/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.44 - (show annotations) (download)
Tue Jan 18 00:21:14 2005 UTC (9 years, 5 months ago) by tocharian
Branch: MAIN
Changes since 1.43: +7 -1 lines
Fix SMP page fault handler vuln, and update device-mapper and evms patches.

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.43 2005/01/14 12:48:10 tocharian Exp $
4
5 *hardened-sources-2.4.28-r3 (17 Jan 2005)
6
7 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
8 +hardened-sources-2.4.28-r3.ebuild:
9 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
10
11 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
12 hardened-sources-2.4.28.ebuild:
13 Mark stable on x86.
14
15 *hardened-sources-2.4.28-r2 (13 Jan 2005)
16
17 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
18 +hardened-sources-2.4.28-r2.ebuild:
19 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
20 Mazinger for grsecurity patches as well.
21
22 *hardened-sources-2.4.28-r1 (23 Dec 2004)
23
24 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
25 Security bump. Thank tocharian for rolling a new patchset...
26
27 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
28 +files/2.4.28-grsec-cmdline-race.patch,
29 +files/2.4.28-selinux-binfmt_a.out.patch,
30 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
31 - Round up remaining security patches that appear to be missing in 2.4.28. -
32 PaX standalone updated to current. hgpv=28.1
33
34 *hardened-sources-2.4.28 (28 Nov 2004)
35
36 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
37 security bump. Thank tocharian for rolling a new patchset
38
39 *hardened-sources-2.4.27-r3 (08 Sep 2004)
40
41 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
42 +hardened-sources-2.4.27-r3.ebuild:
43 Applies the new 2.4-27.2 patchball which updates
44 GRSecurity to the 2.0.1 version.
45
46 *hardened-sources-2.4.27-r2 (31 Aug 2004)
47
48 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
49 +hardened-sources-2.4.27-r2.ebuild:
50 Version bump.
51 This version uses the new 2.4-27.1 patchball which updates
52 both the SELinux PaX hooks patch and the SELinux headers.
53
54 *hardened-sources-2.4.27-r1 (09 Aug 2004)
55
56 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
57 +hardened-sources-2.4.27-r1.ebuild,
58 -hardened-sources-2.4.27.ebuild,
59 +files/2.4.27-cmdline-race.patch:
60 Version bump, fix for cmdline race. See bug #59905.
61
62 *hardened-sources-2.4.26-r6 (09 Aug 2004)
63
64 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
65 +hardened-sources-2.4.26-r6.ebuild,
66 -hardened-sources-2.4.26-r5.ebuild,
67 -hardened-sources-2.4.26-r4.ebuild,
68 +files/2.4.26-cmdline-race.patch:
69 Version bump, fix for cmdline race. See bug #59905.
70
71 *hardened-sources-2.4.27 (08 Aug 2004)
72
73 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
74 +hardened-sources-2.4.27.ebuild,
75 +files/2.4.27-CAN-2004-0394.patch:
76 Ported the patchball to the 2.4.27 kernel version.
77
78 *hardened-sources-2.4.26-r5 (07 Aug 2004)
79
80 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
81 +hardened-sources-2.4.26-r5.ebuild:
82 Updated to use the new hardened-patches-2.4-26.1 patchball.
83 It adds the following features:
84 - Squashfs
85 - Ebtables
86 - Netdev random (core+drivers)
87 - Watchdog Timer (WDT) fix.
