/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.40 - (show annotations) (download)
Mon Nov 29 02:45:14 2004 UTC (10 years, 1 month ago) by solar
Branch: MAIN
Changes since 1.39: +8 -1 lines
- Round up remaining security patches that appear to be missing in 2.4.28. -  PaX standalone updated to current. hgpv=28.1

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.39 2004/11/28 18:10:26 solar Exp $
4
5 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
6 +files/2.4.28-grsec-cmdline-race.patch,
7 +files/2.4.28-selinux-binfmt_a.out.patch,
8 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
9 - Round up remaining security patches that appear to be missing in 2.4.28. -
10 PaX standalone updated to current. hgpv=28.1
11
12 *hardened-sources-2.4.28 (28 Nov 2004)
13
14 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
15 security bump. Thank tocharian for rolling a new patchset
16
17 *hardened-sources-2.4.27-r3 (08 Sep 2004)
18
19 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
20 +hardened-sources-2.4.27-r3.ebuild:
21 Applies the new 2.4-27.2 patchball which updates
22 GRSecurity to the 2.0.1 version.
23
24 *hardened-sources-2.4.27-r2 (31 Aug 2004)
25
26 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
27 +hardened-sources-2.4.27-r2.ebuild:
28 Version bump.
29 This version uses the new 2.4-27.1 patchball which updates
30 both the SELinux PaX hooks patch and the SELinux headers.
31
32 *hardened-sources-2.4.27-r1 (09 Aug 2004)
33
34 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
35 +hardened-sources-2.4.27-r1.ebuild,
36 -hardened-sources-2.4.27.ebuild,
37 +files/2.4.27-cmdline-race.patch:
38 Version bump, fix for cmdline race. See bug #59905.
39
40 *hardened-sources-2.4.26-r6 (09 Aug 2004)
41
42 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
43 +hardened-sources-2.4.26-r6.ebuild,
44 -hardened-sources-2.4.26-r5.ebuild,
45 -hardened-sources-2.4.26-r4.ebuild,
46 +files/2.4.26-cmdline-race.patch:
47 Version bump, fix for cmdline race. See bug #59905.
48
49 *hardened-sources-2.4.27 (08 Aug 2004)
50
51 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
52 +hardened-sources-2.4.27.ebuild,
53 +files/2.4.27-CAN-2004-0394.patch:
54 Ported the patchball to the 2.4.27 kernel version.
55
56 *hardened-sources-2.4.26-r5 (07 Aug 2004)
57
58 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
59 +hardened-sources-2.4.26-r5.ebuild:
60 Updated to use the new hardened-patches-2.4-26.1 patchball.
61 It adds the following features:
62 - Squashfs
63 - Ebtables
64 - Netdev random (core+drivers)
65 - Watchdog Timer (WDT) fix.
66
67 *hardened-sources-2.4.26-r4 (04 Aug 2004)
68
69 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
70 +hardened-sources-2.4.26-r4.ebuild,
71 +files/2.4.26-CAN-2004-0415.patch,
72 -hardened-sources-2.4.26-3:
73 Version bump, fix for CAN 0415, see bug #59378.
74
75 *hardened-sources-2.4.26-r3 (22 Jul 2004)
76
77 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
78 +hardened-sources-2.4.26-r3.ebuild,
79 +files/2.4.26-CAN-2004-0497.patch,
80 -hardened-sources-2.4.26-r2.ebuild:
81 Version bump, fixed CAN 0497, see bug #56171.
82
83 *hardened-sources-2.4.26-r2 (29 Jun 2004)
84
85 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
86 +hardened-sources-2.4.26-r2.ebuild,
87 +files/2.4.26-CAN-2004-0495.patch,
88 +files/2.4.26-CAN-2004-0535.patch,
89 -hardened-sources-2.4.26-r1.ebuild:
90 Fixes for both CAN 0495 and 0535, see bug #54976
91
92 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
93 hardened-sources-2.4.26-r1.ebuild:
94 QA - fix use invocation
95
96 *hardened-sources-2.4.26-r1 (22 June 2004)
97
98 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
99 +hardened-sources-2.4.26-r1.ebuild,
100 +files/2.4.26-CAN-2004-0394.patch,
101 +files/2.4.26-signal-race.patch,
102 -hardened-sources-2.4.26.ebuild,
103 -hardened-sources-2.4.24-r3.ebuild:
104 Version bump for the CAN-2004-0394 issue and bug #53804
105 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
106
107
108 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
109 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
110 Masked hardened-sources-2.4.26.ebuild broken for ppc
111
112 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
113 hardened-sources-2.4.24-r3.ebuild:
114 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
115
116 *hardened-sources-2.4.26 (29 May 2004)
117
118 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
119 +hardened-sources-2.4.26.ebuild:
120 Updated hardened-sources for the 2.4.26 kernel
121 Removed broken components, updated almost everything.
122
123 *hardened-sources-2.4.24-r3 (17 Apr 2004)
124
125 17 Apr 2004; <plasmaroo@gentoo.org>
126 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
127 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
128 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
129 +hardened-sources-2.4.24-r3.ebuild:
130 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
131 vulnerabilities. Old revisions removed.
