/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.90 - (show annotations) (download)
Thu Apr 20 17:48:26 2006 UTC (8 years ago) by johnm
Branch: MAIN
Changes since 1.89: +8 -1 lines
Fix numerous security vulns
(Portage version: 2.1_pre9-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.89 2006/04/17 02:37:10 solar Exp $
4
5 *hardened-sources-2.6.16-r4 (20 Apr 2006)
6
7 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
8 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
9 +hardened-sources-2.6.16-r4.ebuild:
10 Fix numerous security vulns
11
12 *hardened-sources-2.4.32-r3 (16 Apr 2006)
13
14 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
15 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
16 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
17 - security bump for bug #112791. Removed old ebuilds
18
19 *hardened-sources-2.6.16-r3 (15 Apr 2006)
20
21 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
22 +hardened-sources-2.6.16-r3.ebuild:
23 Removing silly localversion which I missed
24
25 *hardened-sources-2.6.14-r7 (14 Apr 2006)
26
27 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
28 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
29 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
30
31 *hardened-sources-2.6.16-r2 (13 Apr 2006)
32
33 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
34 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
35 +hardened-sources-2.6.16-r2.ebuild:
36 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
37 labels, dropping USERGROUP define fixes, since these were merged mainstream.
38
39 *hardened-sources-2.6.16-r1 (11 Apr 2006)
40
41 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
42 +hardened-sources-2.6.16-r1.ebuild:
43 Bumping to include ppc build fix and 2.6.16.3
44
45 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
46 hardened-sources-2.6.14-r6.ebuild:
47 Stable on x86; bug #127718
48
49 *hardened-sources-2.6.16 (31 Mar 2006)
50
51 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
52 +hardened-sources-2.6.16.ebuild:
53 Bumping to new version of grsec, and kernel base. New squashfs. Based on
54 2.6.16.1
55
56 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
57 hardened-sources-2.6.14-r6.ebuild:
58 Stable on amd64, bug 127718.
59
60 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
61 Stable on ppc. Bug #127718
62
63 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
64 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
65 -hardened-sources-2.6.14-r4.ebuild:
66 Cleanup.
67
68 *hardened-sources-2.6.14-r6 (15 Mar 2006)
69
70 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
71 +hardened-sources-2.6.14-r6.ebuild:
72 Fixes grsec policy recreation bug and adds a
73 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
74
75 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
76 - stable on x86
77
78 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
79 hardened-sources-2.6.14-r5.ebuild:
80 Stable on ppc.
81
82 *hardened-sources-2.6.14-r5 (01 Feb 2006)
83
84 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
85 +hardened-sources-2.6.14-r5.ebuild:
86 fixing every known exploit
87
88 *hardened-sources-2.4.32-r2 (26 Jan 2006)
89
90 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
91 +hardened-sources-2.4.32-r2.ebuild:
92 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
93
94 *hardened-sources-2.6.14-r4 (12 Jan 2006)
95
96 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
97 - version bump for new genpatches which fix up a few sec holes
98
99 *hardened-sources-2.4.32-r1 (05 Jan 2006)
100
101 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
102 - revision bump to add misc vital linux kernel security patches.
103
104 *hardened-sources-2.6.14-r3 (30 Dec 2005)
105
106 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
107 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
108 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
109
110 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
111 hardened-sources-2.6.14-r2.ebuild:
112 making x86 & amd64 stable following testing.
113
114 *hardened-sources-2.6.14-r2 (27 Dec 2005)
115
116 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
117 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
118 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
119 network hooks.
