/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.100 - (show annotations) (download)
Tue May 16 12:18:07 2006 UTC (8 years, 3 months ago) by kang
Branch: MAIN
Changes since 1.99: +7 -1 lines
Fixes patching with RSBAC. New patchset.
(Portage version: 2.1_pre10-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.99 2006/05/13 14:50:59 solar Exp $
4
5 *hardened-sources-2.4.32-r5 (16 May 2006)
6
7 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
8 +hardened-sources-2.4.32-r5.ebuild:
9 Fixes rsbac common patching (new patch in new -r5 patchset)
10
11 *hardened-sources-2.4.32-r4 (13 May 2006)
12
13 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
14 +hardened-sources-2.4.32-r4.ebuild:
15 - security bumps
16
17 *hardened-sources-2.6.16-r6 (03 May 2006)
18
19 03 May 2006; John Mylchreest <johnm@gentoo.org>
20 +hardened-sources-2.6.16-r6.ebuild:
21 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
22
23 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
24 hardened-sources-2.6.14-r8.ebuild:
25 fix x86_64 build problem, this will delay the digest issue again for a short
26 while but it will sort itself out
27
28 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
29 hardened-sources-2.6.14-r8.ebuild:
30 bump hardened patchset
31
32 27 Apr 2006; Alec Warner <antarus@gentoo.org>
33 files/digest-hardened-sources-2.4.32-r2,
34 files/digest-hardened-sources-2.4.32-r3,
35 files/digest-hardened-sources-2.6.14-r8, Manifest:
36 Fixing duff SHA256 digests: Bug # 131293
37
38 *hardened-sources-2.6.16-r5 (27 Apr 2006)
39
40 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
41 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
42 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
43 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
44 cleanup of old uneccessary sources
45
46 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
47 fix digest
48
49 *hardened-sources-2.6.14-r8 (20 Apr 2006)
50
51 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
52 +hardened-sources-2.6.14-r8.ebuild:
53 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
54
55 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
56 Turning on gpg-signing again, and recomitting
57
58 *hardened-sources-2.6.16-r4 (20 Apr 2006)
59
60 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
61 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
62 +hardened-sources-2.6.16-r4.ebuild:
63 Fix numerous security vulns
64
65 *hardened-sources-2.4.32-r3 (16 Apr 2006)
66
67 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
68 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
69 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
70 - security bump for bug #112791. Removed old ebuilds
71
72 *hardened-sources-2.6.16-r3 (15 Apr 2006)
73
74 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
75 +hardened-sources-2.6.16-r3.ebuild:
76 Removing silly localversion which I missed
77
78 *hardened-sources-2.6.14-r7 (14 Apr 2006)
79
80 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
81 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
82 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
83
84 *hardened-sources-2.6.16-r2 (13 Apr 2006)
85
86 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
87 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
88 +hardened-sources-2.6.16-r2.ebuild:
89 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
90 labels, dropping USERGROUP define fixes, since these were merged mainstream.
91
92 *hardened-sources-2.6.16-r1 (11 Apr 2006)
93
94 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
95 +hardened-sources-2.6.16-r1.ebuild:
96 Bumping to include ppc build fix and 2.6.16.3
97
98 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
99 hardened-sources-2.6.14-r6.ebuild:
100 Stable on x86; bug #127718
101
102 *hardened-sources-2.6.16 (31 Mar 2006)
103
104 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
105 +hardened-sources-2.6.16.ebuild:
106 Bumping to new version of grsec, and kernel base. New squashfs. Based on
107 2.6.16.1
108
109 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
110 hardened-sources-2.6.14-r6.ebuild:
111 Stable on amd64, bug 127718.
112
113 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
114 Stable on ppc. Bug #127718
115
116 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
117 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
118 -hardened-sources-2.6.14-r4.ebuild:
119 Cleanup.
120
121 *hardened-sources-2.6.14-r6 (15 Mar 2006)
122
123 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
124 +hardened-sources-2.6.14-r6.ebuild:
125 Fixes grsec policy recreation bug and adds a
126 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
127
128 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
129 - stable on x86
130
131 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
132 hardened-sources-2.6.14-r5.ebuild:
133 Stable on ppc.
134
135 *hardened-sources-2.6.14-r5 (01 Feb 2006)
136
137 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
138 +hardened-sources-2.6.14-r5.ebuild:
139 fixing every known exploit
140
141 *hardened-sources-2.4.32-r2 (26 Jan 2006)
142
143 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
144 +hardened-sources-2.4.32-r2.ebuild:
145 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
146
147 *hardened-sources-2.6.14-r4 (12 Jan 2006)
148
149 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
150 - version bump for new genpatches which fix up a few sec holes
151
152 *hardened-sources-2.4.32-r1 (05 Jan 2006)
153
154 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
155 - revision bump to add misc vital linux kernel security patches.
