/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.53 - (show annotations) (download)
Fri Apr 22 01:33:43 2005 UTC (9 years ago) by solar
Branch: MAIN
Changes since 1.52: +6 -1 lines
- disable aout by default patch stems from owl
(Portage version: 2.0.51.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.52 2005/04/19 01:01:00 solar Exp $
4
5 *hardened-sources-2.4.30-r1 (21 Apr 2005)
6
7 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
8 - disable aout by default
9
10 *hardened-sources-2.4.30 (18 Apr 2005)
11
12 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
13 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
14 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
15 use
16
17 *hardened-sources-2.4.29 (30 Mar 2005)
18
19 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
20 +hardened-sources-2.4.29.ebuild:
21 New hardened-patches-2.4-29.0 patchball.
22 Removed SELinux support, upgraded GRSecurity to 2.1.4.
23
24 *hardened-sources-2.4.28-r5 (06 Mar 2005)
25
26 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
27 +hardened-sources-2.4.28-r5.ebuild:
28 Added a fix for a PaX vulnerability.
29
30 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
31 hardened-sources-2.4.28-r4.ebuild:
32 Stable on x86
33
34 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
35 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
36 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
37 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
38 - fixed/added RDEPEND= in all kernel-2 ebuilds
39
40 *hardened-sources-2.4.28-r4 (21 Jan 2005)
41
42 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
43 +hardened-sources-2.4.28-r4.ebuild:
44 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
45 backport of neighbour hash updates.
46
47 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
48 hardened-sources-2.4.28-r3.ebuild:
49 Stable on x86
50
51 *hardened-sources-2.6.10-r3 (20 Jan 2005)
52
53 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
54 +hardened-sources-2.6.10-r3.ebuild:
55 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
56 in 2005.0
57
58 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
59 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
60 hardened-sources-2.4.28-r2.ebuild:
61 Mark stable on x86
62
63 *hardened-sources-2.4.28-r3 (17 Jan 2005)
64
65 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
66 +hardened-sources-2.4.28-r3.ebuild:
67 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
68
69 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
70 hardened-sources-2.4.28.ebuild:
71 Mark stable on x86.
72
73 *hardened-sources-2.4.28-r2 (13 Jan 2005)
74
75 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
76 +hardened-sources-2.4.28-r2.ebuild:
77 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
78 Mazinger for grsecurity patches as well.
79
80 *hardened-sources-2.4.28-r1 (23 Dec 2004)
81
82 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
83 Security bump. Thank tocharian for rolling a new patchset...
84
85 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
86 +files/2.4.28-grsec-cmdline-race.patch,
87 +files/2.4.28-selinux-binfmt_a.out.patch,
88 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
89 - Round up remaining security patches that appear to be missing in 2.4.28. -
90 PaX standalone updated to current. hgpv=28.1
91
92 *hardened-sources-2.4.28 (28 Nov 2004)
93
94 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
95 security bump. Thank tocharian for rolling a new patchset
96
97 *hardened-sources-2.4.27-r3 (08 Sep 2004)
98
99 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
100 +hardened-sources-2.4.27-r3.ebuild:
101 Applies the new 2.4-27.2 patchball which updates
102 GRSecurity to the 2.0.1 version.
103
104 *hardened-sources-2.4.27-r2 (31 Aug 2004)
105
106 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
107 +hardened-sources-2.4.27-r2.ebuild:
108 Version bump.
109 This version uses the new 2.4-27.1 patchball which updates
110 both the SELinux PaX hooks patch and the SELinux headers.
111
112 *hardened-sources-2.4.27-r1 (09 Aug 2004)
113
114 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
115 +hardened-sources-2.4.27-r1.ebuild,
116 -hardened-sources-2.4.27.ebuild,
117 +files/2.4.27-cmdline-race.patch:
118 Version bump, fix for cmdline race. See bug #59905.
119
120 *hardened-sources-2.4.26-r6 (09 Aug 2004)
121
122 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
123 +hardened-sources-2.4.26-r6.ebuild,
124 -hardened-sources-2.4.26-r5.ebuild,
125 -hardened-sources-2.4.26-r4.ebuild,
126 +files/2.4.26-cmdline-race.patch:
127 Version bump, fix for cmdline race. See bug #59905.
128
129 *hardened-sources-2.4.27 (08 Aug 2004)
130
131 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
132 +hardened-sources-2.4.27.ebuild,
133 +files/2.4.27-CAN-2004-0394.patch:
134 Ported the patchball to the 2.4.27 kernel version.
135
136 *hardened-sources-2.4.26-r5 (07 Aug 2004)
137
138 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
139 +hardened-sources-2.4.26-r5.ebuild:
140 Updated to use the new hardened-patches-2.4-26.1 patchball.
141 It adds the following features:
142 - Squashfs
143 - Ebtables
144 - Netdev random (core+drivers)
145 - Watchdog Timer (WDT) fix.
