/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.104 - (show annotations) (download)
Mon Jul 3 17:25:56 2006 UTC (8 years, 1 month ago) by johnm
Branch: MAIN
Changes since 1.103: +7 -1 lines
bump to latest -base
(Portage version: 2.1.1_pre2-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.103 2006/06/30 23:40:58 solar Exp $
4
5 *hardened-sources-2.6.16-r9 (03 Jul 2006)
6
7 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
8 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
9 hardened-sources-2.6.16 bump to latest -base.
10
11 *hardened-sources-2.4.32-r6 (30 Jun 2006)
12
13 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
14 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
15 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
16 sysctl controlable resource logging
17
18 *hardened-sources-2.6.16-r7 (05 Jun 2006)
19
20 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
21 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
22 push new 2.6.16 release in preparation for stable
23
24 22 May 2006; <solar@gentoo.org> :
25 - redigest bug 134002
26
27 *hardened-sources-2.4.32-r5 (16 May 2006)
28
29 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
30 +hardened-sources-2.4.32-r5.ebuild:
31 Fixes rsbac common patching (new patch in new -r5 patchset)
32
33 *hardened-sources-2.4.32-r4 (13 May 2006)
34
35 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
36 +hardened-sources-2.4.32-r4.ebuild:
37 - security bumps
38
39 *hardened-sources-2.6.16-r6 (03 May 2006)
40
41 03 May 2006; John Mylchreest <johnm@gentoo.org>
42 +hardened-sources-2.6.16-r6.ebuild:
43 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
44
45 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
46 hardened-sources-2.6.14-r8.ebuild:
47 fix x86_64 build problem, this will delay the digest issue again for a short
48 while but it will sort itself out
49
50 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
51 hardened-sources-2.6.14-r8.ebuild:
52 bump hardened patchset
53
54 27 Apr 2006; Alec Warner <antarus@gentoo.org>
55 files/digest-hardened-sources-2.4.32-r2,
56 files/digest-hardened-sources-2.4.32-r3,
57 files/digest-hardened-sources-2.6.14-r8, Manifest:
58 Fixing duff SHA256 digests: Bug # 131293
59
60 *hardened-sources-2.6.16-r5 (27 Apr 2006)
61
62 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
63 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
64 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
65 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
66 cleanup of old uneccessary sources
67
68 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
69 fix digest
70
71 *hardened-sources-2.6.14-r8 (20 Apr 2006)
72
73 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
74 +hardened-sources-2.6.14-r8.ebuild:
75 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
76
77 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
78 Turning on gpg-signing again, and recomitting
79
80 *hardened-sources-2.6.16-r4 (20 Apr 2006)
81
82 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
83 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
84 +hardened-sources-2.6.16-r4.ebuild:
85 Fix numerous security vulns
86
87 *hardened-sources-2.4.32-r3 (16 Apr 2006)
88
89 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
90 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
91 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
92 - security bump for bug #112791. Removed old ebuilds
93
94 *hardened-sources-2.6.16-r3 (15 Apr 2006)
95
96 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
97 +hardened-sources-2.6.16-r3.ebuild:
98 Removing silly localversion which I missed
99
100 *hardened-sources-2.6.14-r7 (14 Apr 2006)
101
102 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
103 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
104 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
105
106 *hardened-sources-2.6.16-r2 (13 Apr 2006)
107
108 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
109 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
110 +hardened-sources-2.6.16-r2.ebuild:
111 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
112 labels, dropping USERGROUP define fixes, since these were merged mainstream.
113
114 *hardened-sources-2.6.16-r1 (11 Apr 2006)
115
116 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
117 +hardened-sources-2.6.16-r1.ebuild:
118 Bumping to include ppc build fix and 2.6.16.3
119
120 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
121 hardened-sources-2.6.14-r6.ebuild:
122 Stable on x86; bug #127718
123
124 *hardened-sources-2.6.16 (31 Mar 2006)
125
126 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
127 +hardened-sources-2.6.16.ebuild:
128 Bumping to new version of grsec, and kernel base. New squashfs. Based on
129 2.6.16.1
130
131 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
132 hardened-sources-2.6.14-r6.ebuild:
133 Stable on amd64, bug 127718.
134
135 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
136 Stable on ppc. Bug #127718
137
138 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
139 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
140 -hardened-sources-2.6.14-r4.ebuild:
