/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.54 - (show annotations) (download)
Fri Apr 29 12:28:27 2005 UTC (9 years, 4 months ago) by solar
Branch: MAIN
Changes since 1.53: +13 -1 lines
- mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir cleanup..
(Portage version: 2.0.51.20-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.53 2005/04/22 01:33:43 solar Exp $
4
5 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
6 -files/2.4.27-cmdline-race.patch,
7 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
8 -files/2.4.28-grsec-binfmt_a.out.patch,
9 -files/2.4.28-grsec-cmdline-race.patch,
10 -files/2.4.28-selinux-binfmt_a.out.patch,
11 -files/2.4.28-selinux-cmdline-race.patch,
12 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
13 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
14 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
15 cleanup..
16
17 *hardened-sources-2.4.30-r1 (21 Apr 2005)
18
19 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
20 - disable aout by default
21
22 *hardened-sources-2.4.30 (18 Apr 2005)
23
24 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
25 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
26 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
27 use
28
29 *hardened-sources-2.4.29 (30 Mar 2005)
30
31 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
32 +hardened-sources-2.4.29.ebuild:
33 New hardened-patches-2.4-29.0 patchball.
34 Removed SELinux support, upgraded GRSecurity to 2.1.4.
35
36 *hardened-sources-2.4.28-r5 (06 Mar 2005)
37
38 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
39 +hardened-sources-2.4.28-r5.ebuild:
40 Added a fix for a PaX vulnerability.
41
42 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
43 hardened-sources-2.4.28-r4.ebuild:
44 Stable on x86
45
46 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
47 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
48 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
49 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
50 - fixed/added RDEPEND= in all kernel-2 ebuilds
51
52 *hardened-sources-2.4.28-r4 (21 Jan 2005)
53
54 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
55 +hardened-sources-2.4.28-r4.ebuild:
56 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
57 backport of neighbour hash updates.
58
59 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
60 hardened-sources-2.4.28-r3.ebuild:
61 Stable on x86
62
63 *hardened-sources-2.6.10-r3 (20 Jan 2005)
64
65 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
66 +hardened-sources-2.6.10-r3.ebuild:
67 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
68 in 2005.0
69
70 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
71 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
72 hardened-sources-2.4.28-r2.ebuild:
73 Mark stable on x86
74
75 *hardened-sources-2.4.28-r3 (17 Jan 2005)
76
77 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
78 +hardened-sources-2.4.28-r3.ebuild:
79 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
80
81 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
82 hardened-sources-2.4.28.ebuild:
83 Mark stable on x86.
84
85 *hardened-sources-2.4.28-r2 (13 Jan 2005)
86
87 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
88 +hardened-sources-2.4.28-r2.ebuild:
89 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
90 Mazinger for grsecurity patches as well.
91
92 *hardened-sources-2.4.28-r1 (23 Dec 2004)
93
94 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
95 Security bump. Thank tocharian for rolling a new patchset...
96
97 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
98 +files/2.4.28-grsec-cmdline-race.patch,
99 +files/2.4.28-selinux-binfmt_a.out.patch,
100 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
101 - Round up remaining security patches that appear to be missing in 2.4.28. -
102 PaX standalone updated to current. hgpv=28.1
103
104 *hardened-sources-2.4.28 (28 Nov 2004)
105
106 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
107 security bump. Thank tocharian for rolling a new patchset
108
109 *hardened-sources-2.4.27-r3 (08 Sep 2004)
110
111 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
112 +hardened-sources-2.4.27-r3.ebuild:
113 Applies the new 2.4-27.2 patchball which updates
114 GRSecurity to the 2.0.1 version.
115
116 *hardened-sources-2.4.27-r2 (31 Aug 2004)
117
118 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
119 +hardened-sources-2.4.27-r2.ebuild:
120 Version bump.
121 This version uses the new 2.4-27.1 patchball which updates
122 both the SELinux PaX hooks patch and the SELinux headers.
