/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.76 - (show annotations) (download)
Wed Feb 1 00:08:36 2006 UTC (9 years, 2 months ago) by johnm
Branch: MAIN
Changes since 1.75: +7 -1 lines
fixing known exploits
(Portage version: 2.1_pre4-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.75 2006/01/27 01:24:24 solar Exp $
4
5 *hardened-sources-2.6.14-r5 (01 Feb 2006)
6
7 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
8 +hardened-sources-2.6.14-r5.ebuild:
9 fixing every known exploit
10
11 *hardened-sources-2.4.32-r2 (26 Jan 2006)
12
13 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
14 +hardened-sources-2.4.32-r2.ebuild:
15 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
16
17 *hardened-sources-2.6.14-r4 (12 Jan 2006)
18
19 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
20 - version bump for new genpatches which fix up a few sec holes
21
22 *hardened-sources-2.4.32-r1 (05 Jan 2006)
23
24 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
25 - revision bump to add misc vital linux kernel security patches.
26
27 *hardened-sources-2.6.14-r3 (30 Dec 2005)
28
29 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
30 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
31 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
32
33 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
34 hardened-sources-2.6.14-r2.ebuild:
35 making x86 & amd64 stable following testing.
36
37 *hardened-sources-2.6.14-r2 (27 Dec 2005)
38
39 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
40 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
41 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
42 network hooks.
43
44 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
45 hardened-sources-2.6.14-r1.ebuild:
46 bumping to stable early for sec fix on x86 & amd64
47
48 *hardened-sources-2.6.14-r1 (05 Dec 2005)
49
50 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
51 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
52 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
53
54 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
55 - stable on x86 security bug #114227 CAN-2005-3257
56
57 *hardened-sources-2.4.32 (19 Nov 2005)
58
59 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
60 +hardened-sources-2.4.32.ebuild:
61 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
62 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
63 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
64 rsbac >> /etc/portage/package.use)
65
66 *hardened-sources-2.6.14 (14 Nov 2005)
67
68 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
69 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
70 Bumping 2.6 series to 2.6.14.2
71
72 *hardened-sources-2.6.13-r2 (20 Oct 2005)
73
74 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
75 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
76 +hardened-sources-2.6.13-r2.ebuild:
77 Fixes minor build error in ppc.
78
79 *hardened-sources-2.6.13-r1 (17 Oct 2005)
80
81 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
82 +hardened-sources-2.6.13-r1.ebuild:
83 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
84 2.6.13.4, fixes some major amd64 stability problems.
85
86 *hardened-sources-2.6.13 (16 Sep 2005)
87
88 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
89 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
90 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
91 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
92 users should test this thoroughly.
93
94 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
95 - stable on x86
96
97 *hardened-sources-2.6.11-r15 (27 Jun 2005)
98
99 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
100 +hardened-sources-2.6.11-r15.ebuild:
101 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
102 grsec redefining curr_ip struct.
103
104 *hardened-sources-2.4.31 (20 Jun 2005)
105
106 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
107 initial import of 2.4.31 tree
108
109 *hardened-sources-2.6.11-r14 (14 Jun 2005)
110
111 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
112 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
113 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
114 naming scheme to abide by genpatches
115
116 *hardened-sources-2.6.11-r13 (18 May 2005)
117
118 18 May 2005; John Mylchreest <johnm@gentoo.org>
119 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
120 Managed to mangle the Makefile patch from grsec, to miss out the grsec
121 target. sorry about that. Fixes bug #93022
122
123 *hardened-sources-2.6.11-r12 (17 May 2005)
124
125 17 May 2005; John Mylchreest <johnm@gentoo.org>
126 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
127 +hardened-sources-2.6.11-r12.ebuild:
128 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
129 merges in genpatches-base
130
131 *hardened-sources-2.6.11-r12 (17 May 2005)
132
133 17 May 2005; John Mylchreest <johnm@gentoo.org>
134 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
135 +hardened-sources-2.6.11-r12.ebuild:
136 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
137 merges in genpatches-base
138
139 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
140 -files/2.4.27-cmdline-race.patch,
141 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
142 -files/2.4.28-grsec-binfmt_a.out.patch,
143 -files/2.4.28-grsec-cmdline-race.patch,
144 -files/2.4.28-selinux-binfmt_a.out.patch,
145 -files/2.4.28-selinux-cmdline-race.patch,
146 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
147 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
148 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
149 cleanup..
