diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2012-02-05 11:40:33 -0500 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2012-02-05 11:40:33 -0500 |
commit | 37cbbcacda2762cc7a054330ae8df40dd5ec9e62 (patch) | |
tree | 505cfa2dfa54d68377412be58f2a1b39d0cb10c8 | |
parent | Grsec/PaX: 2.2.2-2.6.32.56-201202032051 + 2.2.2-3.2.4-201202032052 (diff) | |
download | hardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.tar.gz hardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.tar.bz2 hardened-patchset-37cbbcacda2762cc7a054330ae8df40dd5ec9e62.zip |
Renumbered patches
-rw-r--r-- | 2.6.32/0000_README | 27 | ||||
-rw-r--r-- | 2.6.32/4430_grsec-remove-localversion-grsec.patch (renamed from 2.6.32/4421_grsec-remove-localversion-grsec.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4435_grsec-mute-warnings.patch (renamed from 2.6.32/4422_grsec-mute-warnings.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4440_grsec-remove-protected-paths.patch (renamed from 2.6.32/4423_grsec-remove-protected-paths.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4445_grsec-pax-without-grsec.patch (renamed from 2.6.32/4425_grsec-pax-without-grsec.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4450_grsec-kconfig-default-gids.patch (renamed from 2.6.32/4430_grsec-kconfig-default-gids.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4455_grsec-kconfig-gentoo.patch (renamed from 2.6.32/4435_grsec-kconfig-gentoo.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4460-grsec-kconfig-proc-user.patch (renamed from 2.6.32/4437-grsec-kconfig-proc-user.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 2.6.32/4440_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4470_disable-compat_vdso.patch (renamed from 2.6.32/4445_disable-compat_vdso.patch) | 0 | ||||
-rw-r--r-- | 2.6.32/4475_check_ssp_fix.patch (renamed from 2.6.32/4450_check_ssp_fix.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/0000_README | 21 | ||||
-rw-r--r-- | 3.2.4/4430_grsec-remove-localversion-grsec.patch (renamed from 3.2.4/4421_grsec-remove-localversion-grsec.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4435_grsec-mute-warnings.patch (renamed from 3.2.4/4422_grsec-mute-warnings.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4440_grsec-remove-protected-paths.patch (renamed from 3.2.4/4423_grsec-remove-protected-paths.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4445_grsec-pax-without-grsec.patch (renamed from 3.2.4/4425_grsec-pax-without-grsec.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4450_grsec-kconfig-default-gids.patch (renamed from 3.2.4/4430_grsec-kconfig-default-gids.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4455_grsec-kconfig-gentoo.patch (renamed from 3.2.4/4435_grsec-kconfig-gentoo.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4460-grsec-kconfig-proc-user.patch (renamed from 3.2.4/4437-grsec-kconfig-proc-user.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
-rw-r--r-- | 3.2.4/4470_disable-compat_vdso.patch (renamed from 3.2.4/4445_disable-compat_vdso.patch) | 0 |
21 files changed, 29 insertions, 19 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index f0c7190..ecd453e 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -22,46 +22,51 @@ Patch: 4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity -Patch: 4421_grsec-remove-localversion-grsec.patch +Patch: 4430_grsec-remove-localversion-grsec.patch From: Kerin Millar <kerframil@gmail.com> Desc: Removes grsecurity's localversion-grsec file -Patch: 4422_grsec-mute-warnings.patch +Patch: 4435_grsec-mute-warnings.patch From: Alexander Gabert <gaberta@fh-trier.de> Gordon Malm <gengor@gentoo.org> Desc: Removes verbose compile warning settings from grsecurity, restores mainline Linux kernel behavior -Patch: 4423_grsec-remove-protected-paths.patch +Patch: 4440_grsec-remove-protected-paths.patch From: Anthony G. Basile <blueness@gentoo.org> Desc: Removes chmod statements from grsecurity/Makefile -Patch: 