/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.115 - (hide annotations) (download)
Sat Nov 11 14:40:16 2006 UTC (8 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.114: +7 -1 lines
Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
(Portage version: 2.1.2_rc1-r5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.115 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.114 2006/10/18 21:45:47 solar Exp $
4    
5     *hardened-sources-2.6.18 (11 Nov 2006)
6    
7     11 Nov 2006; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.18.ebuild:
9     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
10 solar 1.114
11     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
12     - mark amd64 stable also. bug #151877
13 solar 1.113
14     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
15     - mark 2.6.17-r1 stable
16 phreak 1.112
17     27 Aug 2006; Christian Heim <phreak@gentoo.org>
18     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
19     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
20 phreak 1.111
21     *hardened-sources-2.6.17-r1 (26 Aug 2006)
22    
23     26 Aug 2006; Christian Heim <phreak@gentoo.org>
24     +hardened-sources-2.6.17-r1.ebuild:
25     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
26     grsecurity patch.
27 phreak 1.110
28     *hardened-sources-2.6.17 (17 Aug 2006)
29    
30     17 Aug 2006; Christian Heim <phreak@gentoo.org>
31     +hardened-sources-2.6.17.ebuild:
32     Bumping the hardened-sources-2.6 series to 2.6.17, using
33     genpatches-2.6.17-6.base.
34 solar 1.109
35     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
36     - stable on x86 and amd64
37 solar 1.108
38     *hardened-sources-2.6.16-r11 (15 Jul 2006)
39    
40     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
41     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
42     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
43     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
44     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
45     crusty ebuilds
46 johnm 1.107
47     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
48     hardened-sources-2.6.16-r10.ebuild:
49     marking stable on x86 and amd64
50 solar 1.106
51     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
52     - 2.4.32-r6 stable on x86. RSBAC state unknown
53 kang 1.105
54     *hardened-sources-2.4.32-r7 (10 Jul 2006)
55    
56     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
57     +hardened-sources-2.4.32-r7.ebuild:
58     Bump PaX for RSBAC to test-17
59 johnm 1.104
60     *hardened-sources-2.6.16-r9 (03 Jul 2006)
61    
62     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
63     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
64     hardened-sources-2.6.16 bump to latest -base.
65 solar 1.103
66     *hardened-sources-2.4.32-r6 (30 Jun 2006)
67    
68     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
69     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
70     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
71     sysctl controlable resource logging
72 johnm 1.102
73     *hardened-sources-2.6.16-r7 (05 Jun 2006)
74    
75     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
76     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
77     push new 2.6.16 release in preparation for stable
78 solar 1.101
79     22 May 2006; <solar@gentoo.org> :
80     - redigest bug 134002
81 kang 1.100
82     *hardened-sources-2.4.32-r5 (16 May 2006)
83    
84     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
85     +hardened-sources-2.4.32-r5.ebuild:
86     Fixes rsbac common patching (new patch in new -r5 patchset)
87 solar 1.99
88     *hardened-sources-2.4.32-r4 (13 May 2006)
89    
90     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
91     +hardened-sources-2.4.32-r4.ebuild:
92     - security bumps
93 johnm 1.98
94     *hardened-sources-2.6.16-r6 (03 May 2006)
95    
96     03 May 2006; John Mylchreest <johnm@gentoo.org>
97     +hardened-sources-2.6.16-r6.ebuild:
98     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
99 johnm 1.97
100     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
101     hardened-sources-2.6.14-r8.ebuild:
102     fix x86_64 build problem, this will delay the digest issue again for a short
103     while but it will sort itself out
104 johnm 1.96
105     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
106     hardened-sources-2.6.14-r8.ebuild:
107     bump hardened patchset
108 antarus 1.94
109     27 Apr 2006; Alec Warner <antarus@gentoo.org>
110     files/digest-hardened-sources-2.4.32-r2,
111     files/digest-hardened-sources-2.4.32-r3,
112     files/digest-hardened-sources-2.6.14-r8, Manifest:
113     Fixing duff SHA256 digests: Bug # 131293
114 johnm 1.93
115 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
116    
117     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
118     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
119     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
