/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.108 - (show annotations) (download)
Sat Jul 15 16:00:36 2006 UTC (8 years, 4 months ago) by solar
Branch: MAIN
Changes since 1.107: +10 -1 lines
- 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old crusty ebuilds
(Portage version: 2.1-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.107 2006/07/14 15:35:02 johnm Exp $
4
5 *hardened-sources-2.6.16-r11 (15 Jul 2006)
6
7 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
8 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
9 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
10 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
11 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
12 crusty ebuilds
13
14 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
15 hardened-sources-2.6.16-r10.ebuild:
16 marking stable on x86 and amd64
17
18 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
19 - 2.4.32-r6 stable on x86. RSBAC state unknown
20
21 *hardened-sources-2.4.32-r7 (10 Jul 2006)
22
23 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
24 +hardened-sources-2.4.32-r7.ebuild:
25 Bump PaX for RSBAC to test-17
26
27 *hardened-sources-2.6.16-r9 (03 Jul 2006)
28
29 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
30 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
31 hardened-sources-2.6.16 bump to latest -base.
32
33 *hardened-sources-2.4.32-r6 (30 Jun 2006)
34
35 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
36 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
37 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
38 sysctl controlable resource logging
39
40 *hardened-sources-2.6.16-r7 (05 Jun 2006)
41
42 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
43 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
44 push new 2.6.16 release in preparation for stable
45
46 22 May 2006; <solar@gentoo.org> :
47 - redigest bug 134002
48
49 *hardened-sources-2.4.32-r5 (16 May 2006)
50
51 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
52 +hardened-sources-2.4.32-r5.ebuild:
53 Fixes rsbac common patching (new patch in new -r5 patchset)
54
55 *hardened-sources-2.4.32-r4 (13 May 2006)
56
57 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
58 +hardened-sources-2.4.32-r4.ebuild:
59 - security bumps
60
61 *hardened-sources-2.6.16-r6 (03 May 2006)
62
63 03 May 2006; John Mylchreest <johnm@gentoo.org>
64 +hardened-sources-2.6.16-r6.ebuild:
65 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
66
67 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
68 hardened-sources-2.6.14-r8.ebuild:
69 fix x86_64 build problem, this will delay the digest issue again for a short
70 while but it will sort itself out
71
72 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
73 hardened-sources-2.6.14-r8.ebuild:
74 bump hardened patchset
75
76 27 Apr 2006; Alec Warner <antarus@gentoo.org>
77 files/digest-hardened-sources-2.4.32-r2,
78 files/digest-hardened-sources-2.4.32-r3,
79 files/digest-hardened-sources-2.6.14-r8, Manifest:
80 Fixing duff SHA256 digests: Bug # 131293
81
82 *hardened-sources-2.6.16-r5 (27 Apr 2006)
83
84 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
85 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
86 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
87 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
88 cleanup of old uneccessary sources
89
90 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
91 fix digest
92
93 *hardened-sources-2.6.14-r8 (20 Apr 2006)
94
95 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
96 +hardened-sources-2.6.14-r8.ebuild:
97 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
98
99 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
100 Turning on gpg-signing again, and recomitting
101
102 *hardened-sources-2.6.16-r4 (20 Apr 2006)
103
104 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
105 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
106 +hardened-sources-2.6.16-r4.ebuild:
107 Fix numerous security vulns
108
109 *hardened-sources-2.4.32-r3 (16 Apr 2006)
110
111 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
112 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
113 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
114 - security bump for bug #112791. Removed old ebuilds
115
116 *hardened-sources-2.6.16-r3 (15 Apr 2006)
117
118 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
119 +hardened-sources-2.6.16-r3.ebuild:
120 Removing silly localversion which I missed
121
122 *hardened-sources-2.6.14-r7 (14 Apr 2006)
123
124 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
125 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
126 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
127
128 *hardened-sources-2.6.16-r2 (13 Apr 2006)
129
130 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
131 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
132 +hardened-sources-2.6.16-r2.ebuild:
133 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
134 labels, dropping USERGROUP define fixes, since these were merged mainstream.