4425_grsec-pax-without-grsec.patch +Patch: 4445_grsec-pax-without-grsec.patch From: Gordon Malm <gengor@gentoo.org> Desc: Allows PaX features to be selected without enabling GRKERNSEC -Patch: 4430_grsec-kconfig-default-gids.patch +Patch: 4450_grsec-kconfig-default-gids.patch From: Kerin Millar <kerframil@gmail.com> Desc: Sets sane(r) default GIDs on various grsecurity group-dependent features -Patch: 4435_grsec-kconfig-gentoo.patch +Patch: 4455_grsec-kconfig-gentoo.patch From: Gordon Malm <gengor@gentoo.org> Kerin Millar <kerframil@gmail.com> Anthony G. Basile <blueness@gentoo.org> -Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels, - sets Hardened Gentoo [workstation] as default +Desc: Adds Hardened Gentoo [server/workstation/virtualization] security + levels, sets Hardened Gentoo [workstation] as default -Patch: 4440_selinux-avc_audit-log-curr_ip.patch +Patch: 4460-grsec-kconfig-proc-user.patch +From: Anthony G. Basile <blueness@gentoo.org> +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually + exclusive to avoid bug #366019. + +Patch: 4465_selinux-avc_audit-log-curr_ip.patch From: Gordon Malm <gengor@gentoo.org> Anthony G. Basile <blueness@gentoo.org> Desc: Configurable option to add src IP address to SELinux log messages -Patch: 4445_disable-compat_vdso.patch +Patch: 4470_disable-compat_vdso.patch From: Gordon Malm <gengor@gentoo.org> Kerin Millar <kerframil@gmail.com> Desc: Disables VDSO_COMPAT operation completely -Patch: 4450_check_ssp_fix.patch +Patch: 4475_check_ssp_fix.patch From: Magnus Granberg <zorry@gentoo.org> Desc: Fixes kernel check script for ssp diff --git a/2.6.32/4421_grsec-remove-localversion-grsec.patch b/2.6.32/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/2.6.32/4421_grsec-remove-localversion-grsec.patch +++ b/2.6.32/4430_grsec-remove-localversion-grsec.patch diff --git a/2.6.32/4422_grsec-mute-warnings.patch b/2.6.32/4435_grsec-mute-warnings.patch index 127d90d..127d90d 100644 --- a/2.6.32/4422_grsec-mute-warnings.patch +++ b/2.6.32/4435_grsec-mute-warnings.patch diff --git a/2.6.32/4423_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch index 5cec66c..5cec66c 100644 --- a/2.6.32/4423_grsec-remove-protected-paths.patch +++ b/2.6.32/4440_grsec-remove-protected-paths.patch diff --git a/2.6.32/4425_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch index 0f87dc1..0f87dc1 100644 --- a/2.6.32/4425_grsec-pax-without-grsec.patch +++ b/2.6.32/4445_grsec-pax-without-grsec.patch diff --git a/2.6.32/4430_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch index 763d845..763d845 100644 --- a/2.6.32/4430_grsec-kconfig-default-gids.patch +++ b/2.6.32/4450_grsec-kconfig-default-gids.patch diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4455_grsec-kconfig-gentoo.patch index b7e7322..b7e7322 100644 --- a/2.6.32/4435_grsec-kconfig-gentoo.patch +++ b/2.6.32/4455_grsec-kconfig-gentoo.patch diff --git a/2.6.32/4437-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch index ca88ef7..ca88ef7 100644 --- a/2.6.32/4437-grsec-kconfig-proc-user.patch +++ b/2.6.32/4460-grsec-kconfig-proc-user.patch diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch index 0873c15..0873c15 100644 --- a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch +++ b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/2.6.32/4445_disable-compat_vdso.patch b/2.6.32/4470_disable-compat_vdso.patch index c8e1aeb..c8e1aeb 100644 --- a/2.6.32/4445_disable-compat_vdso.patch +++ b/2.6.32/4470_disable-compat_vdso.patch diff --git a/2.6.32/4450_check_ssp_fix.patch b/2.6.32/4475_check_ssp_fix.patch index 40e0467..40e0467 100644 --- a/2.6.32/4450_check_ssp_fix.patch +++ b/2.6.32/4475_check_ssp_fix.patch diff --git a/3.2.4/0000_README b/3.2.4/0000_README index 97fce67..ce0507d 100644 --- a/3.2.4/0000_README +++ b/3.2.4/0000_README @@ -14,42 +14,47 @@ Patch: 4420_grsecurity-2.2.2-3.2.4-201202032052.