120     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
121     cleanup of old uneccessary sources
122    
123 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
124     fix digest
125 johnm 1.92
126     *hardened-sources-2.6.14-r8 (20 Apr 2006)
127    
128     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
129     +hardened-sources-2.6.14-r8.ebuild:
130     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
131 johnm 1.91
132     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
133     Turning on gpg-signing again, and recomitting
134 johnm 1.90
135     *hardened-sources-2.6.16-r4 (20 Apr 2006)
136    
137     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
138     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
139     +hardened-sources-2.6.16-r4.ebuild:
140     Fix numerous security vulns
141 solar 1.89
142     *hardened-sources-2.4.32-r3 (16 Apr 2006)
143    
144     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
145     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
146     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
147     - security bump for bug #112791. Removed old ebuilds
148 johnm 1.88
149     *hardened-sources-2.6.16-r3 (15 Apr 2006)
150    
151     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
152     +hardened-sources-2.6.16-r3.ebuild:
153     Removing silly localversion which I missed
154 johnm 1.87
155     *hardened-sources-2.6.14-r7 (14 Apr 2006)
156    
157     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
158     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
159     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
160 johnm 1.86
161     *hardened-sources-2.6.16-r2 (13 Apr 2006)
162    
163     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
164     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
165     +hardened-sources-2.6.16-r2.ebuild:
166     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
167     labels, dropping USERGROUP define fixes, since these were merged mainstream.
168 johnm 1.85
169     *hardened-sources-2.6.16-r1 (11 Apr 2006)
170    
171     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
172     +hardened-sources-2.6.16-r1.ebuild:
173     Bumping to include ppc build fix and 2.6.16.3
174 tsunam 1.84
175     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
176     hardened-sources-2.6.14-r6.ebuild:
177     Stable on x86; bug #127718
178 johnm 1.83
179     *hardened-sources-2.6.16 (31 Mar 2006)
180    
181     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
182     +hardened-sources-2.6.16.ebuild:
183     Bumping to new version of grsec, and kernel base. New squashfs. Based on
184     2.6.16.1
185 cryos 1.82
186     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
187     hardened-sources-2.6.14-r6.ebuild:
188     Stable on amd64, bug 127718.
189 nixnut 1.81
190     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
191     Stable on ppc. Bug #127718
192 johnm 1.80
193     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
194     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
195     -hardened-sources-2.6.14-r4.ebuild:
196     Cleanup.
197 johnm 1.79
198     *hardened-sources-2.6.14-r6 (15 Mar 2006)
199    
200     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
201     +hardened-sources-2.6.14-r6.ebuild:
202     Fixes grsec policy recreation bug and adds a
203     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
204 solar 1.78
205     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
206     - stable on x86
207 hansmi 1.77
208     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
209     hardened-sources-2.6.14-r5.ebuild:
210     Stable on ppc.
211 johnm 1.76
212     *hardened-sources-2.6.14-r5 (01 Feb 2006)
213    
214     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
215     +hardened-sources-2.6.14-r5.ebuild:
216     fixing every known exploit
217 solar 1.75
218     *hardened-sources-2.4.32-r2 (26 Jan 2006)
219    
220     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
221     +hardened-sources-2.4.32-r2.ebuild:
222     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
223 solar 1.74
224     *hardened-sources-2.6.14-r4 (12 Jan 2006)
225    
226     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
227     - version bump for new genpatches which fix up a few sec holes
228 solar 1.73
229     *hardened-sources-2.4.32-r1 (05 Jan 2006)
230    
231     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
232     - revision bump to add misc vital linux kernel security patches.
233 johnm 1.72
234     *hardened-sources-2.6.14-r3 (30 Dec 2005)
235    
236     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
237     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
238     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
239 johnm 1.71
240     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
241     hardened-sources-2.6.14-r2.ebuild:
242     making x86 & amd64 stable following testing.
