended all users of hardened-sources
542     upgrade to this release.
543 plasmaroo 1.18
544 frogger 1.11 - ioperm bug fix
545     - fixed compilation failure when building without GRSec
546 plasmaroo 1.18
547 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
548     due to time constraints, but is planned for inclusion in the near
549     future.
550 msterret 1.10
551     *hardened-sources-2.4.20-r2 (12 Jun 2003)
552    
553     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
554     hardened-sources-2.4.20-r3.ebuild:
555 plasmaroo 1.18 Add Header...
556 frogger 1.9
557     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
558     hardened-sources-2.4.20-r3.ebuild:
559     Removed warnings from ebuild. This kernel should be safe to
560     use at this point.
561 frogger 1.8
562     *hardened-sources-2.4.20-r3 (08 Jun 2003)
563    
564     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
565     hardened-sources-2.4.20-r3.ebuild:
566     New revision. Includes the following changes over -r2:
567 plasmaroo 1.18
568 frogger 1.8 - ck7-base (O(1), preempt, low latency)
569     - Super FreeS/WAN 1.99.7rc2
570     - PaX for the LSM/SELinux branch
571     - GRSecurity 2.0-pre4 (role based access control)
572     - Systrace 1.3
573     - EXT3 fixes
574     - EVMS 2.0.1
575     - GCC 3.1+ compile optimizations
576     - ProPolice kernel build support
577     - Hashing table security fixes
578 frogger 1.3
579     *hardened-sources-2.4.20-r1 (09 Apr 2003)
580 frogger 1.7
581     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
582     Initial import of hardened-sources-r2. This new
583     ebuild includes many new performance and security
584     related patches. As in -r1, it will patch in
585     LSM/SELinux if "selinux" is in USE, otherwise it
586     will patch in GRSecurity. The following patches
587     are included in this revision:
588 plasmaroo 1.18
589 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
590     (pulled from the base CK patch)
591     - ptrace exploit patch for the LSM kernel
592     (the GRSec patch already fixes this)
593     - LSM 2.4-2003040709
594     - SELinux 2.4-2003040709
595     - Systrace v1.2
596     - IPTables patch-o-matic base patches - 20030107
597     - CryptoAPI 2.4.20.1 w/ loop-jari patch
598     - Super FreeS/WAN 1.99.6.1
599     - GRSecurity 1.9.9g
600     - MPPE
601     - EXT3 data journal fix
602     - CIPE 1.5.4
603 frogger 1.6
604     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
605     hardened-sources-2.4.20-r1.ebuild, manifest:
606 plasmaroo 1.18 Updated to install flask components correctly for selinux.
607 frogger 1.5
608     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
609     hardened-sources-2.4.20-r1.ebuild:
610     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
611     is patched in instead. Ptrace patches for selinux have also been added. In
612     either case, systrace support will be patched in as well.
613 frogger 1.3
614     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
615     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
616 plasmaroo 1.18 Revision bump for new sources.
617 frogger 1.4
618 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
619 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
620 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
621 method 1.1
622 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
623    
624 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
625     hardened-sources-2.4.20.ebuild:
626 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20