123
124 *hardened-sources-2.4.27-r1 (09 Aug 2004)
125
126 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
127 +hardened-sources-2.4.27-r1.ebuild,
128 -hardened-sources-2.4.27.ebuild,
129 +files/2.4.27-cmdline-race.patch:
130 Version bump, fix for cmdline race. See bug #59905.
131
132 *hardened-sources-2.4.26-r6 (09 Aug 2004)
133
134 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
135 +hardened-sources-2.4.26-r6.ebuild,
136 -hardened-sources-2.4.26-r5.ebuild,
137 -hardened-sources-2.4.26-r4.ebuild,
138 +files/2.4.26-cmdline-race.patch:
139 Version bump, fix for cmdline race. See bug #59905.
140
141 *hardened-sources-2.4.27 (08 Aug 2004)
142
143 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
144 +hardened-sources-2.4.27.ebuild,
145 +files/2.4.27-CAN-2004-0394.patch:
146 Ported the patchball to the 2.4.27 kernel version.
147
148 *hardened-sources-2.4.26-r5 (07 Aug 2004)
149
150 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
151 +hardened-sources-2.4.26-r5.ebuild:
152 Updated to use the new hardened-patches-2.4-26.1 patchball.
153 It adds the following features:
154 - Squashfs
155 - Ebtables
156 - Netdev random (core+drivers)
157 - Watchdog Timer (WDT) fix.
158
159 *hardened-sources-2.4.26-r4 (04 Aug 2004)
160
161 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
162 +hardened-sources-2.4.26-r4.ebuild,
163 +files/2.4.26-CAN-2004-0415.patch,
164 -hardened-sources-2.4.26-3:
165 Version bump, fix for CAN 0415, see bug #59378.
166
167 *hardened-sources-2.4.26-r3 (22 Jul 2004)
168
169 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
170 +hardened-sources-2.4.26-r3.ebuild,
171 +files/2.4.26-CAN-2004-0497.patch,
172 -hardened-sources-2.4.26-r2.ebuild:
173 Version bump, fixed CAN 0497, see bug #56171.
174
175 *hardened-sources-2.4.26-r2 (29 Jun 2004)
176
177 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
178 +hardened-sources-2.4.26-r2.ebuild,
179 +files/2.4.26-CAN-2004-0495.patch,
180 +files/2.4.26-CAN-2004-0535.patch,
181 -hardened-sources-2.4.26-r1.ebuild:
182 Fixes for both CAN 0495 and 0535, see bug #54976
183
184 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
185 hardened-sources-2.4.26-r1.ebuild:
186 QA - fix use invocation
187
188 *hardened-sources-2.4.26-r1 (22 June 2004)
189
190 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
191 +hardened-sources-2.4.26-r1.ebuild,
192 +files/2.4.26-CAN-2004-0394.patch,
193 +files/2.4.26-signal-race.patch,
194 -hardened-sources-2.4.26.ebuild,
195 -hardened-sources-2.4.24-r3.ebuild:
196 Version bump for the CAN-2004-0394 issue and bug #53804
197 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
198
199
200 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
201 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
202 Masked hardened-sources-2.4.26.ebuild broken for ppc
203
204 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
205 hardened-sources-2.4.24-r3.ebuild:
206 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
207
208 *hardened-sources-2.4.26 (29 May 2004)
209
210 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
211 +hardened-sources-2.4.26.ebuild:
212 Updated hardened-sources for the 2.4.26 kernel
213 Removed broken components, updated almost everything.
214
215 *hardened-sources-2.4.24-r3 (17 Apr 2004)
216
217 17 Apr 2004; <plasmaroo@gentoo.org>
218 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
219 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
220 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
221 +hardened-sources-2.4.24-r3.ebuild:
222 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
223 vulnerabilities. Old revisions removed.
224
225 *hardened-sources-2.4.24-r2 (15 Apr 2004)
226
227 15 Apr 2004; <plasmaroo@gentoo.org>
228 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
229 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
230 Version bump for the CAN-2004-0109 issue; bug #47881.
231
232 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
233 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
234 Add eutils to inherit.
235
236 *hardened-sources-2.4.24-r1 (19 Feb 2004)
237
238 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
239 files/hardened-sources-2.4.24.munmap.patch:
240 Added the patch for the mremap/munmap vulnerability. Bug #42024.
241
242 *hardened-sources-2.4.24 (06 Feb 2004)
243
244 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
245 hardened-sources-2.4.24.ebuild:
246 Version bump, updated most of the components.
247 This release includes the following:
248
249 - Hardened security
250 - Netfilter patch-o-matic 20031219
251 - FreeSWAN 2.04 & x509 1.4.8
252 - EVMS 2.2.2
253 - XFS 1.3.1
254 - cryptoloop jari
255 - grsecurity 2.0-rc4
256 - SELinux
257 - PaX 200402060000
258 - PaX Obscurity 200308302223
259 - Others...
