/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.22 - (show annotations) (download)
Thu Feb 19 22:24:21 2004 UTC (10 years, 8 months ago) by plasmaroo
Branch: MAIN
Changes since 1.21: +7 -1 lines
Added the patch for the mremap/munmap vulnerability. Bug #42024.

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
3 # $Header: /home/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.21 2004/02/07 02:43:20 scox Exp $
4
5 *hardened-sources-2.4.24-r1 (19 Feb 2004)
6
7 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
8 files/hardened-sources-2.4.24.munmap.patch:
9 Added the patch for the mremap/munmap vulnerability. Bug #42024.
10
11 *hardened-sources-2.4.24 (06 Feb 2004)
12 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
13 hardened-sources-2.4.24.ebuild:
14 Version bump, updated most of the components.
15 This release includes the following:
16
17 - Hardened security
18 - Netfilter patch-o-matic 20031219
19 - FreeSWAN 2.04 & x509 1.4.8
20 - EVMS 2.2.2
21 - XFS 1.3.1
22 - cryptoloop jari
23 - grsecurity 2.0-rc4
24 - SELinux
25 - PaX 200402060000
26 - PaX Obscurity 200308302223
27 - Others...
28
29 Neither -ck nor systrace are included anymore.
30
31 *hardened-sources-2.4.22-r2 (05 Jan 2004)
32
33 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
34 hardened-sources-2.4.22-r2.ebuild:
35 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
36
37 *hardened-sources-2.4.22-r1 (02 Dec 2003)
38
39 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
40 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
41
42 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
43 hardened-sources-2.4.22-r1.ebuild:
44 Version bump for the 'do_brk' vulnerability.
45
46 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
47 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
48 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
49 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
50 Fix the 'do_brk' vulnerability.
51
52 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
53 hardened-sources-2.4.22.ebuild:
54 - Removed the src_install() portion for SELinux flask
55 components. These are no longer handled in the kernel
56 so this code was not necessary.
57
58 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
59 New 2.4.22 based hardened-sources thanks to
60 Phil West <p.west@computer.org>.
61
62 These sources include:
63 - New SELinux API
64 - Updated CK-base
65 - Updated GRSec
66 - Systrace
67 - SuperFreeS/WAN 1.99.8
68 - Propolice kernel build support
69 - EVMS
70 - Other various security related patches
71
72 *hardened-sources-2.4.21 (14 Sep 2003)
73
74 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
75 Updated hardened-sources based on the 2.4.21 Linux kernel.
76 This includes updates to most major components such as:
77 - ck-base-0306300059
78 - selinux-2.4-2003071106
79 - grsecurity-2.0-rc1
80 - Updated IPTables patch-o-matic
81 - Updated SuperFreeS/WAN
82
83 Thanks to Phil West <pwest@computer.org> for his work in getting this
84 updated patch set ready for the 2.4.21 based kernel.
85
86 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
87 Initial import of hardened-sources-2.4.20-r4. This revision
88 includes only a few changes, but one of these is an important
89 security fix. It is recommended all users of hardened-sources
90 upgrade to this release.
91
92 - ioperm bug fix
93 - fixed compilation failure when building without GRSec
94
95 SAL (Secure Auditing for Linux) is NOT included in this revision
96 due to time constraints, but is planned for inclusion in the near
97 future.
98
99 *hardened-sources-2.4.20-r2 (12 Jun 2003)
100
101 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
102 hardened-sources-2.4.20-r3.ebuild:
103 Add Header...
104
105 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
106 hardened-sources-2.4.20-r3.ebuild:
107 Removed warnings from ebuild. This kernel should be safe to
108 use at this point.
109
110 *hardened-sources-2.4.20-r3 (08 Jun 2003)
111
112 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
113 hardened-sources-2.4.20-r3.ebuild:
114 New revision. Includes the following changes over -r2:
115
116 - ck7-base (O(1), preempt, low latency)
117 - Super FreeS/WAN 1.99.7rc2
118 - PaX for the LSM/SELinux branch
119 - GRSecurity 2.0-pre4 (role based access control)
120 - Systrace 1.3
121 - EXT3 fixes
122 - EVMS 2.0.1
123 - GCC 3.1+ compile optimizations
124 - ProPolice kernel build support
125 - Hashing table security fixes
126
127 *hardened-sources-2.4.20-r1 (09 Apr 2003)
128
129 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
130 Initial import of hardened-sources-r2. This new
131 ebuild includes many new performance and security
132 related patches. As in -r1, it will patch in
133 LSM/SELinux if "selinux" is in USE, otherwise it
134 will patch in GRSecurity. The following patches
135 are included in this revision:
136
137 - O(1) Scheduler, Low Latency, and Preempt
138 (pulled from the base CK patch)
139 - ptrace exploit patch for the LSM kernel
140 (the GRSec patch already fixes this)
141 - LSM 2.4-2003040709
142 - SELinux 2.4-2003040709
143 - Systrace v1.2
144 - IPTables patch-o-matic base patches - 20030107
145 - CryptoAPI 2.4.20.1 w/ loop-jari patch
146 - Super FreeS/WAN 1.99.6.1
147 - GRSecurity 1.9.9g
148 - MPPE
149 - EXT3 data journal fix
150 - CIPE 1.5.4
151
152 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
153 hardened-sources-2.4.20-r1.ebuild, manifest:
154 Updated to install flask components correctly for selinux.
155
156 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
157 hardened-sources-2.4.20-r1.ebuild:
158 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
159 is patched in instead. Ptrace patches for selinux have also been added. In
160 either case, systrace support will be patched in as well.
161
162 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
163 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
164 Revision bump for new sources.
165
166 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
167 hardened-sources-2.4.20-r1.ebuild:
168 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
169
170 *hardened-sources-2.4.20 (30 Mar 2003)
171
172 30 Mar 2003; Joshua Brindle <method@gentoo.org>
173 hardened-sources-2.4.20.ebuild:
174 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20