/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.45 - (show annotations) (download)
Tue Jan 18 00:32:37 2005 UTC (9 years, 8 months ago) by tocharian
Branch: MAIN
Changes since 1.44: +6 -1 lines
Mark 2.4.28-r1 and 2.4.28-r2 stable on x86

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.44 2005/01/18 00:21:14 tocharian Exp $
4
5 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
6 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
7 hardened-sources-2.4.28-r2.ebuild:
8 Mark stable on x86
9
10 *hardened-sources-2.4.28-r3 (17 Jan 2005)
11
12 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
13 +hardened-sources-2.4.28-r3.ebuild:
14 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
15
16 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
17 hardened-sources-2.4.28.ebuild:
18 Mark stable on x86.
19
20 *hardened-sources-2.4.28-r2 (13 Jan 2005)
21
22 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
23 +hardened-sources-2.4.28-r2.ebuild:
24 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
25 Mazinger for grsecurity patches as well.
26
27 *hardened-sources-2.4.28-r1 (23 Dec 2004)
28
29 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
30 Security bump. Thank tocharian for rolling a new patchset...
31
32 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
33 +files/2.4.28-grsec-cmdline-race.patch,
34 +files/2.4.28-selinux-binfmt_a.out.patch,
35 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
36 - Round up remaining security patches that appear to be missing in 2.4.28. -
37 PaX standalone updated to current. hgpv=28.1
38
39 *hardened-sources-2.4.28 (28 Nov 2004)
40
41 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
42 security bump. Thank tocharian for rolling a new patchset
43
44 *hardened-sources-2.4.27-r3 (08 Sep 2004)
45
46 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
47 +hardened-sources-2.4.27-r3.ebuild:
48 Applies the new 2.4-27.2 patchball which updates
49 GRSecurity to the 2.0.1 version.
50
51 *hardened-sources-2.4.27-r2 (31 Aug 2004)
52
53 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
54 +hardened-sources-2.4.27-r2.ebuild:
55 Version bump.
56 This version uses the new 2.4-27.1 patchball which updates
57 both the SELinux PaX hooks patch and the SELinux headers.
58
59 *hardened-sources-2.4.27-r1 (09 Aug 2004)
60
61 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
62 +hardened-sources-2.4.27-r1.ebuild,
63 -hardened-sources-2.4.27.ebuild,
64 +files/2.4.27-cmdline-race.patch:
65 Version bump, fix for cmdline race. See bug #59905.
66
67 *hardened-sources-2.4.26-r6 (09 Aug 2004)
68
69 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
70 +hardened-sources-2.4.26-r6.ebuild,
71 -hardened-sources-2.4.26-r5.ebuild,
72 -hardened-sources-2.4.26-r4.ebuild,
73 +files/2.4.26-cmdline-race.patch:
74 Version bump, fix for cmdline race. See bug #59905.
75
76 *hardened-sources-2.4.27 (08 Aug 2004)
77
78 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
79 +hardened-sources-2.4.27.ebuild,
80 +files/2.4.27-CAN-2004-0394.patch:
81 Ported the patchball to the 2.4.27 kernel version.
82
83 *hardened-sources-2.4.26-r5 (07 Aug 2004)
84
85 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
86 +hardened-sources-2.4.26-r5.ebuild:
87 Updated to use the new hardened-patches-2.4-26.1 patchball.
88 It adds the following features:
89 - Squashfs
90 - Ebtables
91 - Netdev random (core+drivers)
92 - Watchdog Timer (WDT) fix.
