/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.43 - (show annotations) (download)
Fri Jan 14 12:48:10 2005 UTC (9 years, 8 months ago) by tocharian
Branch: MAIN
Changes since 1.42: +5 -1 lines
Mark 2.4.28 stable on x86

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.42 2005/01/14 03:07:38 tocharian Exp $
4
5 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
6 hardened-sources-2.4.28.ebuild:
7 Mark stable on x86.
8
9 *hardened-sources-2.4.28-r2 (13 Jan 2005)
10
11 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
12 +hardened-sources-2.4.28-r2.ebuild:
13 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
14 Mazinger for grsecurity patches as well.
15
16 *hardened-sources-2.4.28-r1 (23 Dec 2004)
17
18 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
19 Security bump. Thank tocharian for rolling a new patchset...
20
21 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
22 +files/2.4.28-grsec-cmdline-race.patch,
23 +files/2.4.28-selinux-binfmt_a.out.patch,
24 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
25 - Round up remaining security patches that appear to be missing in 2.4.28. -
26 PaX standalone updated to current. hgpv=28.1
27
28 *hardened-sources-2.4.28 (28 Nov 2004)
29
30 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
31 security bump. Thank tocharian for rolling a new patchset
32
33 *hardened-sources-2.4.27-r3 (08 Sep 2004)
34
35 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
36 +hardened-sources-2.4.27-r3.ebuild:
37 Applies the new 2.4-27.2 patchball which updates
38 GRSecurity to the 2.0.1 version.
39
40 *hardened-sources-2.4.27-r2 (31 Aug 2004)
41
42 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
43 +hardened-sources-2.4.27-r2.ebuild:
44 Version bump.
45 This version uses the new 2.4-27.1 patchball which updates
46 both the SELinux PaX hooks patch and the SELinux headers.
47
48 *hardened-sources-2.4.27-r1 (09 Aug 2004)
49
50 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
51 +hardened-sources-2.4.27-r1.ebuild,
52 -hardened-sources-2.4.27.ebuild,
53 +files/2.4.27-cmdline-race.patch:
54 Version bump, fix for cmdline race. See bug #59905.
55
56 *hardened-sources-2.4.26-r6 (09 Aug 2004)
57
58 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
59 +hardened-sources-2.4.26-r6.ebuild,
60 -hardened-sources-2.4.26-r5.ebuild,
61 -hardened-sources-2.4.26-r4.ebuild,
62 +files/2.4.26-cmdline-race.patch:
63 Version bump, fix for cmdline race. See bug #59905.
64
65 *hardened-sources-2.4.27 (08 Aug 2004)
66
67 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
68 +hardened-sources-2.4.27.ebuild,
69 +files/2.4.27-CAN-2004-0394.patch:
70 Ported the patchball to the 2.4.27 kernel version.
71
72 *hardened-sources-2.4.26-r5 (07 Aug 2004)
73
74 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
75 +hardened-sources-2.4.26-r5.ebuild:
76 Updated to use the new hardened-patches-2.4-26.1 patchball.
77 It adds the following features:
78 - Squashfs
79 - Ebtables
80 - Netdev random (core+drivers)
81 - Watchdog Timer (WDT) fix.
82
83 *hardened-sources-2.4.26-r4 (04 Aug 2004)
84
85 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
86 +hardened-sources-2.4.26-r4.ebuild,
87 +files/2.4.26-CAN-2004-0415.patch,
88 -hardened-sources-2.4.26-3:
89 Version bump, fix for CAN 0415, see bug #59378.
90
91 *hardened-sources-2.4.26-r3 (22 Jul 2004)
92
93 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
94 +hardened-sources-2.4.26-r3.ebuild,
95 +files/2.4.26-CAN-2004-0497.patch,
96 -hardened-sources-2.4.26-r2.ebuild:
97 Version bump, fixed CAN 0497, see bug #56171.
98
99 *hardened-sources-2.4.26-r2 (29 Jun 2004)
100
101 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
102 +hardened-sources-2.4.26-r2.ebuild,
103 +files/2.4.26-CAN-2004-0495.patch,
104 +files/2.4.26-CAN-2004-0535.patch,
105 -hardened-sources-2.4.26-r1.ebuild:
106 Fixes for both CAN 0495 and 0535, see bug #54976
107
108 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
109 hardened-sources-2.4.26-r1.ebuild:
110 QA - fix use invocation
111
112 *hardened-sources-2.4.26-r1 (22 June 2004)
113
114 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
115 +hardened-sources-2.4.26-r1.ebuild,
116 +files/2.4.26-CAN-2004-0394.patch,
117 +files/2.4.26-signal-race.patch,
118 -hardened-sources-2.4.26.ebuild,
119 -hardened-sources-2.4.24-r3.ebuild:
120 Version bump for the CAN-2004-0394 issue and bug #53804
121 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
122
123
124 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
125 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
126 Masked hardened-sources-2.4.26.ebuild broken for ppc
127
128 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
129 hardened-sources-2.4.24-r3.ebuild:
130 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
131
132 *hardened-sources-2.4.26 (29 May 2004)
133
134 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
135 +hardened-sources-2.4.26.ebuild:
136 Updated hardened-sources for the 2.4.26 kernel
137 Removed broken components, updated almost everything.
138
139 *hardened-sources-2.4.24-r3 (17 Apr 2004)
140
141 17 Apr 2004; <plasmaroo@gentoo.org>
142 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
143 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
144 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
145 +hardened-sources-2.4.24-r3.ebuild:
146 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
147 vulnerabilities. Old revisions removed.