141 Cleanup.
142
143 *hardened-sources-2.6.14-r6 (15 Mar 2006)
144
145 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
146 +hardened-sources-2.6.14-r6.ebuild:
147 Fixes grsec policy recreation bug and adds a
148 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
149
150 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
151 - stable on x86
152
153 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
154 hardened-sources-2.6.14-r5.ebuild:
155 Stable on ppc.
156
157 *hardened-sources-2.6.14-r5 (01 Feb 2006)
158
159 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
160 +hardened-sources-2.6.14-r5.ebuild:
161 fixing every known exploit
162
163 *hardened-sources-2.4.32-r2 (26 Jan 2006)
164
165 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
166 +hardened-sources-2.4.32-r2.ebuild:
167 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
168
169 *hardened-sources-2.6.14-r4 (12 Jan 2006)
170
171 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
172 - version bump for new genpatches which fix up a few sec holes
173
174 *hardened-sources-2.4.32-r1 (05 Jan 2006)
175
176 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
177 - revision bump to add misc vital linux kernel security patches.
178
179 *hardened-sources-2.6.14-r3 (30 Dec 2005)
180
181 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
182 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
183 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
184
185 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
186 hardened-sources-2.6.14-r2.ebuild:
187 making x86 & amd64 stable following testing.
188
189 *hardened-sources-2.6.14-r2 (27 Dec 2005)
190
191 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
192 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
193 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
194 network hooks.
195
196 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
197 hardened-sources-2.6.14-r1.ebuild:
198 bumping to stable early for sec fix on x86 & amd64
199
200 *hardened-sources-2.6.14-r1 (05 Dec 2005)
201
202 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
203 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
204 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
205
206 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
207 - stable on x86 security bug #114227 CAN-2005-3257
208
209 *hardened-sources-2.4.32 (19 Nov 2005)
210
211 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
212 +hardened-sources-2.4.32.ebuild:
213 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
214 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
215 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
216 rsbac >> /etc/portage/package.use)
217
218 *hardened-sources-2.6.14 (14 Nov 2005)
219
220 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
221 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
222 Bumping 2.6 series to 2.6.14.2
223
224 *hardened-sources-2.6.13-r2 (20 Oct 2005)
225
226 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
227 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
228 +hardened-sources-2.6.13-r2.ebuild:
229 Fixes minor build error in ppc.
230
231 *hardened-sources-2.6.13-r1 (17 Oct 2005)
232
233 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
234 +hardened-sources-2.6.13-r1.ebuild:
235 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
236 2.6.13.4, fixes some major amd64 stability problems.
237
238 *hardened-sources-2.6.13 (16 Sep 2005)
239
240 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
241 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
242 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
243 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
244 users should test this thoroughly.
245
246 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
247 - stable on x86
248
249 *hardened-sources-2.6.11-r15 (27 Jun 2005)
250
251 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
252 +hardened-sources-2.6.11-r15.ebuild:
253 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
254 grsec redefining curr_ip struct.
255
256 *hardened-sources-2.4.31 (20 Jun 2005)
257
258 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
259 initial import of 2.4.31 tree
260
261 *hardened-sources-2.6.11-r14 (14 Jun 2005)
262
263 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
264 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
265 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
266 naming scheme to abide by genpatches
267
268 *hardened-sources-2.6.11-r13 (18 May 2005)
269
270 18 May 2005; John Mylchreest <johnm@gentoo.org>
271 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
272 Managed to mangle the Makefile patch from grsec, to miss out the grsec
273 target. sorry about that. Fixes bug #93022
274
275 *hardened-sources-2.6.11-r12 (17 May 2005)
276
277 17 May 2005; John Mylchreest <johnm@gentoo.org>
278 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
279 +hardened-sources-2.6.11-r12.ebuild:
280 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
281 merges in genpatches-base
282
283 *hardened-sources-2.6.11-r12 (17 May 2005)
284
285 17 May 2005; John Mylchreest <johnm@gentoo.org>
286 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
287 +hardened-sources-2.6.11-r12.ebuild:
288 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
289 merges in genpatches-base
290
291 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
292 -files/2.4.27-cmdline-race.patch,
293 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
294 -files/2.4.28-grsec-binfmt_a.out.patch,
295 -files/2.4.28-grsec-cmdline-race.patch,
296 -files/2.4.28-selinux-binfmt_a.out.patch,
297 -files/2.4.28-selinux-cmdline-race.patch,
298 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
299 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
300 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
301 cleanup..