120
121 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
122 hardened-sources-2.6.14-r1.ebuild:
123 bumping to stable early for sec fix on x86 & amd64
124
125 *hardened-sources-2.6.14-r1 (05 Dec 2005)
126
127 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
128 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
129 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
130
131 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
132 - stable on x86 security bug #114227 CAN-2005-3257
133
134 *hardened-sources-2.4.32 (19 Nov 2005)
135
136 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
137 +hardened-sources-2.4.32.ebuild:
138 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
139 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
140 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
141 rsbac >> /etc/portage/package.use)
142
143 *hardened-sources-2.6.14 (14 Nov 2005)
144
145 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
146 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
147 Bumping 2.6 series to 2.6.14.2
148
149 *hardened-sources-2.6.13-r2 (20 Oct 2005)
150
151 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
152 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
153 +hardened-sources-2.6.13-r2.ebuild:
154 Fixes minor build error in ppc.
155
156 *hardened-sources-2.6.13-r1 (17 Oct 2005)
157
158 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
159 +hardened-sources-2.6.13-r1.ebuild:
160 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
161 2.6.13.4, fixes some major amd64 stability problems.
162
163 *hardened-sources-2.6.13 (16 Sep 2005)
164
165 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
166 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
167 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
168 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
169 users should test this thoroughly.
170
171 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
172 - stable on x86
173
174 *hardened-sources-2.6.11-r15 (27 Jun 2005)
175
176 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
177 +hardened-sources-2.6.11-r15.ebuild:
178 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
179 grsec redefining curr_ip struct.
180
181 *hardened-sources-2.4.31 (20 Jun 2005)
182
183 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
184 initial import of 2.4.31 tree
185
186 *hardened-sources-2.6.11-r14 (14 Jun 2005)
187
188 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
189 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
190 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
191 naming scheme to abide by genpatches
192
193 *hardened-sources-2.6.11-r13 (18 May 2005)
194
195 18 May 2005; John Mylchreest <johnm@gentoo.org>
196 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
197 Managed to mangle the Makefile patch from grsec, to miss out the grsec
198 target. sorry about that. Fixes bug #93022
199
200 *hardened-sources-2.6.11-r12 (17 May 2005)
201
202 17 May 2005; John Mylchreest <johnm@gentoo.org>
203 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
204 +hardened-sources-2.6.11-r12.ebuild:
205 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
206 merges in genpatches-base
207
208 *hardened-sources-2.6.11-r12 (17 May 2005)
209
210 17 May 2005; John Mylchreest <johnm@gentoo.org>
211 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
212 +hardened-sources-2.6.11-r12.ebuild:
213 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
214 merges in genpatches-base
215
216 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
217 -files/2.4.27-cmdline-race.patch,
218 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
219 -files/2.4.28-grsec-binfmt_a.out.patch,
220 -files/2.4.28-grsec-cmdline-race.patch,
221 -files/2.4.28-selinux-binfmt_a.out.patch,
222 -files/2.4.28-selinux-cmdline-race.patch,
223 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
224 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
225 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
226 cleanup..
227
228 *hardened-sources-2.4.30-r1 (21 Apr 2005)
229
230 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
231 - disable aout by default
232
233 *hardened-sources-2.4.30 (18 Apr 2005)
234
235 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
236 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
237 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
238 use
239
240 *hardened-sources-2.4.29 (30 Mar 2005)
241
242 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
243 +hardened-sources-2.4.29.ebuild:
244 New hardened-patches-2.4-29.0 patchball.
245 Removed SELinux support, upgraded GRSecurity to 2.1.4.
246
247 *hardened-sources-2.4.28-r5 (06 Mar 2005)
248
249 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
250 +hardened-sources-2.4.28-r5.ebuild:
251 Added a fix for a PaX vulnerability.
252
253 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
254 hardened-sources-2.4.28-r4.ebuild:
255 Stable on x86
256
257 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
258 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
259 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
260 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
261 - fixed/added RDEPEND= in all kernel-2 ebuilds
262
263 *hardened-sources-2.4.28-r4 (21 Jan 2005)
264
265 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
266 +hardened-sources-2.4.28-r4.ebuild:
267 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
268 backport of neighbour hash updates.
