/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.132 - (hide annotations) (download)
Tue Jan 23 20:51:19 2007 UTC (7 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.131: +8 -1 lines
Revision bump, closing the recently discovered PaX expand_stack() vulnerability.
(Portage version: 2.1.2-r2)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.132 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.131 2007/01/14 05:35:01 phreak Exp $
4    
5     *hardened-sources-2.6.19-r5 (23 Jan 2007)
6    
7     23 Jan 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.19-r5.ebuild:
9     Revision bump, closing the recently discovered PaX expand_stack()
10     vulnerability.
11 phreak 1.131
12     *hardened-sources-2.6.19-r4 (14 Jan 2007)
13    
14     14 Jan 2007; Christian Heim <phreak@gentoo.org>
15     +hardened-sources-2.6.19-r4.ebuild:
16     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
17     dropping the randomized PID feature.
18 opfer 1.130
19     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
20     hardened-sources-2.4.33.4.ebuild:
21     stable x86, bug #161171
22 phreak 1.129
23     *hardened-sources-2.6.19-r3 (27 Dec 2006)
24    
25     27 Dec 2006; Christian Heim <phreak@gentoo.org>
26     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
27     Revision bump for bug #157186 and #158786.
28 phreak 1.128
29     *hardened-sources-2.6.18-r4 (27 Dec 2006)
30    
31     27 Dec 2006; Christian Heim <phreak@gentoo.org>
32     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
33     Revision bump for bug #157186.
34 phreak 1.127
35     *hardened-sources-2.6.19-r2 (23 Dec 2006)
36    
37     23 Dec 2006; Christian Heim <phreak@gentoo.org>
38     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
39     Revision bump to pull in genpatches-2.6.19-3 for #157186.
40 phreak 1.126
41     17 Dec 2006; Christian Heim <phreak@gentoo.org>
42     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
43     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
44     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
45     hardened-sources-2.6.19-r1.ebuild:
46     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
47     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
48 pappy 1.125
49     *hardened-sources-2.4.33.4 (17 Dec 2006)
50    
51     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
52     +hardened-sources-2.4.33.4.ebuild:
53     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
54     and quilting
55 phreak 1.124
56     *hardened-sources-2.6.19-r1 (14 Dec 2006)
57    
58     14 Dec 2006; Christian Heim <phreak@gentoo.org>
59     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
60     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
61     for reporting).
62 phreak 1.123
63     *hardened-sources-2.6.19 (13 Dec 2006)
64    
65     13 Dec 2006; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.19.ebuild:
67     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
68     Brad for providing that prompt update.
69 phreak 1.122
70     *hardened-sources-2.6.18-r3 (13 Dec 2006)
71    
72     13 Dec 2006; Christian Heim <phreak@gentoo.org>
73     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
74     +hardened-sources-2.6.18-r3.ebuild:
75     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
76     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
77 phreak 1.121
78     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
79     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
80 nixnut 1.120
81     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
82     Stable on ppc wrt bug 157356
83 opfer 1.119
84     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
85     hardened-sources-2.6.18.ebuild:
86     stable x86, bug #157356
87 phreak 1.118
88     *hardened-sources-2.6.18-r2 (06 Dec 2006)
89    
90     06 Dec 2006; Christian Heim <phreak@gentoo.org>
91     +hardened-sources-2.6.18-r2.ebuild:
92     Revision bump, including 2.6.18.5 (via genpatches) and
93     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
94     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
95     redesign.
96 phreak 1.117
97     06 Dec 2006; Christian Heim <phreak@gentoo.org>
98     hardened-sources-2.6.18.ebuild:
99     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
100     of Mike Doty).