156
157 *hardened-sources-2.6.14-r3 (30 Dec 2005)
158
159 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
160 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
161 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
162
163 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
164 hardened-sources-2.6.14-r2.ebuild:
165 making x86 & amd64 stable following testing.
166
167 *hardened-sources-2.6.14-r2 (27 Dec 2005)
168
169 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
170 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
171 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
172 network hooks.
173
174 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
175 hardened-sources-2.6.14-r1.ebuild:
176 bumping to stable early for sec fix on x86 & amd64
177
178 *hardened-sources-2.6.14-r1 (05 Dec 2005)
179
180 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
181 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
182 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
183
184 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
185 - stable on x86 security bug #114227 CAN-2005-3257
186
187 *hardened-sources-2.4.32 (19 Nov 2005)
188
189 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
190 +hardened-sources-2.4.32.ebuild:
191 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
192 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
193 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
194 rsbac >> /etc/portage/package.use)
195
196 *hardened-sources-2.6.14 (14 Nov 2005)
197
198 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
199 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
200 Bumping 2.6 series to 2.6.14.2
201
202 *hardened-sources-2.6.13-r2 (20 Oct 2005)
203
204 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
205 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
206 +hardened-sources-2.6.13-r2.ebuild:
207 Fixes minor build error in ppc.
208
209 *hardened-sources-2.6.13-r1 (17 Oct 2005)
210
211 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
212 +hardened-sources-2.6.13-r1.ebuild:
213 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
214 2.6.13.4, fixes some major amd64 stability problems.
215
216 *hardened-sources-2.6.13 (16 Sep 2005)
217
218 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
219 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
220 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
221 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
222 users should test this thoroughly.
223
224 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
225 - stable on x86
226
227 *hardened-sources-2.6.11-r15 (27 Jun 2005)
228
229 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
230 +hardened-sources-2.6.11-r15.ebuild:
231 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
232 grsec redefining curr_ip struct.
233
234 *hardened-sources-2.4.31 (20 Jun 2005)
235
236 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
237 initial import of 2.4.31 tree
238
239 *hardened-sources-2.6.11-r14 (14 Jun 2005)
240
241 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
242 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
243 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
244 naming scheme to abide by genpatches
245
246 *hardened-sources-2.6.11-r13 (18 May 2005)
247
248 18 May 2005; John Mylchreest <johnm@gentoo.org>
249 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
250 Managed to mangle the Makefile patch from grsec, to miss out the grsec
251 target. sorry about that. Fixes bug #93022
252
253 *hardened-sources-2.6.11-r12 (17 May 2005)
254
255 17 May 2005; John Mylchreest <johnm@gentoo.org>
256 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
257 +hardened-sources-2.6.11-r12.ebuild:
258 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
259 merges in genpatches-base
260
261 *hardened-sources-2.6.11-r12 (17 May 2005)
262
263 17 May 2005; John Mylchreest <johnm@gentoo.org>
264 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
265 +hardened-sources-2.6.11-r12.ebuild:
266 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
267 merges in genpatches-base
268
269 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
270 -files/2.4.27-cmdline-race.patch,
271 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
272 -files/2.4.28-grsec-binfmt_a.out.patch,
273 -files/2.4.28-grsec-cmdline-race.patch,
274 -files/2.4.28-selinux-binfmt_a.out.patch,
275 -files/2.4.28-selinux-cmdline-race.patch,
276 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
277 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
278 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
279 cleanup..
