/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.103 - (show annotations) (download)
Fri Jun 30 23:40:58 2006 UTC (8 years, 2 months ago) by solar
Branch: MAIN
Changes since 1.102: +8 -1 lines
- backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity sysctl controlable resource logging. Mark 2.4.32-r4 stable on x86
(Portage version: 3679-svn)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.102 2006/06/05 18:27:37 johnm Exp $
4
5 *hardened-sources-2.4.32-r6 (30 Jun 2006)
6
7 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
8 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
9 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
10 sysctl controlable resource logging
11
12 *hardened-sources-2.6.16-r7 (05 Jun 2006)
13
14 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
15 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
16 push new 2.6.16 release in preparation for stable
17
18 22 May 2006; <solar@gentoo.org> :
19 - redigest bug 134002
20
21 *hardened-sources-2.4.32-r5 (16 May 2006)
22
23 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
24 +hardened-sources-2.4.32-r5.ebuild:
25 Fixes rsbac common patching (new patch in new -r5 patchset)
26
27 *hardened-sources-2.4.32-r4 (13 May 2006)
28
29 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
30 +hardened-sources-2.4.32-r4.ebuild:
31 - security bumps
32
33 *hardened-sources-2.6.16-r6 (03 May 2006)
34
35 03 May 2006; John Mylchreest <johnm@gentoo.org>
36 +hardened-sources-2.6.16-r6.ebuild:
37 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
38
39 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
40 hardened-sources-2.6.14-r8.ebuild:
41 fix x86_64 build problem, this will delay the digest issue again for a short
42 while but it will sort itself out
43
44 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
45 hardened-sources-2.6.14-r8.ebuild:
46 bump hardened patchset
47
48 27 Apr 2006; Alec Warner <antarus@gentoo.org>
49 files/digest-hardened-sources-2.4.32-r2,
50 files/digest-hardened-sources-2.4.32-r3,
51 files/digest-hardened-sources-2.6.14-r8, Manifest:
52 Fixing duff SHA256 digests: Bug # 131293
53
54 *hardened-sources-2.6.16-r5 (27 Apr 2006)
55
56 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
57 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
58 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
59 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
60 cleanup of old uneccessary sources
61
62 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
63 fix digest
64
65 *hardened-sources-2.6.14-r8 (20 Apr 2006)
66
67 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
68 +hardened-sources-2.6.14-r8.ebuild:
69 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
70
71 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
72 Turning on gpg-signing again, and recomitting
73
74 *hardened-sources-2.6.16-r4 (20 Apr 2006)
75
76 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
77 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
78 +hardened-sources-2.6.16-r4.ebuild:
79 Fix numerous security vulns
80
81 *hardened-sources-2.4.32-r3 (16 Apr 2006)
82
83 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
84 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
85 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
86 - security bump for bug #112791. Removed old ebuilds
87
88 *hardened-sources-2.6.16-r3 (15 Apr 2006)
89
90 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
91 +hardened-sources-2.6.16-r3.ebuild:
92 Removing silly localversion which I missed
93
94 *hardened-sources-2.6.14-r7 (14 Apr 2006)
95
96 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
97 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
98 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
99
100 *hardened-sources-2.6.16-r2 (13 Apr 2006)
101
102 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
103 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
104 +hardened-sources-2.6.16-r2.ebuild:
105 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
106 labels, dropping USERGROUP define fixes, since these were merged mainstream.
107
108 *hardened-sources-2.6.16-r1 (11 Apr 2006)
109
110 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
111 +hardened-sources-2.6.16-r1.ebuild:
112 Bumping to include ppc build fix and 2.6.16.3
113
114 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
115 hardened-sources-2.6.14-r6.ebuild:
116 Stable on x86; bug #127718
117
118 *hardened-sources-2.6.16 (31 Mar 2006)
119
120 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
121 +hardened-sources-2.6.16.ebuild:
122 Bumping to new version of grsec, and kernel base. New squashfs. Based on
123 2.6.16.1
124
125 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
126 hardened-sources-2.6.14-r6.ebuild:
127 Stable on amd64, bug 127718.
128
129 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
130 Stable on ppc. Bug #127718
131
132 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
133 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
134 -hardened-sources-2.6.14-r4.ebuild:
135 Cleanup.
136
137 *hardened-sources-2.6.14-r6 (15 Mar 2006)
138
139 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
140 +hardened-sources-2.6.14-r6.ebuild:
141 Fixes grsec policy recreation bug and adds a
142 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
143
144 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
145 - stable on x86
146
147 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
148 hardened-sources-2.6.14-r5.ebuild:
149 Stable on ppc.
150
151 *hardened-sources-2.6.14-r5 (01 Feb 2006)
152
153 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
154 +hardened-sources-2.6.14-r5.ebuild:
155 fixing every known exploit
156
157 *hardened-sources-2.4.32-r2 (26 Jan 2006)
158
159 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
160 +hardened-sources-2.4.32-r2.ebuild:
161 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
162
163 *hardened-sources-2.6.14-r4 (12 Jan 2006)
164
165 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
166 - version bump for new genpatches which fix up a few sec holes
167
168 *hardened-sources-2.4.32-r1 (05 Jan 2006)
169
170 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
171 - revision bump to add misc vital linux kernel security patches.
172
173 *hardened-sources-2.6.14-r3 (30 Dec 2005)
174
175 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
176 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
177 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
178
179 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
180 hardened-sources-2.6.14-r2.ebuild:
181 making x86 & amd64 stable following testing.
182
183 *hardened-sources-2.6.14-r2 (27 Dec 2005)
184
185 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
186 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
187 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
188 network hooks.
189
190 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
191 hardened-sources-2.6.14-r1.ebuild:
192 bumping to stable early for sec fix on x86 & amd64
193
194 *hardened-sources-2.6.14-r1 (05 Dec 2005)
195
196 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
197 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
198 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
199
200 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
201 - stable on x86 security bug #114227 CAN-2005-3257
202
203 *hardened-sources-2.4.32 (19 Nov 2005)
204
205 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
206 +hardened-sources-2.4.32.ebuild:
207 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
208 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
209 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
210 rsbac >> /etc/portage/package.use)
211
212 *hardened-sources-2.6.14 (14 Nov 2005)
213
214 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
215 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
216 Bumping 2.6 series to 2.6.14.2
217
218 *hardened-sources-2.6.13-r2 (20 Oct 2005)
219
220 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
221 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
222 +hardened-sources-2.6.13-r2.ebuild:
223 Fixes minor build error in ppc.
224
225 *hardened-sources-2.6.13-r1 (17 Oct 2005)
226
227 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
228 +hardened-sources-2.6.13-r1.ebuild:
229 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
230 2.6.13.4, fixes some major amd64 stability problems.
231
232 *hardened-sources-2.6.13 (16 Sep 2005)
233
234 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
235 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
236 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
237 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
238 users should test this thoroughly.
239
240 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
241 - stable on x86
242
243 *hardened-sources-2.6.11-r15 (27 Jun 2005)
244
245 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
246 +hardened-sources-2.6.11-r15.ebuild:
247 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
248 grsec redefining curr_ip struct.
249
250 *hardened-sources-2.4.31 (20 Jun 2005)
251
252 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
253 initial import of 2.4.31 tree
254
255 *hardened-sources-2.6.11-r14 (14 Jun 2005)
256
257 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
258 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
259 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
260 naming scheme to abide by genpatches
261
262 *hardened-sources-2.6.11-r13 (18 May 2005)
263
264 18 May 2005; John Mylchreest <johnm@gentoo.org>
265 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
266 Managed to mangle the Makefile patch from grsec, to miss out the grsec
267 target. sorry about that. Fixes bug #93022
268
269 *hardened-sources-2.6.11-r12 (17 May 2005)
270
271 17 May 2005; John Mylchreest <johnm@gentoo.org>
272 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
273 +hardened-sources-2.6.11-r12.ebuild:
274 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
275 merges in genpatches-base
276
277 *hardened-sources-2.6.11-r12 (17 May 2005)
278
279 17 May 2005; John Mylchreest <johnm@gentoo.org>
280 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
281 +hardened-sources-2.6.11-r12.ebuild:
282 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
283 merges in genpatches-base
284
285 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
286 -files/2.4.27-cmdline-race.patch,
287 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
288 -files/2.4.28-grsec-binfmt_a.out.patch,
289 -files/2.4.28-grsec-cmdline-race.patch,
290 -files/2.4.28-selinux-binfmt_a.out.patch,
291 -files/2.4.28-selinux-cmdline-race.patch,
292 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
293 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
294 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
295 cleanup..