135
136 *hardened-sources-2.6.16-r1 (11 Apr 2006)
137
138 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
139 +hardened-sources-2.6.16-r1.ebuild:
140 Bumping to include ppc build fix and 2.6.16.3
141
142 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
143 hardened-sources-2.6.14-r6.ebuild:
144 Stable on x86; bug #127718
145
146 *hardened-sources-2.6.16 (31 Mar 2006)
147
148 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
149 +hardened-sources-2.6.16.ebuild:
150 Bumping to new version of grsec, and kernel base. New squashfs. Based on
151 2.6.16.1
152
153 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
154 hardened-sources-2.6.14-r6.ebuild:
155 Stable on amd64, bug 127718.
156
157 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
158 Stable on ppc. Bug #127718
159
160 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
161 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
162 -hardened-sources-2.6.14-r4.ebuild:
163 Cleanup.
164
165 *hardened-sources-2.6.14-r6 (15 Mar 2006)
166
167 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
168 +hardened-sources-2.6.14-r6.ebuild:
169 Fixes grsec policy recreation bug and adds a
170 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
171
172 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
173 - stable on x86
174
175 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
176 hardened-sources-2.6.14-r5.ebuild:
177 Stable on ppc.
178
179 *hardened-sources-2.6.14-r5 (01 Feb 2006)
180
181 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
182 +hardened-sources-2.6.14-r5.ebuild:
183 fixing every known exploit
184
185 *hardened-sources-2.4.32-r2 (26 Jan 2006)
186
187 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
188 +hardened-sources-2.4.32-r2.ebuild:
189 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
190
191 *hardened-sources-2.6.14-r4 (12 Jan 2006)
192
193 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
194 - version bump for new genpatches which fix up a few sec holes
195
196 *hardened-sources-2.4.32-r1 (05 Jan 2006)
197
198 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
199 - revision bump to add misc vital linux kernel security patches.
200
201 *hardened-sources-2.6.14-r3 (30 Dec 2005)
202
203 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
204 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
205 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
206
207 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
208 hardened-sources-2.6.14-r2.ebuild:
209 making x86 & amd64 stable following testing.
210
211 *hardened-sources-2.6.14-r2 (27 Dec 2005)
212
213 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
214 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
215 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
216 network hooks.
217
218 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
219 hardened-sources-2.6.14-r1.ebuild:
220 bumping to stable early for sec fix on x86 & amd64
221
222 *hardened-sources-2.6.14-r1 (05 Dec 2005)
223
224 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
225 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
226 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
227
228 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
229 - stable on x86 security bug #114227 CAN-2005-3257
230
231 *hardened-sources-2.4.32 (19 Nov 2005)
232
233 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
234 +hardened-sources-2.4.32.ebuild:
235 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
236 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
237 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
238 rsbac >> /etc/portage/package.use)
239
240 *hardened-sources-2.6.14 (14 Nov 2005)
241
242 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
243 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
244 Bumping 2.6 series to 2.6.14.2
245
246 *hardened-sources-2.6.13-r2 (20 Oct 2005)
247
248 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
249 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
250 +hardened-sources-2.6.13-r2.ebuild:
251 Fixes minor build error in ppc.
252
253 *hardened-sources-2.6.13-r1 (17 Oct 2005)
254
255 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
256 +hardened-sources-2.6.13-r1.ebuild:
257 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
258 2.6.13.4, fixes some major amd64 stability problems.
259
260 *hardened-sources-2.6.13 (16 Sep 2005)
261
262 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
263 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
264 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
265 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
266 users should test this thoroughly.
267
268 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
269 - stable on x86
270
271 *hardened-sources-2.6.11-r15 (27 Jun 2005)
272
273 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
274 +hardened-sources-2.6.11-r15.ebuild:
275 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
276 grsec redefining curr_ip struct.
277
278 *hardened-sources-2.4.31 (20 Jun 2005)
279
280 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
281 initial import of 2.4.31 tree
282
283 *hardened-sources-2.6.11-r14 (14 Jun 2005)
284
285 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
286 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
287 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
288 naming scheme to abide by genpatches
289
290 *hardened-sources-2.6.11-r13 (18 May 2005)
291
292 18 May 2005; John Mylchreest <johnm@gentoo.org>
293 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
294 Managed to mangle the Makefile patch from grsec, to miss out the grsec
295 target. sorry about that. Fixes bug #93022
296
297 *hardened-sources-2.6.11-r12 (17 May 2005)
298
299 17 May 2005; John Mylchreest <johnm@gentoo.org>
300 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
301 +hardened-sources-2.6.11-r12.ebuild:
302 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
303 merges in genpatches-base
304
305 *hardened-sources-2.6.11-r12 (17 May 2005)
306
307 17 May 2005; John Mylchreest <johnm@gentoo.org>
308 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
309 +hardened-sources-2.6.11-r12.ebuild:
310 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
311 merges in genpatches-base
312
313 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
314 -files/2.4.27-cmdline-race.patch,
315 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
316 -files/2.4.28-grsec-binfmt_a.out.patch,
317 -files/2.4.28-grsec-cmdline-race.patch,
318 -files/2.4.28-selinux-binfmt_a.out.patch,
319 -files/2.4.28-selinux-cmdline-race.patch,
320 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
321 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
322 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
323 cleanup..