280
281 *hardened-sources-2.4.30-r1 (21 Apr 2005)
282
283 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
284 - disable aout by default
285
286 *hardened-sources-2.4.30 (18 Apr 2005)
287
288 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
289 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
290 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
291 use
292
293 *hardened-sources-2.4.29 (30 Mar 2005)
294
295 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
296 +hardened-sources-2.4.29.ebuild:
297 New hardened-patches-2.4-29.0 patchball.
298 Removed SELinux support, upgraded GRSecurity to 2.1.4.
299
300 *hardened-sources-2.4.28-r5 (06 Mar 2005)
301
302 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
303 +hardened-sources-2.4.28-r5.ebuild:
304 Added a fix for a PaX vulnerability.
305
306 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
307 hardened-sources-2.4.28-r4.ebuild:
308 Stable on x86
309
310 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
311 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
312 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
313 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
314 - fixed/added RDEPEND= in all kernel-2 ebuilds
315
316 *hardened-sources-2.4.28-r4 (21 Jan 2005)
317
318 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
319 +hardened-sources-2.4.28-r4.ebuild:
320 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
321 backport of neighbour hash updates.
322
323 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
324 hardened-sources-2.4.28-r3.ebuild:
325 Stable on x86
326
327 *hardened-sources-2.6.10-r3 (20 Jan 2005)
328
329 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
330 +hardened-sources-2.6.10-r3.ebuild:
331 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
332 in 2005.0
333
334 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
335 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
336 hardened-sources-2.4.28-r2.ebuild:
337 Mark stable on x86
338
339 *hardened-sources-2.4.28-r3 (17 Jan 2005)
340
341 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
342 +hardened-sources-2.4.28-r3.ebuild:
343 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
344
345 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
346 hardened-sources-2.4.28.ebuild:
347 Mark stable on x86.
348
349 *hardened-sources-2.4.28-r2 (13 Jan 2005)
350
351 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
352 +hardened-sources-2.4.28-r2.ebuild:
353 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
354 Mazinger for grsecurity patches as well.
355
356 *hardened-sources-2.4.28-r1 (23 Dec 2004)
357
358 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
359 Security bump. Thank tocharian for rolling a new patchset...
360
361 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
362 +files/2.4.28-grsec-cmdline-race.patch,
363 +files/2.4.28-selinux-binfmt_a.out.patch,
364 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
365 - Round up remaining security patches that appear to be missing in 2.4.28. -
366 PaX standalone updated to current. hgpv=28.1
367
368 *hardened-sources-2.4.28 (28 Nov 2004)
369
370 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
371 security bump. Thank tocharian for rolling a new patchset
372
373 *hardened-sources-2.4.27-r3 (08 Sep 2004)
374
375 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
376 +hardened-sources-2.4.27-r3.ebuild:
377 Applies the new 2.4-27.2 patchball which updates
378 GRSecurity to the 2.0.1 version.
379
380 *hardened-sources-2.4.27-r2 (31 Aug 2004)
381
382 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
383 +hardened-sources-2.4.27-r2.ebuild:
384 Version bump.
385 This version uses the new 2.4-27.1 patchball which updates
386 both the SELinux PaX hooks patch and the SELinux headers.
387
388 *hardened-sources-2.4.27-r1 (09 Aug 2004)
389
390 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
391 +hardened-sources-2.4.27-r1.ebuild,
392 -hardened-sources-2.4.27.ebuild,
393 +files/2.4.27-cmdline-race.patch:
394 Version bump, fix for cmdline race. See bug #59905.
395
396 *hardened-sources-2.4.26-r6 (09 Aug 2004)
397
398 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
399 +hardened-sources-2.4.26-r6.ebuild,
400 -hardened-sources-2.4.26-r5.ebuild,
401 -hardened-sources-2.4.26-r4.ebuild,
402 +files/2.4.26-cmdline-race.patch:
403 Version bump, fix for cmdline race. See bug #59905.
404
405 *hardened-sources-2.4.27 (08 Aug 2004)
406
407 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
408 +hardened-sources-2.4.27.ebuild,
409 +files/2.4.27-CAN-2004-0394.patch:
410 Ported the patchball to the 2.4.27 kernel version.
411
412 *hardened-sources-2.4.26-r5 (07 Aug 2004)
413
414 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
415 +hardened-sources-2.4.26-r5.ebuild:
416 Updated to use the new hardened-patches-2.4-26.1 patchball.
417 It adds the following features:
418 - Squashfs
419 - Ebtables
420 - Netdev random (core+drivers)
421 - Watchdog Timer (WDT) fix.
