/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.92 - (show annotations) (download)
Thu Apr 20 21:09:21 2006 UTC (8 years, 4 months ago) by johnm
Branch: MAIN
Changes since 1.91: +7 -1 lines
fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
(Portage version: 2.1_pre9-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.91 2006/04/20 17:50:07 johnm Exp $
4
5 *hardened-sources-2.6.14-r8 (20 Apr 2006)
6
7 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
8 +hardened-sources-2.6.14-r8.ebuild:
9 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
10
11 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
12 Turning on gpg-signing again, and recomitting
13
14 *hardened-sources-2.6.16-r4 (20 Apr 2006)
15
16 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
17 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
18 +hardened-sources-2.6.16-r4.ebuild:
19 Fix numerous security vulns
20
21 *hardened-sources-2.4.32-r3 (16 Apr 2006)
22
23 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
24 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
25 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
26 - security bump for bug #112791. Removed old ebuilds
27
28 *hardened-sources-2.6.16-r3 (15 Apr 2006)
29
30 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
31 +hardened-sources-2.6.16-r3.ebuild:
32 Removing silly localversion which I missed
33
34 *hardened-sources-2.6.14-r7 (14 Apr 2006)
35
36 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
37 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
38 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
39
40 *hardened-sources-2.6.16-r2 (13 Apr 2006)
41
42 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
43 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
44 +hardened-sources-2.6.16-r2.ebuild:
45 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
46 labels, dropping USERGROUP define fixes, since these were merged mainstream.
47
48 *hardened-sources-2.6.16-r1 (11 Apr 2006)
49
50 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
51 +hardened-sources-2.6.16-r1.ebuild:
52 Bumping to include ppc build fix and 2.6.16.3
53
54 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
55 hardened-sources-2.6.14-r6.ebuild:
56 Stable on x86; bug #127718
57
58 *hardened-sources-2.6.16 (31 Mar 2006)
59
60 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
61 +hardened-sources-2.6.16.ebuild:
62 Bumping to new version of grsec, and kernel base. New squashfs. Based on
63 2.6.16.1
64
65 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
66 hardened-sources-2.6.14-r6.ebuild:
67 Stable on amd64, bug 127718.
68
69 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
70 Stable on ppc. Bug #127718
71
72 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
73 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
74 -hardened-sources-2.6.14-r4.ebuild:
75 Cleanup.
76
77 *hardened-sources-2.6.14-r6 (15 Mar 2006)
78
79 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
80 +hardened-sources-2.6.14-r6.ebuild:
81 Fixes grsec policy recreation bug and adds a
82 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
83
84 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
85 - stable on x86
86
87 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
88 hardened-sources-2.6.14-r5.ebuild:
89 Stable on ppc.
90
91 *hardened-sources-2.6.14-r5 (01 Feb 2006)
92
93 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
94 +hardened-sources-2.6.14-r5.ebuild:
95 fixing every known exploit
96
97 *hardened-sources-2.4.32-r2 (26 Jan 2006)
98
99 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
100 +hardened-sources-2.4.32-r2.ebuild:
101 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
102
103 *hardened-sources-2.6.14-r4 (12 Jan 2006)
104
105 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
106 - version bump for new genpatches which fix up a few sec holes
107
108 *hardened-sources-2.4.32-r1 (05 Jan 2006)
109
110 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
111 - revision bump to add misc vital linux kernel security patches.
112
113 *hardened-sources-2.6.14-r3 (30 Dec 2005)
114
115 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
116 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
117 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
118
119 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
120 hardened-sources-2.6.14-r2.ebuild:
121 making x86 & amd64 stable following testing.
122
123 *hardened-sources-2.6.14-r2 (27 Dec 2005)
124
125 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
126 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
127 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
128 network hooks.