296
297 *hardened-sources-2.4.30-r1 (21 Apr 2005)
298
299 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
300 - disable aout by default
301
302 *hardened-sources-2.4.30 (18 Apr 2005)
303
304 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
305 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
306 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
307 use
308
309 *hardened-sources-2.4.29 (30 Mar 2005)
310
311 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
312 +hardened-sources-2.4.29.ebuild:
313 New hardened-patches-2.4-29.0 patchball.
314 Removed SELinux support, upgraded GRSecurity to 2.1.4.
315
316 *hardened-sources-2.4.28-r5 (06 Mar 2005)
317
318 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
319 +hardened-sources-2.4.28-r5.ebuild:
320 Added a fix for a PaX vulnerability.
321
322 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
323 hardened-sources-2.4.28-r4.ebuild:
324 Stable on x86
325
326 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
327 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
328 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
329 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
330 - fixed/added RDEPEND= in all kernel-2 ebuilds
331
332 *hardened-sources-2.4.28-r4 (21 Jan 2005)
333
334 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
335 +hardened-sources-2.4.28-r4.ebuild:
336 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
337 backport of neighbour hash updates.
338
339 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
340 hardened-sources-2.4.28-r3.ebuild:
341 Stable on x86
342
343 *hardened-sources-2.6.10-r3 (20 Jan 2005)
344
345 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
346 +hardened-sources-2.6.10-r3.ebuild:
347 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
348 in 2005.0
349
350 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
351 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
352 hardened-sources-2.4.28-r2.ebuild:
353 Mark stable on x86
354
355 *hardened-sources-2.4.28-r3 (17 Jan 2005)
356
357 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
358 +hardened-sources-2.4.28-r3.ebuild:
359 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
360
361 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
362 hardened-sources-2.4.28.ebuild:
363 Mark stable on x86.
364
365 *hardened-sources-2.4.28-r2 (13 Jan 2005)
366
367 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
368 +hardened-sources-2.4.28-r2.ebuild:
369 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
370 Mazinger for grsecurity patches as well.
371
372 *hardened-sources-2.4.28-r1 (23 Dec 2004)
373
374 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
375 Security bump. Thank tocharian for rolling a new patchset...
376
377 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
378 +files/2.4.28-grsec-cmdline-race.patch,
379 +files/2.4.28-selinux-binfmt_a.out.patch,
380 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
381 - Round up remaining security patches that appear to be missing in 2.4.28. -
382 PaX standalone updated to current. hgpv=28.1
383
384 *hardened-sources-2.4.28 (28 Nov 2004)
385
386 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
387 security bump. Thank tocharian for rolling a new patchset
388
389 *hardened-sources-2.4.27-r3 (08 Sep 2004)
390
391 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
392 +hardened-sources-2.4.27-r3.ebuild:
393 Applies the new 2.4-27.2 patchball which updates
394 GRSecurity to the 2.0.1 version.
395
396 *hardened-sources-2.4.27-r2 (31 Aug 2004)
397
398 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
399 +hardened-sources-2.4.27-r2.ebuild:
400 Version bump.
401 This version uses the new 2.4-27.1 patchball which updates
402 both the SELinux PaX hooks patch and the SELinux headers.
403
404 *hardened-sources-2.4.27-r1 (09 Aug 2004)
405
406 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
407 +hardened-sources-2.4.27-r1.ebuild,
408 -hardened-sources-2.4.27.ebuild,
409 +files/2.4.27-cmdline-race.patch:
410 Version bump, fix for cmdline race. See bug #59905.
411
412 *hardened-sources-2.4.26-r6 (09 Aug 2004)
413
414 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
415 +hardened-sources-2.4.26-r6.ebuild,
416 -hardened-sources-2.4.26-r5.ebuild,
417 -hardened-sources-2.4.26-r4.ebuild,
418 +files/2.4.26-cmdline-race.patch:
419 Version bump, fix for cmdline race. See bug #59905.
420
421 *hardened-sources-2.4.27 (08 Aug 2004)
422
423 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
424 +hardened-sources-2.4.27.ebuild,
425 +files/2.4.27-CAN-2004-0394.patch:
426 Ported the patchball to the 2.4.27 kernel version.
427
428 *hardened-sources-2.4.26-r5 (07 Aug 2004)
429
430 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
431 +hardened-sources-2.4.26-r5.ebuild:
432 Updated to use the new hardened-patches-2.4-26.1 patchball.
433 It adds the following features:
434 - Squashfs
435 - Ebtables
436 - Netdev random (core+drivers)
437 - Watchdog Timer (WDT) fix.
