# ChangeLog for sys-kernel/rsbac-sources # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/rsbac-sources/ChangeLog,v 1.59 2008/02/20 17:34:13 kang Exp $ *rsbac-sources-2.6.23-r1 (20 Feb 2008) 20 Feb 2008; Guillaume Destuynder +rsbac-sources-2.6.23-r1.ebuild: Fix #210022 (pax vm), split previous CVE patches from RSBAC to be able to use gentoo's patch instead. *rsbac-sources-2.6.23 (15 Feb 2008) 15 Feb 2008; Guillaume Destuynder +rsbac-sources-2.6.23.ebuild: Bump to RSBAC 1.3.7. Also fixes the vmsplice vulnerabilities (included in the RSBAC patch) Fixes #209460 *rsbac-sources-2.6.21-r1 (19 Jul 2007) 19 Jul 2007; Guillaume Destuynder +rsbac-sources-2.6.21-r1.ebuild: Fixed UM password hashing from RSBAC 1.3.5 *rsbac-sources-2.6.21 (08 Jun 2007) 08 Jun 2007; Guillaume Destuynder -rsbac-sources-2.6.13.ebuild, rsbac-sources-2.6.19-r1.ebuild, +rsbac-sources-2.6.21.ebuild: bump to 1.3.4/2.6.21, 2.6.19-r1 stable on amd64, prune 2.6.13 *rsbac-sources-2.6.19-r1 (06 Feb 2007) 06 Feb 2007; Guillaume Destuynder +rsbac-sources-2.6.19-r1.ebuild: fix #165128 (fixes the PaX patch). bump gentoo patches. 31 Jan 2007; Guillaume Destuynder rsbac-sources-2.6.19.ebuild: bump stable on x86 24 Jan 2007; Guillaume Destuynder files/digest-rsbac-sources-2.6.13, files/digest-rsbac-sources-2.6.14, files/digest-rsbac-sources-2.6.14-r1, Manifest: regenerated digests *rsbac-sources-2.6.19 (12 Jan 2007) 12 Jan 2007; Guillaume Destuynder +rsbac-sources-2.6.19.ebuild: Bump to RSBAC 1.3.1 and kernel 2.6.19 *rsbac-sources-2.6.18-r1 (05 Dec 2006) 05 Dec 2006; Guillaume Destuynder rsbac-sources-2.6.18.ebuild, +rsbac-sources-2.6.18-r1.ebuild: Fixed squashfs compilation, added a few patches from genpatches-extra: 2400_bcm43xx-signal-quality.patch 2405-bcm43xx-tx-timeouts.patch 2000_softmac-shared-key-slab-corruption.patch 2500_via-irq-quirk-revert.patch 4000_deprecate-sk98lin.patch 4010_r8169-8168.patch 4105_dm-bbr.patch 4205_vesafb-tng-1.0-rc2.patch 4206_vesafb-tng-mtrr.patch Also added random pid patch ported from grsecurity. *rsbac-sources-2.6.18 (09 Nov 2006) 09 Nov 2006; Guillaume Destuynder +rsbac-sources-2.6.18.ebuild: Bump 2.6.18 with RSBAC 1.3.0 *rsbac-sources-2.6.16-r1 (08 Aug 2006) 08 Aug 2006; Guillaume Destuynder -rsbac-sources-2.4.31.ebuild, -rsbac-sources-2.4.32.ebuild, -rsbac-sources-2.4.99.ebuild, +rsbac-sources-2.6.16-r1.ebuild: bump genpatches to ver 15, removed 2.4 ebuilds (had a warning for deletion since a few monthes => sys-kernel/hardened-sources has 2.4 ebuilds) See http://www.gentoo.org/proj/en/hardened/rsbac/transition.xml 10 Jul 2006; rsbac-sources-2.6.14-r1.ebuild: marked ~ppc *rsbac-sources-2.6.16 (09 Jun 2006) 09 Jun 2006; Guillaume Destuynder rsbac-sources-2.4.32.ebuild, +rsbac-sources-2.6.16.ebuild: bump rsbac 1.2.7 for kernel 2.6 2.4.32 stable *rsbac-sources-2.6.14-r1 (20 Apr 2006) *rsbac-sources-2.4.32 (20 Apr 2006) 20 Apr 2006; Guillaume Destuynder +rsbac-sources-2.4.32.ebuild, +rsbac-sources-2.6.14-r1.ebuild: bump to 2.4.32 (from hardened-sources) and gentoo patchset 13 for 2.6.14. 