Commit graph

959 commits

Author SHA1 Message Date
Eelco Dolstra
8a7f3c3618 Mark a bunch of packages as broken or not supported on Darwin 2014-08-08 17:59:02 +02:00
aszlig
4834717507
linux-kernel: Add new upstream version 3.16.
Also set linux_latest to it as well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-04 02:41:54 +02:00
William A. Kennington III
317d4253ea kernel: 3.15.7 -> 3.15.8 2014-08-02 18:04:08 -05:00
William A. Kennington III
63cc1fd8ad kernel: 3.14.14 -> 3.14.15 2014-08-02 18:02:15 -05:00
William A. Kennington III
eb9ee180d9 kernel: 3.12.25 -> 3.12.26 2014-08-02 18:00:46 -05:00
William A. Kennington III
89d5655670 kernel: 3.10.50 -> 3.10.51 2014-08-02 17:58:31 -05:00
William A. Kennington III
ae11e59949 kernel: 3.4.100 -> 3.4.101 2014-08-02 17:56:53 -05:00
William A. Kennington III
ff747dd24f kernel: 3.15.5 -> 3.15.7 2014-07-29 13:17:11 -05:00
William A. Kennington III
2494e2bb09 kernel: 3.14.12 -> 3.14.14 2014-07-29 13:15:42 -05:00
William A. Kennington III
dd9a5aeade kernel: 3.10.48 -> 3.10.50 2014-07-29 13:13:38 -05:00
William A. Kennington III
47d50bf684 kernel: 3.4.98 -> 3.4.100 2014-07-29 13:08:37 -05:00
Mateusz Kowalczyk
7a45996233 Turn some license strings into lib.licenses values 2014-07-28 11:31:14 +02:00
Eelco Dolstra
0852d9e364 linux: Update to 3.12.25 2014-07-24 18:14:53 +02:00
Bjørn Forsman
28cb0f58c4 linux: only enable CONFIG_NFS_SWAP for v3.6+ kernels
Linux v3.6 is the earliest version with CONFIG_NFS_SWAP support. This
change unbreaks NixOS tests for older kernels.
2014-07-16 12:13:06 +02:00
Ricardo M. Correia
85e444f4f8 linux: Enable NFSv4.1, v4.2 clients and swap on NFS
I'm only enabling for kernels >= 3.11 to be conservative, because clients and
servers automatically negotiate and use the highest mutually supported version
by default, but only in kernel 3.11 server NFSv4.1 support actually became RFC
compliant.

I'm also adding support for swap on NFS, which is enabled by default on
Ubuntu kernels.
2014-07-15 15:07:25 +02:00
Vladimír Čunát
eb659e89b4 linux_*: update, including CVE-2014-4699 (most likely)
CC #3196. No updates yet on 3.2 and 3.12 branches.
2014-07-09 22:54:08 +02:00
Eelco Dolstra
1596c3a012 linux: Update to 3.12.24
CVE-2014-4508, CVE-2014-0206.
2014-07-07 18:21:34 +02:00
Ricardo M. Correia
b50074929e grsecurity: Update stable and test patches
stable: 3.0-3.14.9-201406262057 -> 3.0-3.14.10-201407012152
test:   3.0-3.15.2-201406262058 -> 3.0-3.15.3-201407012153
2014-07-03 11:37:19 +02:00
Ricardo M. Correia
d4243e2a00 linux: Update to 3.14.10 2014-07-03 11:35:28 +02:00
Michael Raskin
e303e18608 Update Linux 3.15 to 3.15.3 2014-07-01 14:28:52 +04:00
Michael Raskin
efb0c56db4 Update linux_testing and enable parallel build of Linux kernel 2014-06-30 10:52:33 +04:00
Michael Raskin
0ecfc6cb49 Merge pull request #2213 from thoughtpolice/kernel-config
nixos: make several kernel common-config options optional
2014-06-30 09:01:08 +04:00
Austin Seipp
dd56bfbd00 kernel/grsec: updates
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-27 00:52:12 -05:00
Vladimír Čunát
7998a598b6 linux-3.13: remove, as it's vulnerable
CC #3090.
2014-06-26 11:50:15 +02:00
Vladimír Čunát
7f97fafe4f linux-3.12: security update .22 ->.23, CVE-2014-0206
CC #3090.
2014-06-26 11:33:00 +02:00
Austin Seipp
0399c5ee24 grsecurity: update stable/testing kernels, refactoring
This updates the new stable kernel to 3.14, and the new testing kernel
to 3.15.