129
130 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
131 hardened-sources-2.6.14-r1.ebuild:
132 bumping to stable early for sec fix on x86 & amd64
133
134 *hardened-sources-2.6.14-r1 (05 Dec 2005)
135
136 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
137 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
138 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
139
140 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
141 - stable on x86 security bug #114227 CAN-2005-3257
142
143 *hardened-sources-2.4.32 (19 Nov 2005)
144
145 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
146 +hardened-sources-2.4.32.ebuild:
147 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
148 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
149 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
150 rsbac >> /etc/portage/package.use)
151
152 *hardened-sources-2.6.14 (14 Nov 2005)
153
154 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
155 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
156 Bumping 2.6 series to 2.6.14.2
157
158 *hardened-sources-2.6.13-r2 (20 Oct 2005)
159
160 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
161 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
162 +hardened-sources-2.6.13-r2.ebuild:
163 Fixes minor build error in ppc.
164
165 *hardened-sources-2.6.13-r1 (17 Oct 2005)
166
167 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
168 +hardened-sources-2.6.13-r1.ebuild:
169 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
170 2.6.13.4, fixes some major amd64 stability problems.
171
172 *hardened-sources-2.6.13 (16 Sep 2005)
173
174 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
175 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
176 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
177 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
178 users should test this thoroughly.
179
180 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
181 - stable on x86
182
183 *hardened-sources-2.6.11-r15 (27 Jun 2005)
184
185 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
186 +hardened-sources-2.6.11-r15.ebuild:
187 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
188 grsec redefining curr_ip struct.
189
190 *hardened-sources-2.4.31 (20 Jun 2005)
191
192 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
193 initial import of 2.4.31 tree
194
195 *hardened-sources-2.6.11-r14 (14 Jun 2005)
196
197 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
198 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
199 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
200 naming scheme to abide by genpatches
201
202 *hardened-sources-2.6.11-r13 (18 May 2005)
203
204 18 May 2005; John Mylchreest <johnm@gentoo.org>
205 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
206 Managed to mangle the Makefile patch from grsec, to miss out the grsec
207 target. sorry about that. Fixes bug #93022
208
209 *hardened-sources-2.6.11-r12 (17 May 2005)
210
211 17 May 2005; John Mylchreest <johnm@gentoo.org>
212 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
213 +hardened-sources-2.6.11-r12.ebuild:
214 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
215 merges in genpatches-base
216
217 *hardened-sources-2.6.11-r12 (17 May 2005)
218
219 17 May 2005; John Mylchreest <johnm@gentoo.org>
220 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
221 +hardened-sources-2.6.11-r12.ebuild:
222 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
223 merges in genpatches-base
224
225 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
226 -files/2.4.27-cmdline-race.patch,
227 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
228 -files/2.4.28-grsec-binfmt_a.out.patch,
229 -files/2.4.28-grsec-cmdline-race.patch,
230 -files/2.4.28-selinux-binfmt_a.out.patch,
231 -files/2.4.28-selinux-cmdline-race.patch,
232 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
233 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
234 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
235 cleanup..
236
237 *hardened-sources-2.4.30-r1 (21 Apr 2005)
238
239 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
240 - disable aout by default
241
242 *hardened-sources-2.4.30 (18 Apr 2005)
243
244 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
245 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
246 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
247 use
248
249 *hardened-sources-2.4.29 (30 Mar 2005)
250
251 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
252 +hardened-sources-2.4.29.ebuild:
253 New hardened-patches-2.4-29.0 patchball.
254 Removed SELinux support, upgraded GRSecurity to 2.1.4.
255
256 *hardened-sources-2.4.28-r5 (06 Mar 2005)
257
258 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
259 +hardened-sources-2.4.28-r5.ebuild:
260 Added a fix for a PaX vulnerability.
261
262 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
263 hardened-sources-2.4.28-r4.ebuild:
264 Stable on x86
265
266 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
267 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
268 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
269 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
270 - fixed/added RDEPEND= in all kernel-2 ebuilds
271
272 *hardened-sources-2.4.28-r4 (21 Jan 2005)
273
274 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
275 +hardened-sources-2.4.28-r4.ebuild:
276 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
277 backport of neighbour hash updates.
