/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.98 - (show annotations) (download)
Wed May 3 17:31:16 2006 UTC (8 years, 6 months ago) by johnm
Branch: MAIN
Changes since 1.97: +7 -1 lines
bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
(Portage version: 2.1_pre9-r5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.97 2006/04/28 15:18:32 johnm Exp $
4
5 *hardened-sources-2.6.16-r6 (03 May 2006)
6
7 03 May 2006; John Mylchreest <johnm@gentoo.org>
8 +hardened-sources-2.6.16-r6.ebuild:
9 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
10
11 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
12 hardened-sources-2.6.14-r8.ebuild:
13 fix x86_64 build problem, this will delay the digest issue again for a short
14 while but it will sort itself out
15
16 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
17 hardened-sources-2.6.14-r8.ebuild:
18 bump hardened patchset
19
20 27 Apr 2006; Alec Warner <antarus@gentoo.org>
21 files/digest-hardened-sources-2.4.32-r2,
22 files/digest-hardened-sources-2.4.32-r3,
23 files/digest-hardened-sources-2.6.14-r8, Manifest:
24 Fixing duff SHA256 digests: Bug # 131293
25
26 *hardened-sources-2.6.16-r5 (27 Apr 2006)
27
28 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
29 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
30 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
31 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
32 cleanup of old uneccessary sources
33
34 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
35 fix digest
36
37 *hardened-sources-2.6.14-r8 (20 Apr 2006)
38
39 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
40 +hardened-sources-2.6.14-r8.ebuild:
41 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
42
43 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
44 Turning on gpg-signing again, and recomitting
45
46 *hardened-sources-2.6.16-r4 (20 Apr 2006)
47
48 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
49 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
50 +hardened-sources-2.6.16-r4.ebuild:
51 Fix numerous security vulns
52
53 *hardened-sources-2.4.32-r3 (16 Apr 2006)
54
55 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
56 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
57 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
58 - security bump for bug #112791. Removed old ebuilds
59
60 *hardened-sources-2.6.16-r3 (15 Apr 2006)
61
62 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
63 +hardened-sources-2.6.16-r3.ebuild:
64 Removing silly localversion which I missed
65
66 *hardened-sources-2.6.14-r7 (14 Apr 2006)
67
68 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
69 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
70 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
71
72 *hardened-sources-2.6.16-r2 (13 Apr 2006)
73
74 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
75 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
76 +hardened-sources-2.6.16-r2.ebuild:
77 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
78 labels, dropping USERGROUP define fixes, since these were merged mainstream.
79
80 *hardened-sources-2.6.16-r1 (11 Apr 2006)
81
82 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
83 +hardened-sources-2.6.16-r1.ebuild:
84 Bumping to include ppc build fix and 2.6.16.3
85
86 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
87 hardened-sources-2.6.14-r6.ebuild:
88 Stable on x86; bug #127718
89
90 *hardened-sources-2.6.16 (31 Mar 2006)
91
92 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
93 +hardened-sources-2.6.16.ebuild:
94 Bumping to new version of grsec, and kernel base. New squashfs. Based on
95 2.6.16.1
96
97 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
98 hardened-sources-2.6.14-r6.ebuild:
99 Stable on amd64, bug 127718.
100
101 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
102 Stable on ppc. Bug #127718
103
104 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
105 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
106 -hardened-sources-2.6.14-r4.ebuild:
107 Cleanup.
108
109 *hardened-sources-2.6.14-r6 (15 Mar 2006)
110
111 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
112 +hardened-sources-2.6.14-r6.ebuild:
113 Fixes grsec policy recreation bug and adds a
114 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
115
116 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
117 - stable on x86
118
119 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
120 hardened-sources-2.6.14-r5.ebuild:
121 Stable on ppc.
122
123 *hardened-sources-2.6.14-r5 (01 Feb 2006)
124
125 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
126 +hardened-sources-2.6.14-r5.ebuild:
127 fixing every known exploit
128
129 *hardened-sources-2.4.32-r2 (26 Jan 2006)
130
131 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
132 +hardened-sources-2.4.32-r2.ebuild:
133 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
134
135 *hardened-sources-2.6.14-r4 (12 Jan 2006)
136
137 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
138 - version bump for new genpatches which fix up a few sec holes
139
140 *hardened-sources-2.4.32-r1 (05 Jan 2006)
141
142 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
143 - revision bump to add misc vital linux kernel security patches.
