summaryrefslogtreecommitdiff
blob: a0f433e0334015c3ea7600bf08519931b9bce5c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
# ChangeLog for sys-kernel/grsec-sources
# Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.33 2004/11/11 19:27:12 solar Exp $

*grsec-sources-2.4.27.2.0.1-r3 (11 Nov 2004)

  11 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.27.2.0.1-r3.ebuild:
  security bump again fixes tty io DoS - CAN-2004-0814 and binfmt_elf (CAN-???)

*grsec-sources-2.4.27.2.0.1-r2 (10 Nov 2004)

  10 Nov 2004; <solar@gentoo.org> -grsec-sources-2.4.26.2.0-r7.ebuild,
  -grsec-sources-2.4.27.2.0.1-r1.ebuild,
  +grsec-sources-2.4.27.2.0.1-r2.ebuild, -grsec-sources-2.4.27.2.0.1.ebuild:
  fix for remote denial-of-service in nfs3 xdr handling code. bug #62524

*grsec-sources-2.4.27.2.0.1-r1 (09 Aug 2004)

  09 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.27.2.0.1-r1.ebuild,
  files/2.4.27-cmdline-race.patch:
  Potential security issue in /proc/cmdline bug 59905

*grsec-sources-2.4.27.2.0.1 (08 Aug 2004)

  08 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
  grsec-sources-2.4.26.2.0-r4.ebuild, grsec-sources-2.4.26.2.0-r5.ebuild,
  grsec-sources-2.4.26.2.0-r6.ebuild, grsec-sources-2.4.27.2.0.1.ebuild,
  files/2.4.26-i2cproc_bus_read.patch:
  version bump. Removed all older versions

*grsec-sources-2.4.26.2.0-r7 (04 Aug 2004)

  04 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r7.ebuild:
  security bump - file offset pointer handling vulnerability - bug 59378

  11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
  files/2.4.26-fchown-attr.patch, files/openmosix-sources.CAN-2004-0497.patch:
  using openmosix-sources.CAN-2004-0497.patch vs the 2.4.26-fchown-attr.patch

*grsec-sources-2.4.26.2.0-r6 (11 Jul 2004)

  11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
  files/2.4.26-fchown-attr.patch:
  added modified security patch from bug 56479

*grsec-sources-2.4.26.2.0-r5 (26 Jun 2004)

  26 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r5.ebuild,
  files/gentoo-sources-2.4.CAN-2004-0495.patch,
  files/gentoo-sources-2.4.CAN-2004-0535.patch:
  Privilege escalation bugs revealed by Sparse tool. bug 54976

  17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r4.ebuild:
  #commented out the i2c-proc_bus_read.patch as it's unneeded as pointed out in
  the bug.

*grsec-sources-2.4.26.2.0-r4 (17 Jun 2004)

  17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r2.ebuild,
  grsec-sources-2.4.26.2.0-r4.ebuild, files/2.4.26-i2cproc_bus_read.patch,
  files/2.4.26-pax-binfmt_elf-page-size.patch:
  fix i2c integer overflow vulnerability during the allocation of memory. bug
  #54164. PaX force randomization to always at least PAGE_SIZE big. Allows glibc
  to be compiled with binutils-2.15 and USE=hardened

*grsec-sources-2.4.26.2.0-r3 (15 Jun 2004)

  15 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
  files/2.4.26-signal-race.patch:
  revision bump for security bug 53804

*grsec-sources-2.4.26.2.0-r2 (02 Jun 2004)

  02 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r1.ebuild,
  grsec-sources-2.4.26.2.0-r2.ebuild, files/2.4.26-CAN-2004-0394.patch:
  update to fix format string problem in panic() handler

  18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0.ebuild:
  upstream fixed an idt_table bug in PaX that effected i386/i586 users without
  rolling a new patch, so we gentoo fetched new version and bz2 it to avoid
  md5sum conflicts.. removed old ebuild as well

*grsec-sources-2.4.26.2.0 (18 Apr 2004)
*grsec-sources-2.4.26.2.0-r1 (18 Apr 2004)

  18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild, grsec-sources-2.4.26.2.0.ebuild,
  metadata.xml, files/do_brk_fix.patch,
  files/grsec-sources-2.4.23.CAN-2003-0985.patch,
  files/grsec-sources-2.4.23.rtc_fix.patch,
  files/grsec-sources-2.4.24.1.9.13.munmap.patch:
  grsec2 has gone stable upstream, removing old portage cruft from tree to make
  life for security@gentoo easier.

