/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.120 - (show annotations) (download)
Fri Dec 8 16:59:35 2006 UTC (7 years, 10 months ago) by nixnut
Branch: MAIN
Changes since 1.119: +4 -1 lines
Stable on ppc wrt bug 157356
(Portage version: 2.1.2_rc2-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.119 2006/12/07 07:26:27 opfer Exp $
4
5 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
6 Stable on ppc wrt bug 157356
7
8 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
9 hardened-sources-2.6.18.ebuild:
10 stable x86, bug #157356
11
12 *hardened-sources-2.6.18-r2 (06 Dec 2006)
13
14 06 Dec 2006; Christian Heim <phreak@gentoo.org>
15 +hardened-sources-2.6.18-r2.ebuild:
16 Revision bump, including 2.6.18.5 (via genpatches) and
17 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
18 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
19 redesign.
20
21 06 Dec 2006; Christian Heim <phreak@gentoo.org>
22 hardened-sources-2.6.18.ebuild:
23 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
24 of Mike Doty).
25
26 *hardened-sources-2.6.18-r1 (23 Nov 2006)
27
28 23 Nov 2006; Christian Heim <phreak@gentoo.org>
29 +hardened-sources-2.6.18-r1.ebuild:
30 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
31
32 *hardened-sources-2.6.18 (11 Nov 2006)
33
34 11 Nov 2006; Christian Heim <phreak@gentoo.org>
35 +hardened-sources-2.6.18.ebuild:
36 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
37
38 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
39 - mark amd64 stable also. bug #151877
40
41 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
42 - mark 2.6.17-r1 stable
43
44 27 Aug 2006; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
46 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
47
48 *hardened-sources-2.6.17-r1 (26 Aug 2006)
49
50 26 Aug 2006; Christian Heim <phreak@gentoo.org>
51 +hardened-sources-2.6.17-r1.ebuild:
52 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
53 grsecurity patch.
54
55 *hardened-sources-2.6.17 (17 Aug 2006)
56
57 17 Aug 2006; Christian Heim <phreak@gentoo.org>
58 +hardened-sources-2.6.17.ebuild:
59 Bumping the hardened-sources-2.6 series to 2.6.17, using
60 genpatches-2.6.17-6.base.
61
62 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
63 - stable on x86 and amd64
64
65 *hardened-sources-2.6.16-r11 (15 Jul 2006)
66
67 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
68 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
69 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
70 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
71 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
72 crusty ebuilds
73
74 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
75 hardened-sources-2.6.16-r10.ebuild:
76 marking stable on x86 and amd64
77
78 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
79 - 2.4.32-r6 stable on x86. RSBAC state unknown
80
81 *hardened-sources-2.4.32-r7 (10 Jul 2006)
82
83 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
84 +hardened-sources-2.4.32-r7.ebuild:
85 Bump PaX for RSBAC to test-17
86
87 *hardened-sources-2.6.16-r9 (03 Jul 2006)
88
89 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
90 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
91 hardened-sources-2.6.16 bump to latest -base.
