/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.51 - (show annotations) (download)
Wed Mar 30 08:04:58 2005 UTC (8 years, 1 month ago) by scox
Branch: MAIN
Changes since 1.50: +15 -2 lines 
Added hardened-sources-2.4.29.ebuild
(Portage version: 2.0.51.19)
1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: $
4
5 *hardened-sources-2.4.29 (30 Mar 2005)
6
7 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
8 +hardened-sources-2.4.29.ebuild:
9 New hardened-patches-2.4-29.0 patchball.
10 Removed SELinux support, upgraded GRSecurity to 2.1.4.
11
12 *hardened-sources-2.4.28-r5 (06 Mar 2005)
13
14 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
15 +hardened-sources-2.4.28-r5.ebuild:
16 Added a fix for a PaX vulnerability.
17
18 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
19 hardened-sources-2.4.28-r4.ebuild:
20 Stable on x86
21
22 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
23 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
24 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
25 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
26 - fixed/added RDEPEND= in all kernel-2 ebuilds
27
28 *hardened-sources-2.4.28-r4 (21 Jan 2005)
29
30 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
31 +hardened-sources-2.4.28-r4.ebuild:
32 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
33 backport of neighbour hash updates.
34
35 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
36 hardened-sources-2.4.28-r3.ebuild:
37 Stable on x86
38
39 *hardened-sources-2.6.10-r3 (20 Jan 2005)
40
41 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
42 +hardened-sources-2.6.10-r3.ebuild:
43 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
44 in 2005.0
45
46 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
47 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
48 hardened-sources-2.4.28-r2.ebuild:
49 Mark stable on x86
50
51 *hardened-sources-2.4.28-r3 (17 Jan 2005)
52
53 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
54 +hardened-sources-2.4.28-r3.ebuild:
55 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
56
57 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
58 hardened-sources-2.4.28.ebuild:
59 Mark stable on x86.
60
61 *hardened-sources-2.4.28-r2 (13 Jan 2005)
62
63 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
64 +hardened-sources-2.4.28-r2.ebuild:
65 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
66 Mazinger for grsecurity patches as well.
67
68 *hardened-sources-2.4.28-r1 (23 Dec 2004)
69
70 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
71 Security bump. Thank tocharian for rolling a new patchset...
72
73 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
74 +files/2.4.28-grsec-cmdline-race.patch,
75 +files/2.4.28-selinux-binfmt_a.out.patch,
76 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
77 - Round up remaining security patches that appear to be missing in 2.4.28. -
78 PaX standalone updated to current. hgpv=28.1
79
80 *hardened-sources-2.4.28 (28 Nov 2004)
81
82 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
83 security bump. Thank tocharian for rolling a new patchset
84
85 *hardened-sources-2.4.27-r3 (08 Sep 2004)
86
87 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
88 +hardened-sources-2.4.27-r3.ebuild:
89 Applies the new 2.4-27.2 patchball which updates
90 GRSecurity to the 2.0.1 version.
91
92 *hardened-sources-2.4.27-r2 (31 Aug 2004)
93
94 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
95 +hardened-sources-2.4.27-r2.ebuild:
96 Version bump.
97 This version uses the new 2.4-27.1 patchball which updates
98 both the SELinux PaX hooks patch and the SELinux headers.
99
100 *hardened-sources-2.4.27-r1 (09 Aug 2004)
101
102 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
103 +hardened-sources-2.4.27-r1.ebuild,
104 -hardened-sources-2.4.27.ebuild,
105 +files/2.4.27-cmdline-race.patch:
106 Version bump, fix for cmdline race. See bug #59905.
107
108 *hardened-sources-2.4.26-r6 (09 Aug 2004)
109
110 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
111 +hardened-sources-2.4.26-r6.ebuild,
112 -hardened-sources-2.4.26-r5.ebuild,
113 -hardened-sources-2.4.26-r4.ebuild,
114 +files/2.4.26-cmdline-race.patch:
115 Version bump, fix for cmdline race. See bug #59905.
116
117 *hardened-sources-2.4.27 (08 Aug 2004)
118
119 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
120 +hardened-sources-2.4.27.ebuild,
121 +files/2.4.27-CAN-2004-0394.patch:
122 Ported the patchball to the 2.4.27 kernel version.
123
124 *hardened-sources-2.4.26-r5 (07 Aug 2004)
125
126 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
127 +hardened-sources-2.4.26-r5.ebuild:
128 Updated to use the new hardened-patches-2.4-26.1 patchball.
129 It adds the following features:
130 - Squashfs
131 - Ebtables
132 - Netdev random (core+drivers)
133 - Watchdog Timer (WDT) fix.