269
270 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
271 hardened-sources-2.4.28-r3.ebuild:
272 Stable on x86
273
274 *hardened-sources-2.6.10-r3 (20 Jan 2005)
275
276 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
277 +hardened-sources-2.6.10-r3.ebuild:
278 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
279 in 2005.0
280
281 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
282 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
283 hardened-sources-2.4.28-r2.ebuild:
284 Mark stable on x86
285
286 *hardened-sources-2.4.28-r3 (17 Jan 2005)
287
288 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
289 +hardened-sources-2.4.28-r3.ebuild:
290 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
291
292 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
293 hardened-sources-2.4.28.ebuild:
294 Mark stable on x86.
295
296 *hardened-sources-2.4.28-r2 (13 Jan 2005)
297
298 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
299 +hardened-sources-2.4.28-r2.ebuild:
300 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
301 Mazinger for grsecurity patches as well.
302
303 *hardened-sources-2.4.28-r1 (23 Dec 2004)
304
305 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
306 Security bump. Thank tocharian for rolling a new patchset...
307
308 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
309 +files/2.4.28-grsec-cmdline-race.patch,
310 +files/2.4.28-selinux-binfmt_a.out.patch,
311 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
312 - Round up remaining security patches that appear to be missing in 2.4.28. -
313 PaX standalone updated to current. hgpv=28.1
314
315 *hardened-sources-2.4.28 (28 Nov 2004)
316
317 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
318 security bump. Thank tocharian for rolling a new patchset
319
320 *hardened-sources-2.4.27-r3 (08 Sep 2004)
321
322 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
323 +hardened-sources-2.4.27-r3.ebuild:
324 Applies the new 2.4-27.2 patchball which updates
325 GRSecurity to the 2.0.1 version.
326
327 *hardened-sources-2.4.27-r2 (31 Aug 2004)
328
329 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
330 +hardened-sources-2.4.27-r2.ebuild:
331 Version bump.
332 This version uses the new 2.4-27.1 patchball which updates
333 both the SELinux PaX hooks patch and the SELinux headers.
334
335 *hardened-sources-2.4.27-r1 (09 Aug 2004)
336
337 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
338 +hardened-sources-2.4.27-r1.ebuild,
339 -hardened-sources-2.4.27.ebuild,
340 +files/2.4.27-cmdline-race.patch:
341 Version bump, fix for cmdline race. See bug #59905.
342
343 *hardened-sources-2.4.26-r6 (09 Aug 2004)
344
345 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
346 +hardened-sources-2.4.26-r6.ebuild,
347 -hardened-sources-2.4.26-r5.ebuild,
348 -hardened-sources-2.4.26-r4.ebuild,
349 +files/2.4.26-cmdline-race.patch:
350 Version bump, fix for cmdline race. See bug #59905.
351
352 *hardened-sources-2.4.27 (08 Aug 2004)
353
354 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
355 +hardened-sources-2.4.27.ebuild,
356 +files/2.4.27-CAN-2004-0394.patch:
357 Ported the patchball to the 2.4.27 kernel version.
358
359 *hardened-sources-2.4.26-r5 (07 Aug 2004)
360
361 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
362 +hardened-sources-2.4.26-r5.ebuild:
363 Updated to use the new hardened-patches-2.4-26.1 patchball.
364 It adds the following features:
365 - Squashfs
366 - Ebtables
367 - Netdev random (core+drivers)
368 - Watchdog Timer (WDT) fix.