101 phreak 1.116
102     *hardened-sources-2.6.18-r1 (23 Nov 2006)
103    
104     23 Nov 2006; Christian Heim <phreak@gentoo.org>
105     +hardened-sources-2.6.18-r1.ebuild:
106     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
107 phreak 1.115
108     *hardened-sources-2.6.18 (11 Nov 2006)
109    
110     11 Nov 2006; Christian Heim <phreak@gentoo.org>
111     +hardened-sources-2.6.18.ebuild:
112     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
113 solar 1.114
114     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
115     - mark amd64 stable also. bug #151877
116 solar 1.113
117     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
118     - mark 2.6.17-r1 stable
119 phreak 1.112
120     27 Aug 2006; Christian Heim <phreak@gentoo.org>
121     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
122     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
123 phreak 1.111
124     *hardened-sources-2.6.17-r1 (26 Aug 2006)
125    
126     26 Aug 2006; Christian Heim <phreak@gentoo.org>
127     +hardened-sources-2.6.17-r1.ebuild:
128     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
129     grsecurity patch.
130 phreak 1.110
131     *hardened-sources-2.6.17 (17 Aug 2006)
132    
133     17 Aug 2006; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.17.ebuild:
135     Bumping the hardened-sources-2.6 series to 2.6.17, using
136     genpatches-2.6.17-6.base.
137 solar 1.109
138     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
139     - stable on x86 and amd64
140 solar 1.108
141     *hardened-sources-2.6.16-r11 (15 Jul 2006)
142    
143     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
144     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
145     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
146     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
147     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
148     crusty ebuilds
149 johnm 1.107
150     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
151     hardened-sources-2.6.16-r10.ebuild:
152     marking stable on x86 and amd64
153 solar 1.106
154     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
155     - 2.4.32-r6 stable on x86. RSBAC state unknown
156 kang 1.105
157     *hardened-sources-2.4.32-r7 (10 Jul 2006)
158    
159     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
160     +hardened-sources-2.4.32-r7.ebuild:
161     Bump PaX for RSBAC to test-17
162 johnm 1.104
163     *hardened-sources-2.6.16-r9 (03 Jul 2006)
164    
165     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
166     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
167     hardened-sources-2.6.16 bump to latest -base.
168 solar 1.103
169     *hardened-sources-2.4.32-r6 (30 Jun 2006)
170    
171     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
172     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
173     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
174     sysctl controlable resource logging
175 johnm 1.102
176     *hardened-sources-2.6.16-r7 (05 Jun 2006)
177    
178     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
179     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
180     push new 2.6.16 release in preparation for stable
181 solar 1.101
182     22 May 2006; <solar@gentoo.org> :
183     - redigest bug 134002
184 kang 1.100
185     *hardened-sources-2.4.32-r5 (16 May 2006)
186    
187     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
188     +hardened-sources-2.4.32-r5.ebuild:
189     Fixes rsbac common patching (new patch in new -r5 patchset)
190 solar 1.99
191     *hardened-sources-2.4.32-r4 (13 May 2006)
192    
193     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
194     +hardened-sources-2.4.32-r4.ebuild:
195     - security bumps
196 johnm 1.98
197     *hardened-sources-2.6.16-r6 (03 May 2006)
198    
199     03 May 2006; John Mylchreest <johnm@gentoo.org>
200     +hardened-sources-2.6.16-r6.ebuild:
201     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
202 johnm 1.97
203     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
204     hardened-sources-2.6.14-r8.ebuild:
205     fix x86_64 build problem, this will delay the digest issue again for a short
206     while but it will sort itself out
207 johnm 1.96
208     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
209     hardened-sources-2.6.14-r8.ebuild:
210     bump hardened patchset
211 antarus 1.94
212     27 Apr 2006; Alec Warner <antarus@gentoo.org>
213     files/digest-hardened-sources-2.4.32-r2,
214     files/digest-hardened-sources-2.4.32-r3,
215     files/digest-hardened-sources-2.6.14-r8, Manifest:
216     Fixing duff SHA256 digests: Bug # 131293
217 johnm 1.93
218 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
219    
220     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
221     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
222     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
223     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
224     cleanup of old uneccessary sources
225    
226 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
