/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.75 - (show annotations) (download)
Fri Jan 27 01:24:24 2006 UTC (8 years, 6 months ago) by solar
Branch: MAIN
Changes since 1.74: +7 -1 lines
- mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
(Portage version: 2570-svn)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.74 2006/01/12 18:35:58 solar Exp $
4
5 *hardened-sources-2.4.32-r2 (26 Jan 2006)
6
7 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
8 +hardened-sources-2.4.32-r2.ebuild:
9 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
10
11 *hardened-sources-2.6.14-r4 (12 Jan 2006)
12
13 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
14 - version bump for new genpatches which fix up a few sec holes
15
16 *hardened-sources-2.4.32-r1 (05 Jan 2006)
17
18 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
19 - revision bump to add misc vital linux kernel security patches.
20
21 *hardened-sources-2.6.14-r3 (30 Dec 2005)
22
23 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
24 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
25 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
26
27 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
28 hardened-sources-2.6.14-r2.ebuild:
29 making x86 & amd64 stable following testing.
30
31 *hardened-sources-2.6.14-r2 (27 Dec 2005)
32
33 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
34 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
35 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
36 network hooks.
37
38 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
39 hardened-sources-2.6.14-r1.ebuild:
40 bumping to stable early for sec fix on x86 & amd64
41
42 *hardened-sources-2.6.14-r1 (05 Dec 2005)
43
44 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
45 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
46 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
47
48 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
49 - stable on x86 security bug #114227 CAN-2005-3257
50
51 *hardened-sources-2.4.32 (19 Nov 2005)
52
53 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
54 +hardened-sources-2.4.32.ebuild:
55 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
56 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
57 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
58 rsbac >> /etc/portage/package.use)
59
60 *hardened-sources-2.6.14 (14 Nov 2005)
61
62 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
63 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
64 Bumping 2.6 series to 2.6.14.2
65
66 *hardened-sources-2.6.13-r2 (20 Oct 2005)
67
68 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
69 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
70 +hardened-sources-2.6.13-r2.ebuild:
71 Fixes minor build error in ppc.
72
73 *hardened-sources-2.6.13-r1 (17 Oct 2005)
74
75 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
76 +hardened-sources-2.6.13-r1.ebuild:
77 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
78 2.6.13.4, fixes some major amd64 stability problems.
79
80 *hardened-sources-2.6.13 (16 Sep 2005)
81
82 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
83 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
84 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
85 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
86 users should test this thoroughly.
87
88 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
89 - stable on x86
90
91 *hardened-sources-2.6.11-r15 (27 Jun 2005)
92
93 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
94 +hardened-sources-2.6.11-r15.ebuild:
95 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
96 grsec redefining curr_ip struct.
97
98 *hardened-sources-2.4.31 (20 Jun 2005)
99
100 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
101 initial import of 2.4.31 tree
102
103 *hardened-sources-2.6.11-r14 (14 Jun 2005)
104
105 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
106 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
107 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
108 naming scheme to abide by genpatches
109
110 *hardened-sources-2.6.11-r13 (18 May 2005)
111
112 18 May 2005; John Mylchreest <johnm@gentoo.org>
113 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
114 Managed to mangle the Makefile patch from grsec, to miss out the grsec
115 target. sorry about that. Fixes bug #93022
116
117 *hardened-sources-2.6.11-r12 (17 May 2005)
118
119 17 May 2005; John Mylchreest <johnm@gentoo.org>
120 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
121 +hardened-sources-2.6.11-r12.ebuild:
122 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
123 merges in genpatches-base
124
125 *hardened-sources-2.6.11-r12 (17 May 2005)
126
127 17 May 2005; John Mylchreest <johnm@gentoo.org>
128 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
129 +hardened-sources-2.6.11-r12.ebuild:
130 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
131 merges in genpatches-base
132
133 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
134 -files/2.4.27-cmdline-race.patch,
135 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
136 -files/2.4.28-grsec-binfmt_a.out.patch,
137 -files/2.4.28-grsec-cmdline-race.patch,
138 -files/2.4.28-selinux-binfmt_a.out.patch,
139 -files/2.4.28-selinux-cmdline-race.patch,
140 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
141 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
142 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
143 cleanup..
