/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.118 - (show annotations) (download)
Wed Dec 6 21:00:59 2006 UTC (7 years, 9 months ago) by phreak
Branch: MAIN
Changes since 1.117: +10 -1 lines
Revision bump, including 2.6.18.5 (via genpatches) and 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and Ned Ludd's original patch. Thanks to Alexander  Gabert (pappy) for the redesign.
(Portage version: 2.1.2_rc2-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.117 2006/12/06 19:15:15 phreak Exp $
4
5 *hardened-sources-2.6.18-r2 (06 Dec 2006)
6
7 06 Dec 2006; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.18-r2.ebuild:
9 Revision bump, including 2.6.18.5 (via genpatches) and
10 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
11 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
12 redesign.
13
14 06 Dec 2006; Christian Heim <phreak@gentoo.org>
15 hardened-sources-2.6.18.ebuild:
16 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
17 of Mike Doty).
18
19 *hardened-sources-2.6.18-r1 (23 Nov 2006)
20
21 23 Nov 2006; Christian Heim <phreak@gentoo.org>
22 +hardened-sources-2.6.18-r1.ebuild:
23 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
24
25 *hardened-sources-2.6.18 (11 Nov 2006)
26
27 11 Nov 2006; Christian Heim <phreak@gentoo.org>
28 +hardened-sources-2.6.18.ebuild:
29 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
30
31 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
32 - mark amd64 stable also. bug #151877
33
34 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
35 - mark 2.6.17-r1 stable
36
37 27 Aug 2006; Christian Heim <phreak@gentoo.org>
38 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
39 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
40
41 *hardened-sources-2.6.17-r1 (26 Aug 2006)
42
43 26 Aug 2006; Christian Heim <phreak@gentoo.org>
44 +hardened-sources-2.6.17-r1.ebuild:
45 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
46 grsecurity patch.
47
48 *hardened-sources-2.6.17 (17 Aug 2006)
49
50 17 Aug 2006; Christian Heim <phreak@gentoo.org>
51 +hardened-sources-2.6.17.ebuild:
52 Bumping the hardened-sources-2.6 series to 2.6.17, using
53 genpatches-2.6.17-6.base.
54
55 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
56 - stable on x86 and amd64
57
58 *hardened-sources-2.6.16-r11 (15 Jul 2006)
59
60 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
61 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
62 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
63 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
64 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
65 crusty ebuilds
66
67 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
68 hardened-sources-2.6.16-r10.ebuild:
69 marking stable on x86 and amd64
70
71 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
72 - 2.4.32-r6 stable on x86. RSBAC state unknown
73
74 *hardened-sources-2.4.32-r7 (10 Jul 2006)
75
76 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
77 +hardened-sources-2.4.32-r7.ebuild:
78 Bump PaX for RSBAC to test-17
79
80 *hardened-sources-2.6.16-r9 (03 Jul 2006)
81
82 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
83 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
84 hardened-sources-2.6.16 bump to latest -base.
