/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.96 - (show annotations) (download)
Fri Apr 28 10:12:36 2006 UTC (8 years, 3 months ago) by johnm
Branch: MAIN
Changes since 1.95: +5 -1 lines
re-roll genpatches release, I caused a dupe patchset in the last.
(Portage version: 2.1_pre9-r4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.95 2006/04/27 14:52:28 johnm Exp $
4
5 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
6 hardened-sources-2.6.14-r8.ebuild:
7 bump hardened patchset
8
9 27 Apr 2006; Alec Warner <antarus@gentoo.org>
10 files/digest-hardened-sources-2.4.32-r2,
11 files/digest-hardened-sources-2.4.32-r3,
12 files/digest-hardened-sources-2.6.14-r8, Manifest:
13 Fixing duff SHA256 digests: Bug # 131293
14
15 *hardened-sources-2.6.16-r5 (27 Apr 2006)
16
17 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
18 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
19 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
20 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
21 cleanup of old uneccessary sources
22
23 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
24 fix digest
25
26 *hardened-sources-2.6.14-r8 (20 Apr 2006)
27
28 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
29 +hardened-sources-2.6.14-r8.ebuild:
30 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
31
32 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
33 Turning on gpg-signing again, and recomitting
34
35 *hardened-sources-2.6.16-r4 (20 Apr 2006)
36
37 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
38 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
39 +hardened-sources-2.6.16-r4.ebuild:
40 Fix numerous security vulns
41
42 *hardened-sources-2.4.32-r3 (16 Apr 2006)
43
44 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
45 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
46 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
47 - security bump for bug #112791. Removed old ebuilds
48
49 *hardened-sources-2.6.16-r3 (15 Apr 2006)
50
51 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
52 +hardened-sources-2.6.16-r3.ebuild:
53 Removing silly localversion which I missed
54
55 *hardened-sources-2.6.14-r7 (14 Apr 2006)
56
57 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
58 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
59 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
60
61 *hardened-sources-2.6.16-r2 (13 Apr 2006)
62
63 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
64 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
65 +hardened-sources-2.6.16-r2.ebuild:
66 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
67 labels, dropping USERGROUP define fixes, since these were merged mainstream.
68
69 *hardened-sources-2.6.16-r1 (11 Apr 2006)
70
71 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
72 +hardened-sources-2.6.16-r1.ebuild:
73 Bumping to include ppc build fix and 2.6.16.3
74
75 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
76 hardened-sources-2.6.14-r6.ebuild:
77 Stable on x86; bug #127718
78
79 *hardened-sources-2.6.16 (31 Mar 2006)
80
81 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
82 +hardened-sources-2.6.16.ebuild:
83 Bumping to new version of grsec, and kernel base. New squashfs. Based on
84 2.6.16.1
85
86 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
87 hardened-sources-2.6.14-r6.ebuild:
88 Stable on amd64, bug 127718.
89
90 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
91 Stable on ppc. Bug #127718
92
93 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
94 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
95 -hardened-sources-2.6.14-r4.ebuild:
96 Cleanup.
97
98 *hardened-sources-2.6.14-r6 (15 Mar 2006)
99
100 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
101 +hardened-sources-2.6.14-r6.ebuild:
102 Fixes grsec policy recreation bug and adds a
103 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
104
105 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
106 - stable on x86
107
108 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
109 hardened-sources-2.6.14-r5.ebuild:
110 Stable on ppc.
111
112 *hardened-sources-2.6.14-r5 (01 Feb 2006)
113
114 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
115 +hardened-sources-2.6.14-r5.ebuild:
116 fixing every known exploit
117
118 *hardened-sources-2.4.32-r2 (26 Jan 2006)
119
120 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
121 +hardened-sources-2.4.32-r2.ebuild:
122 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
123
124 *hardened-sources-2.6.14-r4 (12 Jan 2006)
125
126 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
127 - version bump for new genpatches which fix up a few sec holes
128
129 *hardened-sources-2.4.32-r1 (05 Jan 2006)
130
131 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
132 - revision bump to add misc vital linux kernel security patches.
