/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.86 - (show annotations) (download)
Thu Apr 13 09:25:25 2006 UTC (8 years, 3 months ago) by johnm
Branch: MAIN
Changes since 1.85: +9 -1 lines
2.6.16-r2 release.
(Portage version: 2.1_pre7-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.85 2006/04/11 13:49:50 johnm Exp $
4
5 *hardened-sources-2.6.16-r2 (13 Apr 2006)
6
7 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
8 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
9 +hardened-sources-2.6.16-r2.ebuild:
10 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
11 labels, dropping USERGROUP define fixes, since these were merged mainstream.
12
13 *hardened-sources-2.6.16-r1 (11 Apr 2006)
14
15 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
16 +hardened-sources-2.6.16-r1.ebuild:
17 Bumping to include ppc build fix and 2.6.16.3
18
19 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
20 hardened-sources-2.6.14-r6.ebuild:
21 Stable on x86; bug #127718
22
23 *hardened-sources-2.6.16 (31 Mar 2006)
24
25 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
26 +hardened-sources-2.6.16.ebuild:
27 Bumping to new version of grsec, and kernel base. New squashfs. Based on
28 2.6.16.1
29
30 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
31 hardened-sources-2.6.14-r6.ebuild:
32 Stable on amd64, bug 127718.
33
34 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
35 Stable on ppc. Bug #127718
36
37 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
38 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
39 -hardened-sources-2.6.14-r4.ebuild:
40 Cleanup.
41
42 *hardened-sources-2.6.14-r6 (15 Mar 2006)
43
44 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
45 +hardened-sources-2.6.14-r6.ebuild:
46 Fixes grsec policy recreation bug and adds a
47 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
48
49 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
50 - stable on x86
51
52 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
53 hardened-sources-2.6.14-r5.ebuild:
54 Stable on ppc.
55
56 *hardened-sources-2.6.14-r5 (01 Feb 2006)
57
58 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
59 +hardened-sources-2.6.14-r5.ebuild:
60 fixing every known exploit
61
62 *hardened-sources-2.4.32-r2 (26 Jan 2006)
63
64 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
65 +hardened-sources-2.4.32-r2.ebuild:
66 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
67
68 *hardened-sources-2.6.14-r4 (12 Jan 2006)
69
70 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
71 - version bump for new genpatches which fix up a few sec holes
72
73 *hardened-sources-2.4.32-r1 (05 Jan 2006)
74
75 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
76 - revision bump to add misc vital linux kernel security patches.
77
78 *hardened-sources-2.6.14-r3 (30 Dec 2005)
79
80 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
81 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
82 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
83
84 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
85 hardened-sources-2.6.14-r2.ebuild:
86 making x86 & amd64 stable following testing.
87
88 *hardened-sources-2.6.14-r2 (27 Dec 2005)
89
90 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
91 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
92 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
93 network hooks.
94
95 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
96 hardened-sources-2.6.14-r1.ebuild:
97 bumping to stable early for sec fix on x86 & amd64
98
99 *hardened-sources-2.6.14-r1 (05 Dec 2005)
100
101 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
102 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
103 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
104
105 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
106 - stable on x86 security bug #114227 CAN-2005-3257
107
108 *hardened-sources-2.4.32 (19 Nov 2005)
109
110 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
111 +hardened-sources-2.4.32.ebuild:
112 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
113 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
114 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
115 rsbac >> /etc/portage/package.use)
116
117 *hardened-sources-2.6.14 (14 Nov 2005)
118
119 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
120 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
121 Bumping 2.6 series to 2.6.14.2
122
123 *hardened-sources-2.6.13-r2 (20 Oct 2005)
124
125 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
126 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
127 +hardened-sources-2.6.13-r2.ebuild:
128 Fixes minor build error in ppc.
129
130 *hardened-sources-2.6.13-r1 (17 Oct 2005)
131
132 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
133 +hardened-sources-2.6.13-r1.ebuild:
134 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
135 2.6.13.4, fixes some major amd64 stability problems.
136
137 *hardened-sources-2.6.13 (16 Sep 2005)
138
139 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
140 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
141 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
142 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
143 users should test this thoroughly.
144
145 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
146 - stable on x86
147
148 *hardened-sources-2.6.11-r15 (27 Jun 2005)
149
150 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
151 +hardened-sources-2.6.11-r15.ebuild:
152 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
153 grsec redefining curr_ip struct.