227     fix digest
228 johnm 1.92
229     *hardened-sources-2.6.14-r8 (20 Apr 2006)
230    
231     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
232     +hardened-sources-2.6.14-r8.ebuild:
233     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
234 johnm 1.91
235     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
236     Turning on gpg-signing again, and recomitting
237 johnm 1.90
238     *hardened-sources-2.6.16-r4 (20 Apr 2006)
239    
240     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
241     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
242     +hardened-sources-2.6.16-r4.ebuild:
243     Fix numerous security vulns
244 solar 1.89
245     *hardened-sources-2.4.32-r3 (16 Apr 2006)
246    
247     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
248     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
249     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
250     - security bump for bug #112791. Removed old ebuilds
251 johnm 1.88
252     *hardened-sources-2.6.16-r3 (15 Apr 2006)
253    
254     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
255     +hardened-sources-2.6.16-r3.ebuild:
256     Removing silly localversion which I missed
257 johnm 1.87
258     *hardened-sources-2.6.14-r7 (14 Apr 2006)
259    
260     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
261     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
262     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
263 johnm 1.86
264     *hardened-sources-2.6.16-r2 (13 Apr 2006)
265    
266     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
267     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
268     +hardened-sources-2.6.16-r2.ebuild:
269     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
270     labels, dropping USERGROUP define fixes, since these were merged mainstream.
271 johnm 1.85
272     *hardened-sources-2.6.16-r1 (11 Apr 2006)
273    
274     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
275     +hardened-sources-2.6.16-r1.ebuild:
276     Bumping to include ppc build fix and 2.6.16.3
277 tsunam 1.84
278     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
279     hardened-sources-2.6.14-r6.ebuild:
280     Stable on x86; bug #127718
281 johnm 1.83
282     *hardened-sources-2.6.16 (31 Mar 2006)
283    
284     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
285     +hardened-sources-2.6.16.ebuild:
286     Bumping to new version of grsec, and kernel base. New squashfs. Based on
287     2.6.16.1
288 cryos 1.82
289     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
290     hardened-sources-2.6.14-r6.ebuild:
291     Stable on amd64, bug 127718.
292 nixnut 1.81
293     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
294     Stable on ppc. Bug #127718
295 johnm 1.80
296     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
297     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
298     -hardened-sources-2.6.14-r4.ebuild:
299     Cleanup.
300 johnm 1.79
301     *hardened-sources-2.6.14-r6 (15 Mar 2006)
302    
303     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
304     +hardened-sources-2.6.14-r6.ebuild:
305     Fixes grsec policy recreation bug and adds a
306     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
307 solar 1.78
308     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
309     - stable on x86
310 hansmi 1.77
311     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
312     hardened-sources-2.6.14-r5.ebuild:
313     Stable on ppc.
314 johnm 1.76
315     *hardened-sources-2.6.14-r5 (01 Feb 2006)
316    
317     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
318     +hardened-sources-2.6.14-r5.ebuild:
319     fixing every known exploit
320 solar 1.75
321     *hardened-sources-2.4.32-r2 (26 Jan 2006)
322    
323     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
324     +hardened-sources-2.4.32-r2.ebuild:
325     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
326 solar 1.74
327     *hardened-sources-2.6.14-r4 (12 Jan 2006)
328    
329     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
330     - version bump for new genpatches which fix up a few sec holes
331 solar 1.73
332     *hardened-sources-2.4.32-r1 (05 Jan 2006)
333    
334     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
335     - revision bump to add misc vital linux kernel security patches.
336 johnm 1.72
337     *hardened-sources-2.6.14-r3 (30 Dec 2005)
338    
339     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
340     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
341     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
342 johnm 1.71
343     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
344     hardened-sources-2.6.14-r2.ebuild:
345     making x86 & amd64 stable following testing.
346 johnm 1.70
347     *hardened-sources-2.6.14-r2 (27 Dec 2005)
348    
349     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
350     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
351     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
352     network hooks.