144
145 *hardened-sources-2.6.14-r3 (30 Dec 2005)
146
147 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
148 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
149 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
150
151 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
152 hardened-sources-2.6.14-r2.ebuild:
153 making x86 & amd64 stable following testing.
154
155 *hardened-sources-2.6.14-r2 (27 Dec 2005)
156
157 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
158 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
159 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
160 network hooks.
161
162 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
163 hardened-sources-2.6.14-r1.ebuild:
164 bumping to stable early for sec fix on x86 & amd64
165
166 *hardened-sources-2.6.14-r1 (05 Dec 2005)
167
168 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
169 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
170 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
171
172 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
173 - stable on x86 security bug #114227 CAN-2005-3257
174
175 *hardened-sources-2.4.32 (19 Nov 2005)
176
177 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
178 +hardened-sources-2.4.32.ebuild:
179 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
180 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
181 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
182 rsbac >> /etc/portage/package.use)
183
184 *hardened-sources-2.6.14 (14 Nov 2005)
185
186 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
187 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
188 Bumping 2.6 series to 2.6.14.2
189
190 *hardened-sources-2.6.13-r2 (20 Oct 2005)
191
192 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
193 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
194 +hardened-sources-2.6.13-r2.ebuild:
195 Fixes minor build error in ppc.
196
197 *hardened-sources-2.6.13-r1 (17 Oct 2005)
198
199 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
200 +hardened-sources-2.6.13-r1.ebuild:
201 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
202 2.6.13.4, fixes some major amd64 stability problems.
203
204 *hardened-sources-2.6.13 (16 Sep 2005)
205
206 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
207 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
208 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
209 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
210 users should test this thoroughly.
211
212 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
213 - stable on x86
214
215 *hardened-sources-2.6.11-r15 (27 Jun 2005)
216
217 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
218 +hardened-sources-2.6.11-r15.ebuild:
219 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
220 grsec redefining curr_ip struct.
221
222 *hardened-sources-2.4.31 (20 Jun 2005)
223
224 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
225 initial import of 2.4.31 tree
226
227 *hardened-sources-2.6.11-r14 (14 Jun 2005)
228
229 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
230 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
231 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
232 naming scheme to abide by genpatches
233
234 *hardened-sources-2.6.11-r13 (18 May 2005)
235
236 18 May 2005; John Mylchreest <johnm@gentoo.org>
237 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
238 Managed to mangle the Makefile patch from grsec, to miss out the grsec
239 target. sorry about that. Fixes bug #93022
240
241 *hardened-sources-2.6.11-r12 (17 May 2005)
242
243 17 May 2005; John Mylchreest <johnm@gentoo.org>
244 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
245 +hardened-sources-2.6.11-r12.ebuild:
246 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
247 merges in genpatches-base
248
249 *hardened-sources-2.6.11-r12 (17 May 2005)
250
251 17 May 2005; John Mylchreest <johnm@gentoo.org>
252 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
253 +hardened-sources-2.6.11-r12.ebuild:
254 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
255 merges in genpatches-base
256
257 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
258 -files/2.4.27-cmdline-race.patch,
259 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
260 -files/2.4.28-grsec-binfmt_a.out.patch,
261 -files/2.4.28-grsec-cmdline-race.patch,
262 -files/2.4.28-selinux-binfmt_a.out.patch,
263 -files/2.4.28-selinux-cmdline-race.patch,
264 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
265 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
266 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
267 cleanup..
