/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.89 - (show annotations) (download)
Mon Apr 17 02:37:10 2006 UTC (8 years, 6 months ago) by solar
Branch: MAIN
Changes since 1.88: +8 -1 lines
- security bump for bug #112791. Removed old ebuilds
(Portage version: 2.0.54)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.88 2006/04/15 16:33:07 johnm Exp $
4
5 *hardened-sources-2.4.32-r3 (16 Apr 2006)
6
7 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
8 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
9 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
10 - security bump for bug #112791. Removed old ebuilds
11
12 *hardened-sources-2.6.16-r3 (15 Apr 2006)
13
14 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
15 +hardened-sources-2.6.16-r3.ebuild:
16 Removing silly localversion which I missed
17
18 *hardened-sources-2.6.14-r7 (14 Apr 2006)
19
20 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
21 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
22 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
23
24 *hardened-sources-2.6.16-r2 (13 Apr 2006)
25
26 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
27 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
28 +hardened-sources-2.6.16-r2.ebuild:
29 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
30 labels, dropping USERGROUP define fixes, since these were merged mainstream.
31
32 *hardened-sources-2.6.16-r1 (11 Apr 2006)
33
34 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
35 +hardened-sources-2.6.16-r1.ebuild:
36 Bumping to include ppc build fix and 2.6.16.3
37
38 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
39 hardened-sources-2.6.14-r6.ebuild:
40 Stable on x86; bug #127718
41
42 *hardened-sources-2.6.16 (31 Mar 2006)
43
44 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
45 +hardened-sources-2.6.16.ebuild:
46 Bumping to new version of grsec, and kernel base. New squashfs. Based on
47 2.6.16.1
48
49 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
50 hardened-sources-2.6.14-r6.ebuild:
51 Stable on amd64, bug 127718.
52
53 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
54 Stable on ppc. Bug #127718
55
56 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
57 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
58 -hardened-sources-2.6.14-r4.ebuild:
59 Cleanup.
60
61 *hardened-sources-2.6.14-r6 (15 Mar 2006)
62
63 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
64 +hardened-sources-2.6.14-r6.ebuild:
65 Fixes grsec policy recreation bug and adds a
66 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
67
68 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
69 - stable on x86
70
71 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
72 hardened-sources-2.6.14-r5.ebuild:
73 Stable on ppc.
74
75 *hardened-sources-2.6.14-r5 (01 Feb 2006)
76
77 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
78 +hardened-sources-2.6.14-r5.ebuild:
79 fixing every known exploit
80
81 *hardened-sources-2.4.32-r2 (26 Jan 2006)
82
83 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
84 +hardened-sources-2.4.32-r2.ebuild:
85 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
86
87 *hardened-sources-2.6.14-r4 (12 Jan 2006)
88
89 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
90 - version bump for new genpatches which fix up a few sec holes
91
92 *hardened-sources-2.4.32-r1 (05 Jan 2006)
93
94 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
95 - revision bump to add misc vital linux kernel security patches.
96
97 *hardened-sources-2.6.14-r3 (30 Dec 2005)
98
99 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
100 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
101 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
102
103 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
104 hardened-sources-2.6.14-r2.ebuild:
105 making x86 & amd64 stable following testing.
106
107 *hardened-sources-2.6.14-r2 (27 Dec 2005)
108
109 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
110 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
111 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
112 network hooks.
113
114 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
115 hardened-sources-2.6.14-r1.ebuild:
116 bumping to stable early for sec fix on x86 & amd64
117
118 *hardened-sources-2.6.14-r1 (05 Dec 2005)
119
120 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
121 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
122 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
123
124 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
125 - stable on x86 security bug #114227 CAN-2005-3257
126
127 *hardened-sources-2.4.32 (19 Nov 2005)
128
129 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
130 +hardened-sources-2.4.32.ebuild:
131 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
132 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
133 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
134 rsbac >> /etc/portage/package.use)
135
136 *hardened-sources-2.6.14 (14 Nov 2005)
137
138 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
139 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
140 Bumping 2.6 series to 2.6.14.2
141
142 *hardened-sources-2.6.13-r2 (20 Oct 2005)
143
144 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
145 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
146 +hardened-sources-2.6.13-r2.ebuild:
147 Fixes minor build error in ppc.
148
149 *hardened-sources-2.6.13-r1 (17 Oct 2005)
150
151 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
152 +hardened-sources-2.6.13-r1.ebuild:
153 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
154 2.6.13.4, fixes some major amd64 stability problems.
155
156 *hardened-sources-2.6.13 (16 Sep 2005)
157
158 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
159 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
160 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
161 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
162 users should test this thoroughly.
163
164 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
165 - stable on x86
166
167 *hardened-sources-2.6.11-r15 (27 Jun 2005)
168
169 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
170 +hardened-sources-2.6.11-r15.ebuild:
171 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
172 grsec redefining curr_ip struct.
