/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.82 - (show annotations) (download)
Thu Mar 30 00:35:53 2006 UTC (8 years, 6 months ago) by cryos
Branch: MAIN
Changes since 1.81: +5 -1 lines
Stable on amd64, bug 127718.
(Portage version: 2.1_pre7-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.81 2006/03/28 16:04:59 nixnut Exp $
4
5 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
6 hardened-sources-2.6.14-r6.ebuild:
7 Stable on amd64, bug 127718.
8
9 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
10 Stable on ppc. Bug #127718
11
12 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
13 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
14 -hardened-sources-2.6.14-r4.ebuild:
15 Cleanup.
16
17 *hardened-sources-2.6.14-r6 (15 Mar 2006)
18
19 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
20 +hardened-sources-2.6.14-r6.ebuild:
21 Fixes grsec policy recreation bug and adds a
22 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
23
24 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
25 - stable on x86
26
27 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
28 hardened-sources-2.6.14-r5.ebuild:
29 Stable on ppc.
30
31 *hardened-sources-2.6.14-r5 (01 Feb 2006)
32
33 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
34 +hardened-sources-2.6.14-r5.ebuild:
35 fixing every known exploit
36
37 *hardened-sources-2.4.32-r2 (26 Jan 2006)
38
39 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
40 +hardened-sources-2.4.32-r2.ebuild:
41 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
42
43 *hardened-sources-2.6.14-r4 (12 Jan 2006)
44
45 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
46 - version bump for new genpatches which fix up a few sec holes
47
48 *hardened-sources-2.4.32-r1 (05 Jan 2006)
49
50 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
51 - revision bump to add misc vital linux kernel security patches.
52
53 *hardened-sources-2.6.14-r3 (30 Dec 2005)
54
55 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
56 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
57 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
58
59 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
60 hardened-sources-2.6.14-r2.ebuild:
61 making x86 & amd64 stable following testing.
62
63 *hardened-sources-2.6.14-r2 (27 Dec 2005)
64
65 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
66 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
67 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
68 network hooks.
69
70 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
71 hardened-sources-2.6.14-r1.ebuild:
72 bumping to stable early for sec fix on x86 & amd64
73
74 *hardened-sources-2.6.14-r1 (05 Dec 2005)
75
76 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
77 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
78 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
79
80 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
81 - stable on x86 security bug #114227 CAN-2005-3257
82
83 *hardened-sources-2.4.32 (19 Nov 2005)
84
85 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
86 +hardened-sources-2.4.32.ebuild:
87 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
88 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
89 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
90 rsbac >> /etc/portage/package.use)
91
92 *hardened-sources-2.6.14 (14 Nov 2005)
93
94 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
95 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
96 Bumping 2.6 series to 2.6.14.2
97
98 *hardened-sources-2.6.13-r2 (20 Oct 2005)
99
100 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
101 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
102 +hardened-sources-2.6.13-r2.ebuild:
103 Fixes minor build error in ppc.
104
105 *hardened-sources-2.6.13-r1 (17 Oct 2005)
106
107 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
108 +hardened-sources-2.6.13-r1.ebuild:
109 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
110 2.6.13.4, fixes some major amd64 stability problems.
111
112 *hardened-sources-2.6.13 (16 Sep 2005)
113
114 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
115 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
116 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
117 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
118 users should test this thoroughly.
119
120 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
121 - stable on x86
122
123 *hardened-sources-2.6.11-r15 (27 Jun 2005)
124
125 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
126 +hardened-sources-2.6.11-r15.ebuild:
127 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
128 grsec redefining curr_ip struct.
129
130 *hardened-sources-2.4.31 (20 Jun 2005)
131
132 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
133 initial import of 2.4.31 tree
134
135 *hardened-sources-2.6.11-r14 (14 Jun 2005)
136
137 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
138 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
139 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
140 naming scheme to abide by genpatches
141
142 *hardened-sources-2.6.11-r13 (18 May 2005)
143
144 18 May 2005; John Mylchreest <johnm@gentoo.org>
145 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
146 Managed to mangle the Makefile patch from grsec, to miss out the grsec
147 target. sorry about that. Fixes bug #93022
148
149 *hardened-sources-2.6.11-r12 (17 May 2005)
150
151 17 May 2005; John Mylchreest <johnm@gentoo.org>
152 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
153 +hardened-sources-2.6.11-r12.ebuild:
154 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
155 merges in genpatches-base
156
157 *hardened-sources-2.6.11-r12 (17 May 2005)
158
159 17 May 2005; John Mylchreest <johnm@gentoo.org>
160 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
161 +hardened-sources-2.6.11-r12.ebuild:
162 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
163 merges in genpatches-base
164
165 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
166 -files/2.4.27-cmdline-race.patch,
167 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
168 -files/2.4.28-grsec-binfmt_a.out.patch,
169 -files/2.4.28-grsec-cmdline-race.patch,
170 -files/2.4.28-selinux-binfmt_a.out.patch,
171 -files/2.4.28-selinux-cmdline-race.patch,
172 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
173 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
174 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
175 cleanup..