438
439 *hardened-sources-2.4.26-r4 (04 Aug 2004)
440
441 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
442 +hardened-sources-2.4.26-r4.ebuild,
443 +files/2.4.26-CAN-2004-0415.patch,
444 -hardened-sources-2.4.26-3:
445 Version bump, fix for CAN 0415, see bug #59378.
446
447 *hardened-sources-2.4.26-r3 (22 Jul 2004)
448
449 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
450 +hardened-sources-2.4.26-r3.ebuild,
451 +files/2.4.26-CAN-2004-0497.patch,
452 -hardened-sources-2.4.26-r2.ebuild:
453 Version bump, fixed CAN 0497, see bug #56171.
454
455 *hardened-sources-2.4.26-r2 (29 Jun 2004)
456
457 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
458 +hardened-sources-2.4.26-r2.ebuild,
459 +files/2.4.26-CAN-2004-0495.patch,
460 +files/2.4.26-CAN-2004-0535.patch,
461 -hardened-sources-2.4.26-r1.ebuild:
462 Fixes for both CAN 0495 and 0535, see bug #54976
463
464 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
465 hardened-sources-2.4.26-r1.ebuild:
466 QA - fix use invocation
467
468 *hardened-sources-2.4.26-r1 (22 June 2004)
469
470 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
471 +hardened-sources-2.4.26-r1.ebuild,
472 +files/2.4.26-CAN-2004-0394.patch,
473 +files/2.4.26-signal-race.patch,
474 -hardened-sources-2.4.26.ebuild,
475 -hardened-sources-2.4.24-r3.ebuild:
476 Version bump for the CAN-2004-0394 issue and bug #53804
477 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
478
479
480 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
481 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
482 Masked hardened-sources-2.4.26.ebuild broken for ppc
483
484 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
485 hardened-sources-2.4.24-r3.ebuild:
486 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
487
488 *hardened-sources-2.4.26 (29 May 2004)
489
490 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
491 +hardened-sources-2.4.26.ebuild:
492 Updated hardened-sources for the 2.4.26 kernel
493 Removed broken components, updated almost everything.
494
495 *hardened-sources-2.4.24-r3 (17 Apr 2004)
496
497 17 Apr 2004; <plasmaroo@gentoo.org>
498 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
499 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
500 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
501 +hardened-sources-2.4.24-r3.ebuild:
502 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
503 vulnerabilities. Old revisions removed.
504
505 *hardened-sources-2.4.24-r2 (15 Apr 2004)
506
507 15 Apr 2004; <plasmaroo@gentoo.org>
508 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
509 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
510 Version bump for the CAN-2004-0109 issue; bug #47881.
511
512 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
513 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
514 Add eutils to inherit.
515
516 *hardened-sources-2.4.24-r1 (19 Feb 2004)
517
518 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
519 files/hardened-sources-2.4.24.munmap.patch:
520 Added the patch for the mremap/munmap vulnerability. Bug #42024.
521
522 *hardened-sources-2.4.24 (06 Feb 2004)
523
524 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
525 hardened-sources-2.4.24.ebuild:
526 Version bump, updated most of the components.
527 This release includes the following:
528
529 - Hardened security
530 - Netfilter patch-o-matic 20031219
531 - FreeSWAN 2.04 & x509 1.4.8
532 - EVMS 2.2.2
533 - XFS 1.3.1
534 - cryptoloop jari
535 - grsecurity 2.0-rc4
536 - SELinux
537 - PaX 200402060000
538 - PaX Obscurity 200308302223
539 - Others...
540
541 Neither -ck nor systrace are included anymore.
542
543 *hardened-sources-2.4.22-r2 (05 Jan 2004)
544
545 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
546 hardened-sources-2.4.22-r2.ebuild:
547 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
548
549 *hardened-sources-2.4.22-r1 (02 Dec 2003)
550
551 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
552 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
553
554 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
555 hardened-sources-2.4.22-r1.ebuild:
556 Version bump for the 'do_brk' vulnerability.
557
558 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
559 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
560 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
561 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
562 Fix the 'do_brk' vulnerability.
563
564 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
565 hardened-sources-2.4.22.ebuild:
566 - Removed the src_install() portion for SELinux flask
567 components. These are no longer handled in the kernel
568 so this code was not necessary.