133
134 *hardened-sources-2.6.14-r3 (30 Dec 2005)
135
136 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
137 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
138 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
139
140 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
141 hardened-sources-2.6.14-r2.ebuild:
142 making x86 & amd64 stable following testing.
143
144 *hardened-sources-2.6.14-r2 (27 Dec 2005)
145
146 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
147 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
148 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
149 network hooks.
150
151 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
152 hardened-sources-2.6.14-r1.ebuild:
153 bumping to stable early for sec fix on x86 & amd64
154
155 *hardened-sources-2.6.14-r1 (05 Dec 2005)
156
157 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
158 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
159 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
160
161 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
162 - stable on x86 security bug #114227 CAN-2005-3257
163
164 *hardened-sources-2.4.32 (19 Nov 2005)
165
166 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
167 +hardened-sources-2.4.32.ebuild:
168 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
169 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
170 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
171 rsbac >> /etc/portage/package.use)
172
173 *hardened-sources-2.6.14 (14 Nov 2005)
174
175 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
176 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
177 Bumping 2.6 series to 2.6.14.2
178
179 *hardened-sources-2.6.13-r2 (20 Oct 2005)
180
181 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
182 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
183 +hardened-sources-2.6.13-r2.ebuild:
184 Fixes minor build error in ppc.
185
186 *hardened-sources-2.6.13-r1 (17 Oct 2005)
187
188 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
189 +hardened-sources-2.6.13-r1.ebuild:
190 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
191 2.6.13.4, fixes some major amd64 stability problems.
192
193 *hardened-sources-2.6.13 (16 Sep 2005)
194
195 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
196 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
197 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
198 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
199 users should test this thoroughly.
200
201 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
202 - stable on x86
203
204 *hardened-sources-2.6.11-r15 (27 Jun 2005)
205
206 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
207 +hardened-sources-2.6.11-r15.ebuild:
208 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
209 grsec redefining curr_ip struct.
210
211 *hardened-sources-2.4.31 (20 Jun 2005)
212
213 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
214 initial import of 2.4.31 tree
215
216 *hardened-sources-2.6.11-r14 (14 Jun 2005)
217
218 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
219 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
220 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
221 naming scheme to abide by genpatches
222
223 *hardened-sources-2.6.11-r13 (18 May 2005)
224
225 18 May 2005; John Mylchreest <johnm@gentoo.org>
226 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
227 Managed to mangle the Makefile patch from grsec, to miss out the grsec
228 target. sorry about that. Fixes bug #93022
229
230 *hardened-sources-2.6.11-r12 (17 May 2005)
231
232 17 May 2005; John Mylchreest <johnm@gentoo.org>
233 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
234 +hardened-sources-2.6.11-r12.ebuild:
235 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
236 merges in genpatches-base
237
238 *hardened-sources-2.6.11-r12 (17 May 2005)
239
240 17 May 2005; John Mylchreest <johnm@gentoo.org>
241 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
242 +hardened-sources-2.6.11-r12.ebuild:
243 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
244 merges in genpatches-base
245
246 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
247 -files/2.4.27-cmdline-race.patch,
248 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
249 -files/2.4.28-grsec-binfmt_a.out.patch,
250 -files/2.4.28-grsec-cmdline-race.patch,
251 -files/2.4.28-selinux-binfmt_a.out.patch,
252 -files/2.4.28-selinux-cmdline-race.patch,
253 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
254 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
255 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
256 cleanup..
257
258 *hardened-sources-2.4.30-r1 (21 Apr 2005)
259
260 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
261 - disable aout by default
262
263 *hardened-sources-2.4.30 (18 Apr 2005)
264
265 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
266 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
267 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
268 use
269
270 *hardened-sources-2.4.29 (30 Mar 2005)
271
272 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
273 +hardened-sources-2.4.29.ebuild:
274 New hardened-patches-2.4-29.0 patchball.
275 Removed SELinux support, upgraded GRSecurity to 2.1.4.
276
277 *hardened-sources-2.4.28-r5 (06 Mar 2005)
278
279 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
280 +hardened-sources-2.4.28-r5.ebuild:
281 Added a fix for a PaX vulnerability.
282
283 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
284 hardened-sources-2.4.28-r4.ebuild:
285 Stable on x86
286
287 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
288 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
289 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
290 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
291 - fixed/added RDEPEND= in all kernel-2 ebuilds
292
293 *hardened-sources-2.4.28-r4 (21 Jan 2005)
294
295 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
296 +hardened-sources-2.4.28-r4.ebuild:
297 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
298 backport of neighbour hash updates.
