/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.119 - (show annotations) (download)
Thu Dec 7 07:26:27 2006 UTC (7 years, 11 months ago) by opfer
Branch: MAIN
Changes since 1.118: +5 -1 lines
stable x86, bug #157356
(Portage version: 2.1.1-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.118 2006/12/06 21:00:59 phreak Exp $
4
5 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
6 hardened-sources-2.6.18.ebuild:
7 stable x86, bug #157356
8
9 *hardened-sources-2.6.18-r2 (06 Dec 2006)
10
11 06 Dec 2006; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.18-r2.ebuild:
13 Revision bump, including 2.6.18.5 (via genpatches) and
14 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
15 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
16 redesign.
17
18 06 Dec 2006; Christian Heim <phreak@gentoo.org>
19 hardened-sources-2.6.18.ebuild:
20 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
21 of Mike Doty).
22
23 *hardened-sources-2.6.18-r1 (23 Nov 2006)
24
25 23 Nov 2006; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.6.18-r1.ebuild:
27 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
28
29 *hardened-sources-2.6.18 (11 Nov 2006)
30
31 11 Nov 2006; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.6.18.ebuild:
33 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
34
35 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
36 - mark amd64 stable also. bug #151877
37
38 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
39 - mark 2.6.17-r1 stable
40
41 27 Aug 2006; Christian Heim <phreak@gentoo.org>
42 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
43 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
44
45 *hardened-sources-2.6.17-r1 (26 Aug 2006)
46
47 26 Aug 2006; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.17-r1.ebuild:
49 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
50 grsecurity patch.
51
52 *hardened-sources-2.6.17 (17 Aug 2006)
53
54 17 Aug 2006; Christian Heim <phreak@gentoo.org>
55 +hardened-sources-2.6.17.ebuild:
56 Bumping the hardened-sources-2.6 series to 2.6.17, using
57 genpatches-2.6.17-6.base.
58
59 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
60 - stable on x86 and amd64
61
62 *hardened-sources-2.6.16-r11 (15 Jul 2006)
63
64 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
65 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
66 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
67 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
68 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
69 crusty ebuilds
70
71 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
72 hardened-sources-2.6.16-r10.ebuild:
73 marking stable on x86 and amd64
74
75 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
76 - 2.4.32-r6 stable on x86. RSBAC state unknown
77
78 *hardened-sources-2.4.32-r7 (10 Jul 2006)
79
80 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
81 +hardened-sources-2.4.32-r7.ebuild:
82 Bump PaX for RSBAC to test-17
83
84 *hardened-sources-2.6.16-r9 (03 Jul 2006)
85
86 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
87 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
88 hardened-sources-2.6.16 bump to latest -base.
89
90 *hardened-sources-2.4.32-r6 (30 Jun 2006)
91
92 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
93 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
94 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
95 sysctl controlable resource logging
96
97 *hardened-sources-2.6.16-r7 (05 Jun 2006)
98
99 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
100 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
101 push new 2.6.16 release in preparation for stable
102
103 22 May 2006; <solar@gentoo.org> :
104 - redigest bug 134002
105
106 *hardened-sources-2.4.32-r5 (16 May 2006)
107
108 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
109 +hardened-sources-2.4.32-r5.ebuild:
110 Fixes rsbac common patching (new patch in new -r5 patchset)
111
112 *hardened-sources-2.4.32-r4 (13 May 2006)
113
114 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
115 +hardened-sources-2.4.32-r4.ebuild:
116 - security bumps
117
118 *hardened-sources-2.6.16-r6 (03 May 2006)
119
120 03 May 2006; John Mylchreest <johnm@gentoo.org>
121 +hardened-sources-2.6.16-r6.ebuild:
122 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
123
124 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
125 hardened-sources-2.6.14-r8.ebuild:
126 fix x86_64 build problem, this will delay the digest issue again for a short
127 while but it will sort itself out
128
129 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
130 hardened-sources-2.6.14-r8.ebuild:
131 bump hardened patchset
132
133 27 Apr 2006; Alec Warner <antarus@gentoo.org>
134 files/digest-hardened-sources-2.4.32-r2,
135 files/digest-hardened-sources-2.4.32-r3,
136 files/digest-hardened-sources-2.6.14-r8, Manifest:
137 Fixing duff SHA256 digests: Bug # 131293
138
139 *hardened-sources-2.6.16-r5 (27 Apr 2006)
140
141 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
142 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
143 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
144 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
145 cleanup of old uneccessary sources
146
147 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
148 fix digest
149
150 *hardened-sources-2.6.14-r8 (20 Apr 2006)
151
152 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
153 +hardened-sources-2.6.14-r8.ebuild:
154 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
155
156 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
157 Turning on gpg-signing again, and recomitting
158
159 *hardened-sources-2.6.16-r4 (20 Apr 2006)
160
161 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
162 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
163 +hardened-sources-2.6.16-r4.ebuild:
164 Fix numerous security vulns
165
166 *hardened-sources-2.4.32-r3 (16 Apr 2006)
167
168 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
169 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
170 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
171 - security bump for bug #112791. Removed old ebuilds
172
173 *hardened-sources-2.6.16-r3 (15 Apr 2006)
174
175 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
176 +hardened-sources-2.6.16-r3.ebuild:
177 Removing silly localversion which I missed
178
179 *hardened-sources-2.6.14-r7 (14 Apr 2006)
180
181 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
182 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
183 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
184
185 *hardened-sources-2.6.16-r2 (13 Apr 2006)
186
187 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
188 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
189 +hardened-sources-2.6.16-r2.ebuild:
190 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
191 labels, dropping USERGROUP define fixes, since these were merged mainstream.
192
193 *hardened-sources-2.6.16-r1 (11 Apr 2006)
194
195 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
196 +hardened-sources-2.6.16-r1.ebuild:
197 Bumping to include ppc build fix and 2.6.16.3
198
199 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
200 hardened-sources-2.6.14-r6.ebuild:
201 Stable on x86; bug #127718
202
203 *hardened-sources-2.6.16 (31 Mar 2006)
204
205 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
206 +hardened-sources-2.6.16.ebuild:
207 Bumping to new version of grsec, and kernel base. New squashfs. Based on
208 2.6.16.1
209
210 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
211 hardened-sources-2.6.14-r6.ebuild:
212 Stable on amd64, bug 127718.
213
214 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
215 Stable on ppc. Bug #127718
216
217 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
218 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
219 -hardened-sources-2.6.14-r4.ebuild:
220 Cleanup.
221
222 *hardened-sources-2.6.14-r6 (15 Mar 2006)
223
224 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
225 +hardened-sources-2.6.14-r6.ebuild:
226 Fixes grsec policy recreation bug and adds a
227 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
228
229 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
230 - stable on x86
231
232 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
233 hardened-sources-2.6.14-r5.ebuild:
234 Stable on ppc.
235
236 *hardened-sources-2.6.14-r5 (01 Feb 2006)
237
238 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
239 +hardened-sources-2.6.14-r5.ebuild:
240 fixing every known exploit
241
242 *hardened-sources-2.4.32-r2 (26 Jan 2006)
243
244 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
245 +hardened-sources-2.4.32-r2.ebuild:
246 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
247
248 *hardened-sources-2.6.14-r4 (12 Jan 2006)
249
250 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
251 - version bump for new genpatches which fix up a few sec holes
252
253 *hardened-sources-2.4.32-r1 (05 Jan 2006)
254
255 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
256 - revision bump to add misc vital linux kernel security patches.
257
258 *hardened-sources-2.6.14-r3 (30 Dec 2005)
259
260 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
261 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
262 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
263
264 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
265 hardened-sources-2.6.14-r2.ebuild:
266 making x86 & amd64 stable following testing.
267
268 *hardened-sources-2.6.14-r2 (27 Dec 2005)
269
270 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
271 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
272 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
273 network hooks.
