Contents of /sys-kernel/hardened-sources/ChangeLog

# ChangeLog for sys-kernel/hardened-sources
# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
# $Header: $

*hardened-sources-2.4.22-r2 (05 Jan 2004)

  05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
  hardened-sources-2.4.22-r2.ebuild:
  Version bump for the 'mremap' and the 'rtc' vulnerabilities.

*hardened-sources-2.4.22-r1 (02 Dec 2003)

  02 Dec 2003; Brian Jackson <iggy@gentoo.org>
  hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.

  02 Dec 2003; Brian Jackson <iggy@gentoo.org>
  hardened-sources-2.4.22-r1.ebuild: 
  Version bump for the 'do_brk' vulnerability.

  01 Dec 2003; Brian Jackson <iggy@gentoo.org>
  hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
  hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
  hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
  Fix the 'do_brk' vulnerability.

  03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.22.ebuild:
  - Removed the src_install() portion for SELinux flask
    components.  These are no longer handled in the kernel
    so this code was not necessary.

  29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
  New 2.4.22 based hardened-sources thanks to
  Phil West <p.west@computer.org>.
  
  These sources include:
        - New SELinux API
        - Updated CK-base
        - Updated GRSec
        - Systrace
        - SuperFreeS/WAN 1.99.8
        - Propolice kernel build support
        - EVMS
        - Other various security related patches

*hardened-sources-2.4.21 (14 Sep 2003)

  14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
  Updated hardened-sources based on the 2.4.21 Linux kernel.
  This includes updates to most major components such as:
    - ck-base-0306300059
    - selinux-2.4-2003071106
    - grsecurity-2.0-rc1
    - Updated IPTables patch-o-matic
    - Updated SuperFreeS/WAN

  Thanks to Phil West <pwest@computer.org> for his work in getting this
  updated patch set ready for the 2.4.21 based kernel.
  
  16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
  Initial import of hardened-sources-2.4.20-r4.  This revision
  includes only a few changes, but one of these is an important
  security fix.  It is recommended all users of hardened-sources
  upgrade to this release.

        - ioperm bug fix
        - fixed compilation failure when building without GRSec

  SAL (Secure Auditing for Linux) is NOT included in this revision
  due to time constraints, but is planned for inclusion in the near
  future.

*hardened-sources-2.4.20-r2 (12 Jun 2003)

  12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
  hardened-sources-2.4.20-r3.ebuild:
  Add Header...

  08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r3.ebuild:
  Removed warnings from ebuild.  This kernel should be safe to
  use at this point.

*hardened-sources-2.4.20-r3 (08 Jun 2003)

  08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r3.ebuild:
  New revision.  Includes the following changes over -r2:

  - ck7-base (O(1), preempt, low latency)
  - Super FreeS/WAN 1.99.7rc2
  - PaX for the LSM/SELinux branch
  - GRSecurity 2.0-pre4 (role based access control)
  - Systrace 1.3
  - EXT3 fixes
  - EVMS 2.0.1
  - GCC 3.1+ compile optimizations
  - ProPolice kernel build support
  - Hashing table security fixes

*hardened-sources-2.4.20-r1 (09 Apr 2003)

  23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
  Initial import of hardened-sources-r2.  This new
  ebuild includes many new performance and security
  related patches.  As in -r1, it will patch in
  LSM/SELinux if "selinux" is in USE, otherwise it
  will patch in GRSecurity.  The following patches
  are included in this revision:

    - O(1) Scheduler, Low Latency, and Preempt
        (pulled from the base CK patch)
    - ptrace exploit patch for the LSM kernel
        (the GRSec patch already fixes this)
    - LSM 2.4-2003040709
    - SELinux 2.4-2003040709
    - Systrace v1.2
    - IPTables patch-o-matic base patches - 20030107
    - CryptoAPI 2.4.20.1 w/ loop-jari patch
    - Super FreeS/WAN 1.99.6.1
    - GRSecurity 1.9.9g
    - MPPE
    - EXT3 data journal fix
    - CIPE 1.5.4

  12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r1.ebuild, manifest:
  Updated to install flask components correctly for selinux.

  12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r1.ebuild:
  LSM/SELinux is now patched in when "selinux" is in USE.  Otherwise, GRSecurity
  is patched in instead.  Ptrace patches for selinux have also been added.  In
  either case, systrace support will be patched in as well.

  09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
  Revision bump for new sources.
  
  09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
  hardened-sources-2.4.20-r1.ebuild:
  Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.

*hardened-sources-2.4.20 (30 Mar 2003)
  
  30 Mar 2003; Joshua Brindle <method@gentoo.org>
  hardened-sources-2.4.20.ebuild:
  Initial import, only has systrace support.

