/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.55 - (show annotations) (download)
Tue May 17 19:21:33 2005 UTC (8 years, 11 months ago) by johnm
Branch: MAIN
Changes since 1.54: +9 -1 lines
merging hardened-dev-sources

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.54 2005/04/29 12:28:27 solar Exp $
4
5 *hardened-sources-2.6.11-r12 (17 May 2005)
6
7 17 May 2005; John Mylchreest <johnm@gentoo.org>
8 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
9 +hardened-sources-2.6.11-r12.ebuild:
10 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
11 merges in genpatches-base
12
13 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
14 -files/2.4.27-cmdline-race.patch,
15 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
16 -files/2.4.28-grsec-binfmt_a.out.patch,
17 -files/2.4.28-grsec-cmdline-race.patch,
18 -files/2.4.28-selinux-binfmt_a.out.patch,
19 -files/2.4.28-selinux-cmdline-race.patch,
20 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
21 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
22 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
23 cleanup..
24
25 *hardened-sources-2.4.30-r1 (21 Apr 2005)
26
27 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
28 - disable aout by default
29
30 *hardened-sources-2.4.30 (18 Apr 2005)
31
32 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
33 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
34 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
35 use
36
37 *hardened-sources-2.4.29 (30 Mar 2005)
38
39 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
40 +hardened-sources-2.4.29.ebuild:
41 New hardened-patches-2.4-29.0 patchball.
42 Removed SELinux support, upgraded GRSecurity to 2.1.4.
43
44 *hardened-sources-2.4.28-r5 (06 Mar 2005)
45
46 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
47 +hardened-sources-2.4.28-r5.ebuild:
48 Added a fix for a PaX vulnerability.
49
50 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
51 hardened-sources-2.4.28-r4.ebuild:
52 Stable on x86
53
54 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
55 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
56 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
57 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
58 - fixed/added RDEPEND= in all kernel-2 ebuilds
59
60 *hardened-sources-2.4.28-r4 (21 Jan 2005)
61
62 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
63 +hardened-sources-2.4.28-r4.ebuild:
64 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
65 backport of neighbour hash updates.
66
67 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
68 hardened-sources-2.4.28-r3.ebuild:
69 Stable on x86
70
71 *hardened-sources-2.6.10-r3 (20 Jan 2005)
72
73 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
74 +hardened-sources-2.6.10-r3.ebuild:
75 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
76 in 2005.0
77
78 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
79 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
80 hardened-sources-2.4.28-r2.ebuild:
81 Mark stable on x86
82
83 *hardened-sources-2.4.28-r3 (17 Jan 2005)
84
85 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
86 +hardened-sources-2.4.28-r3.ebuild:
87 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
88
89 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
90 hardened-sources-2.4.28.ebuild:
91 Mark stable on x86.
92
93 *hardened-sources-2.4.28-r2 (13 Jan 2005)
94
95 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
96 +hardened-sources-2.4.28-r2.ebuild:
97 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
98 Mazinger for grsecurity patches as well.
99
100 *hardened-sources-2.4.28-r1 (23 Dec 2004)
101
102 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
103 Security bump. Thank tocharian for rolling a new patchset...
104
105 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
106 +files/2.4.28-grsec-cmdline-race.patch,
107 +files/2.4.28-selinux-binfmt_a.out.patch,
108 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
109 - Round up remaining security patches that appear to be missing in 2.4.28. -
110 PaX standalone updated to current. hgpv=28.1
111
112 *hardened-sources-2.4.28 (28 Nov 2004)
113
114 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
115 security bump. Thank tocharian for rolling a new patchset
116
117 *hardened-sources-2.4.27-r3 (08 Sep 2004)
118
119 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
120 +hardened-sources-2.4.27-r3.ebuild:
121 Applies the new 2.4-27.2 patchball which updates
122 GRSecurity to the 2.0.1 version.
123
124 *hardened-sources-2.4.27-r2 (31 Aug 2004)
125
126 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
127 +hardened-sources-2.4.27-r2.ebuild:
128 Version bump.
129 This version uses the new 2.4-27.1 patchball which updates
130 both the SELinux PaX hooks patch and the SELinux headers.
