/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.127 - (hide annotations) (download)
Sat Dec 23 19:08:24 2006 UTC (7 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.126: +7 -1 lines
Revision bump to pull in genpatches-2.6.19-3 for #157186.
(Portage version: 2.1.2_rc3-r9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 solar 1.73 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.127 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.126 2006/12/17 23:12:09 phreak Exp $
4    
5     *hardened-sources-2.6.19-r2 (23 Dec 2006)
6    
7     23 Dec 2006; Christian Heim <phreak@gentoo.org>
8     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
9     Revision bump to pull in genpatches-2.6.19-3 for #157186.
10 phreak 1.126
11     17 Dec 2006; Christian Heim <phreak@gentoo.org>
12     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
13     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
14     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
15     hardened-sources-2.6.19-r1.ebuild:
16     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
17     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
18 pappy 1.125
19     *hardened-sources-2.4.33.4 (17 Dec 2006)
20    
21     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
22     +hardened-sources-2.4.33.4.ebuild:
23     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
24     and quilting
25 phreak 1.124
26     *hardened-sources-2.6.19-r1 (14 Dec 2006)
27    
28     14 Dec 2006; Christian Heim <phreak@gentoo.org>
29     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
30     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
31     for reporting).
32 phreak 1.123
33     *hardened-sources-2.6.19 (13 Dec 2006)
34    
35     13 Dec 2006; Christian Heim <phreak@gentoo.org>
36     +hardened-sources-2.6.19.ebuild:
37     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
38     Brad for providing that prompt update.
39 phreak 1.122
40     *hardened-sources-2.6.18-r3 (13 Dec 2006)
41    
42     13 Dec 2006; Christian Heim <phreak@gentoo.org>
43     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
44     +hardened-sources-2.6.18-r3.ebuild:
45     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
46     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
47 phreak 1.121
48     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
49     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
50 nixnut 1.120
51     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
52     Stable on ppc wrt bug 157356
53 opfer 1.119
54     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
55     hardened-sources-2.6.18.ebuild:
56     stable x86, bug #157356
57 phreak 1.118
58     *hardened-sources-2.6.18-r2 (06 Dec 2006)
59    
60     06 Dec 2006; Christian Heim <phreak@gentoo.org>
61     +hardened-sources-2.6.18-r2.ebuild:
62     Revision bump, including 2.6.18.5 (via genpatches) and
63     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
64     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
65     redesign.
66 phreak 1.117
67     06 Dec 2006; Christian Heim <phreak@gentoo.org>
68     hardened-sources-2.6.18.ebuild:
69     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
70     of Mike Doty).
71 phreak 1.116
72     *hardened-sources-2.6.18-r1 (23 Nov 2006)
73    
74     23 Nov 2006; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.18-r1.ebuild:
76     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
77 phreak 1.115
78     *hardened-sources-2.6.18 (11 Nov 2006)
79    
80     11 Nov 2006; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.18.ebuild:
82     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
83 solar 1.114
84     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
85     - mark amd64 stable also. bug #151877
86 solar 1.113
87     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
88     - mark 2.6.17-r1 stable
89 phreak 1.112
90     27 Aug 2006; Christian Heim <phreak@gentoo.org>
91     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
92     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
93 phreak 1.111
94     *hardened-sources-2.6.17-r1 (26 Aug 2006)
95    
96     26 Aug 2006; Christian Heim <phreak@gentoo.org>
97     +hardened-sources-2.6.17-r1.ebuild:
98     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
99     grsecurity patch.
100 phreak 1.110
101     *hardened-sources-2.6.17 (17 Aug 2006)
102    
103     17 Aug 2006; Christian Heim <phreak@gentoo.org>
104     +hardened-sources-2.6.17.ebuild:
105     Bumping the hardened-sources-2.6 series to 2.6.17, using
106     genpatches-2.6.17-6.base.
107 solar 1.109
108     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
109     - stable on x86 and amd64
110 solar 1.108
111     *hardened-sources-2.6.16-r11 (15 Jul 2006)
112    
113     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
114     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
115     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
116     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
117     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
118     crusty ebuilds
119 johnm 1.107
120     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
121     hardened-sources-2.6.16-r10.ebuild:
122     marking stable on x86 and amd64
123 solar 1.106
124     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
125     - 2.4.32-r6 stable on x86. RSBAC state unknown
126 kang 1.105
127     *hardened-sources-2.4.32-r7 (10 Jul 2006)
128    
129     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
130     +hardened-sources-2.4.32-r7.ebuild:
131     Bump PaX for RSBAC to test-17
132 johnm 1.104
133     *hardened-sources-2.6.16-r9 (03 Jul 2006)
134    
135     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
136     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
137     hardened-sources-2.6.16 bump to latest -base.