299
300 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
301 hardened-sources-2.4.28-r3.ebuild:
302 Stable on x86
303
304 *hardened-sources-2.6.10-r3 (20 Jan 2005)
305
306 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
307 +hardened-sources-2.6.10-r3.ebuild:
308 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
309 in 2005.0
310
311 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
312 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
313 hardened-sources-2.4.28-r2.ebuild:
314 Mark stable on x86
315
316 *hardened-sources-2.4.28-r3 (17 Jan 2005)
317
318 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
319 +hardened-sources-2.4.28-r3.ebuild:
320 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
321
322 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
323 hardened-sources-2.4.28.ebuild:
324 Mark stable on x86.
325
326 *hardened-sources-2.4.28-r2 (13 Jan 2005)
327
328 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
329 +hardened-sources-2.4.28-r2.ebuild:
330 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
331 Mazinger for grsecurity patches as well.
332
333 *hardened-sources-2.4.28-r1 (23 Dec 2004)
334
335 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
336 Security bump. Thank tocharian for rolling a new patchset...
337
338 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
339 +files/2.4.28-grsec-cmdline-race.patch,
340 +files/2.4.28-selinux-binfmt_a.out.patch,
341 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
342 - Round up remaining security patches that appear to be missing in 2.4.28. -
343 PaX standalone updated to current. hgpv=28.1
344
345 *hardened-sources-2.4.28 (28 Nov 2004)
346
347 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
348 security bump. Thank tocharian for rolling a new patchset
349
350 *hardened-sources-2.4.27-r3 (08 Sep 2004)
351
352 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
353 +hardened-sources-2.4.27-r3.ebuild:
354 Applies the new 2.4-27.2 patchball which updates
355 GRSecurity to the 2.0.1 version.
356
357 *hardened-sources-2.4.27-r2 (31 Aug 2004)
358
359 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
360 +hardened-sources-2.4.27-r2.ebuild:
361 Version bump.
362 This version uses the new 2.4-27.1 patchball which updates
363 both the SELinux PaX hooks patch and the SELinux headers.
364
365 *hardened-sources-2.4.27-r1 (09 Aug 2004)
366
367 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
368 +hardened-sources-2.4.27-r1.ebuild,
369 -hardened-sources-2.4.27.ebuild,
370 +files/2.4.27-cmdline-race.patch:
371 Version bump, fix for cmdline race. See bug #59905.
372
373 *hardened-sources-2.4.26-r6 (09 Aug 2004)
374
375 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
376 +hardened-sources-2.4.26-r6.ebuild,
377 -hardened-sources-2.4.26-r5.ebuild,
378 -hardened-sources-2.4.26-r4.ebuild,
379 +files/2.4.26-cmdline-race.patch:
380 Version bump, fix for cmdline race. See bug #59905.
381
382 *hardened-sources-2.4.27 (08 Aug 2004)
383
384 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
385 +hardened-sources-2.4.27.ebuild,
386 +files/2.4.27-CAN-2004-0394.patch:
387 Ported the patchball to the 2.4.27 kernel version.
388
389 *hardened-sources-2.4.26-r5 (07 Aug 2004)
390
391 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
392 +hardened-sources-2.4.26-r5.ebuild:
393 Updated to use the new hardened-patches-2.4-26.1 patchball.
394 It adds the following features:
395 - Squashfs
396 - Ebtables
397 - Netdev random (core+drivers)
398 - Watchdog Timer (WDT) fix.