88
89 *hardened-sources-2.4.26-r4 (04 Aug 2004)
90
91 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
92 +hardened-sources-2.4.26-r4.ebuild,
93 +files/2.4.26-CAN-2004-0415.patch,
94 -hardened-sources-2.4.26-3:
95 Version bump, fix for CAN 0415, see bug #59378.
96
97 *hardened-sources-2.4.26-r3 (22 Jul 2004)
98
99 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
100 +hardened-sources-2.4.26-r3.ebuild,
101 +files/2.4.26-CAN-2004-0497.patch,
102 -hardened-sources-2.4.26-r2.ebuild:
103 Version bump, fixed CAN 0497, see bug #56171.
104
105 *hardened-sources-2.4.26-r2 (29 Jun 2004)
106
107 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
108 +hardened-sources-2.4.26-r2.ebuild,
109 +files/2.4.26-CAN-2004-0495.patch,
110 +files/2.4.26-CAN-2004-0535.patch,
111 -hardened-sources-2.4.26-r1.ebuild:
112 Fixes for both CAN 0495 and 0535, see bug #54976
113
114 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
115 hardened-sources-2.4.26-r1.ebuild:
116 QA - fix use invocation
117
118 *hardened-sources-2.4.26-r1 (22 June 2004)
119
120 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
121 +hardened-sources-2.4.26-r1.ebuild,
122 +files/2.4.26-CAN-2004-0394.patch,
123 +files/2.4.26-signal-race.patch,
124 -hardened-sources-2.4.26.ebuild,
125 -hardened-sources-2.4.24-r3.ebuild:
126 Version bump for the CAN-2004-0394 issue and bug #53804
127 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
128
129
130 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
131 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
132 Masked hardened-sources-2.4.26.ebuild broken for ppc
133
134 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
135 hardened-sources-2.4.24-r3.ebuild:
136 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
137
138 *hardened-sources-2.4.26 (29 May 2004)
139
140 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
141 +hardened-sources-2.4.26.ebuild:
142 Updated hardened-sources for the 2.4.26 kernel
143 Removed broken components, updated almost everything.
144
145 *hardened-sources-2.4.24-r3 (17 Apr 2004)
146
147 17 Apr 2004; <plasmaroo@gentoo.org>
148 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
149 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
150 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
151 +hardened-sources-2.4.24-r3.ebuild:
152 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
153 vulnerabilities. Old revisions removed.
154
155 *hardened-sources-2.4.24-r2 (15 Apr 2004)
156
157 15 Apr 2004; <plasmaroo@gentoo.org>
158 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
159 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
160 Version bump for the CAN-2004-0109 issue; bug #47881.
161
162 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
163 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
164 Add eutils to inherit.
165
166 *hardened-sources-2.4.24-r1 (19 Feb 2004)
167
168 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
169 files/hardened-sources-2.4.24.munmap.patch:
170 Added the patch for the mremap/munmap vulnerability. Bug #42024.
171
172 *hardened-sources-2.4.24 (06 Feb 2004)
173
174 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
175 hardened-sources-2.4.24.ebuild:
176 Version bump, updated most of the components.
177 This release includes the following:
178
179 - Hardened security
180 - Netfilter patch-o-matic 20031219
181 - FreeSWAN 2.04 & x509 1.4.8
182 - EVMS 2.2.2
183 - XFS 1.3.1
184 - cryptoloop jari
185 - grsecurity 2.0-rc4
186 - SELinux
187 - PaX 200402060000
188 - PaX Obscurity 200308302223
189 - Others...
190
191 Neither -ck nor systrace are included anymore.
192
193 *hardened-sources-2.4.22-r2 (05 Jan 2004)
194
195 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
196 hardened-sources-2.4.22-r2.ebuild:
197 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
198
199 *hardened-sources-2.4.22-r1 (02 Dec 2003)
200
201 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
202 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
203
204 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
205 hardened-sources-2.4.22-r1.ebuild:
206 Version bump for the 'do_brk' vulnerability.
207
208 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
209 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
210 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
211 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
212 Fix the 'do_brk' vulnerability.
213
214 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
215 hardened-sources-2.4.22.ebuild:
216 - Removed the src_install() portion for SELinux flask
217 components. These are no longer handled in the kernel
218 so this code was not necessary.