138 solar 1.103
139     *hardened-sources-2.4.32-r6 (30 Jun 2006)
140    
141     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
142     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
143     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
144     sysctl controlable resource logging
145 johnm 1.102
146     *hardened-sources-2.6.16-r7 (05 Jun 2006)
147    
148     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
149     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
150     push new 2.6.16 release in preparation for stable
151 solar 1.101
152     22 May 2006; <solar@gentoo.org> :
153     - redigest bug 134002
154 kang 1.100
155     *hardened-sources-2.4.32-r5 (16 May 2006)
156    
157     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
158     +hardened-sources-2.4.32-r5.ebuild:
159     Fixes rsbac common patching (new patch in new -r5 patchset)
160 solar 1.99
161     *hardened-sources-2.4.32-r4 (13 May 2006)
162    
163     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
164     +hardened-sources-2.4.32-r4.ebuild:
165     - security bumps
166 johnm 1.98
167     *hardened-sources-2.6.16-r6 (03 May 2006)
168    
169     03 May 2006; John Mylchreest <johnm@gentoo.org>
170     +hardened-sources-2.6.16-r6.ebuild:
171     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
172 johnm 1.97
173     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
174     hardened-sources-2.6.14-r8.ebuild:
175     fix x86_64 build problem, this will delay the digest issue again for a short
176     while but it will sort itself out
177 johnm 1.96
178     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
179     hardened-sources-2.6.14-r8.ebuild:
180     bump hardened patchset
181 antarus 1.94
182     27 Apr 2006; Alec Warner <antarus@gentoo.org>
183     files/digest-hardened-sources-2.4.32-r2,
184     files/digest-hardened-sources-2.4.32-r3,
185     files/digest-hardened-sources-2.6.14-r8, Manifest:
186     Fixing duff SHA256 digests: Bug # 131293
187 johnm 1.93
188 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
189    
190     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
191     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
192     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
193     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
194     cleanup of old uneccessary sources
195    
196 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
197     fix digest
198 johnm 1.92
199     *hardened-sources-2.6.14-r8 (20 Apr 2006)
200    
201     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
202     +hardened-sources-2.6.14-r8.ebuild:
203     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
204 johnm 1.91
205     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
206     Turning on gpg-signing again, and recomitting
207 johnm 1.90
208     *hardened-sources-2.6.16-r4 (20 Apr 2006)
209    
210     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
211     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
212     +hardened-sources-2.6.16-r4.ebuild:
213     Fix numerous security vulns
214 solar 1.89
215     *hardened-sources-2.4.32-r3 (16 Apr 2006)
216    
217     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
218     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
219     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
220     - security bump for bug #112791. Removed old ebuilds
221 johnm 1.88
222     *hardened-sources-2.6.16-r3 (15 Apr 2006)
223    
224     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
225     +hardened-sources-2.6.16-r3.ebuild:
226     Removing silly localversion which I missed
227 johnm 1.87
228     *hardened-sources-2.6.14-r7 (14 Apr 2006)
229    
230     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
231     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
232     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
233 johnm 1.86
234     *hardened-sources-2.6.16-r2 (13 Apr 2006)
235    
236     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
237     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
238     +hardened-sources-2.6.16-r2.ebuild:
239     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
240     labels, dropping USERGROUP define fixes, since these were merged mainstream.
241 johnm 1.85
242     *hardened-sources-2.6.16-r1 (11 Apr 2006)
243    
244     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
245     +hardened-sources-2.6.16-r1.ebuild:
246     Bumping to include ppc build fix and 2.6.16.3
247 tsunam 1.84
248     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
249     hardened-sources-2.6.14-r6.ebuild:
250     Stable on x86; bug #127718
251 johnm 1.83
252     *hardened-sources-2.6.16 (31 Mar 2006)
253    
254     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
255     +hardened-sources-2.6.16.ebuild:
256     Bumping to new version of grsec, and kernel base. New squashfs. Based on
257     2.6.16.1
258 cryos 1.82
259     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
260     hardened-sources-2.6.14-r6.ebuild:
261     Stable on amd64, bug 127718.
262 nixnut 1.81
263     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
264     Stable on ppc. Bug #127718
265 johnm 1.80
266     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
267     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
268     -hardened-sources-2.6.14-r4.ebuild:
269     Cleanup.
270 johnm 1.79
271     *hardened-sources-2.6.14-r6 (15 Mar 2006)
272    
273     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
274     +hardened-sources-2.6.14-r6.ebuild:
275     Fixes grsec policy recreation bug and adds a
276     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
277 solar 1.78
278     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
279     - stable on x86
280 hansmi 1.77
281     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
282     hardened-sources-2.6.14-r5.ebuild:
283     Stable on ppc.
284 johnm 1.76
285     *hardened-sources-2.6.14-r5 (01 Feb 2006)
286    
287     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
288     +hardened-sources-2.6.14-r5.ebuild:
289     fixing every known exploit
290 solar 1.75
291     *hardened-sources-2.4.32-r2 (26 Jan 2006)
292    
293     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
294     +hardened-sources-2.4.32-r2.ebuild:
295     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
296 solar 1.74
297     *hardened-sources-2.6.14-r4 (12 Jan 2006)
298    
299     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
300     - version bump for new genpatches which fix up a few sec holes
301 solar 1.73
302     *hardened-sources-2.4.32-r1 (05 Jan 2006)
303    
304     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
305     - revision bump to add misc vital linux kernel security patches.
306 johnm 1.72
307     *hardened-sources-2.6.14-r3 (30 Dec 2005)
308    
309     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
310     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
311     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
312 johnm 1.71
313     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
314     hardened-sources-2.6.14-r2.ebuild:
315     making x86 & amd64 stable following testing.
316 johnm 1.70
317     *hardened-sources-2.6.14-r2 (27 Dec 2005)
318    
319     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
320     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
321     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
322     network hooks.
323 johnm 1.69
324     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
325     hardened-sources-2.6.14-r1.ebuild:
326     bumping to stable early for sec fix on x86 & amd64
327 johnm 1.68
328     *hardened-sources-2.6.14-r1 (05 Dec 2005)
329    
330     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
331     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
332     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
333 solar 1.67
334     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
335     - stable on x86 security bug #114227 CAN-2005-3257
336 kang 1.66
337     *hardened-sources-2.4.32 (19 Nov 2005)
338    
339     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
340     +hardened-sources-2.4.32.ebuild:
341     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
342     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
343     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
344     rsbac >> /etc/portage/package.use)
345 johnm 1.65
346     *hardened-sources-2.6.14 (14 Nov 2005)
347    
348     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
349     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
350     Bumping 2.6 series to 2.6.14.2
351 johnm 1.64
352     *hardened-sources-2.6.13-r2 (20 Oct 2005)
353    
354     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
355     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
356     +hardened-sources-2.6.13-r2.ebuild:
357     Fixes minor build error in ppc.
358 johnm 1.63
359     *hardened-sources-2.6.13-r1 (17 Oct 2005)
360    
361     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
362     +hardened-sources-2.6.13-r1.ebuild:
363     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
364     2.6.13.4, fixes some major amd64 stability problems.
365 johnm 1.62
366     *hardened-sources-2.6.13 (16 Sep 2005)
367    
368     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
369     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
370     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
371     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
372     users should test this thoroughly.
373 solar 1.61
374     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
375     - stable on x86
376 johnm 1.60
377     *hardened-sources-2.6.11-r15 (27 Jun 2005)
378    
379     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
380     +hardened-sources-2.6.11-r15.ebuild:
381     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
382     grsec redefining curr_ip struct.
383 solar 1.59
384     *hardened-sources-2.4.31 (20 Jun 2005)
385    
386     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
387     initial import of 2.4.31 tree
388 johnm 1.58
389     *hardened-sources-2.6.11-r14 (14 Jun 2005)
390    
391     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
392     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
393     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
394     naming scheme to abide by genpatches
395 johnm 1.57
396     *hardened-sources-2.6.11-r13 (18 May 2005)
397    
398     18 May 2005; John Mylchreest <johnm@gentoo.org>
399     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
400     Managed to mangle the Makefile patch from grsec, to miss out the grsec
401     target. sorry about that. Fixes bug #93022
402 johnm 1.56
403     *hardened-sources-2.6.11-r12 (17 May 2005)
404    
405     17 May 2005; John Mylchreest <johnm@gentoo.org>
406     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
407     +hardened-sources-2.6.11-r12.ebuild:
408     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
409     merges in genpatches-base
410 johnm 1.55
411     *hardened-sources-2.6.11-r12 (17 May 2005)
412    
413     17 May 2005; John Mylchreest <johnm@gentoo.org>
414     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
415     +hardened-sources-2.6.11-r12.ebuild:
416     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
417     merges in genpatches-base
418 solar 1.54
419     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
420     -files/2.4.27-cmdline-race.patch,
421     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
422     -files/2.4.28-grsec-binfmt_a.out.patch,
423     -files/2.4.28-grsec-cmdline-race.patch,
424     -files/2.4.28-selinux-binfmt_a.out.patch,
425     -files/2.4.28-selinux-cmdline-race.patch,
426     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
427     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
428     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
429     cleanup..