173
174 *hardened-sources-2.4.31 (20 Jun 2005)
175
176 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
177 initial import of 2.4.31 tree
178
179 *hardened-sources-2.6.11-r14 (14 Jun 2005)
180
181 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
182 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
183 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
184 naming scheme to abide by genpatches
185
186 *hardened-sources-2.6.11-r13 (18 May 2005)
187
188 18 May 2005; John Mylchreest <johnm@gentoo.org>
189 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
190 Managed to mangle the Makefile patch from grsec, to miss out the grsec
191 target. sorry about that. Fixes bug #93022
192
193 *hardened-sources-2.6.11-r12 (17 May 2005)
194
195 17 May 2005; John Mylchreest <johnm@gentoo.org>
196 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
197 +hardened-sources-2.6.11-r12.ebuild:
198 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
199 merges in genpatches-base
200
201 *hardened-sources-2.6.11-r12 (17 May 2005)
202
203 17 May 2005; John Mylchreest <johnm@gentoo.org>
204 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
205 +hardened-sources-2.6.11-r12.ebuild:
206 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
207 merges in genpatches-base
208
209 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
210 -files/2.4.27-cmdline-race.patch,
211 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
212 -files/2.4.28-grsec-binfmt_a.out.patch,
213 -files/2.4.28-grsec-cmdline-race.patch,
214 -files/2.4.28-selinux-binfmt_a.out.patch,
215 -files/2.4.28-selinux-cmdline-race.patch,
216 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
217 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
218 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
219 cleanup..
220
221 *hardened-sources-2.4.30-r1 (21 Apr 2005)
222
223 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
224 - disable aout by default
225
226 *hardened-sources-2.4.30 (18 Apr 2005)
227
228 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
229 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
230 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
231 use
232
233 *hardened-sources-2.4.29 (30 Mar 2005)
234
235 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
236 +hardened-sources-2.4.29.ebuild:
237 New hardened-patches-2.4-29.0 patchball.
238 Removed SELinux support, upgraded GRSecurity to 2.1.4.
239
240 *hardened-sources-2.4.28-r5 (06 Mar 2005)
241
242 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
243 +hardened-sources-2.4.28-r5.ebuild:
244 Added a fix for a PaX vulnerability.
245
246 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
247 hardened-sources-2.4.28-r4.ebuild:
248 Stable on x86
249
250 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
251 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
252 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
253 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
254 - fixed/added RDEPEND= in all kernel-2 ebuilds
255
256 *hardened-sources-2.4.28-r4 (21 Jan 2005)
257
258 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
259 +hardened-sources-2.4.28-r4.ebuild:
260 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
261 backport of neighbour hash updates.
262
263 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
264 hardened-sources-2.4.28-r3.ebuild:
265 Stable on x86
266
267 *hardened-sources-2.6.10-r3 (20 Jan 2005)
268
269 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
270 +hardened-sources-2.6.10-r3.ebuild:
271 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
272 in 2005.0
273
274 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
275 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
276 hardened-sources-2.4.28-r2.ebuild:
277 Mark stable on x86
278
279 *hardened-sources-2.4.28-r3 (17 Jan 2005)
280
281 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
282 +hardened-sources-2.4.28-r3.ebuild:
283 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
284
285 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
286 hardened-sources-2.4.28.ebuild:
287 Mark stable on x86.
288
289 *hardened-sources-2.4.28-r2 (13 Jan 2005)
290
291 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
292 +hardened-sources-2.4.28-r2.ebuild:
293 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
294 Mazinger for grsecurity patches as well.
295
296 *hardened-sources-2.4.28-r1 (23 Dec 2004)
297
298 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
299 Security bump. Thank tocharian for rolling a new patchset...
300
301 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
302 +files/2.4.28-grsec-cmdline-race.patch,
303 +files/2.4.28-selinux-binfmt_a.out.patch,
304 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
305 - Round up remaining security patches that appear to be missing in 2.4.28. -
306 PaX standalone updated to current. hgpv=28.1
307
308 *hardened-sources-2.4.28 (28 Nov 2004)
309
310 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
311 security bump. Thank tocharian for rolling a new patchset
312
313 *hardened-sources-2.4.27-r3 (08 Sep 2004)
314
315 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
316 +hardened-sources-2.4.27-r3.ebuild:
317 Applies the new 2.4-27.2 patchball which updates
318 GRSecurity to the 2.0.1 version.
319
320 *hardened-sources-2.4.27-r2 (31 Aug 2004)
321
322 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
323 +hardened-sources-2.4.27-r2.ebuild:
324 Version bump.
325 This version uses the new 2.4-27.1 patchball which updates
326 both the SELinux PaX hooks patch and the SELinux headers.