268
269 *hardened-sources-2.4.30-r1 (21 Apr 2005)
270
271 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
272 - disable aout by default
273
274 *hardened-sources-2.4.30 (18 Apr 2005)
275
276 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
277 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
278 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
279 use
280
281 *hardened-sources-2.4.29 (30 Mar 2005)
282
283 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
284 +hardened-sources-2.4.29.ebuild:
285 New hardened-patches-2.4-29.0 patchball.
286 Removed SELinux support, upgraded GRSecurity to 2.1.4.
287
288 *hardened-sources-2.4.28-r5 (06 Mar 2005)
289
290 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
291 +hardened-sources-2.4.28-r5.ebuild:
292 Added a fix for a PaX vulnerability.
293
294 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
295 hardened-sources-2.4.28-r4.ebuild:
296 Stable on x86
297
298 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
299 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
300 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
301 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
302 - fixed/added RDEPEND= in all kernel-2 ebuilds
303
304 *hardened-sources-2.4.28-r4 (21 Jan 2005)
305
306 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
307 +hardened-sources-2.4.28-r4.ebuild:
308 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
309 backport of neighbour hash updates.
310
311 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
312 hardened-sources-2.4.28-r3.ebuild:
313 Stable on x86
314
315 *hardened-sources-2.6.10-r3 (20 Jan 2005)
316
317 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
318 +hardened-sources-2.6.10-r3.ebuild:
319 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
320 in 2005.0
321
322 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
323 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
324 hardened-sources-2.4.28-r2.ebuild:
325 Mark stable on x86
326
327 *hardened-sources-2.4.28-r3 (17 Jan 2005)
328
329 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
330 +hardened-sources-2.4.28-r3.ebuild:
331 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
332
333 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
334 hardened-sources-2.4.28.ebuild:
335 Mark stable on x86.
336
337 *hardened-sources-2.4.28-r2 (13 Jan 2005)
338
339 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
340 +hardened-sources-2.4.28-r2.ebuild:
341 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
342 Mazinger for grsecurity patches as well.
343
344 *hardened-sources-2.4.28-r1 (23 Dec 2004)
345
346 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
347 Security bump. Thank tocharian for rolling a new patchset...
348
349 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
350 +files/2.4.28-grsec-cmdline-race.patch,
351 +files/2.4.28-selinux-binfmt_a.out.patch,
352 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
353 - Round up remaining security patches that appear to be missing in 2.4.28. -
354 PaX standalone updated to current. hgpv=28.1
355
356 *hardened-sources-2.4.28 (28 Nov 2004)
357
358 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
359 security bump. Thank tocharian for rolling a new patchset
360
361 *hardened-sources-2.4.27-r3 (08 Sep 2004)
362
363 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
364 +hardened-sources-2.4.27-r3.ebuild:
365 Applies the new 2.4-27.2 patchball which updates
366 GRSecurity to the 2.0.1 version.
367
368 *hardened-sources-2.4.27-r2 (31 Aug 2004)
369
370 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
371 +hardened-sources-2.4.27-r2.ebuild:
372 Version bump.
373 This version uses the new 2.4-27.1 patchball which updates
374 both the SELinux PaX hooks patch and the SELinux headers.
375
376 *hardened-sources-2.4.27-r1 (09 Aug 2004)
377
378 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
379 +hardened-sources-2.4.27-r1.ebuild,
380 -hardened-sources-2.4.27.ebuild,
381 +files/2.4.27-cmdline-race.patch:
382 Version bump, fix for cmdline race. See bug #59905.
383
384 *hardened-sources-2.4.26-r6 (09 Aug 2004)
385
386 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
387 +hardened-sources-2.4.26-r6.ebuild,
388 -hardened-sources-2.4.26-r5.ebuild,
389 -hardened-sources-2.4.26-r4.ebuild,
390 +files/2.4.26-cmdline-race.patch:
391 Version bump, fix for cmdline race. See bug #59905.
392
393 *hardened-sources-2.4.27 (08 Aug 2004)
394
395 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
396 +hardened-sources-2.4.27.ebuild,
397 +files/2.4.27-CAN-2004-0394.patch:
398 Ported the patchball to the 2.4.27 kernel version.
399
400 *hardened-sources-2.4.26-r5 (07 Aug 2004)
401
402 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
403 +hardened-sources-2.4.26-r5.ebuild:
404 Updated to use the new hardened-patches-2.4-26.1 patchball.
405 It adds the following features:
406 - Squashfs
407 - Ebtables
408 - Netdev random (core+drivers)
409 - Watchdog Timer (WDT) fix.