274
275 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
276 hardened-sources-2.6.14-r1.ebuild:
277 bumping to stable early for sec fix on x86 & amd64
278
279 *hardened-sources-2.6.14-r1 (05 Dec 2005)
280
281 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
282 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
283 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
284
285 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
286 - stable on x86 security bug #114227 CAN-2005-3257
287
288 *hardened-sources-2.4.32 (19 Nov 2005)
289
290 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
291 +hardened-sources-2.4.32.ebuild:
292 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
293 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
294 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
295 rsbac >> /etc/portage/package.use)
296
297 *hardened-sources-2.6.14 (14 Nov 2005)
298
299 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
300 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
301 Bumping 2.6 series to 2.6.14.2
302
303 *hardened-sources-2.6.13-r2 (20 Oct 2005)
304
305 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
306 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
307 +hardened-sources-2.6.13-r2.ebuild:
308 Fixes minor build error in ppc.
309
310 *hardened-sources-2.6.13-r1 (17 Oct 2005)
311
312 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
313 +hardened-sources-2.6.13-r1.ebuild:
314 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
315 2.6.13.4, fixes some major amd64 stability problems.
316
317 *hardened-sources-2.6.13 (16 Sep 2005)
318
319 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
320 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
321 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
322 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
323 users should test this thoroughly.
324
325 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
326 - stable on x86
327
328 *hardened-sources-2.6.11-r15 (27 Jun 2005)
329
330 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
331 +hardened-sources-2.6.11-r15.ebuild:
332 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
333 grsec redefining curr_ip struct.
334
335 *hardened-sources-2.4.31 (20 Jun 2005)
336
337 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
338 initial import of 2.4.31 tree
339
340 *hardened-sources-2.6.11-r14 (14 Jun 2005)
341
342 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
343 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
344 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
345 naming scheme to abide by genpatches
346
347 *hardened-sources-2.6.11-r13 (18 May 2005)
348
349 18 May 2005; John Mylchreest <johnm@gentoo.org>
350 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
351 Managed to mangle the Makefile patch from grsec, to miss out the grsec
352 target. sorry about that. Fixes bug #93022
353
354 *hardened-sources-2.6.11-r12 (17 May 2005)
355
356 17 May 2005; John Mylchreest <johnm@gentoo.org>
357 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
358 +hardened-sources-2.6.11-r12.ebuild:
359 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
360 merges in genpatches-base
361
362 *hardened-sources-2.6.11-r12 (17 May 2005)
363
364 17 May 2005; John Mylchreest <johnm@gentoo.org>
365 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
366 +hardened-sources-2.6.11-r12.ebuild:
367 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
368 merges in genpatches-base
369
370 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
371 -files/2.4.27-cmdline-race.patch,
372 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
373 -files/2.4.28-grsec-binfmt_a.out.patch,
374 -files/2.4.28-grsec-cmdline-race.patch,
375 -files/2.4.28-selinux-binfmt_a.out.patch,
376 -files/2.4.28-selinux-cmdline-race.patch,
377 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
378 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
379 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
380 cleanup..
381
382 *hardened-sources-2.4.30-r1 (21 Apr 2005)
383
384 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
385 - disable aout by default
386
387 *hardened-sources-2.4.30 (18 Apr 2005)
388
389 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
390 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
391 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
392 use
393
394 *hardened-sources-2.4.29 (30 Mar 2005)
395
396 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
397 +hardened-sources-2.4.29.ebuild:
398 New hardened-patches-2.4-29.0 patchball.
399 Removed SELinux support, upgraded GRSecurity to 2.1.4.
400
401 *hardened-sources-2.4.28-r5 (06 Mar 2005)
402
403 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
404 +hardened-sources-2.4.28-r5.ebuild:
405 Added a fix for a PaX vulnerability.
406
407 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
408 hardened-sources-2.4.28-r4.ebuild:
409 Stable on x86
410
411 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
412 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
413 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
414 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
415 - fixed/added RDEPEND= in all kernel-2 ebuilds
416
417 *hardened-sources-2.4.28-r4 (21 Jan 2005)
418
419 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
420 +hardened-sources-2.4.28-r4.ebuild:
421 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
422 backport of neighbour hash updates.