399
400 *hardened-sources-2.4.26-r4 (04 Aug 2004)
401
402 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
403 +hardened-sources-2.4.26-r4.ebuild,
404 +files/2.4.26-CAN-2004-0415.patch,
405 -hardened-sources-2.4.26-3:
406 Version bump, fix for CAN 0415, see bug #59378.
407
408 *hardened-sources-2.4.26-r3 (22 Jul 2004)
409
410 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
411 +hardened-sources-2.4.26-r3.ebuild,
412 +files/2.4.26-CAN-2004-0497.patch,
413 -hardened-sources-2.4.26-r2.ebuild:
414 Version bump, fixed CAN 0497, see bug #56171.
415
416 *hardened-sources-2.4.26-r2 (29 Jun 2004)
417
418 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
419 +hardened-sources-2.4.26-r2.ebuild,
420 +files/2.4.26-CAN-2004-0495.patch,
421 +files/2.4.26-CAN-2004-0535.patch,
422 -hardened-sources-2.4.26-r1.ebuild:
423 Fixes for both CAN 0495 and 0535, see bug #54976
424
425 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
426 hardened-sources-2.4.26-r1.ebuild:
427 QA - fix use invocation
428
429 *hardened-sources-2.4.26-r1 (22 June 2004)
430
431 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
432 +hardened-sources-2.4.26-r1.ebuild,
433 +files/2.4.26-CAN-2004-0394.patch,
434 +files/2.4.26-signal-race.patch,
435 -hardened-sources-2.4.26.ebuild,
436 -hardened-sources-2.4.24-r3.ebuild:
437 Version bump for the CAN-2004-0394 issue and bug #53804
438 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
439
440
441 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
442 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
443 Masked hardened-sources-2.4.26.ebuild broken for ppc
444
445 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
446 hardened-sources-2.4.24-r3.ebuild:
447 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
448
449 *hardened-sources-2.4.26 (29 May 2004)
450
451 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
452 +hardened-sources-2.4.26.ebuild:
453 Updated hardened-sources for the 2.4.26 kernel
454 Removed broken components, updated almost everything.
455
456 *hardened-sources-2.4.24-r3 (17 Apr 2004)
457
458 17 Apr 2004; <plasmaroo@gentoo.org>
459 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
460 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
461 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
462 +hardened-sources-2.4.24-r3.ebuild:
463 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
464 vulnerabilities. Old revisions removed.
465
466 *hardened-sources-2.4.24-r2 (15 Apr 2004)
467
468 15 Apr 2004; <plasmaroo@gentoo.org>
469 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
470 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
471 Version bump for the CAN-2004-0109 issue; bug #47881.
472
473 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
474 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
475 Add eutils to inherit.
476
477 *hardened-sources-2.4.24-r1 (19 Feb 2004)
478
479 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
480 files/hardened-sources-2.4.24.munmap.patch:
481 Added the patch for the mremap/munmap vulnerability. Bug #42024.
482
483 *hardened-sources-2.4.24 (06 Feb 2004)
484
485 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
486 hardened-sources-2.4.24.ebuild:
487 Version bump, updated most of the components.
488 This release includes the following:
489
490 - Hardened security
491 - Netfilter patch-o-matic 20031219
492 - FreeSWAN 2.04 & x509 1.4.8
493 - EVMS 2.2.2
494 - XFS 1.3.1
495 - cryptoloop jari
496 - grsecurity 2.0-rc4
497 - SELinux
498 - PaX 200402060000
499 - PaX Obscurity 200308302223
500 - Others...
501
502 Neither -ck nor systrace are included anymore.
503
504 *hardened-sources-2.4.22-r2 (05 Jan 2004)
505
506 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
507 hardened-sources-2.4.22-r2.ebuild:
508 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
509
510 *hardened-sources-2.4.22-r1 (02 Dec 2003)
511
512 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
513 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
514
515 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
516 hardened-sources-2.4.22-r1.ebuild:
517 Version bump for the 'do_brk' vulnerability.
518
519 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
520 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
521 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
522 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
523 Fix the 'do_brk' vulnerability.
524
525 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
526 hardened-sources-2.4.22.ebuild:
527 - Removed the src_install() portion for SELinux flask
528 components. These are no longer handled in the kernel
529 so this code was not necessary.