302
303 *hardened-sources-2.4.30-r1 (21 Apr 2005)
304
305 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
306 - disable aout by default
307
308 *hardened-sources-2.4.30 (18 Apr 2005)
309
310 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
311 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
312 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
313 use
314
315 *hardened-sources-2.4.29 (30 Mar 2005)
316
317 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
318 +hardened-sources-2.4.29.ebuild:
319 New hardened-patches-2.4-29.0 patchball.
320 Removed SELinux support, upgraded GRSecurity to 2.1.4.
321
322 *hardened-sources-2.4.28-r5 (06 Mar 2005)
323
324 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
325 +hardened-sources-2.4.28-r5.ebuild:
326 Added a fix for a PaX vulnerability.
327
328 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
329 hardened-sources-2.4.28-r4.ebuild:
330 Stable on x86
331
332 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
333 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
334 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
335 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
336 - fixed/added RDEPEND= in all kernel-2 ebuilds
337
338 *hardened-sources-2.4.28-r4 (21 Jan 2005)
339
340 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
341 +hardened-sources-2.4.28-r4.ebuild:
342 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
343 backport of neighbour hash updates.
344
345 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
346 hardened-sources-2.4.28-r3.ebuild:
347 Stable on x86
348
349 *hardened-sources-2.6.10-r3 (20 Jan 2005)
350
351 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
352 +hardened-sources-2.6.10-r3.ebuild:
353 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
354 in 2005.0
355
356 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
357 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
358 hardened-sources-2.4.28-r2.ebuild:
359 Mark stable on x86
360
361 *hardened-sources-2.4.28-r3 (17 Jan 2005)
362
363 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
364 +hardened-sources-2.4.28-r3.ebuild:
365 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
366
367 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
368 hardened-sources-2.4.28.ebuild:
369 Mark stable on x86.
370
371 *hardened-sources-2.4.28-r2 (13 Jan 2005)
372
373 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
374 +hardened-sources-2.4.28-r2.ebuild:
375 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
376 Mazinger for grsecurity patches as well.
377
378 *hardened-sources-2.4.28-r1 (23 Dec 2004)
379
380 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
381 Security bump. Thank tocharian for rolling a new patchset...
382
383 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
384 +files/2.4.28-grsec-cmdline-race.patch,
385 +files/2.4.28-selinux-binfmt_a.out.patch,
386 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
387 - Round up remaining security patches that appear to be missing in 2.4.28. -
388 PaX standalone updated to current. hgpv=28.1
389
390 *hardened-sources-2.4.28 (28 Nov 2004)
391
392 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
393 security bump. Thank tocharian for rolling a new patchset
394
395 *hardened-sources-2.4.27-r3 (08 Sep 2004)
396
397 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
398 +hardened-sources-2.4.27-r3.ebuild:
399 Applies the new 2.4-27.2 patchball which updates
400 GRSecurity to the 2.0.1 version.
401
402 *hardened-sources-2.4.27-r2 (31 Aug 2004)
403
404 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
405 +hardened-sources-2.4.27-r2.ebuild:
406 Version bump.
407 This version uses the new 2.4-27.1 patchball which updates
408 both the SELinux PaX hooks patch and the SELinux headers.
409
410 *hardened-sources-2.4.27-r1 (09 Aug 2004)
411
412 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
413 +hardened-sources-2.4.27-r1.ebuild,
414 -hardened-sources-2.4.27.ebuild,
415 +files/2.4.27-cmdline-race.patch:
416 Version bump, fix for cmdline race. See bug #59905.
417
418 *hardened-sources-2.4.26-r6 (09 Aug 2004)
419
420 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
421 +hardened-sources-2.4.26-r6.ebuild,
422 -hardened-sources-2.4.26-r5.ebuild,
423 -hardened-sources-2.4.26-r4.ebuild,
424 +files/2.4.26-cmdline-race.patch:
425 Version bump, fix for cmdline race. See bug #59905.
426
427 *hardened-sources-2.4.27 (08 Aug 2004)
428
429 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
430 +hardened-sources-2.4.27.ebuild,
431 +files/2.4.27-CAN-2004-0394.patch:
432 Ported the patchball to the 2.4.27 kernel version.
433
434 *hardened-sources-2.4.26-r5 (07 Aug 2004)
435
436 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
437 +hardened-sources-2.4.26-r5.ebuild:
438 Updated to use the new hardened-patches-2.4-26.1 patchball.
439 It adds the following features:
440 - Squashfs
441 - Ebtables
442 - Netdev random (core+drivers)
443 - Watchdog Timer (WDT) fix.