569
570 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
571 New 2.4.22 based hardened-sources thanks to
572 Phil West <p.west@computer.org>.
573
574 These sources include:
575 - New SELinux API
576 - Updated CK-base
577 - Updated GRSec
578 - Systrace
579 - SuperFreeS/WAN 1.99.8
580 - Propolice kernel build support
581 - EVMS
582 - Other various security related patches
583
584 *hardened-sources-2.4.21 (14 Sep 2003)
585
586 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
587 Updated hardened-sources based on the 2.4.21 Linux kernel.
588 This includes updates to most major components such as:
589 - ck-base-0306300059
590 - selinux-2.4-2003071106
591 - grsecurity-2.0-rc1
592 - Updated IPTables patch-o-matic
593 - Updated SuperFreeS/WAN
594
595 Thanks to Phil West <pwest@computer.org> for his work in getting this
596 updated patch set ready for the 2.4.21 based kernel.
597
598 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
599 Initial import of hardened-sources-2.4.20-r4. This revision
600 includes only a few changes, but one of these is an important
601 security fix. It is recommended all users of hardened-sources
602 upgrade to this release.
603
604 - ioperm bug fix
605 - fixed compilation failure when building without GRSec
606
607 SAL (Secure Auditing for Linux) is NOT included in this revision
608 due to time constraints, but is planned for inclusion in the near
609 future.
610
611 *hardened-sources-2.4.20-r2 (12 Jun 2003)
612
613 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
614 hardened-sources-2.4.20-r3.ebuild:
615 Add Header...
616
617 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
618 hardened-sources-2.4.20-r3.ebuild:
619 Removed warnings from ebuild. This kernel should be safe to
620 use at this point.
621
622 *hardened-sources-2.4.20-r3 (08 Jun 2003)
623
624 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
625 hardened-sources-2.4.20-r3.ebuild:
626 New revision. Includes the following changes over -r2:
627
628 - ck7-base (O(1), preempt, low latency)
629 - Super FreeS/WAN 1.99.7rc2
630 - PaX for the LSM/SELinux branch
631 - GRSecurity 2.0-pre4 (role based access control)
632 - Systrace 1.3
633 - EXT3 fixes
634 - EVMS 2.0.1
635 - GCC 3.1+ compile optimizations
636 - ProPolice kernel build support
637 - Hashing table security fixes
638
639 *hardened-sources-2.4.20-r1 (09 Apr 2003)
640
641 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
642 Initial import of hardened-sources-r2. This new
643 ebuild includes many new performance and security
644 related patches. As in -r1, it will patch in
645 LSM/SELinux if "selinux" is in USE, otherwise it
646 will patch in GRSecurity. The following patches
647 are included in this revision:
648
649 - O(1) Scheduler, Low Latency, and Preempt
650 (pulled from the base CK patch)
651 - ptrace exploit patch for the LSM kernel
652 (the GRSec patch already fixes this)
653 - LSM 2.4-2003040709
654 - SELinux 2.4-2003040709
655 - Systrace v1.2
656 - IPTables patch-o-matic base patches - 20030107
657 - CryptoAPI 2.4.20.1 w/ loop-jari patch
658 - Super FreeS/WAN 1.99.6.1
659 - GRSecurity 1.9.9g
660 - MPPE
661 - EXT3 data journal fix
662 - CIPE 1.5.4
663
664 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
665 hardened-sources-2.4.20-r1.ebuild, manifest:
666 Updated to install flask components correctly for selinux.
667
668 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
669 hardened-sources-2.4.20-r1.ebuild:
670 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
671 is patched in instead. Ptrace patches for selinux have also been added. In
672 either case, systrace support will be patched in as well.
673
674 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
675 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
676 Revision bump for new sources.
677
678 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
679 hardened-sources-2.4.20-r1.ebuild:
680 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
681
682 *hardened-sources-2.4.20 (30 Mar 2003)
683
684 30 Mar 2003; Joshua Brindle <method@gentoo.org>
685 hardened-sources-2.4.20.ebuild:
686 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20