423
424 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
425 hardened-sources-2.4.28-r3.ebuild:
426 Stable on x86
427
428 *hardened-sources-2.6.10-r3 (20 Jan 2005)
429
430 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
431 +hardened-sources-2.6.10-r3.ebuild:
432 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
433 in 2005.0
434
435 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
436 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
437 hardened-sources-2.4.28-r2.ebuild:
438 Mark stable on x86
439
440 *hardened-sources-2.4.28-r3 (17 Jan 2005)
441
442 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
443 +hardened-sources-2.4.28-r3.ebuild:
444 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
445
446 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
447 hardened-sources-2.4.28.ebuild:
448 Mark stable on x86.
449
450 *hardened-sources-2.4.28-r2 (13 Jan 2005)
451
452 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
453 +hardened-sources-2.4.28-r2.ebuild:
454 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
455 Mazinger for grsecurity patches as well.
456
457 *hardened-sources-2.4.28-r1 (23 Dec 2004)
458
459 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
460 Security bump. Thank tocharian for rolling a new patchset...
461
462 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
463 +files/2.4.28-grsec-cmdline-race.patch,
464 +files/2.4.28-selinux-binfmt_a.out.patch,
465 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
466 - Round up remaining security patches that appear to be missing in 2.4.28. -
467 PaX standalone updated to current. hgpv=28.1
468
469 *hardened-sources-2.4.28 (28 Nov 2004)
470
471 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
472 security bump. Thank tocharian for rolling a new patchset
473
474 *hardened-sources-2.4.27-r3 (08 Sep 2004)
475
476 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
477 +hardened-sources-2.4.27-r3.ebuild:
478 Applies the new 2.4-27.2 patchball which updates
479 GRSecurity to the 2.0.1 version.
480
481 *hardened-sources-2.4.27-r2 (31 Aug 2004)
482
483 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
484 +hardened-sources-2.4.27-r2.ebuild:
485 Version bump.
486 This version uses the new 2.4-27.1 patchball which updates
487 both the SELinux PaX hooks patch and the SELinux headers.
488
489 *hardened-sources-2.4.27-r1 (09 Aug 2004)
490
491 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
492 +hardened-sources-2.4.27-r1.ebuild,
493 -hardened-sources-2.4.27.ebuild,
494 +files/2.4.27-cmdline-race.patch:
495 Version bump, fix for cmdline race. See bug #59905.
496
497 *hardened-sources-2.4.26-r6 (09 Aug 2004)
498
499 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
500 +hardened-sources-2.4.26-r6.ebuild,
501 -hardened-sources-2.4.26-r5.ebuild,
502 -hardened-sources-2.4.26-r4.ebuild,
503 +files/2.4.26-cmdline-race.patch:
504 Version bump, fix for cmdline race. See bug #59905.
505
506 *hardened-sources-2.4.27 (08 Aug 2004)
507
508 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
509 +hardened-sources-2.4.27.ebuild,
510 +files/2.4.27-CAN-2004-0394.patch:
511 Ported the patchball to the 2.4.27 kernel version.
512
513 *hardened-sources-2.4.26-r5 (07 Aug 2004)
514
515 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
516 +hardened-sources-2.4.26-r5.ebuild:
517 Updated to use the new hardened-patches-2.4-26.1 patchball.
518 It adds the following features:
519 - Squashfs
520 - Ebtables
521 - Netdev random (core+drivers)
522 - Watchdog Timer (WDT) fix.