150
151 *hardened-sources-2.4.30-r1 (21 Apr 2005)
152
153 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
154 - disable aout by default
155
156 *hardened-sources-2.4.30 (18 Apr 2005)
157
158 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
159 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
160 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
161 use
162
163 *hardened-sources-2.4.29 (30 Mar 2005)
164
165 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
166 +hardened-sources-2.4.29.ebuild:
167 New hardened-patches-2.4-29.0 patchball.
168 Removed SELinux support, upgraded GRSecurity to 2.1.4.
169
170 *hardened-sources-2.4.28-r5 (06 Mar 2005)
171
172 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
173 +hardened-sources-2.4.28-r5.ebuild:
174 Added a fix for a PaX vulnerability.
175
176 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
177 hardened-sources-2.4.28-r4.ebuild:
178 Stable on x86
179
180 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
181 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
182 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
183 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
184 - fixed/added RDEPEND= in all kernel-2 ebuilds
185
186 *hardened-sources-2.4.28-r4 (21 Jan 2005)
187
188 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
189 +hardened-sources-2.4.28-r4.ebuild:
190 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
191 backport of neighbour hash updates.
192
193 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
194 hardened-sources-2.4.28-r3.ebuild:
195 Stable on x86
196
197 *hardened-sources-2.6.10-r3 (20 Jan 2005)
198
199 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
200 +hardened-sources-2.6.10-r3.ebuild:
201 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
202 in 2005.0
203
204 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
205 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
206 hardened-sources-2.4.28-r2.ebuild:
207 Mark stable on x86
208
209 *hardened-sources-2.4.28-r3 (17 Jan 2005)
210
211 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
212 +hardened-sources-2.4.28-r3.ebuild:
213 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
214
215 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
216 hardened-sources-2.4.28.ebuild:
217 Mark stable on x86.
218
219 *hardened-sources-2.4.28-r2 (13 Jan 2005)
220
221 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
222 +hardened-sources-2.4.28-r2.ebuild:
223 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
224 Mazinger for grsecurity patches as well.
225
226 *hardened-sources-2.4.28-r1 (23 Dec 2004)
227
228 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
229 Security bump. Thank tocharian for rolling a new patchset...
230
231 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
232 +files/2.4.28-grsec-cmdline-race.patch,
233 +files/2.4.28-selinux-binfmt_a.out.patch,
234 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
235 - Round up remaining security patches that appear to be missing in 2.4.28. -
236 PaX standalone updated to current. hgpv=28.1
237
238 *hardened-sources-2.4.28 (28 Nov 2004)
239
240 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
241 security bump. Thank tocharian for rolling a new patchset
242
243 *hardened-sources-2.4.27-r3 (08 Sep 2004)
244
245 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
246 +hardened-sources-2.4.27-r3.ebuild:
247 Applies the new 2.4-27.2 patchball which updates
248 GRSecurity to the 2.0.1 version.
249
250 *hardened-sources-2.4.27-r2 (31 Aug 2004)
251
252 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
253 +hardened-sources-2.4.27-r2.ebuild:
254 Version bump.
255 This version uses the new 2.4-27.1 patchball which updates
256 both the SELinux PaX hooks patch and the SELinux headers.
257
258 *hardened-sources-2.4.27-r1 (09 Aug 2004)
259
260 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
261 +hardened-sources-2.4.27-r1.ebuild,
262 -hardened-sources-2.4.27.ebuild,
263 +files/2.4.27-cmdline-race.patch:
264 Version bump, fix for cmdline race. See bug #59905.
265
266 *hardened-sources-2.4.26-r6 (09 Aug 2004)
267
268 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
269 +hardened-sources-2.4.26-r6.ebuild,
270 -hardened-sources-2.4.26-r5.ebuild,
271 -hardened-sources-2.4.26-r4.ebuild,
272 +files/2.4.26-cmdline-race.patch:
273 Version bump, fix for cmdline race. See bug #59905.
274
275 *hardened-sources-2.4.27 (08 Aug 2004)
276
277 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
278 +hardened-sources-2.4.27.ebuild,
279 +files/2.4.27-CAN-2004-0394.patch:
280 Ported the patchball to the 2.4.27 kernel version.
281
282 *hardened-sources-2.4.26-r5 (07 Aug 2004)
283
284 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
285 +hardened-sources-2.4.26-r5.ebuild:
286 Updated to use the new hardened-patches-2.4-26.1 patchball.
287 It adds the following features:
288 - Squashfs
289 - Ebtables
290 - Netdev random (core+drivers)
291 - Watchdog Timer (WDT) fix.