92
93 *hardened-sources-2.4.32-r6 (30 Jun 2006)
94
95 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
96 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
97 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
98 sysctl controlable resource logging
99
100 *hardened-sources-2.6.16-r7 (05 Jun 2006)
101
102 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
103 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
104 push new 2.6.16 release in preparation for stable
105
106 22 May 2006; <solar@gentoo.org> :
107 - redigest bug 134002
108
109 *hardened-sources-2.4.32-r5 (16 May 2006)
110
111 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
112 +hardened-sources-2.4.32-r5.ebuild:
113 Fixes rsbac common patching (new patch in new -r5 patchset)
114
115 *hardened-sources-2.4.32-r4 (13 May 2006)
116
117 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
118 +hardened-sources-2.4.32-r4.ebuild:
119 - security bumps
120
121 *hardened-sources-2.6.16-r6 (03 May 2006)
122
123 03 May 2006; John Mylchreest <johnm@gentoo.org>
124 +hardened-sources-2.6.16-r6.ebuild:
125 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
126
127 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
128 hardened-sources-2.6.14-r8.ebuild:
129 fix x86_64 build problem, this will delay the digest issue again for a short
130 while but it will sort itself out
131
132 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
133 hardened-sources-2.6.14-r8.ebuild:
134 bump hardened patchset
135
136 27 Apr 2006; Alec Warner <antarus@gentoo.org>
137 files/digest-hardened-sources-2.4.32-r2,
138 files/digest-hardened-sources-2.4.32-r3,
139 files/digest-hardened-sources-2.6.14-r8, Manifest:
140 Fixing duff SHA256 digests: Bug # 131293
141
142 *hardened-sources-2.6.16-r5 (27 Apr 2006)
143
144 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
145 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
146 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
147 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
148 cleanup of old uneccessary sources
149
150 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
151 fix digest
152
153 *hardened-sources-2.6.14-r8 (20 Apr 2006)
154
155 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
156 +hardened-sources-2.6.14-r8.ebuild:
157 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
158
159 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
160 Turning on gpg-signing again, and recomitting
161
162 *hardened-sources-2.6.16-r4 (20 Apr 2006)
163
164 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
165 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
166 +hardened-sources-2.6.16-r4.ebuild:
167 Fix numerous security vulns
168
169 *hardened-sources-2.4.32-r3 (16 Apr 2006)
170
171 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
172 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
173 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
174 - security bump for bug #112791. Removed old ebuilds
175
176 *hardened-sources-2.6.16-r3 (15 Apr 2006)
177
178 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
179 +hardened-sources-2.6.16-r3.ebuild:
180 Removing silly localversion which I missed
181
182 *hardened-sources-2.6.14-r7 (14 Apr 2006)
183
184 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
185 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
186 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
187
188 *hardened-sources-2.6.16-r2 (13 Apr 2006)
189
190 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
191 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
192 +hardened-sources-2.6.16-r2.ebuild:
193 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
194 labels, dropping USERGROUP define fixes, since these were merged mainstream.
195
196 *hardened-sources-2.6.16-r1 (11 Apr 2006)
197
198 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
199 +hardened-sources-2.6.16-r1.ebuild:
200 Bumping to include ppc build fix and 2.6.16.3
201
202 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
203 hardened-sources-2.6.14-r6.ebuild:
204 Stable on x86; bug #127718
205
206 *hardened-sources-2.6.16 (31 Mar 2006)
207
208 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
209 +hardened-sources-2.6.16.ebuild:
210 Bumping to new version of grsec, and kernel base. New squashfs. Based on
211 2.6.16.1
212
213 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
214 hardened-sources-2.6.14-r6.ebuild:
215 Stable on amd64, bug 127718.
216
217 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
218 Stable on ppc. Bug #127718
219
220 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
221 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
222 -hardened-sources-2.6.14-r4.ebuild:
223 Cleanup.
224
225 *hardened-sources-2.6.14-r6 (15 Mar 2006)
226
227 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
228 +hardened-sources-2.6.14-r6.ebuild:
229 Fixes grsec policy recreation bug and adds a
230 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
231
232 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
233 - stable on x86
234
235 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
236 hardened-sources-2.6.14-r5.ebuild:
237 Stable on ppc.
238
239 *hardened-sources-2.6.14-r5 (01 Feb 2006)
240
241 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
242 +hardened-sources-2.6.14-r5.ebuild:
243 fixing every known exploit
244
245 *hardened-sources-2.4.32-r2 (26 Jan 2006)
246
247 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
248 +hardened-sources-2.4.32-r2.ebuild:
249 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
250
251 *hardened-sources-2.6.14-r4 (12 Jan 2006)
252
253 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
254 - version bump for new genpatches which fix up a few sec holes
255
256 *hardened-sources-2.4.32-r1 (05 Jan 2006)
257
258 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
259 - revision bump to add misc vital linux kernel security patches.
260
261 *hardened-sources-2.6.14-r3 (30 Dec 2005)
262
263 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
264 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
265 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
266
267 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
268 hardened-sources-2.6.14-r2.ebuild:
269 making x86 & amd64 stable following testing.
