/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.42 - (show annotations) (download)
Fri Jan 14 03:07:38 2005 UTC (9 years, 11 months ago) by tocharian
Branch: MAIN
Changes since 1.41: +9 -2 lines
Updates security fixes and adds squashfs 2.1 support.  Thanks to Peter S. Mazinger for grsecurity patches as well.

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.41 2004/12/24 19:45:08 plasmaroo Exp $
4
5 *hardened-sources-2.4.28-r2 (13 Jan 2005)
6
7 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
8 +hardened-sources-2.4.28-r2.ebuild:
9 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
10 Mazinger for grsecurity patches as well.
11
12 *hardened-sources-2.4.28-r1 (23 Dec 2004)
13
14 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
15 Security bump. Thank tocharian for rolling a new patchset...
16
17 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
18 +files/2.4.28-grsec-cmdline-race.patch,
19 +files/2.4.28-selinux-binfmt_a.out.patch,
20 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
21 - Round up remaining security patches that appear to be missing in 2.4.28. -
22 PaX standalone updated to current. hgpv=28.1
23
24 *hardened-sources-2.4.28 (28 Nov 2004)
25
26 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
27 security bump. Thank tocharian for rolling a new patchset
28
29 *hardened-sources-2.4.27-r3 (08 Sep 2004)
30
31 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
32 +hardened-sources-2.4.27-r3.ebuild:
33 Applies the new 2.4-27.2 patchball which updates
34 GRSecurity to the 2.0.1 version.
35
36 *hardened-sources-2.4.27-r2 (31 Aug 2004)
37
38 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
39 +hardened-sources-2.4.27-r2.ebuild:
40 Version bump.
41 This version uses the new 2.4-27.1 patchball which updates
42 both the SELinux PaX hooks patch and the SELinux headers.
43
44 *hardened-sources-2.4.27-r1 (09 Aug 2004)
45
46 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
47 +hardened-sources-2.4.27-r1.ebuild,
48 -hardened-sources-2.4.27.ebuild,
49 +files/2.4.27-cmdline-race.patch:
50 Version bump, fix for cmdline race. See bug #59905.
51
52 *hardened-sources-2.4.26-r6 (09 Aug 2004)
53
54 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
55 +hardened-sources-2.4.26-r6.ebuild,
56 -hardened-sources-2.4.26-r5.ebuild,
57 -hardened-sources-2.4.26-r4.ebuild,
58 +files/2.4.26-cmdline-race.patch:
59 Version bump, fix for cmdline race. See bug #59905.
60
61 *hardened-sources-2.4.27 (08 Aug 2004)
62
63 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
64 +hardened-sources-2.4.27.ebuild,
65 +files/2.4.27-CAN-2004-0394.patch:
66 Ported the patchball to the 2.4.27 kernel version.
67
68 *hardened-sources-2.4.26-r5 (07 Aug 2004)
69
70 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
71 +hardened-sources-2.4.26-r5.ebuild:
72 Updated to use the new hardened-patches-2.4-26.1 patchball.
73 It adds the following features:
74 - Squashfs
75 - Ebtables
76 - Netdev random (core+drivers)
77 - Watchdog Timer (WDT) fix.
78
79 *hardened-sources-2.4.26-r4 (04 Aug 2004)
80
81 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
82 +hardened-sources-2.4.26-r4.ebuild,
83 +files/2.4.26-CAN-2004-0415.patch,
84 -hardened-sources-2.4.26-3:
85 Version bump, fix for CAN 0415, see bug #59378.
86
87 *hardened-sources-2.4.26-r3 (22 Jul 2004)
88
89 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
90 +hardened-sources-2.4.26-r3.ebuild,
91 +files/2.4.26-CAN-2004-0497.patch,
92 -hardened-sources-2.4.26-r2.ebuild:
93 Version bump, fixed CAN 0497, see bug #56171.
94
95 *hardened-sources-2.4.26-r2 (29 Jun 2004)
96
97 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
98 +hardened-sources-2.4.26-r2.ebuild,
99 +files/2.4.26-CAN-2004-0495.patch,
100 +files/2.4.26-CAN-2004-0535.patch,
101 -hardened-sources-2.4.26-r1.ebuild:
102 Fixes for both CAN 0495 and 0535, see bug #54976
103
104 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
105 hardened-sources-2.4.26-r1.ebuild:
106 QA - fix use invocation
107
108 *hardened-sources-2.4.26-r1 (22 June 2004)
109
110 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
111 +hardened-sources-2.4.26-r1.ebuild,
112 +files/2.4.26-CAN-2004-0394.patch,
113 +files/2.4.26-signal-race.patch,
114 -hardened-sources-2.4.26.ebuild,
115 -hardened-sources-2.4.24-r3.ebuild:
116 Version bump for the CAN-2004-0394 issue and bug #53804
117 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
118
119
120 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
121 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
122 Masked hardened-sources-2.4.26.ebuild broken for ppc
123
124 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
125 hardened-sources-2.4.24-r3.ebuild:
126 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
127
128 *hardened-sources-2.4.26 (29 May 2004)
129
130 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
131 +hardened-sources-2.4.26.ebuild:
132 Updated hardened-sources for the 2.4.26 kernel
133 Removed broken components, updated almost everything.
134
135 *hardened-sources-2.4.24-r3 (17 Apr 2004)
136
137 17 Apr 2004; <plasmaroo@gentoo.org>
138 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
139 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
140 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
141 +hardened-sources-2.4.24-r3.ebuild:
142 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
143 vulnerabilities. Old revisions removed.