85
86 *hardened-sources-2.4.32-r6 (30 Jun 2006)
87
88 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
89 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
90 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
91 sysctl controlable resource logging
92
93 *hardened-sources-2.6.16-r7 (05 Jun 2006)
94
95 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
96 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
97 push new 2.6.16 release in preparation for stable
98
99 22 May 2006; <solar@gentoo.org> :
100 - redigest bug 134002
101
102 *hardened-sources-2.4.32-r5 (16 May 2006)
103
104 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
105 +hardened-sources-2.4.32-r5.ebuild:
106 Fixes rsbac common patching (new patch in new -r5 patchset)
107
108 *hardened-sources-2.4.32-r4 (13 May 2006)
109
110 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
111 +hardened-sources-2.4.32-r4.ebuild:
112 - security bumps
113
114 *hardened-sources-2.6.16-r6 (03 May 2006)
115
116 03 May 2006; John Mylchreest <johnm@gentoo.org>
117 +hardened-sources-2.6.16-r6.ebuild:
118 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
119
120 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
121 hardened-sources-2.6.14-r8.ebuild:
122 fix x86_64 build problem, this will delay the digest issue again for a short
123 while but it will sort itself out
124
125 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
126 hardened-sources-2.6.14-r8.ebuild:
127 bump hardened patchset
128
129 27 Apr 2006; Alec Warner <antarus@gentoo.org>
130 files/digest-hardened-sources-2.4.32-r2,
131 files/digest-hardened-sources-2.4.32-r3,
132 files/digest-hardened-sources-2.6.14-r8, Manifest:
133 Fixing duff SHA256 digests: Bug # 131293
134
135 *hardened-sources-2.6.16-r5 (27 Apr 2006)
136
137 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
138 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
139 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
140 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
141 cleanup of old uneccessary sources
142
143 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
144 fix digest
145
146 *hardened-sources-2.6.14-r8 (20 Apr 2006)
147
148 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
149 +hardened-sources-2.6.14-r8.ebuild:
150 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
151
152 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
153 Turning on gpg-signing again, and recomitting
154
155 *hardened-sources-2.6.16-r4 (20 Apr 2006)
156
157 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
158 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
159 +hardened-sources-2.6.16-r4.ebuild:
160 Fix numerous security vulns
161
162 *hardened-sources-2.4.32-r3 (16 Apr 2006)
163
164 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
165 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
166 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
167 - security bump for bug #112791. Removed old ebuilds
168
169 *hardened-sources-2.6.16-r3 (15 Apr 2006)
170
171 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
172 +hardened-sources-2.6.16-r3.ebuild:
173 Removing silly localversion which I missed
174
175 *hardened-sources-2.6.14-r7 (14 Apr 2006)
176
177 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
178 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
179 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
180
181 *hardened-sources-2.6.16-r2 (13 Apr 2006)
182
183 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
184 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
185 +hardened-sources-2.6.16-r2.ebuild:
186 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
187 labels, dropping USERGROUP define fixes, since these were merged mainstream.
188
189 *hardened-sources-2.6.16-r1 (11 Apr 2006)
190
191 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
192 +hardened-sources-2.6.16-r1.ebuild:
193 Bumping to include ppc build fix and 2.6.16.3
194
195 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
196 hardened-sources-2.6.14-r6.ebuild:
197 Stable on x86; bug #127718
198
199 *hardened-sources-2.6.16 (31 Mar 2006)
200
201 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
202 +hardened-sources-2.6.16.ebuild:
203 Bumping to new version of grsec, and kernel base. New squashfs. Based on
204 2.6.16.1
205
206 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
207 hardened-sources-2.6.14-r6.ebuild:
208 Stable on amd64, bug 127718.
209
210 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
211 Stable on ppc. Bug #127718
212
213 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
214 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
215 -hardened-sources-2.6.14-r4.ebuild:
216 Cleanup.
217
218 *hardened-sources-2.6.14-r6 (15 Mar 2006)
219
220 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
221 +hardened-sources-2.6.14-r6.ebuild:
222 Fixes grsec policy recreation bug and adds a
223 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
224
225 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
226 - stable on x86
227
228 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
229 hardened-sources-2.6.14-r5.ebuild:
230 Stable on ppc.
231
232 *hardened-sources-2.6.14-r5 (01 Feb 2006)
233
234 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
235 +hardened-sources-2.6.14-r5.ebuild:
236 fixing every known exploit
237
238 *hardened-sources-2.4.32-r2 (26 Jan 2006)
239
240 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
241 +hardened-sources-2.4.32-r2.ebuild:
242 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
243
244 *hardened-sources-2.6.14-r4 (12 Jan 2006)
245
246 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
247 - version bump for new genpatches which fix up a few sec holes
248
249 *hardened-sources-2.4.32-r1 (05 Jan 2006)
250
251 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
252 - revision bump to add misc vital linux kernel security patches.
253
254 *hardened-sources-2.6.14-r3 (30 Dec 2005)
255
256 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
257 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
258 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
259
260 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
261 hardened-sources-2.6.14-r2.ebuild:
262 making x86 & amd64 stable following testing.