292
293 *hardened-sources-2.4.26-r4 (04 Aug 2004)
294
295 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
296 +hardened-sources-2.4.26-r4.ebuild,
297 +files/2.4.26-CAN-2004-0415.patch,
298 -hardened-sources-2.4.26-3:
299 Version bump, fix for CAN 0415, see bug #59378.
300
301 *hardened-sources-2.4.26-r3 (22 Jul 2004)
302
303 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
304 +hardened-sources-2.4.26-r3.ebuild,
305 +files/2.4.26-CAN-2004-0497.patch,
306 -hardened-sources-2.4.26-r2.ebuild:
307 Version bump, fixed CAN 0497, see bug #56171.
308
309 *hardened-sources-2.4.26-r2 (29 Jun 2004)
310
311 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
312 +hardened-sources-2.4.26-r2.ebuild,
313 +files/2.4.26-CAN-2004-0495.patch,
314 +files/2.4.26-CAN-2004-0535.patch,
315 -hardened-sources-2.4.26-r1.ebuild:
316 Fixes for both CAN 0495 and 0535, see bug #54976
317
318 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
319 hardened-sources-2.4.26-r1.ebuild:
320 QA - fix use invocation
321
322 *hardened-sources-2.4.26-r1 (22 June 2004)
323
324 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
325 +hardened-sources-2.4.26-r1.ebuild,
326 +files/2.4.26-CAN-2004-0394.patch,
327 +files/2.4.26-signal-race.patch,
328 -hardened-sources-2.4.26.ebuild,
329 -hardened-sources-2.4.24-r3.ebuild:
330 Version bump for the CAN-2004-0394 issue and bug #53804
331 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
332
333
334 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
335 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
336 Masked hardened-sources-2.4.26.ebuild broken for ppc
337
338 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
339 hardened-sources-2.4.24-r3.ebuild:
340 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
341
342 *hardened-sources-2.4.26 (29 May 2004)
343
344 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
345 +hardened-sources-2.4.26.ebuild:
346 Updated hardened-sources for the 2.4.26 kernel
347 Removed broken components, updated almost everything.
348
349 *hardened-sources-2.4.24-r3 (17 Apr 2004)
350
351 17 Apr 2004; <plasmaroo@gentoo.org>
352 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
353 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
354 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
355 +hardened-sources-2.4.24-r3.ebuild:
356 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
357 vulnerabilities. Old revisions removed.
358
359 *hardened-sources-2.4.24-r2 (15 Apr 2004)
360
361 15 Apr 2004; <plasmaroo@gentoo.org>
362 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
363 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
364 Version bump for the CAN-2004-0109 issue; bug #47881.
365
366 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
367 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
368 Add eutils to inherit.
369
370 *hardened-sources-2.4.24-r1 (19 Feb 2004)
371
372 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
373 files/hardened-sources-2.4.24.munmap.patch:
374 Added the patch for the mremap/munmap vulnerability. Bug #42024.
375
376 *hardened-sources-2.4.24 (06 Feb 2004)
377
378 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
379 hardened-sources-2.4.24.ebuild:
380 Version bump, updated most of the components.
381 This release includes the following:
382
383 - Hardened security
384 - Netfilter patch-o-matic 20031219
385 - FreeSWAN 2.04 & x509 1.4.8
386 - EVMS 2.2.2
387 - XFS 1.3.1
388 - cryptoloop jari
389 - grsecurity 2.0-rc4
390 - SELinux
391 - PaX 200402060000
392 - PaX Obscurity 200308302223
393 - Others...
394
395 Neither -ck nor systrace are included anymore.
396
397 *hardened-sources-2.4.22-r2 (05 Jan 2004)
398
399 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
400 hardened-sources-2.4.22-r2.ebuild:
401 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
402
403 *hardened-sources-2.4.22-r1 (02 Dec 2003)
404
405 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
406 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
407
408 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
409 hardened-sources-2.4.22-r1.ebuild:
410 Version bump for the 'do_brk' vulnerability.
411
412 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
413 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
414 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
415 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
416 Fix the 'do_brk' vulnerability.
417
418 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
419 hardened-sources-2.4.22.ebuild:
420 - Removed the src_install() portion for SELinux flask
421 components. These are no longer handled in the kernel
422 so this code was not necessary.