243 johnm 1.70
244     *hardened-sources-2.6.14-r2 (27 Dec 2005)
245    
246     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
247     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
248     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
249     network hooks.
250 johnm 1.69
251     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
252     hardened-sources-2.6.14-r1.ebuild:
253     bumping to stable early for sec fix on x86 & amd64
254 johnm 1.68
255     *hardened-sources-2.6.14-r1 (05 Dec 2005)
256    
257     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
258     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
259     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
260 solar 1.67
261     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
262     - stable on x86 security bug #114227 CAN-2005-3257
263 kang 1.66
264     *hardened-sources-2.4.32 (19 Nov 2005)
265    
266     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
267     +hardened-sources-2.4.32.ebuild:
268     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
269     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
270     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
271     rsbac >> /etc/portage/package.use)
272 johnm 1.65
273     *hardened-sources-2.6.14 (14 Nov 2005)
274    
275     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
276     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
277     Bumping 2.6 series to 2.6.14.2
278 johnm 1.64
279     *hardened-sources-2.6.13-r2 (20 Oct 2005)
280    
281     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
282     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
283     +hardened-sources-2.6.13-r2.ebuild:
284     Fixes minor build error in ppc.
285 johnm 1.63
286     *hardened-sources-2.6.13-r1 (17 Oct 2005)
287    
288     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
289     +hardened-sources-2.6.13-r1.ebuild:
290     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
291     2.6.13.4, fixes some major amd64 stability problems.
292 johnm 1.62
293     *hardened-sources-2.6.13 (16 Sep 2005)
294    
295     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
296     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
297     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
298     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
299     users should test this thoroughly.
300 solar 1.61
301     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
302     - stable on x86
303 johnm 1.60
304     *hardened-sources-2.6.11-r15 (27 Jun 2005)
305    
306     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
307     +hardened-sources-2.6.11-r15.ebuild:
308     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
309     grsec redefining curr_ip struct.
310 solar 1.59
311     *hardened-sources-2.4.31 (20 Jun 2005)
312    
313     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
314     initial import of 2.4.31 tree
315 johnm 1.58
316     *hardened-sources-2.6.11-r14 (14 Jun 2005)
317    
318     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
319     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
320     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
321     naming scheme to abide by genpatches
322 johnm 1.57
323     *hardened-sources-2.6.11-r13 (18 May 2005)
324    
325     18 May 2005; John Mylchreest <johnm@gentoo.org>
326     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
327     Managed to mangle the Makefile patch from grsec, to miss out the grsec
328     target. sorry about that. Fixes bug #93022
329 johnm 1.56
330     *hardened-sources-2.6.11-r12 (17 May 2005)
331    
332     17 May 2005; John Mylchreest <johnm@gentoo.org>
333     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
334     +hardened-sources-2.6.11-r12.ebuild:
335     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
336     merges in genpatches-base
337 johnm 1.55
338     *hardened-sources-2.6.11-r12 (17 May 2005)
339    
340     17 May 2005; John Mylchreest <johnm@gentoo.org>
341     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
342     +hardened-sources-2.6.11-r12.ebuild:
343     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
344     merges in genpatches-base
345 solar 1.54
346     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
347     -files/2.4.27-cmdline-race.patch,
348     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
349     -files/2.4.28-grsec-binfmt_a.out.patch,
350     -files/2.4.28-grsec-cmdline-race.patch,
351     -files/2.4.28-selinux-binfmt_a.out.patch,
352     -files/2.4.28-selinux-cmdline-race.patch,
353     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
354     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
355     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
356     cleanup..