270
271 *hardened-sources-2.6.14-r2 (27 Dec 2005)
272
273 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
274 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
275 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
276 network hooks.
277
278 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
279 hardened-sources-2.6.14-r1.ebuild:
280 bumping to stable early for sec fix on x86 & amd64
281
282 *hardened-sources-2.6.14-r1 (05 Dec 2005)
283
284 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
285 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
286 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
287
288 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
289 - stable on x86 security bug #114227 CAN-2005-3257
290
291 *hardened-sources-2.4.32 (19 Nov 2005)
292
293 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
294 +hardened-sources-2.4.32.ebuild:
295 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
296 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
297 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
298 rsbac >> /etc/portage/package.use)
299
300 *hardened-sources-2.6.14 (14 Nov 2005)
301
302 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
303 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
304 Bumping 2.6 series to 2.6.14.2
305
306 *hardened-sources-2.6.13-r2 (20 Oct 2005)
307
308 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
309 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
310 +hardened-sources-2.6.13-r2.ebuild:
311 Fixes minor build error in ppc.
312
313 *hardened-sources-2.6.13-r1 (17 Oct 2005)
314
315 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
316 +hardened-sources-2.6.13-r1.ebuild:
317 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
318 2.6.13.4, fixes some major amd64 stability problems.
319
320 *hardened-sources-2.6.13 (16 Sep 2005)
321
322 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
323 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
324 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
325 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
326 users should test this thoroughly.
327
328 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
329 - stable on x86
330
331 *hardened-sources-2.6.11-r15 (27 Jun 2005)
332
333 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
334 +hardened-sources-2.6.11-r15.ebuild:
335 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
336 grsec redefining curr_ip struct.
337
338 *hardened-sources-2.4.31 (20 Jun 2005)
339
340 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
341 initial import of 2.4.31 tree
342
343 *hardened-sources-2.6.11-r14 (14 Jun 2005)
344
345 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
346 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
347 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
348 naming scheme to abide by genpatches
349
350 *hardened-sources-2.6.11-r13 (18 May 2005)
351
352 18 May 2005; John Mylchreest <johnm@gentoo.org>
353 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
354 Managed to mangle the Makefile patch from grsec, to miss out the grsec
355 target. sorry about that. Fixes bug #93022
356
357 *hardened-sources-2.6.11-r12 (17 May 2005)
358
359 17 May 2005; John Mylchreest <johnm@gentoo.org>
360 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
361 +hardened-sources-2.6.11-r12.ebuild:
362 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
363 merges in genpatches-base
364
365 *hardened-sources-2.6.11-r12 (17 May 2005)
366
367 17 May 2005; John Mylchreest <johnm@gentoo.org>
368 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
369 +hardened-sources-2.6.11-r12.ebuild:
370 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
371 merges in genpatches-base
372
373 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
374 -files/2.4.27-cmdline-race.patch,
375 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
376 -files/2.4.28-grsec-binfmt_a.out.patch,
377 -files/2.4.28-grsec-cmdline-race.patch,
378 -files/2.4.28-selinux-binfmt_a.out.patch,
379 -files/2.4.28-selinux-cmdline-race.patch,
380 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
381 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
382 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
383 cleanup..
384
385 *hardened-sources-2.4.30-r1 (21 Apr 2005)
386
387 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
388 - disable aout by default
389
390 *hardened-sources-2.4.30 (18 Apr 2005)
391
392 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
393 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
394 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
395 use
396
397 *hardened-sources-2.4.29 (30 Mar 2005)
398
399 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
400 +hardened-sources-2.4.29.ebuild:
401 New hardened-patches-2.4-29.0 patchball.
402 Removed SELinux support, upgraded GRSecurity to 2.1.4.
403
404 *hardened-sources-2.4.28-r5 (06 Mar 2005)
405
406 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
407 +hardened-sources-2.4.28-r5.ebuild:
408 Added a fix for a PaX vulnerability.
409
410 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
411 hardened-sources-2.4.28-r4.ebuild:
412 Stable on x86
413
414 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
415 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
416 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
417 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
418 - fixed/added RDEPEND= in all kernel-2 ebuilds
419
420 *hardened-sources-2.4.28-r4 (21 Jan 2005)
421
422 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
423 +hardened-sources-2.4.28-r4.ebuild:
424 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
425 backport of neighbour hash updates.