353 johnm 1.69
354     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
355     hardened-sources-2.6.14-r1.ebuild:
356     bumping to stable early for sec fix on x86 & amd64
357 johnm 1.68
358     *hardened-sources-2.6.14-r1 (05 Dec 2005)
359    
360     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
361     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
362     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
363 solar 1.67
364     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
365     - stable on x86 security bug #114227 CAN-2005-3257
366 kang 1.66
367     *hardened-sources-2.4.32 (19 Nov 2005)
368    
369     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
370     +hardened-sources-2.4.32.ebuild:
371     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
372     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
373     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
374     rsbac >> /etc/portage/package.use)
375 johnm 1.65
376     *hardened-sources-2.6.14 (14 Nov 2005)
377    
378     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
379     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
380     Bumping 2.6 series to 2.6.14.2
381 johnm 1.64
382     *hardened-sources-2.6.13-r2 (20 Oct 2005)
383    
384     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
385     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
386     +hardened-sources-2.6.13-r2.ebuild:
387     Fixes minor build error in ppc.
388 johnm 1.63
389     *hardened-sources-2.6.13-r1 (17 Oct 2005)
390    
391     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
392     +hardened-sources-2.6.13-r1.ebuild:
393     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
394     2.6.13.4, fixes some major amd64 stability problems.
395 johnm 1.62
396     *hardened-sources-2.6.13 (16 Sep 2005)
397    
398     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
399     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
400     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
401     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
402     users should test this thoroughly.
403 solar 1.61
404     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
405     - stable on x86
406 johnm 1.60
407     *hardened-sources-2.6.11-r15 (27 Jun 2005)
408    
409     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
410     +hardened-sources-2.6.11-r15.ebuild:
411     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
412     grsec redefining curr_ip struct.
413 solar 1.59
414     *hardened-sources-2.4.31 (20 Jun 2005)
415    
416     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
417     initial import of 2.4.31 tree
418 johnm 1.58
419     *hardened-sources-2.6.11-r14 (14 Jun 2005)
420    
421     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
422     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
423     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
424     naming scheme to abide by genpatches
425 johnm 1.57
426     *hardened-sources-2.6.11-r13 (18 May 2005)
427    
428     18 May 2005; John Mylchreest <johnm@gentoo.org>
429     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
430     Managed to mangle the Makefile patch from grsec, to miss out the grsec
431     target. sorry about that. Fixes bug #93022
432 johnm 1.56
433     *hardened-sources-2.6.11-r12 (17 May 2005)
434    
435     17 May 2005; John Mylchreest <johnm@gentoo.org>
436     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
437     +hardened-sources-2.6.11-r12.ebuild:
438     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
439     merges in genpatches-base
440 johnm 1.55
441     *hardened-sources-2.6.11-r12 (17 May 2005)
442    
443     17 May 2005; John Mylchreest <johnm@gentoo.org>
444     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
445     +hardened-sources-2.6.11-r12.ebuild:
446     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
447     merges in genpatches-base
448 solar 1.54
449     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
450     -files/2.4.27-cmdline-race.patch,
451     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
452     -files/2.4.28-grsec-binfmt_a.out.patch,
453     -files/2.4.28-grsec-cmdline-race.patch,
454     -files/2.4.28-selinux-binfmt_a.out.patch,
455     -files/2.4.28-selinux-cmdline-race.patch,
456     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
457     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
458     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
459     cleanup..
460 solar 1.53
461     *hardened-sources-2.4.30-r1 (21 Apr 2005)
462    
463     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
464     - disable aout by default
465 solar 1.52
466     *hardened-sources-2.4.30 (18 Apr 2005)
467    
468     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
469     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
470     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
471     use
472 tocharian 1.50
473 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
474    
475     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
476     +hardened-sources-2.4.29.ebuild:
477     New hardened-patches-2.4-29.0 patchball.
478     Removed SELinux support, upgraded GRSecurity to 2.1.4.
479    
480     *hardened-sources-2.4.28-r5 (06 Mar 2005)
481    
482     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
483     +hardened-sources-2.4.28-r5.ebuild:
484     Added a fix for a PaX vulnerability.
485    
486     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
487 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
488     Stable on x86
489 solar 1.49
490     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
491     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
492     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
493     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
494     - fixed/added RDEPEND= in all kernel-2 ebuilds
495 tocharian 1.48
496     *hardened-sources-2.4.28-r4 (21 Jan 2005)
497    
498     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
499     +hardened-sources-2.4.28-r4.ebuild:
500     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
501     backport of neighbour hash updates.