132
133 *hardened-sources-2.4.24-r2 (15 Apr 2004)
134
135 15 Apr 2004; <plasmaroo@gentoo.org>
136 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
137 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
138 Version bump for the CAN-2004-0109 issue; bug #47881.
139
140 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
141 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
142 Add eutils to inherit.
143
144 *hardened-sources-2.4.24-r1 (19 Feb 2004)
145
146 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
147 files/hardened-sources-2.4.24.munmap.patch:
148 Added the patch for the mremap/munmap vulnerability. Bug #42024.
149
150 *hardened-sources-2.4.24 (06 Feb 2004)
151
152 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
153 hardened-sources-2.4.24.ebuild:
154 Version bump, updated most of the components.
155 This release includes the following:
156
157 - Hardened security
158 - Netfilter patch-o-matic 20031219
159 - FreeSWAN 2.04 & x509 1.4.8
160 - EVMS 2.2.2
161 - XFS 1.3.1
162 - cryptoloop jari
163 - grsecurity 2.0-rc4
164 - SELinux
165 - PaX 200402060000
166 - PaX Obscurity 200308302223
167 - Others...
168
169 Neither -ck nor systrace are included anymore.
170
171 *hardened-sources-2.4.22-r2 (05 Jan 2004)
172
173 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
174 hardened-sources-2.4.22-r2.ebuild:
175 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
176
177 *hardened-sources-2.4.22-r1 (02 Dec 2003)
178
179 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
180 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
181
182 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
183 hardened-sources-2.4.22-r1.ebuild:
184 Version bump for the 'do_brk' vulnerability.
185
186 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
187 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
188 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
189 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
190 Fix the 'do_brk' vulnerability.
191
192 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
193 hardened-sources-2.4.22.ebuild:
194 - Removed the src_install() portion for SELinux flask
195 components. These are no longer handled in the kernel
196 so this code was not necessary.
197
198 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
199 New 2.4.22 based hardened-sources thanks to
200 Phil West <p.west@computer.org>.
201
202 These sources include:
203 - New SELinux API
204 - Updated CK-base
205 - Updated GRSec
206 - Systrace
207 - SuperFreeS/WAN 1.99.8
208 - Propolice kernel build support
209 - EVMS
210 - Other various security related patches
211
212 *hardened-sources-2.4.21 (14 Sep 2003)
213
214 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
215 Updated hardened-sources based on the 2.4.21 Linux kernel.
216 This includes updates to most major components such as:
217 - ck-base-0306300059
218 - selinux-2.4-2003071106
219 - grsecurity-2.0-rc1
220 - Updated IPTables patch-o-matic
221 - Updated SuperFreeS/WAN
222
223 Thanks to Phil West <pwest@computer.org> for his work in getting this
224 updated patch set ready for the 2.4.21 based kernel.
225
226 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
227 Initial import of hardened-sources-2.4.20-r4. This revision
228 includes only a few changes, but one of these is an important
229 security fix. It is recommended all users of hardened-sources
230 upgrade to this release.
231
232 - ioperm bug fix
233 - fixed compilation failure when building without GRSec
234
235 SAL (Secure Auditing for Linux) is NOT included in this revision
236 due to time constraints, but is planned for inclusion in the near
237 future.
238
239 *hardened-sources-2.4.20-r2 (12 Jun 2003)
240
241 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
242 hardened-sources-2.4.20-r3.ebuild:
243 Add Header...
244
245 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
246 hardened-sources-2.4.20-r3.ebuild:
247 Removed warnings from ebuild. This kernel should be safe to
248 use at this point.
249
250 *hardened-sources-2.4.20-r3 (08 Jun 2003)
251
252 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
253 hardened-sources-2.4.20-r3.ebuild:
254 New revision. Includes the following changes over -r2:
255
256 - ck7-base (O(1), preempt, low latency)
257 - Super FreeS/WAN 1.99.7rc2
258 - PaX for the LSM/SELinux branch
259 - GRSecurity 2.0-pre4 (role based access control)
260 - Systrace 1.3
261 - EXT3 fixes
262 - EVMS 2.0.1
263 - GCC 3.1+ compile optimizations
264 - ProPolice kernel build support
265 - Hashing table security fixes
266
267 *hardened-sources-2.4.20-r1 (09 Apr 2003)
268
269 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
270 Initial import of hardened-sources-r2. This new
271 ebuild includes many new performance and security
272 related patches. As in -r1, it will patch in
273 LSM/SELinux if "selinux" is in USE, otherwise it
274 will patch in GRSecurity. The following patches
275 are included in this revision:
276
277 - O(1) Scheduler, Low Latency, and Preempt
278 (pulled from the base CK patch)
279 - ptrace exploit patch for the LSM kernel
280 (the GRSec patch already fixes this)
281 - LSM 2.4-2003040709
282 - SELinux 2.4-2003040709
283 - Systrace v1.2
284 - IPTables patch-o-matic base patches - 20030107
285 - CryptoAPI 2.4.20.1 w/ loop-jari patch
286 - Super FreeS/WAN 1.99.6.1
287 - GRSecurity 1.9.9g
288 - MPPE
289 - EXT3 data journal fix
290 - CIPE 1.5.4
291
292 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
293 hardened-sources-2.4.20-r1.ebuild, manifest:
294 Updated to install flask components correctly for selinux.
295
296 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
297 hardened-sources-2.4.20-r1.ebuild:
298 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
299 is patched in instead. Ptrace patches for selinux have also been added. In
300 either case, systrace support will be patched in as well.
301
302 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
303 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
304 Revision bump for new sources.
305
306 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
307 hardened-sources-2.4.20-r1.ebuild:
308 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
309
310 *hardened-sources-2.4.20 (30 Mar 2003)
311
312 30 Mar 2003; Joshua Brindle <method@gentoo.org>
313 hardened-sources-2.4.20.ebuild:
314 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20