146
147 *hardened-sources-2.4.26-r4 (04 Aug 2004)
148
149 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
150 +hardened-sources-2.4.26-r4.ebuild,
151 +files/2.4.26-CAN-2004-0415.patch,
152 -hardened-sources-2.4.26-3:
153 Version bump, fix for CAN 0415, see bug #59378.
154
155 *hardened-sources-2.4.26-r3 (22 Jul 2004)
156
157 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
158 +hardened-sources-2.4.26-r3.ebuild,
159 +files/2.4.26-CAN-2004-0497.patch,
160 -hardened-sources-2.4.26-r2.ebuild:
161 Version bump, fixed CAN 0497, see bug #56171.
162
163 *hardened-sources-2.4.26-r2 (29 Jun 2004)
164
165 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
166 +hardened-sources-2.4.26-r2.ebuild,
167 +files/2.4.26-CAN-2004-0495.patch,
168 +files/2.4.26-CAN-2004-0535.patch,
169 -hardened-sources-2.4.26-r1.ebuild:
170 Fixes for both CAN 0495 and 0535, see bug #54976
171
172 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
173 hardened-sources-2.4.26-r1.ebuild:
174 QA - fix use invocation
175
176 *hardened-sources-2.4.26-r1 (22 June 2004)
177
178 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
179 +hardened-sources-2.4.26-r1.ebuild,
180 +files/2.4.26-CAN-2004-0394.patch,
181 +files/2.4.26-signal-race.patch,
182 -hardened-sources-2.4.26.ebuild,
183 -hardened-sources-2.4.24-r3.ebuild:
184 Version bump for the CAN-2004-0394 issue and bug #53804
185 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
186
187
188 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
189 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
190 Masked hardened-sources-2.4.26.ebuild broken for ppc
191
192 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
193 hardened-sources-2.4.24-r3.ebuild:
194 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
195
196 *hardened-sources-2.4.26 (29 May 2004)
197
198 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
199 +hardened-sources-2.4.26.ebuild:
200 Updated hardened-sources for the 2.4.26 kernel
201 Removed broken components, updated almost everything.
202
203 *hardened-sources-2.4.24-r3 (17 Apr 2004)
204
205 17 Apr 2004; <plasmaroo@gentoo.org>
206 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
207 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
208 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
209 +hardened-sources-2.4.24-r3.ebuild:
210 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
211 vulnerabilities. Old revisions removed.
212
213 *hardened-sources-2.4.24-r2 (15 Apr 2004)
214
215 15 Apr 2004; <plasmaroo@gentoo.org>
216 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
217 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
218 Version bump for the CAN-2004-0109 issue; bug #47881.
219
220 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
221 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
222 Add eutils to inherit.
223
224 *hardened-sources-2.4.24-r1 (19 Feb 2004)
225
226 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
227 files/hardened-sources-2.4.24.munmap.patch:
228 Added the patch for the mremap/munmap vulnerability. Bug #42024.
229
230 *hardened-sources-2.4.24 (06 Feb 2004)
231
232 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
233 hardened-sources-2.4.24.ebuild:
234 Version bump, updated most of the components.
235 This release includes the following:
236
237 - Hardened security
238 - Netfilter patch-o-matic 20031219
239 - FreeSWAN 2.04 & x509 1.4.8
240 - EVMS 2.2.2
241 - XFS 1.3.1
242 - cryptoloop jari
243 - grsecurity 2.0-rc4
244 - SELinux
245 - PaX 200402060000
246 - PaX Obscurity 200308302223
247 - Others...