324
325 *hardened-sources-2.4.30-r1 (21 Apr 2005)
326
327 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
328 - disable aout by default
329
330 *hardened-sources-2.4.30 (18 Apr 2005)
331
332 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
333 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
334 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
335 use
336
337 *hardened-sources-2.4.29 (30 Mar 2005)
338
339 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
340 +hardened-sources-2.4.29.ebuild:
341 New hardened-patches-2.4-29.0 patchball.
342 Removed SELinux support, upgraded GRSecurity to 2.1.4.
343
344 *hardened-sources-2.4.28-r5 (06 Mar 2005)
345
346 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
347 +hardened-sources-2.4.28-r5.ebuild:
348 Added a fix for a PaX vulnerability.
349
350 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
351 hardened-sources-2.4.28-r4.ebuild:
352 Stable on x86
353
354 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
355 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
356 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
357 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
358 - fixed/added RDEPEND= in all kernel-2 ebuilds
359
360 *hardened-sources-2.4.28-r4 (21 Jan 2005)
361
362 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
363 +hardened-sources-2.4.28-r4.ebuild:
364 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
365 backport of neighbour hash updates.
366
367 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
368 hardened-sources-2.4.28-r3.ebuild:
369 Stable on x86
370
371 *hardened-sources-2.6.10-r3 (20 Jan 2005)
372
373 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
374 +hardened-sources-2.6.10-r3.ebuild:
375 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
376 in 2005.0
377
378 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
379 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
380 hardened-sources-2.4.28-r2.ebuild:
381 Mark stable on x86
382
383 *hardened-sources-2.4.28-r3 (17 Jan 2005)
384
385 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
386 +hardened-sources-2.4.28-r3.ebuild:
387 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
388
389 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
390 hardened-sources-2.4.28.ebuild:
391 Mark stable on x86.
392
393 *hardened-sources-2.4.28-r2 (13 Jan 2005)
394
395 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
396 +hardened-sources-2.4.28-r2.ebuild:
397 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
398 Mazinger for grsecurity patches as well.
399
400 *hardened-sources-2.4.28-r1 (23 Dec 2004)
401
402 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
403 Security bump. Thank tocharian for rolling a new patchset...
404
405 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
406 +files/2.4.28-grsec-cmdline-race.patch,
407 +files/2.4.28-selinux-binfmt_a.out.patch,
408 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
409 - Round up remaining security patches that appear to be missing in 2.4.28. -
410 PaX standalone updated to current. hgpv=28.1
411
412 *hardened-sources-2.4.28 (28 Nov 2004)
413
414 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
415 security bump. Thank tocharian for rolling a new patchset
416
417 *hardened-sources-2.4.27-r3 (08 Sep 2004)
418
419 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
420 +hardened-sources-2.4.27-r3.ebuild:
421 Applies the new 2.4-27.2 patchball which updates
422 GRSecurity to the 2.0.1 version.
423
424 *hardened-sources-2.4.27-r2 (31 Aug 2004)
425
426 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
427 +hardened-sources-2.4.27-r2.ebuild:
428 Version bump.
429 This version uses the new 2.4-27.1 patchball which updates
430 both the SELinux PaX hooks patch and the SELinux headers.
431
432 *hardened-sources-2.4.27-r1 (09 Aug 2004)
433
434 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
435 +hardened-sources-2.4.27-r1.ebuild,
436 -hardened-sources-2.4.27.ebuild,
437 +files/2.4.27-cmdline-race.patch:
438 Version bump, fix for cmdline race. See bug #59905.
439
440 *hardened-sources-2.4.26-r6 (09 Aug 2004)
441
442 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
443 +hardened-sources-2.4.26-r6.ebuild,
444 -hardened-sources-2.4.26-r5.ebuild,
445 -hardened-sources-2.4.26-r4.ebuild,
446 +files/2.4.26-cmdline-race.patch:
447 Version bump, fix for cmdline race. See bug #59905.
448
449 *hardened-sources-2.4.27 (08 Aug 2004)
450
451 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
452 +hardened-sources-2.4.27.ebuild,
453 +files/2.4.27-CAN-2004-0394.patch:
454 Ported the patchball to the 2.4.27 kernel version.
455
456 *hardened-sources-2.4.26-r5 (07 Aug 2004)
457
458 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
459 +hardened-sources-2.4.26-r5.ebuild:
460 Updated to use the new hardened-patches-2.4-26.1 patchball.
461 It adds the following features:
462 - Squashfs
463 - Ebtables
464 - Netdev random (core+drivers)
465 - Watchdog Timer (WDT) fix.