176
177 *hardened-sources-2.4.30-r1 (21 Apr 2005)
178
179 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
180 - disable aout by default
181
182 *hardened-sources-2.4.30 (18 Apr 2005)
183
184 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
185 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
186 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
187 use
188
189 *hardened-sources-2.4.29 (30 Mar 2005)
190
191 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
192 +hardened-sources-2.4.29.ebuild:
193 New hardened-patches-2.4-29.0 patchball.
194 Removed SELinux support, upgraded GRSecurity to 2.1.4.
195
196 *hardened-sources-2.4.28-r5 (06 Mar 2005)
197
198 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
199 +hardened-sources-2.4.28-r5.ebuild:
200 Added a fix for a PaX vulnerability.
201
202 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
203 hardened-sources-2.4.28-r4.ebuild:
204 Stable on x86
205
206 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
207 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
208 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
209 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
210 - fixed/added RDEPEND= in all kernel-2 ebuilds
211
212 *hardened-sources-2.4.28-r4 (21 Jan 2005)
213
214 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
215 +hardened-sources-2.4.28-r4.ebuild:
216 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
217 backport of neighbour hash updates.
218
219 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
220 hardened-sources-2.4.28-r3.ebuild:
221 Stable on x86
222
223 *hardened-sources-2.6.10-r3 (20 Jan 2005)
224
225 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
226 +hardened-sources-2.6.10-r3.ebuild:
227 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
228 in 2005.0
229
230 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
231 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
232 hardened-sources-2.4.28-r2.ebuild:
233 Mark stable on x86
234
235 *hardened-sources-2.4.28-r3 (17 Jan 2005)
236
237 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
238 +hardened-sources-2.4.28-r3.ebuild:
239 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
240
241 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
242 hardened-sources-2.4.28.ebuild:
243 Mark stable on x86.
244
245 *hardened-sources-2.4.28-r2 (13 Jan 2005)
246
247 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
248 +hardened-sources-2.4.28-r2.ebuild:
249 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
250 Mazinger for grsecurity patches as well.
251
252 *hardened-sources-2.4.28-r1 (23 Dec 2004)
253
254 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
255 Security bump. Thank tocharian for rolling a new patchset...
256
257 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
258 +files/2.4.28-grsec-cmdline-race.patch,
259 +files/2.4.28-selinux-binfmt_a.out.patch,
260 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
261 - Round up remaining security patches that appear to be missing in 2.4.28. -
262 PaX standalone updated to current. hgpv=28.1
263
264 *hardened-sources-2.4.28 (28 Nov 2004)
265
266 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
267 security bump. Thank tocharian for rolling a new patchset
268
269 *hardened-sources-2.4.27-r3 (08 Sep 2004)
270
271 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
272 +hardened-sources-2.4.27-r3.ebuild:
273 Applies the new 2.4-27.2 patchball which updates
274 GRSecurity to the 2.0.1 version.
275
276 *hardened-sources-2.4.27-r2 (31 Aug 2004)
277
278 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
279 +hardened-sources-2.4.27-r2.ebuild:
280 Version bump.
281 This version uses the new 2.4-27.1 patchball which updates
282 both the SELinux PaX hooks patch and the SELinux headers.
283
284 *hardened-sources-2.4.27-r1 (09 Aug 2004)
285
286 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
287 +hardened-sources-2.4.27-r1.ebuild,
288 -hardened-sources-2.4.27.ebuild,
289 +files/2.4.27-cmdline-race.patch:
290 Version bump, fix for cmdline race. See bug #59905.
291
292 *hardened-sources-2.4.26-r6 (09 Aug 2004)
293
294 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
295 +hardened-sources-2.4.26-r6.ebuild,
296 -hardened-sources-2.4.26-r5.ebuild,
297 -hardened-sources-2.4.26-r4.ebuild,
298 +files/2.4.26-cmdline-race.patch:
299 Version bump, fix for cmdline race. See bug #59905.
300
301 *hardened-sources-2.4.27 (08 Aug 2004)
302
303 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
304 +hardened-sources-2.4.27.ebuild,
305 +files/2.4.27-CAN-2004-0394.patch:
306 Ported the patchball to the 2.4.27 kernel version.
307
308 *hardened-sources-2.4.26-r5 (07 Aug 2004)
309
310 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
311 +hardened-sources-2.4.26-r5.ebuild:
312 Updated to use the new hardened-patches-2.4-26.1 patchball.
313 It adds the following features:
314 - Squashfs
315 - Ebtables
316 - Netdev random (core+drivers)
317 - Watchdog Timer (WDT) fix.
318
319 *hardened-sources-2.4.26-r4 (04 Aug 2004)
320
321 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
322 +hardened-sources-2.4.26-r4.ebuild,
323 +files/2.4.26-CAN-2004-0415.patch,
324 -hardened-sources-2.4.26-3:
325 Version bump, fix for CAN 0415, see bug #59378.
326
327 *hardened-sources-2.4.26-r3 (22 Jul 2004)
328
329 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
330 +hardened-sources-2.4.26-r3.ebuild,
331 +files/2.4.26-CAN-2004-0497.patch,
332 -hardened-sources-2.4.26-r2.ebuild:
333 Version bump, fixed CAN 0497, see bug #56171.
334
335 *hardened-sources-2.4.26-r2 (29 Jun 2004)
336
337 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
338 +hardened-sources-2.4.26-r2.ebuild,
339 +files/2.4.26-CAN-2004-0495.patch,
340 +files/2.4.26-CAN-2004-0535.patch,
341 -hardened-sources-2.4.26-r1.ebuild:
342 Fixes for both CAN 0495 and 0535, see bug #54976
343
344 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
345 hardened-sources-2.4.26-r1.ebuild:
346 QA - fix use invocation
347
348 *hardened-sources-2.4.26-r1 (22 June 2004)
349
350 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
351 +hardened-sources-2.4.26-r1.ebuild,
352 +files/2.4.26-CAN-2004-0394.patch,
353 +files/2.4.26-signal-race.patch,
354 -hardened-sources-2.4.26.ebuild,
355 -hardened-sources-2.4.24-r3.ebuild:
356 Version bump for the CAN-2004-0394 issue and bug #53804
357 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
358
359
360 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
361 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
362 Masked hardened-sources-2.4.26.ebuild broken for ppc
363
364 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
365 hardened-sources-2.4.24-r3.ebuild:
366 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
367
368 *hardened-sources-2.4.26 (29 May 2004)
369
370 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
371 +hardened-sources-2.4.26.ebuild:
372 Updated hardened-sources for the 2.4.26 kernel
373 Removed broken components, updated almost everything.
374
375 *hardened-sources-2.4.24-r3 (17 Apr 2004)
376
377 17 Apr 2004; <plasmaroo@gentoo.org>
378 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
379 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
380 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
381 +hardened-sources-2.4.24-r3.ebuild:
382 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
383 vulnerabilities. Old revisions removed.
384
385 *hardened-sources-2.4.24-r2 (15 Apr 2004)
386
387 15 Apr 2004; <plasmaroo@gentoo.org>
388 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
389 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
390 Version bump for the CAN-2004-0109 issue; bug #47881.
391
392 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
393 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
394 Add eutils to inherit.
395
396 *hardened-sources-2.4.24-r1 (19 Feb 2004)
397
398 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
399 files/hardened-sources-2.4.24.munmap.patch:
400 Added the patch for the mremap/munmap vulnerability. Bug #42024.
401
402 *hardened-sources-2.4.24 (06 Feb 2004)
403
404 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
405 hardened-sources-2.4.24.ebuild:
406 Version bump, updated most of the components.
407 This release includes the following:
408
409 - Hardened security
410 - Netfilter patch-o-matic 20031219
411 - FreeSWAN 2.04 & x509 1.4.8
412 - EVMS 2.2.2
413 - XFS 1.3.1
414 - cryptoloop jari
415 - grsecurity 2.0-rc4
416 - SELinux
417 - PaX 200402060000
418 - PaX Obscurity 200308302223
419 - Others...