248
249 Neither -ck nor systrace are included anymore.
250
251 *hardened-sources-2.4.22-r2 (05 Jan 2004)
252
253 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
254 hardened-sources-2.4.22-r2.ebuild:
255 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
256
257 *hardened-sources-2.4.22-r1 (02 Dec 2003)
258
259 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
260 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
261
262 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
263 hardened-sources-2.4.22-r1.ebuild:
264 Version bump for the 'do_brk' vulnerability.
265
266 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
267 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
268 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
269 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
270 Fix the 'do_brk' vulnerability.
271
272 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
273 hardened-sources-2.4.22.ebuild:
274 - Removed the src_install() portion for SELinux flask
275 components. These are no longer handled in the kernel
276 so this code was not necessary.
277
278 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
279 New 2.4.22 based hardened-sources thanks to
280 Phil West <p.west@computer.org>.
281
282 These sources include:
283 - New SELinux API
284 - Updated CK-base
285 - Updated GRSec
286 - Systrace
287 - SuperFreeS/WAN 1.99.8
288 - Propolice kernel build support
289 - EVMS
290 - Other various security related patches
291
292 *hardened-sources-2.4.21 (14 Sep 2003)
293
294 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
295 Updated hardened-sources based on the 2.4.21 Linux kernel.
296 This includes updates to most major components such as:
297 - ck-base-0306300059
298 - selinux-2.4-2003071106
299 - grsecurity-2.0-rc1
300 - Updated IPTables patch-o-matic
301 - Updated SuperFreeS/WAN
302
303 Thanks to Phil West <pwest@computer.org> for his work in getting this
304 updated patch set ready for the 2.4.21 based kernel.
305
306 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
307 Initial import of hardened-sources-2.4.20-r4. This revision
308 includes only a few changes, but one of these is an important
309 security fix. It is recommended all users of hardened-sources
310 upgrade to this release.
311
312 - ioperm bug fix
313 - fixed compilation failure when building without GRSec
314
315 SAL (Secure Auditing for Linux) is NOT included in this revision
316 due to time constraints, but is planned for inclusion in the near
317 future.
318
319 *hardened-sources-2.4.20-r2 (12 Jun 2003)
320
321 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
322 hardened-sources-2.4.20-r3.ebuild:
323 Add Header...
324
325 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
326 hardened-sources-2.4.20-r3.ebuild:
327 Removed warnings from ebuild. This kernel should be safe to
328 use at this point.
329
330 *hardened-sources-2.4.20-r3 (08 Jun 2003)
331
332 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
333 hardened-sources-2.4.20-r3.ebuild:
334 New revision. Includes the following changes over -r2:
335
336 - ck7-base (O(1), preempt, low latency)
337 - Super FreeS/WAN 1.99.7rc2
338 - PaX for the LSM/SELinux branch
339 - GRSecurity 2.0-pre4 (role based access control)
340 - Systrace 1.3
341 - EXT3 fixes
342 - EVMS 2.0.1
343 - GCC 3.1+ compile optimizations
344 - ProPolice kernel build support
345 - Hashing table security fixes
346
347 *hardened-sources-2.4.20-r1 (09 Apr 2003)
348
349 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
350 Initial import of hardened-sources-r2. This new
351 ebuild includes many new performance and security
352 related patches. As in -r1, it will patch in
353 LSM/SELinux if "selinux" is in USE, otherwise it
354 will patch in GRSecurity. The following patches
355 are included in this revision:
356
357 - O(1) Scheduler, Low Latency, and Preempt
358 (pulled from the base CK patch)
359 - ptrace exploit patch for the LSM kernel
360 (the GRSec patch already fixes this)
361 - LSM 2.4-2003040709
362 - SELinux 2.4-2003040709
363 - Systrace v1.2
364 - IPTables patch-o-matic base patches - 20030107
365 - CryptoAPI 2.4.20.1 w/ loop-jari patch
366 - Super FreeS/WAN 1.99.6.1
367 - GRSecurity 1.9.9g
368 - MPPE
369 - EXT3 data journal fix
370 - CIPE 1.5.4
371
372 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
373 hardened-sources-2.4.20-r1.ebuild, manifest:
374 Updated to install flask components correctly for selinux.
375
376 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
377 hardened-sources-2.4.20-r1.ebuild:
378 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
379 is patched in instead. Ptrace patches for selinux have also been added. In
380 either case, systrace support will be patched in as well.
381
382 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
383 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
384 Revision bump for new sources.
385
386 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
387 hardened-sources-2.4.20-r1.ebuild:
388 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
389
390 *hardened-sources-2.4.20 (30 Mar 2003)
391
392 30 Mar 2003; Joshua Brindle <method@gentoo.org>
393 hardened-sources-2.4.20.ebuild:
394 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20