/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.105 - (show annotations) (download)
Tue Jul 11 10:50:41 2006 UTC (8 years, 2 months ago) by kang
Branch: MAIN
Changes since 1.104: +7 -1 lines
Bump PaX for RSBAC to test-17
(Portage version: 2.1.1_pre2-r6)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.104 2006/07/03 17:25:56 johnm Exp $
4
5 *hardened-sources-2.4.32-r7 (10 Jul 2006)
6
7 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
8 +hardened-sources-2.4.32-r7.ebuild:
9 Bump PaX for RSBAC to test-17
10
11 *hardened-sources-2.6.16-r9 (03 Jul 2006)
12
13 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
14 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
15 hardened-sources-2.6.16 bump to latest -base.
16
17 *hardened-sources-2.4.32-r6 (30 Jun 2006)
18
19 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
20 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
21 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
22 sysctl controlable resource logging
23
24 *hardened-sources-2.6.16-r7 (05 Jun 2006)
25
26 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
27 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
28 push new 2.6.16 release in preparation for stable
29
30 22 May 2006; <solar@gentoo.org> :
31 - redigest bug 134002
32
33 *hardened-sources-2.4.32-r5 (16 May 2006)
34
35 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
36 +hardened-sources-2.4.32-r5.ebuild:
37 Fixes rsbac common patching (new patch in new -r5 patchset)
38
39 *hardened-sources-2.4.32-r4 (13 May 2006)
40
41 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
42 +hardened-sources-2.4.32-r4.ebuild:
43 - security bumps
44
45 *hardened-sources-2.6.16-r6 (03 May 2006)
46
47 03 May 2006; John Mylchreest <johnm@gentoo.org>
48 +hardened-sources-2.6.16-r6.ebuild:
49 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
50
51 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
52 hardened-sources-2.6.14-r8.ebuild:
53 fix x86_64 build problem, this will delay the digest issue again for a short
54 while but it will sort itself out
55
56 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
57 hardened-sources-2.6.14-r8.ebuild:
58 bump hardened patchset
59
60 27 Apr 2006; Alec Warner <antarus@gentoo.org>
61 files/digest-hardened-sources-2.4.32-r2,
62 files/digest-hardened-sources-2.4.32-r3,
63 files/digest-hardened-sources-2.6.14-r8, Manifest:
64 Fixing duff SHA256 digests: Bug # 131293
65
66 *hardened-sources-2.6.16-r5 (27 Apr 2006)
67
68 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
69 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
70 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
71 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
72 cleanup of old uneccessary sources
73
74 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
75 fix digest
76
77 *hardened-sources-2.6.14-r8 (20 Apr 2006)
78
79 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
80 +hardened-sources-2.6.14-r8.ebuild:
81 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
82
83 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
84 Turning on gpg-signing again, and recomitting
85
86 *hardened-sources-2.6.16-r4 (20 Apr 2006)
87
88 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
89 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
90 +hardened-sources-2.6.16-r4.ebuild:
91 Fix numerous security vulns
92
93 *hardened-sources-2.4.32-r3 (16 Apr 2006)
94
95 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
96 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
97 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
98 - security bump for bug #112791. Removed old ebuilds
99
100 *hardened-sources-2.6.16-r3 (15 Apr 2006)
101
102 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
103 +hardened-sources-2.6.16-r3.ebuild:
104 Removing silly localversion which I missed
105
106 *hardened-sources-2.6.14-r7 (14 Apr 2006)
107
108 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
109 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
110 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
111
112 *hardened-sources-2.6.16-r2 (13 Apr 2006)
113
114 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
115 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
116 +hardened-sources-2.6.16-r2.ebuild:
117 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
118 labels, dropping USERGROUP define fixes, since these were merged mainstream.