444
445 *hardened-sources-2.4.26-r4 (04 Aug 2004)
446
447 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
448 +hardened-sources-2.4.26-r4.ebuild,
449 +files/2.4.26-CAN-2004-0415.patch,
450 -hardened-sources-2.4.26-3:
451 Version bump, fix for CAN 0415, see bug #59378.
452
453 *hardened-sources-2.4.26-r3 (22 Jul 2004)
454
455 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
456 +hardened-sources-2.4.26-r3.ebuild,
457 +files/2.4.26-CAN-2004-0497.patch,
458 -hardened-sources-2.4.26-r2.ebuild:
459 Version bump, fixed CAN 0497, see bug #56171.
460
461 *hardened-sources-2.4.26-r2 (29 Jun 2004)
462
463 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
464 +hardened-sources-2.4.26-r2.ebuild,
465 +files/2.4.26-CAN-2004-0495.patch,
466 +files/2.4.26-CAN-2004-0535.patch,
467 -hardened-sources-2.4.26-r1.ebuild:
468 Fixes for both CAN 0495 and 0535, see bug #54976
469
470 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
471 hardened-sources-2.4.26-r1.ebuild:
472 QA - fix use invocation
473
474 *hardened-sources-2.4.26-r1 (22 June 2004)
475
476 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
477 +hardened-sources-2.4.26-r1.ebuild,
478 +files/2.4.26-CAN-2004-0394.patch,
479 +files/2.4.26-signal-race.patch,
480 -hardened-sources-2.4.26.ebuild,
481 -hardened-sources-2.4.24-r3.ebuild:
482 Version bump for the CAN-2004-0394 issue and bug #53804
483 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
484
485
486 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
487 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
488 Masked hardened-sources-2.4.26.ebuild broken for ppc
489
490 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
491 hardened-sources-2.4.24-r3.ebuild:
492 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
493
494 *hardened-sources-2.4.26 (29 May 2004)
495
496 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
497 +hardened-sources-2.4.26.ebuild:
498 Updated hardened-sources for the 2.4.26 kernel
499 Removed broken components, updated almost everything.
500
501 *hardened-sources-2.4.24-r3 (17 Apr 2004)
502
503 17 Apr 2004; <plasmaroo@gentoo.org>
504 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
505 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
506 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
507 +hardened-sources-2.4.24-r3.ebuild:
508 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
509 vulnerabilities. Old revisions removed.
510
511 *hardened-sources-2.4.24-r2 (15 Apr 2004)
512
513 15 Apr 2004; <plasmaroo@gentoo.org>
514 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
515 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
516 Version bump for the CAN-2004-0109 issue; bug #47881.
517
518 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
519 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
520 Add eutils to inherit.
521
522 *hardened-sources-2.4.24-r1 (19 Feb 2004)
523
524 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
525 files/hardened-sources-2.4.24.munmap.patch:
526 Added the patch for the mremap/munmap vulnerability. Bug #42024.
527
528 *hardened-sources-2.4.24 (06 Feb 2004)
529
530 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
531 hardened-sources-2.4.24.ebuild:
532 Version bump, updated most of the components.
533 This release includes the following:
534
535 - Hardened security
536 - Netfilter patch-o-matic 20031219
537 - FreeSWAN 2.04 & x509 1.4.8
538 - EVMS 2.2.2
539 - XFS 1.3.1
540 - cryptoloop jari
541 - grsecurity 2.0-rc4
542 - SELinux
543 - PaX 200402060000
544 - PaX Obscurity 200308302223
545 - Others...
546
547 Neither -ck nor systrace are included anymore.
548
549 *hardened-sources-2.4.22-r2 (05 Jan 2004)
550
551 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
552 hardened-sources-2.4.22-r2.ebuild:
553 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
554
555 *hardened-sources-2.4.22-r1 (02 Dec 2003)
556
557 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
558 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
559
560 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
561 hardened-sources-2.4.22-r1.ebuild:
562 Version bump for the 'do_brk' vulnerability.
563
564 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
565 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
566 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
567 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
568 Fix the 'do_brk' vulnerability.
569
570 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
571 hardened-sources-2.4.22.ebuild:
572 - Removed the src_install() portion for SELinux flask
573 components. These are no longer handled in the kernel
574 so this code was not necessary.