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity -Patch: 4421_grsec-remove-localversion-grsec.patch +Patch: 4430_grsec-remove-localversion-grsec.patch From: Kerin Millar <kerframil@gmail.com> Desc: Removes grsecurity's localversion-grsec file -Patch: 4422_grsec-mute-warnings.patch +Patch: 4435_grsec-mute-warnings.patch From: Alexander Gabert <gaberta@fh-trier.de> Gordon Malm <gengor@gentoo.org> Desc: Removes verbose compile warning settings from grsecurity, restores mainline Linux kernel behavior -Patch: 4423_grsec-remove-protected-paths.patch +Patch: 4440_grsec-remove-protected-paths.patch From: Anthony G. Basile <blueness@gentoo.org> Desc: Removes chmod statements from grsecurity/Makefile -Patch: 4425_grsec-pax-without-grsec.patch +Patch: 4445_grsec-pax-without-grsec.patch From: Gordon Malm <gengor@gentoo.org> Desc: Allows PaX features to be selected without enabling GRKERNSEC -Patch: 4430_grsec-kconfig-default-gids.patch +Patch: 4450_grsec-kconfig-default-gids.patch From: Kerin Millar <kerframil@gmail.com> Desc: Sets sane(r) default GIDs on various grsecurity group-dependent features -Patch: 4435_grsec-kconfig-gentoo.patch +Patch: 4455_grsec-kconfig-gentoo.patch From: Gordon Malm <gengor@gentoo.org> Kerin Millar <kerframil@gmail.com> Anthony G. Basile <blueness@gentoo.org> Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels, sets Hardened Gentoo [workstation] as default -Patch: 4440_selinux-avc_audit-log-curr_ip.patch +Patch: 4460-grsec-kconfig-proc-user.patch +From: Anthony G. Basile <blueness@gentoo.org> +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually + exclusive to avoid bug #366019. + +Patch: 4465_selinux-avc_audit-log-curr_ip.patch From: Gordon Malm <gengor@gentoo.org> Anthony G. Basile <blueness@gentoo.org> Desc: Configurable option to add src IP address to SELinux log messages -Patch: 4445_disable-compat_vdso.patch +Patch: 4470_disable-compat_vdso.patch From: Gordon Malm <gengor@gentoo.org> Kerin Millar <kerframil@gmail.com> Desc: Disables VDSO_COMPAT operation completely diff --git a/3.2.4/4421_grsec-remove-localversion-grsec.patch b/3.2.4/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/3.2.4/4421_grsec-remove-localversion-grsec.patch +++ b/3.2.4/4430_grsec-remove-localversion-grsec.patch diff --git a/3.2.4/4422_grsec-mute-warnings.patch b/3.2.4/4435_grsec-mute-warnings.patch index e85abd6..e85abd6 100644 --- a/3.2.4/4422_grsec-mute-warnings.patch +++ b/3.2.4/4435_grsec-mute-warnings.patch diff --git a/3.2.4/4423_grsec-remove-protected-paths.patch b/3.2.4/4440_grsec-remove-protected-paths.patch index 4afb3e2..4afb3e2 100644 --- a/3.2.4/4423_grsec-remove-protected-paths.patch +++ b/3.2.4/4440_grsec-remove-protected-paths.patch diff --git a/3.2.4/4425_grsec-pax-without-grsec.patch b/3.2.4/4445_grsec-pax-without-grsec.patch index 9992f51..9992f51 100644 --- a/3.2.4/4425_grsec-pax-without-grsec.patch +++ b/3.2.4/4445_grsec-pax-without-grsec.patch diff --git a/3.2.4/4430_grsec-kconfig-default-gids.patch b/3.2.4/4450_grsec-kconfig-default-gids.patch index 0807a4e..0807a4e 100644 --- a/3.2.4/4430_grsec-kconfig-default-gids.patch +++ b/3.2.4/4450_grsec-kconfig-default-gids.patch diff --git a/3.2.4/4435_grsec-kconfig-gentoo.patch b/3.2.4/4455_grsec-kconfig-gentoo.patch index 587b7d9..587b7d9 100644 --- a/3.2.4/4435_grsec-kconfig-gentoo.patch +++ b/3.2.4/4455_grsec-kconfig-gentoo.patch diff --git a/3.2.4/4437-grsec-kconfig-proc-user.patch b/3.2.4/4460-grsec-kconfig-proc-user.patch index 72b894a..72b894a 100644 --- a/3.2.4/4437-grsec-kconfig-proc-user.patch +++ b/3.2.4/4460-grsec-kconfig-proc-user.patch diff --git a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch b/3.2.4/4465_selinux-avc_audit-log-curr_ip.patch index 7c9894c..7c9894c 100644 --- a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch +++ b/3.2.4/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/3.2.4/4445_disable-compat_vdso.patch b/3.2.4/4470_disable-compat_vdso.patch index 4742d01..4742d01 100644 --- a/3.2.4/4445_disable-compat_vdso.patch +++ b/3.2.4/4470_disable-compat_vdso.patch |