119
120 *hardened-sources-2.6.16-r1 (11 Apr 2006)
121
122 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
123 +hardened-sources-2.6.16-r1.ebuild:
124 Bumping to include ppc build fix and 2.6.16.3
125
126 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
127 hardened-sources-2.6.14-r6.ebuild:
128 Stable on x86; bug #127718
129
130 *hardened-sources-2.6.16 (31 Mar 2006)
131
132 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
133 +hardened-sources-2.6.16.ebuild:
134 Bumping to new version of grsec, and kernel base. New squashfs. Based on
135 2.6.16.1
136
137 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
138 hardened-sources-2.6.14-r6.ebuild:
139 Stable on amd64, bug 127718.
140
141 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
142 Stable on ppc. Bug #127718
143
144 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
145 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
146 -hardened-sources-2.6.14-r4.ebuild:
147 Cleanup.
148
149 *hardened-sources-2.6.14-r6 (15 Mar 2006)
150
151 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
152 +hardened-sources-2.6.14-r6.ebuild:
153 Fixes grsec policy recreation bug and adds a
154 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
155
156 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
157 - stable on x86
158
159 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
160 hardened-sources-2.6.14-r5.ebuild:
161 Stable on ppc.
162
163 *hardened-sources-2.6.14-r5 (01 Feb 2006)
164
165 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
166 +hardened-sources-2.6.14-r5.ebuild:
167 fixing every known exploit
168
169 *hardened-sources-2.4.32-r2 (26 Jan 2006)
170
171 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
172 +hardened-sources-2.4.32-r2.ebuild:
173 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
174
175 *hardened-sources-2.6.14-r4 (12 Jan 2006)
176
177 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
178 - version bump for new genpatches which fix up a few sec holes
179
180 *hardened-sources-2.4.32-r1 (05 Jan 2006)
181
182 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
183 - revision bump to add misc vital linux kernel security patches.
184
185 *hardened-sources-2.6.14-r3 (30 Dec 2005)
186
187 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
188 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
189 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
190
191 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
192 hardened-sources-2.6.14-r2.ebuild:
193 making x86 & amd64 stable following testing.
194
195 *hardened-sources-2.6.14-r2 (27 Dec 2005)
196
197 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
198 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
199 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
200 network hooks.
201
202 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
203 hardened-sources-2.6.14-r1.ebuild:
204 bumping to stable early for sec fix on x86 & amd64
205
206 *hardened-sources-2.6.14-r1 (05 Dec 2005)
207
208 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
209 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
210 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
211
212 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
213 - stable on x86 security bug #114227 CAN-2005-3257
214
215 *hardened-sources-2.4.32 (19 Nov 2005)
216
217 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
218 +hardened-sources-2.4.32.ebuild:
219 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
220 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
221 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
222 rsbac >> /etc/portage/package.use)
223
224 *hardened-sources-2.6.14 (14 Nov 2005)
225
226 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
227 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
228 Bumping 2.6 series to 2.6.14.2
229
230 *hardened-sources-2.6.13-r2 (20 Oct 2005)
231
232 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
233 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
234 +hardened-sources-2.6.13-r2.ebuild:
235 Fixes minor build error in ppc.
236
237 *hardened-sources-2.6.13-r1 (17 Oct 2005)
238
239 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
240 +hardened-sources-2.6.13-r1.ebuild:
241 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
242 2.6.13.4, fixes some major amd64 stability problems.
243
244 *hardened-sources-2.6.13 (16 Sep 2005)
245
246 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
247 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
248 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
249 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
250 users should test this thoroughly.
251
252 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
253 - stable on x86
254
255 *hardened-sources-2.6.11-r15 (27 Jun 2005)
256
257 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
258 +hardened-sources-2.6.11-r15.ebuild:
259 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
260 grsec redefining curr_ip struct.
261
262 *hardened-sources-2.4.31 (20 Jun 2005)
263
264 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
265 initial import of 2.4.31 tree
266
267 *hardened-sources-2.6.11-r14 (14 Jun 2005)
268
269 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
270 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
271 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
272 naming scheme to abide by genpatches
273
274 *hardened-sources-2.6.11-r13 (18 May 2005)
275
276 18 May 2005; John Mylchreest <johnm@gentoo.org>
277 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
278 Managed to mangle the Makefile patch from grsec, to miss out the grsec
279 target. sorry about that. Fixes bug #93022
280
281 *hardened-sources-2.6.11-r12 (17 May 2005)
282
283 17 May 2005; John Mylchreest <johnm@gentoo.org>
284 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
285 +hardened-sources-2.6.11-r12.ebuild:
286 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
287 merges in genpatches-base
288
289 *hardened-sources-2.6.11-r12 (17 May 2005)
290
291 17 May 2005; John Mylchreest <johnm@gentoo.org>
292 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
293 +hardened-sources-2.6.11-r12.ebuild:
294 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
295 merges in genpatches-base
296
297 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
298 -files/2.4.27-cmdline-race.patch,
299 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
300 -files/2.4.28-grsec-binfmt_a.out.patch,
301 -files/2.4.28-grsec-cmdline-race.patch,
302 -files/2.4.28-selinux-binfmt_a.out.patch,
303 -files/2.4.28-selinux-cmdline-race.patch,
304 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
305 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
306 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
307 cleanup..
