/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.50 - (show annotations) (download)
Thu Jan 27 06:31:15 2005 UTC (11 years, 7 months ago) by tocharian
Branch: MAIN
Changes since 1.49: +5 -1 lines
2.4.28-r4 stable on x86
(Portage version: 2.0.51-r14)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.49 2005/01/24 01:56:13 solar Exp $
4
5 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
6 hardened-sources-2.4.28-r4.ebuild:
7 Stable on x86
8
9 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
10 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
11 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
12 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
13 - fixed/added RDEPEND= in all kernel-2 ebuilds
14
15 *hardened-sources-2.4.28-r4 (21 Jan 2005)
16
17 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
18 +hardened-sources-2.4.28-r4.ebuild:
19 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
20 backport of neighbour hash updates.
21
22 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
23 hardened-sources-2.4.28-r3.ebuild:
24 Stable on x86
25
26 *hardened-sources-2.6.10-r3 (20 Jan 2005)
27
28 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
29 +hardened-sources-2.6.10-r3.ebuild:
30 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
31 in 2005.0
32
33 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
34 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
35 hardened-sources-2.4.28-r2.ebuild:
36 Mark stable on x86
37
38 *hardened-sources-2.4.28-r3 (17 Jan 2005)
39
40 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
41 +hardened-sources-2.4.28-r3.ebuild:
42 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
43
44 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
45 hardened-sources-2.4.28.ebuild:
46 Mark stable on x86.
47
48 *hardened-sources-2.4.28-r2 (13 Jan 2005)
49
50 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
51 +hardened-sources-2.4.28-r2.ebuild:
52 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
53 Mazinger for grsecurity patches as well.
54
55 *hardened-sources-2.4.28-r1 (23 Dec 2004)
56
57 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
58 Security bump. Thank tocharian for rolling a new patchset...
59
60 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
61 +files/2.4.28-grsec-cmdline-race.patch,
62 +files/2.4.28-selinux-binfmt_a.out.patch,
63 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
64 - Round up remaining security patches that appear to be missing in 2.4.28. -
65 PaX standalone updated to current. hgpv=28.1
66
67 *hardened-sources-2.4.28 (28 Nov 2004)
68
69 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
70 security bump. Thank tocharian for rolling a new patchset
71
72 *hardened-sources-2.4.27-r3 (08 Sep 2004)
73
74 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
75 +hardened-sources-2.4.27-r3.ebuild:
76 Applies the new 2.4-27.2 patchball which updates
77 GRSecurity to the 2.0.1 version.
78
79 *hardened-sources-2.4.27-r2 (31 Aug 2004)
80
81 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
82 +hardened-sources-2.4.27-r2.ebuild:
83 Version bump.
84 This version uses the new 2.4-27.1 patchball which updates
85 both the SELinux PaX hooks patch and the SELinux headers.
86
87 *hardened-sources-2.4.27-r1 (09 Aug 2004)
88
89 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
90 +hardened-sources-2.4.27-r1.ebuild,
91 -hardened-sources-2.4.27.ebuild,
92 +files/2.4.27-cmdline-race.patch:
93 Version bump, fix for cmdline race. See bug #59905.
94
95 *hardened-sources-2.4.26-r6 (09 Aug 2004)
96
97 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
98 +hardened-sources-2.4.26-r6.ebuild,
99 -hardened-sources-2.4.26-r5.ebuild,
100 -hardened-sources-2.4.26-r4.ebuild,
101 +files/2.4.26-cmdline-race.patch:
102 Version bump, fix for cmdline race. See bug #59905.
103
104 *hardened-sources-2.4.27 (08 Aug 2004)
105
106 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
107 +hardened-sources-2.4.27.ebuild,
108 +files/2.4.27-CAN-2004-0394.patch:
109 Ported the patchball to the 2.4.27 kernel version.
110
111 *hardened-sources-2.4.26-r5 (07 Aug 2004)
112
113 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
114 +hardened-sources-2.4.26-r5.ebuild:
115 Updated to use the new hardened-patches-2.4-26.1 patchball.
116 It adds the following features:
117 - Squashfs
118 - Ebtables
119 - Netdev random (core+drivers)
120 - Watchdog Timer (WDT) fix.
