Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2012-02-05 11:40:33 -0500
committerAnthony G. Basile <blueness@gentoo.org>2012-02-05 11:40:33 -0500
commit37cbbcacda2762cc7a054330ae8df40dd5ec9e62 (patch)
tree505cfa2dfa54d68377412be58f2a1b39d0cb10c8
parentGrsec/PaX: 2.2.2-2.6.32.56-201202032051 + 2.2.2-3.2.4-201202032052 (diff)
downloadhardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.tar.gz
hardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.tar.bz2
hardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.zip
Renumbered patches
Diffstat
-rw-r--r--2.6.32/0000_README27
-rw-r--r--2.6.32/4430_grsec-remove-localversion-grsec.patch (renamed from 2.6.32/4421_grsec-remove-localversion-grsec.patch)0
-rw-r--r--2.6.32/4435_grsec-mute-warnings.patch (renamed from 2.6.32/4422_grsec-mute-warnings.patch)0
-rw-r--r--2.6.32/4440_grsec-remove-protected-paths.patch (renamed from 2.6.32/4423_grsec-remove-protected-paths.patch)0
-rw-r--r--2.6.32/4445_grsec-pax-without-grsec.patch (renamed from 2.6.32/4425_grsec-pax-without-grsec.patch)0
-rw-r--r--2.6.32/4450_grsec-kconfig-default-gids.patch (renamed from 2.6.32/4430_grsec-kconfig-default-gids.patch)0
-rw-r--r--2.6.32/4455_grsec-kconfig-gentoo.patch (renamed from 2.6.32/4435_grsec-kconfig-gentoo.patch)0
-rw-r--r--2.6.32/4460-grsec-kconfig-proc-user.patch (renamed from 2.6.32/4437-grsec-kconfig-proc-user.patch)0
-rw-r--r--2.6.32/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 2.6.32/4440_selinux-avc_audit-log-curr_ip.patch)0
-rw-r--r--2.6.32/4470_disable-compat_vdso.patch (renamed from 2.6.32/4445_disable-compat_vdso.patch)0
-rw-r--r--2.6.32/4475_check_ssp_fix.patch (renamed from 2.6.32/4450_check_ssp_fix.patch)0
-rw-r--r--3.2.4/0000_README21
-rw-r--r--3.2.4/4430_grsec-remove-localversion-grsec.patch (renamed from 3.2.4/4421_grsec-remove-localversion-grsec.patch)0
-rw-r--r--3.2.4/4435_grsec-mute-warnings.patch (renamed from 3.2.4/4422_grsec-mute-warnings.patch)0
-rw-r--r--3.2.4/4440_grsec-remove-protected-paths.patch (renamed from 3.2.4/4423_grsec-remove-protected-paths.patch)0
-rw-r--r--3.2.4/4445_grsec-pax-without-grsec.patch (renamed from 3.2.4/4425_grsec-pax-without-grsec.patch)0
-rw-r--r--3.2.4/4450_grsec-kconfig-default-gids.patch (renamed from 3.2.4/4430_grsec-kconfig-default-gids.patch)0
-rw-r--r--3.2.4/4455_grsec-kconfig-gentoo.patch (renamed from 3.2.4/4435_grsec-kconfig-gentoo.patch)0
-rw-r--r--3.2.4/4460-grsec-kconfig-proc-user.patch (renamed from 3.2.4/4437-grsec-kconfig-proc-user.patch)0
-rw-r--r--3.2.4/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch)0
-rw-r--r--3.2.4/4470_disable-compat_vdso.patch (renamed from 3.2.4/4445_disable-compat_vdso.patch)0
21 files changed, 29 insertions, 19 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index f0c7190..ecd453e 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -22,46 +22,51 @@ Patch: 4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
-Patch: 4421_grsec-remove-localversion-grsec.patch
+Patch: 4430_grsec-remove-localversion-grsec.patch
From: Kerin Millar <kerframil@gmail.com>
Desc: Removes grsecurity's localversion-grsec file
-Patch: 4422_grsec-mute-warnings.patch
+Patch: 4435_grsec-mute-warnings.patch
From: Alexander Gabert <gaberta@fh-trier.de>
Gordon Malm <gengor@gentoo.org>
Desc: Removes verbose compile warning settings from grsecurity, restores
mainline Linux kernel behavior
-Patch: 4423_grsec-remove-protected-paths.patch
+Patch: 4440_grsec-remove-protected-paths.patch
From: Anthony G. Basile <blueness@gentoo.org>
Desc: Removes chmod statements from grsecurity/Makefile
-Patch: 4425_grsec-pax-without-grsec.patch
+Patch: 4445_grsec-pax-without-grsec.patch
From: Gordon Malm <gengor@gentoo.org>
Desc: Allows PaX features to be selected without enabling GRKERNSEC
-Patch: 4430_grsec-kconfig-default-gids.patch
+Patch: 4450_grsec-kconfig-default-gids.patch
From: Kerin Millar <kerframil@gmail.com>
Desc: Sets sane(r) default GIDs on various grsecurity group-dependent
features
-Patch: 4435_grsec-kconfig-gentoo.patch
+Patch: 4455_grsec-kconfig-gentoo.patch
From: Gordon Malm <gengor@gentoo.org>
Kerin Millar <kerframil@gmail.com>
Anthony G. Basile <blueness@gentoo.org>
-Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels,
- sets Hardened Gentoo [workstation] as default
+Desc: Adds Hardened Gentoo [server/workstation/virtualization] security
+ levels, sets Hardened Gentoo [workstation] as default
-Patch: 4440_selinux-avc_audit-log-curr_ip.patch
+Patch: 4460-grsec-kconfig-proc-user.patch
+From: Anthony G. Basile <blueness@gentoo.org>
+Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually
+ exclusive to avoid bug #366019.