308
309 *hardened-sources-2.4.30-r1 (21 Apr 2005)
310
311 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
312 - disable aout by default
313
314 *hardened-sources-2.4.30 (18 Apr 2005)
315
316 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
317 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
318 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
319 use
320
321 *hardened-sources-2.4.29 (30 Mar 2005)
322
323 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
324 +hardened-sources-2.4.29.ebuild:
325 New hardened-patches-2.4-29.0 patchball.
326 Removed SELinux support, upgraded GRSecurity to 2.1.4.
327
328 *hardened-sources-2.4.28-r5 (06 Mar 2005)
329
330 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
331 +hardened-sources-2.4.28-r5.ebuild:
332 Added a fix for a PaX vulnerability.
333
334 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
335 hardened-sources-2.4.28-r4.ebuild:
336 Stable on x86
337
338 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
339 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
340 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
341 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
342 - fixed/added RDEPEND= in all kernel-2 ebuilds
343
344 *hardened-sources-2.4.28-r4 (21 Jan 2005)
345
346 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
347 +hardened-sources-2.4.28-r4.ebuild:
348 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
349 backport of neighbour hash updates.
350
351 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
352 hardened-sources-2.4.28-r3.ebuild:
353 Stable on x86
354
355 *hardened-sources-2.6.10-r3 (20 Jan 2005)
356
357 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
358 +hardened-sources-2.6.10-r3.ebuild:
359 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
360 in 2005.0
361
362 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
363 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
364 hardened-sources-2.4.28-r2.ebuild:
365 Mark stable on x86
366
367 *hardened-sources-2.4.28-r3 (17 Jan 2005)
368
369 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
370 +hardened-sources-2.4.28-r3.ebuild:
371 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
372
373 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
374 hardened-sources-2.4.28.ebuild:
375 Mark stable on x86.
376
377 *hardened-sources-2.4.28-r2 (13 Jan 2005)
378
379 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
380 +hardened-sources-2.4.28-r2.ebuild:
381 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
382 Mazinger for grsecurity patches as well.
383
384 *hardened-sources-2.4.28-r1 (23 Dec 2004)
385
386 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
387 Security bump. Thank tocharian for rolling a new patchset...
388
389 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
390 +files/2.4.28-grsec-cmdline-race.patch,
391 +files/2.4.28-selinux-binfmt_a.out.patch,
392 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
393 - Round up remaining security patches that appear to be missing in 2.4.28. -
394 PaX standalone updated to current. hgpv=28.1
395
396 *hardened-sources-2.4.28 (28 Nov 2004)
397
398 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
399 security bump. Thank tocharian for rolling a new patchset
400
401 *hardened-sources-2.4.27-r3 (08 Sep 2004)
402
403 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
404 +hardened-sources-2.4.27-r3.ebuild:
405 Applies the new 2.4-27.2 patchball which updates
406 GRSecurity to the 2.0.1 version.
407
408 *hardened-sources-2.4.27-r2 (31 Aug 2004)
409
410 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
411 +hardened-sources-2.4.27-r2.ebuild:
412 Version bump.
413 This version uses the new 2.4-27.1 patchball which updates
414 both the SELinux PaX hooks patch and the SELinux headers.
415
416 *hardened-sources-2.4.27-r1 (09 Aug 2004)
417
418 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
419 +hardened-sources-2.4.27-r1.ebuild,
420 -hardened-sources-2.4.27.ebuild,
421 +files/2.4.27-cmdline-race.patch:
422 Version bump, fix for cmdline race. See bug #59905.
423
424 *hardened-sources-2.4.26-r6 (09 Aug 2004)
425
426 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
427 +hardened-sources-2.4.26-r6.ebuild,
428 -hardened-sources-2.4.26-r5.ebuild,
429 -hardened-sources-2.4.26-r4.ebuild,
430 +files/2.4.26-cmdline-race.patch:
431 Version bump, fix for cmdline race. See bug #59905.
432
433 *hardened-sources-2.4.27 (08 Aug 2004)
434
435 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
436 +hardened-sources-2.4.27.ebuild,
437 +files/2.4.27-CAN-2004-0394.patch:
438 Ported the patchball to the 2.4.27 kernel version.
439
440 *hardened-sources-2.4.26-r5 (07 Aug 2004)
441
442 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
443 +hardened-sources-2.4.26-r5.ebuild:
444 Updated to use the new hardened-patches-2.4-26.1 patchball.
445 It adds the following features:
446 - Squashfs
447 - Ebtables
448 - Netdev random (core+drivers)
449 - Watchdog Timer (WDT) fix.