430 solar 1.53
431     *hardened-sources-2.4.30-r1 (21 Apr 2005)
432    
433     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
434     - disable aout by default
435 solar 1.52
436     *hardened-sources-2.4.30 (18 Apr 2005)
437    
438     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
439     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
440     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
441     use
442 tocharian 1.50
443 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
444    
445     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
446     +hardened-sources-2.4.29.ebuild:
447     New hardened-patches-2.4-29.0 patchball.
448     Removed SELinux support, upgraded GRSecurity to 2.1.4.
449    
450     *hardened-sources-2.4.28-r5 (06 Mar 2005)
451    
452     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
453     +hardened-sources-2.4.28-r5.ebuild:
454     Added a fix for a PaX vulnerability.
455    
456     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
457 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
458     Stable on x86
459 solar 1.49
460     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
461     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
462     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
463     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
464     - fixed/added RDEPEND= in all kernel-2 ebuilds
465 tocharian 1.48
466     *hardened-sources-2.4.28-r4 (21 Jan 2005)
467    
468     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
469     +hardened-sources-2.4.28-r4.ebuild:
470     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
471     backport of neighbour hash updates.
472 tocharian 1.47
473     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
474     hardened-sources-2.4.28-r3.ebuild:
475     Stable on x86
476 tseng 1.46
477     *hardened-sources-2.6.10-r3 (20 Jan 2005)
478    
479     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
480     +hardened-sources-2.6.10-r3.ebuild:
481     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
482     in 2005.0
483 tocharian 1.45
484     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
485     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
486     hardened-sources-2.4.28-r2.ebuild:
487     Mark stable on x86
488 tocharian 1.44
489     *hardened-sources-2.4.28-r3 (17 Jan 2005)
490    
491     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
492     +hardened-sources-2.4.28-r3.ebuild:
493     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
494 tocharian 1.43
495     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
496     hardened-sources-2.4.28.ebuild:
497     Mark stable on x86.
498 tocharian 1.42
499     *hardened-sources-2.4.28-r2 (13 Jan 2005)
500    
501     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
502     +hardened-sources-2.4.28-r2.ebuild:
503     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
504     Mazinger for grsecurity patches as well.
505 plasmaroo 1.41
506     *hardened-sources-2.4.28-r1 (23 Dec 2004)
507    
508     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
509     Security bump. Thank tocharian for rolling a new patchset...
510 solar 1.40
511     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
512     +files/2.4.28-grsec-cmdline-race.patch,
513     +files/2.4.28-selinux-binfmt_a.out.patch,
514     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
515     - Round up remaining security patches that appear to be missing in 2.4.28. -
516     PaX standalone updated to current. hgpv=28.1
517 solar 1.39
518     *hardened-sources-2.4.28 (28 Nov 2004)
519    
520     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
521     security bump. Thank tocharian for rolling a new patchset
522 scox 1.31
523 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
524    
525     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
526     +hardened-sources-2.4.27-r3.ebuild:
527     Applies the new 2.4-27.2 patchball which updates
528     GRSecurity to the 2.0.1 version.
529    
530 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
531    
532     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
533     +hardened-sources-2.4.27-r2.ebuild:
534     Version bump.
535     This version uses the new 2.4-27.1 patchball which updates
536     both the SELinux PaX hooks patch and the SELinux headers.
