2010
paxtest (1:0.9.9-1) unstable; urgency=medium
* New upstream release, uploaded to Debian. (LP: #530778) (Closes: #570990) * genpaxtest: Modify so that the 'paxtest' script generated uses either a user-provided logfile as argument or the $HOME/paxtest.log instead of paxtest.log for its results in order to prevent it from writing in the users' CWD and avoid symlink tricks if the user is executing this in a shared (i.e. writable by others) directory such as /tmp. Fixes CVE-2010-3373 (Closes: #598413) * Updated results in the results/ directory for a stock Debian kernel (i.e. no overflow protection) * Use debhelper compatibility version 5 * debian/rules: Use conditions to build using 'linux32', 'linux64' or just 'linux' * Document the new Homepage in debian/control, also list both the new and the old one in debian/copyright * Updated debian/paxtest.sgml to properly reflect the arguments used in the paxtest script and the new behaviour wrt log files. * Fix upstream's debian/changelog to have proper maintainer lines. Use the date information of the files as a basis. * Updated the content under results/ for a stock Debian kernel (2.6.32) and rename the older result files for Debian kernel 2.4.25
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Tue, 28 Sep 2010 23:40:17 +0200
paxtest (0.9.9-3) stable; urgency=low
* fixed Makefile to use -nopie for Gentoo Hardened on ET_EXEC tests
-- Brad Spengler <spender@grsecurity.net> Thu, 26 Aug 2010 19:17:00 +0200
paxtest (0.9.9-2) stable; urgency=low
* fixed writable text segments test under gcc 4.5 optimizations
-- Brad Spengler <spender@grsecurity.net> Thu, 26 Aug 2010 19:17:00 +0200
paxtest (0.9.9-1) stable; urgency=low
* added SPARC/64 support
* added PPC/64 support (return to function tests should be ignored for PPC64)
* added 32/64bit target support
* added shellode.h to easily support additional architectures
* made paxctl generate the PT_PAX_FLAGS header for binaries that
didn't have one
-- Brad Spengler <spender@grsecurity.net> Thu, 26 Aug 2010 19:17:00 +0200
2007
paxtest (0.9.7-pre4-2) unstable; urgency=low
* New upstream release. * Build-Depend on linux-kernel-headers (Closes: #382011, #423308) * Fix typo in package description (Closes: #390250) * Use proper Homepage in debian/control * Use debhelper version 4 * Remove duplicate content from debian/paxtest.sgml * Fix lintian errors * Change the maintainer's email address * Update Standards-Version
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Tue, 26 Jun 2007 21:34:15 +0200
2004
paxtest (0.9.7-1) stable; urgency=low
* Fixed some tests on OpenBSD and FreeBSD (thanks to paxtest@hunger.hu and mux@freebsd.org) * Fixed return address acquisition, still gcc specific * Switched to paxctl on gentoo * Fixed setting up LD_LIBRARY_PATH in genpaxtest (Peter S. Mazinger) * Added uClibc support (Peter S. Mazinger) * Fixed the executable shared library data/bss tests (thanks to paxtest@hunger.hu)
-- Peter Busser <peter@devbox.adamantix.org> Wed, 25 Feb 2004 20:24:53 +0200
paxtest (0.9.6-2) unstable; urgency=low
* New upstream release, uploaded to debian.
* Remove COPYING from debian/docs (generates duplicates)
* Added results in the results/ directory for a stock Debian kernel
(i.e. no overflow protection)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sun, 2 May 2004 21:46:16 +0200
paxtest (0.9.6-1) stable; urgency=low
* Made the do_mprotect() call in body.c optional, thereby introducing two
modes: script kiddie mode (which does not perform the do_mprotect()) and
blackhat mode, which does.
* Added a README file
* Added Adamantix paxtest results
* Removed -etdyn from the Adamantix make file
* Replaced mprotect() in body.c with pthread calls (which eventually have
the same result)
* Added a nested function, to measure the effect of nested functions on the
level of protection.
* Added paxtest result from Gentoo hardened (thanks to Ned Ludd)
* Added a new Makefile for Gentoo (thanks to Ned Ludd)
* Fixed spelling errors (thanks to pageexec@freemail.hu)
-- Peter Busser <peter@devbox.adamantix.org> Wed, 25 Feb 2004 20:24:53 +0200
paxtest (0.9.5-3) unstable; urgency=low
* Changed http references to new location at http://pax.grsecurity.net/docs (Closes: #234227) * Fixed typo in debian/copyright and added download location
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sun, 22 Feb 2004 19:04:53 +0100
2003
paxtest (0.9.5-2) unstable; urgency=low
* First version uploaded to Debian (Closes: #222688, #222481) * Modified to run the generic Makefile instead of Adamantix's. * Moved from main section to devel. * Fixed typo in description. * Avoid creation of a logfile in paxtest and instead use redirection tricks to create logfile if asked for and log to stdout/stderr in any other case. * Wrote a manpage for paxtest. * Added Ingo Molnar's patch to check for non-executable thread stacks (since nobody objected to it in the discussion at debian-devel) Retrieved from: http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg00330.html
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sat, 29 Nov 2003 20:28:46 +0100
paxtest (0.9.5-1) unstable; urgency=low
* Fixed the shlibbss and shlibdata tests (pageexec@freemail.hu) * Non-executable page tests expose incomplete implementations (pageexec@freemail.hu)
-- Peter Busser <peter@adamantix.org> Tue, 04 Nov 2003 16:37:26 +0200
paxtest (0.9.4-1) unstable; urgency=low
* Fixed mprotanon (pageexec@freemail.hu) * Fixed rettofunc[12] (pageexec@freemail.hu) * Fixed shared library data/bss tests (pageexec@freemail.hu) * Introduced return-to-libc detection as proof-of-concept (pageexec@freemail.hu)
-- Peter Busser <peter@adamantix.org> Tue, 22 Oct 2003 21:00:05 +0200
paxtest (0.9.3-1) unstable; urgency=low
* Changed e-mail addresses in source files to peter@adamantix.org * Added copyright message printing in the run script. * Upgraded to chpax v0.5 (pageexec@freemail.hu) * Split randheap in two parts, one as ET_EXEC and the other as ET_DYN
-- Peter Busser <peter@adamantix.org> Sun, 12 Oct 2003 10:58:52 +0200
paxtest (0.9.0-1) unstable; urgency=low
* Initial Release.
-- Peter Busser <peter@trusteddebian.org> Mon, 19 May 2003 13:44:39 +0200