502 tocharian 1.47
503     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
504     hardened-sources-2.4.28-r3.ebuild:
505     Stable on x86
506 tseng 1.46
507     *hardened-sources-2.6.10-r3 (20 Jan 2005)
508    
509     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
510     +hardened-sources-2.6.10-r3.ebuild:
511     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
512     in 2005.0
513 tocharian 1.45
514     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
515     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
516     hardened-sources-2.4.28-r2.ebuild:
517     Mark stable on x86
518 tocharian 1.44
519     *hardened-sources-2.4.28-r3 (17 Jan 2005)
520    
521     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
522     +hardened-sources-2.4.28-r3.ebuild:
523     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
524 tocharian 1.43
525     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
526     hardened-sources-2.4.28.ebuild:
527     Mark stable on x86.
528 tocharian 1.42
529     *hardened-sources-2.4.28-r2 (13 Jan 2005)
530    
531     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
532     +hardened-sources-2.4.28-r2.ebuild:
533     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
534     Mazinger for grsecurity patches as well.
535 plasmaroo 1.41
536     *hardened-sources-2.4.28-r1 (23 Dec 2004)
537    
538     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
539     Security bump. Thank tocharian for rolling a new patchset...
540 solar 1.40
541     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
542     +files/2.4.28-grsec-cmdline-race.patch,
543     +files/2.4.28-selinux-binfmt_a.out.patch,
544     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
545     - Round up remaining security patches that appear to be missing in 2.4.28. -
546     PaX standalone updated to current. hgpv=28.1
547 solar 1.39
548     *hardened-sources-2.4.28 (28 Nov 2004)
549    
550     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
551     security bump. Thank tocharian for rolling a new patchset
552 scox 1.31
553 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
554    
555     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
556     +hardened-sources-2.4.27-r3.ebuild:
557     Applies the new 2.4-27.2 patchball which updates
558     GRSecurity to the 2.0.1 version.
559    
560 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
561    
562     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
563     +hardened-sources-2.4.27-r2.ebuild:
564     Version bump.
565     This version uses the new 2.4-27.1 patchball which updates
566     both the SELinux PaX hooks patch and the SELinux headers.
567    
568 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
569    
570     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
571     +hardened-sources-2.4.27-r1.ebuild,
572     -hardened-sources-2.4.27.ebuild,
573     +files/2.4.27-cmdline-race.patch:
574     Version bump, fix for cmdline race. See bug #59905.
575    
576     *hardened-sources-2.4.26-r6 (09 Aug 2004)
577    
578     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
579     +hardened-sources-2.4.26-r6.ebuild,
580     -hardened-sources-2.4.26-r5.ebuild,
581     -hardened-sources-2.4.26-r4.ebuild,
582     +files/2.4.26-cmdline-race.patch:
583     Version bump, fix for cmdline race. See bug #59905.
584    
585 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
586    
587     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
588     +hardened-sources-2.4.27.ebuild,
589     +files/2.4.27-CAN-2004-0394.patch:
590     Ported the patchball to the 2.4.27 kernel version.
591    
592 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
593    
594     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
595     +hardened-sources-2.4.26-r5.ebuild:
596 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
597 scox 1.34 It adds the following features:
598     - Squashfs
599     - Ebtables
600     - Netdev random (core+drivers)
601     - Watchdog Timer (WDT) fix.