523
524 *hardened-sources-2.4.26-r4 (04 Aug 2004)
525
526 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
527 +hardened-sources-2.4.26-r4.ebuild,
528 +files/2.4.26-CAN-2004-0415.patch,
529 -hardened-sources-2.4.26-3:
530 Version bump, fix for CAN 0415, see bug #59378.
531
532 *hardened-sources-2.4.26-r3 (22 Jul 2004)
533
534 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
535 +hardened-sources-2.4.26-r3.ebuild,
536 +files/2.4.26-CAN-2004-0497.patch,
537 -hardened-sources-2.4.26-r2.ebuild:
538 Version bump, fixed CAN 0497, see bug #56171.
539
540 *hardened-sources-2.4.26-r2 (29 Jun 2004)
541
542 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
543 +hardened-sources-2.4.26-r2.ebuild,
544 +files/2.4.26-CAN-2004-0495.patch,
545 +files/2.4.26-CAN-2004-0535.patch,
546 -hardened-sources-2.4.26-r1.ebuild:
547 Fixes for both CAN 0495 and 0535, see bug #54976
548
549 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
550 hardened-sources-2.4.26-r1.ebuild:
551 QA - fix use invocation
552
553 *hardened-sources-2.4.26-r1 (22 June 2004)
554
555 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
556 +hardened-sources-2.4.26-r1.ebuild,
557 +files/2.4.26-CAN-2004-0394.patch,
558 +files/2.4.26-signal-race.patch,
559 -hardened-sources-2.4.26.ebuild,
560 -hardened-sources-2.4.24-r3.ebuild:
561 Version bump for the CAN-2004-0394 issue and bug #53804
562 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
563
564
565 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
566 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
567 Masked hardened-sources-2.4.26.ebuild broken for ppc
568
569 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
570 hardened-sources-2.4.24-r3.ebuild:
571 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
572
573 *hardened-sources-2.4.26 (29 May 2004)
574
575 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
576 +hardened-sources-2.4.26.ebuild:
577 Updated hardened-sources for the 2.4.26 kernel
578 Removed broken components, updated almost everything.
579
580 *hardened-sources-2.4.24-r3 (17 Apr 2004)
581
582 17 Apr 2004; <plasmaroo@gentoo.org>
583 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
584 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
585 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
586 +hardened-sources-2.4.24-r3.ebuild:
587 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
588 vulnerabilities. Old revisions removed.
589
590 *hardened-sources-2.4.24-r2 (15 Apr 2004)
591
592 15 Apr 2004; <plasmaroo@gentoo.org>
593 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
594 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
595 Version bump for the CAN-2004-0109 issue; bug #47881.
596
597 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
598 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
599 Add eutils to inherit.
600
601 *hardened-sources-2.4.24-r1 (19 Feb 2004)
602
603 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
604 files/hardened-sources-2.4.24.munmap.patch:
605 Added the patch for the mremap/munmap vulnerability. Bug #42024.
606
607 *hardened-sources-2.4.24 (06 Feb 2004)
608
609 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
610 hardened-sources-2.4.24.ebuild:
611 Version bump, updated most of the components.
612 This release includes the following:
613
614 - Hardened security
615 - Netfilter patch-o-matic 20031219
616 - FreeSWAN 2.04 & x509 1.4.8
617 - EVMS 2.2.2
618 - XFS 1.3.1
619 - cryptoloop jari
620 - grsecurity 2.0-rc4
621 - SELinux
622 - PaX 200402060000
623 - PaX Obscurity 200308302223
624 - Others...
625
626 Neither -ck nor systrace are included anymore.
627
628 *hardened-sources-2.4.22-r2 (05 Jan 2004)
629
630 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
631 hardened-sources-2.4.22-r2.ebuild:
632 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
633
634 *hardened-sources-2.4.22-r1 (02 Dec 2003)
635
636 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
637 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
638
639 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
640 hardened-sources-2.4.22-r1.ebuild:
641 Version bump for the 'do_brk' vulnerability.
642
643 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
644 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
645 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
646 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
647 Fix the 'do_brk' vulnerability.
648
649 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
650 hardened-sources-2.4.22.ebuild:
651 - Removed the src_install() portion for SELinux flask
652 components. These are no longer handled in the kernel
653 so this code was not necessary.
