Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/hardened-dev-sources/ChangeLog
blob: 8df408a58f2c38723b50d61e605b3934b9a7395d (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344

# ChangeLog for sys-kernel/hardened-dev-sources
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-dev-sources/ChangeLog,v 1.60 2005/03/11 16:49:14 solar Exp $

  11 Mar 2005; <solar@gentoo.org> hardened-dev-sources-2.6.11-r1.ebuild:
  - marking 2.1.3 stable for all supporting arches

*hardened-dev-sources-2.6.11-r1 (10 Mar 2005)

  10 Mar 2005; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.11-r1.ebuild:
  Update grsecurity patch, includes 2.6.11.2 (security update).
  Add back PaX curr_ip fixes and optional curr_ip support for SELinux avc.

*hardened-dev-sources-2.6.11 (07 Mar 2005)

  07 Mar 2005; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.11.ebuild:
  New version, critical security fixes in grsecurity and pax

  20 Jan 2005; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.10-r3.ebuild:
  Stable on x86 and amd64.

*hardened-dev-sources-2.6.10-r3 (18 Jan 2005)

  18 Jan 2005; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.10-r3.ebuild:
  Remove nsa-selinux-update, required an selinux profile update. Add patches
  from -as2, and update to -ac10. Add minor selinux fixes.

  16 Jan 2005; Dylan Carlson <absinthe@gentoo.org>
  hardened-dev-sources-2.6.10-r2.ebuild:
  Keywords ~amd64.

  14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  hardened-dev-sources-2.6.10-r1.ebuild, hardened-dev-sources-2.6.10.ebuild:
  Mark stable on x86

*hardened-dev-sources-2.6.10-r2 (14 Jan 2005)

  14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  +hardened-dev-sources-2.6.10-r2.ebuild:
  Add latest SELinux patch from the NSA. Fixes several security problems and
  also updates base to -ac9

  13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  hardened-dev-sources-2.6.7-r18.ebuild:
  Fix mistakes in CAN-2004-0814 patch.

*hardened-dev-sources-2.6.7-r16 (12 Jan 2005)

  12 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  -hardened-dev-sources-2.6.7-r15.ebuild,
  -hardened-dev-sources-2.6.7-r16.ebuild,
  hardened-dev-sources-2.6.7-r18.ebuild:
  Mark 2.6.7-r18 stable for x86; older ebuilds removed.

*hardened-dev-sources-2.6.10-r1 (11 Jan 2005)

  11 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  +hardened-dev-sources-2.6.10-r1.ebuild:
  Rework uselib() exploit patch to allow building under certain .config's.

*hardened-dev-sources-2.6.10 (11 Jan 2005)

  11 Jan 2005; Adam Mondl <tocharian@gentoo.org>
  +hardened-dev-sources-2.6.10.ebuild:
  Update the patchset for 2.6.10 to fix several vulnerabilities. Uses -ac8 as
  the new kernel base.

*hardened-dev-sources-2.6.7-r18 (25 Dec 2004)

  25 Dec 2004; <plasmaroo@gentoo.org> hardened-dev-sources-2.6.7-r17.ebuild,
  +hardened-dev-sources-2.6.7-r18.ebuild:
  Marking -r17 stable. Adding -r18 with more security fixes, thank tocharian for
  rolling the new patchset...

*hardened-dev-sources-2.6.7-r17 (05 Dec 2004)

  05 Dec 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r17.ebuild:
  The Battle of Who Could Care Less release. Guest starring Jay Pfeifer.
  Produced by Adam Mondl. This release merges applicable patches from
  genpatches-base 7.53 into hardened-patches. There was no effort to make the
  patch dir pretty, look at your own risk. We'll clean this up later.

  01 Dec 2004; Brandon Hale <tseng@gentoo.org> :
  Version bump for several security fixes, see 0000_README

  24 Nov 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r10.ebuild,
  hardened-dev-sources-2.6.7-r13.ebuild,
  hardened-dev-sources-2.6.7-r14.ebuild, hardened-dev-sources-2.6.7-r7.ebuild,
  hardened-dev-sources-2.6.7-r8.ebuild,
  files/hardened-dev-sources-2.6.7-CAN-2004-0814.patch,
  files/hardened-dev-sources-2.6.7-CAN-2004-0883.patch:
  added patches for 65877, 68421

*hardened-dev-sources-2.6.7-r14 (23 Nov 2004)

  23 Nov 2004; Guillaume Destuynder <kang@gentoo.org>
  +files/hardened-dev-sources-2.6.7-ptmx.patch,
  +hardened-dev-sources-2.6.7-r14.ebuild:
  Fixed ptmx (#62524) issue (remote DoS)
  Fixed wrong digests for hds-r7 and r8