154
155 *hardened-sources-2.4.31 (20 Jun 2005)
156
157 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
158 initial import of 2.4.31 tree
159
160 *hardened-sources-2.6.11-r14 (14 Jun 2005)
161
162 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
163 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
164 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
165 naming scheme to abide by genpatches
166
167 *hardened-sources-2.6.11-r13 (18 May 2005)
168
169 18 May 2005; John Mylchreest <johnm@gentoo.org>
170 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
171 Managed to mangle the Makefile patch from grsec, to miss out the grsec
172 target. sorry about that. Fixes bug #93022
173
174 *hardened-sources-2.6.11-r12 (17 May 2005)
175
176 17 May 2005; John Mylchreest <johnm@gentoo.org>
177 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
178 +hardened-sources-2.6.11-r12.ebuild:
179 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
180 merges in genpatches-base
181
182 *hardened-sources-2.6.11-r12 (17 May 2005)
183
184 17 May 2005; John Mylchreest <johnm@gentoo.org>
185 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
186 +hardened-sources-2.6.11-r12.ebuild:
187 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
188 merges in genpatches-base
189
190 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
191 -files/2.4.27-cmdline-race.patch,
192 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
193 -files/2.4.28-grsec-binfmt_a.out.patch,
194 -files/2.4.28-grsec-cmdline-race.patch,
195 -files/2.4.28-selinux-binfmt_a.out.patch,
196 -files/2.4.28-selinux-cmdline-race.patch,
197 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
198 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
199 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
200 cleanup..
201
202 *hardened-sources-2.4.30-r1 (21 Apr 2005)
203
204 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
205 - disable aout by default
206
207 *hardened-sources-2.4.30 (18 Apr 2005)
208
209 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
210 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
211 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
212 use
213
214 *hardened-sources-2.4.29 (30 Mar 2005)
215
216 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
217 +hardened-sources-2.4.29.ebuild:
218 New hardened-patches-2.4-29.0 patchball.
219 Removed SELinux support, upgraded GRSecurity to 2.1.4.
220
221 *hardened-sources-2.4.28-r5 (06 Mar 2005)
222
223 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
224 +hardened-sources-2.4.28-r5.ebuild:
225 Added a fix for a PaX vulnerability.
226
227 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
228 hardened-sources-2.4.28-r4.ebuild:
229 Stable on x86
230
231 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
232 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
233 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
234 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
235 - fixed/added RDEPEND= in all kernel-2 ebuilds
236
237 *hardened-sources-2.4.28-r4 (21 Jan 2005)
238
239 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
240 +hardened-sources-2.4.28-r4.ebuild:
241 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
242 backport of neighbour hash updates.
243
244 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
245 hardened-sources-2.4.28-r3.ebuild:
246 Stable on x86
247
248 *hardened-sources-2.6.10-r3 (20 Jan 2005)
249
250 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
251 +hardened-sources-2.6.10-r3.ebuild:
252 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
253 in 2005.0
254
255 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
256 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
257 hardened-sources-2.4.28-r2.ebuild:
258 Mark stable on x86
259
260 *hardened-sources-2.4.28-r3 (17 Jan 2005)
261
262 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
263 +hardened-sources-2.4.28-r3.ebuild:
264 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
265
266 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
267 hardened-sources-2.4.28.ebuild:
268 Mark stable on x86.
269
270 *hardened-sources-2.4.28-r2 (13 Jan 2005)
271
272 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
273 +hardened-sources-2.4.28-r2.ebuild:
274 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
275 Mazinger for grsecurity patches as well.
276
277 *hardened-sources-2.4.28-r1 (23 Dec 2004)
278
279 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
280 Security bump. Thank tocharian for rolling a new patchset...
281
282 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
283 +files/2.4.28-grsec-cmdline-race.patch,
284 +files/2.4.28-selinux-binfmt_a.out.patch,
285 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
286 - Round up remaining security patches that appear to be missing in 2.4.28. -
287 PaX standalone updated to current. hgpv=28.1
288
289 *hardened-sources-2.4.28 (28 Nov 2004)
290
291 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
292 security bump. Thank tocharian for rolling a new patchset
293
294 *hardened-sources-2.4.27-r3 (08 Sep 2004)
295
296 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
297 +hardened-sources-2.4.27-r3.ebuild:
298 Applies the new 2.4-27.2 patchball which updates
299 GRSecurity to the 2.0.1 version.
300
301 *hardened-sources-2.4.27-r2 (31 Aug 2004)
302
303 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
304 +hardened-sources-2.4.27-r2.ebuild:
305 Version bump.
306 This version uses the new 2.4-27.1 patchball which updates
307 both the SELinux PaX hooks patch and the SELinux headers.