369
370 *hardened-sources-2.4.26-r4 (04 Aug 2004)
371
372 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
373 +hardened-sources-2.4.26-r4.ebuild,
374 +files/2.4.26-CAN-2004-0415.patch,
375 -hardened-sources-2.4.26-3:
376 Version bump, fix for CAN 0415, see bug #59378.
377
378 *hardened-sources-2.4.26-r3 (22 Jul 2004)
379
380 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
381 +hardened-sources-2.4.26-r3.ebuild,
382 +files/2.4.26-CAN-2004-0497.patch,
383 -hardened-sources-2.4.26-r2.ebuild:
384 Version bump, fixed CAN 0497, see bug #56171.
385
386 *hardened-sources-2.4.26-r2 (29 Jun 2004)
387
388 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
389 +hardened-sources-2.4.26-r2.ebuild,
390 +files/2.4.26-CAN-2004-0495.patch,
391 +files/2.4.26-CAN-2004-0535.patch,
392 -hardened-sources-2.4.26-r1.ebuild:
393 Fixes for both CAN 0495 and 0535, see bug #54976
394
395 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
396 hardened-sources-2.4.26-r1.ebuild:
397 QA - fix use invocation
398
399 *hardened-sources-2.4.26-r1 (22 June 2004)
400
401 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
402 +hardened-sources-2.4.26-r1.ebuild,
403 +files/2.4.26-CAN-2004-0394.patch,
404 +files/2.4.26-signal-race.patch,
405 -hardened-sources-2.4.26.ebuild,
406 -hardened-sources-2.4.24-r3.ebuild:
407 Version bump for the CAN-2004-0394 issue and bug #53804
408 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
409
410
411 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
412 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
413 Masked hardened-sources-2.4.26.ebuild broken for ppc
414
415 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
416 hardened-sources-2.4.24-r3.ebuild:
417 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
418
419 *hardened-sources-2.4.26 (29 May 2004)
420
421 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
422 +hardened-sources-2.4.26.ebuild:
423 Updated hardened-sources for the 2.4.26 kernel
424 Removed broken components, updated almost everything.
425
426 *hardened-sources-2.4.24-r3 (17 Apr 2004)
427
428 17 Apr 2004; <plasmaroo@gentoo.org>
429 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
430 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
431 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
432 +hardened-sources-2.4.24-r3.ebuild:
433 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
434 vulnerabilities. Old revisions removed.
435
436 *hardened-sources-2.4.24-r2 (15 Apr 2004)
437
438 15 Apr 2004; <plasmaroo@gentoo.org>
439 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
440 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
441 Version bump for the CAN-2004-0109 issue; bug #47881.
442
443 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
444 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
445 Add eutils to inherit.
446
447 *hardened-sources-2.4.24-r1 (19 Feb 2004)
448
449 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
450 files/hardened-sources-2.4.24.munmap.patch:
451 Added the patch for the mremap/munmap vulnerability. Bug #42024.
452
453 *hardened-sources-2.4.24 (06 Feb 2004)
454
455 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
456 hardened-sources-2.4.24.ebuild:
457 Version bump, updated most of the components.
458 This release includes the following:
459
460 - Hardened security
461 - Netfilter patch-o-matic 20031219
462 - FreeSWAN 2.04 & x509 1.4.8
463 - EVMS 2.2.2
464 - XFS 1.3.1
465 - cryptoloop jari
466 - grsecurity 2.0-rc4
467 - SELinux
468 - PaX 200402060000
469 - PaX Obscurity 200308302223
470 - Others...
471
472 Neither -ck nor systrace are included anymore.
473
474 *hardened-sources-2.4.22-r2 (05 Jan 2004)
475
476 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
477 hardened-sources-2.4.22-r2.ebuild:
478 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
479
480 *hardened-sources-2.4.22-r1 (02 Dec 2003)
481
482 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
483 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
484
485 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
486 hardened-sources-2.4.22-r1.ebuild:
487 Version bump for the 'do_brk' vulnerability.
488
489 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
490 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
491 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
492 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
493 Fix the 'do_brk' vulnerability.
494
495 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
496 hardened-sources-2.4.22.ebuild:
497 - Removed the src_install() portion for SELinux flask
498 components. These are no longer handled in the kernel
499 so this code was not necessary.