This also removes the vserver kernel, since it's probably not nearly as
used.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-22 22:29:10 -05:00
Michael Raskin
c68e3418fb Update 3.16-rc to -rc2: -rc1 has problems with mounting BtrFS, will test -rc2 2014-06-22 19:45:07 +04:00
Austin Seipp
b8ede68b25 kernel/grsec: updates
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-21 22:13:49 -05:00
Michael Raskin
8297a26746 Create an option to build 3.16-rc1 which carries a new Wireless driver; make USB_DEBUG optional as it seems to be planned to disappear in 3.16. 2014-06-18 00:23:48 +02:00
Mathijs Kwik
5bc69209b1 linux-3.15: upgrade to 3.15.1 2014-06-17 08:17:38 +02:00
Eelco Dolstra
27c72f337b linux: Update to 3.12.22
Fixes CVE-2014-3153 (local privilege escalation via futex()).
2014-06-13 17:44:02 +02:00
William A. Kennington III
8bb2313915 kernel: Add 3.15 2014-06-08 16:39:47 -05:00
William A. Kennington III
d91eacd720 kernel: 3.14.5 -> 3.14.6 (close #2868) 2014-06-08 09:12:05 +02:00
Austin Seipp
b43421221f kernel/grsec: updates; add mainline package for brave souls
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-05 06:06:19 -05:00
Eelco Dolstra
246edc3df2 linux: Update to 3.12.21 2014-06-05 12:54:37 +02:00
William A. Kennington III
3a0b265af9 kernel: 3.14.4 -> 3.14.5 (close #2831) 2014-06-05 10:34:40 +02:00
Michael Raskin
f9c05a3bad Merge pull request #2378 from wizeman/u/kernel-zram
linux: Add support for zram
2014-05-27 01:40:18 -07:00
Eelco Dolstra
2ee6c0c63e linux: Update to 3.12.20 2014-05-19 16:03:37 +02:00
Austin Seipp
ac38b32974 kernel/grsec: another optional option
This should fix the testing kernels.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-18 08:57:10 -05:00
Austin Seipp
e64e3ad88a kernel: only use DEBUG_STACKOVERFLOW if !grsecurity
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-18 08:56:52 -05:00
Austin Seipp
80d0e31a94 kernel: allow features to be used in common-config
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-18 08:49:32 -05:00
Austin Seipp
657998dbcb kernel/common-config: Another optional option
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 19:44:03 -05:00
Austin Seipp
b5b434c98a kernel: make some common-config options optional for grsec
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 16:37:22 -05:00
Austin Seipp
4f27ad14a1 grsec: refactor grsecurity packages
This now provides a handful of different grsecurity kernels for slightly
different 'flavors' of packages. This doesn't change the grsecurity
module to use them just yet, however.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:43 -05:00
Austin Seipp
cb894d4fc3 grsec: updates
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Austin Seipp
92abc4c610 kernel: enable AppArmor by default
AppArmor only requires a few patches to the 3.2 and 3.4 kernels in order
to work properly (with the minor catch grsecurity -stable includes the
3.2 patches.) This adds them to the kernel builds by default, removes
features.apparmor (since it's always true) and makes it the default MAC
system.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Austin Seipp
3efdeef6a3 linux-3.{4,10}: update
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Eelco Dolstra
3d1d9bb7dd linux-3.12: Apply patch for CVE-2014-0196 2014-05-14 14:11:48 +02:00
Vladimír Čunát
9c8ee7a7e5 linux: minor updates, probably often fixing CVE-2014-0196 2014-05-13 20:00:21 +02:00
Eelco Dolstra
abbf643ae2 linux: Update to 3.12.19
Backport: 14.04
2014-05-13 13:28:14 +02:00