357 solar 1.53
358     *hardened-sources-2.4.30-r1 (21 Apr 2005)
359    
360     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
361     - disable aout by default
362 solar 1.52
363     *hardened-sources-2.4.30 (18 Apr 2005)
364    
365     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
366     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
367     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
368     use
369 tocharian 1.50
370 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
371    
372     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
373     +hardened-sources-2.4.29.ebuild:
374     New hardened-patches-2.4-29.0 patchball.
375     Removed SELinux support, upgraded GRSecurity to 2.1.4.
376    
377     *hardened-sources-2.4.28-r5 (06 Mar 2005)
378    
379     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
380     +hardened-sources-2.4.28-r5.ebuild:
381     Added a fix for a PaX vulnerability.
382    
383     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
384 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
385     Stable on x86
386 solar 1.49
387     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
388     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
389     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
390     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
391     - fixed/added RDEPEND= in all kernel-2 ebuilds
392 tocharian 1.48
393     *hardened-sources-2.4.28-r4 (21 Jan 2005)
394    
395     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
396     +hardened-sources-2.4.28-r4.ebuild:
397     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
398     backport of neighbour hash updates.
399 tocharian 1.47
400     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
401     hardened-sources-2.4.28-r3.ebuild:
402     Stable on x86
403 tseng 1.46
404     *hardened-sources-2.6.10-r3 (20 Jan 2005)
405    
406     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
407     +hardened-sources-2.6.10-r3.ebuild:
408     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
409     in 2005.0
410 tocharian 1.45
411     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
412     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
413     hardened-sources-2.4.28-r2.ebuild:
414     Mark stable on x86
415 tocharian 1.44
416     *hardened-sources-2.4.28-r3 (17 Jan 2005)
417    
418     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
419     +hardened-sources-2.4.28-r3.ebuild:
420     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
421 tocharian 1.43
422     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
423     hardened-sources-2.4.28.ebuild:
424     Mark stable on x86.
425 tocharian 1.42
426     *hardened-sources-2.4.28-r2 (13 Jan 2005)
427    
428     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
429     +hardened-sources-2.4.28-r2.ebuild:
430     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
431     Mazinger for grsecurity patches as well.
432 plasmaroo 1.41
433     *hardened-sources-2.4.28-r1 (23 Dec 2004)
434    
435     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
436     Security bump. Thank tocharian for rolling a new patchset...
437 solar 1.40
438     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
439     +files/2.4.28-grsec-cmdline-race.patch,
440     +files/2.4.28-selinux-binfmt_a.out.patch,
441     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
442     - Round up remaining security patches that appear to be missing in 2.4.28. -
443     PaX standalone updated to current. hgpv=28.1
444 solar 1.39
445     *hardened-sources-2.4.28 (28 Nov 2004)
446    
447     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
448     security bump. Thank tocharian for rolling a new patchset
449 scox 1.31
450 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
451    
452     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
453     +hardened-sources-2.4.27-r3.ebuild:
454     Applies the new 2.4-27.2 patchball which updates
455     GRSecurity to the 2.0.1 version.
456    
457 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
458    
459     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
460     +hardened-sources-2.4.27-r2.ebuild:
461     Version bump.
462     This version uses the new 2.4-27.1 patchball which updates
463     both the SELinux PaX hooks patch and the SELinux headers.
464    
465 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
466    
467     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
468     +hardened-sources-2.4.27-r1.ebuild,
469     -hardened-sources-2.4.27.ebuild,
470     +files/2.4.27-cmdline-race.patch:
471     Version bump, fix for cmdline race. See bug #59905.
472    
473     *hardened-sources-2.4.26-r6 (09 Aug 2004)
474    
475     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
476     +hardened-sources-2.4.26-r6.ebuild,
477     -hardened-sources-2.4.26-r5.ebuild,
478     -hardened-sources-2.4.26-r4.ebuild,
479     +files/2.4.26-cmdline-race.patch:
480     Version bump, fix for cmdline race. See bug #59905.
481    
482 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
483    
484     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
485     +hardened-sources-2.4.27.ebuild,
486     +files/2.4.27-CAN-2004-0394.patch:
487     Ported the patchball to the 2.4.27 kernel version.
488    
489 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
490    
491     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
492     +hardened-sources-2.4.26-r5.ebuild:
493 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
494 scox 1.34 It adds the following features:
495     - Squashfs
496     - Ebtables
497     - Netdev random (core+drivers)
498     - Watchdog Timer (WDT) fix.