144
145 *hardened-sources-2.4.24-r2 (15 Apr 2004)
146
147 15 Apr 2004; <plasmaroo@gentoo.org>
148 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
149 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
150 Version bump for the CAN-2004-0109 issue; bug #47881.
151
152 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
153 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
154 Add eutils to inherit.
155
156 *hardened-sources-2.4.24-r1 (19 Feb 2004)
157
158 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
159 files/hardened-sources-2.4.24.munmap.patch:
160 Added the patch for the mremap/munmap vulnerability. Bug #42024.
161
162 *hardened-sources-2.4.24 (06 Feb 2004)
163
164 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
165 hardened-sources-2.4.24.ebuild:
166 Version bump, updated most of the components.
167 This release includes the following:
168
169 - Hardened security
170 - Netfilter patch-o-matic 20031219
171 - FreeSWAN 2.04 & x509 1.4.8
172 - EVMS 2.2.2
173 - XFS 1.3.1
174 - cryptoloop jari
175 - grsecurity 2.0-rc4
176 - SELinux
177 - PaX 200402060000
178 - PaX Obscurity 200308302223
179 - Others...
180
181 Neither -ck nor systrace are included anymore.
182
183 *hardened-sources-2.4.22-r2 (05 Jan 2004)
184
185 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
186 hardened-sources-2.4.22-r2.ebuild:
187 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
188
189 *hardened-sources-2.4.22-r1 (02 Dec 2003)
190
191 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
192 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
193
194 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
195 hardened-sources-2.4.22-r1.ebuild:
196 Version bump for the 'do_brk' vulnerability.
197
198 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
199 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
200 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
201 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
202 Fix the 'do_brk' vulnerability.
203
204 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
205 hardened-sources-2.4.22.ebuild:
206 - Removed the src_install() portion for SELinux flask
207 components. These are no longer handled in the kernel
208 so this code was not necessary.
209
210 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
211 New 2.4.22 based hardened-sources thanks to
212 Phil West <p.west@computer.org>.
213
214 These sources include:
215 - New SELinux API
216 - Updated CK-base
217 - Updated GRSec
218 - Systrace
219 - SuperFreeS/WAN 1.99.8
220 - Propolice kernel build support
221 - EVMS
222 - Other various security related patches
223
224 *hardened-sources-2.4.21 (14 Sep 2003)
225
226 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
227 Updated hardened-sources based on the 2.4.21 Linux kernel.
228 This includes updates to most major components such as:
229 - ck-base-0306300059
230 - selinux-2.4-2003071106
231 - grsecurity-2.0-rc1
232 - Updated IPTables patch-o-matic
233 - Updated SuperFreeS/WAN
234
235 Thanks to Phil West <pwest@computer.org> for his work in getting this
236 updated patch set ready for the 2.4.21 based kernel.
237
238 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
239 Initial import of hardened-sources-2.4.20-r4. This revision
240 includes only a few changes, but one of these is an important
241 security fix. It is recommended all users of hardened-sources
242 upgrade to this release.
243
244 - ioperm bug fix
245 - fixed compilation failure when building without GRSec
246
247 SAL (Secure Auditing for Linux) is NOT included in this revision
248 due to time constraints, but is planned for inclusion in the near
249 future.
250
251 *hardened-sources-2.4.20-r2 (12 Jun 2003)
252
253 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
254 hardened-sources-2.4.20-r3.ebuild:
255 Add Header...
256
257 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
258 hardened-sources-2.4.20-r3.ebuild:
259 Removed warnings from ebuild. This kernel should be safe to
260 use at this point.
261
262 *hardened-sources-2.4.20-r3 (08 Jun 2003)
263
264 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
265 hardened-sources-2.4.20-r3.ebuild:
266 New revision. Includes the following changes over -r2:
267
268 - ck7-base (O(1), preempt, low latency)
269 - Super FreeS/WAN 1.99.7rc2
270 - PaX for the LSM/SELinux branch
271 - GRSecurity 2.0-pre4 (role based access control)
272 - Systrace 1.3
273 - EXT3 fixes
274 - EVMS 2.0.1
275 - GCC 3.1+ compile optimizations
276 - ProPolice kernel build support
277 - Hashing table security fixes
278
279 *hardened-sources-2.4.20-r1 (09 Apr 2003)
280
281 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
282 Initial import of hardened-sources-r2. This new
283 ebuild includes many new performance and security
284 related patches. As in -r1, it will patch in
285 LSM/SELinux if "selinux" is in USE, otherwise it
286 will patch in GRSecurity. The following patches
287 are included in this revision:
288
289 - O(1) Scheduler, Low Latency, and Preempt
290 (pulled from the base CK patch)
291 - ptrace exploit patch for the LSM kernel
292 (the GRSec patch already fixes this)
293 - LSM 2.4-2003040709
294 - SELinux 2.4-2003040709
295 - Systrace v1.2
296 - IPTables patch-o-matic base patches - 20030107
297 - CryptoAPI 2.4.20.1 w/ loop-jari patch
298 - Super FreeS/WAN 1.99.6.1
299 - GRSecurity 1.9.9g
300 - MPPE
301 - EXT3 data journal fix
302 - CIPE 1.5.4
303
304 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
305 hardened-sources-2.4.20-r1.ebuild, manifest:
306 Updated to install flask components correctly for selinux.
307
308 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
309 hardened-sources-2.4.20-r1.ebuild:
310 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
311 is patched in instead. Ptrace patches for selinux have also been added. In
312 either case, systrace support will be patched in as well.
313
314 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
315 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
316 Revision bump for new sources.
317
318 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
319 hardened-sources-2.4.20-r1.ebuild:
320 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
321
322 *hardened-sources-2.4.20 (30 Mar 2003)
323
324 30 Mar 2003; Joshua Brindle <method@gentoo.org>
325 hardened-sources-2.4.20.ebuild:
326 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20