134
135 *hardened-sources-2.4.26-r4 (04 Aug 2004)
136
137 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
138 +hardened-sources-2.4.26-r4.ebuild,
139 +files/2.4.26-CAN-2004-0415.patch,
140 -hardened-sources-2.4.26-3:
141 Version bump, fix for CAN 0415, see bug #59378.
142
143 *hardened-sources-2.4.26-r3 (22 Jul 2004)
144
145 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
146 +hardened-sources-2.4.26-r3.ebuild,
147 +files/2.4.26-CAN-2004-0497.patch,
148 -hardened-sources-2.4.26-r2.ebuild:
149 Version bump, fixed CAN 0497, see bug #56171.
150
151 *hardened-sources-2.4.26-r2 (29 Jun 2004)
152
153 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
154 +hardened-sources-2.4.26-r2.ebuild,
155 +files/2.4.26-CAN-2004-0495.patch,
156 +files/2.4.26-CAN-2004-0535.patch,
157 -hardened-sources-2.4.26-r1.ebuild:
158 Fixes for both CAN 0495 and 0535, see bug #54976
159
160 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
161 hardened-sources-2.4.26-r1.ebuild:
162 QA - fix use invocation
163
164 *hardened-sources-2.4.26-r1 (22 June 2004)
165
166 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
167 +hardened-sources-2.4.26-r1.ebuild,
168 +files/2.4.26-CAN-2004-0394.patch,
169 +files/2.4.26-signal-race.patch,
170 -hardened-sources-2.4.26.ebuild,
171 -hardened-sources-2.4.24-r3.ebuild:
172 Version bump for the CAN-2004-0394 issue and bug #53804
173 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
174
175
176 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
177 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
178 Masked hardened-sources-2.4.26.ebuild broken for ppc
179
180 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
181 hardened-sources-2.4.24-r3.ebuild:
182 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
183
184 *hardened-sources-2.4.26 (29 May 2004)
185
186 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
187 +hardened-sources-2.4.26.ebuild:
188 Updated hardened-sources for the 2.4.26 kernel
189 Removed broken components, updated almost everything.
190
191 *hardened-sources-2.4.24-r3 (17 Apr 2004)
192
193 17 Apr 2004; <plasmaroo@gentoo.org>
194 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
195 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
196 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
197 +hardened-sources-2.4.24-r3.ebuild:
198 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
199 vulnerabilities. Old revisions removed.
200
201 *hardened-sources-2.4.24-r2 (15 Apr 2004)
202
203 15 Apr 2004; <plasmaroo@gentoo.org>
204 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
205 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
206 Version bump for the CAN-2004-0109 issue; bug #47881.
207
208 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
209 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
210 Add eutils to inherit.
211
212 *hardened-sources-2.4.24-r1 (19 Feb 2004)
213
214 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
215 files/hardened-sources-2.4.24.munmap.patch:
216 Added the patch for the mremap/munmap vulnerability. Bug #42024.
217
218 *hardened-sources-2.4.24 (06 Feb 2004)
219
220 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
221 hardened-sources-2.4.24.ebuild:
222 Version bump, updated most of the components.
223 This release includes the following:
224
225 - Hardened security
226 - Netfilter patch-o-matic 20031219
227 - FreeSWAN 2.04 & x509 1.4.8
228 - EVMS 2.2.2
229 - XFS 1.3.1
230 - cryptoloop jari
231 - grsecurity 2.0-rc4
232 - SELinux
233 - PaX 200402060000
234 - PaX Obscurity 200308302223
235 - Others...
236
237 Neither -ck nor systrace are included anymore.
238
239 *hardened-sources-2.4.22-r2 (05 Jan 2004)
240
241 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
242 hardened-sources-2.4.22-r2.ebuild:
243 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
244
245 *hardened-sources-2.4.22-r1 (02 Dec 2003)
246
247 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
248 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
249
250 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
251 hardened-sources-2.4.22-r1.ebuild:
252 Version bump for the 'do_brk' vulnerability.
253
254 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
255 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
256 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
257 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
258 Fix the 'do_brk' vulnerability.
259
260 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
261 hardened-sources-2.4.22.ebuild:
262 - Removed the src_install() portion for SELinux flask
263 components. These are no longer handled in the kernel
264 so this code was not necessary.