499    
500 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
501    
502     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
503     +hardened-sources-2.4.26-r4.ebuild,
504     +files/2.4.26-CAN-2004-0415.patch,
505     -hardened-sources-2.4.26-3:
506     Version bump, fix for CAN 0415, see bug #59378.
507    
508 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
509    
510     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
511     +hardened-sources-2.4.26-r3.ebuild,
512     +files/2.4.26-CAN-2004-0497.patch,
513     -hardened-sources-2.4.26-r2.ebuild:
514     Version bump, fixed CAN 0497, see bug #56171.
515    
516 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
517    
518     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
519 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
520 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
521     +files/2.4.26-CAN-2004-0535.patch,
522     -hardened-sources-2.4.26-r1.ebuild:
523     Fixes for both CAN 0495 and 0535, see bug #54976
524 pvdabeel 1.27
525 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
526     hardened-sources-2.4.26-r1.ebuild:
527     QA - fix use invocation
528 scox 1.28
529     *hardened-sources-2.4.26-r1 (22 June 2004)
530    
531     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
532     +hardened-sources-2.4.26-r1.ebuild,
533     +files/2.4.26-CAN-2004-0394.patch,
534     +files/2.4.26-signal-race.patch,
535     -hardened-sources-2.4.26.ebuild,
536     -hardened-sources-2.4.24-r3.ebuild:
537     Version bump for the CAN-2004-0394 issue and bug #53804
538     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
539    
540    
541 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
542     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
543     Masked hardened-sources-2.4.26.ebuild broken for ppc
544    
545     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
546     hardened-sources-2.4.24-r3.ebuild:
547     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
548 plasmaroo 1.25
549 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
550    
551     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
552     +hardened-sources-2.4.26.ebuild:
553     Updated hardened-sources for the 2.4.26 kernel
554     Removed broken components, updated almost everything.
555    
556 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
557    
558     17 Apr 2004; <plasmaroo@gentoo.org>
559     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
560     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
561     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
562     +hardened-sources-2.4.24-r3.ebuild:
563     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
564     vulnerabilities. Old revisions removed.
565 plasmaroo 1.24
566     *hardened-sources-2.4.24-r2 (15 Apr 2004)
567    
568     15 Apr 2004; <plasmaroo@gentoo.org>
569     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
570     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
571     Version bump for the CAN-2004-0109 issue; bug #47881.
572 aliz 1.23
573     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
574     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
575     Add eutils to inherit.
576 plasmaroo 1.22
577     *hardened-sources-2.4.24-r1 (19 Feb 2004)
578    
579     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
580     files/hardened-sources-2.4.24.munmap.patch:
581     Added the patch for the mremap/munmap vulnerability. Bug #42024.
582 scox 1.19
583 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
584 scox 1.26
585 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
586     hardened-sources-2.4.24.ebuild:
587     Version bump, updated most of the components.
588     This release includes the following:
589    
590     - Hardened security
591     - Netfilter patch-o-matic 20031219
592     - FreeSWAN 2.04 & x509 1.4.8
593     - EVMS 2.2.2
594     - XFS 1.3.1
595     - cryptoloop jari
596     - grsecurity 2.0-rc4
597     - SELinux
598     - PaX 200402060000
599     - PaX Obscurity 200308302223
600     - Others...
601    
602     Neither -ck nor systrace are included anymore.
603    
604 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
605    
606     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
607     hardened-sources-2.4.22-r2.ebuild:
608 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
609 scox 1.19
610     *hardened-sources-2.4.22-r1 (02 Dec 2003)
611 iggy 1.17
612     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
613 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
614 iggy 1.16
615     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
616 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
617     Version bump for the 'do_brk' vulnerability.
618 iggy 1.15
619     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
620     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
621     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
622     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
623 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
624 frogger 1.14
625     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
626     hardened-sources-2.4.22.ebuild:
627 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
628     components. These are no longer handled in the kernel
629     so this code was not necessary.