27 Feb 2006; Patrick McLean rsbac-sources-2.4.31.ebuild, rsbac-sources-2.4.99.ebuild: Drop amd64 keywords from all 2.4 kernels since they're not supported. 16 Feb 2006; Guillaume Destuynder -rsbac-sources-2.4.29.ebuild, -rsbac-sources-2.4.29-r1.ebuild, -rsbac-sources-2.4.29-r2.ebuild, rsbac-sources-2.4.31.ebuild, -rsbac-sources-2.6.11-r1.ebuild, -rsbac-sources-2.6.11-r2.ebuild, -rsbac-sources-2.6.11-r3.ebuild, -rsbac-sources-2.6.11-r4.ebuild, -rsbac-sources-2.6.11-r5.ebuild: cleaned up 1.2.4 ebuilds. stable 2.4 with warning to hardened-sources. 16 Feb 2006; Guillaume Destuynder rsbac-sources-2.4.31.ebuild, rsbac-sources-2.6.14.ebuild: 2.6.14 stable Fixed KEYWORDS.stupid *rsbac-sources-2.6.14 (13 Jan 2006) 13 Jan 2006; Guillaume Destuynder +rsbac-sources-2.6.14.ebuild: 2.6.14 based on hardened+pax and rsbac 1.2.5.1 *rsbac-sources-2.6.13 (07 Oct 2005) 17 Nov 2005; Guillaume Destuynder rsbac-sources-2.4.31.ebuild, rsbac-sources-2.6.13.ebuild, rsbac-sources-2.6.99.ebuild: Added ~amd64 to 2.4.31 and 2.6.13, 2.6.99 kernels. Fixed svn URL to the new, new server. 30 Oct 2005; Guillaume Destuynder rsbac-sources-2.6.13.ebuild, rsbac-sources-2.4.31.ebuild: 2.6.13 with 1.2.5 marked stable. *rsbac-sources-2.4.31 (07 Oct 2005) 07 Oct 2005; Guillaume Destuynder +rsbac-sources-2.4.31.ebuild, rsbac-sources-2.4.99.ebuild, +rsbac-sources-2.6.13.ebuild, rsbac-sources-2.6.99.ebuild: Bump to RSBAC 1.2.5, kernels 2.4.31 and 2.6.13.3. *rsbac-sources-2.6.11-r5 (13 Jul 2005) 13 Jul 2005; Guillaume Destuynder rsbac-sources-2.6.11-r4.ebuild, +rsbac-sources-2.6.11-r5.ebuild: Removed default RSBAC EXTRAVERSION, use only the one appended by Gentoo. *rsbac-sources-2.6.11-r4 (31 May 2005) 31 May 2005; Guillaume Destuynder +rsbac-sources-2.6.11-r4.ebuild: Bump rsbac 2.6 to latest fixed with all patches from 2.6.11.11 *rsbac-sources-2.6.99 (09 May 2005) *rsbac-sources-2.4.99 (09 May 2005) 09 May 2005; Guillaume Destuynder +rsbac-sources-2.4.99.ebuild, +rsbac-sources-2.6.99.ebuild: Added 2.4 and 2.6 SVN live ebuilds. Thoses are hardmasked and never change that. It is meant to help users testing the latest version of RSBAC in case of problems. This kind of help isn't supported by gentoo (we are hardmasked, means, use at your very own risks), but will often be suggested by RSBAC for testing out fixes or testing the latest version. Until now, users had to checkout by hand but most prefered gragging thoses two ebuilds. Be sure to use SVN version of rsbac-admin with thoses! *rsbac-sources-2.6.11-r3 (01 May 2005) 01 May 2005; Guillaume Destuynder +rsbac-sources-2.6.11-r3.ebuild: Fixes #85795 Rose and SCSI tape vulnerability *rsbac-sources-2.6.11-r2 (08 Apr 2005) 08 Apr 2005; Guillaume Destuynder +rsbac-sources-2.6.11-r2.ebuild: Fixes #74070 and upgrade to 2.6.11.7/rsbacfixed 08/04/05 01 Apr 2005; Guillaume Destuynder rsbac-sources-2.4.29-r2.ebuild: Marked 2.4.29-r2 stable. *rsbac-sources-2.6.10-r4 (26 Mar 2005) 26 Mar 2005; Guillaume Destuynder -rsbac-sources-2.6.10-r1.ebuild, -rsbac-sources-2.6.10-r2.ebuild, -rsbac-sources-2.6.10-r3.ebuild, -rsbac-sources-2.6.10-r4.ebuild, rsbac-sources-2.6.11-r1.ebuild, -rsbac-sources-2.6.11.ebuild: Fixed wrong rsbac-admin dependency (you can't build rsbac-admin before kernel..) and cleaned up ebuild directory. *rsbac-sources-2.6.11-r1 (21 Mar 2005) 21 Mar 2005; Guillaume Destuynder +rsbac-sources-2.4.29-r2.ebuild, rsbac-sources-2.6.11-r1.ebuild: Marked 2.6.11-r1 stable ; bumped 2.4.29-r2 to latest rsbacfixed in ~x86. 