131
132 *hardened-sources-2.4.27-r1 (09 Aug 2004)
133
134 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
135 +hardened-sources-2.4.27-r1.ebuild,
136 -hardened-sources-2.4.27.ebuild,
137 +files/2.4.27-cmdline-race.patch:
138 Version bump, fix for cmdline race. See bug #59905.
139
140 *hardened-sources-2.4.26-r6 (09 Aug 2004)
141
142 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
143 +hardened-sources-2.4.26-r6.ebuild,
144 -hardened-sources-2.4.26-r5.ebuild,
145 -hardened-sources-2.4.26-r4.ebuild,
146 +files/2.4.26-cmdline-race.patch:
147 Version bump, fix for cmdline race. See bug #59905.
148
149 *hardened-sources-2.4.27 (08 Aug 2004)
150
151 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
152 +hardened-sources-2.4.27.ebuild,
153 +files/2.4.27-CAN-2004-0394.patch:
154 Ported the patchball to the 2.4.27 kernel version.
155
156 *hardened-sources-2.4.26-r5 (07 Aug 2004)
157
158 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
159 +hardened-sources-2.4.26-r5.ebuild:
160 Updated to use the new hardened-patches-2.4-26.1 patchball.
161 It adds the following features:
162 - Squashfs
163 - Ebtables
164 - Netdev random (core+drivers)
165 - Watchdog Timer (WDT) fix.
166
167 *hardened-sources-2.4.26-r4 (04 Aug 2004)
168
169 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
170 +hardened-sources-2.4.26-r4.ebuild,
171 +files/2.4.26-CAN-2004-0415.patch,
172 -hardened-sources-2.4.26-3:
173 Version bump, fix for CAN 0415, see bug #59378.
174
175 *hardened-sources-2.4.26-r3 (22 Jul 2004)
176
177 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
178 +hardened-sources-2.4.26-r3.ebuild,
179 +files/2.4.26-CAN-2004-0497.patch,
180 -hardened-sources-2.4.26-r2.ebuild:
181 Version bump, fixed CAN 0497, see bug #56171.
182
183 *hardened-sources-2.4.26-r2 (29 Jun 2004)
184
185 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
186 +hardened-sources-2.4.26-r2.ebuild,
187 +files/2.4.26-CAN-2004-0495.patch,
188 +files/2.4.26-CAN-2004-0535.patch,
189 -hardened-sources-2.4.26-r1.ebuild:
190 Fixes for both CAN 0495 and 0535, see bug #54976
191
192 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
193 hardened-sources-2.4.26-r1.ebuild:
194 QA - fix use invocation
195
196 *hardened-sources-2.4.26-r1 (22 June 2004)
197
198 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
199 +hardened-sources-2.4.26-r1.ebuild,
200 +files/2.4.26-CAN-2004-0394.patch,
201 +files/2.4.26-signal-race.patch,
202 -hardened-sources-2.4.26.ebuild,
203 -hardened-sources-2.4.24-r3.ebuild:
204 Version bump for the CAN-2004-0394 issue and bug #53804
205 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
206
207
208 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
209 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
210 Masked hardened-sources-2.4.26.ebuild broken for ppc
211
212 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
213 hardened-sources-2.4.24-r3.ebuild:
214 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
215
216 *hardened-sources-2.4.26 (29 May 2004)
217
218 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
219 +hardened-sources-2.4.26.ebuild:
220 Updated hardened-sources for the 2.4.26 kernel
221 Removed broken components, updated almost everything.
222
223 *hardened-sources-2.4.24-r3 (17 Apr 2004)
224
225 17 Apr 2004; <plasmaroo@gentoo.org>
226 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
227 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
228 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
229 +hardened-sources-2.4.24-r3.ebuild:
230 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
231 vulnerabilities. Old revisions removed.
232
233 *hardened-sources-2.4.24-r2 (15 Apr 2004)
234
235 15 Apr 2004; <plasmaroo@gentoo.org>
236 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
237 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
238 Version bump for the CAN-2004-0109 issue; bug #47881.
239
240 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
241 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
242 Add eutils to inherit.
243
244 *hardened-sources-2.4.24-r1 (19 Feb 2004)
245
246 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
247 files/hardened-sources-2.4.24.munmap.patch:
248 Added the patch for the mremap/munmap vulnerability. Bug #42024.
249
250 *hardened-sources-2.4.24 (06 Feb 2004)
251
252 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
253 hardened-sources-2.4.24.ebuild:
254 Version bump, updated most of the components.
255 This release includes the following:
256
257 - Hardened security
258 - Netfilter patch-o-matic 20031219
259 - FreeSWAN 2.04 & x509 1.4.8
260 - EVMS 2.2.2
261 - XFS 1.3.1
262 - cryptoloop jari
263 - grsecurity 2.0-rc4
264 - SELinux
265 - PaX 200402060000
266 - PaX Obscurity 200308302223
267 - Others...
