/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.95 - (show annotations) (download)
Thu Apr 27 14:52:28 2006 UTC (8 years, 7 months ago) by johnm
Branch: MAIN
Changes since 1.94: +9 -1 lines
stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 & cleanup of old uneccessary sources
(Portage version: 2.1_pre9-r4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.94 2006/04/27 09:03:52 antarus Exp $
4
5 27 Apr 2006; Alec Warner <antarus@gentoo.org>
6 files/digest-hardened-sources-2.4.32-r2,
7 files/digest-hardened-sources-2.4.32-r3,
8 files/digest-hardened-sources-2.6.14-r8, Manifest:
9 Fixing duff SHA256 digests: Bug # 131293
10
11 *hardened-sources-2.6.16-r5 (27 Apr 2006)
12
13 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
14 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
15 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
16 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
17 cleanup of old uneccessary sources
18
19 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
20 fix digest
21
22 *hardened-sources-2.6.14-r8 (20 Apr 2006)
23
24 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
25 +hardened-sources-2.6.14-r8.ebuild:
26 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
27
28 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
29 Turning on gpg-signing again, and recomitting
30
31 *hardened-sources-2.6.16-r4 (20 Apr 2006)
32
33 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
34 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
35 +hardened-sources-2.6.16-r4.ebuild:
36 Fix numerous security vulns
37
38 *hardened-sources-2.4.32-r3 (16 Apr 2006)
39
40 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
41 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
42 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
43 - security bump for bug #112791. Removed old ebuilds
44
45 *hardened-sources-2.6.16-r3 (15 Apr 2006)
46
47 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
48 +hardened-sources-2.6.16-r3.ebuild:
49 Removing silly localversion which I missed
50
51 *hardened-sources-2.6.14-r7 (14 Apr 2006)
52
53 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
54 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
55 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
56
57 *hardened-sources-2.6.16-r2 (13 Apr 2006)
58
59 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
60 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
61 +hardened-sources-2.6.16-r2.ebuild:
62 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
63 labels, dropping USERGROUP define fixes, since these were merged mainstream.
64
65 *hardened-sources-2.6.16-r1 (11 Apr 2006)
66
67 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
68 +hardened-sources-2.6.16-r1.ebuild:
69 Bumping to include ppc build fix and 2.6.16.3
70
71 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
72 hardened-sources-2.6.14-r6.ebuild:
73 Stable on x86; bug #127718
74
75 *hardened-sources-2.6.16 (31 Mar 2006)
76
77 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
78 +hardened-sources-2.6.16.ebuild:
79 Bumping to new version of grsec, and kernel base. New squashfs. Based on
80 2.6.16.1
81
82 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
83 hardened-sources-2.6.14-r6.ebuild:
84 Stable on amd64, bug 127718.
85
86 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
87 Stable on ppc. Bug #127718
88
89 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
90 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
91 -hardened-sources-2.6.14-r4.ebuild:
92 Cleanup.
93
94 *hardened-sources-2.6.14-r6 (15 Mar 2006)
95
96 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
97 +hardened-sources-2.6.14-r6.ebuild:
98 Fixes grsec policy recreation bug and adds a
99 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
100
101 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
102 - stable on x86
103
104 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
105 hardened-sources-2.6.14-r5.ebuild:
106 Stable on ppc.
107
108 *hardened-sources-2.6.14-r5 (01 Feb 2006)
109
110 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
111 +hardened-sources-2.6.14-r5.ebuild:
112 fixing every known exploit
113
114 *hardened-sources-2.4.32-r2 (26 Jan 2006)
115
116 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
117 +hardened-sources-2.4.32-r2.ebuild:
118 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
119
120 *hardened-sources-2.6.14-r4 (12 Jan 2006)
121
122 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
123 - version bump for new genpatches which fix up a few sec holes
124
125 *hardened-sources-2.4.32-r1 (05 Jan 2006)
126
127 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
128 - revision bump to add misc vital linux kernel security patches.