17 Mar 2005; Guillaume Destuynder : Bump 2.6 to latest rsbacfixed. also includes netdev-random. *rsbac-sources-2.6.11 (13 Mar 2005) 13 Mar 2005; Guillaume Destuynder +rsbac-sources-2.6.11.ebuild: bump to 2.6.11, security fix: pax escalation, has squashfs for livecds. 01 Mar 2005; Guillaume Destuynder : Security Fix: rsbacfixed + as6 + 1.2.4-1 + 1.2.4-2, see README or rsbac.org *rsbac-sources-2.6.10-r3 (10 Feb 2005) 10 Feb 2005; Guillaume Destuynder +rsbac-sources-2.4.29-r1.ebuild, +rsbac-sources-2.6.10-r3.ebuild: Bump to RSBAC v1.2.4 *rsbac-sources-2.6.10-r2 (07 Feb 2005) 07 Feb 2005; Guillaume Destuynder +rsbac-sources-2.6.10-r2.ebuild: RSBAC 2.6 kernel is now based on -rsbacfixed which is based on -as. Contains all security fixes and all RSBAC fixes, plus PaX and RSBAC, of course. 29 Jan 2005; Guillaume Destuynder -rsbac-sources-2.4.28-r2.ebuild, rsbac-sources-2.4.29.ebuild: 2.4x tree is tested and supported on ~ppc. 2.4.29 has been marked stable on x86. *rsbac-sources-2.4.29 (21 Jan 2005) 21 Jan 2005; Guillaume Destuynder -files/rsbac-sources-v1.2.3-1.patch, -files/rsbac-sources-v1.2.3-3.patch, -files/rsbac-sources-v1.2.3-4.patch, -files/rsbac-sources-v1.2.3-5.patch, -files/rsbac-sources-v1.2.3-6.patch, -rsbac-sources-2.4.28-r1.ebuild, rsbac-sources-2.4.28-r2.ebuild, +rsbac-sources-2.4.29.ebuild, rsbac-sources-2.6.10-r1.ebuild: Version bump to 2.4.29 Fixed double ChangeLog entry (???) 18 Jan 2005; Guillaume Destuynder -files/rsbac-bugfix-v1.2.3-6.diff, -files/rsbac-bugfix-v1.2.3-ao-01.diff, -files/rsbac-bugfix-v1.2.3-kang-01.diff, -files/rsbac-sources-2.6.7-62524-ptmx.patch, -files/rsbac-sources-2.6.7-70681-binfmt.patch, -files/rsbac-sources-2.6.7-AF_UNIX.patch, -files/rsbac-sources-2.6.7-CAN-2004-0883.patch, -files/rsbac-sources-2.6.7-dos_mem_disc1.patch, -files/rsbac-sources-2.6.7-dos_mem_disc2.patch, -files/rsbac-sources-CAN-2004-0497.patch, -files/rsbac-sources-CAN-2004-0596.patch, -files/rsbac-sources-CAN-2004-0816.patch, -files/rsbac-sources-CAN-2004-1069.patch, -files/rsbac-sources-iptables-dos.patch, -rsbac-sources-2.6.10.ebuild, -rsbac-sources-2.6.7-r11.ebuild, -rsbac-sources-2.6.9.ebuild, +rsbac-sources-2.6.10-r1.ebuild: Security issue: #75963 with LSM fixed. Fixed double EXTRAVERSION already present in newer rsbac patches. Stable x86. 