diff options
| author |   Ned Ludd <solar@gentoo.org> | 2005-03-05 19:51:10 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2005-03-05 19:51:10 +0000 |
| commit | 17e20d0d8fa539c469993110f3006cec0392691a (patch) | |
| tree | 50c69e8be5de56dafab30c1fd99cc49626ef6a02 /sys-kernel | |
| parent | ~amd64 (diff) | |
| download | gentoo-2-17e20d0d8fa539c469993110f3006cec0392691a.tar.gz gentoo-2-17e20d0d8fa539c469993110f3006cec0392691a.tar.bz2 gentoo-2-17e20d0d8fa539c469993110f3006cec0392691a.zip | |
- security bump for SEGMEXEC/RANDEXEC handling
(Portage version: 2.0.51-r15)
Diffstat (limited to 'sys-kernel')
| -rw-r--r-- | sys-kernel/grsec-sources/ChangeLog | 12 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/Manifest | 25 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch | 44 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2-r3 | 2 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r1 | 3 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r2 | 3 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r3 (renamed from sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0) | 0 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2-r3.ebuild | 38 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r1.ebuild | 46 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r3.ebuild (renamed from sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r2.ebuild) | 5 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild | 44 |
11 files changed, 62 insertions, 160 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog index b66b6f7aa4a3..f9703e3e80a9 100644 --- a/sys-kernel/grsec-sources/ChangeLog +++ b/sys-kernel/grsec-sources/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for sys-kernel/grsec-sources # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.47 2005/02/04 14:43:06 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.48 2005/03/05 19:51:10 solar Exp $ + +*grsec-sources-2.4.28.2.1.0-r3 (05 Mar 2005) + + 05 Mar 2005; <solar@gentoo.org> + +files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch, + -grsec-sources-2.4.28.2.0.2-r3.ebuild, + -grsec-sources-2.4.28.2.1.0-r1.ebuild, + -grsec-sources-2.4.28.2.1.0-r2.ebuild, + +grsec-sources-2.4.28.2.1.0-r3.ebuild, -grsec-sources-2.4.28.2.1.0.ebuild: + - security bump for SEGMEXEC/RANDEXEC handling *grsec-sources-2.4.28.2.1.0-r2 (04 Feb 2005) diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest index 50fbbce41611..9071283bac61 100644 --- a/sys-kernel/grsec-sources/Manifest +++ b/sys-kernel/grsec-sources/Manifest @@ -1,12 +1,6 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 24764b94c52b15c33321df855d74ef1a grsec-sources-2.4.28.2.0.2-r3.ebuild 1353 -MD5 bd4d0f14719409760a49a07584dc6092 grsec-sources-2.4.28.2.1.0-r2.ebuild 1844 -MD5 b7571a1a81fb316a051e6ab27daa6281 grsec-sources-2.4.28.2.1.0-r1.ebuild 1814 -MD5 de2ab50796577ef947a9cbe845a22dae grsec-sources-2.4.28.2.1.0.ebuild 1737 -MD5 a4569cdf4798b7bac0170faa363e9b94 ChangeLog 10417 +MD5 83be3e9129fd1acd02c6458b44c42011 ChangeLog 10800 MD5 0b2ea9b53b5d526e39afbdc5040ff07a metadata.xml 487 +MD5 4dfceeac3ae34595f83d2fde5b7db13f grsec-sources-2.4.28.2.1.0-r3.ebuild 1902 MD5 0adbefda5e0d752b23dd2f930e6f6bbf files/linux-2.4.28-random-poolsize.patch 452 MD5 8c35751caf824a9dacb02e80d6189b2e files/gentoo-sources-2.4.CAN-2004-1137.patch 1764 MD5 4263daf594b58ea0c0b59e87afe3a7c9 files/CAN-2004-1074.patch 11121 @@ -16,19 +10,8 @@ MD5 1efe4024e443e60db5fd9b21b22fabd2 files/2.4.29-CAN-2005-0001.patch 1724 MD5 29e531cdd3f2effce5e31a1f2afb5b5d files/2.4.28-uselib4pax.patch 8912 MD5 9860d0e9e59d561a5573648f80547f7e files/CAN-2004-1335.patch 788 MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397 -MD5 8c7a1adf3e5ca3b4cfd6a75f5704d2fc files/digest-grsec-sources-2.4.28.2.1.0 231 MD5 4a0215139f9aebfe2cc2747743763f08 files/2.4.28-binfmt_a.out.patch 1887 -MD5 c829ff92477a5a9e4fcbc370303217f8 files/digest-grsec-sources-2.4.28.2.0.2-r3 144 -MD5 8c7a1adf3e5ca3b4cfd6a75f5704d2fc files/digest-grsec-sources-2.4.28.2.1.0-r1 231 -MD5 8c7a1adf3e5ca3b4cfd6a75f5704d2fc files/digest-grsec-sources-2.4.28.2.1.0-r2 231 +MD5 8c7a1adf3e5ca3b4cfd6a75f5704d2fc files/digest-grsec-sources-2.4.28.2.1.0-r3 231 +MD5 b1f723b1661a3fcbe79e921ddfe40584 files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch 1202 MD5 6aa8f7a7c2d55734389b53d3bcf78570 files/CAN-2004-1016.patch 2835 MD5 d1ccc2047be533c992f67270a150a210 files/2.4.27-cmdline-race.patch 388 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.4 (GNU/Linux) - -iQCVAwUBQgOJ5J4WFLgrx1GWAQK/HAQAoSS1h6FKCv27yddewId/ryTsOMrGxbii -Konc8XDV/PZTOdtFsBMB1jzRbrEp53U/5gHSBQcC2inuWNpWYYQ3vf46khgIkyeO -YJDr+gu9kgWwJDzBPTdn72HiJLgnQiida0lWqewdrKY/hyGVChhL6lULEJfDsn04 -AaW52GD8cZo= -=m5xE ------END PGP SIGNATURE----- diff --git a/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch b/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch new file mode 100644 index 000000000000..baf4907aba34 --- /dev/null +++ b/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch @@ -0,0 +1,44 @@ +--- mm/mmap.c.orig 2005-03-05 13:29:06.000000000 -0500 ++++ mm/mmap.c 2005-03-05 13:33:51.000000000 -0500 +@@ -1014,7 +1014,7 @@ + * we just free'd - but there's no telling how much before. + */ + static void free_pgtables(struct mm_struct * mm, struct vm_area_struct *prev, +- unsigned long start, unsigned long end) ++ struct vm_area_struct *mpnt, unsigned long start, unsigned long end) + { + unsigned long first = start & PGDIR_MASK; + unsigned long last = end + PGDIR_SIZE - 1; +@@ -1046,6 +1046,14 @@ + break; + } + no_mmaps: ++ while (mpnt && first < last) { ++ if ((mpnt->vm_end > first) &&(last > mpnt->vm_start)) { ++ first = mpnt->vm_end + PGDIR_SIZE - 1; ++ last = mpnt->vm_start; ++ } ++ mpnt = mpnt->vm_next; ++ } ++ + if (last < first) + return; + /* +@@ -1106,7 +1114,7 @@ + extra = unmap_vma(mm, addr, len, mpnt, extra); + } + +- free_pgtables(mm, prev, addr, addr+len); ++ free_pgtables(mm, prev, NULL, addr, addr+len); + + return extra; + } +@@ -1130,7 +1138,7 @@ + find_vma_prev(mm, mpnt->vm_start, &prev); + extra_m = unmap_vma(mm, addr_m, len, mpnt, extra_m); + +- free_pgtables(mm, prev, start, end); ++ free_pgtables(mm, prev, free_m, start, end); + } + + return extra_m; diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2-r3 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2-r3 deleted file mode 100644 index 04b30398565d..000000000000 --- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2-r3 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 2f2e5e29772fdacd04129ba16a24afcf grsecurity-2.0.2-2.4.28.patch.gz 141933 -MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046 diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r1 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r1 deleted file mode 100644 index c85fde9d5a55..000000000000 --- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r1 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 afbd071ae702af4668b2aea32868a698 grsecurity-2.1.0-2.4.28-200501051112.patch 691305 -MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046 -MD5 3fa09a0d8ea8def546b840bde027d61b linux-2.4.28-CAN-2004-0814.patch 145009 diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r2 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r2 deleted file mode 100644 index c85fde9d5a55..000000000000 --- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r2 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 afbd071ae702af4668b2aea32868a698 grsecurity-2.1.0-2.4.28-200501051112.patch 691305 -MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046 -MD5 3fa09a0d8ea8def546b840bde027d61b linux-2.4.28-CAN-2004-0814.patch 145009 diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r3 index c85fde9d5a55..c85fde9d5a55 100644 --- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0 +++ b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.1.0-r3 diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2-r3.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2-r3.ebuild deleted file mode 100644 index 80b76063cdbd..000000000000 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2-r3.ebuild +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2-r3.ebuild,v 1.2 2005/01/08 05:21:39 solar Exp $ - -ETYPE="sources" -UNIPATCH_STRICTORDER="yes" -inherit kernel-2 -detect_version - -OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}" -PATCH_BASE="${PV/${OKV}./}" -PATCH_BASE="${PATCH_BASE/_/-}" -EXTRAVERSION="-grsec-${PATCH_BASE}" -KV_FULL="${OKV}${EXTRAVERSION}" - -PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch.gz" -DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" -SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch.gz \ - http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2" - -HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" -KEYWORDS="x86 sparc ppc alpha amd64 -hppa" -RESTRICT="buildpkg" -IUSE="" - -UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \ - ${FILESDIR}/2.4.28-binfmt_a.out.patch \ - ${FILESDIR}/CAN-2004-1016.patch \ - ${FILESDIR}/CAN-2004-1074.patch \ - ${FILESDIR}/CAN-2004-1056.patch" - -src_unpack() { - kernel-2_src_unpack - - # users are often confused by what settings should be set. - # so we provide an example of what a P4 desktop would look like. - cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config -} diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r1.