144
145 *hardened-sources-2.4.30-r1 (21 Apr 2005)
146
147 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
148 - disable aout by default
149
150 *hardened-sources-2.4.30 (18 Apr 2005)
151
152 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
153 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
154 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
155 use
156
157 *hardened-sources-2.4.29 (30 Mar 2005)
158
159 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
160 +hardened-sources-2.4.29.ebuild:
161 New hardened-patches-2.4-29.0 patchball.
162 Removed SELinux support, upgraded GRSecurity to 2.1.4.
163
164 *hardened-sources-2.4.28-r5 (06 Mar 2005)
165
166 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
167 +hardened-sources-2.4.28-r5.ebuild:
168 Added a fix for a PaX vulnerability.
169
170 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
171 hardened-sources-2.4.28-r4.ebuild:
172 Stable on x86
173
174 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
175 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
176 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
177 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
178 - fixed/added RDEPEND= in all kernel-2 ebuilds
179
180 *hardened-sources-2.4.28-r4 (21 Jan 2005)
181
182 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
183 +hardened-sources-2.4.28-r4.ebuild:
184 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
185 backport of neighbour hash updates.
186
187 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
188 hardened-sources-2.4.28-r3.ebuild:
189 Stable on x86
190
191 *hardened-sources-2.6.10-r3 (20 Jan 2005)
192
193 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
194 +hardened-sources-2.6.10-r3.ebuild:
195 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
196 in 2005.0
197
198 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
199 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
200 hardened-sources-2.4.28-r2.ebuild:
201 Mark stable on x86
202
203 *hardened-sources-2.4.28-r3 (17 Jan 2005)
204
205 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
206 +hardened-sources-2.4.28-r3.ebuild:
207 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
208
209 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
210 hardened-sources-2.4.28.ebuild:
211 Mark stable on x86.
212
213 *hardened-sources-2.4.28-r2 (13 Jan 2005)
214
215 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
216 +hardened-sources-2.4.28-r2.ebuild:
217 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
218 Mazinger for grsecurity patches as well.
219
220 *hardened-sources-2.4.28-r1 (23 Dec 2004)
221
222 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
223 Security bump. Thank tocharian for rolling a new patchset...
224
225 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
226 +files/2.4.28-grsec-cmdline-race.patch,
227 +files/2.4.28-selinux-binfmt_a.out.patch,
228 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
229 - Round up remaining security patches that appear to be missing in 2.4.28. -
230 PaX standalone updated to current. hgpv=28.1
231
232 *hardened-sources-2.4.28 (28 Nov 2004)
233
234 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
235 security bump. Thank tocharian for rolling a new patchset
236
237 *hardened-sources-2.4.27-r3 (08 Sep 2004)
238
239 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
240 +hardened-sources-2.4.27-r3.ebuild:
241 Applies the new 2.4-27.2 patchball which updates
242 GRSecurity to the 2.0.1 version.
243
244 *hardened-sources-2.4.27-r2 (31 Aug 2004)
245
246 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
247 +hardened-sources-2.4.27-r2.ebuild:
248 Version bump.
249 This version uses the new 2.4-27.1 patchball which updates
250 both the SELinux PaX hooks patch and the SELinux headers.
251
252 *hardened-sources-2.4.27-r1 (09 Aug 2004)
253
254 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
255 +hardened-sources-2.4.27-r1.ebuild,
256 -hardened-sources-2.4.27.ebuild,
257 +files/2.4.27-cmdline-race.patch:
258 Version bump, fix for cmdline race. See bug #59905.
259
260 *hardened-sources-2.4.26-r6 (09 Aug 2004)
261
262 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
263 +hardened-sources-2.4.26-r6.ebuild,
264 -hardened-sources-2.4.26-r5.ebuild,
265 -hardened-sources-2.4.26-r4.ebuild,
266 +files/2.4.26-cmdline-race.patch:
267 Version bump, fix for cmdline race. See bug #59905.
268
269 *hardened-sources-2.4.27 (08 Aug 2004)
270
271 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
272 +hardened-sources-2.4.27.ebuild,
273 +files/2.4.27-CAN-2004-0394.patch:
274 Ported the patchball to the 2.4.27 kernel version.
275
276 *hardened-sources-2.4.26-r5 (07 Aug 2004)
277
278 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
279 +hardened-sources-2.4.26-r5.ebuild:
280 Updated to use the new hardened-patches-2.4-26.1 patchball.
281 It adds the following features:
282 - Squashfs
283 - Ebtables
284 - Netdev random (core+drivers)
285 - Watchdog Timer (WDT) fix.