+
+Patch: 4465_selinux-avc_audit-log-curr_ip.patch
From: Gordon Malm <gengor@gentoo.org>
Anthony G. Basile <blueness@gentoo.org>
Desc: Configurable option to add src IP address to SELinux log messages
-Patch: 4445_disable-compat_vdso.patch
+Patch: 4470_disable-compat_vdso.patch
From: Gordon Malm <gengor@gentoo.org>
Kerin Millar <kerframil@gmail.com>
Desc: Disables VDSO_COMPAT operation completely
-Patch: 4450_check_ssp_fix.patch
+Patch: 4475_check_ssp_fix.patch
From: Magnus Granberg <zorry@gentoo.org>
Desc: Fixes kernel check script for ssp
diff --git a/2.6.32/4421_grsec-remove-localversion-grsec.patch b/2.6.32/4430_grsec-remove-localversion-grsec.patch
index 31cf878..31cf878 100644
--- a/2.6.32/4421_grsec-remove-localversion-grsec.patch
+++ b/2.6.32/4430_grsec-remove-localversion-grsec.patch
diff --git a/2.6.32/4422_grsec-mute-warnings.patch b/2.6.32/4435_grsec-mute-warnings.patch
index 127d90d..127d90d 100644
--- a/2.6.32/4422_grsec-mute-warnings.patch
+++ b/2.6.32/4435_grsec-mute-warnings.patch
diff --git a/2.6.32/4423_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch
index 5cec66c..5cec66c 100644
--- a/2.6.32/4423_grsec-remove-protected-paths.patch
+++ b/2.6.32/4440_grsec-remove-protected-paths.patch
diff --git a/2.6.32/4425_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch
index 0f87dc1..0f87dc1 100644
--- a/2.6.32/4425_grsec-pax-without-grsec.patch
+++ b/2.6.32/4445_grsec-pax-without-grsec.patch
diff --git a/2.6.32/4430_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch
index 763d845..763d845 100644
--- a/2.6.32/4430_grsec-kconfig-default-gids.patch
+++ b/2.6.32/4450_grsec-kconfig-default-gids.patch
diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4455_grsec-kconfig-gentoo.patch
index b7e7322..b7e7322 100644
--- a/2.6.32/4435_grsec-kconfig-gentoo.patch
+++ b/2.6.32/4455_grsec-kconfig-gentoo.patch
diff --git a/2.6.32/4437-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch
index ca88ef7..ca88ef7 100644
--- a/2.6.32/4437-grsec-kconfig-proc-user.patch
+++ b/2.6.32/4460-grsec-kconfig-proc-user.patch
diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
index 0873c15..0873c15 100644
--- a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch
+++ b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
diff --git a/2.6.32/4445_disable-compat_vdso.patch b/2.6.32/4470_disable-compat_vdso.patch
index c8e1aeb..c8e1aeb 100644
--- a/2.6.32/4445_disable-compat_vdso.patch
+++ b/2.6.32/4470_disable-compat_vdso.patch
diff --git a/2.6.32/4450_check_ssp_fix.patch b/2.6.32/4475_check_ssp_fix.patch
index 40e0467..40e0467 100644
--- a/2.6.32/4450_check_ssp_fix.patch
+++ b/2.6.32/4475_check_ssp_fix.patch
diff --git a/3.2.4/0000_README b/3.2.4/0000_README
index 97fce67..ce0507d 100644
--- a/3.2.4/0000_README
+++ b/3.2.4/0000_README
@@ -14,42 +14,47 @@ Patch: 4420_grsecurity-2.2.2-3.2.4-201202032052.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
-Patch: 4421_grsec-remove-localversion-grsec.patch
+Patch: 4430_grsec-remove-localversion-grsec.patch
From: Kerin Millar <kerframil@gmail.com>
Desc: Removes grsecurity's localversion-grsec file
-Patch: 4422_grsec-mute-warnings.patch
+Patch: 4435_grsec-mute-warnings.patch
From: Alexander Gabert <gaberta@fh-trier.de>
Gordon Malm <gengor@gentoo.org>
Desc: Removes verbose compile warning settings from grsecurity, restores
mainline Linux kernel behavior
-Patch: 4423_grsec-remove-protected-paths.patch
+Patch: 4440_grsec-remove-protected-paths.patch
