From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Ru594-0005fS-2n for garchives@archives.gentoo.org; Sun, 05 Feb 2012 16:40:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9BC27E062C; Sun, 5 Feb 2012 16:40:45 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 56718E062C for ; Sun, 5 Feb 2012 16:40:45 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8A48C1B4012 for ; Sun, 5 Feb 2012 16:40:44 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id B8AF580043 for ; Sun, 5 Feb 2012 16:40:42 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <37cbbcacda2762cc7a054330ae8df40dd5ec9e62.blueness@gentoo> Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 2.6.32/, 3.2.4/ X-VCS-Repository: proj/hardened-patchset X-VCS-Files: 2.6.32/0000_README 2.6.32/4421_grsec-remove-localversion-grsec.patch 2.6.32/4422_grsec-mute-warnings.patch 2.6.32/4423_grsec-remove-protected-paths.patch 2.6.32/4425_grsec-pax-without-grsec.patch 2.6.32/4430_grsec-kconfig-default-gids.patch 2.6.32/4430_grsec-remove-localversion-grsec.patch 2.6.32/4435_grsec-kconfig-gentoo.patch 2.6.32/4435_grsec-mute-warnings.patch 2.6.32/4437-grsec-kconfig-proc-user.patch 2.6.32/4440_grsec-remove-protected-paths.patch 2.6.32/4440_selinux-avc_audit-log-curr_ip.patch 2.6.32/4445_disable-compat_vdso.patch 2.6.32/4445_grsec-pax-without-grsec.patch 2.6.32/4450_check_ssp_fix.patch 2.6.32/4450_grsec-kconfig-default-gids.patch 2.6.32/4455_grsec-kconfig-gentoo.patch 2.6.32/4460-grsec-kconfig-proc-user.patch 2.6.32/4465_selinux-avc_audit-log-curr_ip.patch 2.6.32/4470_disable-compat_vdso.patch 2.6.32/4475_check_ssp_fix.patch 3.2.4/0000_README 3.2.4/4421_grsec-remove-localversion-grsec.patch 3.2.4/4422_grsec-mute-warnings.patch 3.2.4/4423_g rsec-remove-protected-paths.patch 3.2.4/4425_grsec-pax-without-grsec.patch 3.2.4/4430_grsec-kconfig-default-gids.patch 3.2.4/4430_grsec-remove-localversion-grsec.patch 3.2.4/4435_grsec-kconfig-gentoo.patch 3.2.4/4435_grsec-mute-warnings.patch 3.2.4/4437-grsec-kconfig-proc-user.patch 3.2.4/4440_grsec-remove-protected-paths.patch 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch 3.2.4/4445_disable-compat_vdso.patch 3.2.4/4445_grsec-pax-without-grsec.patch 3.2.4/4450_grsec-kconfig-default-gids.patch 3.2.4/4455_grsec-kconfig-gentoo.patch 3.2.4/4460-grsec-kconfig-proc-user.patch 3.2.4/4465_selinux-avc_audit-log-curr_ip.patch 3.2.4/4470_disable-compat_vdso.patch X-VCS-Directories: 2.6.32/ 3.2.4/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 37cbbcacda2762cc7a054330ae8df40dd5ec9e62 Date: Sun, 5 Feb 2012 16:40:42 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: c19589f2-218b-48ae-ba0c-fcb2e0880293 X-Archives-Hash: 3cef54332b1dca1fec581fdd56e8f030 commit: 37cbbcacda2762cc7a054330ae8df40dd5ec9e62 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Feb 5 16:40:33 2012 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Sun Feb 5 16:40:33 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-patc= hset.git;a=3Dcommit;h=3D37cbbcac Renumbered patches --- 2.6.32/0000_README | 27 +++++++++++---= ----- ... =3D> 4430_grsec-remove-localversion-grsec.patch} | 0 ...rnings.patch =3D> 4435_grsec-mute-warnings.patch} | 0 ...tch =3D> 4440_grsec-remove-protected-paths.patch} | 