286
287 *hardened-sources-2.4.26-r4 (04 Aug 2004)
288
289 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
290 +hardened-sources-2.4.26-r4.ebuild,
291 +files/2.4.26-CAN-2004-0415.patch,
292 -hardened-sources-2.4.26-3:
293 Version bump, fix for CAN 0415, see bug #59378.
294
295 *hardened-sources-2.4.26-r3 (22 Jul 2004)
296
297 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
298 +hardened-sources-2.4.26-r3.ebuild,
299 +files/2.4.26-CAN-2004-0497.patch,
300 -hardened-sources-2.4.26-r2.ebuild:
301 Version bump, fixed CAN 0497, see bug #56171.
302
303 *hardened-sources-2.4.26-r2 (29 Jun 2004)
304
305 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
306 +hardened-sources-2.4.26-r2.ebuild,
307 +files/2.4.26-CAN-2004-0495.patch,
308 +files/2.4.26-CAN-2004-0535.patch,
309 -hardened-sources-2.4.26-r1.ebuild:
310 Fixes for both CAN 0495 and 0535, see bug #54976
311
312 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
313 hardened-sources-2.4.26-r1.ebuild:
314 QA - fix use invocation
315
316 *hardened-sources-2.4.26-r1 (22 June 2004)
317
318 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
319 +hardened-sources-2.4.26-r1.ebuild,
320 +files/2.4.26-CAN-2004-0394.patch,
321 +files/2.4.26-signal-race.patch,
322 -hardened-sources-2.4.26.ebuild,
323 -hardened-sources-2.4.24-r3.ebuild:
324 Version bump for the CAN-2004-0394 issue and bug #53804
325 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
326
327
328 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
329 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
330 Masked hardened-sources-2.4.26.ebuild broken for ppc
331
332 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
333 hardened-sources-2.4.24-r3.ebuild:
334 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
335
336 *hardened-sources-2.4.26 (29 May 2004)
337
338 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
339 +hardened-sources-2.4.26.ebuild:
340 Updated hardened-sources for the 2.4.26 kernel
341 Removed broken components, updated almost everything.
342
343 *hardened-sources-2.4.24-r3 (17 Apr 2004)
344
345 17 Apr 2004; <plasmaroo@gentoo.org>
346 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
347 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
348 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
349 +hardened-sources-2.4.24-r3.ebuild:
350 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
351 vulnerabilities. Old revisions removed.
352
353 *hardened-sources-2.4.24-r2 (15 Apr 2004)
354
355 15 Apr 2004; <plasmaroo@gentoo.org>
356 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
357 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
358 Version bump for the CAN-2004-0109 issue; bug #47881.
359
360 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
361 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
362 Add eutils to inherit.
363
364 *hardened-sources-2.4.24-r1 (19 Feb 2004)
365
366 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
367 files/hardened-sources-2.4.24.munmap.patch:
368 Added the patch for the mremap/munmap vulnerability. Bug #42024.
369
370 *hardened-sources-2.4.24 (06 Feb 2004)
371
372 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
373 hardened-sources-2.4.24.ebuild:
374 Version bump, updated most of the components.
375 This release includes the following:
376
377 - Hardened security
378 - Netfilter patch-o-matic 20031219
379 - FreeSWAN 2.04 & x509 1.4.8
380 - EVMS 2.2.2
381 - XFS 1.3.1
382 - cryptoloop jari
383 - grsecurity 2.0-rc4
384 - SELinux
385 - PaX 200402060000
386 - PaX Obscurity 200308302223
387 - Others...
388
389 Neither -ck nor systrace are included anymore.
390
391 *hardened-sources-2.4.22-r2 (05 Jan 2004)
392
393 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
394 hardened-sources-2.4.22-r2.ebuild:
395 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
396
397 *hardened-sources-2.4.22-r1 (02 Dec 2003)
398
399 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
400 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
401
402 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
403 hardened-sources-2.4.22-r1.ebuild:
404 Version bump for the 'do_brk' vulnerability.
405
406 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
407 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
408 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
409 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
410 Fix the 'do_brk' vulnerability.
411
412 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
413 hardened-sources-2.4.22.ebuild:
414 - Removed the src_install() portion for SELinux flask
415 components. These are no longer handled in the kernel
416 so this code was not necessary.