From: Anthony G. Basile <blueness@gentoo.org>
Desc: Removes chmod statements from grsecurity/Makefile
-Patch: 4425_grsec-pax-without-grsec.patch
+Patch: 4445_grsec-pax-without-grsec.patch
From: Gordon Malm <gengor@gentoo.org>
Desc: Allows PaX features to be selected without enabling GRKERNSEC
-Patch: 4430_grsec-kconfig-default-gids.patch
+Patch: 4450_grsec-kconfig-default-gids.patch
From: Kerin Millar <kerframil@gmail.com>
Desc: Sets sane(r) default GIDs on various grsecurity group-dependent
features
-Patch: 4435_grsec-kconfig-gentoo.patch
+Patch: 4455_grsec-kconfig-gentoo.patch
From: Gordon Malm <gengor@gentoo.org>
Kerin Millar <kerframil@gmail.com>
Anthony G. Basile <blueness@gentoo.org>
Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels,
sets Hardened Gentoo [workstation] as default
-Patch: 4440_selinux-avc_audit-log-curr_ip.patch
+Patch: 4460-grsec-kconfig-proc-user.patch
+From: Anthony G. Basile <blueness@gentoo.org>
+Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually
+ exclusive to avoid bug #366019.
+
+Patch: 4465_selinux-avc_audit-log-curr_ip.patch
From: Gordon Malm <gengor@gentoo.org>
Anthony G. Basile <blueness@gentoo.org>
Desc: Configurable option to add src IP address to SELinux log messages
-Patch: 4445_disable-compat_vdso.patch
+Patch: 4470_disable-compat_vdso.patch
From: Gordon Malm <gengor@gentoo.org>
Kerin Millar <kerframil@gmail.com>
Desc: Disables VDSO_COMPAT operation completely
diff --git a/3.2.4/4421_grsec-remove-localversion-grsec.patch b/3.2.4/4430_grsec-remove-localversion-grsec.patch
index 31cf878..31cf878 100644
--- a/3.2.4/4421_grsec-remove-localversion-grsec.patch
+++ b/3.2.4/4430_grsec-remove-localversion-grsec.patch
diff --git a/3.2.4/4422_grsec-mute-warnings.patch b/3.2.4/4435_grsec-mute-warnings.patch
index e85abd6..e85abd6 100644
--- a/3.2.4/4422_grsec-mute-warnings.patch
+++ b/3.2.4/4435_grsec-mute-warnings.patch
diff --git a/3.2.4/4423_grsec-remove-protected-paths.patch b/3.2.4/4440_grsec-remove-protected-paths.patch
index 4afb3e2..4afb3e2 100644
--- a/3.2.4/4423_grsec-remove-protected-paths.patch
+++ b/3.2.4/4440_grsec-remove-protected-paths.patch
diff --git a/3.2.4/4425_grsec-pax-without-grsec.patch b/3.2.4/4445_grsec-pax-without-grsec.patch
index 9992f51..9992f51 100644
--- a/3.2.4/4425_grsec-pax-without-grsec.patch
+++ b/3.2.4/4445_grsec-pax-without-grsec.patch
diff --git a/3.2.4/4430_grsec-kconfig-default-gids.patch b/3.2.4/4450_grsec-kconfig-default-gids.patch
index 0807a4e..0807a4e 100644
--- a/3.2.4/4430_grsec-kconfig-default-gids.patch
+++ b/3.2.4/4450_grsec-kconfig-default-gids.patch
diff --git a/3.2.4/4435_grsec-kconfig-gentoo.patch b/3.2.4/4455_grsec-kconfig-gentoo.patch
index 587b7d9..587b7d9 100644
--- a/3.2.4/4435_grsec-kconfig-gentoo.patch
+++ b/3.2.4/4455_grsec-kconfig-gentoo.patch
diff --git a/3.2.4/4437-grsec-kconfig-proc-user.patch b/3.2.4/4460-grsec-kconfig-proc-user.patch
index 72b894a..72b894a 100644
--- a/3.2.4/4437-grsec-kconfig-proc-user.patch
+++ b/3.2.4/4460-grsec-kconfig-proc-user.patch
diff --git a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch b/3.2.4/4465_selinux-avc_audit-log-curr_ip.patch
index 7c9894c..7c9894c 100644
--- a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch
+++ b/3.2.4/4465_selinux-avc_audit-log-curr_ip.patch
diff --git a/3.2.4/4445_disable-compat_vdso.patch b/3.2.4/4470_disable-compat_vdso.patch
index 4742d01..4742d01 100644
--- a/3.2.4/4445_disable-compat_vdso.patch
+++ b/3.2.4/4470_disable-compat_vdso.patch