654
655 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
656 New 2.4.22 based hardened-sources thanks to
657 Phil West <p.west@computer.org>.
658
659 These sources include:
660 - New SELinux API
661 - Updated CK-base
662 - Updated GRSec
663 - Systrace
664 - SuperFreeS/WAN 1.99.8
665 - Propolice kernel build support
666 - EVMS
667 - Other various security related patches
668
669 *hardened-sources-2.4.21 (14 Sep 2003)
670
671 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
672 Updated hardened-sources based on the 2.4.21 Linux kernel.
673 This includes updates to most major components such as:
674 - ck-base-0306300059
675 - selinux-2.4-2003071106
676 - grsecurity-2.0-rc1
677 - Updated IPTables patch-o-matic
678 - Updated SuperFreeS/WAN
679
680 Thanks to Phil West <pwest@computer.org> for his work in getting this
681 updated patch set ready for the 2.4.21 based kernel.
682
683 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
684 Initial import of hardened-sources-2.4.20-r4. This revision
685 includes only a few changes, but one of these is an important
686 security fix. It is recommended all users of hardened-sources
687 upgrade to this release.
688
689 - ioperm bug fix
690 - fixed compilation failure when building without GRSec
691
692 SAL (Secure Auditing for Linux) is NOT included in this revision
693 due to time constraints, but is planned for inclusion in the near
694 future.
695
696 *hardened-sources-2.4.20-r2 (12 Jun 2003)
697
698 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
699 hardened-sources-2.4.20-r3.ebuild:
700 Add Header...
701
702 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
703 hardened-sources-2.4.20-r3.ebuild:
704 Removed warnings from ebuild. This kernel should be safe to
705 use at this point.
706
707 *hardened-sources-2.4.20-r3 (08 Jun 2003)
708
709 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
710 hardened-sources-2.4.20-r3.ebuild:
711 New revision. Includes the following changes over -r2:
712
713 - ck7-base (O(1), preempt, low latency)
714 - Super FreeS/WAN 1.99.7rc2
715 - PaX for the LSM/SELinux branch
716 - GRSecurity 2.0-pre4 (role based access control)
717 - Systrace 1.3
718 - EXT3 fixes
719 - EVMS 2.0.1
720 - GCC 3.1+ compile optimizations
721 - ProPolice kernel build support
722 - Hashing table security fixes
723
724 *hardened-sources-2.4.20-r1 (09 Apr 2003)
725
726 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
727 Initial import of hardened-sources-r2. This new
728 ebuild includes many new performance and security
729 related patches. As in -r1, it will patch in
730 LSM/SELinux if "selinux" is in USE, otherwise it
731 will patch in GRSecurity. The following patches
732 are included in this revision:
733
734 - O(1) Scheduler, Low Latency, and Preempt
735 (pulled from the base CK patch)
736 - ptrace exploit patch for the LSM kernel
737 (the GRSec patch already fixes this)
738 - LSM 2.4-2003040709
739 - SELinux 2.4-2003040709
740 - Systrace v1.2
741 - IPTables patch-o-matic base patches - 20030107
742 - CryptoAPI 2.4.20.1 w/ loop-jari patch
743 - Super FreeS/WAN 1.99.6.1
744 - GRSecurity 1.9.9g
745 - MPPE
746 - EXT3 data journal fix
747 - CIPE 1.5.4
748
749 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
750 hardened-sources-2.4.20-r1.ebuild, manifest:
751 Updated to install flask components correctly for selinux.
752
753 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
754 hardened-sources-2.4.20-r1.ebuild:
755 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
756 is patched in instead. Ptrace patches for selinux have also been added. In
757 either case, systrace support will be patched in as well.
758
759 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
760 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
761 Revision bump for new sources.
762
763 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
764 hardened-sources-2.4.20-r1.ebuild:
765 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
766
767 *hardened-sources-2.4.20 (30 Mar 2003)
768
769 30 Mar 2003; Joshua Brindle <method@gentoo.org>
770 hardened-sources-2.4.20.ebuild:
771 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20