417
418 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
419 New 2.4.22 based hardened-sources thanks to
420 Phil West <p.west@computer.org>.
421
422 These sources include:
423 - New SELinux API
424 - Updated CK-base
425 - Updated GRSec
426 - Systrace
427 - SuperFreeS/WAN 1.99.8
428 - Propolice kernel build support
429 - EVMS
430 - Other various security related patches
431
432 *hardened-sources-2.4.21 (14 Sep 2003)
433
434 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
435 Updated hardened-sources based on the 2.4.21 Linux kernel.
436 This includes updates to most major components such as:
437 - ck-base-0306300059
438 - selinux-2.4-2003071106
439 - grsecurity-2.0-rc1
440 - Updated IPTables patch-o-matic
441 - Updated SuperFreeS/WAN
442
443 Thanks to Phil West <pwest@computer.org> for his work in getting this
444 updated patch set ready for the 2.4.21 based kernel.
445
446 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
447 Initial import of hardened-sources-2.4.20-r4. This revision
448 includes only a few changes, but one of these is an important
449 security fix. It is recommended all users of hardened-sources
450 upgrade to this release.
451
452 - ioperm bug fix
453 - fixed compilation failure when building without GRSec
454
455 SAL (Secure Auditing for Linux) is NOT included in this revision
456 due to time constraints, but is planned for inclusion in the near
457 future.
458
459 *hardened-sources-2.4.20-r2 (12 Jun 2003)
460
461 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
462 hardened-sources-2.4.20-r3.ebuild:
463 Add Header...
464
465 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
466 hardened-sources-2.4.20-r3.ebuild:
467 Removed warnings from ebuild. This kernel should be safe to
468 use at this point.
469
470 *hardened-sources-2.4.20-r3 (08 Jun 2003)
471
472 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
473 hardened-sources-2.4.20-r3.ebuild:
474 New revision. Includes the following changes over -r2:
475
476 - ck7-base (O(1), preempt, low latency)
477 - Super FreeS/WAN 1.99.7rc2
478 - PaX for the LSM/SELinux branch
479 - GRSecurity 2.0-pre4 (role based access control)
480 - Systrace 1.3
481 - EXT3 fixes
482 - EVMS 2.0.1
483 - GCC 3.1+ compile optimizations
484 - ProPolice kernel build support
485 - Hashing table security fixes
486
487 *hardened-sources-2.4.20-r1 (09 Apr 2003)
488
489 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
490 Initial import of hardened-sources-r2. This new
491 ebuild includes many new performance and security
492 related patches. As in -r1, it will patch in
493 LSM/SELinux if "selinux" is in USE, otherwise it
494 will patch in GRSecurity. The following patches
495 are included in this revision:
496
497 - O(1) Scheduler, Low Latency, and Preempt
498 (pulled from the base CK patch)
499 - ptrace exploit patch for the LSM kernel
500 (the GRSec patch already fixes this)
501 - LSM 2.4-2003040709
502 - SELinux 2.4-2003040709
503 - Systrace v1.2
504 - IPTables patch-o-matic base patches - 20030107
505 - CryptoAPI 2.4.20.1 w/ loop-jari patch
506 - Super FreeS/WAN 1.99.6.1
507 - GRSecurity 1.9.9g
508 - MPPE
509 - EXT3 data journal fix
510 - CIPE 1.5.4
511
512 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
513 hardened-sources-2.4.20-r1.ebuild, manifest:
514 Updated to install flask components correctly for selinux.
515
516 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
517 hardened-sources-2.4.20-r1.ebuild:
518 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
519 is patched in instead. Ptrace patches for selinux have also been added. In
520 either case, systrace support will be patched in as well.
521
522 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
523 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
524 Revision bump for new sources.
525
526 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
527 hardened-sources-2.4.20-r1.ebuild:
528 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
529
530 *hardened-sources-2.4.20 (30 Mar 2003)
531
532 30 Mar 2003; Joshua Brindle <method@gentoo.org>
533 hardened-sources-2.4.20.ebuild:
534 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20