1	# ChangeLog for sys-kernel/hardened-sources
2	# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
3	# $Header: $
4
5	*hardened-sources-2.4.22-r2 (05 Jan 2004)
6
7	05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
8	hardened-sources-2.4.22-r2.ebuild:
9	Version bump for the 'mremap' and the 'rtc' vulnerabilities.
10
11	*hardened-sources-2.4.22-r1 (02 Dec 2003)
12
13	02 Dec 2003; Brian Jackson <iggy@gentoo.org>
14	hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
15
16	02 Dec 2003; Brian Jackson <iggy@gentoo.org>
17	hardened-sources-2.4.22-r1.ebuild:
18	Version bump for the 'do_brk' vulnerability.
19
20	01 Dec 2003; Brian Jackson <iggy@gentoo.org>
21	hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
22	hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
23	hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
24	Fix the 'do_brk' vulnerability.
25
26	03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
27	hardened-sources-2.4.22.ebuild:
28	- Removed the src_install() portion for SELinux flask
29	components. These are no longer handled in the kernel
30	so this code was not necessary.
31
32	29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
33	New 2.4.22 based hardened-sources thanks to
34	Phil West <p.west@computer.org>.
35
36	These sources include:
37	- New SELinux API
38	- Updated CK-base
39	- Updated GRSec
40	- Systrace
41	- SuperFreeS/WAN 1.99.8
42	- Propolice kernel build support
43	- EVMS
44	- Other various security related patches
45
46	*hardened-sources-2.4.21 (14 Sep 2003)
47
48	14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
49	Updated hardened-sources based on the 2.4.21 Linux kernel.
50	This includes updates to most major components such as:
51	- ck-base-0306300059
52	- selinux-2.4-2003071106
53	- grsecurity-2.0-rc1
54	- Updated IPTables patch-o-matic
55	- Updated SuperFreeS/WAN
56
57	Thanks to Phil West <pwest@computer.org> for his work in getting this
58	updated patch set ready for the 2.4.21 based kernel.
59
60	16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
61	Initial import of hardened-sources-2.4.20-r4. This revision
62	includes only a few changes, but one of these is an important
63	security fix. It is recommended all users of hardened-sources
64	upgrade to this release.
65
66	- ioperm bug fix
67	- fixed compilation failure when building without GRSec
68
69	SAL (Secure Auditing for Linux) is NOT included in this revision
70	due to time constraints, but is planned for inclusion in the near
71	future.
72
73	*hardened-sources-2.4.20-r2 (12 Jun 2003)
74
75	12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
76	hardened-sources-2.4.20-r3.ebuild:
77	Add Header...
78
79	08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
80	hardened-sources-2.4.20-r3.ebuild:
81	Removed warnings from ebuild. This kernel should be safe to
82	use at this point.
83
84	*hardened-sources-2.4.20-r3 (08 Jun 2003)
85
86	08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
87	hardened-sources-2.4.20-r3.ebuild:
88	New revision. Includes the following changes over -r2:
89
90	- ck7-base (O(1), preempt, low latency)
91	- Super FreeS/WAN 1.99.7rc2
92	- PaX for the LSM/SELinux branch
93	- GRSecurity 2.0-pre4 (role based access control)
94	- Systrace 1.3
95	- EXT3 fixes
96	- EVMS 2.0.1
97	- GCC 3.1+ compile optimizations
98	- ProPolice kernel build support
99	- Hashing table security fixes
100
101	*hardened-sources-2.4.20-r1 (09 Apr 2003)
102
103	23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
104	Initial import of hardened-sources-r2. This new
105	ebuild includes many new performance and security
106	related patches. As in -r1, it will patch in
107	LSM/SELinux if "selinux" is in USE, otherwise it
108	will patch in GRSecurity. The following patches
109	are included in this revision:
110
111	- O(1) Scheduler, Low Latency, and Preempt
112	(pulled from the base CK patch)
113	- ptrace exploit patch for the LSM kernel
114	(the GRSec patch already fixes this)
115	- LSM 2.4-2003040709
116	- SELinux 2.4-2003040709
117	- Systrace v1.2
118	- IPTables patch-o-matic base patches - 20030107
119	- CryptoAPI 2.4.20.1 w/ loop-jari patch
120	- Super FreeS/WAN 1.99.6.1
121	- GRSecurity 1.9.9g
122	- MPPE
123	- EXT3 data journal fix
124	- CIPE 1.5.4
125
126	12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
127	hardened-sources-2.4.20-r1.ebuild, manifest:
128	Updated to install flask components correctly for selinux.
129
130	12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
131	hardened-sources-2.4.20-r1.ebuild:
132	LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
133	is patched in instead. Ptrace patches for selinux have also been added. In
134	either case, systrace support will be patched in as well.
135
136	09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
137	hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
138	Revision bump for new sources.
139
140	09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
141	hardened-sources-2.4.20-r1.ebuild:
142	Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
143
144	*hardened-sources-2.4.20 (30 Mar 2003)
145
146	30 Mar 2003; Joshua Brindle <method@gentoo.org>
147	hardened-sources-2.4.20.ebuild:
148	Initial import, only has systrace support.
149