# ChangeLog for sys-kernel/hardened-sources # Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.12 2003/09/14 18:07:06 frogger Exp $ *hardened-sources-2.4.21 (14 Sep 2003) 14 Sep 2003; Matthew Rickard hardened-sources-2.4.21.ebuild: Updated hardened-sources based on the 2.4.21 Linux kernel. This includes updates to most major components such as: -ck-base-0306300059 -selinux-2.4-2003071106 -grsecurity-2.0-rc1 -Updated IPTables patch-o-matic -Updated SuperFreeS/WAN Thanks to Phil West for his work in getting this updated patch set ready for the 2.4.21 based kernel. 16 Jun 2003; Matthew Rickard : Initial import of hardened-sources-2.4.20-r4. This revision includes only a few changes, but one of these is an important security fix. It is recommended all users of hardened-sources upgrade to this release. - ioperm bug fix - fixed compilation failure when building without GRSec SAL (Secure Auditing for Linux) is NOT included in this revision due to time constraints, but is planned for inclusion in the near future. *hardened-sources-2.4.20-r2 (12 Jun 2003) 12 Jun 2003; hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild: add Header 08 Jun 2003; Matthew Rickard hardened-sources-2.4.20-r3.ebuild: Removed warnings from ebuild. This kernel should be safe to use at this point. *hardened-sources-2.4.20-r3 (08 Jun 2003) 08 Jun 2003; Matthew Rickard hardened-sources-2.4.20-r3.ebuild: New revision. Includes the following changes over -r2: - ck7-base (O(1), preempt, low latency) - Super FreeS/WAN 1.99.7rc2 - PaX for the LSM/SELinux branch - GRSecurity 2.0-pre4 (role based access control) - Systrace 1.3 - EXT3 fixes - EVMS 2.0.1 - GCC 3.1+ compile optimizations - ProPolice kernel build support - Hashing table security fixes *hardened-sources-2.4.20-r1 (09 Apr 2003) 23 Apr 2003; Matthew Rickard Manifest: Initial import of hardened-sources-r2. This new ebuild includes many new performance and security related patches. As in -r1, it will patch in LSM/SELinux if "selinux" is in USE, otherwise it will patch in GRSecurity. The following patches are included in this revision: - O(1) Scheduler, Low Latency, and Preempt (pulled from the base CK patch) - ptrace exploit patch for the LSM kernel (the GRSec patch already fixes this) - LSM 2.4-2003040709 - SELinux 2.4-2003040709 - Systrace v1.2 - IPTables patch-o-matic base patches - 20030107 - CryptoAPI 2.4.20.1 w/ loop-jari patch - Super FreeS/WAN 1.99.6.1 - GRSecurity 1.9.9g - MPPE - EXT3 data journal fix - CIPE 1.5.4 12 Apr 2003; Matthew Rickard hardened-sources-2.4.20-r1.ebuild, manifest: Updated to install flask components correctly for selinux 12 Apr 2003; Matthew Rickard hardened-sources-2.4.20-r1.ebuild: LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity is patched in instead. Ptrace patches for selinux have also been added. In either case, systrace support will be patched in as well. 09 Apr 2003; Matthew Rickard hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest: Revision bump for new sources 09 Apr 2003; Matthew Rickard hardened-sources-2.4.20-r1.ebuild: Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2 *hardened-sources-2.4.20 (30 Mar 2003) 30 Mar 2003; Joshua Brindle hardened-sources-2.4.20.ebuild: initial import, only has systrace support