/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.87 - (show annotations) (download)
Fri Apr 14 18:48:29 2006 UTC (8 years, 5 months ago) by johnm
Branch: MAIN
Changes since 1.86: +7 -1 lines
Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
(Portage version: 2.1_pre7-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.86 2006/04/13 09:25:25 johnm Exp $
4
5 *hardened-sources-2.6.14-r7 (14 Apr 2006)
6
7 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
8 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
9 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
10
11 *hardened-sources-2.6.16-r2 (13 Apr 2006)
12
13 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
14 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
15 +hardened-sources-2.6.16-r2.ebuild:
16 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
17 labels, dropping USERGROUP define fixes, since these were merged mainstream.
18
19 *hardened-sources-2.6.16-r1 (11 Apr 2006)
20
21 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
22 +hardened-sources-2.6.16-r1.ebuild:
23 Bumping to include ppc build fix and 2.6.16.3
24
25 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
26 hardened-sources-2.6.14-r6.ebuild:
27 Stable on x86; bug #127718
28
29 *hardened-sources-2.6.16 (31 Mar 2006)
30
31 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
32 +hardened-sources-2.6.16.ebuild:
33 Bumping to new version of grsec, and kernel base. New squashfs. Based on
34 2.6.16.1
35
36 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
37 hardened-sources-2.6.14-r6.ebuild:
38 Stable on amd64, bug 127718.
39
40 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
41 Stable on ppc. Bug #127718
42
43 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
44 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
45 -hardened-sources-2.6.14-r4.ebuild:
46 Cleanup.
47
48 *hardened-sources-2.6.14-r6 (15 Mar 2006)
49
50 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
51 +hardened-sources-2.6.14-r6.ebuild:
52 Fixes grsec policy recreation bug and adds a
53 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
54
55 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
56 - stable on x86
57
58 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
59 hardened-sources-2.6.14-r5.ebuild:
60 Stable on ppc.
61
62 *hardened-sources-2.6.14-r5 (01 Feb 2006)
63
64 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
65 +hardened-sources-2.6.14-r5.ebuild:
66 fixing every known exploit
67
68 *hardened-sources-2.4.32-r2 (26 Jan 2006)
69
70 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
71 +hardened-sources-2.4.32-r2.ebuild:
72 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
73
74 *hardened-sources-2.6.14-r4 (12 Jan 2006)
75
76 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
77 - version bump for new genpatches which fix up a few sec holes
78
79 *hardened-sources-2.4.32-r1 (05 Jan 2006)
80
81 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
82 - revision bump to add misc vital linux kernel security patches.
83
84 *hardened-sources-2.6.14-r3 (30 Dec 2005)
85
86 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
87 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
88 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
89
90 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
91 hardened-sources-2.6.14-r2.ebuild:
92 making x86 & amd64 stable following testing.
93
94 *hardened-sources-2.6.14-r2 (27 Dec 2005)
95
96 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
97 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
98 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
99 network hooks.
100
101 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
102 hardened-sources-2.6.14-r1.ebuild:
103 bumping to stable early for sec fix on x86 & amd64
104
105 *hardened-sources-2.6.14-r1 (05 Dec 2005)
106
107 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
108 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
109 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
110
111 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
112 - stable on x86 security bug #114227 CAN-2005-3257
113
114 *hardened-sources-2.4.32 (19 Nov 2005)
115
116 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
117 +hardened-sources-2.4.32.ebuild:
118 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
119 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
120 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
121 rsbac >> /etc/portage/package.use)
122
123 *hardened-sources-2.6.14 (14 Nov 2005)
124
125 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
126 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
127 Bumping 2.6 series to 2.6.14.2
128
129 *hardened-sources-2.6.13-r2 (20 Oct 2005)
130
131 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
132 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
133 +hardened-sources-2.6.13-r2.ebuild:
134 Fixes minor build error in ppc.
135
136 *hardened-sources-2.6.13-r1 (17 Oct 2005)
137
138 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
139 +hardened-sources-2.6.13-r1.ebuild:
140 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
141 2.6.13.4, fixes some major amd64 stability problems.
142
143 *hardened-sources-2.6.13 (16 Sep 2005)
144
145 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
146 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
147 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
148 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
149 users should test this thoroughly.
150
151 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
152 - stable on x86
153
154 *hardened-sources-2.6.11-r15 (27 Jun 2005)
155
156 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
157 +hardened-sources-2.6.11-r15.ebuild:
158 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
159 grsec redefining curr_ip struct.
