summaryrefslogtreecommitdiff
blob: 1d6efbb98c2b219c0ff530c0e1ad4d2976070c0b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
# ChangeLog for sys-kernel/grsec-sources
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.55 2005/04/29 12:36:37 solar Exp $

  29 Apr 2005; <solar@gentoo.org> -files/2.4.26-CAN-2004-0394.patch,
  -files/2.4.27-cmdline-race.patch, -files/2.4.28-binfmt_a.out.patch,
  -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
  -files/2.4.28-uselib4pax.patch, -files/2.4.29-CAN-2005-0001.patch,
  -files/CAN-2004-1016.patch, -files/CAN-2004-1074.patch,
  -files/CAN-2004-1335.patch, -files/gentoo-sources-2.4.CAN-2004-1137.patch,
  -grsec-sources-2.4.29.2.1.3.ebuild, -grsec-sources-2.4.29.2.1.4.ebuild:
  - ebuild and filesdir cleanup. This is the last planned grsec-sources, see
  http://marc.theaimsgroup.com/?l=gentoo-hardened&m=111419177808622&w=2 for more
  info

  28 Apr 2005; Gustavo Zacarias <gustavoz@gentoo.org>
  grsec-sources-2.4.30.2.1.5.ebuild:
  Sparc stable

  22 Apr 2005; <solar@gentoo.org> grsec-sources-2.4.30.2.1.5.ebuild:
  - stable x86

*grsec-sources-2.4.30.2.1.5 (12 Apr 2005)

  12 Apr 2005; <solar@gentoo.org> -grsec-sources-2.4.28.2.1.0-r3.ebuild,
  grsec-sources-2.4.29.2.1.3.ebuild, grsec-sources-2.4.29.2.1.4.ebuild,
  +grsec-sources-2.4.30.2.1.5.ebuild:
  - version bump. added CPV/MYPV to every ebuild now due to k2 changes

*grsec-sources-2.4.29.2.1.4 (23 Mar 2005)

  23 Mar 2005; <solar@gentoo.org> +grsec-sources-2.4.29.2.1.4.ebuild:
  - minor version bump

  11 Mar 2005; <solar@gentoo.org> grsec-sources-2.4.29.2.1.3.ebuild:
  - marking 2.1.3 stable for all supporting arches

*grsec-sources-2.4.29.2.1.3 (07 Mar 2005)

  07 Mar 2005; <solar@gentoo.org> +grsec-sources-2.4.29.2.1.3.ebuild:
  - version bump grsec to 2.4.29.2.1.3 to fix bug in RBAC system

*grsec-sources-2.4.28.2.1.0-r3 (05 Mar 2005)

  05 Mar 2005; <solar@gentoo.org>
  +files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
  -grsec-sources-2.4.28.2.0.2-r3.ebuild,
  -grsec-sources-2.4.28.2.1.0-r1.ebuild,
  -grsec-sources-2.4.28.2.1.0-r2.ebuild,
  +grsec-sources-2.4.28.2.1.0-r3.ebuild, -grsec-sources-2.4.28.2.1.0.ebuild:
  - security bump for SEGMEXEC/RANDEXEC handling

*grsec-sources-2.4.28.2.1.0-r2 (04 Feb 2005)

  04 Feb 2005; <solar@gentoo.org> +files/CAN-2004-1335.patch,
  grsec-sources-2.4.28.2.1.0-r1.ebuild, +grsec-sources-2.4.28.2.1.0-r2.ebuild:
  - rev bump for CAN-2004-1335

*grsec-sources-2.4.28.2.1.0-r1 (18 Jan 2005)

  18 Jan 2005; <solar@gentoo.org> +files/2.4.29-CAN-2005-0001.patch,
  -grsec-sources-2.4.28.2.0.2-r1.ebuild,
  -grsec-sources-2.4.28.2.0.2-r2.ebuild,
  +grsec-sources-2.4.28.2.1.0-r1.ebuild:
  - version bump for security bug #77666 and removed some older unneeded ebuilds.

  11 Jan 2005; <solar@gentoo.org> grsec-sources-2.4.28.2.1.0.ebuild:
  - marking grsec-sources stable

  09 Jan 2005; <solar@gentoo.org> grsec-sources-2.4.28.2.1.0.ebuild:
  - removing masking and put ebuild in ~arch

  08 Jan 2005; <solar@gentoo.org> +files/2.4.28-uselib4pax.patch,
  +files/gentoo-sources-2.4.CAN-2004-1137.patch,
  grsec-sources-2.4.28.2.1.0.ebuild:
  - Adds CAN-2004-1137.patch.
  - Adds 2.4.x uselib patch with extra semaphore locking for PaX enabled kernels.
  - Adds back 2.4.27-cmdline-race.patch.

  08 Jan 2005; <solar@gentoo.org> :
  - digest update from plasmaroo for new CAN-2004-0814 patch

*grsec-sources-2.4.28.2.1.0 (08 Jan 2005)

  08 Jan 2005; <solar@gentoo.org> +files/linux-2.4.28-random-poolsize.patch,
  +grsec-sources-2.4.28.2.1.0.ebuild:
  - Added patch that fixes CAN-2004-0814 - Linux terminal layer races.
  - Added random poolsize from Brad Spengler. (CAN pending?)