278
279 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
280 hardened-sources-2.4.28-r3.ebuild:
281 Stable on x86
282
283 *hardened-sources-2.6.10-r3 (20 Jan 2005)
284
285 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
286 +hardened-sources-2.6.10-r3.ebuild:
287 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
288 in 2005.0
289
290 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
291 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
292 hardened-sources-2.4.28-r2.ebuild:
293 Mark stable on x86
294
295 *hardened-sources-2.4.28-r3 (17 Jan 2005)
296
297 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
298 +hardened-sources-2.4.28-r3.ebuild:
299 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
300
301 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
302 hardened-sources-2.4.28.ebuild:
303 Mark stable on x86.
304
305 *hardened-sources-2.4.28-r2 (13 Jan 2005)
306
307 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
308 +hardened-sources-2.4.28-r2.ebuild:
309 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
310 Mazinger for grsecurity patches as well.
311
312 *hardened-sources-2.4.28-r1 (23 Dec 2004)
313
314 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
315 Security bump. Thank tocharian for rolling a new patchset...
316
317 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
318 +files/2.4.28-grsec-cmdline-race.patch,
319 +files/2.4.28-selinux-binfmt_a.out.patch,
320 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
321 - Round up remaining security patches that appear to be missing in 2.4.28. -
322 PaX standalone updated to current. hgpv=28.1
323
324 *hardened-sources-2.4.28 (28 Nov 2004)
325
326 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
327 security bump. Thank tocharian for rolling a new patchset
328
329 *hardened-sources-2.4.27-r3 (08 Sep 2004)
330
331 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
332 +hardened-sources-2.4.27-r3.ebuild:
333 Applies the new 2.4-27.2 patchball which updates
334 GRSecurity to the 2.0.1 version.
335
336 *hardened-sources-2.4.27-r2 (31 Aug 2004)
337
338 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
339 +hardened-sources-2.4.27-r2.ebuild:
340 Version bump.
341 This version uses the new 2.4-27.1 patchball which updates
342 both the SELinux PaX hooks patch and the SELinux headers.
343
344 *hardened-sources-2.4.27-r1 (09 Aug 2004)
345
346 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
347 +hardened-sources-2.4.27-r1.ebuild,
348 -hardened-sources-2.4.27.ebuild,
349 +files/2.4.27-cmdline-race.patch:
350 Version bump, fix for cmdline race. See bug #59905.
351
352 *hardened-sources-2.4.26-r6 (09 Aug 2004)
353
354 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
355 +hardened-sources-2.4.26-r6.ebuild,
356 -hardened-sources-2.4.26-r5.ebuild,
357 -hardened-sources-2.4.26-r4.ebuild,
358 +files/2.4.26-cmdline-race.patch:
359 Version bump, fix for cmdline race. See bug #59905.
360
361 *hardened-sources-2.4.27 (08 Aug 2004)
362
363 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
364 +hardened-sources-2.4.27.ebuild,
365 +files/2.4.27-CAN-2004-0394.patch:
366 Ported the patchball to the 2.4.27 kernel version.
367
368 *hardened-sources-2.4.26-r5 (07 Aug 2004)
369
370 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
371 +hardened-sources-2.4.26-r5.ebuild:
372 Updated to use the new hardened-patches-2.4-26.1 patchball.
373 It adds the following features:
374 - Squashfs
375 - Ebtables
376 - Netdev random (core+drivers)
377 - Watchdog Timer (WDT) fix.