160
161 *hardened-sources-2.4.31 (20 Jun 2005)
162
163 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
164 initial import of 2.4.31 tree
165
166 *hardened-sources-2.6.11-r14 (14 Jun 2005)
167
168 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
169 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
170 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
171 naming scheme to abide by genpatches
172
173 *hardened-sources-2.6.11-r13 (18 May 2005)
174
175 18 May 2005; John Mylchreest <johnm@gentoo.org>
176 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
177 Managed to mangle the Makefile patch from grsec, to miss out the grsec
178 target. sorry about that. Fixes bug #93022
179
180 *hardened-sources-2.6.11-r12 (17 May 2005)
181
182 17 May 2005; John Mylchreest <johnm@gentoo.org>
183 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
184 +hardened-sources-2.6.11-r12.ebuild:
185 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
186 merges in genpatches-base
187
188 *hardened-sources-2.6.11-r12 (17 May 2005)
189
190 17 May 2005; John Mylchreest <johnm@gentoo.org>
191 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
192 +hardened-sources-2.6.11-r12.ebuild:
193 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
194 merges in genpatches-base
195
196 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
197 -files/2.4.27-cmdline-race.patch,
198 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
199 -files/2.4.28-grsec-binfmt_a.out.patch,
200 -files/2.4.28-grsec-cmdline-race.patch,
201 -files/2.4.28-selinux-binfmt_a.out.patch,
202 -files/2.4.28-selinux-cmdline-race.patch,
203 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
204 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
205 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
206 cleanup..
207
208 *hardened-sources-2.4.30-r1 (21 Apr 2005)
209
210 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
211 - disable aout by default
212
213 *hardened-sources-2.4.30 (18 Apr 2005)
214
215 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
216 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
217 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
218 use
219
220 *hardened-sources-2.4.29 (30 Mar 2005)
221
222 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
223 +hardened-sources-2.4.29.ebuild:
224 New hardened-patches-2.4-29.0 patchball.
225 Removed SELinux support, upgraded GRSecurity to 2.1.4.
226
227 *hardened-sources-2.4.28-r5 (06 Mar 2005)
228
229 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
230 +hardened-sources-2.4.28-r5.ebuild:
231 Added a fix for a PaX vulnerability.
232
233 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
234 hardened-sources-2.4.28-r4.ebuild:
235 Stable on x86
236
237 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
238 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
239 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
240 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
241 - fixed/added RDEPEND= in all kernel-2 ebuilds
242
243 *hardened-sources-2.4.28-r4 (21 Jan 2005)
244
245 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
246 +hardened-sources-2.4.28-r4.ebuild:
247 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
248 backport of neighbour hash updates.
249
250 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
251 hardened-sources-2.4.28-r3.ebuild:
252 Stable on x86
253
254 *hardened-sources-2.6.10-r3 (20 Jan 2005)
255
256 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
257 +hardened-sources-2.6.10-r3.ebuild:
258 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
259 in 2005.0
260
261 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
262 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
263 hardened-sources-2.4.28-r2.ebuild:
264 Mark stable on x86
265
266 *hardened-sources-2.4.28-r3 (17 Jan 2005)
267
268 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
269 +hardened-sources-2.4.28-r3.ebuild:
270 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
271
272 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
273 hardened-sources-2.4.28.ebuild:
274 Mark stable on x86.
275
276 *hardened-sources-2.4.28-r2 (13 Jan 2005)
277
278 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
279 +hardened-sources-2.4.28-r2.ebuild:
280 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
281 Mazinger for grsecurity patches as well.
282
283 *hardened-sources-2.4.28-r1 (23 Dec 2004)
284
285 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
286 Security bump. Thank tocharian for rolling a new patchset...
287
288 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
289 +files/2.4.28-grsec-cmdline-race.patch,
290 +files/2.4.28-selinux-binfmt_a.out.patch,
291 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
292 - Round up remaining security patches that appear to be missing in 2.4.28. -
293 PaX standalone updated to current. hgpv=28.1
294
295 *hardened-sources-2.4.28 (28 Nov 2004)
296
297 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
298 security bump. Thank tocharian for rolling a new patchset
299
300 *hardened-sources-2.4.27-r3 (08 Sep 2004)
301
302 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
303 +hardened-sources-2.4.27-r3.ebuild:
304 Applies the new 2.4-27.2 patchball which updates
305 GRSecurity to the 2.0.1 version.
306
307 *hardened-sources-2.4.27-r2 (31 Aug 2004)
308
309 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
310 +hardened-sources-2.4.27-r2.ebuild:
311 Version bump.
312 This version uses the new 2.4-27.1 patchball which updates
313 both the SELinux PaX hooks patch and the SELinux headers.