129
130 *hardened-sources-2.6.14-r3 (30 Dec 2005)
131
132 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
133 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
134 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
135
136 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
137 hardened-sources-2.6.14-r2.ebuild:
138 making x86 & amd64 stable following testing.
139
140 *hardened-sources-2.6.14-r2 (27 Dec 2005)
141
142 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
143 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
144 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
145 network hooks.
146
147 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
148 hardened-sources-2.6.14-r1.ebuild:
149 bumping to stable early for sec fix on x86 & amd64
150
151 *hardened-sources-2.6.14-r1 (05 Dec 2005)
152
153 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
154 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
155 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
156
157 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
158 - stable on x86 security bug #114227 CAN-2005-3257
159
160 *hardened-sources-2.4.32 (19 Nov 2005)
161
162 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
163 +hardened-sources-2.4.32.ebuild:
164 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
165 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
166 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
167 rsbac >> /etc/portage/package.use)
168
169 *hardened-sources-2.6.14 (14 Nov 2005)
170
171 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
172 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
173 Bumping 2.6 series to 2.6.14.2
174
175 *hardened-sources-2.6.13-r2 (20 Oct 2005)
176
177 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
178 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
179 +hardened-sources-2.6.13-r2.ebuild:
180 Fixes minor build error in ppc.
181
182 *hardened-sources-2.6.13-r1 (17 Oct 2005)
183
184 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
185 +hardened-sources-2.6.13-r1.ebuild:
186 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
187 2.6.13.4, fixes some major amd64 stability problems.
188
189 *hardened-sources-2.6.13 (16 Sep 2005)
190
191 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
192 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
193 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
194 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
195 users should test this thoroughly.
196
197 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
198 - stable on x86
199
200 *hardened-sources-2.6.11-r15 (27 Jun 2005)
201
202 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
203 +hardened-sources-2.6.11-r15.ebuild:
204 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
205 grsec redefining curr_ip struct.
206
207 *hardened-sources-2.4.31 (20 Jun 2005)
208
209 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
210 initial import of 2.4.31 tree
211
212 *hardened-sources-2.6.11-r14 (14 Jun 2005)
213
214 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
215 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
216 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
217 naming scheme to abide by genpatches
218
219 *hardened-sources-2.6.11-r13 (18 May 2005)
220
221 18 May 2005; John Mylchreest <johnm@gentoo.org>
222 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
223 Managed to mangle the Makefile patch from grsec, to miss out the grsec
224 target. sorry about that. Fixes bug #93022
225
226 *hardened-sources-2.6.11-r12 (17 May 2005)
227
228 17 May 2005; John Mylchreest <johnm@gentoo.org>
229 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
230 +hardened-sources-2.6.11-r12.ebuild:
231 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
232 merges in genpatches-base
233
234 *hardened-sources-2.6.11-r12 (17 May 2005)
235
236 17 May 2005; John Mylchreest <johnm@gentoo.org>
237 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
238 +hardened-sources-2.6.11-r12.ebuild:
239 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
240 merges in genpatches-base
241
242 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
243 -files/2.4.27-cmdline-race.patch,
244 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
245 -files/2.4.28-grsec-binfmt_a.out.patch,
246 -files/2.4.28-grsec-cmdline-race.patch,
247 -files/2.4.28-selinux-binfmt_a.out.patch,
248 -files/2.4.28-selinux-cmdline-race.patch,
249 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
250 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
251 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
252 cleanup..
253
254 *hardened-sources-2.4.30-r1 (21 Apr 2005)
255
256 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
257 - disable aout by default
258
259 *hardened-sources-2.4.30 (18 Apr 2005)
260
261 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
262 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
263 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
264 use
265
266 *hardened-sources-2.4.29 (30 Mar 2005)
267
268 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
269 +hardened-sources-2.4.29.ebuild:
270 New hardened-patches-2.4-29.0 patchball.
271 Removed SELinux support, upgraded GRSecurity to 2.1.4.
272
273 *hardened-sources-2.4.28-r5 (06 Mar 2005)
274
275 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
276 +hardened-sources-2.4.28-r5.ebuild:
277 Added a fix for a PaX vulnerability.
278
279 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
280 hardened-sources-2.4.28-r4.ebuild:
281 Stable on x86
282
283 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
284 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
285 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
286 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
287 - fixed/added RDEPEND= in all kernel-2 ebuilds
288
289 *hardened-sources-2.4.28-r4 (21 Jan 2005)
290
291 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
292 +hardened-sources-2.4.28-r4.ebuild:
293 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
294 backport of neighbour hash updates.