308
309 *hardened-sources-2.4.27-r1 (09 Aug 2004)
310
311 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
312 +hardened-sources-2.4.27-r1.ebuild,
313 -hardened-sources-2.4.27.ebuild,
314 +files/2.4.27-cmdline-race.patch:
315 Version bump, fix for cmdline race. See bug #59905.
316
317 *hardened-sources-2.4.26-r6 (09 Aug 2004)
318
319 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
320 +hardened-sources-2.4.26-r6.ebuild,
321 -hardened-sources-2.4.26-r5.ebuild,
322 -hardened-sources-2.4.26-r4.ebuild,
323 +files/2.4.26-cmdline-race.patch:
324 Version bump, fix for cmdline race. See bug #59905.
325
326 *hardened-sources-2.4.27 (08 Aug 2004)
327
328 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
329 +hardened-sources-2.4.27.ebuild,
330 +files/2.4.27-CAN-2004-0394.patch:
331 Ported the patchball to the 2.4.27 kernel version.
332
333 *hardened-sources-2.4.26-r5 (07 Aug 2004)
334
335 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
336 +hardened-sources-2.4.26-r5.ebuild:
337 Updated to use the new hardened-patches-2.4-26.1 patchball.
338 It adds the following features:
339 - Squashfs
340 - Ebtables
341 - Netdev random (core+drivers)
342 - Watchdog Timer (WDT) fix.
343
344 *hardened-sources-2.4.26-r4 (04 Aug 2004)
345
346 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
347 +hardened-sources-2.4.26-r4.ebuild,
348 +files/2.4.26-CAN-2004-0415.patch,
349 -hardened-sources-2.4.26-3:
350 Version bump, fix for CAN 0415, see bug #59378.
351
352 *hardened-sources-2.4.26-r3 (22 Jul 2004)
353
354 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
355 +hardened-sources-2.4.26-r3.ebuild,
356 +files/2.4.26-CAN-2004-0497.patch,
357 -hardened-sources-2.4.26-r2.ebuild:
358 Version bump, fixed CAN 0497, see bug #56171.
359
360 *hardened-sources-2.4.26-r2 (29 Jun 2004)
361
362 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
363 +hardened-sources-2.4.26-r2.ebuild,
364 +files/2.4.26-CAN-2004-0495.patch,
365 +files/2.4.26-CAN-2004-0535.patch,
366 -hardened-sources-2.4.26-r1.ebuild:
367 Fixes for both CAN 0495 and 0535, see bug #54976
368
369 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
370 hardened-sources-2.4.26-r1.ebuild:
371 QA - fix use invocation
372
373 *hardened-sources-2.4.26-r1 (22 June 2004)
374
375 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
376 +hardened-sources-2.4.26-r1.ebuild,
377 +files/2.4.26-CAN-2004-0394.patch,
378 +files/2.4.26-signal-race.patch,
379 -hardened-sources-2.4.26.ebuild,
380 -hardened-sources-2.4.24-r3.ebuild:
381 Version bump for the CAN-2004-0394 issue and bug #53804
382 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
383
384
385 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
386 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
387 Masked hardened-sources-2.4.26.ebuild broken for ppc
388
389 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
390 hardened-sources-2.4.24-r3.ebuild:
391 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
392
393 *hardened-sources-2.4.26 (29 May 2004)
394
395 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
396 +hardened-sources-2.4.26.ebuild:
397 Updated hardened-sources for the 2.4.26 kernel
398 Removed broken components, updated almost everything.
399
400 *hardened-sources-2.4.24-r3 (17 Apr 2004)
401
402 17 Apr 2004; <plasmaroo@gentoo.org>
403 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
404 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
405 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
406 +hardened-sources-2.4.24-r3.ebuild:
407 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
408 vulnerabilities. Old revisions removed.
409
410 *hardened-sources-2.4.24-r2 (15 Apr 2004)
411
412 15 Apr 2004; <plasmaroo@gentoo.org>
413 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
414 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
415 Version bump for the CAN-2004-0109 issue; bug #47881.
416
417 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
418 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
419 Add eutils to inherit.
420
421 *hardened-sources-2.4.24-r1 (19 Feb 2004)
422
423 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
424 files/hardened-sources-2.4.24.munmap.patch:
425 Added the patch for the mremap/munmap vulnerability. Bug #42024.
426
427 *hardened-sources-2.4.24 (06 Feb 2004)
428
429 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
430 hardened-sources-2.4.24.ebuild:
431 Version bump, updated most of the components.
432 This release includes the following:
433
434 - Hardened security
435 - Netfilter patch-o-matic 20031219
436 - FreeSWAN 2.04 & x509 1.4.8
437 - EVMS 2.2.2
438 - XFS 1.3.1
439 - cryptoloop jari
440 - grsecurity 2.0-rc4
441 - SELinux
442 - PaX 200402060000
443 - PaX Obscurity 200308302223
444 - Others...