378
379 *hardened-sources-2.4.26-r4 (04 Aug 2004)
380
381 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
382 +hardened-sources-2.4.26-r4.ebuild,
383 +files/2.4.26-CAN-2004-0415.patch,
384 -hardened-sources-2.4.26-3:
385 Version bump, fix for CAN 0415, see bug #59378.
386
387 *hardened-sources-2.4.26-r3 (22 Jul 2004)
388
389 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
390 +hardened-sources-2.4.26-r3.ebuild,
391 +files/2.4.26-CAN-2004-0497.patch,
392 -hardened-sources-2.4.26-r2.ebuild:
393 Version bump, fixed CAN 0497, see bug #56171.
394
395 *hardened-sources-2.4.26-r2 (29 Jun 2004)
396
397 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
398 +hardened-sources-2.4.26-r2.ebuild,
399 +files/2.4.26-CAN-2004-0495.patch,
400 +files/2.4.26-CAN-2004-0535.patch,
401 -hardened-sources-2.4.26-r1.ebuild:
402 Fixes for both CAN 0495 and 0535, see bug #54976
403
404 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
405 hardened-sources-2.4.26-r1.ebuild:
406 QA - fix use invocation
407
408 *hardened-sources-2.4.26-r1 (22 June 2004)
409
410 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
411 +hardened-sources-2.4.26-r1.ebuild,
412 +files/2.4.26-CAN-2004-0394.patch,
413 +files/2.4.26-signal-race.patch,
414 -hardened-sources-2.4.26.ebuild,
415 -hardened-sources-2.4.24-r3.ebuild:
416 Version bump for the CAN-2004-0394 issue and bug #53804
417 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
418
419
420 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
421 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
422 Masked hardened-sources-2.4.26.ebuild broken for ppc
423
424 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
425 hardened-sources-2.4.24-r3.ebuild:
426 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
427
428 *hardened-sources-2.4.26 (29 May 2004)
429
430 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
431 +hardened-sources-2.4.26.ebuild:
432 Updated hardened-sources for the 2.4.26 kernel
433 Removed broken components, updated almost everything.
434
435 *hardened-sources-2.4.24-r3 (17 Apr 2004)
436
437 17 Apr 2004; <plasmaroo@gentoo.org>
438 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
439 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
440 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
441 +hardened-sources-2.4.24-r3.ebuild:
442 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
443 vulnerabilities. Old revisions removed.
444
445 *hardened-sources-2.4.24-r2 (15 Apr 2004)
446
447 15 Apr 2004; <plasmaroo@gentoo.org>
448 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
449 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
450 Version bump for the CAN-2004-0109 issue; bug #47881.
451
452 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
453 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
454 Add eutils to inherit.
455
456 *hardened-sources-2.4.24-r1 (19 Feb 2004)
457
458 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
459 files/hardened-sources-2.4.24.munmap.patch:
460 Added the patch for the mremap/munmap vulnerability. Bug #42024.
461
462 *hardened-sources-2.4.24 (06 Feb 2004)
463
464 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
465 hardened-sources-2.4.24.ebuild:
466 Version bump, updated most of the components.
467 This release includes the following:
468
469 - Hardened security
470 - Netfilter patch-o-matic 20031219
471 - FreeSWAN 2.04 & x509 1.4.8
472 - EVMS 2.2.2
473 - XFS 1.3.1
474 - cryptoloop jari
475 - grsecurity 2.0-rc4
476 - SELinux
477 - PaX 200402060000
478 - PaX Obscurity 200308302223
479 - Others...
480
481 Neither -ck nor systrace are included anymore.
482
483 *hardened-sources-2.4.22-r2 (05 Jan 2004)
484
485 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
486 hardened-sources-2.4.22-r2.ebuild:
487 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
488
489 *hardened-sources-2.4.22-r1 (02 Dec 2003)
490
491 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
492 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
493
494 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
495 hardened-sources-2.4.22-r1.ebuild:
496 Version bump for the 'do_brk' vulnerability.
497
498 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
499 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
500 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
501 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
502 Fix the 'do_brk' vulnerability.
503
504 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
505 hardened-sources-2.4.22.ebuild:
506 - Removed the src_install() portion for SELinux flask
507 components. These are no longer handled in the kernel
508 so this code was not necessary.