295
296 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
297 hardened-sources-2.4.28-r3.ebuild:
298 Stable on x86
299
300 *hardened-sources-2.6.10-r3 (20 Jan 2005)
301
302 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
303 +hardened-sources-2.6.10-r3.ebuild:
304 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
305 in 2005.0
306
307 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
308 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
309 hardened-sources-2.4.28-r2.ebuild:
310 Mark stable on x86
311
312 *hardened-sources-2.4.28-r3 (17 Jan 2005)
313
314 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
315 +hardened-sources-2.4.28-r3.ebuild:
316 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
317
318 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
319 hardened-sources-2.4.28.ebuild:
320 Mark stable on x86.
321
322 *hardened-sources-2.4.28-r2 (13 Jan 2005)
323
324 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
325 +hardened-sources-2.4.28-r2.ebuild:
326 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
327 Mazinger for grsecurity patches as well.
328
329 *hardened-sources-2.4.28-r1 (23 Dec 2004)
330
331 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
332 Security bump. Thank tocharian for rolling a new patchset...
333
334 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
335 +files/2.4.28-grsec-cmdline-race.patch,
336 +files/2.4.28-selinux-binfmt_a.out.patch,
337 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
338 - Round up remaining security patches that appear to be missing in 2.4.28. -
339 PaX standalone updated to current. hgpv=28.1
340
341 *hardened-sources-2.4.28 (28 Nov 2004)
342
343 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
344 security bump. Thank tocharian for rolling a new patchset
345
346 *hardened-sources-2.4.27-r3 (08 Sep 2004)
347
348 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
349 +hardened-sources-2.4.27-r3.ebuild:
350 Applies the new 2.4-27.2 patchball which updates
351 GRSecurity to the 2.0.1 version.
352
353 *hardened-sources-2.4.27-r2 (31 Aug 2004)
354
355 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
356 +hardened-sources-2.4.27-r2.ebuild:
357 Version bump.
358 This version uses the new 2.4-27.1 patchball which updates
359 both the SELinux PaX hooks patch and the SELinux headers.
360
361 *hardened-sources-2.4.27-r1 (09 Aug 2004)
362
363 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
364 +hardened-sources-2.4.27-r1.ebuild,
365 -hardened-sources-2.4.27.ebuild,
366 +files/2.4.27-cmdline-race.patch:
367 Version bump, fix for cmdline race. See bug #59905.
368
369 *hardened-sources-2.4.26-r6 (09 Aug 2004)
370
371 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
372 +hardened-sources-2.4.26-r6.ebuild,
373 -hardened-sources-2.4.26-r5.ebuild,
374 -hardened-sources-2.4.26-r4.ebuild,
375 +files/2.4.26-cmdline-race.patch:
376 Version bump, fix for cmdline race. See bug #59905.
377
378 *hardened-sources-2.4.27 (08 Aug 2004)
379
380 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
381 +hardened-sources-2.4.27.ebuild,
382 +files/2.4.27-CAN-2004-0394.patch:
383 Ported the patchball to the 2.4.27 kernel version.
384
385 *hardened-sources-2.4.26-r5 (07 Aug 2004)
386
387 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
388 +hardened-sources-2.4.26-r5.ebuild:
389 Updated to use the new hardened-patches-2.4-26.1 patchball.
390 It adds the following features:
391 - Squashfs
392 - Ebtables
393 - Netdev random (core+drivers)
394 - Watchdog Timer (WDT) fix.