422
423 *hardened-sources-2.4.26-r4 (04 Aug 2004)
424
425 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
426 +hardened-sources-2.4.26-r4.ebuild,
427 +files/2.4.26-CAN-2004-0415.patch,
428 -hardened-sources-2.4.26-3:
429 Version bump, fix for CAN 0415, see bug #59378.
430
431 *hardened-sources-2.4.26-r3 (22 Jul 2004)
432
433 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
434 +hardened-sources-2.4.26-r3.ebuild,
435 +files/2.4.26-CAN-2004-0497.patch,
436 -hardened-sources-2.4.26-r2.ebuild:
437 Version bump, fixed CAN 0497, see bug #56171.
438
439 *hardened-sources-2.4.26-r2 (29 Jun 2004)
440
441 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
442 +hardened-sources-2.4.26-r2.ebuild,
443 +files/2.4.26-CAN-2004-0495.patch,
444 +files/2.4.26-CAN-2004-0535.patch,
445 -hardened-sources-2.4.26-r1.ebuild:
446 Fixes for both CAN 0495 and 0535, see bug #54976
447
448 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
449 hardened-sources-2.4.26-r1.ebuild:
450 QA - fix use invocation
451
452 *hardened-sources-2.4.26-r1 (22 June 2004)
453
454 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
455 +hardened-sources-2.4.26-r1.ebuild,
456 +files/2.4.26-CAN-2004-0394.patch,
457 +files/2.4.26-signal-race.patch,
458 -hardened-sources-2.4.26.ebuild,
459 -hardened-sources-2.4.24-r3.ebuild:
460 Version bump for the CAN-2004-0394 issue and bug #53804
461 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
462
463
464 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
465 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
466 Masked hardened-sources-2.4.26.ebuild broken for ppc
467
468 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
469 hardened-sources-2.4.24-r3.ebuild:
470 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
471
472 *hardened-sources-2.4.26 (29 May 2004)
473
474 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
475 +hardened-sources-2.4.26.ebuild:
476 Updated hardened-sources for the 2.4.26 kernel
477 Removed broken components, updated almost everything.
478
479 *hardened-sources-2.4.24-r3 (17 Apr 2004)
480
481 17 Apr 2004; <plasmaroo@gentoo.org>
482 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
483 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
484 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
485 +hardened-sources-2.4.24-r3.ebuild:
486 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
487 vulnerabilities. Old revisions removed.
488
489 *hardened-sources-2.4.24-r2 (15 Apr 2004)
490
491 15 Apr 2004; <plasmaroo@gentoo.org>
492 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
493 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
494 Version bump for the CAN-2004-0109 issue; bug #47881.
495
496 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
497 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
498 Add eutils to inherit.
499
500 *hardened-sources-2.4.24-r1 (19 Feb 2004)
501
502 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
503 files/hardened-sources-2.4.24.munmap.patch:
504 Added the patch for the mremap/munmap vulnerability. Bug #42024.
505
506 *hardened-sources-2.4.24 (06 Feb 2004)
507
508 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
509 hardened-sources-2.4.24.ebuild:
510 Version bump, updated most of the components.
511 This release includes the following:
512
513 - Hardened security
514 - Netfilter patch-o-matic 20031219
515 - FreeSWAN 2.04 & x509 1.4.8
516 - EVMS 2.2.2
517 - XFS 1.3.1
518 - cryptoloop jari
519 - grsecurity 2.0-rc4
520 - SELinux
521 - PaX 200402060000
522 - PaX Obscurity 200308302223
523 - Others...
524
525 Neither -ck nor systrace are included anymore.
526
527 *hardened-sources-2.4.22-r2 (05 Jan 2004)
528
529 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
530 hardened-sources-2.4.22-r2.ebuild:
531 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
532
533 *hardened-sources-2.4.22-r1 (02 Dec 2003)
534
535 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
536 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
537
538 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
539 hardened-sources-2.4.22-r1.ebuild:
540 Version bump for the 'do_brk' vulnerability.
541
542 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
543 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
544 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
545 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
546 Fix the 'do_brk' vulnerability.
547
548 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
549 hardened-sources-2.4.22.ebuild:
550 - Removed the src_install() portion for SELinux flask
551 components. These are no longer handled in the kernel
552 so this code was not necessary.