410
411 *hardened-sources-2.4.26-r4 (04 Aug 2004)
412
413 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
414 +hardened-sources-2.4.26-r4.ebuild,
415 +files/2.4.26-CAN-2004-0415.patch,
416 -hardened-sources-2.4.26-3:
417 Version bump, fix for CAN 0415, see bug #59378.
418
419 *hardened-sources-2.4.26-r3 (22 Jul 2004)
420
421 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
422 +hardened-sources-2.4.26-r3.ebuild,
423 +files/2.4.26-CAN-2004-0497.patch,
424 -hardened-sources-2.4.26-r2.ebuild:
425 Version bump, fixed CAN 0497, see bug #56171.
426
427 *hardened-sources-2.4.26-r2 (29 Jun 2004)
428
429 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
430 +hardened-sources-2.4.26-r2.ebuild,
431 +files/2.4.26-CAN-2004-0495.patch,
432 +files/2.4.26-CAN-2004-0535.patch,
433 -hardened-sources-2.4.26-r1.ebuild:
434 Fixes for both CAN 0495 and 0535, see bug #54976
435
436 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
437 hardened-sources-2.4.26-r1.ebuild:
438 QA - fix use invocation
439
440 *hardened-sources-2.4.26-r1 (22 June 2004)
441
442 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
443 +hardened-sources-2.4.26-r1.ebuild,
444 +files/2.4.26-CAN-2004-0394.patch,
445 +files/2.4.26-signal-race.patch,
446 -hardened-sources-2.4.26.ebuild,
447 -hardened-sources-2.4.24-r3.ebuild:
448 Version bump for the CAN-2004-0394 issue and bug #53804
449 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
450
451
452 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
453 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
454 Masked hardened-sources-2.4.26.ebuild broken for ppc
455
456 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
457 hardened-sources-2.4.24-r3.ebuild:
458 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
459
460 *hardened-sources-2.4.26 (29 May 2004)
461
462 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
463 +hardened-sources-2.4.26.ebuild:
464 Updated hardened-sources for the 2.4.26 kernel
465 Removed broken components, updated almost everything.
466
467 *hardened-sources-2.4.24-r3 (17 Apr 2004)
468
469 17 Apr 2004; <plasmaroo@gentoo.org>
470 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
471 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
472 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
473 +hardened-sources-2.4.24-r3.ebuild:
474 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
475 vulnerabilities. Old revisions removed.
476
477 *hardened-sources-2.4.24-r2 (15 Apr 2004)
478
479 15 Apr 2004; <plasmaroo@gentoo.org>
480 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
481 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
482 Version bump for the CAN-2004-0109 issue; bug #47881.
483
484 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
485 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
486 Add eutils to inherit.
487
488 *hardened-sources-2.4.24-r1 (19 Feb 2004)
489
490 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
491 files/hardened-sources-2.4.24.munmap.patch:
492 Added the patch for the mremap/munmap vulnerability. Bug #42024.
493
494 *hardened-sources-2.4.24 (06 Feb 2004)
495
496 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
497 hardened-sources-2.4.24.ebuild:
498 Version bump, updated most of the components.
499 This release includes the following:
500
501 - Hardened security
502 - Netfilter patch-o-matic 20031219
503 - FreeSWAN 2.04 & x509 1.4.8
504 - EVMS 2.2.2
505 - XFS 1.3.1
506 - cryptoloop jari
507 - grsecurity 2.0-rc4
508 - SELinux
509 - PaX 200402060000
510 - PaX Obscurity 200308302223
511 - Others...
512
513 Neither -ck nor systrace are included anymore.
514
515 *hardened-sources-2.4.22-r2 (05 Jan 2004)
516
517 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
518 hardened-sources-2.4.22-r2.ebuild:
519 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
520
521 *hardened-sources-2.4.22-r1 (02 Dec 2003)
522
523 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
524 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
525
526 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
527 hardened-sources-2.4.22-r1.ebuild:
528 Version bump for the 'do_brk' vulnerability.
529
530 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
531 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
532 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
533 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
534 Fix the 'do_brk' vulnerability.
535
536 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
537 hardened-sources-2.4.22.ebuild:
538 - Removed the src_install() portion for SELinux flask
539 components. These are no longer handled in the kernel
540 so this code was not necessary.