426
427 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
428 hardened-sources-2.4.28-r3.ebuild:
429 Stable on x86
430
431 *hardened-sources-2.6.10-r3 (20 Jan 2005)
432
433 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
434 +hardened-sources-2.6.10-r3.ebuild:
435 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
436 in 2005.0
437
438 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
439 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
440 hardened-sources-2.4.28-r2.ebuild:
441 Mark stable on x86
442
443 *hardened-sources-2.4.28-r3 (17 Jan 2005)
444
445 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
446 +hardened-sources-2.4.28-r3.ebuild:
447 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
448
449 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
450 hardened-sources-2.4.28.ebuild:
451 Mark stable on x86.
452
453 *hardened-sources-2.4.28-r2 (13 Jan 2005)
454
455 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
456 +hardened-sources-2.4.28-r2.ebuild:
457 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
458 Mazinger for grsecurity patches as well.
459
460 *hardened-sources-2.4.28-r1 (23 Dec 2004)
461
462 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
463 Security bump. Thank tocharian for rolling a new patchset...
464
465 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
466 +files/2.4.28-grsec-cmdline-race.patch,
467 +files/2.4.28-selinux-binfmt_a.out.patch,
468 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
469 - Round up remaining security patches that appear to be missing in 2.4.28. -
470 PaX standalone updated to current. hgpv=28.1
471
472 *hardened-sources-2.4.28 (28 Nov 2004)
473
474 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
475 security bump. Thank tocharian for rolling a new patchset
476
477 *hardened-sources-2.4.27-r3 (08 Sep 2004)
478
479 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
480 +hardened-sources-2.4.27-r3.ebuild:
481 Applies the new 2.4-27.2 patchball which updates
482 GRSecurity to the 2.0.1 version.
483
484 *hardened-sources-2.4.27-r2 (31 Aug 2004)
485
486 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
487 +hardened-sources-2.4.27-r2.ebuild:
488 Version bump.
489 This version uses the new 2.4-27.1 patchball which updates
490 both the SELinux PaX hooks patch and the SELinux headers.
491
492 *hardened-sources-2.4.27-r1 (09 Aug 2004)
493
494 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
495 +hardened-sources-2.4.27-r1.ebuild,
496 -hardened-sources-2.4.27.ebuild,
497 +files/2.4.27-cmdline-race.patch:
498 Version bump, fix for cmdline race. See bug #59905.
499
500 *hardened-sources-2.4.26-r6 (09 Aug 2004)
501
502 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
503 +hardened-sources-2.4.26-r6.ebuild,
504 -hardened-sources-2.4.26-r5.ebuild,
505 -hardened-sources-2.4.26-r4.ebuild,
506 +files/2.4.26-cmdline-race.patch:
507 Version bump, fix for cmdline race. See bug #59905.
508
509 *hardened-sources-2.4.27 (08 Aug 2004)
510
511 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
512 +hardened-sources-2.4.27.ebuild,
513 +files/2.4.27-CAN-2004-0394.patch:
514 Ported the patchball to the 2.4.27 kernel version.
515
516 *hardened-sources-2.4.26-r5 (07 Aug 2004)
517
518 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
519 +hardened-sources-2.4.26-r5.ebuild:
520 Updated to use the new hardened-patches-2.4-26.1 patchball.
521 It adds the following features:
522 - Squashfs
523 - Ebtables
524 - Netdev random (core+drivers)
525 - Watchdog Timer (WDT) fix.