*grsec-sources-2.4.28.2.0.2-r3 (25 Dec 2004)

  25 Dec 2004; <plasmaroo@gentoo.org> +grsec-sources-2.4.28.2.0.2-r3.ebuild,
  +files/CAN-2004-1056.patch, +files/CAN-2004-1074.patch:
  Security bump for bugs #72452 and #74464; please thank tocharian for the
  ebuild.

*grsec-sources-2.4.28.2.0.2-r2 (15 Dec 2004)

  15 Dec 2004; <solar@gentoo.org> +files/CAN-2004-1016.patch,
  -grsec-sources-2.4.27.2.0.1-r4.ebuild,
  +grsec-sources-2.4.28.2.0.2-r2.ebuild, -grsec-sources-2.4.28.2.0.2.ebuild:
  - local kernel DoS CAN-2004-1016

*grsec-sources-2.4.28.2.0.2-r1 (13 Dec 2004)

  13 Dec 2004; <solar@gentoo.org> metadata.xml,
  +files/2.4.28-binfmt_a.out.patch, +grsec-sources-2.4.28.2.0.2-r1.ebuild:
  - update from tocharian, adds binfmt_aout patch back to 2.4.28

  26 Nov 2004; Daniel Drake <dsd@gentoo.org>
  -files/2.4.26-pax-binfmt_elf-page-size.patch,
  -files/2.4.26-signal-race.patch,
  -files/gentoo-sources-2.4.CAN-2004-0495.patch,
  -files/gentoo-sources-2.4.CAN-2004-0535.patch,
  -files/openmosix-sources.CAN-2004-0497.patch,
  grsec-sources-2.4.27.2.0.1-r4.ebuild, grsec-sources-2.4.28.2.0.2.ebuild:
  Convert to kernel-2. Clean up.

  24 Nov 2004; <solar@gentoo.org> :
  redigest

*grsec-sources-2.4.28.2.0.2 (23 Nov 2004)

  23 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.28.2.0.2.ebuild:
  security bump - Linux Kernel AF_UNIX Arbitrary Kernel Memory Modification
  Vulnerability. http://www.securityfocus.com/bid/11715

*grsec-sources-2.4.27.2.0.1-r4 (17 Nov 2004)

  17 Nov 2004; <solar@gentoo.org> -grsec-sources-2.4.27.2.0.1-r2.ebuild,
  -grsec-sources-2.4.27.2.0.1-r3.ebuild,
  +grsec-sources-2.4.27.2.0.1-r4.ebuild:
  last fixes before 2.4.28 - fixes binfmt_elf+JJ and fixes binfmt_aout

*grsec-sources-2.4.27.2.0.1-r3 (11 Nov 2004)

  11 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.27.2.0.1-r3.ebuild:
  security bump again fixes tty io DoS - CAN-2004-0814 and binfmt_elf (CAN-???)

*grsec-sources-2.4.27.2.0.1-r2 (10 Nov 2004)

  10 Nov 2004; <solar@gentoo.org> -grsec-sources-2.4.26.2.0-r7.ebuild,
  -grsec-sources-2.4.27.2.0.1-r1.ebuild,
  +grsec-sources-2.4.27.2.0.1-r2.ebuild, -grsec-sources-2.4.27.2.0.1.ebuild:
  fix for remote denial-of-service in nfs3 xdr handling code. bug #62524

*grsec-sources-2.4.27.2.0.1-r1 (09 Aug 2004)

  09 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.27.2.0.1-r1.ebuild,
  files/2.4.27-cmdline-race.patch:
  Potential security issue in /proc/cmdline bug 59905

*grsec-sources-2.4.27.2.0.1 (08 Aug 2004)

  08 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
  grsec-sources-2.4.26.2.0-r4.ebuild, grsec-sources-2.4.26.2.0-r5.ebuild,
  grsec-sources-2.4.26.2.0-r6.ebuild, grsec-sources-2.4.27.2.0.1.ebuild,
  files/2.4.26-i2cproc_bus_read.patch:
  version bump. Removed all older versions

*grsec-sources-2.4.26.2.0-r7 (04 Aug 2004)

  04 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r7.ebuild:
  security bump - file offset pointer handling vulnerability - bug 59378

  11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
  files/2.4.26-fchown-attr.patch, files/openmosix-sources.CAN-2004-0497.patch:
  using openmosix-sources.CAN-2004-0497.patch vs the 2.4.26-fchown-attr.patch

*grsec-sources-2.4.26.2.0-r6 (11 Jul 2004)

  11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
  files/2.4.26-fchown-attr.patch:
  added modified security patch from bug 56479

*grsec-sources-2.4.26.2.0-r5 (26 Jun 2004)

  26 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r5.ebuild,
  files/gentoo-sources-2.4.CAN-2004-0495.patch,
  files/gentoo-sources-2.4.CAN-2004-0535.patch:
  Privilege escalation bugs revealed by Sparse tool. bug 54976

  17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r4.ebuild:
  #commented out the i2c-proc_bus_read.patch as it's unneeded as pointed out in
  the bug.