  11 Mar 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild:
  fix slotting to use KV vs OKV

*grsec-sources-2.4.25.1.9.14 (21 Feb 2004)

  21 Feb 2004; <solar@gentoo.org> grsec-sources-2.4.25.1.9.14.ebuild,
  grsec-sources-2.4.25.2.0_rc5.ebuild:
  dual headed version bumps to the 2.4.25 series

*grsec-sources-2.4.24.1.9.13-r1 (19 Feb 2004)

  19 Feb 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
  files/grsec-sources-2.4.24.1.9.13.munmap.patch:
  Added the patch for the mremap/munmap vulnerability. Bug #42024.

*grsec-sources-2.4.24.1.9.13 (11 Jan 2004)

  11 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13.ebuild,
  files/2.4.24-x86.config:
  version bump and a clean up of the src code for dealing with hppa

  05 Jan 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.23.1.9.13-r1.ebuild,
  grsec-sources-2.4.23.2.0_rc4-r1.ebuild, files/grsec-sources-2.4.23.*.patch:
  Added the 2.4.24 security patches. Please see bugs #37292 and #37317.

  05 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.1.9.12-r1.ebuild,
  grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3-r1.ebuild,
  grsec-sources-2.4.22.2.0_rc3.ebuild:
  Removed old versions of kernels...

*grsec-sources-2.4.23.2.0_rc4 (02 Jan 2004)

  02 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.23.2.0_rc4.ebuild:
  grsecurity II kernel sources version bump

  02 Dec 2003; Alexander Gabert <pappy@gentoo.org>
  grsec-sources-2.4.23.1.9.13.ebuild:
  Created linux2423grsec1913 patch and added '~hppa' keywords.

*grsec-sources-2.4.22.1.9.12-r1 (02 Dec 2003)

  02 Dec 2003; Brian Jackson <iggy@gentoo.org>
  grsec-sources-2.4.22.1.9.12-r1.ebuild,
  grsec-sources-2.4.22.2.0_rc3-r1.ebuild:
  Version bump for the 'do_brk' vulnerability.

*grsec-sources-2.4.23.1.9.13 (01 Dec 2003)

  01 Dec 2003; Brian Jackson <iggy@gentoo.org>
  grsec-sources-2.4.21.1.9.11.ebuild, grsec-sources-2.4.21.2.0_rc2.ebuild,
  grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
  files/do_brk_fix.patch: Fix the 'do_brk' vulnerability.

  01 Dec 2003; <solar@gentoo.org> grsec-sources-2.4.23.1.9.13.ebuild:
  Performance enhancements, PaX updates including PT_GNU_STACK and PT_GNU_HEAP
  support, documentation updates, a fix for an initrd problem.

  05 Nov 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
  metadata.xml: Fixed typo pointed out by frogger

  17 Sep 2003; Alexander Gabert <pappy@gentoo.org>
  grsec-sources-2.4.22.1.9.12.ebuild: Added hppa support and custom 
  grsec patch.

*grsec-sources-2.4.22.2.0_rc3 (04 Sep 2003)

  04 Sep 2003; <solar@gentoo.org> grsec-sources-2.4.22.1.9.12.ebuild,
  grsec-sources-2.4.22.2.0_rc3.ebuild:
  Version bumps.

*grsec-sources-2.4.21.2.0_rc2 (14 Aug 2003)

  14 Aug 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
  grsec-sources-2.4.21.2.0_rc2.ebuild, metadata.xml:
  Initial import of grsec-sources.