/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.83 - (show annotations) (download)
Fri Mar 31 13:30:37 2006 UTC (8 years, 3 months ago) by johnm
Branch: MAIN
Changes since 1.82: +8 -1 lines
Bumping to new version of grsec, and kernel base. New squashfs. Based on 2.6.16.1
(Portage version: 2.1_pre7-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.82 2006/03/30 00:35:53 cryos Exp $
4
5 *hardened-sources-2.6.16 (31 Mar 2006)
6
7 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
8 +hardened-sources-2.6.16.ebuild:
9 Bumping to new version of grsec, and kernel base. New squashfs. Based on
10 2.6.16.1
11
12 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
13 hardened-sources-2.6.14-r6.ebuild:
14 Stable on amd64, bug 127718.
15
16 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
17 Stable on ppc. Bug #127718
18
19 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
20 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
21 -hardened-sources-2.6.14-r4.ebuild:
22 Cleanup.
23
24 *hardened-sources-2.6.14-r6 (15 Mar 2006)
25
26 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
27 +hardened-sources-2.6.14-r6.ebuild:
28 Fixes grsec policy recreation bug and adds a
29 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
30
31 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
32 - stable on x86
33
34 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
35 hardened-sources-2.6.14-r5.ebuild:
36 Stable on ppc.
37
38 *hardened-sources-2.6.14-r5 (01 Feb 2006)
39
40 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
41 +hardened-sources-2.6.14-r5.ebuild:
42 fixing every known exploit
43
44 *hardened-sources-2.4.32-r2 (26 Jan 2006)
45
46 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
47 +hardened-sources-2.4.32-r2.ebuild:
48 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
49
50 *hardened-sources-2.6.14-r4 (12 Jan 2006)
51
52 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
53 - version bump for new genpatches which fix up a few sec holes
54
55 *hardened-sources-2.4.32-r1 (05 Jan 2006)
56
57 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
58 - revision bump to add misc vital linux kernel security patches.
59
60 *hardened-sources-2.6.14-r3 (30 Dec 2005)
61
62 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
63 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
64 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
65
66 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
67 hardened-sources-2.6.14-r2.ebuild:
68 making x86 & amd64 stable following testing.
69
70 *hardened-sources-2.6.14-r2 (27 Dec 2005)
71
72 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
73 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
74 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
75 network hooks.
76
77 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
78 hardened-sources-2.6.14-r1.ebuild:
79 bumping to stable early for sec fix on x86 & amd64
80
81 *hardened-sources-2.6.14-r1 (05 Dec 2005)
82
83 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
84 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
85 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
86
87 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
88 - stable on x86 security bug #114227 CAN-2005-3257
89
90 *hardened-sources-2.4.32 (19 Nov 2005)
91
92 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
93 +hardened-sources-2.4.32.ebuild:
94 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
95 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
96 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
97 rsbac >> /etc/portage/package.use)
98
99 *hardened-sources-2.6.14 (14 Nov 2005)
100
101 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
102 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
103 Bumping 2.6 series to 2.6.14.2
104
105 *hardened-sources-2.6.13-r2 (20 Oct 2005)
106
107 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
108 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
109 +hardened-sources-2.6.13-r2.ebuild:
110 Fixes minor build error in ppc.
111
112 *hardened-sources-2.6.13-r1 (17 Oct 2005)
113
114 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
115 +hardened-sources-2.6.13-r1.ebuild:
116 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
117 2.6.13.4, fixes some major amd64 stability problems.
118
119 *hardened-sources-2.6.13 (16 Sep 2005)
120
121 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
122 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
123 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
124 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
125 users should test this thoroughly.
126
127 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
128 - stable on x86
129
130 *hardened-sources-2.6.11-r15 (27 Jun 2005)
131
132 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
133 +hardened-sources-2.6.11-r15.ebuild:
134 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
135 grsec redefining curr_ip struct.