268
269 Neither -ck nor systrace are included anymore.
270
271 *hardened-sources-2.4.22-r2 (05 Jan 2004)
272
273 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
274 hardened-sources-2.4.22-r2.ebuild:
275 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
276
277 *hardened-sources-2.4.22-r1 (02 Dec 2003)
278
279 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
280 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
281
282 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
283 hardened-sources-2.4.22-r1.ebuild:
284 Version bump for the 'do_brk' vulnerability.
285
286 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
287 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
288 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
289 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
290 Fix the 'do_brk' vulnerability.
291
292 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
293 hardened-sources-2.4.22.ebuild:
294 - Removed the src_install() portion for SELinux flask
295 components. These are no longer handled in the kernel
296 so this code was not necessary.
297
298 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
299 New 2.4.22 based hardened-sources thanks to
300 Phil West <p.west@computer.org>.
301
302 These sources include:
303 - New SELinux API
304 - Updated CK-base
305 - Updated GRSec
306 - Systrace
307 - SuperFreeS/WAN 1.99.8
308 - Propolice kernel build support
309 - EVMS
310 - Other various security related patches
311
312 *hardened-sources-2.4.21 (14 Sep 2003)
313
314 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
315 Updated hardened-sources based on the 2.4.21 Linux kernel.
316 This includes updates to most major components such as:
317 - ck-base-0306300059
318 - selinux-2.4-2003071106
319 - grsecurity-2.0-rc1
320 - Updated IPTables patch-o-matic
321 - Updated SuperFreeS/WAN
322
323 Thanks to Phil West <pwest@computer.org> for his work in getting this
324 updated patch set ready for the 2.4.21 based kernel.
325
326 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
327 Initial import of hardened-sources-2.4.20-r4. This revision
328 includes only a few changes, but one of these is an important
329 security fix. It is recommended all users of hardened-sources
330 upgrade to this release.
331
332 - ioperm bug fix
333 - fixed compilation failure when building without GRSec
334
335 SAL (Secure Auditing for Linux) is NOT included in this revision
336 due to time constraints, but is planned for inclusion in the near
337 future.
338
339 *hardened-sources-2.4.20-r2 (12 Jun 2003)
340
341 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
342 hardened-sources-2.4.20-r3.ebuild:
343 Add Header...
344
345 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
346 hardened-sources-2.4.20-r3.ebuild:
347 Removed warnings from ebuild. This kernel should be safe to
348 use at this point.
349
350 *hardened-sources-2.4.20-r3 (08 Jun 2003)
351
352 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
353 hardened-sources-2.4.20-r3.ebuild:
354 New revision. Includes the following changes over -r2:
355
356 - ck7-base (O(1), preempt, low latency)
357 - Super FreeS/WAN 1.99.7rc2
358 - PaX for the LSM/SELinux branch
359 - GRSecurity 2.0-pre4 (role based access control)
360 - Systrace 1.3
361 - EXT3 fixes
362 - EVMS 2.0.1
363 - GCC 3.1+ compile optimizations
364 - ProPolice kernel build support
365 - Hashing table security fixes
366
367 *hardened-sources-2.4.20-r1 (09 Apr 2003)
368
369 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
370 Initial import of hardened-sources-r2. This new
371 ebuild includes many new performance and security
372 related patches. As in -r1, it will patch in
373 LSM/SELinux if "selinux" is in USE, otherwise it
374 will patch in GRSecurity. The following patches
375 are included in this revision:
376
377 - O(1) Scheduler, Low Latency, and Preempt
378 (pulled from the base CK patch)
379 - ptrace exploit patch for the LSM kernel
380 (the GRSec patch already fixes this)
381 - LSM 2.4-2003040709
382 - SELinux 2.4-2003040709
383 - Systrace v1.2
384 - IPTables patch-o-matic base patches - 20030107
385 - CryptoAPI 2.4.20.1 w/ loop-jari patch
386 - Super FreeS/WAN 1.99.6.1
387 - GRSecurity 1.9.9g
388 - MPPE
389 - EXT3 data journal fix
390 - CIPE 1.5.4
391
392 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
393 hardened-sources-2.4.20-r1.ebuild, manifest:
394 Updated to install flask components correctly for selinux.
395
396 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
397 hardened-sources-2.4.20-r1.ebuild:
398 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
399 is patched in instead. Ptrace patches for selinux have also been added. In
400 either case, systrace support will be patched in as well.
401
402 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
403 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
404 Revision bump for new sources.
405
406 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
407 hardened-sources-2.4.20-r1.ebuild:
408 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
409
410 *hardened-sources-2.4.20 (30 Mar 2003)
411
412 30 Mar 2003; Joshua Brindle <method@gentoo.org>
413 hardened-sources-2.4.20.ebuild:
414 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20