537    
538 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
539    
540     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
541     +hardened-sources-2.4.27-r1.ebuild,
542     -hardened-sources-2.4.27.ebuild,
543     +files/2.4.27-cmdline-race.patch:
544     Version bump, fix for cmdline race. See bug #59905.
545    
546     *hardened-sources-2.4.26-r6 (09 Aug 2004)
547    
548     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
549     +hardened-sources-2.4.26-r6.ebuild,
550     -hardened-sources-2.4.26-r5.ebuild,
551     -hardened-sources-2.4.26-r4.ebuild,
552     +files/2.4.26-cmdline-race.patch:
553     Version bump, fix for cmdline race. See bug #59905.
554    
555 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
556    
557     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
558     +hardened-sources-2.4.27.ebuild,
559     +files/2.4.27-CAN-2004-0394.patch:
560     Ported the patchball to the 2.4.27 kernel version.
561    
562 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
563    
564     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
565     +hardened-sources-2.4.26-r5.ebuild:
566 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
567 scox 1.34 It adds the following features:
568     - Squashfs
569     - Ebtables
570     - Netdev random (core+drivers)
571     - Watchdog Timer (WDT) fix.
572    
573 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
574    
575     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
576     +hardened-sources-2.4.26-r4.ebuild,
577     +files/2.4.26-CAN-2004-0415.patch,
578     -hardened-sources-2.4.26-3:
579     Version bump, fix for CAN 0415, see bug #59378.
580    
581 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
582    
583     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
584     +hardened-sources-2.4.26-r3.ebuild,
585     +files/2.4.26-CAN-2004-0497.patch,
586     -hardened-sources-2.4.26-r2.ebuild:
587     Version bump, fixed CAN 0497, see bug #56171.
588    
589 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
590    
591     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
592 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
593 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
594     +files/2.4.26-CAN-2004-0535.patch,
595     -hardened-sources-2.4.26-r1.ebuild:
596     Fixes for both CAN 0495 and 0535, see bug #54976
597 pvdabeel 1.27
598 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
599     hardened-sources-2.4.26-r1.ebuild:
600     QA - fix use invocation
601 scox 1.28
602     *hardened-sources-2.4.26-r1 (22 June 2004)
603    
604     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
605     +hardened-sources-2.4.26-r1.ebuild,
606     +files/2.4.26-CAN-2004-0394.patch,
607     +files/2.4.26-signal-race.patch,
608     -hardened-sources-2.4.26.ebuild,
609     -hardened-sources-2.4.24-r3.ebuild:
610     Version bump for the CAN-2004-0394 issue and bug #53804
611     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
612    
613    
614 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
615     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
616     Masked hardened-sources-2.4.26.ebuild broken for ppc
617    
618     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
619     hardened-sources-2.4.24-r3.ebuild:
620     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
621 plasmaroo 1.25
622 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
623    
624     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
625     +hardened-sources-2.4.26.ebuild:
626     Updated hardened-sources for the 2.4.26 kernel
627     Removed broken components, updated almost everything.
628    
629 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
630    
631     17 Apr 2004; <plasmaroo@gentoo.org>
632     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
633     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
634     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
635     +hardened-sources-2.4.24-r3.ebuild:
636     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
637     vulnerabilities. Old revisions removed.
638 plasmaroo 1.24
639     *hardened-sources-2.4.24-r2 (15 Apr 2004)
640    
641     15 Apr 2004; <plasmaroo@gentoo.org>
642     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
643     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
644     Version bump for the CAN-2004-0109 issue; bug #47881.
645 aliz 1.23
646     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
647     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
648     Add eutils to inherit.
649 plasmaroo 1.22
650     *hardened-sources-2.4.24-r1 (19 Feb 2004)
651    
652     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
653     files/hardened-sources-2.4.24.munmap.patch:
654     Added the patch for the mremap/munmap vulnerability. Bug #42024.
655 scox 1.19
656 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
657 scox 1.26
658 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
659     hardened-sources-2.4.24.ebuild:
660     Version bump, updated most of the components.
661     This release includes the following:
662    
663     - Hardened security
664     - Netfilter patch-o-matic 20031219
665     - FreeSWAN 2.04 & x509 1.4.8
666     - EVMS 2.2.2
667     - XFS 1.3.1
668     - cryptoloop jari
669     - grsecurity 2.0-rc4
670     - SELinux
671     - PaX 200402060000
672     - PaX Obscurity 200308302223
673     - Others...
674    
675     Neither -ck nor systrace are included anymore.
676    
677 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
678    
679     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
680     hardened-sources-2.4.22-r2.ebuild:
681 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
682 scox 1.19
683     *hardened-sources-2.4.22-r1 (02 Dec 2003)
684 iggy 1.17
685     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
686 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
687 iggy 1.16
688     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
689 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
690     Version bump for the 'do_brk' vulnerability.
691 iggy 1.15
692     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
693     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
694     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
695     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
696 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
697 frogger 1.14
698     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
699     hardened-sources-2.4.22.ebuild:
700 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
701     components. These are no longer handled in the kernel
702     so this code was not necessary.