136
137 *hardened-sources-2.4.31 (20 Jun 2005)
138
139 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
140 initial import of 2.4.31 tree
141
142 *hardened-sources-2.6.11-r14 (14 Jun 2005)
143
144 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
145 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
146 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
147 naming scheme to abide by genpatches
148
149 *hardened-sources-2.6.11-r13 (18 May 2005)
150
151 18 May 2005; John Mylchreest <johnm@gentoo.org>
152 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
153 Managed to mangle the Makefile patch from grsec, to miss out the grsec
154 target. sorry about that. Fixes bug #93022
155
156 *hardened-sources-2.6.11-r12 (17 May 2005)
157
158 17 May 2005; John Mylchreest <johnm@gentoo.org>
159 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
160 +hardened-sources-2.6.11-r12.ebuild:
161 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
162 merges in genpatches-base
163
164 *hardened-sources-2.6.11-r12 (17 May 2005)
165
166 17 May 2005; John Mylchreest <johnm@gentoo.org>
167 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
168 +hardened-sources-2.6.11-r12.ebuild:
169 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
170 merges in genpatches-base
171
172 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
173 -files/2.4.27-cmdline-race.patch,
174 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
175 -files/2.4.28-grsec-binfmt_a.out.patch,
176 -files/2.4.28-grsec-cmdline-race.patch,
177 -files/2.4.28-selinux-binfmt_a.out.patch,
178 -files/2.4.28-selinux-cmdline-race.patch,
179 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
180 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
181 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
182 cleanup..
183
184 *hardened-sources-2.4.30-r1 (21 Apr 2005)
185
186 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
187 - disable aout by default
188
189 *hardened-sources-2.4.30 (18 Apr 2005)
190
191 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
192 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
193 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
194 use
195
196 *hardened-sources-2.4.29 (30 Mar 2005)
197
198 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
199 +hardened-sources-2.4.29.ebuild:
200 New hardened-patches-2.4-29.0 patchball.
201 Removed SELinux support, upgraded GRSecurity to 2.1.4.
202
203 *hardened-sources-2.4.28-r5 (06 Mar 2005)
204
205 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
206 +hardened-sources-2.4.28-r5.ebuild:
207 Added a fix for a PaX vulnerability.
208
209 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
210 hardened-sources-2.4.28-r4.ebuild:
211 Stable on x86
212
213 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
214 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
215 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
216 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
217 - fixed/added RDEPEND= in all kernel-2 ebuilds
218
219 *hardened-sources-2.4.28-r4 (21 Jan 2005)
220
221 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
222 +hardened-sources-2.4.28-r4.ebuild:
223 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
224 backport of neighbour hash updates.
225
226 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
227 hardened-sources-2.4.28-r3.ebuild:
228 Stable on x86
229
230 *hardened-sources-2.6.10-r3 (20 Jan 2005)
231
232 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
233 +hardened-sources-2.6.10-r3.ebuild:
234 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
235 in 2005.0
236
237 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
238 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
239 hardened-sources-2.4.28-r2.ebuild:
240 Mark stable on x86
241
242 *hardened-sources-2.4.28-r3 (17 Jan 2005)
243
244 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
245 +hardened-sources-2.4.28-r3.ebuild:
246 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
247
248 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
249 hardened-sources-2.4.28.ebuild:
250 Mark stable on x86.
251
252 *hardened-sources-2.4.28-r2 (13 Jan 2005)
253
254 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
255 +hardened-sources-2.4.28-r2.ebuild:
256 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
257 Mazinger for grsecurity patches as well.
258
259 *hardened-sources-2.4.28-r1 (23 Dec 2004)
260
261 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
262 Security bump. Thank tocharian for rolling a new patchset...
263
264 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
265 +files/2.4.28-grsec-cmdline-race.patch,
266 +files/2.4.28-selinux-binfmt_a.out.patch,
267 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
268 - Round up remaining security patches that appear to be missing in 2.4.28. -
269 PaX standalone updated to current. hgpv=28.1
270
271 *hardened-sources-2.4.28 (28 Nov 2004)
272
273 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
274 security bump. Thank tocharian for rolling a new patchset
275
276 *hardened-sources-2.4.27-r3 (08 Sep 2004)
277
278 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
279 +hardened-sources-2.4.27-r3.ebuild:
280 Applies the new 2.4-27.2 patchball which updates
281 GRSecurity to the 2.0.1 version.
282
283 *hardened-sources-2.4.27-r2 (31 Aug 2004)
284
285 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
286 +hardened-sources-2.4.27-r2.ebuild:
287 Version bump.
288 This version uses the new 2.4-27.1 patchball which updates
289 both the SELinux PaX hooks patch and the SELinux headers.