526
527 *hardened-sources-2.4.26-r4 (04 Aug 2004)
528
529 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
530 +hardened-sources-2.4.26-r4.ebuild,
531 +files/2.4.26-CAN-2004-0415.patch,
532 -hardened-sources-2.4.26-3:
533 Version bump, fix for CAN 0415, see bug #59378.
534
535 *hardened-sources-2.4.26-r3 (22 Jul 2004)
536
537 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
538 +hardened-sources-2.4.26-r3.ebuild,
539 +files/2.4.26-CAN-2004-0497.patch,
540 -hardened-sources-2.4.26-r2.ebuild:
541 Version bump, fixed CAN 0497, see bug #56171.
542
543 *hardened-sources-2.4.26-r2 (29 Jun 2004)
544
545 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
546 +hardened-sources-2.4.26-r2.ebuild,
547 +files/2.4.26-CAN-2004-0495.patch,
548 +files/2.4.26-CAN-2004-0535.patch,
549 -hardened-sources-2.4.26-r1.ebuild:
550 Fixes for both CAN 0495 and 0535, see bug #54976
551
552 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
553 hardened-sources-2.4.26-r1.ebuild:
554 QA - fix use invocation
555
556 *hardened-sources-2.4.26-r1 (22 June 2004)
557
558 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
559 +hardened-sources-2.4.26-r1.ebuild,
560 +files/2.4.26-CAN-2004-0394.patch,
561 +files/2.4.26-signal-race.patch,
562 -hardened-sources-2.4.26.ebuild,
563 -hardened-sources-2.4.24-r3.ebuild:
564 Version bump for the CAN-2004-0394 issue and bug #53804
565 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
566
567
568 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
569 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
570 Masked hardened-sources-2.4.26.ebuild broken for ppc
571
572 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
573 hardened-sources-2.4.24-r3.ebuild:
574 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
575
576 *hardened-sources-2.4.26 (29 May 2004)
577
578 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
579 +hardened-sources-2.4.26.ebuild:
580 Updated hardened-sources for the 2.4.26 kernel
581 Removed broken components, updated almost everything.
582
583 *hardened-sources-2.4.24-r3 (17 Apr 2004)
584
585 17 Apr 2004; <plasmaroo@gentoo.org>
586 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
587 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
588 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
589 +hardened-sources-2.4.24-r3.ebuild:
590 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
591 vulnerabilities. Old revisions removed.
592
593 *hardened-sources-2.4.24-r2 (15 Apr 2004)
594
595 15 Apr 2004; <plasmaroo@gentoo.org>
596 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
597 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
598 Version bump for the CAN-2004-0109 issue; bug #47881.
599
600 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
601 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
602 Add eutils to inherit.
603
604 *hardened-sources-2.4.24-r1 (19 Feb 2004)
605
606 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
607 files/hardened-sources-2.4.24.munmap.patch:
608 Added the patch for the mremap/munmap vulnerability. Bug #42024.
609
610 *hardened-sources-2.4.24 (06 Feb 2004)
611
612 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
613 hardened-sources-2.4.24.ebuild:
614 Version bump, updated most of the components.
615 This release includes the following:
616
617 - Hardened security
618 - Netfilter patch-o-matic 20031219
619 - FreeSWAN 2.04 & x509 1.4.8
620 - EVMS 2.2.2
621 - XFS 1.3.1
622 - cryptoloop jari
623 - grsecurity 2.0-rc4
624 - SELinux
625 - PaX 200402060000
626 - PaX Obscurity 200308302223
627 - Others...
628
629 Neither -ck nor systrace are included anymore.
630
631 *hardened-sources-2.4.22-r2 (05 Jan 2004)
632
633 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
634 hardened-sources-2.4.22-r2.ebuild:
635 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
636
637 *hardened-sources-2.4.22-r1 (02 Dec 2003)
638
639 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
640 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
641
642 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
643 hardened-sources-2.4.22-r1.ebuild:
644 Version bump for the 'do_brk' vulnerability.
645
646 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
647 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
648 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
649 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
650 Fix the 'do_brk' vulnerability.
651
652 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
653 hardened-sources-2.4.22.ebuild:
654 - Removed the src_install() portion for SELinux flask
655 components. These are no longer handled in the kernel
656 so this code was not necessary.