423
424 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
425 New 2.4.22 based hardened-sources thanks to
426 Phil West <p.west@computer.org>.
427
428 These sources include:
429 - New SELinux API
430 - Updated CK-base
431 - Updated GRSec
432 - Systrace
433 - SuperFreeS/WAN 1.99.8
434 - Propolice kernel build support
435 - EVMS
436 - Other various security related patches
437
438 *hardened-sources-2.4.21 (14 Sep 2003)
439
440 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
441 Updated hardened-sources based on the 2.4.21 Linux kernel.
442 This includes updates to most major components such as:
443 - ck-base-0306300059
444 - selinux-2.4-2003071106
445 - grsecurity-2.0-rc1
446 - Updated IPTables patch-o-matic
447 - Updated SuperFreeS/WAN
448
449 Thanks to Phil West <pwest@computer.org> for his work in getting this
450 updated patch set ready for the 2.4.21 based kernel.
451
452 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
453 Initial import of hardened-sources-2.4.20-r4. This revision
454 includes only a few changes, but one of these is an important
455 security fix. It is recommended all users of hardened-sources
456 upgrade to this release.
457
458 - ioperm bug fix
459 - fixed compilation failure when building without GRSec
460
461 SAL (Secure Auditing for Linux) is NOT included in this revision
462 due to time constraints, but is planned for inclusion in the near
463 future.
464
465 *hardened-sources-2.4.20-r2 (12 Jun 2003)
466
467 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
468 hardened-sources-2.4.20-r3.ebuild:
469 Add Header...
470
471 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
472 hardened-sources-2.4.20-r3.ebuild:
473 Removed warnings from ebuild. This kernel should be safe to
474 use at this point.
475
476 *hardened-sources-2.4.20-r3 (08 Jun 2003)
477
478 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
479 hardened-sources-2.4.20-r3.ebuild:
480 New revision. Includes the following changes over -r2:
481
482 - ck7-base (O(1), preempt, low latency)
483 - Super FreeS/WAN 1.99.7rc2
484 - PaX for the LSM/SELinux branch
485 - GRSecurity 2.0-pre4 (role based access control)
486 - Systrace 1.3
487 - EXT3 fixes
488 - EVMS 2.0.1
489 - GCC 3.1+ compile optimizations
490 - ProPolice kernel build support
491 - Hashing table security fixes
492
493 *hardened-sources-2.4.20-r1 (09 Apr 2003)
494
495 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
496 Initial import of hardened-sources-r2. This new
497 ebuild includes many new performance and security
498 related patches. As in -r1, it will patch in
499 LSM/SELinux if "selinux" is in USE, otherwise it
500 will patch in GRSecurity. The following patches
501 are included in this revision:
502
503 - O(1) Scheduler, Low Latency, and Preempt
504 (pulled from the base CK patch)
505 - ptrace exploit patch for the LSM kernel
506 (the GRSec patch already fixes this)
507 - LSM 2.4-2003040709
508 - SELinux 2.4-2003040709
509 - Systrace v1.2
510 - IPTables patch-o-matic base patches - 20030107
511 - CryptoAPI 2.4.20.1 w/ loop-jari patch
512 - Super FreeS/WAN 1.99.6.1
513 - GRSecurity 1.9.9g
514 - MPPE
515 - EXT3 data journal fix
516 - CIPE 1.5.4
517
518 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
519 hardened-sources-2.4.20-r1.ebuild, manifest:
520 Updated to install flask components correctly for selinux.
521
522 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
523 hardened-sources-2.4.20-r1.ebuild:
524 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
525 is patched in instead. Ptrace patches for selinux have also been added. In
526 either case, systrace support will be patched in as well.
527
528 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
529 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
530 Revision bump for new sources.
531
532 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
533 hardened-sources-2.4.20-r1.ebuild:
534 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
535
536 *hardened-sources-2.4.20 (30 Mar 2003)
537
538 30 Mar 2003; Joshua Brindle <method@gentoo.org>
539 hardened-sources-2.4.20.ebuild:
540 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20