553
554 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
555 New 2.4.22 based hardened-sources thanks to
556 Phil West <p.west@computer.org>.
557
558 These sources include:
559 - New SELinux API
560 - Updated CK-base
561 - Updated GRSec
562 - Systrace
563 - SuperFreeS/WAN 1.99.8
564 - Propolice kernel build support
565 - EVMS
566 - Other various security related patches
567
568 *hardened-sources-2.4.21 (14 Sep 2003)
569
570 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
571 Updated hardened-sources based on the 2.4.21 Linux kernel.
572 This includes updates to most major components such as:
573 - ck-base-0306300059
574 - selinux-2.4-2003071106
575 - grsecurity-2.0-rc1
576 - Updated IPTables patch-o-matic
577 - Updated SuperFreeS/WAN
578
579 Thanks to Phil West <pwest@computer.org> for his work in getting this
580 updated patch set ready for the 2.4.21 based kernel.
581
582 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
583 Initial import of hardened-sources-2.4.20-r4. This revision
584 includes only a few changes, but one of these is an important
585 security fix. It is recommended all users of hardened-sources
586 upgrade to this release.
587
588 - ioperm bug fix
589 - fixed compilation failure when building without GRSec
590
591 SAL (Secure Auditing for Linux) is NOT included in this revision
592 due to time constraints, but is planned for inclusion in the near
593 future.
594
595 *hardened-sources-2.4.20-r2 (12 Jun 2003)
596
597 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
598 hardened-sources-2.4.20-r3.ebuild:
599 Add Header...
600
601 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
602 hardened-sources-2.4.20-r3.ebuild:
603 Removed warnings from ebuild. This kernel should be safe to
604 use at this point.
605
606 *hardened-sources-2.4.20-r3 (08 Jun 2003)
607
608 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
609 hardened-sources-2.4.20-r3.ebuild:
610 New revision. Includes the following changes over -r2:
611
612 - ck7-base (O(1), preempt, low latency)
613 - Super FreeS/WAN 1.99.7rc2
614 - PaX for the LSM/SELinux branch
615 - GRSecurity 2.0-pre4 (role based access control)
616 - Systrace 1.3
617 - EXT3 fixes
618 - EVMS 2.0.1
619 - GCC 3.1+ compile optimizations
620 - ProPolice kernel build support
621 - Hashing table security fixes
622
623 *hardened-sources-2.4.20-r1 (09 Apr 2003)
624
625 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
626 Initial import of hardened-sources-r2. This new
627 ebuild includes many new performance and security
628 related patches. As in -r1, it will patch in
629 LSM/SELinux if "selinux" is in USE, otherwise it
630 will patch in GRSecurity. The following patches
631 are included in this revision:
632
633 - O(1) Scheduler, Low Latency, and Preempt
634 (pulled from the base CK patch)
635 - ptrace exploit patch for the LSM kernel
636 (the GRSec patch already fixes this)
637 - LSM 2.4-2003040709
638 - SELinux 2.4-2003040709
639 - Systrace v1.2
640 - IPTables patch-o-matic base patches - 20030107
641 - CryptoAPI 2.4.20.1 w/ loop-jari patch
642 - Super FreeS/WAN 1.99.6.1
643 - GRSecurity 1.9.9g
644 - MPPE
645 - EXT3 data journal fix
646 - CIPE 1.5.4
647
648 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
649 hardened-sources-2.4.20-r1.ebuild, manifest:
650 Updated to install flask components correctly for selinux.
651
652 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
653 hardened-sources-2.4.20-r1.ebuild:
654 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
655 is patched in instead. Ptrace patches for selinux have also been added. In
656 either case, systrace support will be patched in as well.
657
658 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
659 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
660 Revision bump for new sources.
661
662 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
663 hardened-sources-2.4.20-r1.ebuild:
664 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
665
666 *hardened-sources-2.4.20 (30 Mar 2003)
667
668 30 Mar 2003; Joshua Brindle <method@gentoo.org>
669 hardened-sources-2.4.20.ebuild:
670 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20