450
451 *hardened-sources-2.4.26-r4 (04 Aug 2004)
452
453 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
454 +hardened-sources-2.4.26-r4.ebuild,
455 +files/2.4.26-CAN-2004-0415.patch,
456 -hardened-sources-2.4.26-3:
457 Version bump, fix for CAN 0415, see bug #59378.
458
459 *hardened-sources-2.4.26-r3 (22 Jul 2004)
460
461 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
462 +hardened-sources-2.4.26-r3.ebuild,
463 +files/2.4.26-CAN-2004-0497.patch,
464 -hardened-sources-2.4.26-r2.ebuild:
465 Version bump, fixed CAN 0497, see bug #56171.
466
467 *hardened-sources-2.4.26-r2 (29 Jun 2004)
468
469 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
470 +hardened-sources-2.4.26-r2.ebuild,
471 +files/2.4.26-CAN-2004-0495.patch,
472 +files/2.4.26-CAN-2004-0535.patch,
473 -hardened-sources-2.4.26-r1.ebuild:
474 Fixes for both CAN 0495 and 0535, see bug #54976
475
476 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
477 hardened-sources-2.4.26-r1.ebuild:
478 QA - fix use invocation
479
480 *hardened-sources-2.4.26-r1 (22 June 2004)
481
482 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
483 +hardened-sources-2.4.26-r1.ebuild,
484 +files/2.4.26-CAN-2004-0394.patch,
485 +files/2.4.26-signal-race.patch,
486 -hardened-sources-2.4.26.ebuild,
487 -hardened-sources-2.4.24-r3.ebuild:
488 Version bump for the CAN-2004-0394 issue and bug #53804
489 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
490
491
492 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
493 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
494 Masked hardened-sources-2.4.26.ebuild broken for ppc
495
496 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
497 hardened-sources-2.4.24-r3.ebuild:
498 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
499
500 *hardened-sources-2.4.26 (29 May 2004)
501
502 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
503 +hardened-sources-2.4.26.ebuild:
504 Updated hardened-sources for the 2.4.26 kernel
505 Removed broken components, updated almost everything.
506
507 *hardened-sources-2.4.24-r3 (17 Apr 2004)
508
509 17 Apr 2004; <plasmaroo@gentoo.org>
510 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
511 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
512 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
513 +hardened-sources-2.4.24-r3.ebuild:
514 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
515 vulnerabilities. Old revisions removed.
516
517 *hardened-sources-2.4.24-r2 (15 Apr 2004)
518
519 15 Apr 2004; <plasmaroo@gentoo.org>
520 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
521 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
522 Version bump for the CAN-2004-0109 issue; bug #47881.
523
524 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
525 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
526 Add eutils to inherit.
527
528 *hardened-sources-2.4.24-r1 (19 Feb 2004)
529
530 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
531 files/hardened-sources-2.4.24.munmap.patch:
532 Added the patch for the mremap/munmap vulnerability. Bug #42024.
533
534 *hardened-sources-2.4.24 (06 Feb 2004)
535
536 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
537 hardened-sources-2.4.24.ebuild:
538 Version bump, updated most of the components.
539 This release includes the following:
540
541 - Hardened security
542 - Netfilter patch-o-matic 20031219
543 - FreeSWAN 2.04 & x509 1.4.8
544 - EVMS 2.2.2
545 - XFS 1.3.1
546 - cryptoloop jari
547 - grsecurity 2.0-rc4
548 - SELinux
549 - PaX 200402060000
550 - PaX Obscurity 200308302223
551 - Others...
552
553 Neither -ck nor systrace are included anymore.
554
555 *hardened-sources-2.4.22-r2 (05 Jan 2004)
556
557 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
558 hardened-sources-2.4.22-r2.ebuild:
559 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
560
561 *hardened-sources-2.4.22-r1 (02 Dec 2003)
562
563 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
564 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
565
566 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
567 hardened-sources-2.4.22-r1.ebuild:
568 Version bump for the 'do_brk' vulnerability.
569
570 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
571 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
572 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
573 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
574 Fix the 'do_brk' vulnerability.
575
576 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
577 hardened-sources-2.4.22.ebuild:
578 - Removed the src_install() portion for SELinux flask
579 components. These are no longer handled in the kernel
580 so this code was not necessary.