466
467 *hardened-sources-2.4.26-r4 (04 Aug 2004)
468
469 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
470 +hardened-sources-2.4.26-r4.ebuild,
471 +files/2.4.26-CAN-2004-0415.patch,
472 -hardened-sources-2.4.26-3:
473 Version bump, fix for CAN 0415, see bug #59378.
474
475 *hardened-sources-2.4.26-r3 (22 Jul 2004)
476
477 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
478 +hardened-sources-2.4.26-r3.ebuild,
479 +files/2.4.26-CAN-2004-0497.patch,
480 -hardened-sources-2.4.26-r2.ebuild:
481 Version bump, fixed CAN 0497, see bug #56171.
482
483 *hardened-sources-2.4.26-r2 (29 Jun 2004)
484
485 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
486 +hardened-sources-2.4.26-r2.ebuild,
487 +files/2.4.26-CAN-2004-0495.patch,
488 +files/2.4.26-CAN-2004-0535.patch,
489 -hardened-sources-2.4.26-r1.ebuild:
490 Fixes for both CAN 0495 and 0535, see bug #54976
491
492 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
493 hardened-sources-2.4.26-r1.ebuild:
494 QA - fix use invocation
495
496 *hardened-sources-2.4.26-r1 (22 June 2004)
497
498 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
499 +hardened-sources-2.4.26-r1.ebuild,
500 +files/2.4.26-CAN-2004-0394.patch,
501 +files/2.4.26-signal-race.patch,
502 -hardened-sources-2.4.26.ebuild,
503 -hardened-sources-2.4.24-r3.ebuild:
504 Version bump for the CAN-2004-0394 issue and bug #53804
505 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
506
507
508 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
509 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
510 Masked hardened-sources-2.4.26.ebuild broken for ppc
511
512 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
513 hardened-sources-2.4.24-r3.ebuild:
514 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
515
516 *hardened-sources-2.4.26 (29 May 2004)
517
518 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
519 +hardened-sources-2.4.26.ebuild:
520 Updated hardened-sources for the 2.4.26 kernel
521 Removed broken components, updated almost everything.
522
523 *hardened-sources-2.4.24-r3 (17 Apr 2004)
524
525 17 Apr 2004; <plasmaroo@gentoo.org>
526 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
527 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
528 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
529 +hardened-sources-2.4.24-r3.ebuild:
530 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
531 vulnerabilities. Old revisions removed.
532
533 *hardened-sources-2.4.24-r2 (15 Apr 2004)
534
535 15 Apr 2004; <plasmaroo@gentoo.org>
536 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
537 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
538 Version bump for the CAN-2004-0109 issue; bug #47881.
539
540 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
541 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
542 Add eutils to inherit.
543
544 *hardened-sources-2.4.24-r1 (19 Feb 2004)
545
546 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
547 files/hardened-sources-2.4.24.munmap.patch:
548 Added the patch for the mremap/munmap vulnerability. Bug #42024.
549
550 *hardened-sources-2.4.24 (06 Feb 2004)
551
552 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
553 hardened-sources-2.4.24.ebuild:
554 Version bump, updated most of the components.
555 This release includes the following:
556
557 - Hardened security
558 - Netfilter patch-o-matic 20031219
559 - FreeSWAN 2.04 & x509 1.4.8
560 - EVMS 2.2.2
561 - XFS 1.3.1
562 - cryptoloop jari
563 - grsecurity 2.0-rc4
564 - SELinux
565 - PaX 200402060000
566 - PaX Obscurity 200308302223
567 - Others...