  24 Nov 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r13.ebuild,
  files/hardened-dev-sources-2.6.7-CAN-2004-0814.patch,
  files/hardened-dev-sources-2.6.7-CAN-2004-0883.patch:
  added patches for 65877, 68421

*hardened-dev-sources-2.6.7-r12 (18 Nov 2004)

  18 Nov 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r12.ebuild,
  hardened-dev-sources-2.6.7-r13.ebuild,
  files/hardened-2.6.7-binfmt_elf.patch:
  replace binfmt_elf patch with a better one

*hardened-dev-sources-2.6.7-r11 (10 Nov 2004)

  10 Nov 2004; Travis Tilley <lv@gentoo.org>
  +files/h-d-s-2.6.7-amd64-kill-vm_force_exec32.patch,
  +hardened-dev-sources-2.6.7-r11.ebuild:
  Removed a chunk of code that makes read imply exec for 32bit on amd64. If
  you get the error "cannot apply additional memory protection after
  relocation: Permission denied" when running 32bit binaries, this should fix
  it. Note that there are still bugs in handling 32bit in PaX on amd64, and
  that 32bit libraries with text relocations simply will not work at all. Also
  note that this update is -only- important for amd64 users.

*hardened-dev-sources-2.6.7-r10 (01 Nov 2004)

  01 Nov 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r10.ebuild, hardened-dev-sources-2.6.7-r9.ebuild,
  files/hardened-dev-sources-2.6.7.CAN-2004-0816.patch:
  Add CAN-2004-0816 iptables patch

*hardened-dev-sources-2.6.7-r9 (16 Oct 2004)

  16 Oct 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r9.ebuild:
  new revision

  05 Sep 2004; Chris PeBenito <pebenito@gentoo.org>
  hardened-dev-sources-2.6.7-r8.ebuild:
  Mark stable for x86 and PPC.

*hardened-dev-sources-2.6.7-r8 (26 Aug 2004)

  26 Aug 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r8.ebuild:
  Version bump for new SELinux headers, masked until policy is updated.

  09 Aug 2004; Brandon Hale <tseng@gentoo.org>
  -hardened-dev-sources-2.6.7-r4.ebuild,
  -hardened-dev-sources-2.6.7-r5.ebuild,
  -hardened-dev-sources-2.6.7-r6.ebuild:
  Cleanup.

*hardened-dev-sources-2.6.7-r7 (09 Aug 2004)

  09 Aug 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r7.ebuild:
  Bump to genpatches-base 7.45 to security bug #59905 and input driver bug #57741

  09 Aug 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.7-r6.ebuild:
  Stable on x86.

*hardened-dev-sources-2.6.7-r6 (08 Aug 2004)

  08 Aug 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r6.ebuild:
  -m New hardened-patches, updates to newly released grsecurity patch. This
  should give a a good solid base to go stable, barring more nasty kernel vulns.

  07 Aug 2004; Travis Tilley <lv@gentoo.org>
  hardened-dev-sources-2.6.7-r5.ebuild:
  stable on amd64

*hardened-dev-sources-2.6.7-r5 (06 Aug 2004)

  06 Aug 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r5.ebuild:
  Bump genpatches to 7.44 from g-d-s -r12, this fixes a security issue (#59378)
  and adds some sparc fixes.

  24 Jul 2004; Brandon Hale <tseng@gentoo.org>
  -hardened-dev-sources-2.6.5-r5.ebuild,
  -hardened-dev-sources-2.6.7-r1.ebuild,
  -hardened-dev-sources-2.6.7-r2.ebuild,
  -hardened-dev-sources-2.6.7-r3.ebuild, -hardened-dev-sources-2.6.7.ebuild:
  Cleanup.

*hardened-dev-sources-2.6.7-r4 (24 Jul 2004)

  24 Jul 2004; Brandon Hale <tseng@gentoo.org>
  +files/hardened-dev-sources-2.6.7.CAN-2004-0596.patch,
  +hardened-dev-sources-2.6.7-r4.ebuild:
  Fix for CAN-2004-0596, Gentoo bug #57826

*hardened-dev-sources-2.6.7-r3 (13 Jul 2004)

  13 Jul 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.7-r3.ebuild:
  grsec update

  04 Jul 2004; Brandon Hale <tseng@gentoo.org>
  -files/hardened-dev-sources-2.6.5.CAN-2004-0109.patch:
  Remove no longer needed security fix.

  04 Jul 2004; Brandon Hale <tseng@gentoo.org> metadata.xml:
  Remove stray digest, add kernel herd to metadata

*hardened-dev-sources-2.6.7-r2 (03 Jul 2004)

  03 Jul 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r2.ebuild:
  Update to latest genpatches to close two new security vulns.