93
94 *hardened-sources-2.4.26-r4 (04 Aug 2004)
95
96 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
97 +hardened-sources-2.4.26-r4.ebuild,
98 +files/2.4.26-CAN-2004-0415.patch,
99 -hardened-sources-2.4.26-3:
100 Version bump, fix for CAN 0415, see bug #59378.
101
102 *hardened-sources-2.4.26-r3 (22 Jul 2004)
103
104 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
105 +hardened-sources-2.4.26-r3.ebuild,
106 +files/2.4.26-CAN-2004-0497.patch,
107 -hardened-sources-2.4.26-r2.ebuild:
108 Version bump, fixed CAN 0497, see bug #56171.
109
110 *hardened-sources-2.4.26-r2 (29 Jun 2004)
111
112 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
113 +hardened-sources-2.4.26-r2.ebuild,
114 +files/2.4.26-CAN-2004-0495.patch,
115 +files/2.4.26-CAN-2004-0535.patch,
116 -hardened-sources-2.4.26-r1.ebuild:
117 Fixes for both CAN 0495 and 0535, see bug #54976
118
119 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
120 hardened-sources-2.4.26-r1.ebuild:
121 QA - fix use invocation
122
123 *hardened-sources-2.4.26-r1 (22 June 2004)
124
125 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
126 +hardened-sources-2.4.26-r1.ebuild,
127 +files/2.4.26-CAN-2004-0394.patch,
128 +files/2.4.26-signal-race.patch,
129 -hardened-sources-2.4.26.ebuild,
130 -hardened-sources-2.4.24-r3.ebuild:
131 Version bump for the CAN-2004-0394 issue and bug #53804
132 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
133
134
135 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
136 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
137 Masked hardened-sources-2.4.26.ebuild broken for ppc
138
139 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
140 hardened-sources-2.4.24-r3.ebuild:
141 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
142
143 *hardened-sources-2.4.26 (29 May 2004)
144
145 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
146 +hardened-sources-2.4.26.ebuild:
147 Updated hardened-sources for the 2.4.26 kernel
148 Removed broken components, updated almost everything.
149
150 *hardened-sources-2.4.24-r3 (17 Apr 2004)
151
152 17 Apr 2004; <plasmaroo@gentoo.org>
153 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
154 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
155 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
156 +hardened-sources-2.4.24-r3.ebuild:
157 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
158 vulnerabilities. Old revisions removed.
159
160 *hardened-sources-2.4.24-r2 (15 Apr 2004)
161
162 15 Apr 2004; <plasmaroo@gentoo.org>
163 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
164 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
165 Version bump for the CAN-2004-0109 issue; bug #47881.
166
167 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
168 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
169 Add eutils to inherit.
170
171 *hardened-sources-2.4.24-r1 (19 Feb 2004)
172
173 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
174 files/hardened-sources-2.4.24.munmap.patch:
175 Added the patch for the mremap/munmap vulnerability. Bug #42024.
176
177 *hardened-sources-2.4.24 (06 Feb 2004)
178
179 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
180 hardened-sources-2.4.24.ebuild:
181 Version bump, updated most of the components.
182 This release includes the following:
183
184 - Hardened security
185 - Netfilter patch-o-matic 20031219
186 - FreeSWAN 2.04 & x509 1.4.8
187 - EVMS 2.2.2
188 - XFS 1.3.1
189 - cryptoloop jari
190 - grsecurity 2.0-rc4
191 - SELinux
192 - PaX 200402060000
193 - PaX Obscurity 200308302223
194 - Others...
195
196 Neither -ck nor systrace are included anymore.
197
198 *hardened-sources-2.4.22-r2 (05 Jan 2004)
199
200 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
201 hardened-sources-2.4.22-r2.ebuild:
202 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
203
204 *hardened-sources-2.4.22-r1 (02 Dec 2003)
205
206 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
207 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
208
209 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
210 hardened-sources-2.4.22-r1.ebuild:
211 Version bump for the 'do_brk' vulnerability.
212
213 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
214 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
215 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
216 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
217 Fix the 'do_brk' vulnerability.
218
219 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
220 hardened-sources-2.4.22.ebuild:
221 - Removed the src_install() portion for SELinux flask
222 components. These are no longer handled in the kernel
223 so this code was not necessary.