263
264 *hardened-sources-2.6.14-r2 (27 Dec 2005)
265
266 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
267 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
268 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
269 network hooks.
270
271 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
272 hardened-sources-2.6.14-r1.ebuild:
273 bumping to stable early for sec fix on x86 & amd64
274
275 *hardened-sources-2.6.14-r1 (05 Dec 2005)
276
277 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
278 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
279 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
280
281 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
282 - stable on x86 security bug #114227 CAN-2005-3257
283
284 *hardened-sources-2.4.32 (19 Nov 2005)
285
286 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
287 +hardened-sources-2.4.32.ebuild:
288 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
289 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
290 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
291 rsbac >> /etc/portage/package.use)
292
293 *hardened-sources-2.6.14 (14 Nov 2005)
294
295 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
296 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
297 Bumping 2.6 series to 2.6.14.2
298
299 *hardened-sources-2.6.13-r2 (20 Oct 2005)
300
301 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
302 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
303 +hardened-sources-2.6.13-r2.ebuild:
304 Fixes minor build error in ppc.
305
306 *hardened-sources-2.6.13-r1 (17 Oct 2005)
307
308 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
309 +hardened-sources-2.6.13-r1.ebuild:
310 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
311 2.6.13.4, fixes some major amd64 stability problems.
312
313 *hardened-sources-2.6.13 (16 Sep 2005)
314
315 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
316 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
317 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
318 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
319 users should test this thoroughly.
320
321 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
322 - stable on x86
323
324 *hardened-sources-2.6.11-r15 (27 Jun 2005)
325
326 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
327 +hardened-sources-2.6.11-r15.ebuild:
328 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
329 grsec redefining curr_ip struct.
330
331 *hardened-sources-2.4.31 (20 Jun 2005)
332
333 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
334 initial import of 2.4.31 tree
335
336 *hardened-sources-2.6.11-r14 (14 Jun 2005)
337
338 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
339 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
340 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
341 naming scheme to abide by genpatches
342
343 *hardened-sources-2.6.11-r13 (18 May 2005)
344
345 18 May 2005; John Mylchreest <johnm@gentoo.org>
346 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
347 Managed to mangle the Makefile patch from grsec, to miss out the grsec
348 target. sorry about that. Fixes bug #93022
349
350 *hardened-sources-2.6.11-r12 (17 May 2005)
351
352 17 May 2005; John Mylchreest <johnm@gentoo.org>
353 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
354 +hardened-sources-2.6.11-r12.ebuild:
355 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
356 merges in genpatches-base
357
358 *hardened-sources-2.6.11-r12 (17 May 2005)
359
360 17 May 2005; John Mylchreest <johnm@gentoo.org>
361 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
362 +hardened-sources-2.6.11-r12.ebuild:
363 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
364 merges in genpatches-base
365
366 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
367 -files/2.4.27-cmdline-race.patch,
368 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
369 -files/2.4.28-grsec-binfmt_a.out.patch,
370 -files/2.4.28-grsec-cmdline-race.patch,
371 -files/2.4.28-selinux-binfmt_a.out.patch,
372 -files/2.4.28-selinux-cmdline-race.patch,
373 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
374 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
375 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
376 cleanup..
377
378 *hardened-sources-2.4.30-r1 (21 Apr 2005)
379
380 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
381 - disable aout by default
382
383 *hardened-sources-2.4.30 (18 Apr 2005)
384
385 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
386 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
387 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
388 use
389
390 *hardened-sources-2.4.29 (30 Mar 2005)
391
392 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
393 +hardened-sources-2.4.29.ebuild:
394 New hardened-patches-2.4-29.0 patchball.
395 Removed SELinux support, upgraded GRSecurity to 2.1.4.
396
397 *hardened-sources-2.4.28-r5 (06 Mar 2005)
398
399 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
400 +hardened-sources-2.4.28-r5.ebuild:
401 Added a fix for a PaX vulnerability.
402
403 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
404 hardened-sources-2.4.28-r4.ebuild:
405 Stable on x86
406
407 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
408 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
409 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
410 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
411 - fixed/added RDEPEND= in all kernel-2 ebuilds
412
413 *hardened-sources-2.4.28-r4 (21 Jan 2005)
414
415 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
416 +hardened-sources-2.4.28-r4.ebuild:
417 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
418 backport of neighbour hash updates.