530
531 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
532 New 2.4.22 based hardened-sources thanks to
533 Phil West <p.west@computer.org>.
534
535 These sources include:
536 - New SELinux API
537 - Updated CK-base
538 - Updated GRSec
539 - Systrace
540 - SuperFreeS/WAN 1.99.8
541 - Propolice kernel build support
542 - EVMS
543 - Other various security related patches
544
545 *hardened-sources-2.4.21 (14 Sep 2003)
546
547 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
548 Updated hardened-sources based on the 2.4.21 Linux kernel.
549 This includes updates to most major components such as:
550 - ck-base-0306300059
551 - selinux-2.4-2003071106
552 - grsecurity-2.0-rc1
553 - Updated IPTables patch-o-matic
554 - Updated SuperFreeS/WAN
555
556 Thanks to Phil West <pwest@computer.org> for his work in getting this
557 updated patch set ready for the 2.4.21 based kernel.
558
559 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
560 Initial import of hardened-sources-2.4.20-r4. This revision
561 includes only a few changes, but one of these is an important
562 security fix. It is recommended all users of hardened-sources
563 upgrade to this release.
564
565 - ioperm bug fix
566 - fixed compilation failure when building without GRSec
567
568 SAL (Secure Auditing for Linux) is NOT included in this revision
569 due to time constraints, but is planned for inclusion in the near
570 future.
571
572 *hardened-sources-2.4.20-r2 (12 Jun 2003)
573
574 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
575 hardened-sources-2.4.20-r3.ebuild:
576 Add Header...
577
578 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
579 hardened-sources-2.4.20-r3.ebuild:
580 Removed warnings from ebuild. This kernel should be safe to
581 use at this point.
582
583 *hardened-sources-2.4.20-r3 (08 Jun 2003)
584
585 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
586 hardened-sources-2.4.20-r3.ebuild:
587 New revision. Includes the following changes over -r2:
588
589 - ck7-base (O(1), preempt, low latency)
590 - Super FreeS/WAN 1.99.7rc2
591 - PaX for the LSM/SELinux branch
592 - GRSecurity 2.0-pre4 (role based access control)
593 - Systrace 1.3
594 - EXT3 fixes
595 - EVMS 2.0.1
596 - GCC 3.1+ compile optimizations
597 - ProPolice kernel build support
598 - Hashing table security fixes
599
600 *hardened-sources-2.4.20-r1 (09 Apr 2003)
601
602 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
603 Initial import of hardened-sources-r2. This new
604 ebuild includes many new performance and security
605 related patches. As in -r1, it will patch in
606 LSM/SELinux if "selinux" is in USE, otherwise it
607 will patch in GRSecurity. The following patches
608 are included in this revision:
609
610 - O(1) Scheduler, Low Latency, and Preempt
611 (pulled from the base CK patch)
612 - ptrace exploit patch for the LSM kernel
613 (the GRSec patch already fixes this)
614 - LSM 2.4-2003040709
615 - SELinux 2.4-2003040709
616 - Systrace v1.2
617 - IPTables patch-o-matic base patches - 20030107
618 - CryptoAPI 2.4.20.1 w/ loop-jari patch
619 - Super FreeS/WAN 1.99.6.1
620 - GRSecurity 1.9.9g
621 - MPPE
622 - EXT3 data journal fix
623 - CIPE 1.5.4
624
625 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
626 hardened-sources-2.4.20-r1.ebuild, manifest:
627 Updated to install flask components correctly for selinux.
628
629 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
630 hardened-sources-2.4.20-r1.ebuild:
631 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
632 is patched in instead. Ptrace patches for selinux have also been added. In
633 either case, systrace support will be patched in as well.
634
635 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
636 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
637 Revision bump for new sources.
638
639 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
640 hardened-sources-2.4.20-r1.ebuild:
641 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
642
643 *hardened-sources-2.4.20 (30 Mar 2003)
644
645 30 Mar 2003; Joshua Brindle <method@gentoo.org>
646 hardened-sources-2.4.20.ebuild:
647 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20