290
291 *hardened-sources-2.4.27-r1 (09 Aug 2004)
292
293 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
294 +hardened-sources-2.4.27-r1.ebuild,
295 -hardened-sources-2.4.27.ebuild,
296 +files/2.4.27-cmdline-race.patch:
297 Version bump, fix for cmdline race. See bug #59905.
298
299 *hardened-sources-2.4.26-r6 (09 Aug 2004)
300
301 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
302 +hardened-sources-2.4.26-r6.ebuild,
303 -hardened-sources-2.4.26-r5.ebuild,
304 -hardened-sources-2.4.26-r4.ebuild,
305 +files/2.4.26-cmdline-race.patch:
306 Version bump, fix for cmdline race. See bug #59905.
307
308 *hardened-sources-2.4.27 (08 Aug 2004)
309
310 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
311 +hardened-sources-2.4.27.ebuild,
312 +files/2.4.27-CAN-2004-0394.patch:
313 Ported the patchball to the 2.4.27 kernel version.
314
315 *hardened-sources-2.4.26-r5 (07 Aug 2004)
316
317 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
318 +hardened-sources-2.4.26-r5.ebuild:
319 Updated to use the new hardened-patches-2.4-26.1 patchball.
320 It adds the following features:
321 - Squashfs
322 - Ebtables
323 - Netdev random (core+drivers)
324 - Watchdog Timer (WDT) fix.
325
326 *hardened-sources-2.4.26-r4 (04 Aug 2004)
327
328 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
329 +hardened-sources-2.4.26-r4.ebuild,
330 +files/2.4.26-CAN-2004-0415.patch,
331 -hardened-sources-2.4.26-3:
332 Version bump, fix for CAN 0415, see bug #59378.
333
334 *hardened-sources-2.4.26-r3 (22 Jul 2004)
335
336 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
337 +hardened-sources-2.4.26-r3.ebuild,
338 +files/2.4.26-CAN-2004-0497.patch,
339 -hardened-sources-2.4.26-r2.ebuild:
340 Version bump, fixed CAN 0497, see bug #56171.
341
342 *hardened-sources-2.4.26-r2 (29 Jun 2004)
343
344 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
345 +hardened-sources-2.4.26-r2.ebuild,
346 +files/2.4.26-CAN-2004-0495.patch,
347 +files/2.4.26-CAN-2004-0535.patch,
348 -hardened-sources-2.4.26-r1.ebuild:
349 Fixes for both CAN 0495 and 0535, see bug #54976
350
351 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
352 hardened-sources-2.4.26-r1.ebuild:
353 QA - fix use invocation
354
355 *hardened-sources-2.4.26-r1 (22 June 2004)
356
357 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
358 +hardened-sources-2.4.26-r1.ebuild,
359 +files/2.4.26-CAN-2004-0394.patch,
360 +files/2.4.26-signal-race.patch,
361 -hardened-sources-2.4.26.ebuild,
362 -hardened-sources-2.4.24-r3.ebuild:
363 Version bump for the CAN-2004-0394 issue and bug #53804
364 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
365
366
367 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
368 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
369 Masked hardened-sources-2.4.26.ebuild broken for ppc
370
371 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
372 hardened-sources-2.4.24-r3.ebuild:
373 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
374
375 *hardened-sources-2.4.26 (29 May 2004)
376
377 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
378 +hardened-sources-2.4.26.ebuild:
379 Updated hardened-sources for the 2.4.26 kernel
380 Removed broken components, updated almost everything.
381
382 *hardened-sources-2.4.24-r3 (17 Apr 2004)
383
384 17 Apr 2004; <plasmaroo@gentoo.org>
385 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
386 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
387 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
388 +hardened-sources-2.4.24-r3.ebuild:
389 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
390 vulnerabilities. Old revisions removed.
391
392 *hardened-sources-2.4.24-r2 (15 Apr 2004)
393
394 15 Apr 2004; <plasmaroo@gentoo.org>
395 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
396 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
397 Version bump for the CAN-2004-0109 issue; bug #47881.
398
399 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
400 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
401 Add eutils to inherit.
402
403 *hardened-sources-2.4.24-r1 (19 Feb 2004)
404
405 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
406 files/hardened-sources-2.4.24.munmap.patch:
407 Added the patch for the mremap/munmap vulnerability. Bug #42024.
408
409 *hardened-sources-2.4.24 (06 Feb 2004)
410
411 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
412 hardened-sources-2.4.24.ebuild:
413 Version bump, updated most of the components.
414 This release includes the following:
415
416 - Hardened security
417 - Netfilter patch-o-matic 20031219
418 - FreeSWAN 2.04 & x509 1.4.8
419 - EVMS 2.2.2
420 - XFS 1.3.1
421 - cryptoloop jari
422 - grsecurity 2.0-rc4
423 - SELinux
424 - PaX 200402060000
425 - PaX Obscurity 200308302223
426 - Others...