224
225 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
226 New 2.4.22 based hardened-sources thanks to
227 Phil West <p.west@computer.org>.
228
229 These sources include:
230 - New SELinux API
231 - Updated CK-base
232 - Updated GRSec
233 - Systrace
234 - SuperFreeS/WAN 1.99.8
235 - Propolice kernel build support
236 - EVMS
237 - Other various security related patches
238
239 *hardened-sources-2.4.21 (14 Sep 2003)
240
241 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
242 Updated hardened-sources based on the 2.4.21 Linux kernel.
243 This includes updates to most major components such as:
244 - ck-base-0306300059
245 - selinux-2.4-2003071106
246 - grsecurity-2.0-rc1
247 - Updated IPTables patch-o-matic
248 - Updated SuperFreeS/WAN
249
250 Thanks to Phil West <pwest@computer.org> for his work in getting this
251 updated patch set ready for the 2.4.21 based kernel.
252
253 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
254 Initial import of hardened-sources-2.4.20-r4. This revision
255 includes only a few changes, but one of these is an important
256 security fix. It is recommended all users of hardened-sources
257 upgrade to this release.
258
259 - ioperm bug fix
260 - fixed compilation failure when building without GRSec
261
262 SAL (Secure Auditing for Linux) is NOT included in this revision
263 due to time constraints, but is planned for inclusion in the near
264 future.
265
266 *hardened-sources-2.4.20-r2 (12 Jun 2003)
267
268 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
269 hardened-sources-2.4.20-r3.ebuild:
270 Add Header...
271
272 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
273 hardened-sources-2.4.20-r3.ebuild:
274 Removed warnings from ebuild. This kernel should be safe to
275 use at this point.
276
277 *hardened-sources-2.4.20-r3 (08 Jun 2003)
278
279 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
280 hardened-sources-2.4.20-r3.ebuild:
281 New revision. Includes the following changes over -r2:
282
283 - ck7-base (O(1), preempt, low latency)
284 - Super FreeS/WAN 1.99.7rc2
285 - PaX for the LSM/SELinux branch
286 - GRSecurity 2.0-pre4 (role based access control)
287 - Systrace 1.3
288 - EXT3 fixes
289 - EVMS 2.0.1
290 - GCC 3.1+ compile optimizations
291 - ProPolice kernel build support
292 - Hashing table security fixes
293
294 *hardened-sources-2.4.20-r1 (09 Apr 2003)
295
296 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
297 Initial import of hardened-sources-r2. This new
298 ebuild includes many new performance and security
299 related patches. As in -r1, it will patch in
300 LSM/SELinux if "selinux" is in USE, otherwise it
301 will patch in GRSecurity. The following patches
302 are included in this revision:
303
304 - O(1) Scheduler, Low Latency, and Preempt
305 (pulled from the base CK patch)
306 - ptrace exploit patch for the LSM kernel
307 (the GRSec patch already fixes this)
308 - LSM 2.4-2003040709
309 - SELinux 2.4-2003040709
310 - Systrace v1.2
311 - IPTables patch-o-matic base patches - 20030107
312 - CryptoAPI 2.4.20.1 w/ loop-jari patch
313 - Super FreeS/WAN 1.99.6.1
314 - GRSecurity 1.9.9g
315 - MPPE
316 - EXT3 data journal fix
317 - CIPE 1.5.4
318
319 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
320 hardened-sources-2.4.20-r1.ebuild, manifest:
321 Updated to install flask components correctly for selinux.
322
323 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
324 hardened-sources-2.4.20-r1.ebuild:
325 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
326 is patched in instead. Ptrace patches for selinux have also been added. In
327 either case, systrace support will be patched in as well.
328
329 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
330 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
331 Revision bump for new sources.
332
333 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
334 hardened-sources-2.4.20-r1.ebuild:
335 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
336
337 *hardened-sources-2.4.20 (30 Mar 2003)
338
339 30 Mar 2003; Joshua Brindle <method@gentoo.org>
340 hardened-sources-2.4.20.ebuild:
341 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20