diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-11-23 16:37:15 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-11-23 16:37:15 +0000 |
| commit | 54bec1c63067a7bc660d09510ffa4ceb9c2c7a2e (patch) | |
| tree | dded4ca3ef43d0c9628548ecf3e892d8810b8b5b /sys-kernel/grsec-sources | |
| parent | Version bump, closes bug #72155. Dropped inherit of eutils eclass, not requir... (diff) | |
| download | gentoo-2-54bec1c63067a7bc660d09510ffa4ceb9c2c7a2e.tar.gz gentoo-2-54bec1c63067a7bc660d09510ffa4ceb9c2c7a2e.tar.bz2 gentoo-2-54bec1c63067a7bc660d09510ffa4ceb9c2c7a2e.zip | |
security bump - Linux Kernel AF_UNIX Arbitrary Kernel Memory Modification Vulnerability. http://www.securityfocus.com/bid/11715
Diffstat (limited to 'sys-kernel/grsec-sources')
| -rw-r--r-- | sys-kernel/grsec-sources/ChangeLog | 8 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/Manifest | 12 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2 | 2 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild | 57 |
4 files changed, 68 insertions, 11 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog index 29bdf5dd9f18..5958d1efcd04 100644 --- a/sys-kernel/grsec-sources/ChangeLog +++ b/sys-kernel/grsec-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/grsec-sources # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.34 2004/11/17 17:51:37 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.35 2004/11/23 16:37:15 solar Exp $ + +*grsec-sources-2.4.28.2.0.2 (23 Nov 2004) + + 23 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.28.2.0.2.ebuild: + security bump - Linux Kernel AF_UNIX Arbitrary Kernel Memory Modification + Vulnerability. http://www.securityfocus.com/bid/11715 *grsec-sources-2.4.27.2.0.1-r4 (17 Nov 2004) diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest index 0165c18b0fe8..fc171537084e 100644 --- a/sys-kernel/grsec-sources/Manifest +++ b/sys-kernel/grsec-sources/Manifest @@ -1,7 +1,5 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - MD5 2bec4f3999a1868cbb8dbc9be8bdd7bd grsec-sources-2.4.27.2.0.1-r4.ebuild 2903 +MD5 e3668b4750e97a0a86b38caaf2096553 grsec-sources-2.4.28.2.0.2.ebuild 2128 MD5 28275e0d288d9a19e654a2c9a70c5217 ChangeLog 7523 MD5 140d8af1d66f9f6cd030e7d9902f38d9 metadata.xml 478 MD5 c47b7075dd1e065b09bb08936c1901a1 files/2.4.26-signal-race.patch 365 @@ -10,13 +8,7 @@ MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319 MD5 f0aff4d717032ce77283fe63d6df94ec files/digest-grsec-sources-2.4.27.2.0.1-r4 462 MD5 36615aa14e3aed91008beeeb406693bf files/2.4.26-pax-binfmt_elf-page-size.patch 427 MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397 +MD5 142e3c50598bb525c490bee83604ab5a files/digest-grsec-sources-2.4.28.2.0.2 144 MD5 0f66013f643c79c97fda489618a4e2fd files/gentoo-sources-2.4.CAN-2004-0535.patch 476 MD5 dc18e982f8149588a291956481885a8c files/gentoo-sources-2.4.CAN-2004-0495.patch 17549 MD5 d1ccc2047be533c992f67270a150a210 files/2.4.27-cmdline-race.patch 388 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.4 (GNU/Linux) - -iD8DBQFBm4/N94CCfB4KcwwRAk99AJ0THcjhyi961214GKumOGasPurXqACgu2tb -TvVYghopEG/zTbZyWiToRXU= -=6Tf1 ------END PGP SIGNATURE----- diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2 new file mode 100644 index 000000000000..986abc3de297 --- /dev/null +++ b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.28.2.0.2 @@ -0,0 +1,2 @@ +MD5 280c15f7249be63c172a6bbaaf6278ac grsecurity-2.0.2-2.4.28.patch.gz 141928 +MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046 diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild new file mode 100644 index 000000000000..e476c1383525 --- /dev/null +++ b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild,v 1.1 2004/11/23 16:37:15 solar Exp $ + +# We control what versions of what we download based on the KEYWORDS we +# are using for the various arches. Thus if we want grsec1 stable we run +# the with "arch" ACCEPT_KEYWORDS or ~arch and we will get the +# grsec-2.0-preX which has alot more features. + +# the only thing that should ever differ in one of these 1.9.x ebuilds +# and 2.x of the same kernel version is the KEYWORDS and header. +# shame cvs symlinks don't exist + +ETYPE="sources" +IUSE="" + +inherit kernel + +[ "$OKV" == "" ] && OKV="2.4.28" + +PATCH_BASE="${PV/${OKV}./}" +PATCH_BASE="${PATCH_BASE/_/-}" +EXTRAVERSION="-grsec-${PATCH_BASE}" +KV="${OKV}${EXTRAVERSION}" +PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch.gz" +DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" +SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch.gz http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2" +HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" +KEYWORDS="x86 sparc ppc alpha amd64 -hppa" +RESTRICT="buildpkg" + +SLOT="${KV}" +S="${WORKDIR}/linux-${KV}" + +src_unpack() { + unpack linux-"${OKV}".tar.bz2 || die "unable to unpack the kernel" + mv linux-"${OKV}" linux-"${KV}" || die "unable to move the kernel" + cd linux-"${KV}" || die "unable to cd into the kernel source tree" + + patch_grsec_kernel + + mkdir -p docs + touch docs/patches.txt + kernel_universal_unpack +} + +patch_grsec_kernel() { + # users are often confused by what settings should be set. + # so we provide an example of what a P4 desktop would look like. + cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config + + [ -f "${DISTDIR}/${PATCH_SRC_BASE}" ] || die "File ${PATCH_SRC_BASE} does not exist?" + ebegin "Patching the kernel with ${PATCH_SRC_BASE}" + gzcat ${DISTDIR}/${PATCH_SRC_BASE} | patch -g0 -p1 --quiet + [ $? == 0 ] || die "failed patching with ${PATCH_SRC_BASE}" + eend 0 +} |