703 frogger 1.13
704     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
705     New 2.4.22 based hardened-sources thanks to
706     Phil West <p.west@computer.org>.
707    
708     These sources include:
709 plasmaroo 1.18 - New SELinux API
710     - Updated CK-base
711     - Updated GRSec
712     - Systrace
713     - SuperFreeS/WAN 1.99.8
714     - Propolice kernel build support
715     - EVMS
716     - Other various security related patches
717 frogger 1.11
718 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
719    
720     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
721     Updated hardened-sources based on the 2.4.21 Linux kernel.
722     This includes updates to most major components such as:
723 plasmaroo 1.18 - ck-base-0306300059
724     - selinux-2.4-2003071106
725     - grsecurity-2.0-rc1
726     - Updated IPTables patch-o-matic
727     - Updated SuperFreeS/WAN
728    
729 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
730     updated patch set ready for the 2.4.21 based kernel.
731    
732 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
733     Initial import of hardened-sources-2.4.20-r4. This revision
734     includes only a few changes, but one of these is an important
735     security fix. It is recommended all users of hardened-sources
736     upgrade to this release.
737 plasmaroo 1.18
738 frogger 1.11 - ioperm bug fix
739     - fixed compilation failure when building without GRSec
740 plasmaroo 1.18
741 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
742     due to time constraints, but is planned for inclusion in the near
743     future.
744 msterret 1.10
745     *hardened-sources-2.4.20-r2 (12 Jun 2003)
746    
747     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
748     hardened-sources-2.4.20-r3.ebuild:
749 plasmaroo 1.18 Add Header...
750 frogger 1.9
751     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
752     hardened-sources-2.4.20-r3.ebuild:
753     Removed warnings from ebuild. This kernel should be safe to
754     use at this point.
755 frogger 1.8
756     *hardened-sources-2.4.20-r3 (08 Jun 2003)
757    
758     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
759     hardened-sources-2.4.20-r3.ebuild:
760     New revision. Includes the following changes over -r2:
761 plasmaroo 1.18
762 frogger 1.8 - ck7-base (O(1), preempt, low latency)
763     - Super FreeS/WAN 1.99.7rc2
764     - PaX for the LSM/SELinux branch
765     - GRSecurity 2.0-pre4 (role based access control)
766     - Systrace 1.3
767     - EXT3 fixes
768     - EVMS 2.0.1
769     - GCC 3.1+ compile optimizations
770     - ProPolice kernel build support
771     - Hashing table security fixes
772 frogger 1.3
773     *hardened-sources-2.4.20-r1 (09 Apr 2003)
774 frogger 1.7
775     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
776     Initial import of hardened-sources-r2. This new
777     ebuild includes many new performance and security
778     related patches. As in -r1, it will patch in
779     LSM/SELinux if "selinux" is in USE, otherwise it
780     will patch in GRSecurity. The following patches
781     are included in this revision:
782 plasmaroo 1.18
783 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
784     (pulled from the base CK patch)
785     - ptrace exploit patch for the LSM kernel
786     (the GRSec patch already fixes this)
787     - LSM 2.4-2003040709
788     - SELinux 2.4-2003040709
789     - Systrace v1.2
790     - IPTables patch-o-matic base patches - 20030107
791     - CryptoAPI 2.4.20.1 w/ loop-jari patch
792     - Super FreeS/WAN 1.99.6.1
793     - GRSecurity 1.9.9g
794     - MPPE
795     - EXT3 data journal fix
796     - CIPE 1.5.4
797 frogger 1.6
798     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
799     hardened-sources-2.4.20-r1.ebuild, manifest:
800 plasmaroo 1.18 Updated to install flask components correctly for selinux.
801 frogger 1.5
802     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
803     hardened-sources-2.4.20-r1.ebuild:
804     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
805     is patched in instead. Ptrace patches for selinux have also been added. In
806     either case, systrace support will be patched in as well.
807 frogger 1.3
808     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
809     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
810 plasmaroo 1.18 Revision bump for new sources.
811 frogger 1.4
812 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
813 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
814 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
815 method 1.1
816 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
817    
818 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
819     hardened-sources-2.4.20.ebuild:
820 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20