445
446 Neither -ck nor systrace are included anymore.
447
448 *hardened-sources-2.4.22-r2 (05 Jan 2004)
449
450 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
451 hardened-sources-2.4.22-r2.ebuild:
452 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
453
454 *hardened-sources-2.4.22-r1 (02 Dec 2003)
455
456 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
457 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
458
459 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
460 hardened-sources-2.4.22-r1.ebuild:
461 Version bump for the 'do_brk' vulnerability.
462
463 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
464 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
465 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
466 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
467 Fix the 'do_brk' vulnerability.
468
469 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
470 hardened-sources-2.4.22.ebuild:
471 - Removed the src_install() portion for SELinux flask
472 components. These are no longer handled in the kernel
473 so this code was not necessary.
474
475 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
476 New 2.4.22 based hardened-sources thanks to
477 Phil West <p.west@computer.org>.
478
479 These sources include:
480 - New SELinux API
481 - Updated CK-base
482 - Updated GRSec
483 - Systrace
484 - SuperFreeS/WAN 1.99.8
485 - Propolice kernel build support
486 - EVMS
487 - Other various security related patches
488
489 *hardened-sources-2.4.21 (14 Sep 2003)
490
491 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
492 Updated hardened-sources based on the 2.4.21 Linux kernel.
493 This includes updates to most major components such as:
494 - ck-base-0306300059
495 - selinux-2.4-2003071106
496 - grsecurity-2.0-rc1
497 - Updated IPTables patch-o-matic
498 - Updated SuperFreeS/WAN
499
500 Thanks to Phil West <pwest@computer.org> for his work in getting this
501 updated patch set ready for the 2.4.21 based kernel.
502
503 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
504 Initial import of hardened-sources-2.4.20-r4. This revision
505 includes only a few changes, but one of these is an important
506 security fix. It is recommended all users of hardened-sources
507 upgrade to this release.
508
509 - ioperm bug fix
510 - fixed compilation failure when building without GRSec
511
512 SAL (Secure Auditing for Linux) is NOT included in this revision
513 due to time constraints, but is planned for inclusion in the near
514 future.
515
516 *hardened-sources-2.4.20-r2 (12 Jun 2003)
517
518 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
519 hardened-sources-2.4.20-r3.ebuild:
520 Add Header...
521
522 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
523 hardened-sources-2.4.20-r3.ebuild:
524 Removed warnings from ebuild. This kernel should be safe to
525 use at this point.
526
527 *hardened-sources-2.4.20-r3 (08 Jun 2003)
528
529 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
530 hardened-sources-2.4.20-r3.ebuild:
531 New revision. Includes the following changes over -r2:
532
533 - ck7-base (O(1), preempt, low latency)
534 - Super FreeS/WAN 1.99.7rc2
535 - PaX for the LSM/SELinux branch
536 - GRSecurity 2.0-pre4 (role based access control)
537 - Systrace 1.3
538 - EXT3 fixes
539 - EVMS 2.0.1
540 - GCC 3.1+ compile optimizations
541 - ProPolice kernel build support
542 - Hashing table security fixes
543
544 *hardened-sources-2.4.20-r1 (09 Apr 2003)
545
546 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
547 Initial import of hardened-sources-r2. This new
548 ebuild includes many new performance and security
549 related patches. As in -r1, it will patch in
550 LSM/SELinux if "selinux" is in USE, otherwise it
551 will patch in GRSecurity. The following patches
552 are included in this revision:
553
554 - O(1) Scheduler, Low Latency, and Preempt
555 (pulled from the base CK patch)
556 - ptrace exploit patch for the LSM kernel
557 (the GRSec patch already fixes this)
558 - LSM 2.4-2003040709
559 - SELinux 2.4-2003040709
560 - Systrace v1.2
561 - IPTables patch-o-matic base patches - 20030107
562 - CryptoAPI 2.4.20.1 w/ loop-jari patch
563 - Super FreeS/WAN 1.99.6.1
564 - GRSecurity 1.9.9g
565 - MPPE
566 - EXT3 data journal fix
567 - CIPE 1.5.4
568
569 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
570 hardened-sources-2.4.20-r1.ebuild, manifest:
571 Updated to install flask components correctly for selinux.
572
573 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
574 hardened-sources-2.4.20-r1.ebuild:
575 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
576 is patched in instead. Ptrace patches for selinux have also been added. In
577 either case, systrace support will be patched in as well.
578
579 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
580 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
581 Revision bump for new sources.
582
583 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
584 hardened-sources-2.4.20-r1.ebuild:
585 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
586
587 *hardened-sources-2.4.20 (30 Mar 2003)
588
589 30 Mar 2003; Joshua Brindle <method@gentoo.org>
590 hardened-sources-2.4.20.ebuild:
591 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20