657
658 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
659 New 2.4.22 based hardened-sources thanks to
660 Phil West <p.west@computer.org>.
661
662 These sources include:
663 - New SELinux API
664 - Updated CK-base
665 - Updated GRSec
666 - Systrace
667 - SuperFreeS/WAN 1.99.8
668 - Propolice kernel build support
669 - EVMS
670 - Other various security related patches
671
672 *hardened-sources-2.4.21 (14 Sep 2003)
673
674 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
675 Updated hardened-sources based on the 2.4.21 Linux kernel.
676 This includes updates to most major components such as:
677 - ck-base-0306300059
678 - selinux-2.4-2003071106
679 - grsecurity-2.0-rc1
680 - Updated IPTables patch-o-matic
681 - Updated SuperFreeS/WAN
682
683 Thanks to Phil West <pwest@computer.org> for his work in getting this
684 updated patch set ready for the 2.4.21 based kernel.
685
686 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
687 Initial import of hardened-sources-2.4.20-r4. This revision
688 includes only a few changes, but one of these is an important
689 security fix. It is recommended all users of hardened-sources
690 upgrade to this release.
691
692 - ioperm bug fix
693 - fixed compilation failure when building without GRSec
694
695 SAL (Secure Auditing for Linux) is NOT included in this revision
696 due to time constraints, but is planned for inclusion in the near
697 future.
698
699 *hardened-sources-2.4.20-r2 (12 Jun 2003)
700
701 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
702 hardened-sources-2.4.20-r3.ebuild:
703 Add Header...
704
705 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
706 hardened-sources-2.4.20-r3.ebuild:
707 Removed warnings from ebuild. This kernel should be safe to
708 use at this point.
709
710 *hardened-sources-2.4.20-r3 (08 Jun 2003)
711
712 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
713 hardened-sources-2.4.20-r3.ebuild:
714 New revision. Includes the following changes over -r2:
715
716 - ck7-base (O(1), preempt, low latency)
717 - Super FreeS/WAN 1.99.7rc2
718 - PaX for the LSM/SELinux branch
719 - GRSecurity 2.0-pre4 (role based access control)
720 - Systrace 1.3
721 - EXT3 fixes
722 - EVMS 2.0.1
723 - GCC 3.1+ compile optimizations
724 - ProPolice kernel build support
725 - Hashing table security fixes
726
727 *hardened-sources-2.4.20-r1 (09 Apr 2003)
728
729 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
730 Initial import of hardened-sources-r2. This new
731 ebuild includes many new performance and security
732 related patches. As in -r1, it will patch in
733 LSM/SELinux if "selinux" is in USE, otherwise it
734 will patch in GRSecurity. The following patches
735 are included in this revision:
736
737 - O(1) Scheduler, Low Latency, and Preempt
738 (pulled from the base CK patch)
739 - ptrace exploit patch for the LSM kernel
740 (the GRSec patch already fixes this)
741 - LSM 2.4-2003040709
742 - SELinux 2.4-2003040709
743 - Systrace v1.2
744 - IPTables patch-o-matic base patches - 20030107
745 - CryptoAPI 2.4.20.1 w/ loop-jari patch
746 - Super FreeS/WAN 1.99.6.1
747 - GRSecurity 1.9.9g
748 - MPPE
749 - EXT3 data journal fix
750 - CIPE 1.5.4
751
752 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
753 hardened-sources-2.4.20-r1.ebuild, manifest:
754 Updated to install flask components correctly for selinux.
755
756 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
757 hardened-sources-2.4.20-r1.ebuild:
758 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
759 is patched in instead. Ptrace patches for selinux have also been added. In
760 either case, systrace support will be patched in as well.
761
762 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
763 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
764 Revision bump for new sources.
765
766 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
767 hardened-sources-2.4.20-r1.ebuild:
768 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
769
770 *hardened-sources-2.4.20 (30 Mar 2003)
771
772 30 Mar 2003; Joshua Brindle <method@gentoo.org>
773 hardened-sources-2.4.20.ebuild:
774 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20