602    
603 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
604    
605     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
606     +hardened-sources-2.4.26-r4.ebuild,
607     +files/2.4.26-CAN-2004-0415.patch,
608     -hardened-sources-2.4.26-3:
609     Version bump, fix for CAN 0415, see bug #59378.
610    
611 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
612    
613     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
614     +hardened-sources-2.4.26-r3.ebuild,
615     +files/2.4.26-CAN-2004-0497.patch,
616     -hardened-sources-2.4.26-r2.ebuild:
617     Version bump, fixed CAN 0497, see bug #56171.
618    
619 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
620    
621     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
622 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
623 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
624     +files/2.4.26-CAN-2004-0535.patch,
625     -hardened-sources-2.4.26-r1.ebuild:
626     Fixes for both CAN 0495 and 0535, see bug #54976
627 pvdabeel 1.27
628 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
629     hardened-sources-2.4.26-r1.ebuild:
630     QA - fix use invocation
631 scox 1.28
632     *hardened-sources-2.4.26-r1 (22 June 2004)
633    
634     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
635     +hardened-sources-2.4.26-r1.ebuild,
636     +files/2.4.26-CAN-2004-0394.patch,
637     +files/2.4.26-signal-race.patch,
638     -hardened-sources-2.4.26.ebuild,
639     -hardened-sources-2.4.24-r3.ebuild:
640     Version bump for the CAN-2004-0394 issue and bug #53804
641     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
642    
643    
644 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
645     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
646     Masked hardened-sources-2.4.26.ebuild broken for ppc
647    
648     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
649     hardened-sources-2.4.24-r3.ebuild:
650     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
651 plasmaroo 1.25
652 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
653    
654     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
655     +hardened-sources-2.4.26.ebuild:
656     Updated hardened-sources for the 2.4.26 kernel
657     Removed broken components, updated almost everything.
658    
659 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
660    
661     17 Apr 2004; <plasmaroo@gentoo.org>
662     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
663     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
664     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
665     +hardened-sources-2.4.24-r3.ebuild:
666     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
667     vulnerabilities. Old revisions removed.
668 plasmaroo 1.24
669     *hardened-sources-2.4.24-r2 (15 Apr 2004)
670    
671     15 Apr 2004; <plasmaroo@gentoo.org>
672     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
673     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
674     Version bump for the CAN-2004-0109 issue; bug #47881.
675 aliz 1.23
676     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
677     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
678     Add eutils to inherit.
679 plasmaroo 1.22
680     *hardened-sources-2.4.24-r1 (19 Feb 2004)
681    
682     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
683     files/hardened-sources-2.4.24.munmap.patch:
684     Added the patch for the mremap/munmap vulnerability. Bug #42024.
685 scox 1.19
686 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
687 scox 1.26
688 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
689     hardened-sources-2.4.24.ebuild:
690     Version bump, updated most of the components.
691     This release includes the following:
692    
693     - Hardened security
694     - Netfilter patch-o-matic 20031219
695     - FreeSWAN 2.04 & x509 1.4.8
696     - EVMS 2.2.2
697     - XFS 1.3.1
698     - cryptoloop jari
699     - grsecurity 2.0-rc4
700     - SELinux
701     - PaX 200402060000
702     - PaX Obscurity 200308302223
703     - Others...
704    
705     Neither -ck nor systrace are included anymore.
706    
707 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
708    
709     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
710     hardened-sources-2.4.22-r2.ebuild:
711 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
712 scox 1.19
713     *hardened-sources-2.4.22-r1 (02 Dec 2003)
714 iggy 1.17
715     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
716 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
717 iggy 1.16
718     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
719 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
720     Version bump for the 'do_brk' vulnerability.
721 iggy 1.15
722     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
723     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
724     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
725     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
726 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
727 frogger 1.14
728     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
729     hardened-sources-2.4.22.ebuild:
730 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
731     components. These are no longer handled in the kernel
732     so this code was not necessary.