314
315 *hardened-sources-2.4.27-r1 (09 Aug 2004)
316
317 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
318 +hardened-sources-2.4.27-r1.ebuild,
319 -hardened-sources-2.4.27.ebuild,
320 +files/2.4.27-cmdline-race.patch:
321 Version bump, fix for cmdline race. See bug #59905.
322
323 *hardened-sources-2.4.26-r6 (09 Aug 2004)
324
325 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
326 +hardened-sources-2.4.26-r6.ebuild,
327 -hardened-sources-2.4.26-r5.ebuild,
328 -hardened-sources-2.4.26-r4.ebuild,
329 +files/2.4.26-cmdline-race.patch:
330 Version bump, fix for cmdline race. See bug #59905.
331
332 *hardened-sources-2.4.27 (08 Aug 2004)
333
334 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
335 +hardened-sources-2.4.27.ebuild,
336 +files/2.4.27-CAN-2004-0394.patch:
337 Ported the patchball to the 2.4.27 kernel version.
338
339 *hardened-sources-2.4.26-r5 (07 Aug 2004)
340
341 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
342 +hardened-sources-2.4.26-r5.ebuild:
343 Updated to use the new hardened-patches-2.4-26.1 patchball.
344 It adds the following features:
345 - Squashfs
346 - Ebtables
347 - Netdev random (core+drivers)
348 - Watchdog Timer (WDT) fix.
349
350 *hardened-sources-2.4.26-r4 (04 Aug 2004)
351
352 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
353 +hardened-sources-2.4.26-r4.ebuild,
354 +files/2.4.26-CAN-2004-0415.patch,
355 -hardened-sources-2.4.26-3:
356 Version bump, fix for CAN 0415, see bug #59378.
357
358 *hardened-sources-2.4.26-r3 (22 Jul 2004)
359
360 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
361 +hardened-sources-2.4.26-r3.ebuild,
362 +files/2.4.26-CAN-2004-0497.patch,
363 -hardened-sources-2.4.26-r2.ebuild:
364 Version bump, fixed CAN 0497, see bug #56171.
365
366 *hardened-sources-2.4.26-r2 (29 Jun 2004)
367
368 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
369 +hardened-sources-2.4.26-r2.ebuild,
370 +files/2.4.26-CAN-2004-0495.patch,
371 +files/2.4.26-CAN-2004-0535.patch,
372 -hardened-sources-2.4.26-r1.ebuild:
373 Fixes for both CAN 0495 and 0535, see bug #54976
374
375 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
376 hardened-sources-2.4.26-r1.ebuild:
377 QA - fix use invocation
378
379 *hardened-sources-2.4.26-r1 (22 June 2004)
380
381 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
382 +hardened-sources-2.4.26-r1.ebuild,
383 +files/2.4.26-CAN-2004-0394.patch,
384 +files/2.4.26-signal-race.patch,
385 -hardened-sources-2.4.26.ebuild,
386 -hardened-sources-2.4.24-r3.ebuild:
387 Version bump for the CAN-2004-0394 issue and bug #53804
388 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
389
390
391 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
392 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
393 Masked hardened-sources-2.4.26.ebuild broken for ppc
394
395 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
396 hardened-sources-2.4.24-r3.ebuild:
397 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
398
399 *hardened-sources-2.4.26 (29 May 2004)
400
401 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
402 +hardened-sources-2.4.26.ebuild:
403 Updated hardened-sources for the 2.4.26 kernel
404 Removed broken components, updated almost everything.
405
406 *hardened-sources-2.4.24-r3 (17 Apr 2004)
407
408 17 Apr 2004; <plasmaroo@gentoo.org>
409 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
410 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
411 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
412 +hardened-sources-2.4.24-r3.ebuild:
413 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
414 vulnerabilities. Old revisions removed.
415
416 *hardened-sources-2.4.24-r2 (15 Apr 2004)
417
418 15 Apr 2004; <plasmaroo@gentoo.org>
419 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
420 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
421 Version bump for the CAN-2004-0109 issue; bug #47881.
422
423 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
424 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
425 Add eutils to inherit.
426
427 *hardened-sources-2.4.24-r1 (19 Feb 2004)
428
429 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
430 files/hardened-sources-2.4.24.munmap.patch:
431 Added the patch for the mremap/munmap vulnerability. Bug #42024.
432
433 *hardened-sources-2.4.24 (06 Feb 2004)
434
435 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
436 hardened-sources-2.4.24.ebuild:
437 Version bump, updated most of the components.
438 This release includes the following:
439
440 - Hardened security
441 - Netfilter patch-o-matic 20031219
442 - FreeSWAN 2.04 & x509 1.4.8
443 - EVMS 2.2.2
444 - XFS 1.3.1
445 - cryptoloop jari
446 - grsecurity 2.0-rc4
447 - SELinux
448 - PaX 200402060000
449 - PaX Obscurity 200308302223
450 - Others...