327
328 *hardened-sources-2.4.27-r1 (09 Aug 2004)
329
330 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
331 +hardened-sources-2.4.27-r1.ebuild,
332 -hardened-sources-2.4.27.ebuild,
333 +files/2.4.27-cmdline-race.patch:
334 Version bump, fix for cmdline race. See bug #59905.
335
336 *hardened-sources-2.4.26-r6 (09 Aug 2004)
337
338 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
339 +hardened-sources-2.4.26-r6.ebuild,
340 -hardened-sources-2.4.26-r5.ebuild,
341 -hardened-sources-2.4.26-r4.ebuild,
342 +files/2.4.26-cmdline-race.patch:
343 Version bump, fix for cmdline race. See bug #59905.
344
345 *hardened-sources-2.4.27 (08 Aug 2004)
346
347 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
348 +hardened-sources-2.4.27.ebuild,
349 +files/2.4.27-CAN-2004-0394.patch:
350 Ported the patchball to the 2.4.27 kernel version.
351
352 *hardened-sources-2.4.26-r5 (07 Aug 2004)
353
354 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
355 +hardened-sources-2.4.26-r5.ebuild:
356 Updated to use the new hardened-patches-2.4-26.1 patchball.
357 It adds the following features:
358 - Squashfs
359 - Ebtables
360 - Netdev random (core+drivers)
361 - Watchdog Timer (WDT) fix.
362
363 *hardened-sources-2.4.26-r4 (04 Aug 2004)
364
365 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
366 +hardened-sources-2.4.26-r4.ebuild,
367 +files/2.4.26-CAN-2004-0415.patch,
368 -hardened-sources-2.4.26-3:
369 Version bump, fix for CAN 0415, see bug #59378.
370
371 *hardened-sources-2.4.26-r3 (22 Jul 2004)
372
373 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
374 +hardened-sources-2.4.26-r3.ebuild,
375 +files/2.4.26-CAN-2004-0497.patch,
376 -hardened-sources-2.4.26-r2.ebuild:
377 Version bump, fixed CAN 0497, see bug #56171.
378
379 *hardened-sources-2.4.26-r2 (29 Jun 2004)
380
381 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
382 +hardened-sources-2.4.26-r2.ebuild,
383 +files/2.4.26-CAN-2004-0495.patch,
384 +files/2.4.26-CAN-2004-0535.patch,
385 -hardened-sources-2.4.26-r1.ebuild:
386 Fixes for both CAN 0495 and 0535, see bug #54976
387
388 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
389 hardened-sources-2.4.26-r1.ebuild:
390 QA - fix use invocation
391
392 *hardened-sources-2.4.26-r1 (22 June 2004)
393
394 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
395 +hardened-sources-2.4.26-r1.ebuild,
396 +files/2.4.26-CAN-2004-0394.patch,
397 +files/2.4.26-signal-race.patch,
398 -hardened-sources-2.4.26.ebuild,
399 -hardened-sources-2.4.24-r3.ebuild:
400 Version bump for the CAN-2004-0394 issue and bug #53804
401 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
402
403
404 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
405 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
406 Masked hardened-sources-2.4.26.ebuild broken for ppc
407
408 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
409 hardened-sources-2.4.24-r3.ebuild:
410 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
411
412 *hardened-sources-2.4.26 (29 May 2004)
413
414 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
415 +hardened-sources-2.4.26.ebuild:
416 Updated hardened-sources for the 2.4.26 kernel
417 Removed broken components, updated almost everything.
418
419 *hardened-sources-2.4.24-r3 (17 Apr 2004)
420
421 17 Apr 2004; <plasmaroo@gentoo.org>
422 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
423 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
424 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
425 +hardened-sources-2.4.24-r3.ebuild:
426 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
427 vulnerabilities. Old revisions removed.
428
429 *hardened-sources-2.4.24-r2 (15 Apr 2004)
430
431 15 Apr 2004; <plasmaroo@gentoo.org>
432 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
433 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
434 Version bump for the CAN-2004-0109 issue; bug #47881.
435
436 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
437 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
438 Add eutils to inherit.
439
440 *hardened-sources-2.4.24-r1 (19 Feb 2004)
441
442 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
443 files/hardened-sources-2.4.24.munmap.patch:
444 Added the patch for the mremap/munmap vulnerability. Bug #42024.
445
446 *hardened-sources-2.4.24 (06 Feb 2004)
447
448 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
449 hardened-sources-2.4.24.ebuild:
450 Version bump, updated most of the components.
451 This release includes the following:
452
453 - Hardened security
454 - Netfilter patch-o-matic 20031219
455 - FreeSWAN 2.04 & x509 1.4.8
456 - EVMS 2.2.2
457 - XFS 1.3.1
458 - cryptoloop jari
459 - grsecurity 2.0-rc4
460 - SELinux
461 - PaX 200402060000
462 - PaX Obscurity 200308302223
463 - Others...