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r1.ebuild deleted file mode 100644 index 3f4d5530bc66..000000000000 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r1.ebuild +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r1.ebuild,v 1.2 2005/02/04 14:43:06 solar Exp $ - -ETYPE="sources" -UNIPATCH_STRICTORDER="yes" -inherit kernel-2 -detect_version - -OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}" -PATCH_BASE="${PV/${OKV}./}" -PATCH_BASE="${PATCH_BASE/_/-}" -EXTRAVERSION="-grsec-${PATCH_BASE}" -PATCH_STAMP=200501051112 -KV_FULL="${OKV}${EXTRAVERSION}" -PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch" -DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" -SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch \ - http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 \ - http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.28-CAN-2004-0814.patch" - -HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" -KEYWORDS="~x86 ~sparc ~ppc ~alpha ~amd64 -hppa" -RESTRICT="buildpkg" -IUSE="" -RDEPEND="" -UNIPATCH_STRICTORDER="yes" -UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \ - ${FILESDIR}/2.4.28-binfmt_a.out.patch \ - ${FILESDIR}/CAN-2004-1016.patch \ - ${FILESDIR}/CAN-2004-1074.patch \ - ${FILESDIR}/CAN-2004-1056.patch \ - ${DISTDIR}/linux-2.4.28-CAN-2004-0814.patch \ - ${FILESDIR}/linux-2.4.28-random-poolsize.patch \ - ${FILESDIR}/2.4.27-cmdline-race.patch \ - ${FILESDIR}/2.4.28-uselib4pax.patch \ - ${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch \ - ${FILESDIR}/2.4.29-CAN-2005-0001.patch" - -src_unpack() { - kernel-2_src_unpack - - # users are often confused by what settings should be set. - # so we provide an example of what a P4 desktop would look like. - cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config -} diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r2.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r3.ebuild index 1ffec6a4bcdf..235ec87a9f68 100644 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r2.ebuild +++ b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r2.ebuild,v 1.1 2005/02/04 14:43:06 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0-r3.ebuild,v 1.1 2005/03/05 19:51:10 solar Exp $ ETYPE="sources" UNIPATCH_STRICTORDER="yes" @@ -36,7 +36,8 @@ UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \ ${FILESDIR}/2.4.28-uselib4pax.patch \ ${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch \ ${FILESDIR}/2.4.29-CAN-2005-0001.patch \ - ${FILESDIR}/CAN-2004-1335.patch" + ${FILESDIR}/CAN-2004-1335.patch \ + ${FILESDIR}/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch" src_unpack() { kernel-2_src_unpack diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild deleted file mode 100644 index 32d1ab9ca22b..000000000000 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild,v 1.4 2005/01/11 22:47:21 solar Exp $ - -ETYPE="sources" -UNIPATCH_STRICTORDER="yes" -inherit kernel-2 -detect_version - -OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}" -PATCH_BASE="${PV/${OKV}./}" -PATCH_BASE="${PATCH_BASE/_/-}" -EXTRAVERSION="-grsec-${PATCH_BASE}" -PATCH_STAMP=200501051112 -KV_FULL="${OKV}${EXTRAVERSION}" -PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch" -DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" -SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch \ - http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 \ - http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.28-CAN-2004-0814.patch" - -HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" -KEYWORDS="x86 sparc ppc alpha amd64 -hppa" -RESTRICT="buildpkg" -IUSE="" -RDEPEND="" -UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \ - ${FILESDIR}/2.4.28-binfmt_a.out.patch \ - ${FILESDIR}/CAN-2004-1016.patch \ - ${FILESDIR}/CAN-2004-1074.patch \ - ${FILESDIR}/CAN-2004-1056.patch \ - ${DISTDIR}/linux-2.4.28-CAN-2004-0814.patch \ - ${FILESDIR}/linux-2.4.28-random-poolsize.patch \ - ${FILESDIR}/2.4.27-cmdline-race.patch \ - ${FILESDIR}/2.4.28-uselib4pax.patch \ - ${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch" - -src_unpack() { - kernel-2_src_unpack - - # users are often confused by what settings should be set. - # so we provide an example of what a P4 desktop would look like. - cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config -} |