121
122 *hardened-sources-2.4.26-r4 (04 Aug 2004)
123
124 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
125 +hardened-sources-2.4.26-r4.ebuild,
126 +files/2.4.26-CAN-2004-0415.patch,
127 -hardened-sources-2.4.26-3:
128 Version bump, fix for CAN 0415, see bug #59378.
129
130 *hardened-sources-2.4.26-r3 (22 Jul 2004)
131
132 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
133 +hardened-sources-2.4.26-r3.ebuild,
134 +files/2.4.26-CAN-2004-0497.patch,
135 -hardened-sources-2.4.26-r2.ebuild:
136 Version bump, fixed CAN 0497, see bug #56171.
137
138 *hardened-sources-2.4.26-r2 (29 Jun 2004)
139
140 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
141 +hardened-sources-2.4.26-r2.ebuild,
142 +files/2.4.26-CAN-2004-0495.patch,
143 +files/2.4.26-CAN-2004-0535.patch,
144 -hardened-sources-2.4.26-r1.ebuild:
145 Fixes for both CAN 0495 and 0535, see bug #54976
146
147 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
148 hardened-sources-2.4.26-r1.ebuild:
149 QA - fix use invocation
150
151 *hardened-sources-2.4.26-r1 (22 June 2004)
152
153 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
154 +hardened-sources-2.4.26-r1.ebuild,
155 +files/2.4.26-CAN-2004-0394.patch,
156 +files/2.4.26-signal-race.patch,
157 -hardened-sources-2.4.26.ebuild,
158 -hardened-sources-2.4.24-r3.ebuild:
159 Version bump for the CAN-2004-0394 issue and bug #53804
160 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
161
162
163 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
164 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
165 Masked hardened-sources-2.4.26.ebuild broken for ppc
166
167 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
168 hardened-sources-2.4.24-r3.ebuild:
169 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
170
171 *hardened-sources-2.4.26 (29 May 2004)
172
173 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
174 +hardened-sources-2.4.26.ebuild:
175 Updated hardened-sources for the 2.4.26 kernel
176 Removed broken components, updated almost everything.
177
178 *hardened-sources-2.4.24-r3 (17 Apr 2004)
179
180 17 Apr 2004; <plasmaroo@gentoo.org>
181 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
182 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
183 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
184 +hardened-sources-2.4.24-r3.ebuild:
185 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
186 vulnerabilities. Old revisions removed.
187
188 *hardened-sources-2.4.24-r2 (15 Apr 2004)
189
190 15 Apr 2004; <plasmaroo@gentoo.org>
191 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
192 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
193 Version bump for the CAN-2004-0109 issue; bug #47881.
194
195 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
196 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
197 Add eutils to inherit.
198
199 *hardened-sources-2.4.24-r1 (19 Feb 2004)
200
201 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
202 files/hardened-sources-2.4.24.munmap.patch:
203 Added the patch for the mremap/munmap vulnerability. Bug #42024.
204
205 *hardened-sources-2.4.24 (06 Feb 2004)
206
207 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
208 hardened-sources-2.4.24.ebuild:
209 Version bump, updated most of the components.
210 This release includes the following:
211
212 - Hardened security
213 - Netfilter patch-o-matic 20031219
214 - FreeSWAN 2.04 & x509 1.4.8
215 - EVMS 2.2.2
216 - XFS 1.3.1
217 - cryptoloop jari
218 - grsecurity 2.0-rc4
219 - SELinux
220 - PaX 200402060000
221 - PaX Obscurity 200308302223
222 - Others...
223
224 Neither -ck nor systrace are included anymore.
225
226 *hardened-sources-2.4.22-r2 (05 Jan 2004)
227
228 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
229 hardened-sources-2.4.22-r2.ebuild:
230 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
231
232 *hardened-sources-2.4.22-r1 (02 Dec 2003)
233
234 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
235 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
236
237 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
238 hardened-sources-2.4.22-r1.ebuild:
239 Version bump for the 'do_brk' vulnerability.
240
241 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
242 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
243 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
244 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
245 Fix the 'do_brk' vulnerability.
246
247 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
248 hardened-sources-2.4.22.ebuild:
249 - Removed the src_install() portion for SELinux flask
250 components. These are no longer handled in the kernel
251 so this code was not necessary.