260
261 Neither -ck nor systrace are included anymore.
262
263 *hardened-sources-2.4.22-r2 (05 Jan 2004)
264
265 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
266 hardened-sources-2.4.22-r2.ebuild:
267 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
268
269 *hardened-sources-2.4.22-r1 (02 Dec 2003)
270
271 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
272 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
273
274 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
275 hardened-sources-2.4.22-r1.ebuild:
276 Version bump for the 'do_brk' vulnerability.
277
278 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
279 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
280 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
281 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
282 Fix the 'do_brk' vulnerability.
283
284 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
285 hardened-sources-2.4.22.ebuild:
286 - Removed the src_install() portion for SELinux flask
287 components. These are no longer handled in the kernel
288 so this code was not necessary.
289
290 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
291 New 2.4.22 based hardened-sources thanks to
292 Phil West <p.west@computer.org>.
293
294 These sources include:
295 - New SELinux API
296 - Updated CK-base
297 - Updated GRSec
298 - Systrace
299 - SuperFreeS/WAN 1.99.8
300 - Propolice kernel build support
301 - EVMS
302 - Other various security related patches
303
304 *hardened-sources-2.4.21 (14 Sep 2003)
305
306 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
307 Updated hardened-sources based on the 2.4.21 Linux kernel.
308 This includes updates to most major components such as:
309 - ck-base-0306300059
310 - selinux-2.4-2003071106
311 - grsecurity-2.0-rc1
312 - Updated IPTables patch-o-matic
313 - Updated SuperFreeS/WAN
314
315 Thanks to Phil West <pwest@computer.org> for his work in getting this
316 updated patch set ready for the 2.4.21 based kernel.
317
318 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
319 Initial import of hardened-sources-2.4.20-r4. This revision
320 includes only a few changes, but one of these is an important
321 security fix. It is recommended all users of hardened-sources
322 upgrade to this release.
323
324 - ioperm bug fix
325 - fixed compilation failure when building without GRSec
326
327 SAL (Secure Auditing for Linux) is NOT included in this revision
328 due to time constraints, but is planned for inclusion in the near
329 future.
330
331 *hardened-sources-2.4.20-r2 (12 Jun 2003)
332
333 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
334 hardened-sources-2.4.20-r3.ebuild:
335 Add Header...
336
337 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
338 hardened-sources-2.4.20-r3.ebuild:
339 Removed warnings from ebuild. This kernel should be safe to
340 use at this point.
341
342 *hardened-sources-2.4.20-r3 (08 Jun 2003)
343
344 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
345 hardened-sources-2.4.20-r3.ebuild:
346 New revision. Includes the following changes over -r2:
347
348 - ck7-base (O(1), preempt, low latency)
349 - Super FreeS/WAN 1.99.7rc2
350 - PaX for the LSM/SELinux branch
351 - GRSecurity 2.0-pre4 (role based access control)
352 - Systrace 1.3
353 - EXT3 fixes
354 - EVMS 2.0.1
355 - GCC 3.1+ compile optimizations
356 - ProPolice kernel build support
357 - Hashing table security fixes
358
359 *hardened-sources-2.4.20-r1 (09 Apr 2003)
360
361 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
362 Initial import of hardened-sources-r2. This new
363 ebuild includes many new performance and security
364 related patches. As in -r1, it will patch in
365 LSM/SELinux if "selinux" is in USE, otherwise it
366 will patch in GRSecurity. The following patches
367 are included in this revision:
368
369 - O(1) Scheduler, Low Latency, and Preempt
370 (pulled from the base CK patch)
371 - ptrace exploit patch for the LSM kernel
372 (the GRSec patch already fixes this)
373 - LSM 2.4-2003040709
374 - SELinux 2.4-2003040709
375 - Systrace v1.2
376 - IPTables patch-o-matic base patches - 20030107
377 - CryptoAPI 2.4.20.1 w/ loop-jari patch
378 - Super FreeS/WAN 1.99.6.1
379 - GRSecurity 1.9.9g
380 - MPPE
381 - EXT3 data journal fix
382 - CIPE 1.5.4
383
384 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
385 hardened-sources-2.4.20-r1.ebuild, manifest:
386 Updated to install flask components correctly for selinux.
387
388 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
389 hardened-sources-2.4.20-r1.ebuild:
390 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
391 is patched in instead. Ptrace patches for selinux have also been added. In
392 either case, systrace support will be patched in as well.
393
394 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
395 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
396 Revision bump for new sources.
397
398 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
399 hardened-sources-2.4.20-r1.ebuild:
400 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
401
402 *hardened-sources-2.4.20 (30 Mar 2003)
403
404 30 Mar 2003; Joshua Brindle <method@gentoo.org>
405 hardened-sources-2.4.20.ebuild:
406 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20