464
465 Neither -ck nor systrace are included anymore.
466
467 *hardened-sources-2.4.22-r2 (05 Jan 2004)
468
469 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
470 hardened-sources-2.4.22-r2.ebuild:
471 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
472
473 *hardened-sources-2.4.22-r1 (02 Dec 2003)
474
475 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
476 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
477
478 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
479 hardened-sources-2.4.22-r1.ebuild:
480 Version bump for the 'do_brk' vulnerability.
481
482 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
483 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
484 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
485 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
486 Fix the 'do_brk' vulnerability.
487
488 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
489 hardened-sources-2.4.22.ebuild:
490 - Removed the src_install() portion for SELinux flask
491 components. These are no longer handled in the kernel
492 so this code was not necessary.
493
494 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
495 New 2.4.22 based hardened-sources thanks to
496 Phil West <p.west@computer.org>.
497
498 These sources include:
499 - New SELinux API
500 - Updated CK-base
501 - Updated GRSec
502 - Systrace
503 - SuperFreeS/WAN 1.99.8
504 - Propolice kernel build support
505 - EVMS
506 - Other various security related patches
507
508 *hardened-sources-2.4.21 (14 Sep 2003)
509
510 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
511 Updated hardened-sources based on the 2.4.21 Linux kernel.
512 This includes updates to most major components such as:
513 - ck-base-0306300059
514 - selinux-2.4-2003071106
515 - grsecurity-2.0-rc1
516 - Updated IPTables patch-o-matic
517 - Updated SuperFreeS/WAN
518
519 Thanks to Phil West <pwest@computer.org> for his work in getting this
520 updated patch set ready for the 2.4.21 based kernel.
521
522 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
523 Initial import of hardened-sources-2.4.20-r4. This revision
524 includes only a few changes, but one of these is an important
525 security fix. It is recommended all users of hardened-sources
526 upgrade to this release.
527
528 - ioperm bug fix
529 - fixed compilation failure when building without GRSec
530
531 SAL (Secure Auditing for Linux) is NOT included in this revision
532 due to time constraints, but is planned for inclusion in the near
533 future.
534
535 *hardened-sources-2.4.20-r2 (12 Jun 2003)
536
537 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
538 hardened-sources-2.4.20-r3.ebuild:
539 Add Header...
540
541 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
542 hardened-sources-2.4.20-r3.ebuild:
543 Removed warnings from ebuild. This kernel should be safe to
544 use at this point.
545
546 *hardened-sources-2.4.20-r3 (08 Jun 2003)
547
548 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
549 hardened-sources-2.4.20-r3.ebuild:
550 New revision. Includes the following changes over -r2:
551
552 - ck7-base (O(1), preempt, low latency)
553 - Super FreeS/WAN 1.99.7rc2
554 - PaX for the LSM/SELinux branch
555 - GRSecurity 2.0-pre4 (role based access control)
556 - Systrace 1.3
557 - EXT3 fixes
558 - EVMS 2.0.1
559 - GCC 3.1+ compile optimizations
560 - ProPolice kernel build support
561 - Hashing table security fixes
562
563 *hardened-sources-2.4.20-r1 (09 Apr 2003)
564
565 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
566 Initial import of hardened-sources-r2. This new
567 ebuild includes many new performance and security
568 related patches. As in -r1, it will patch in
569 LSM/SELinux if "selinux" is in USE, otherwise it
570 will patch in GRSecurity. The following patches
571 are included in this revision:
572
573 - O(1) Scheduler, Low Latency, and Preempt
574 (pulled from the base CK patch)
575 - ptrace exploit patch for the LSM kernel
576 (the GRSec patch already fixes this)
577 - LSM 2.4-2003040709
578 - SELinux 2.4-2003040709
579 - Systrace v1.2
580 - IPTables patch-o-matic base patches - 20030107
581 - CryptoAPI 2.4.20.1 w/ loop-jari patch
582 - Super FreeS/WAN 1.99.6.1
583 - GRSecurity 1.9.9g
584 - MPPE
585 - EXT3 data journal fix
586 - CIPE 1.5.4
587
588 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
589 hardened-sources-2.4.20-r1.ebuild, manifest:
590 Updated to install flask components correctly for selinux.
591
592 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
593 hardened-sources-2.4.20-r1.ebuild:
594 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
595 is patched in instead. Ptrace patches for selinux have also been added. In
596 either case, systrace support will be patched in as well.
597
598 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
599 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
600 Revision bump for new sources.
601
602 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
603 hardened-sources-2.4.20-r1.ebuild:
604 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
605
606 *hardened-sources-2.4.20 (30 Mar 2003)
607
608 30 Mar 2003; Joshua Brindle <method@gentoo.org>
609 hardened-sources-2.4.20.ebuild:
610 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20