541
542 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
543 New 2.4.22 based hardened-sources thanks to
544 Phil West <p.west@computer.org>.
545
546 These sources include:
547 - New SELinux API
548 - Updated CK-base
549 - Updated GRSec
550 - Systrace
551 - SuperFreeS/WAN 1.99.8
552 - Propolice kernel build support
553 - EVMS
554 - Other various security related patches
555
556 *hardened-sources-2.4.21 (14 Sep 2003)
557
558 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
559 Updated hardened-sources based on the 2.4.21 Linux kernel.
560 This includes updates to most major components such as:
561 - ck-base-0306300059
562 - selinux-2.4-2003071106
563 - grsecurity-2.0-rc1
564 - Updated IPTables patch-o-matic
565 - Updated SuperFreeS/WAN
566
567 Thanks to Phil West <pwest@computer.org> for his work in getting this
568 updated patch set ready for the 2.4.21 based kernel.
569
570 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
571 Initial import of hardened-sources-2.4.20-r4. This revision
572 includes only a few changes, but one of these is an important
573 security fix. It is recommended all users of hardened-sources
574 upgrade to this release.
575
576 - ioperm bug fix
577 - fixed compilation failure when building without GRSec
578
579 SAL (Secure Auditing for Linux) is NOT included in this revision
580 due to time constraints, but is planned for inclusion in the near
581 future.
582
583 *hardened-sources-2.4.20-r2 (12 Jun 2003)
584
585 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
586 hardened-sources-2.4.20-r3.ebuild:
587 Add Header...
588
589 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
590 hardened-sources-2.4.20-r3.ebuild:
591 Removed warnings from ebuild. This kernel should be safe to
592 use at this point.
593
594 *hardened-sources-2.4.20-r3 (08 Jun 2003)
595
596 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
597 hardened-sources-2.4.20-r3.ebuild:
598 New revision. Includes the following changes over -r2:
599
600 - ck7-base (O(1), preempt, low latency)
601 - Super FreeS/WAN 1.99.7rc2
602 - PaX for the LSM/SELinux branch
603 - GRSecurity 2.0-pre4 (role based access control)
604 - Systrace 1.3
605 - EXT3 fixes
606 - EVMS 2.0.1
607 - GCC 3.1+ compile optimizations
608 - ProPolice kernel build support
609 - Hashing table security fixes
610
611 *hardened-sources-2.4.20-r1 (09 Apr 2003)
612
613 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
614 Initial import of hardened-sources-r2. This new
615 ebuild includes many new performance and security
616 related patches. As in -r1, it will patch in
617 LSM/SELinux if "selinux" is in USE, otherwise it
618 will patch in GRSecurity. The following patches
619 are included in this revision:
620
621 - O(1) Scheduler, Low Latency, and Preempt
622 (pulled from the base CK patch)
623 - ptrace exploit patch for the LSM kernel
624 (the GRSec patch already fixes this)
625 - LSM 2.4-2003040709
626 - SELinux 2.4-2003040709
627 - Systrace v1.2
628 - IPTables patch-o-matic base patches - 20030107
629 - CryptoAPI 2.4.20.1 w/ loop-jari patch
630 - Super FreeS/WAN 1.99.6.1
631 - GRSecurity 1.9.9g
632 - MPPE
633 - EXT3 data journal fix
634 - CIPE 1.5.4
635
636 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
637 hardened-sources-2.4.20-r1.ebuild, manifest:
638 Updated to install flask components correctly for selinux.
639
640 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
641 hardened-sources-2.4.20-r1.ebuild:
642 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
643 is patched in instead. Ptrace patches for selinux have also been added. In
644 either case, systrace support will be patched in as well.
645
646 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
647 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
648 Revision bump for new sources.
649
650 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
651 hardened-sources-2.4.20-r1.ebuild:
652 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
653
654 *hardened-sources-2.4.20 (30 Mar 2003)
655
656 30 Mar 2003; Joshua Brindle <method@gentoo.org>
657 hardened-sources-2.4.20.ebuild:
658 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20