419
420 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
421 hardened-sources-2.4.28-r3.ebuild:
422 Stable on x86
423
424 *hardened-sources-2.6.10-r3 (20 Jan 2005)
425
426 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
427 +hardened-sources-2.6.10-r3.ebuild:
428 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
429 in 2005.0
430
431 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
432 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
433 hardened-sources-2.4.28-r2.ebuild:
434 Mark stable on x86
435
436 *hardened-sources-2.4.28-r3 (17 Jan 2005)
437
438 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
439 +hardened-sources-2.4.28-r3.ebuild:
440 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
441
442 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
443 hardened-sources-2.4.28.ebuild:
444 Mark stable on x86.
445
446 *hardened-sources-2.4.28-r2 (13 Jan 2005)
447
448 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
449 +hardened-sources-2.4.28-r2.ebuild:
450 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
451 Mazinger for grsecurity patches as well.
452
453 *hardened-sources-2.4.28-r1 (23 Dec 2004)
454
455 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
456 Security bump. Thank tocharian for rolling a new patchset...
457
458 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
459 +files/2.4.28-grsec-cmdline-race.patch,
460 +files/2.4.28-selinux-binfmt_a.out.patch,
461 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
462 - Round up remaining security patches that appear to be missing in 2.4.28. -
463 PaX standalone updated to current. hgpv=28.1
464
465 *hardened-sources-2.4.28 (28 Nov 2004)
466
467 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
468 security bump. Thank tocharian for rolling a new patchset
469
470 *hardened-sources-2.4.27-r3 (08 Sep 2004)
471
472 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
473 +hardened-sources-2.4.27-r3.ebuild:
474 Applies the new 2.4-27.2 patchball which updates
475 GRSecurity to the 2.0.1 version.
476
477 *hardened-sources-2.4.27-r2 (31 Aug 2004)
478
479 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
480 +hardened-sources-2.4.27-r2.ebuild:
481 Version bump.
482 This version uses the new 2.4-27.1 patchball which updates
483 both the SELinux PaX hooks patch and the SELinux headers.
484
485 *hardened-sources-2.4.27-r1 (09 Aug 2004)
486
487 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
488 +hardened-sources-2.4.27-r1.ebuild,
489 -hardened-sources-2.4.27.ebuild,
490 +files/2.4.27-cmdline-race.patch:
491 Version bump, fix for cmdline race. See bug #59905.
492
493 *hardened-sources-2.4.26-r6 (09 Aug 2004)
494
495 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
496 +hardened-sources-2.4.26-r6.ebuild,
497 -hardened-sources-2.4.26-r5.ebuild,
498 -hardened-sources-2.4.26-r4.ebuild,
499 +files/2.4.26-cmdline-race.patch:
500 Version bump, fix for cmdline race. See bug #59905.
501
502 *hardened-sources-2.4.27 (08 Aug 2004)
503
504 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
505 +hardened-sources-2.4.27.ebuild,
506 +files/2.4.27-CAN-2004-0394.patch:
507 Ported the patchball to the 2.4.27 kernel version.
508
509 *hardened-sources-2.4.26-r5 (07 Aug 2004)
510
511 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
512 +hardened-sources-2.4.26-r5.ebuild:
513 Updated to use the new hardened-patches-2.4-26.1 patchball.
514 It adds the following features:
515 - Squashfs
516 - Ebtables
517 - Netdev random (core+drivers)
518 - Watchdog Timer (WDT) fix.