0 ...ec.patch =3D> 4445_grsec-pax-without-grsec.patch} | 0 ...patch =3D> 4450_grsec-kconfig-default-gids.patch} | 0 ...entoo.patch =3D> 4455_grsec-kconfig-gentoo.patch} | 0 ...er.patch =3D> 4460-grsec-kconfig-proc-user.patch} | 0 ...ch =3D> 4465_selinux-avc_audit-log-curr_ip.patch} | 0 ...t_vdso.patch =3D> 4470_disable-compat_vdso.patch} | 0 ...heck_ssp_fix.patch =3D> 4475_check_ssp_fix.patch} | 0 3.2.4/0000_README | 21 +++++++++-----= - ... =3D> 4430_grsec-remove-localversion-grsec.patch} | 0 ...rnings.patch =3D> 4435_grsec-mute-warnings.patch} | 0 ...tch =3D> 4440_grsec-remove-protected-paths.patch} | 0 ...ec.patch =3D> 4445_grsec-pax-without-grsec.patch} | 0 ...patch =3D> 4450_grsec-kconfig-default-gids.patch} | 0 ...entoo.patch =3D> 4455_grsec-kconfig-gentoo.patch} | 0 ...er.patch =3D> 4460-grsec-kconfig-proc-user.patch} | 0 ...ch =3D> 4465_selinux-avc_audit-log-curr_ip.patch} | 0 ...t_vdso.patch =3D> 4470_disable-compat_vdso.patch} | 0 21 files changed, 29 insertions(+), 19 deletions(-) diff --git a/2.6.32/0000_README b/2.6.32/0000_README index f0c7190..ecd453e 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -22,46 +22,51 @@ Patch: 4420_grsecurity-2.2.2-2.6.32.56-201202032051.p= atch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity =20 -Patch: 4421_grsec-remove-localversion-grsec.patch +Patch: 4430_grsec-remove-localversion-grsec.patch From: Kerin Millar Desc: Removes grsecurity's localversion-grsec file =20 -Patch: 4422_grsec-mute-warnings.patch +Patch: 4435_grsec-mute-warnings.patch From: Alexander Gabert Gordon Malm Desc: Removes verbose compile warning settings from grsecurity, restores mainline Linux kernel behavior =20 -Patch: 4423_grsec-remove-protected-paths.patch +Patch: 4440_grsec-remove-protected-paths.patch From: Anthony G. Basile Desc: Removes chmod statements from grsecurity/Makefile =20 -Patch: 4425_grsec-pax-without-grsec.patch +Patch: 4445_grsec-pax-without-grsec.patch From: Gordon Malm Desc: Allows PaX features to be selected without enabling GRKERNSEC =20 -Patch: 4430_grsec-kconfig-default-gids.patch +Patch: 4450_grsec-kconfig-default-gids.patch From: Kerin Millar Desc: Sets sane(r) default GIDs on various grsecurity group-dependent features =20 -Patch: 4435_grsec-kconfig-gentoo.patch +Patch: 4455_grsec-kconfig-gentoo.patch From: Gordon Malm Kerin Millar Anthony G. Basile -Desc: Adds Hardened Gentoo [server/workstation/virtualization] security = levels, - sets Hardened Gentoo [workstation] as default +Desc: Adds Hardened Gentoo [server/workstation/virtualization] security + levels, sets Hardened Gentoo [workstation] as default =20 -Patch: 4440_selinux-avc_audit-log-curr_ip.patch +Patch: 4460-grsec-kconfig-proc-user.patch +From: Anthony G. Basile +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually + exclusive to avoid bug #366019. + +Patch: 4465_selinux-avc_audit-log-curr_ip.patch From: Gordon Malm Anthony G. Basile Desc: Configurable option to add src IP address to SELinux log messages =20 -Patch: 4445_disable-compat_vdso.patch +Patch: 4470_disable-compat_vdso.patch From: Gordon Malm Kerin Millar Desc: Disables VDSO_COMPAT operation completely =20 -Patch: 4450_check_ssp_fix.patch +Patch: 4475_check_ssp_fix.patch