581
582 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
583 New 2.4.22 based hardened-sources thanks to
584 Phil West <p.west@computer.org>.
585
586 These sources include:
587 - New SELinux API
588 - Updated CK-base
589 - Updated GRSec
590 - Systrace
591 - SuperFreeS/WAN 1.99.8
592 - Propolice kernel build support
593 - EVMS
594 - Other various security related patches
595
596 *hardened-sources-2.4.21 (14 Sep 2003)
597
598 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
599 Updated hardened-sources based on the 2.4.21 Linux kernel.
600 This includes updates to most major components such as:
601 - ck-base-0306300059
602 - selinux-2.4-2003071106
603 - grsecurity-2.0-rc1
604 - Updated IPTables patch-o-matic
605 - Updated SuperFreeS/WAN
606
607 Thanks to Phil West <pwest@computer.org> for his work in getting this
608 updated patch set ready for the 2.4.21 based kernel.
609
610 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
611 Initial import of hardened-sources-2.4.20-r4. This revision
612 includes only a few changes, but one of these is an important
613 security fix. It is recommended all users of hardened-sources
614 upgrade to this release.
615
616 - ioperm bug fix
617 - fixed compilation failure when building without GRSec
618
619 SAL (Secure Auditing for Linux) is NOT included in this revision
620 due to time constraints, but is planned for inclusion in the near
621 future.
622
623 *hardened-sources-2.4.20-r2 (12 Jun 2003)
624
625 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
626 hardened-sources-2.4.20-r3.ebuild:
627 Add Header...
628
629 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
630 hardened-sources-2.4.20-r3.ebuild:
631 Removed warnings from ebuild. This kernel should be safe to
632 use at this point.
633
634 *hardened-sources-2.4.20-r3 (08 Jun 2003)
635
636 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
637 hardened-sources-2.4.20-r3.ebuild:
638 New revision. Includes the following changes over -r2:
639
640 - ck7-base (O(1), preempt, low latency)
641 - Super FreeS/WAN 1.99.7rc2
642 - PaX for the LSM/SELinux branch
643 - GRSecurity 2.0-pre4 (role based access control)
644 - Systrace 1.3
645 - EXT3 fixes
646 - EVMS 2.0.1
647 - GCC 3.1+ compile optimizations
648 - ProPolice kernel build support
649 - Hashing table security fixes
650
651 *hardened-sources-2.4.20-r1 (09 Apr 2003)
652
653 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
654 Initial import of hardened-sources-r2. This new
655 ebuild includes many new performance and security
656 related patches. As in -r1, it will patch in
657 LSM/SELinux if "selinux" is in USE, otherwise it
658 will patch in GRSecurity. The following patches
659 are included in this revision:
660
661 - O(1) Scheduler, Low Latency, and Preempt
662 (pulled from the base CK patch)
663 - ptrace exploit patch for the LSM kernel
664 (the GRSec patch already fixes this)
665 - LSM 2.4-2003040709
666 - SELinux 2.4-2003040709
667 - Systrace v1.2
668 - IPTables patch-o-matic base patches - 20030107
669 - CryptoAPI 2.4.20.1 w/ loop-jari patch
670 - Super FreeS/WAN 1.99.6.1
671 - GRSecurity 1.9.9g
672 - MPPE
673 - EXT3 data journal fix
674 - CIPE 1.5.4
675
676 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
677 hardened-sources-2.4.20-r1.ebuild, manifest:
678 Updated to install flask components correctly for selinux.
679
680 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
681 hardened-sources-2.4.20-r1.ebuild:
682 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
683 is patched in instead. Ptrace patches for selinux have also been added. In
684 either case, systrace support will be patched in as well.
685
686 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
687 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
688 Revision bump for new sources.
689
690 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
691 hardened-sources-2.4.20-r1.ebuild:
692 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
693
694 *hardened-sources-2.4.20 (30 Mar 2003)
695
696 30 Mar 2003; Joshua Brindle <method@gentoo.org>
697 hardened-sources-2.4.20.ebuild:
698 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20