519
520 *hardened-sources-2.4.26-r4 (04 Aug 2004)
521
522 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
523 +hardened-sources-2.4.26-r4.ebuild,
524 +files/2.4.26-CAN-2004-0415.patch,
525 -hardened-sources-2.4.26-3:
526 Version bump, fix for CAN 0415, see bug #59378.
527
528 *hardened-sources-2.4.26-r3 (22 Jul 2004)
529
530 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
531 +hardened-sources-2.4.26-r3.ebuild,
532 +files/2.4.26-CAN-2004-0497.patch,
533 -hardened-sources-2.4.26-r2.ebuild:
534 Version bump, fixed CAN 0497, see bug #56171.
535
536 *hardened-sources-2.4.26-r2 (29 Jun 2004)
537
538 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
539 +hardened-sources-2.4.26-r2.ebuild,
540 +files/2.4.26-CAN-2004-0495.patch,
541 +files/2.4.26-CAN-2004-0535.patch,
542 -hardened-sources-2.4.26-r1.ebuild:
543 Fixes for both CAN 0495 and 0535, see bug #54976
544
545 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
546 hardened-sources-2.4.26-r1.ebuild:
547 QA - fix use invocation
548
549 *hardened-sources-2.4.26-r1 (22 June 2004)
550
551 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
552 +hardened-sources-2.4.26-r1.ebuild,
553 +files/2.4.26-CAN-2004-0394.patch,
554 +files/2.4.26-signal-race.patch,
555 -hardened-sources-2.4.26.ebuild,
556 -hardened-sources-2.4.24-r3.ebuild:
557 Version bump for the CAN-2004-0394 issue and bug #53804
558 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
559
560
561 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
562 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
563 Masked hardened-sources-2.4.26.ebuild broken for ppc
564
565 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
566 hardened-sources-2.4.24-r3.ebuild:
567 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
568
569 *hardened-sources-2.4.26 (29 May 2004)
570
571 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
572 +hardened-sources-2.4.26.ebuild:
573 Updated hardened-sources for the 2.4.26 kernel
574 Removed broken components, updated almost everything.
575
576 *hardened-sources-2.4.24-r3 (17 Apr 2004)
577
578 17 Apr 2004; <plasmaroo@gentoo.org>
579 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
580 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
581 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
582 +hardened-sources-2.4.24-r3.ebuild:
583 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
584 vulnerabilities. Old revisions removed.
585
586 *hardened-sources-2.4.24-r2 (15 Apr 2004)
587
588 15 Apr 2004; <plasmaroo@gentoo.org>
589 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
590 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
591 Version bump for the CAN-2004-0109 issue; bug #47881.
592
593 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
594 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
595 Add eutils to inherit.
596
597 *hardened-sources-2.4.24-r1 (19 Feb 2004)
598
599 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
600 files/hardened-sources-2.4.24.munmap.patch:
601 Added the patch for the mremap/munmap vulnerability. Bug #42024.
602
603 *hardened-sources-2.4.24 (06 Feb 2004)
604
605 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
606 hardened-sources-2.4.24.ebuild:
607 Version bump, updated most of the components.
608 This release includes the following:
609
610 - Hardened security
611 - Netfilter patch-o-matic 20031219
612 - FreeSWAN 2.04 & x509 1.4.8
613 - EVMS 2.2.2
614 - XFS 1.3.1
615 - cryptoloop jari
616 - grsecurity 2.0-rc4
617 - SELinux
618 - PaX 200402060000
619 - PaX Obscurity 200308302223
620 - Others...
621
622 Neither -ck nor systrace are included anymore.
623
624 *hardened-sources-2.4.22-r2 (05 Jan 2004)
625
626 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
627 hardened-sources-2.4.22-r2.ebuild:
628 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
629
630 *hardened-sources-2.4.22-r1 (02 Dec 2003)
631
632 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
633 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
634
635 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
636 hardened-sources-2.4.22-r1.ebuild:
637 Version bump for the 'do_brk' vulnerability.
638
639 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
640 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
641 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
642 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
643 Fix the 'do_brk' vulnerability.
644
645 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
646 hardened-sources-2.4.22.ebuild:
647 - Removed the src_install() portion for SELinux flask
648 components. These are no longer handled in the kernel
649 so this code was not necessary.