14 Jan 2005; Guillaume Destuynder rsbac-sources-2.4.28-r2.ebuild, rsbac-sources-2.6.10.ebuild: Fixes #77344: informs the user about rsbac doc project *rsbac-sources-2.4.28-r2 (14 Jan 2005) 14 Jan 2005; Guillaume Destuynder +rsbac-sources-2.4.28-r2.ebuild: Security fixes can 1137 and 1056 *rsbac-sources-2.6.10 (13 Jan 2005) 13 Jan 2005; Guillaume Destuynder +rsbac-sources-2.6.10.ebuild: Bump 2.6 tree to 2.6.10 + all security fixes. *rsbac-sources-2.6.9 (12 Jan 2005) 12 Jan 2005; John Mylchreest +files/rsbac-bugfix-v1.2.3-6.diff, +files/rsbac-bugfix-v1.2.3-ao-01.diff, +files/rsbac-bugfix-v1.2.3-kang-01.diff, +files/rsbac-sources-2.6.7-62524-ptmx.patch, +files/rsbac-sources-2.6.7-70681-binfmt.patch, +files/rsbac-sources-2.6.7-AF_UNIX.patch, +files/rsbac-sources-2.6.7-CAN-2004-0883.patch, +files/rsbac-sources-2.6.7-dos_mem_disc1.patch, +files/rsbac-sources-2.6.7-dos_mem_disc2.patch, +files/rsbac-sources-CAN-2004-0497.patch, +files/rsbac-sources-CAN-2004-0596.patch, +files/rsbac-sources-CAN-2004-0816.patch, +files/rsbac-sources-CAN-2004-1069.patch, +files/rsbac-sources-iptables-dos.patch, +rsbac-sources-2.6.7-r11.ebuild, +rsbac-sources-2.6.9.ebuild: 2.6->2.4 amalgamation. Please see web-cvs for changelog from rsbas-dev-sources *rsbac-sources-2.4.28-r1 (08 Dec 2004) 08 Dec 2004; Guillaume Destuynder +files/rsbac-sources-2.4.28-dos_mem_disc.patch, -files/rsbac-sources-CAN-2004-0497.patch, +files/rsbac-sources-v1.2.3-1.patch, +files/rsbac-sources-v1.2.3-2.patch, +files/rsbac-sources-v1.2.3-4.patch, +files/rsbac-sources-v1.2.3-5.patch, +files/rsbac-sources-v1.2.3-6.patch, -rsbac-sources-2.4.26-r5.ebuild, +rsbac-sources-2.4.28-r1.ebuild, -rsbac-sources-2.4.28.ebuild: Security fix bug #72452: Linux Kernel Local DoS and Memory Content Disclosure Vulnerabilities *rsbac-sources-2.4.28 (29 Nov 2004) 29 Nov 2004; Guillaume Destuynder +rsbac-sources-2.4.28.ebuild: Bump to 2.4.28 *rsbac-sources-2.4.26-r5 (10 Aug 2004) 10 Aug 2004; Guillaume Destuynder +files/2.4.26-CAN-2004-685.patch, +files/2.4.26-cmdline-race.patch, -rsbac-sources-2.4.26-r4.ebuild, +rsbac-sources-2.4.26-r5.ebuild: Fixes CAN 0685 and cmdline, bug #59769, #59905 *rsbac-sources-2.4.26-r4 (05 Aug 2004) 05 Aug 2004; Guillaume Destuynder -rsbac-sources-2.4.26-r3.ebuild, +rsbac-sources-2.4.26-r4.ebuild: Fixes CAN 0415 and #59378 (file offset pointer handling vulnerability) *rsbac-sources-2.4.26-r3 (16 Jul 2004) 26 Jul 2004; Guillaume Destuynder rsbac-sources-2.4.26-r3.ebuild: Marked stable on x86. 16 Jul 2004; Guillaume Destuynder +files/rsbac-sources-CAN-2004-0497.patch, +rsbac-sources-2.4.26-r3.ebuild, -rsbac-sources-2.4.26-r2.ebuild, -rsbac-sources-2.4.26-r1.ebuild: Fixes CAN 0497 and #56479 *rsbac-sources-2.4.26-r2 (30 Jun 2004) 30 Jun 2004; Guillaume Destuynder +files/rsbac-sources-v1.2.3-3.patch, +rsbac-sources-2.4.26-r2.ebuild: JAIL Security fix, see http://rsbac.org/download/bugfixes/ *rsbac-sources-2.4.26-r1 (29 Jun 2004) 29 Jun 2004; Guillaume Destuynder -rsbac-sources-2.4.26.ebuild, +rsbac-sources-2.4.26-r1.ebuild, +files/rsbac-sources-2.4.CAN-2004-0495.patch, +files/ rsbac-sources-2.4.CAN-2004-0535.patch: Security bump with fixes for 2.4.26 *rsbac-sources-2.4.26 (24 Jun 2004) 24 Jun 2004; Guillaume Destuynder : Initial import. Ebuild submitted by zhware Added 1.2.3-1 security bugfixe from rsbac.org