451
452 Neither -ck nor systrace are included anymore.
453
454 *hardened-sources-2.4.22-r2 (05 Jan 2004)
455
456 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
457 hardened-sources-2.4.22-r2.ebuild:
458 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
459
460 *hardened-sources-2.4.22-r1 (02 Dec 2003)
461
462 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
463 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
464
465 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
466 hardened-sources-2.4.22-r1.ebuild:
467 Version bump for the 'do_brk' vulnerability.
468
469 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
470 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
471 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
472 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
473 Fix the 'do_brk' vulnerability.
474
475 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
476 hardened-sources-2.4.22.ebuild:
477 - Removed the src_install() portion for SELinux flask
478 components. These are no longer handled in the kernel
479 so this code was not necessary.
480
481 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
482 New 2.4.22 based hardened-sources thanks to
483 Phil West <p.west@computer.org>.
484
485 These sources include:
486 - New SELinux API
487 - Updated CK-base
488 - Updated GRSec
489 - Systrace
490 - SuperFreeS/WAN 1.99.8
491 - Propolice kernel build support
492 - EVMS
493 - Other various security related patches
494
495 *hardened-sources-2.4.21 (14 Sep 2003)
496
497 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
498 Updated hardened-sources based on the 2.4.21 Linux kernel.
499 This includes updates to most major components such as:
500 - ck-base-0306300059
501 - selinux-2.4-2003071106
502 - grsecurity-2.0-rc1
503 - Updated IPTables patch-o-matic
504 - Updated SuperFreeS/WAN
505
506 Thanks to Phil West <pwest@computer.org> for his work in getting this
507 updated patch set ready for the 2.4.21 based kernel.
508
509 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
510 Initial import of hardened-sources-2.4.20-r4. This revision
511 includes only a few changes, but one of these is an important
512 security fix. It is recommended all users of hardened-sources
513 upgrade to this release.
514
515 - ioperm bug fix
516 - fixed compilation failure when building without GRSec
517
518 SAL (Secure Auditing for Linux) is NOT included in this revision
519 due to time constraints, but is planned for inclusion in the near
520 future.
521
522 *hardened-sources-2.4.20-r2 (12 Jun 2003)
523
524 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
525 hardened-sources-2.4.20-r3.ebuild:
526 Add Header...
527
528 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
529 hardened-sources-2.4.20-r3.ebuild:
530 Removed warnings from ebuild. This kernel should be safe to
531 use at this point.
532
533 *hardened-sources-2.4.20-r3 (08 Jun 2003)
534
535 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
536 hardened-sources-2.4.20-r3.ebuild:
537 New revision. Includes the following changes over -r2:
538
539 - ck7-base (O(1), preempt, low latency)
540 - Super FreeS/WAN 1.99.7rc2
541 - PaX for the LSM/SELinux branch
542 - GRSecurity 2.0-pre4 (role based access control)
543 - Systrace 1.3
544 - EXT3 fixes
545 - EVMS 2.0.1
546 - GCC 3.1+ compile optimizations
547 - ProPolice kernel build support
548 - Hashing table security fixes
549
550 *hardened-sources-2.4.20-r1 (09 Apr 2003)
551
552 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
553 Initial import of hardened-sources-r2. This new
554 ebuild includes many new performance and security
555 related patches. As in -r1, it will patch in
556 LSM/SELinux if "selinux" is in USE, otherwise it
557 will patch in GRSecurity. The following patches
558 are included in this revision:
559
560 - O(1) Scheduler, Low Latency, and Preempt
561 (pulled from the base CK patch)
562 - ptrace exploit patch for the LSM kernel
563 (the GRSec patch already fixes this)
564 - LSM 2.4-2003040709
565 - SELinux 2.4-2003040709
566 - Systrace v1.2
567 - IPTables patch-o-matic base patches - 20030107
568 - CryptoAPI 2.4.20.1 w/ loop-jari patch
569 - Super FreeS/WAN 1.99.6.1
570 - GRSecurity 1.9.9g
571 - MPPE
572 - EXT3 data journal fix
573 - CIPE 1.5.4
574
575 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
576 hardened-sources-2.4.20-r1.ebuild, manifest:
577 Updated to install flask components correctly for selinux.
578
579 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
580 hardened-sources-2.4.20-r1.ebuild:
581 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
582 is patched in instead. Ptrace patches for selinux have also been added. In
583 either case, systrace support will be patched in as well.
584
585 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
586 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
587 Revision bump for new sources.
588
589 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
590 hardened-sources-2.4.20-r1.ebuild:
591 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
592
593 *hardened-sources-2.4.20 (30 Mar 2003)
594
595 30 Mar 2003; Joshua Brindle <method@gentoo.org>
596 hardened-sources-2.4.20.ebuild:
597 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20