219
220 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
221 New 2.4.22 based hardened-sources thanks to
222 Phil West <p.west@computer.org>.
223
224 These sources include:
225 - New SELinux API
226 - Updated CK-base
227 - Updated GRSec
228 - Systrace
229 - SuperFreeS/WAN 1.99.8
230 - Propolice kernel build support
231 - EVMS
232 - Other various security related patches
233
234 *hardened-sources-2.4.21 (14 Sep 2003)
235
236 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
237 Updated hardened-sources based on the 2.4.21 Linux kernel.
238 This includes updates to most major components such as:
239 - ck-base-0306300059
240 - selinux-2.4-2003071106
241 - grsecurity-2.0-rc1
242 - Updated IPTables patch-o-matic
243 - Updated SuperFreeS/WAN
244
245 Thanks to Phil West <pwest@computer.org> for his work in getting this
246 updated patch set ready for the 2.4.21 based kernel.
247
248 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
249 Initial import of hardened-sources-2.4.20-r4. This revision
250 includes only a few changes, but one of these is an important
251 security fix. It is recommended all users of hardened-sources
252 upgrade to this release.
253
254 - ioperm bug fix
255 - fixed compilation failure when building without GRSec
256
257 SAL (Secure Auditing for Linux) is NOT included in this revision
258 due to time constraints, but is planned for inclusion in the near
259 future.
260
261 *hardened-sources-2.4.20-r2 (12 Jun 2003)
262
263 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
264 hardened-sources-2.4.20-r3.ebuild:
265 Add Header...
266
267 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
268 hardened-sources-2.4.20-r3.ebuild:
269 Removed warnings from ebuild. This kernel should be safe to
270 use at this point.
271
272 *hardened-sources-2.4.20-r3 (08 Jun 2003)
273
274 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
275 hardened-sources-2.4.20-r3.ebuild:
276 New revision. Includes the following changes over -r2:
277
278 - ck7-base (O(1), preempt, low latency)
279 - Super FreeS/WAN 1.99.7rc2
280 - PaX for the LSM/SELinux branch
281 - GRSecurity 2.0-pre4 (role based access control)
282 - Systrace 1.3
283 - EXT3 fixes
284 - EVMS 2.0.1
285 - GCC 3.1+ compile optimizations
286 - ProPolice kernel build support
287 - Hashing table security fixes
288
289 *hardened-sources-2.4.20-r1 (09 Apr 2003)
290
291 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
292 Initial import of hardened-sources-r2. This new
293 ebuild includes many new performance and security
294 related patches. As in -r1, it will patch in
295 LSM/SELinux if "selinux" is in USE, otherwise it
296 will patch in GRSecurity. The following patches
297 are included in this revision:
298
299 - O(1) Scheduler, Low Latency, and Preempt
300 (pulled from the base CK patch)
301 - ptrace exploit patch for the LSM kernel
302 (the GRSec patch already fixes this)
303 - LSM 2.4-2003040709
304 - SELinux 2.4-2003040709
305 - Systrace v1.2
306 - IPTables patch-o-matic base patches - 20030107
307 - CryptoAPI 2.4.20.1 w/ loop-jari patch
308 - Super FreeS/WAN 1.99.6.1
309 - GRSecurity 1.9.9g
310 - MPPE
311 - EXT3 data journal fix
312 - CIPE 1.5.4
313
314 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
315 hardened-sources-2.4.20-r1.ebuild, manifest:
316 Updated to install flask components correctly for selinux.
317
318 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
319 hardened-sources-2.4.20-r1.ebuild:
320 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
321 is patched in instead. Ptrace patches for selinux have also been added. In
322 either case, systrace support will be patched in as well.
323
324 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
325 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
326 Revision bump for new sources.
327
328 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
329 hardened-sources-2.4.20-r1.ebuild:
330 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
331
332 *hardened-sources-2.4.20 (30 Mar 2003)
333
334 30 Mar 2003; Joshua Brindle <method@gentoo.org>
335 hardened-sources-2.4.20.ebuild:
336 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20