650
651 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
652 New 2.4.22 based hardened-sources thanks to
653 Phil West <p.west@computer.org>.
654
655 These sources include:
656 - New SELinux API
657 - Updated CK-base
658 - Updated GRSec
659 - Systrace
660 - SuperFreeS/WAN 1.99.8
661 - Propolice kernel build support
662 - EVMS
663 - Other various security related patches
664
665 *hardened-sources-2.4.21 (14 Sep 2003)
666
667 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
668 Updated hardened-sources based on the 2.4.21 Linux kernel.
669 This includes updates to most major components such as:
670 - ck-base-0306300059
671 - selinux-2.4-2003071106
672 - grsecurity-2.0-rc1
673 - Updated IPTables patch-o-matic
674 - Updated SuperFreeS/WAN
675
676 Thanks to Phil West <pwest@computer.org> for his work in getting this
677 updated patch set ready for the 2.4.21 based kernel.
678
679 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
680 Initial import of hardened-sources-2.4.20-r4. This revision
681 includes only a few changes, but one of these is an important
682 security fix. It is recommended all users of hardened-sources
683 upgrade to this release.
684
685 - ioperm bug fix
686 - fixed compilation failure when building without GRSec
687
688 SAL (Secure Auditing for Linux) is NOT included in this revision
689 due to time constraints, but is planned for inclusion in the near
690 future.
691
692 *hardened-sources-2.4.20-r2 (12 Jun 2003)
693
694 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
695 hardened-sources-2.4.20-r3.ebuild:
696 Add Header...
697
698 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
699 hardened-sources-2.4.20-r3.ebuild:
700 Removed warnings from ebuild. This kernel should be safe to
701 use at this point.
702
703 *hardened-sources-2.4.20-r3 (08 Jun 2003)
704
705 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
706 hardened-sources-2.4.20-r3.ebuild:
707 New revision. Includes the following changes over -r2:
708
709 - ck7-base (O(1), preempt, low latency)
710 - Super FreeS/WAN 1.99.7rc2
711 - PaX for the LSM/SELinux branch
712 - GRSecurity 2.0-pre4 (role based access control)
713 - Systrace 1.3
714 - EXT3 fixes
715 - EVMS 2.0.1
716 - GCC 3.1+ compile optimizations
717 - ProPolice kernel build support
718 - Hashing table security fixes
719
720 *hardened-sources-2.4.20-r1 (09 Apr 2003)
721
722 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
723 Initial import of hardened-sources-r2. This new
724 ebuild includes many new performance and security
725 related patches. As in -r1, it will patch in
726 LSM/SELinux if "selinux" is in USE, otherwise it
727 will patch in GRSecurity. The following patches
728 are included in this revision:
729
730 - O(1) Scheduler, Low Latency, and Preempt
731 (pulled from the base CK patch)
732 - ptrace exploit patch for the LSM kernel
733 (the GRSec patch already fixes this)
734 - LSM 2.4-2003040709
735 - SELinux 2.4-2003040709
736 - Systrace v1.2
737 - IPTables patch-o-matic base patches - 20030107
738 - CryptoAPI 2.4.20.1 w/ loop-jari patch
739 - Super FreeS/WAN 1.99.6.1
740 - GRSecurity 1.9.9g
741 - MPPE
742 - EXT3 data journal fix
743 - CIPE 1.5.4
744
745 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
746 hardened-sources-2.4.20-r1.ebuild, manifest:
747 Updated to install flask components correctly for selinux.
748
749 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
750 hardened-sources-2.4.20-r1.ebuild:
751 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
752 is patched in instead. Ptrace patches for selinux have also been added. In
753 either case, systrace support will be patched in as well.
754
755 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
756 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
757 Revision bump for new sources.
758
759 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
760 hardened-sources-2.4.20-r1.ebuild:
761 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
762
763 *hardened-sources-2.4.20 (30 Mar 2003)
764
765 30 Mar 2003; Joshua Brindle <method@gentoo.org>
766 hardened-sources-2.4.20.ebuild:
767 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20