733 frogger 1.13
734     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
735     New 2.4.22 based hardened-sources thanks to
736     Phil West <p.west@computer.org>.
737    
738     These sources include:
739 plasmaroo 1.18 - New SELinux API
740     - Updated CK-base
741     - Updated GRSec
742     - Systrace
743     - SuperFreeS/WAN 1.99.8
744     - Propolice kernel build support
745     - EVMS
746     - Other various security related patches
747 frogger 1.11
748 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
749    
750     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
751     Updated hardened-sources based on the 2.4.21 Linux kernel.
752     This includes updates to most major components such as:
753 plasmaroo 1.18 - ck-base-0306300059
754     - selinux-2.4-2003071106
755     - grsecurity-2.0-rc1
756     - Updated IPTables patch-o-matic
757     - Updated SuperFreeS/WAN
758    
759 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
760     updated patch set ready for the 2.4.21 based kernel.
761    
762 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
763     Initial import of hardened-sources-2.4.20-r4. This revision
764     includes only a few changes, but one of these is an important
765     security fix. It is recommended all users of hardened-sources
766     upgrade to this release.
767 plasmaroo 1.18
768 frogger 1.11 - ioperm bug fix
769     - fixed compilation failure when building without GRSec
770 plasmaroo 1.18
771 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
772     due to time constraints, but is planned for inclusion in the near
773     future.
774 msterret 1.10
775     *hardened-sources-2.4.20-r2 (12 Jun 2003)
776    
777     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
778     hardened-sources-2.4.20-r3.ebuild:
779 plasmaroo 1.18 Add Header...
780 frogger 1.9
781     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
782     hardened-sources-2.4.20-r3.ebuild:
783     Removed warnings from ebuild. This kernel should be safe to
784     use at this point.
785 frogger 1.8
786     *hardened-sources-2.4.20-r3 (08 Jun 2003)
787    
788     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
789     hardened-sources-2.4.20-r3.ebuild:
790     New revision. Includes the following changes over -r2:
791 plasmaroo 1.18
792 frogger 1.8 - ck7-base (O(1), preempt, low latency)
793     - Super FreeS/WAN 1.99.7rc2
794     - PaX for the LSM/SELinux branch
795     - GRSecurity 2.0-pre4 (role based access control)
796     - Systrace 1.3
797     - EXT3 fixes
798     - EVMS 2.0.1
799     - GCC 3.1+ compile optimizations
800     - ProPolice kernel build support
801     - Hashing table security fixes
802 frogger 1.3
803     *hardened-sources-2.4.20-r1 (09 Apr 2003)
804 frogger 1.7
805     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
806     Initial import of hardened-sources-r2. This new
807     ebuild includes many new performance and security
808     related patches. As in -r1, it will patch in
809     LSM/SELinux if "selinux" is in USE, otherwise it
810     will patch in GRSecurity. The following patches
811     are included in this revision:
812 plasmaroo 1.18
813 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
814     (pulled from the base CK patch)
815     - ptrace exploit patch for the LSM kernel
816     (the GRSec patch already fixes this)
817     - LSM 2.4-2003040709
818     - SELinux 2.4-2003040709
819     - Systrace v1.2
820     - IPTables patch-o-matic base patches - 20030107
821     - CryptoAPI 2.4.20.1 w/ loop-jari patch
822     - Super FreeS/WAN 1.99.6.1
823     - GRSecurity 1.9.9g
824     - MPPE
825     - EXT3 data journal fix
826     - CIPE 1.5.4
827 frogger 1.6
828     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
829     hardened-sources-2.4.20-r1.ebuild, manifest:
830 plasmaroo 1.18 Updated to install flask components correctly for selinux.
831 frogger 1.5
832     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
833     hardened-sources-2.4.20-r1.ebuild:
834     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
835     is patched in instead. Ptrace patches for selinux have also been added. In
836     either case, systrace support will be patched in as well.
837 frogger 1.3
838     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
839     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
840 plasmaroo 1.18 Revision bump for new sources.
841 frogger 1.4
842 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
843 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
844 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
845 method 1.1
846 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
847    
848 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
849     hardened-sources-2.4.20.ebuild:
850 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20