/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.84 - (show annotations) (download)
Thu Apr 6 05:07:10 2006 UTC (8 years ago) by tsunam
Branch: MAIN
Changes since 1.83: +5 -1 lines
Stable on x86; bug #127718
(Portage version: 2.1_pre7-r4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.83 2006/03/31 13:30:37 johnm Exp $
4
5 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
6 hardened-sources-2.6.14-r6.ebuild:
7 Stable on x86; bug #127718
8
9 *hardened-sources-2.6.16 (31 Mar 2006)
10
11 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
12 +hardened-sources-2.6.16.ebuild:
13 Bumping to new version of grsec, and kernel base. New squashfs. Based on
14 2.6.16.1
15
16 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
17 hardened-sources-2.6.14-r6.ebuild:
18 Stable on amd64, bug 127718.
19
20 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
21 Stable on ppc. Bug #127718
22
23 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
24 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
25 -hardened-sources-2.6.14-r4.ebuild:
26 Cleanup.
27
28 *hardened-sources-2.6.14-r6 (15 Mar 2006)
29
30 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
31 +hardened-sources-2.6.14-r6.ebuild:
32 Fixes grsec policy recreation bug and adds a
33 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
34
35 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
36 - stable on x86
37
38 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
39 hardened-sources-2.6.14-r5.ebuild:
40 Stable on ppc.
41
42 *hardened-sources-2.6.14-r5 (01 Feb 2006)
43
44 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
45 +hardened-sources-2.6.14-r5.ebuild:
46 fixing every known exploit
47
48 *hardened-sources-2.4.32-r2 (26 Jan 2006)
49
50 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
51 +hardened-sources-2.4.32-r2.ebuild:
52 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
53
54 *hardened-sources-2.6.14-r4 (12 Jan 2006)
55
56 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
57 - version bump for new genpatches which fix up a few sec holes
58
59 *hardened-sources-2.4.32-r1 (05 Jan 2006)
60
61 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
62 - revision bump to add misc vital linux kernel security patches.
63
64 *hardened-sources-2.6.14-r3 (30 Dec 2005)
65
66 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
67 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
68 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
69
70 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
71 hardened-sources-2.6.14-r2.ebuild:
72 making x86 & amd64 stable following testing.
73
74 *hardened-sources-2.6.14-r2 (27 Dec 2005)
75
76 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
77 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
78 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
79 network hooks.
80
81 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
82 hardened-sources-2.6.14-r1.ebuild:
83 bumping to stable early for sec fix on x86 & amd64
84
85 *hardened-sources-2.6.14-r1 (05 Dec 2005)
86
87 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
88 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
89 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
90
91 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
92 - stable on x86 security bug #114227 CAN-2005-3257
93
94 *hardened-sources-2.4.32 (19 Nov 2005)
95
96 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
97 +hardened-sources-2.4.32.ebuild:
98 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
99 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
100 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
101 rsbac >> /etc/portage/package.use)
102
103 *hardened-sources-2.6.14 (14 Nov 2005)
104
105 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
106 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
107 Bumping 2.6 series to 2.6.14.2
108
109 *hardened-sources-2.6.13-r2 (20 Oct 2005)
110
111 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
112 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
113 +hardened-sources-2.6.13-r2.ebuild:
114 Fixes minor build error in ppc.
115
116 *hardened-sources-2.6.13-r1 (17 Oct 2005)
117
118 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
119 +hardened-sources-2.6.13-r1.ebuild:
120 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
121 2.6.13.4, fixes some major amd64 stability problems.
122
123 *hardened-sources-2.6.13 (16 Sep 2005)
124
125 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
126 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
127 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
128 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
129 users should test this thoroughly.
130
131 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
132 - stable on x86
133
134 *hardened-sources-2.6.11-r15 (27 Jun 2005)
135
136 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
137 +hardened-sources-2.6.11-r15.ebuild:
138 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
139 grsec redefining curr_ip struct.