148
149 *hardened-sources-2.4.24-r2 (15 Apr 2004)
150
151 15 Apr 2004; <plasmaroo@gentoo.org>
152 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
153 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
154 Version bump for the CAN-2004-0109 issue; bug #47881.
155
156 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
157 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
158 Add eutils to inherit.
159
160 *hardened-sources-2.4.24-r1 (19 Feb 2004)
161
162 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
163 files/hardened-sources-2.4.24.munmap.patch:
164 Added the patch for the mremap/munmap vulnerability. Bug #42024.
165
166 *hardened-sources-2.4.24 (06 Feb 2004)
167
168 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
169 hardened-sources-2.4.24.ebuild:
170 Version bump, updated most of the components.
171 This release includes the following:
172
173 - Hardened security
174 - Netfilter patch-o-matic 20031219
175 - FreeSWAN 2.04 & x509 1.4.8
176 - EVMS 2.2.2
177 - XFS 1.3.1
178 - cryptoloop jari
179 - grsecurity 2.0-rc4
180 - SELinux
181 - PaX 200402060000
182 - PaX Obscurity 200308302223
183 - Others...
184
185 Neither -ck nor systrace are included anymore.
186
187 *hardened-sources-2.4.22-r2 (05 Jan 2004)
188
189 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
190 hardened-sources-2.4.22-r2.ebuild:
191 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
192
193 *hardened-sources-2.4.22-r1 (02 Dec 2003)
194
195 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
196 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
197
198 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
199 hardened-sources-2.4.22-r1.ebuild:
200 Version bump for the 'do_brk' vulnerability.
201
202 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
203 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
204 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
205 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
206 Fix the 'do_brk' vulnerability.
207
208 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
209 hardened-sources-2.4.22.ebuild:
210 - Removed the src_install() portion for SELinux flask
211 components. These are no longer handled in the kernel
212 so this code was not necessary.
213
214 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
215 New 2.4.22 based hardened-sources thanks to
216 Phil West <p.west@computer.org>.
217
218 These sources include:
219 - New SELinux API
220 - Updated CK-base
221 - Updated GRSec
222 - Systrace
223 - SuperFreeS/WAN 1.99.8
224 - Propolice kernel build support
225 - EVMS
226 - Other various security related patches
227
228 *hardened-sources-2.4.21 (14 Sep 2003)
229
230 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
231 Updated hardened-sources based on the 2.4.21 Linux kernel.
232 This includes updates to most major components such as:
233 - ck-base-0306300059
234 - selinux-2.4-2003071106
235 - grsecurity-2.0-rc1
236 - Updated IPTables patch-o-matic
237 - Updated SuperFreeS/WAN
238
239 Thanks to Phil West <pwest@computer.org> for his work in getting this
240 updated patch set ready for the 2.4.21 based kernel.
241
242 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
243 Initial import of hardened-sources-2.4.20-r4. This revision
244 includes only a few changes, but one of these is an important
245 security fix. It is recommended all users of hardened-sources
246 upgrade to this release.
247
248 - ioperm bug fix
249 - fixed compilation failure when building without GRSec
250
251 SAL (Secure Auditing for Linux) is NOT included in this revision
252 due to time constraints, but is planned for inclusion in the near
253 future.
254
255 *hardened-sources-2.4.20-r2 (12 Jun 2003)
256
257 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
258 hardened-sources-2.4.20-r3.ebuild:
259 Add Header...
260
261 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
262 hardened-sources-2.4.20-r3.ebuild:
263 Removed warnings from ebuild. This kernel should be safe to
264 use at this point.
265
266 *hardened-sources-2.4.20-r3 (08 Jun 2003)
267
268 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
269 hardened-sources-2.4.20-r3.ebuild:
270 New revision. Includes the following changes over -r2:
271
272 - ck7-base (O(1), preempt, low latency)
273 - Super FreeS/WAN 1.99.7rc2
274 - PaX for the LSM/SELinux branch
275 - GRSecurity 2.0-pre4 (role based access control)
276 - Systrace 1.3
277 - EXT3 fixes
278 - EVMS 2.0.1
279 - GCC 3.1+ compile optimizations
280 - ProPolice kernel build support
281 - Hashing table security fixes
282
283 *hardened-sources-2.4.20-r1 (09 Apr 2003)
284
285 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
286 Initial import of hardened-sources-r2. This new
287 ebuild includes many new performance and security
288 related patches. As in -r1, it will patch in
289 LSM/SELinux if "selinux" is in USE, otherwise it
290 will patch in GRSecurity. The following patches
291 are included in this revision:
292
293 - O(1) Scheduler, Low Latency, and Preempt
294 (pulled from the base CK patch)
295 - ptrace exploit patch for the LSM kernel
296 (the GRSec patch already fixes this)
297 - LSM 2.4-2003040709
298 - SELinux 2.4-2003040709
299 - Systrace v1.2
300 - IPTables patch-o-matic base patches - 20030107
301 - CryptoAPI 2.4.20.1 w/ loop-jari patch
302 - Super FreeS/WAN 1.99.6.1
303 - GRSecurity 1.9.9g
304 - MPPE
305 - EXT3 data journal fix
306 - CIPE 1.5.4
307
308 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
309 hardened-sources-2.4.20-r1.ebuild, manifest:
310 Updated to install flask components correctly for selinux.
311
312 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
313 hardened-sources-2.4.20-r1.ebuild:
314 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
315 is patched in instead. Ptrace patches for selinux have also been added. In
316 either case, systrace support will be patched in as well.
317
318 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
319 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
320 Revision bump for new sources.
321
322 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
323 hardened-sources-2.4.20-r1.ebuild:
324 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
325
326 *hardened-sources-2.4.20 (30 Mar 2003)
327
328 30 Mar 2003; Joshua Brindle <method@gentoo.org>
329 hardened-sources-2.4.20.ebuild:
330 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20