427
428 Neither -ck nor systrace are included anymore.
429
430 *hardened-sources-2.4.22-r2 (05 Jan 2004)
431
432 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
433 hardened-sources-2.4.22-r2.ebuild:
434 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
435
436 *hardened-sources-2.4.22-r1 (02 Dec 2003)
437
438 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
439 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
440
441 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
442 hardened-sources-2.4.22-r1.ebuild:
443 Version bump for the 'do_brk' vulnerability.
444
445 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
446 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
447 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
448 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
449 Fix the 'do_brk' vulnerability.
450
451 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
452 hardened-sources-2.4.22.ebuild:
453 - Removed the src_install() portion for SELinux flask
454 components. These are no longer handled in the kernel
455 so this code was not necessary.
456
457 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
458 New 2.4.22 based hardened-sources thanks to
459 Phil West <p.west@computer.org>.
460
461 These sources include:
462 - New SELinux API
463 - Updated CK-base
464 - Updated GRSec
465 - Systrace
466 - SuperFreeS/WAN 1.99.8
467 - Propolice kernel build support
468 - EVMS
469 - Other various security related patches
470
471 *hardened-sources-2.4.21 (14 Sep 2003)
472
473 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
474 Updated hardened-sources based on the 2.4.21 Linux kernel.
475 This includes updates to most major components such as:
476 - ck-base-0306300059
477 - selinux-2.4-2003071106
478 - grsecurity-2.0-rc1
479 - Updated IPTables patch-o-matic
480 - Updated SuperFreeS/WAN
481
482 Thanks to Phil West <pwest@computer.org> for his work in getting this
483 updated patch set ready for the 2.4.21 based kernel.
484
485 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
486 Initial import of hardened-sources-2.4.20-r4. This revision
487 includes only a few changes, but one of these is an important
488 security fix. It is recommended all users of hardened-sources
489 upgrade to this release.
490
491 - ioperm bug fix
492 - fixed compilation failure when building without GRSec
493
494 SAL (Secure Auditing for Linux) is NOT included in this revision
495 due to time constraints, but is planned for inclusion in the near
496 future.
497
498 *hardened-sources-2.4.20-r2 (12 Jun 2003)
499
500 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
501 hardened-sources-2.4.20-r3.ebuild:
502 Add Header...
503
504 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
505 hardened-sources-2.4.20-r3.ebuild:
506 Removed warnings from ebuild. This kernel should be safe to
507 use at this point.
508
509 *hardened-sources-2.4.20-r3 (08 Jun 2003)
510
511 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
512 hardened-sources-2.4.20-r3.ebuild:
513 New revision. Includes the following changes over -r2:
514
515 - ck7-base (O(1), preempt, low latency)
516 - Super FreeS/WAN 1.99.7rc2
517 - PaX for the LSM/SELinux branch
518 - GRSecurity 2.0-pre4 (role based access control)
519 - Systrace 1.3
520 - EXT3 fixes
521 - EVMS 2.0.1
522 - GCC 3.1+ compile optimizations
523 - ProPolice kernel build support
524 - Hashing table security fixes
525
526 *hardened-sources-2.4.20-r1 (09 Apr 2003)
527
528 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
529 Initial import of hardened-sources-r2. This new
530 ebuild includes many new performance and security
531 related patches. As in -r1, it will patch in
532 LSM/SELinux if "selinux" is in USE, otherwise it
533 will patch in GRSecurity. The following patches
534 are included in this revision:
535
536 - O(1) Scheduler, Low Latency, and Preempt
537 (pulled from the base CK patch)
538 - ptrace exploit patch for the LSM kernel
539 (the GRSec patch already fixes this)
540 - LSM 2.4-2003040709
541 - SELinux 2.4-2003040709
542 - Systrace v1.2
543 - IPTables patch-o-matic base patches - 20030107
544 - CryptoAPI 2.4.20.1 w/ loop-jari patch
545 - Super FreeS/WAN 1.99.6.1
546 - GRSecurity 1.9.9g
547 - MPPE
548 - EXT3 data journal fix
549 - CIPE 1.5.4
550
551 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
552 hardened-sources-2.4.20-r1.ebuild, manifest:
553 Updated to install flask components correctly for selinux.
554
555 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
556 hardened-sources-2.4.20-r1.ebuild:
557 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
558 is patched in instead. Ptrace patches for selinux have also been added. In
559 either case, systrace support will be patched in as well.
560
561 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
562 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
563 Revision bump for new sources.
564
565 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
566 hardened-sources-2.4.20-r1.ebuild:
567 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
568
569 *hardened-sources-2.4.20 (30 Mar 2003)
570
571 30 Mar 2003; Joshua Brindle <method@gentoo.org>
572 hardened-sources-2.4.20.ebuild:
573 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20