252
253 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
254 New 2.4.22 based hardened-sources thanks to
255 Phil West <p.west@computer.org>.
256
257 These sources include:
258 - New SELinux API
259 - Updated CK-base
260 - Updated GRSec
261 - Systrace
262 - SuperFreeS/WAN 1.99.8
263 - Propolice kernel build support
264 - EVMS
265 - Other various security related patches
266
267 *hardened-sources-2.4.21 (14 Sep 2003)
268
269 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
270 Updated hardened-sources based on the 2.4.21 Linux kernel.
271 This includes updates to most major components such as:
272 - ck-base-0306300059
273 - selinux-2.4-2003071106
274 - grsecurity-2.0-rc1
275 - Updated IPTables patch-o-matic
276 - Updated SuperFreeS/WAN
277
278 Thanks to Phil West <pwest@computer.org> for his work in getting this
279 updated patch set ready for the 2.4.21 based kernel.
280
281 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
282 Initial import of hardened-sources-2.4.20-r4. This revision
283 includes only a few changes, but one of these is an important
284 security fix. It is recommended all users of hardened-sources
285 upgrade to this release.
286
287 - ioperm bug fix
288 - fixed compilation failure when building without GRSec
289
290 SAL (Secure Auditing for Linux) is NOT included in this revision
291 due to time constraints, but is planned for inclusion in the near
292 future.
293
294 *hardened-sources-2.4.20-r2 (12 Jun 2003)
295
296 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
297 hardened-sources-2.4.20-r3.ebuild:
298 Add Header...
299
300 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
301 hardened-sources-2.4.20-r3.ebuild:
302 Removed warnings from ebuild. This kernel should be safe to
303 use at this point.
304
305 *hardened-sources-2.4.20-r3 (08 Jun 2003)
306
307 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
308 hardened-sources-2.4.20-r3.ebuild:
309 New revision. Includes the following changes over -r2:
310
311 - ck7-base (O(1), preempt, low latency)
312 - Super FreeS/WAN 1.99.7rc2
313 - PaX for the LSM/SELinux branch
314 - GRSecurity 2.0-pre4 (role based access control)
315 - Systrace 1.3
316 - EXT3 fixes
317 - EVMS 2.0.1
318 - GCC 3.1+ compile optimizations
319 - ProPolice kernel build support
320 - Hashing table security fixes
321
322 *hardened-sources-2.4.20-r1 (09 Apr 2003)
323
324 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
325 Initial import of hardened-sources-r2. This new
326 ebuild includes many new performance and security
327 related patches. As in -r1, it will patch in
328 LSM/SELinux if "selinux" is in USE, otherwise it
329 will patch in GRSecurity. The following patches
330 are included in this revision:
331
332 - O(1) Scheduler, Low Latency, and Preempt
333 (pulled from the base CK patch)
334 - ptrace exploit patch for the LSM kernel
335 (the GRSec patch already fixes this)
336 - LSM 2.4-2003040709
337 - SELinux 2.4-2003040709
338 - Systrace v1.2
339 - IPTables patch-o-matic base patches - 20030107
340 - CryptoAPI 2.4.20.1 w/ loop-jari patch
341 - Super FreeS/WAN 1.99.6.1
342 - GRSecurity 1.9.9g
343 - MPPE
344 - EXT3 data journal fix
345 - CIPE 1.5.4
346
347 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
348 hardened-sources-2.4.20-r1.ebuild, manifest:
349 Updated to install flask components correctly for selinux.
350
351 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
352 hardened-sources-2.4.20-r1.ebuild:
353 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
354 is patched in instead. Ptrace patches for selinux have also been added. In
355 either case, systrace support will be patched in as well.
356
357 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
358 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
359 Revision bump for new sources.
360
361 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
362 hardened-sources-2.4.20-r1.ebuild:
363 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
364
365 *hardened-sources-2.4.20 (30 Mar 2003)
366
367 30 Mar 2003; Joshua Brindle <method@gentoo.org>
368 hardened-sources-2.4.20.ebuild:
369 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20