395
396 *hardened-sources-2.4.26-r4 (04 Aug 2004)
397
398 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
399 +hardened-sources-2.4.26-r4.ebuild,
400 +files/2.4.26-CAN-2004-0415.patch,
401 -hardened-sources-2.4.26-3:
402 Version bump, fix for CAN 0415, see bug #59378.
403
404 *hardened-sources-2.4.26-r3 (22 Jul 2004)
405
406 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
407 +hardened-sources-2.4.26-r3.ebuild,
408 +files/2.4.26-CAN-2004-0497.patch,
409 -hardened-sources-2.4.26-r2.ebuild:
410 Version bump, fixed CAN 0497, see bug #56171.
411
412 *hardened-sources-2.4.26-r2 (29 Jun 2004)
413
414 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
415 +hardened-sources-2.4.26-r2.ebuild,
416 +files/2.4.26-CAN-2004-0495.patch,
417 +files/2.4.26-CAN-2004-0535.patch,
418 -hardened-sources-2.4.26-r1.ebuild:
419 Fixes for both CAN 0495 and 0535, see bug #54976
420
421 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
422 hardened-sources-2.4.26-r1.ebuild:
423 QA - fix use invocation
424
425 *hardened-sources-2.4.26-r1 (22 June 2004)
426
427 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
428 +hardened-sources-2.4.26-r1.ebuild,
429 +files/2.4.26-CAN-2004-0394.patch,
430 +files/2.4.26-signal-race.patch,
431 -hardened-sources-2.4.26.ebuild,
432 -hardened-sources-2.4.24-r3.ebuild:
433 Version bump for the CAN-2004-0394 issue and bug #53804
434 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
435
436
437 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
438 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
439 Masked hardened-sources-2.4.26.ebuild broken for ppc
440
441 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
442 hardened-sources-2.4.24-r3.ebuild:
443 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
444
445 *hardened-sources-2.4.26 (29 May 2004)
446
447 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
448 +hardened-sources-2.4.26.ebuild:
449 Updated hardened-sources for the 2.4.26 kernel
450 Removed broken components, updated almost everything.
451
452 *hardened-sources-2.4.24-r3 (17 Apr 2004)
453
454 17 Apr 2004; <plasmaroo@gentoo.org>
455 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
456 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
457 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
458 +hardened-sources-2.4.24-r3.ebuild:
459 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
460 vulnerabilities. Old revisions removed.
461
462 *hardened-sources-2.4.24-r2 (15 Apr 2004)
463
464 15 Apr 2004; <plasmaroo@gentoo.org>
465 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
466 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
467 Version bump for the CAN-2004-0109 issue; bug #47881.
468
469 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
470 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
471 Add eutils to inherit.
472
473 *hardened-sources-2.4.24-r1 (19 Feb 2004)
474
475 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
476 files/hardened-sources-2.4.24.munmap.patch:
477 Added the patch for the mremap/munmap vulnerability. Bug #42024.
478
479 *hardened-sources-2.4.24 (06 Feb 2004)
480
481 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
482 hardened-sources-2.4.24.ebuild:
483 Version bump, updated most of the components.
484 This release includes the following:
485
486 - Hardened security
487 - Netfilter patch-o-matic 20031219
488 - FreeSWAN 2.04 & x509 1.4.8
489 - EVMS 2.2.2
490 - XFS 1.3.1
491 - cryptoloop jari
492 - grsecurity 2.0-rc4
493 - SELinux
494 - PaX 200402060000
495 - PaX Obscurity 200308302223
496 - Others...
497
498 Neither -ck nor systrace are included anymore.
499
500 *hardened-sources-2.4.22-r2 (05 Jan 2004)
501
502 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
503 hardened-sources-2.4.22-r2.ebuild:
504 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
505
506 *hardened-sources-2.4.22-r1 (02 Dec 2003)
507
508 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
509 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
510
511 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
512 hardened-sources-2.4.22-r1.ebuild:
513 Version bump for the 'do_brk' vulnerability.
514
515 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
516 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
517 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
518 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
519 Fix the 'do_brk' vulnerability.
520
521 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
522 hardened-sources-2.4.22.ebuild:
523 - Removed the src_install() portion for SELinux flask
524 components. These are no longer handled in the kernel
525 so this code was not necessary.