140
141 *hardened-sources-2.4.31 (20 Jun 2005)
142
143 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
144 initial import of 2.4.31 tree
145
146 *hardened-sources-2.6.11-r14 (14 Jun 2005)
147
148 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
149 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
150 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
151 naming scheme to abide by genpatches
152
153 *hardened-sources-2.6.11-r13 (18 May 2005)
154
155 18 May 2005; John Mylchreest <johnm@gentoo.org>
156 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
157 Managed to mangle the Makefile patch from grsec, to miss out the grsec
158 target. sorry about that. Fixes bug #93022
159
160 *hardened-sources-2.6.11-r12 (17 May 2005)
161
162 17 May 2005; John Mylchreest <johnm@gentoo.org>
163 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
164 +hardened-sources-2.6.11-r12.ebuild:
165 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
166 merges in genpatches-base
167
168 *hardened-sources-2.6.11-r12 (17 May 2005)
169
170 17 May 2005; John Mylchreest <johnm@gentoo.org>
171 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
172 +hardened-sources-2.6.11-r12.ebuild:
173 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
174 merges in genpatches-base
175
176 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
177 -files/2.4.27-cmdline-race.patch,
178 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
179 -files/2.4.28-grsec-binfmt_a.out.patch,
180 -files/2.4.28-grsec-cmdline-race.patch,
181 -files/2.4.28-selinux-binfmt_a.out.patch,
182 -files/2.4.28-selinux-cmdline-race.patch,
183 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
184 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
185 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
186 cleanup..
187
188 *hardened-sources-2.4.30-r1 (21 Apr 2005)
189
190 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
191 - disable aout by default
192
193 *hardened-sources-2.4.30 (18 Apr 2005)
194
195 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
196 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
197 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
198 use
199
200 *hardened-sources-2.4.29 (30 Mar 2005)
201
202 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
203 +hardened-sources-2.4.29.ebuild:
204 New hardened-patches-2.4-29.0 patchball.
205 Removed SELinux support, upgraded GRSecurity to 2.1.4.
206
207 *hardened-sources-2.4.28-r5 (06 Mar 2005)
208
209 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
210 +hardened-sources-2.4.28-r5.ebuild:
211 Added a fix for a PaX vulnerability.
212
213 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
214 hardened-sources-2.4.28-r4.ebuild:
215 Stable on x86
216
217 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
218 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
219 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
220 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
221 - fixed/added RDEPEND= in all kernel-2 ebuilds
222
223 *hardened-sources-2.4.28-r4 (21 Jan 2005)
224
225 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
226 +hardened-sources-2.4.28-r4.ebuild:
227 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
228 backport of neighbour hash updates.
229
230 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
231 hardened-sources-2.4.28-r3.ebuild:
232 Stable on x86
233
234 *hardened-sources-2.6.10-r3 (20 Jan 2005)
235
236 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
237 +hardened-sources-2.6.10-r3.ebuild:
238 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
239 in 2005.0
240
241 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
242 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
243 hardened-sources-2.4.28-r2.ebuild:
244 Mark stable on x86
245
246 *hardened-sources-2.4.28-r3 (17 Jan 2005)
247
248 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
249 +hardened-sources-2.4.28-r3.ebuild:
250 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
251
252 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
253 hardened-sources-2.4.28.ebuild:
254 Mark stable on x86.
255
256 *hardened-sources-2.4.28-r2 (13 Jan 2005)
257
258 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
259 +hardened-sources-2.4.28-r2.ebuild:
260 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
261 Mazinger for grsecurity patches as well.
262
263 *hardened-sources-2.4.28-r1 (23 Dec 2004)
264
265 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
266 Security bump. Thank tocharian for rolling a new patchset...
267
268 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
269 +files/2.4.28-grsec-cmdline-race.patch,
270 +files/2.4.28-selinux-binfmt_a.out.patch,
271 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
272 - Round up remaining security patches that appear to be missing in 2.4.28. -
273 PaX standalone updated to current. hgpv=28.1
274
275 *hardened-sources-2.4.28 (28 Nov 2004)
276
277 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
278 security bump. Thank tocharian for rolling a new patchset
279
280 *hardened-sources-2.4.27-r3 (08 Sep 2004)
281
282 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
283 +hardened-sources-2.4.27-r3.ebuild:
284 Applies the new 2.4-27.2 patchball which updates
285 GRSecurity to the 2.0.1 version.
286
287 *hardened-sources-2.4.27-r2 (31 Aug 2004)
288
289 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
290 +hardened-sources-2.4.27-r2.ebuild:
291 Version bump.
292 This version uses the new 2.4-27.1 patchball which updates
293 both the SELinux PaX hooks patch and the SELinux headers.