*hardened-dev-sources-2.6.7-r1 (01 Jul 2004)

  01 Jul 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7-r1.ebuild:
  Version bump, header fix for iptables and fix for iptables remote DoS.

  30 Jun 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.7.ebuild:
  Commit first public revision for 2.6.7

*hardened-dev-sources-2.6.7 (28 Jun 2004)

  28 Jun 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.7.ebuild:
  Add 2.6.7 sources for wider testing, -* for now. This has a pre-release of
  grsec.

*hardened-dev-sources-2.6.5-r5 (16 Jun 2004)

  16 Jun 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.5-r5.ebuild:
  Another rev bump to fix a local DoS vuln in PaX, thanks to x1bncwn for
  producing a patch.

  15 Jun 2004; Brandon Hale <tseng@gentoo.org>
  -hardened-dev-sources-2.6.4-r4.ebuild,
  -hardened-dev-sources-2.6.5-r3.ebuild:
  Cleanup old ebuilds.

*hardened-dev-sources-2.6.5-r4 (15 Jun 2004)

  15 Jun 2004; Brandon Hale <tseng@gentoo.org>
  +hardened-dev-sources-2.6.5-r4.ebuild:
  Added patches to close multiple vulnerabilities, bug #47881.

  20 May 2004; Travis Tilley <lv@gentoo.org>
  hardened-dev-sources-2.6.4-r4.ebuild, hardened-dev-sources-2.6.5-r3.ebuild:
  added amd64 keyword

  07 May 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.4-r4.ebuild:
  Added IUSE=

  24 Apr 2004; Chris PeBenito <pebenito@gentoo.org>
  hardened-dev-sources-2.6.5-r3.ebuild:
  Mark ~ppc.

  18 Apr 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.4-r1.ebuild, hardened-dev-sources-2.6.4-r2.ebuild,
  hardened-dev-sources-2.6.4-r3.ebuild, hardened-dev-sources-2.6.4.ebuild:
  remove old versions

*hardened-dev-sources-2.6.5-r3 (18 Apr 2004)

  18 Apr 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.5-r2.ebuild, hardened-dev-sources-2.6.5-r3.ebuild,
  hardened-dev-sources-2.6.5.ebuild:
  bump for pax fix and remove old faulty versions

  18 Apr 2004; Joshua Brindle <method@gentoo.org> :
  added ramfs-xattr to hardened-patches

*hardened-dev-sources-2.6.5-r2 (18 Apr 2004)

  18 Apr 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.5-r2.ebuild, hardened-dev-sources-2.6.5.ebuild:
  change keywords to ~x86, updated grsec to final in -r2, added selinux nfs
  support

*hardened-dev-sources-2.6.5 (16 Apr 2004)

  16 Apr 2004; Joshua Brindle <method@gentoo.org>
  hardened-dev-sources-2.6.5.ebuild:
  commit 2.6.5

*hardened-dev-sources-2.6.4-r4 (15 Apr 2004)

  15 Apr 2004; Brandon Hale <tseng@gentoo.org>
  +files/hardened-dev-sources-2.6.5.CAN-2004-0109.patch,
  +hardened-dev-sources-2.6.4-r4.ebuild:
  Apply fix for CAN-2004-0109, ISO vuln.

  14 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
  hardened-dev-sources-2.6.4.ebuild:
  Added IUSE=.

*hardened-dev-sources-2.6.4-r3 (29 Mar 2004)

  29 Mar 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.4-r3.ebuild:
  Version bump, free nmap blocking in every box.

  24 Mar 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.4-r2.ebuild:
  Mask -r2 for now, a few different things turned out to be broken.

*hardened-dev-sources-2.6.4-r2 (23 Mar 2004)

  23 Mar 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.4-r2.ebuild:
  Version bump.

  20 Mar 2004; <solar@gentoo.org> :
  digest fix

*hardened-dev-sources-2.6.4-r1 (20 Mar 2004)

  20 Mar 2004; Brandon Hale <tseng@gentoo.org>
  hardened-dev-sources-2.6.4-r1.ebuild:
  Version bump, includes grsec test2 and support for disabling module loading.

  15 Mar 2004; <solar@gentoo.org> hardened-dev-sources-2.6.4.ebuild:
  unmasked -r0 after alot of testing from hardened users.. now lets hope nobodys
  boxes catch afire

*hardened-dev-sources-2.6.4 (14 Mar 2004)

  14 Mar 2004; <solar@gentoo.org> hardened-dev-sources-2.6.4.ebuild,
  metadata.xml:
  initial hardened base. all masked for now