From: Magnus Granberg Desc: Fixes kernel check script for ssp diff --git a/2.6.32/4421_grsec-remove-localversion-grsec.patch b/2.6.32/4= 430_grsec-remove-localversion-grsec.patch similarity index 100% rename from 2.6.32/4421_grsec-remove-localversion-grsec.patch rename to 2.6.32/4430_grsec-remove-localversion-grsec.patch diff --git a/2.6.32/4422_grsec-mute-warnings.patch b/2.6.32/4435_grsec-mu= te-warnings.patch similarity index 100% rename from 2.6.32/4422_grsec-mute-warnings.patch rename to 2.6.32/4435_grsec-mute-warnings.patch diff --git a/2.6.32/4423_grsec-remove-protected-paths.patch b/2.6.32/4440= _grsec-remove-protected-paths.patch similarity index 100% rename from 2.6.32/4423_grsec-remove-protected-paths.patch rename to 2.6.32/4440_grsec-remove-protected-paths.patch diff --git a/2.6.32/4425_grsec-pax-without-grsec.patch b/2.6.32/4445_grse= c-pax-without-grsec.patch similarity index 100% rename from 2.6.32/4425_grsec-pax-without-grsec.patch rename to 2.6.32/4445_grsec-pax-without-grsec.patch diff --git a/2.6.32/4430_grsec-kconfig-default-gids.patch b/2.6.32/4450_g= rsec-kconfig-default-gids.patch similarity index 100% rename from 2.6.32/4430_grsec-kconfig-default-gids.patch rename to 2.6.32/4450_grsec-kconfig-default-gids.patch diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4455_grsec-k= config-gentoo.patch similarity index 100% rename from 2.6.32/4435_grsec-kconfig-gentoo.patch rename to 2.6.32/4455_grsec-kconfig-gentoo.patch diff --git a/2.6.32/4437-grsec-kconfig-proc-user.patch b/2.6.32/4460-grse= c-kconfig-proc-user.patch similarity index 100% rename from 2.6.32/4437-grsec-kconfig-proc-user.patch rename to 2.6.32/4460-grsec-kconfig-proc-user.patch diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/446= 5_selinux-avc_audit-log-curr_ip.patch similarity index 100% rename from 2.6.32/4440_selinux-avc_audit-log-curr_ip.patch rename to 2.6.32/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/2.6.32/4445_disable-compat_vdso.patch b/2.6.32/4470_disable-= compat_vdso.patch similarity index 100% rename from 2.6.32/4445_disable-compat_vdso.patch rename to 2.6.32/4470_disable-compat_vdso.patch diff --git a/2.6.32/4450_check_ssp_fix.patch b/2.6.32/4475_check_ssp_fix.= patch similarity index 100% rename from 2.6.32/4450_check_ssp_fix.patch rename to 2.6.32/4475_check_ssp_fix.patch diff --git a/3.2.4/0000_README b/3.2.4/0000_README index 97fce67..ce0507d 100644 --- a/3.2.4/0000_README +++ b/3.2.4/0000_README @@ -14,42 +14,47 @@ Patch: 4420_grsecurity-2.2.2-3.2.4-201202032052.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity =20 -Patch: 4421_grsec-remove-localversion-grsec.patch +Patch: 4430_grsec-remove-localversion-grsec.patch From: Kerin Millar Desc: Removes grsecurity's localversion-grsec file =20 -Patch: 4422_grsec-mute-warnings.patch +Patch: 4435_grsec-mute-warnings.patch From: Alexander Gabert Gordon Malm Desc: Removes verbose compile warning settings from grsecurity, restores mainline Linux kernel behavior =20 -Patch: 4423_grsec-remove-protected-paths.patch +Patch: 4440_grsec-remove-protected-paths.patch From: Anthony G. Basile Desc: Removes chmod statements from grsecurity/Makefile =20 -Patch: 4425_grsec-pax-without-grsec.patch +Patch: 4445_grsec-pax-without-grsec.patch From: Gordon Malm Desc: Allows PaX features to be selected without enabling GRKERNSEC =20 -Patch: 4430_grsec-kconfig-default-gids.patch +Patch: 4450_grsec-kconfig-default-gids.patch From: Kerin Millar Desc: Sets sane(r) default GIDs on various grsecurity group-dependent features =20 -Patch: 4435_grsec-kconfig-gentoo.patch +Patch: 4455_grsec-kconfig-gentoo.patch From: Gordon Malm Kerin Millar Anthony G. Basile Desc: Adds Hardened Gentoo [server/workstation/virtualization] security = levels, sets Hardened Gentoo [workstation] as default =20 -Patch: 4440_selinux-avc_audit-log-curr_ip.patch +Patch: 4460-grsec-kconfig-proc-user.patch +From: Anthony G. Basile +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually + exclusive to avoid bug #366019. + +Patch: 4465_selinux-avc_audit-log-curr_ip.patch From: Gordon Malm Anthony G. Basile Desc: Configurable option to add src IP address to SELinux log messages =20 -Patch: 4445_disable-compat_vdso.patch +Patch: 4470_disable-compat_vdso.patch From: Gordon Malm Kerin Millar Desc: Disables VDSO_COMPAT operation completely diff --git a/3.2.4/4421_grsec-remove-localversion-grsec.patch b/3.2.4/443= 0_grsec-remove-localversion-grsec.patch similarity index 100% rename from 3.2.4/4421_grsec-remove-localversion-grsec.patch rename to 3.2.4/4430_grsec-remove-localversion-grsec.patch diff --git a/3.2.4/4422_grsec-mute-warnings.patch b/3.2.4/4435_grsec-mute= -warnings.patch similarity index 100% rename from 3.2.4/4422_grsec-mute-warnings.patch rename to 3.2.4/4435_grsec-mute-warnings.patch diff --git a/3.2.4/4423_grsec-remove-protected-paths.patch b/3.2.4/4440_g= rsec-remove-protected-paths.patch similarity index 100% rename from 3.2.4/4423_grsec-remove-protected-paths.patch rename to 3.2.4/4440_grsec-remove-protected-paths.patch diff --git a/3.2.4/4425_grsec-pax-without-grsec.patch b/3.2.4/4445_grsec-= pax-without-grsec.patch similarity index 100% rename from 3.2.4/4425_grsec-pax-without-grsec.patch rename to 3.2.4/4445_grsec-pax-without-grsec.patch diff --git a/3.2.4/4430_grsec-kconfig-default-gids.patch b/3.2.4/4450_grs= ec-kconfig-default-gids.patch similarity index 100% rename from 3.2.4/4430_grsec-kconfig-default-gids.patch rename to 3.2.4/4450_grsec-kconfig-default-gids.patch diff --git a/3.2.4/4435_grsec-kconfig-gentoo.patch b/3.2.4/4455_grsec-kco= nfig-gentoo.patch similarity index 100% rename from 3.2.4/4435_grsec-kconfig-gentoo.patch rename to 3.2.4/4455_grsec-kconfig-gentoo.patch diff --git a/3.2.4/4437-grsec-kconfig-proc-user.patch b/3.2.4/4460-grsec-= kconfig-proc-user.patch similarity index 100% rename from 3.2.4/4437-grsec-kconfig-proc-user.patch rename to 3.2.4/4460-grsec-kconfig-proc-user.patch diff --git a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch b/3.2.4/4465_= selinux-avc_audit-log-curr_ip.patch similarity index 100% rename from 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch rename to 3.2.4/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/3.2.4/4445_disable-compat_vdso.patch b/3.2.4/4470_disable-co= mpat_vdso.patch similarity index 100% rename from 3.2.4/4445_disable-compat_vdso.patch rename to 3.2.4/4470_disable-compat_vdso.patch