575
576 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
577 New 2.4.22 based hardened-sources thanks to
578 Phil West <p.west@computer.org>.
579
580 These sources include:
581 - New SELinux API
582 - Updated CK-base
583 - Updated GRSec
584 - Systrace
585 - SuperFreeS/WAN 1.99.8
586 - Propolice kernel build support
587 - EVMS
588 - Other various security related patches
589
590 *hardened-sources-2.4.21 (14 Sep 2003)
591
592 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
593 Updated hardened-sources based on the 2.4.21 Linux kernel.
594 This includes updates to most major components such as:
595 - ck-base-0306300059
596 - selinux-2.4-2003071106
597 - grsecurity-2.0-rc1
598 - Updated IPTables patch-o-matic
599 - Updated SuperFreeS/WAN
600
601 Thanks to Phil West <pwest@computer.org> for his work in getting this
602 updated patch set ready for the 2.4.21 based kernel.
603
604 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
605 Initial import of hardened-sources-2.4.20-r4. This revision
606 includes only a few changes, but one of these is an important
607 security fix. It is recommended all users of hardened-sources
608 upgrade to this release.
609
610 - ioperm bug fix
611 - fixed compilation failure when building without GRSec
612
613 SAL (Secure Auditing for Linux) is NOT included in this revision
614 due to time constraints, but is planned for inclusion in the near
615 future.
616
617 *hardened-sources-2.4.20-r2 (12 Jun 2003)
618
619 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
620 hardened-sources-2.4.20-r3.ebuild:
621 Add Header...
622
623 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
624 hardened-sources-2.4.20-r3.ebuild:
625 Removed warnings from ebuild. This kernel should be safe to
626 use at this point.
627
628 *hardened-sources-2.4.20-r3 (08 Jun 2003)
629
630 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
631 hardened-sources-2.4.20-r3.ebuild:
632 New revision. Includes the following changes over -r2:
633
634 - ck7-base (O(1), preempt, low latency)
635 - Super FreeS/WAN 1.99.7rc2
636 - PaX for the LSM/SELinux branch
637 - GRSecurity 2.0-pre4 (role based access control)
638 - Systrace 1.3
639 - EXT3 fixes
640 - EVMS 2.0.1
641 - GCC 3.1+ compile optimizations
642 - ProPolice kernel build support
643 - Hashing table security fixes
644
645 *hardened-sources-2.4.20-r1 (09 Apr 2003)
646
647 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
648 Initial import of hardened-sources-r2. This new
649 ebuild includes many new performance and security
650 related patches. As in -r1, it will patch in
651 LSM/SELinux if "selinux" is in USE, otherwise it
652 will patch in GRSecurity. The following patches
653 are included in this revision:
654
655 - O(1) Scheduler, Low Latency, and Preempt
656 (pulled from the base CK patch)
657 - ptrace exploit patch for the LSM kernel
658 (the GRSec patch already fixes this)
659 - LSM 2.4-2003040709
660 - SELinux 2.4-2003040709
661 - Systrace v1.2
662 - IPTables patch-o-matic base patches - 20030107
663 - CryptoAPI 2.4.20.1 w/ loop-jari patch
664 - Super FreeS/WAN 1.99.6.1
665 - GRSecurity 1.9.9g
666 - MPPE
667 - EXT3 data journal fix
668 - CIPE 1.5.4
669
670 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
671 hardened-sources-2.4.20-r1.ebuild, manifest:
672 Updated to install flask components correctly for selinux.
673
674 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
675 hardened-sources-2.4.20-r1.ebuild:
676 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
677 is patched in instead. Ptrace patches for selinux have also been added. In
678 either case, systrace support will be patched in as well.
679
680 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
681 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
682 Revision bump for new sources.
683
684 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
685 hardened-sources-2.4.20-r1.ebuild:
686 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
687
688 *hardened-sources-2.4.20 (30 Mar 2003)
689
690 30 Mar 2003; Joshua Brindle <method@gentoo.org>
691 hardened-sources-2.4.20.ebuild:
692 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20