420
421 Neither -ck nor systrace are included anymore.
422
423 *hardened-sources-2.4.22-r2 (05 Jan 2004)
424
425 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
426 hardened-sources-2.4.22-r2.ebuild:
427 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
428
429 *hardened-sources-2.4.22-r1 (02 Dec 2003)
430
431 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
432 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
433
434 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
435 hardened-sources-2.4.22-r1.ebuild:
436 Version bump for the 'do_brk' vulnerability.
437
438 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
439 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
440 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
441 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
442 Fix the 'do_brk' vulnerability.
443
444 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
445 hardened-sources-2.4.22.ebuild:
446 - Removed the src_install() portion for SELinux flask
447 components. These are no longer handled in the kernel
448 so this code was not necessary.
449
450 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
451 New 2.4.22 based hardened-sources thanks to
452 Phil West <p.west@computer.org>.
453
454 These sources include:
455 - New SELinux API
456 - Updated CK-base
457 - Updated GRSec
458 - Systrace
459 - SuperFreeS/WAN 1.99.8
460 - Propolice kernel build support
461 - EVMS
462 - Other various security related patches
463
464 *hardened-sources-2.4.21 (14 Sep 2003)
465
466 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
467 Updated hardened-sources based on the 2.4.21 Linux kernel.
468 This includes updates to most major components such as:
469 - ck-base-0306300059
470 - selinux-2.4-2003071106
471 - grsecurity-2.0-rc1
472 - Updated IPTables patch-o-matic
473 - Updated SuperFreeS/WAN
474
475 Thanks to Phil West <pwest@computer.org> for his work in getting this
476 updated patch set ready for the 2.4.21 based kernel.
477
478 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
479 Initial import of hardened-sources-2.4.20-r4. This revision
480 includes only a few changes, but one of these is an important
481 security fix. It is recommended all users of hardened-sources
482 upgrade to this release.
483
484 - ioperm bug fix
485 - fixed compilation failure when building without GRSec
486
487 SAL (Secure Auditing for Linux) is NOT included in this revision
488 due to time constraints, but is planned for inclusion in the near
489 future.
490
491 *hardened-sources-2.4.20-r2 (12 Jun 2003)
492
493 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
494 hardened-sources-2.4.20-r3.ebuild:
495 Add Header...
496
497 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
498 hardened-sources-2.4.20-r3.ebuild:
499 Removed warnings from ebuild. This kernel should be safe to
500 use at this point.
501
502 *hardened-sources-2.4.20-r3 (08 Jun 2003)
503
504 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
505 hardened-sources-2.4.20-r3.ebuild:
506 New revision. Includes the following changes over -r2:
507
508 - ck7-base (O(1), preempt, low latency)
509 - Super FreeS/WAN 1.99.7rc2
510 - PaX for the LSM/SELinux branch
511 - GRSecurity 2.0-pre4 (role based access control)
512 - Systrace 1.3
513 - EXT3 fixes
514 - EVMS 2.0.1
515 - GCC 3.1+ compile optimizations
516 - ProPolice kernel build support
517 - Hashing table security fixes
518
519 *hardened-sources-2.4.20-r1 (09 Apr 2003)
520
521 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
522 Initial import of hardened-sources-r2. This new
523 ebuild includes many new performance and security
524 related patches. As in -r1, it will patch in
525 LSM/SELinux if "selinux" is in USE, otherwise it
526 will patch in GRSecurity. The following patches
527 are included in this revision:
528
529 - O(1) Scheduler, Low Latency, and Preempt
530 (pulled from the base CK patch)
531 - ptrace exploit patch for the LSM kernel
532 (the GRSec patch already fixes this)
533 - LSM 2.4-2003040709
534 - SELinux 2.4-2003040709
535 - Systrace v1.2
536 - IPTables patch-o-matic base patches - 20030107
537 - CryptoAPI 2.4.20.1 w/ loop-jari patch
538 - Super FreeS/WAN 1.99.6.1
539 - GRSecurity 1.9.9g
540 - MPPE
541 - EXT3 data journal fix
542 - CIPE 1.5.4
543
544 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
545 hardened-sources-2.4.20-r1.ebuild, manifest:
546 Updated to install flask components correctly for selinux.
547
548 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
549 hardened-sources-2.4.20-r1.ebuild:
550 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
551 is patched in instead. Ptrace patches for selinux have also been added. In
552 either case, systrace support will be patched in as well.
553
554 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
555 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
556 Revision bump for new sources.
557
558 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
559 hardened-sources-2.4.20-r1.ebuild:
560 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
561
562 *hardened-sources-2.4.20 (30 Mar 2003)
563
564 30 Mar 2003; Joshua Brindle <method@gentoo.org>
565 hardened-sources-2.4.20.ebuild:
566 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20