526
527 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
528 New 2.4.22 based hardened-sources thanks to
529 Phil West <p.west@computer.org>.
530
531 These sources include:
532 - New SELinux API
533 - Updated CK-base
534 - Updated GRSec
535 - Systrace
536 - SuperFreeS/WAN 1.99.8
537 - Propolice kernel build support
538 - EVMS
539 - Other various security related patches
540
541 *hardened-sources-2.4.21 (14 Sep 2003)
542
543 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
544 Updated hardened-sources based on the 2.4.21 Linux kernel.
545 This includes updates to most major components such as:
546 - ck-base-0306300059
547 - selinux-2.4-2003071106
548 - grsecurity-2.0-rc1
549 - Updated IPTables patch-o-matic
550 - Updated SuperFreeS/WAN
551
552 Thanks to Phil West <pwest@computer.org> for his work in getting this
553 updated patch set ready for the 2.4.21 based kernel.
554
555 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
556 Initial import of hardened-sources-2.4.20-r4. This revision
557 includes only a few changes, but one of these is an important
558 security fix. It is recommended all users of hardened-sources
559 upgrade to this release.
560
561 - ioperm bug fix
562 - fixed compilation failure when building without GRSec
563
564 SAL (Secure Auditing for Linux) is NOT included in this revision
565 due to time constraints, but is planned for inclusion in the near
566 future.
567
568 *hardened-sources-2.4.20-r2 (12 Jun 2003)
569
570 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
571 hardened-sources-2.4.20-r3.ebuild:
572 Add Header...
573
574 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
575 hardened-sources-2.4.20-r3.ebuild:
576 Removed warnings from ebuild. This kernel should be safe to
577 use at this point.
578
579 *hardened-sources-2.4.20-r3 (08 Jun 2003)
580
581 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
582 hardened-sources-2.4.20-r3.ebuild:
583 New revision. Includes the following changes over -r2:
584
585 - ck7-base (O(1), preempt, low latency)
586 - Super FreeS/WAN 1.99.7rc2
587 - PaX for the LSM/SELinux branch
588 - GRSecurity 2.0-pre4 (role based access control)
589 - Systrace 1.3
590 - EXT3 fixes
591 - EVMS 2.0.1
592 - GCC 3.1+ compile optimizations
593 - ProPolice kernel build support
594 - Hashing table security fixes
595
596 *hardened-sources-2.4.20-r1 (09 Apr 2003)
597
598 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
599 Initial import of hardened-sources-r2. This new
600 ebuild includes many new performance and security
601 related patches. As in -r1, it will patch in
602 LSM/SELinux if "selinux" is in USE, otherwise it
603 will patch in GRSecurity. The following patches
604 are included in this revision:
605
606 - O(1) Scheduler, Low Latency, and Preempt
607 (pulled from the base CK patch)
608 - ptrace exploit patch for the LSM kernel
609 (the GRSec patch already fixes this)
610 - LSM 2.4-2003040709
611 - SELinux 2.4-2003040709
612 - Systrace v1.2
613 - IPTables patch-o-matic base patches - 20030107
614 - CryptoAPI 2.4.20.1 w/ loop-jari patch
615 - Super FreeS/WAN 1.99.6.1
616 - GRSecurity 1.9.9g
617 - MPPE
618 - EXT3 data journal fix
619 - CIPE 1.5.4
620
621 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
622 hardened-sources-2.4.20-r1.ebuild, manifest:
623 Updated to install flask components correctly for selinux.
624
625 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
626 hardened-sources-2.4.20-r1.ebuild:
627 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
628 is patched in instead. Ptrace patches for selinux have also been added. In
629 either case, systrace support will be patched in as well.
630
631 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
632 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
633 Revision bump for new sources.
634
635 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
636 hardened-sources-2.4.20-r1.ebuild:
637 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
638
639 *hardened-sources-2.4.20 (30 Mar 2003)
640
641 30 Mar 2003; Joshua Brindle <method@gentoo.org>
642 hardened-sources-2.4.20.ebuild:
643 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20