294
295 *hardened-sources-2.4.27-r1 (09 Aug 2004)
296
297 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
298 +hardened-sources-2.4.27-r1.ebuild,
299 -hardened-sources-2.4.27.ebuild,
300 +files/2.4.27-cmdline-race.patch:
301 Version bump, fix for cmdline race. See bug #59905.
302
303 *hardened-sources-2.4.26-r6 (09 Aug 2004)
304
305 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
306 +hardened-sources-2.4.26-r6.ebuild,
307 -hardened-sources-2.4.26-r5.ebuild,
308 -hardened-sources-2.4.26-r4.ebuild,
309 +files/2.4.26-cmdline-race.patch:
310 Version bump, fix for cmdline race. See bug #59905.
311
312 *hardened-sources-2.4.27 (08 Aug 2004)
313
314 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
315 +hardened-sources-2.4.27.ebuild,
316 +files/2.4.27-CAN-2004-0394.patch:
317 Ported the patchball to the 2.4.27 kernel version.
318
319 *hardened-sources-2.4.26-r5 (07 Aug 2004)
320
321 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
322 +hardened-sources-2.4.26-r5.ebuild:
323 Updated to use the new hardened-patches-2.4-26.1 patchball.
324 It adds the following features:
325 - Squashfs
326 - Ebtables
327 - Netdev random (core+drivers)
328 - Watchdog Timer (WDT) fix.
329
330 *hardened-sources-2.4.26-r4 (04 Aug 2004)
331
332 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
333 +hardened-sources-2.4.26-r4.ebuild,
334 +files/2.4.26-CAN-2004-0415.patch,
335 -hardened-sources-2.4.26-3:
336 Version bump, fix for CAN 0415, see bug #59378.
337
338 *hardened-sources-2.4.26-r3 (22 Jul 2004)
339
340 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
341 +hardened-sources-2.4.26-r3.ebuild,
342 +files/2.4.26-CAN-2004-0497.patch,
343 -hardened-sources-2.4.26-r2.ebuild:
344 Version bump, fixed CAN 0497, see bug #56171.
345
346 *hardened-sources-2.4.26-r2 (29 Jun 2004)
347
348 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
349 +hardened-sources-2.4.26-r2.ebuild,
350 +files/2.4.26-CAN-2004-0495.patch,
351 +files/2.4.26-CAN-2004-0535.patch,
352 -hardened-sources-2.4.26-r1.ebuild:
353 Fixes for both CAN 0495 and 0535, see bug #54976
354
355 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
356 hardened-sources-2.4.26-r1.ebuild:
357 QA - fix use invocation
358
359 *hardened-sources-2.4.26-r1 (22 June 2004)
360
361 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
362 +hardened-sources-2.4.26-r1.ebuild,
363 +files/2.4.26-CAN-2004-0394.patch,
364 +files/2.4.26-signal-race.patch,
365 -hardened-sources-2.4.26.ebuild,
366 -hardened-sources-2.4.24-r3.ebuild:
367 Version bump for the CAN-2004-0394 issue and bug #53804
368 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
369
370
371 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
372 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
373 Masked hardened-sources-2.4.26.ebuild broken for ppc
374
375 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
376 hardened-sources-2.4.24-r3.ebuild:
377 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
378
379 *hardened-sources-2.4.26 (29 May 2004)
380
381 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
382 +hardened-sources-2.4.26.ebuild:
383 Updated hardened-sources for the 2.4.26 kernel
384 Removed broken components, updated almost everything.
385
386 *hardened-sources-2.4.24-r3 (17 Apr 2004)
387
388 17 Apr 2004; <plasmaroo@gentoo.org>
389 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
390 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
391 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
392 +hardened-sources-2.4.24-r3.ebuild:
393 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
394 vulnerabilities. Old revisions removed.
395
396 *hardened-sources-2.4.24-r2 (15 Apr 2004)
397
398 15 Apr 2004; <plasmaroo@gentoo.org>
399 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
400 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
401 Version bump for the CAN-2004-0109 issue; bug #47881.
402
403 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
404 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
405 Add eutils to inherit.
406
407 *hardened-sources-2.4.24-r1 (19 Feb 2004)
408
409 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
410 files/hardened-sources-2.4.24.munmap.patch:
411 Added the patch for the mremap/munmap vulnerability. Bug #42024.
412
413 *hardened-sources-2.4.24 (06 Feb 2004)
414
415 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
416 hardened-sources-2.4.24.ebuild:
417 Version bump, updated most of the components.
418 This release includes the following:
419
420 - Hardened security
421 - Netfilter patch-o-matic 20031219
422 - FreeSWAN 2.04 & x509 1.4.8
423 - EVMS 2.2.2
424 - XFS 1.3.1
425 - cryptoloop jari
426 - grsecurity 2.0-rc4
427 - SELinux
428 - PaX 200402060000
429 - PaX Obscurity 200308302223
430 - Others...