630 frogger 1.13
631     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
632     New 2.4.22 based hardened-sources thanks to
633     Phil West <p.west@computer.org>.
634    
635     These sources include:
636 plasmaroo 1.18 - New SELinux API
637     - Updated CK-base
638     - Updated GRSec
639     - Systrace
640     - SuperFreeS/WAN 1.99.8
641     - Propolice kernel build support
642     - EVMS
643     - Other various security related patches
644 frogger 1.11
645 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
646    
647     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
648     Updated hardened-sources based on the 2.4.21 Linux kernel.
649     This includes updates to most major components such as:
650 plasmaroo 1.18 - ck-base-0306300059
651     - selinux-2.4-2003071106
652     - grsecurity-2.0-rc1
653     - Updated IPTables patch-o-matic
654     - Updated SuperFreeS/WAN
655    
656 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
657     updated patch set ready for the 2.4.21 based kernel.
658    
659 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
660     Initial import of hardened-sources-2.4.20-r4. This revision
661     includes only a few changes, but one of these is an important
662     security fix. It is recommended all users of hardened-sources
663     upgrade to this release.
664 plasmaroo 1.18
665 frogger 1.11 - ioperm bug fix
666     - fixed compilation failure when building without GRSec
667 plasmaroo 1.18
668 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
669     due to time constraints, but is planned for inclusion in the near
670     future.
671 msterret 1.10
672     *hardened-sources-2.4.20-r2 (12 Jun 2003)
673    
674     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
675     hardened-sources-2.4.20-r3.ebuild:
676 plasmaroo 1.18 Add Header...
677 frogger 1.9
678     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
679     hardened-sources-2.4.20-r3.ebuild:
680     Removed warnings from ebuild. This kernel should be safe to
681     use at this point.
682 frogger 1.8
683     *hardened-sources-2.4.20-r3 (08 Jun 2003)
684    
685     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
686     hardened-sources-2.4.20-r3.ebuild:
687     New revision. Includes the following changes over -r2:
688 plasmaroo 1.18
689 frogger 1.8 - ck7-base (O(1), preempt, low latency)
690     - Super FreeS/WAN 1.99.7rc2
691     - PaX for the LSM/SELinux branch
692     - GRSecurity 2.0-pre4 (role based access control)
693     - Systrace 1.3
694     - EXT3 fixes
695     - EVMS 2.0.1
696     - GCC 3.1+ compile optimizations
697     - ProPolice kernel build support
698     - Hashing table security fixes
699 frogger 1.3
700     *hardened-sources-2.4.20-r1 (09 Apr 2003)
701 frogger 1.7
702     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
703     Initial import of hardened-sources-r2. This new
704     ebuild includes many new performance and security
705     related patches. As in -r1, it will patch in
706     LSM/SELinux if "selinux" is in USE, otherwise it
707     will patch in GRSecurity. The following patches
708     are included in this revision:
709 plasmaroo 1.18
710 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
711     (pulled from the base CK patch)
712     - ptrace exploit patch for the LSM kernel
713     (the GRSec patch already fixes this)
714     - LSM 2.4-2003040709
715     - SELinux 2.4-2003040709
716     - Systrace v1.2
717     - IPTables patch-o-matic base patches - 20030107
718     - CryptoAPI 2.4.20.1 w/ loop-jari patch
719     - Super FreeS/WAN 1.99.6.1
720     - GRSecurity 1.9.9g
721     - MPPE
722     - EXT3 data journal fix
723     - CIPE 1.5.4
724 frogger 1.6
725     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
726     hardened-sources-2.4.20-r1.ebuild, manifest:
727 plasmaroo 1.18 Updated to install flask components correctly for selinux.
728 frogger 1.5
729     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
730     hardened-sources-2.4.20-r1.ebuild:
731     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
732     is patched in instead. Ptrace patches for selinux have also been added. In
733     either case, systrace support will be patched in as well.
734 frogger 1.3
735     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
736     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
737 plasmaroo 1.18 Revision bump for new sources.
738 frogger 1.4
739 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
740 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
741 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
742 method 1.1
743 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
744    
745 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
746     hardened-sources-2.4.20.ebuild:
747 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20