509
510 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
511 New 2.4.22 based hardened-sources thanks to
512 Phil West <p.west@computer.org>.
513
514 These sources include:
515 - New SELinux API
516 - Updated CK-base
517 - Updated GRSec
518 - Systrace
519 - SuperFreeS/WAN 1.99.8
520 - Propolice kernel build support
521 - EVMS
522 - Other various security related patches
523
524 *hardened-sources-2.4.21 (14 Sep 2003)
525
526 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
527 Updated hardened-sources based on the 2.4.21 Linux kernel.
528 This includes updates to most major components such as:
529 - ck-base-0306300059
530 - selinux-2.4-2003071106
531 - grsecurity-2.0-rc1
532 - Updated IPTables patch-o-matic
533 - Updated SuperFreeS/WAN
534
535 Thanks to Phil West <pwest@computer.org> for his work in getting this
536 updated patch set ready for the 2.4.21 based kernel.
537
538 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
539 Initial import of hardened-sources-2.4.20-r4. This revision
540 includes only a few changes, but one of these is an important
541 security fix. It is recommended all users of hardened-sources
542 upgrade to this release.
543
544 - ioperm bug fix
545 - fixed compilation failure when building without GRSec
546
547 SAL (Secure Auditing for Linux) is NOT included in this revision
548 due to time constraints, but is planned for inclusion in the near
549 future.
550
551 *hardened-sources-2.4.20-r2 (12 Jun 2003)
552
553 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
554 hardened-sources-2.4.20-r3.ebuild:
555 Add Header...
556
557 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
558 hardened-sources-2.4.20-r3.ebuild:
559 Removed warnings from ebuild. This kernel should be safe to
560 use at this point.
561
562 *hardened-sources-2.4.20-r3 (08 Jun 2003)
563
564 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
565 hardened-sources-2.4.20-r3.ebuild:
566 New revision. Includes the following changes over -r2:
567
568 - ck7-base (O(1), preempt, low latency)
569 - Super FreeS/WAN 1.99.7rc2
570 - PaX for the LSM/SELinux branch
571 - GRSecurity 2.0-pre4 (role based access control)
572 - Systrace 1.3
573 - EXT3 fixes
574 - EVMS 2.0.1
575 - GCC 3.1+ compile optimizations
576 - ProPolice kernel build support
577 - Hashing table security fixes
578
579 *hardened-sources-2.4.20-r1 (09 Apr 2003)
580
581 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
582 Initial import of hardened-sources-r2. This new
583 ebuild includes many new performance and security
584 related patches. As in -r1, it will patch in
585 LSM/SELinux if "selinux" is in USE, otherwise it
586 will patch in GRSecurity. The following patches
587 are included in this revision:
588
589 - O(1) Scheduler, Low Latency, and Preempt
590 (pulled from the base CK patch)
591 - ptrace exploit patch for the LSM kernel
592 (the GRSec patch already fixes this)
593 - LSM 2.4-2003040709
594 - SELinux 2.4-2003040709
595 - Systrace v1.2
596 - IPTables patch-o-matic base patches - 20030107
597 - CryptoAPI 2.4.20.1 w/ loop-jari patch
598 - Super FreeS/WAN 1.99.6.1
599 - GRSecurity 1.9.9g
600 - MPPE
601 - EXT3 data journal fix
602 - CIPE 1.5.4
603
604 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
605 hardened-sources-2.4.20-r1.ebuild, manifest:
606 Updated to install flask components correctly for selinux.
607
608 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
609 hardened-sources-2.4.20-r1.ebuild:
610 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
611 is patched in instead. Ptrace patches for selinux have also been added. In
612 either case, systrace support will be patched in as well.
613
614 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
615 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
616 Revision bump for new sources.
617
618 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
619 hardened-sources-2.4.20-r1.ebuild:
620 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
621
622 *hardened-sources-2.4.20 (30 Mar 2003)
623
624 30 Mar 2003; Joshua Brindle <method@gentoo.org>
625 hardened-sources-2.4.20.ebuild:
626 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20