568
569 Neither -ck nor systrace are included anymore.
570
571 *hardened-sources-2.4.22-r2 (05 Jan 2004)
572
573 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
574 hardened-sources-2.4.22-r2.ebuild:
575 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
576
577 *hardened-sources-2.4.22-r1 (02 Dec 2003)
578
579 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
580 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
581
582 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
583 hardened-sources-2.4.22-r1.ebuild:
584 Version bump for the 'do_brk' vulnerability.
585
586 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
587 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
588 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
589 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
590 Fix the 'do_brk' vulnerability.
591
592 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
593 hardened-sources-2.4.22.ebuild:
594 - Removed the src_install() portion for SELinux flask
595 components. These are no longer handled in the kernel
596 so this code was not necessary.
597
598 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
599 New 2.4.22 based hardened-sources thanks to
600 Phil West <p.west@computer.org>.
601
602 These sources include:
603 - New SELinux API
604 - Updated CK-base
605 - Updated GRSec
606 - Systrace
607 - SuperFreeS/WAN 1.99.8
608 - Propolice kernel build support
609 - EVMS
610 - Other various security related patches
611
612 *hardened-sources-2.4.21 (14 Sep 2003)
613
614 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
615 Updated hardened-sources based on the 2.4.21 Linux kernel.
616 This includes updates to most major components such as:
617 - ck-base-0306300059
618 - selinux-2.4-2003071106
619 - grsecurity-2.0-rc1
620 - Updated IPTables patch-o-matic
621 - Updated SuperFreeS/WAN
622
623 Thanks to Phil West <pwest@computer.org> for his work in getting this
624 updated patch set ready for the 2.4.21 based kernel.
625
626 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
627 Initial import of hardened-sources-2.4.20-r4. This revision
628 includes only a few changes, but one of these is an important
629 security fix. It is recommended all users of hardened-sources
630 upgrade to this release.
631
632 - ioperm bug fix
633 - fixed compilation failure when building without GRSec
634
635 SAL (Secure Auditing for Linux) is NOT included in this revision
636 due to time constraints, but is planned for inclusion in the near
637 future.
638
639 *hardened-sources-2.4.20-r2 (12 Jun 2003)
640
641 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
642 hardened-sources-2.4.20-r3.ebuild:
643 Add Header...
644
645 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
646 hardened-sources-2.4.20-r3.ebuild:
647 Removed warnings from ebuild. This kernel should be safe to
648 use at this point.
649
650 *hardened-sources-2.4.20-r3 (08 Jun 2003)
651
652 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
653 hardened-sources-2.4.20-r3.ebuild:
654 New revision. Includes the following changes over -r2:
655
656 - ck7-base (O(1), preempt, low latency)
657 - Super FreeS/WAN 1.99.7rc2
658 - PaX for the LSM/SELinux branch
659 - GRSecurity 2.0-pre4 (role based access control)
660 - Systrace 1.3
661 - EXT3 fixes
662 - EVMS 2.0.1
663 - GCC 3.1+ compile optimizations
664 - ProPolice kernel build support
665 - Hashing table security fixes
666
667 *hardened-sources-2.4.20-r1 (09 Apr 2003)
668
669 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
670 Initial import of hardened-sources-r2. This new
671 ebuild includes many new performance and security
672 related patches. As in -r1, it will patch in
673 LSM/SELinux if "selinux" is in USE, otherwise it
674 will patch in GRSecurity. The following patches
675 are included in this revision:
676
677 - O(1) Scheduler, Low Latency, and Preempt
678 (pulled from the base CK patch)
679 - ptrace exploit patch for the LSM kernel
680 (the GRSec patch already fixes this)
681 - LSM 2.4-2003040709
682 - SELinux 2.4-2003040709
683 - Systrace v1.2
684 - IPTables patch-o-matic base patches - 20030107
685 - CryptoAPI 2.4.20.1 w/ loop-jari patch
686 - Super FreeS/WAN 1.99.6.1
687 - GRSecurity 1.9.9g
688 - MPPE
689 - EXT3 data journal fix
690 - CIPE 1.5.4
691
692 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
693 hardened-sources-2.4.20-r1.ebuild, manifest:
694 Updated to install flask components correctly for selinux.
695
696 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
697 hardened-sources-2.4.20-r1.ebuild:
698 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
699 is patched in instead. Ptrace patches for selinux have also been added. In
700 either case, systrace support will be patched in as well.
701
702 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
703 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
704 Revision bump for new sources.
705
706 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
707 hardened-sources-2.4.20-r1.ebuild:
708 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
709
710 *hardened-sources-2.4.20 (30 Mar 2003)
711
712 30 Mar 2003; Joshua Brindle <method@gentoo.org>
713 hardened-sources-2.4.20.ebuild:
714 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20