431
432 Neither -ck nor systrace are included anymore.
433
434 *hardened-sources-2.4.22-r2 (05 Jan 2004)
435
436 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
437 hardened-sources-2.4.22-r2.ebuild:
438 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
439
440 *hardened-sources-2.4.22-r1 (02 Dec 2003)
441
442 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
443 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
444
445 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
446 hardened-sources-2.4.22-r1.ebuild:
447 Version bump for the 'do_brk' vulnerability.
448
449 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
450 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
451 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
452 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
453 Fix the 'do_brk' vulnerability.
454
455 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
456 hardened-sources-2.4.22.ebuild:
457 - Removed the src_install() portion for SELinux flask
458 components. These are no longer handled in the kernel
459 so this code was not necessary.
460
461 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
462 New 2.4.22 based hardened-sources thanks to
463 Phil West <p.west@computer.org>.
464
465 These sources include:
466 - New SELinux API
467 - Updated CK-base
468 - Updated GRSec
469 - Systrace
470 - SuperFreeS/WAN 1.99.8
471 - Propolice kernel build support
472 - EVMS
473 - Other various security related patches
474
475 *hardened-sources-2.4.21 (14 Sep 2003)
476
477 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
478 Updated hardened-sources based on the 2.4.21 Linux kernel.
479 This includes updates to most major components such as:
480 - ck-base-0306300059
481 - selinux-2.4-2003071106
482 - grsecurity-2.0-rc1
483 - Updated IPTables patch-o-matic
484 - Updated SuperFreeS/WAN
485
486 Thanks to Phil West <pwest@computer.org> for his work in getting this
487 updated patch set ready for the 2.4.21 based kernel.
488
489 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
490 Initial import of hardened-sources-2.4.20-r4. This revision
491 includes only a few changes, but one of these is an important
492 security fix. It is recommended all users of hardened-sources
493 upgrade to this release.
494
495 - ioperm bug fix
496 - fixed compilation failure when building without GRSec
497
498 SAL (Secure Auditing for Linux) is NOT included in this revision
499 due to time constraints, but is planned for inclusion in the near
500 future.
501
502 *hardened-sources-2.4.20-r2 (12 Jun 2003)
503
504 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
505 hardened-sources-2.4.20-r3.ebuild:
506 Add Header...
507
508 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
509 hardened-sources-2.4.20-r3.ebuild:
510 Removed warnings from ebuild. This kernel should be safe to
511 use at this point.
512
513 *hardened-sources-2.4.20-r3 (08 Jun 2003)
514
515 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
516 hardened-sources-2.4.20-r3.ebuild:
517 New revision. Includes the following changes over -r2:
518
519 - ck7-base (O(1), preempt, low latency)
520 - Super FreeS/WAN 1.99.7rc2
521 - PaX for the LSM/SELinux branch
522 - GRSecurity 2.0-pre4 (role based access control)
523 - Systrace 1.3
524 - EXT3 fixes
525 - EVMS 2.0.1
526 - GCC 3.1+ compile optimizations
527 - ProPolice kernel build support
528 - Hashing table security fixes
529
530 *hardened-sources-2.4.20-r1 (09 Apr 2003)
531
532 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
533 Initial import of hardened-sources-r2. This new
534 ebuild includes many new performance and security
535 related patches. As in -r1, it will patch in
536 LSM/SELinux if "selinux" is in USE, otherwise it
537 will patch in GRSecurity. The following patches
538 are included in this revision:
539
540 - O(1) Scheduler, Low Latency, and Preempt
541 (pulled from the base CK patch)
542 - ptrace exploit patch for the LSM kernel
543 (the GRSec patch already fixes this)
544 - LSM 2.4-2003040709
545 - SELinux 2.4-2003040709
546 - Systrace v1.2
547 - IPTables patch-o-matic base patches - 20030107
548 - CryptoAPI 2.4.20.1 w/ loop-jari patch
549 - Super FreeS/WAN 1.99.6.1
550 - GRSecurity 1.9.9g
551 - MPPE
552 - EXT3 data journal fix
553 - CIPE 1.5.4
554
555 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
556 hardened-sources-2.4.20-r1.ebuild, manifest:
557 Updated to install flask components correctly for selinux.
558
559 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
560 hardened-sources-2.4.20-r1.ebuild:
561 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
562 is patched in instead. Ptrace patches for selinux have also been added. In
563 either case, systrace support will be patched in as well.
564
565 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
566 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
567 Revision bump for new sources.
568
569 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
570 hardened-sources-2.4.20-r1.ebuild:
571 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
572
573 *hardened-sources-2.4.20 (30 Mar 2003)
574
575 30 Mar 2003; Joshua Brindle <method@gentoo.org>
576 hardened-sources-2.4.20.ebuild:
577 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20