500
501 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
502 New 2.4.22 based hardened-sources thanks to
503 Phil West <p.west@computer.org>.
504
505 These sources include:
506 - New SELinux API
507 - Updated CK-base
508 - Updated GRSec
509 - Systrace
510 - SuperFreeS/WAN 1.99.8
511 - Propolice kernel build support
512 - EVMS
513 - Other various security related patches
514
515 *hardened-sources-2.4.21 (14 Sep 2003)
516
517 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
518 Updated hardened-sources based on the 2.4.21 Linux kernel.
519 This includes updates to most major components such as:
520 - ck-base-0306300059
521 - selinux-2.4-2003071106
522 - grsecurity-2.0-rc1
523 - Updated IPTables patch-o-matic
524 - Updated SuperFreeS/WAN
525
526 Thanks to Phil West <pwest@computer.org> for his work in getting this
527 updated patch set ready for the 2.4.21 based kernel.
528
529 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
530 Initial import of hardened-sources-2.4.20-r4. This revision
531 includes only a few changes, but one of these is an important
532 security fix. It is recommended all users of hardened-sources
533 upgrade to this release.
534
535 - ioperm bug fix
536 - fixed compilation failure when building without GRSec
537
538 SAL (Secure Auditing for Linux) is NOT included in this revision
539 due to time constraints, but is planned for inclusion in the near
540 future.
541
542 *hardened-sources-2.4.20-r2 (12 Jun 2003)
543
544 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
545 hardened-sources-2.4.20-r3.ebuild:
546 Add Header...
547
548 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
549 hardened-sources-2.4.20-r3.ebuild:
550 Removed warnings from ebuild. This kernel should be safe to
551 use at this point.
552
553 *hardened-sources-2.4.20-r3 (08 Jun 2003)
554
555 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
556 hardened-sources-2.4.20-r3.ebuild:
557 New revision. Includes the following changes over -r2:
558
559 - ck7-base (O(1), preempt, low latency)
560 - Super FreeS/WAN 1.99.7rc2
561 - PaX for the LSM/SELinux branch
562 - GRSecurity 2.0-pre4 (role based access control)
563 - Systrace 1.3
564 - EXT3 fixes
565 - EVMS 2.0.1
566 - GCC 3.1+ compile optimizations
567 - ProPolice kernel build support
568 - Hashing table security fixes
569
570 *hardened-sources-2.4.20-r1 (09 Apr 2003)
571
572 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
573 Initial import of hardened-sources-r2. This new
574 ebuild includes many new performance and security
575 related patches. As in -r1, it will patch in
576 LSM/SELinux if "selinux" is in USE, otherwise it
577 will patch in GRSecurity. The following patches
578 are included in this revision:
579
580 - O(1) Scheduler, Low Latency, and Preempt
581 (pulled from the base CK patch)
582 - ptrace exploit patch for the LSM kernel
583 (the GRSec patch already fixes this)
584 - LSM 2.4-2003040709
585 - SELinux 2.4-2003040709
586 - Systrace v1.2
587 - IPTables patch-o-matic base patches - 20030107
588 - CryptoAPI 2.4.20.1 w/ loop-jari patch
589 - Super FreeS/WAN 1.99.6.1
590 - GRSecurity 1.9.9g
591 - MPPE
592 - EXT3 data journal fix
593 - CIPE 1.5.4
594
595 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
596 hardened-sources-2.4.20-r1.ebuild, manifest:
597 Updated to install flask components correctly for selinux.
598
599 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
600 hardened-sources-2.4.20-r1.ebuild:
601 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
602 is patched in instead. Ptrace patches for selinux have also been added. In
603 either case, systrace support will be patched in as well.
604
605 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
606 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
607 Revision bump for new sources.
608
609 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
610 hardened-sources-2.4.20-r1.ebuild:
611 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
612
613 *hardened-sources-2.4.20 (30 Mar 2003)
614
615 30 Mar 2003; Joshua Brindle <method@gentoo.org>
616 hardened-sources-2.4.20.ebuild:
617 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20