*grsec-sources-2.4.26.2.0-r4 (17 Jun 2004)

  17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r2.ebuild,
  grsec-sources-2.4.26.2.0-r4.ebuild, files/2.4.26-i2cproc_bus_read.patch,
  files/2.4.26-pax-binfmt_elf-page-size.patch:
  fix i2c integer overflow vulnerability during the allocation of memory. bug
  #54164. PaX force randomization to always at least PAGE_SIZE big. Allows glibc
  to be compiled with binutils-2.15 and USE=hardened

*grsec-sources-2.4.26.2.0-r3 (15 Jun 2004)

  15 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
  files/2.4.26-signal-race.patch:
  revision bump for security bug 53804

*grsec-sources-2.4.26.2.0-r2 (02 Jun 2004)

  02 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r1.ebuild,
  grsec-sources-2.4.26.2.0-r2.ebuild, files/2.4.26-CAN-2004-0394.patch:
  update to fix format string problem in panic() handler

  18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0.ebuild:
  upstream fixed an idt_table bug in PaX that effected i386/i586 users without
  rolling a new patch, so we gentoo fetched new version and bz2 it to avoid
  md5sum conflicts.. removed old ebuild as well

*grsec-sources-2.4.26.2.0 (18 Apr 2004)
*grsec-sources-2.4.26.2.0-r1 (18 Apr 2004)

  18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild, grsec-sources-2.4.26.2.0.ebuild,
  metadata.xml, files/do_brk_fix.patch,
  files/grsec-sources-2.4.23.CAN-2003-0985.patch,
  files/grsec-sources-2.4.23.rtc_fix.patch,
  files/grsec-sources-2.4.24.1.9.13.munmap.patch:
  grsec2 has gone stable upstream, removing old portage cruft from tree to make
  life for security@gentoo easier.

  11 Mar 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild:
  fix slotting to use KV vs OKV

*grsec-sources-2.4.25.1.9.14 (21 Feb 2004)

  21 Feb 2004; <solar@gentoo.org> grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild:
  dual headed version bumps to the 2.4.25 series

*grsec-sources-2.4.24.1.9.13-r1 (19 Feb 2004)

  19 Feb 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  files/grsec-sources-2.4.24.1.9.13.munmap.patch:
  Added the patch for the mremap/munmap vulnerability. Bug #42024.

*grsec-sources-2.4.24.1.9.13 (11 Jan 2004)

  11 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13.ebuild,
  files/2.4.24-x86.config:
  version bump and a clean up of the src code for dealing with hppa

  05 Jan 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.23.1.9.13-r1.ebuild,
  grsec-sources-2.4.23.2.0_rc4-r1.ebuild, files/grsec-sources-2.4.23.*.patch:
  Added the 2.4.24 security patches. Please see bugs #37292 and #37317.

  05 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.1.9.12-r1.ebuild,
  grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3-r1.ebuild,
  grsec-sources-2.4.22.2.0_rc3.ebuild:
  Removed old versions of kernels...

*grsec-sources-2.4.23.2.0_rc4 (02 Jan 2004)

  02 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.23.2.0_rc4.ebuild:
  grsecurity II kernel sources version bump

  02 Dec 2003; Alexander Gabert <pappy@gentoo.org>
  grsec-sources-2.4.23.1.9.13.ebuild:
  Created linux2423grsec1913 patch and added '~hppa' keywords.

*grsec-sources-2.4.22.1.9.12-r1 (02 Dec 2003)

  02 Dec 2003; Brian Jackson <iggy@gentoo.org>
  grsec-sources-2.4.22.1.9.12-r1.ebuild,
  grsec-sources-2.4.22.2.0_rc3-r1.ebuild:
  Version bump for the 'do_brk' vulnerability.

*grsec-sources-2.4.23.1.9.13 (01 Dec 2003)

  01 Dec 2003; Brian Jackson <iggy@gentoo.org>
  grsec-sources-2.4.21.1.9.11.ebuild, grsec-sources-2.4.21.2.0_rc2.ebuild,
  grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
  files/do_brk_fix.patch: Fix the 'do_brk' vulnerability.

  01 Dec 2003; <solar@gentoo.org> grsec-sources-2.4.23.1.9.13.ebuild:
  Performance enhancements, PaX updates including PT_GNU_STACK and PT_GNU_HEAP
  support, documentation updates, a fix for an initrd problem.

  05 Nov 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
  metadata.xml: Fixed typo pointed out by frogger

  17 Sep 2003; Alexander Gabert <pappy@gentoo.org>
  grsec-sources-2.4.22.1.9.12.ebuild: Added hppa support and custom 
  grsec patch.

*grsec-sources-2.4.22.2.0_rc3 (04 Sep 2003)

  04 Sep 2003; <solar@gentoo.org> grsec-sources-2.4.22.1.9.12.ebuild,
  grsec-sources-2.4.22.2.0_rc3.ebuild:
  Version bumps.

*grsec-sources-2.4.21.2.0_rc2 (14 Aug 2003)

  14 Aug 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, metadata.xml:
  Initial import of grsec-sources.