265
266 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
267 New 2.4.22 based hardened-sources thanks to
268 Phil West <p.west@computer.org>.
269
270 These sources include:
271 - New SELinux API
272 - Updated CK-base
273 - Updated GRSec
274 - Systrace
275 - SuperFreeS/WAN 1.99.8
276 - Propolice kernel build support
277 - EVMS
278 - Other various security related patches
279
280 *hardened-sources-2.4.21 (14 Sep 2003)
281
282 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
283 Updated hardened-sources based on the 2.4.21 Linux kernel.
284 This includes updates to most major components such as:
285 - ck-base-0306300059
286 - selinux-2.4-2003071106
287 - grsecurity-2.0-rc1
288 - Updated IPTables patch-o-matic
289 - Updated SuperFreeS/WAN
290
291 Thanks to Phil West <pwest@computer.org> for his work in getting this
292 updated patch set ready for the 2.4.21 based kernel.
293
294 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
295 Initial import of hardened-sources-2.4.20-r4. This revision
296 includes only a few changes, but one of these is an important
297 security fix. It is recommended all users of hardened-sources
298 upgrade to this release.
299
300 - ioperm bug fix
301 - fixed compilation failure when building without GRSec
302
303 SAL (Secure Auditing for Linux) is NOT included in this revision
304 due to time constraints, but is planned for inclusion in the near
305 future.
306
307 *hardened-sources-2.4.20-r2 (12 Jun 2003)
308
309 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
310 hardened-sources-2.4.20-r3.ebuild:
311 Add Header...
312
313 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
314 hardened-sources-2.4.20-r3.ebuild:
315 Removed warnings from ebuild. This kernel should be safe to
316 use at this point.
317
318 *hardened-sources-2.4.20-r3 (08 Jun 2003)
319
320 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
321 hardened-sources-2.4.20-r3.ebuild:
322 New revision. Includes the following changes over -r2:
323
324 - ck7-base (O(1), preempt, low latency)
325 - Super FreeS/WAN 1.99.7rc2
326 - PaX for the LSM/SELinux branch
327 - GRSecurity 2.0-pre4 (role based access control)
328 - Systrace 1.3
329 - EXT3 fixes
330 - EVMS 2.0.1
331 - GCC 3.1+ compile optimizations
332 - ProPolice kernel build support
333 - Hashing table security fixes
334
335 *hardened-sources-2.4.20-r1 (09 Apr 2003)
336
337 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
338 Initial import of hardened-sources-r2. This new
339 ebuild includes many new performance and security
340 related patches. As in -r1, it will patch in
341 LSM/SELinux if "selinux" is in USE, otherwise it
342 will patch in GRSecurity. The following patches
343 are included in this revision:
344
345 - O(1) Scheduler, Low Latency, and Preempt
346 (pulled from the base CK patch)
347 - ptrace exploit patch for the LSM kernel
348 (the GRSec patch already fixes this)
349 - LSM 2.4-2003040709
350 - SELinux 2.4-2003040709
351 - Systrace v1.2
352 - IPTables patch-o-matic base patches - 20030107
353 - CryptoAPI 2.4.20.1 w/ loop-jari patch
354 - Super FreeS/WAN 1.99.6.1
355 - GRSecurity 1.9.9g
356 - MPPE
357 - EXT3 data journal fix
358 - CIPE 1.5.4
359
360 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
361 hardened-sources-2.4.20-r1.ebuild, manifest:
362 Updated to install flask components correctly for selinux.
363
364 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
365 hardened-sources-2.4.20-r1.ebuild:
366 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
367 is patched in instead. Ptrace patches for selinux have also been added. In
368 either case, systrace support will be patched in as well.
369
370 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
371 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
372 Revision bump for new sources.
373
374 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
375 hardened-sources-2.4.20-r1.ebuild:
376 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
377
378 *hardened-sources-2.4.20 (30 Mar 2003)
379
380 30 Mar 2003; Joshua Brindle <method@gentoo.org>
381 hardened-sources-2.4.20.ebuild:
382 Initial import, only has systrace support.
383
  ViewVC Help
Powered by ViewVC 1.1.13