/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.134 - (hide annotations) (download)
Wed Jan 24 05:46:13 2007 UTC (7 years, 6 months ago) by pappy
Branch: MAIN
Changes since 1.133: +12 -1 lines
committing hardened sources 2.4.34 containing a critical bugfix for grsecurity patch, files pushed to /space/distfiles-local, plz wait for mirrors spreading the love til you are using this ebuild

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 pappy 1.134 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.133 2007/01/23 21:28:13 phreak Exp $
4    
5     *hardened-sources-2.4.34 (24 Jan 2007)
6    
7     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
8     +hardened-sources-2.4.34.ebuild:
9     I added new hardened sources 2.4 update, this is a critical path
10     security bugfix - all users of h-s are strongly advised
11     to update their existing hardened sources to this version.
12     It contains a fix for a kernel vulnerability that is pertaining
13     to the PaX changes to virtual memory management, possibly leading
14     to a local kernel exploit ... see grsecurity.net forums and homepage
15 phreak 1.133
16     23 Jan 2007; Christian Heim <phreak@gentoo.org>
17     files/digest-hardened-sources-2.6.19-r5, Manifest:
18     Fixing the patch-tarball digest.
19 phreak 1.132
20     *hardened-sources-2.6.19-r5 (23 Jan 2007)
21    
22     23 Jan 2007; Christian Heim <phreak@gentoo.org>
23     +hardened-sources-2.6.19-r5.ebuild:
24     Revision bump, closing the recently discovered PaX expand_stack()
25     vulnerability.
26 phreak 1.131
27     *hardened-sources-2.6.19-r4 (14 Jan 2007)
28    
29     14 Jan 2007; Christian Heim <phreak@gentoo.org>
30     +hardened-sources-2.6.19-r4.ebuild:
31     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
32     dropping the randomized PID feature.
33 opfer 1.130
34     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
35     hardened-sources-2.4.33.4.ebuild:
36     stable x86, bug #161171
37 phreak 1.129
38     *hardened-sources-2.6.19-r3 (27 Dec 2006)
39    
40     27 Dec 2006; Christian Heim <phreak@gentoo.org>
41     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
42     Revision bump for bug #157186 and #158786.
43 phreak 1.128
44     *hardened-sources-2.6.18-r4 (27 Dec 2006)
45    
46     27 Dec 2006; Christian Heim <phreak@gentoo.org>
47     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
48     Revision bump for bug #157186.
49 phreak 1.127
50     *hardened-sources-2.6.19-r2 (23 Dec 2006)
51    
52     23 Dec 2006; Christian Heim <phreak@gentoo.org>
53     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
54     Revision bump to pull in genpatches-2.6.19-3 for #157186.
55 phreak 1.126
56     17 Dec 2006; Christian Heim <phreak@gentoo.org>
57     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
58     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
59     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
60     hardened-sources-2.6.19-r1.ebuild:
61     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
62     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
63 pappy 1.125
64     *hardened-sources-2.4.33.4 (17 Dec 2006)
65    
66     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
67     +hardened-sources-2.4.33.4.ebuild:
68     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
69     and quilting
70 phreak 1.124
71     *hardened-sources-2.6.19-r1 (14 Dec 2006)
72    
73     14 Dec 2006; Christian Heim <phreak@gentoo.org>
74     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
75     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
76     for reporting).
77 phreak 1.123
78     *hardened-sources-2.6.19 (13 Dec 2006)
79    
80     13 Dec 2006; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.19.ebuild:
82     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
83     Brad for providing that prompt update.
84 phreak 1.122
85     *hardened-sources-2.6.18-r3 (13 Dec 2006)
86    
87     13 Dec 2006; Christian Heim <phreak@gentoo.org>
88     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
89     +hardened-sources-2.6.18-r3.ebuild:
90     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
91     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
92 phreak 1.121
93     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
94     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
95 nixnut 1.120
96     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
97     Stable on ppc wrt bug 157356
98 opfer 1.119
99     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
100     hardened-sources-2.6.18.ebuild:
101     stable x86, bug #157356
102 phreak 1.118
103     *hardened-sources-2.6.18-r2 (06 Dec 2006)
104    
105     06 Dec 2006; Christian Heim <phreak@gentoo.org>
106     +hardened-sources-2.6.18-r2.ebuild:
107     Revision bump, including 2.6.18.5 (via genpatches) and
108     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
109     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
110     redesign.
111 phreak 1.117
112     06 Dec 2006; Christian Heim <phreak@gentoo.org>
113     hardened-sources-2.6.18.ebuild:
114     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
115     of Mike Doty).
116 phreak 1.116
117     *hardened-sources-2.6.18-r1 (23 Nov 2006)
118    
119     23 Nov 2006; Christian Heim <phreak@gentoo.org>
120     +hardened-sources-2.6.18-r1.ebuild:
121     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
122 phreak 1.115
123     *hardened-sources-2.6.18 (11 Nov 2006)
124    
125     11 Nov 2006; Christian Heim <phreak@gentoo.org>
126     +hardened-sources-2.6.18.ebuild:
127     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
128 solar 1.114
129     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
130     - mark amd64 stable also. bug #151877
131 solar 1.113
132     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
133     - mark 2.6.17-r1 stable
134 phreak 1.112
135     27 Aug 2006; Christian Heim <phreak@gentoo.org>
136     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
137     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
138 phreak 1.111
139     *hardened-sources-2.6.17-r1 (26 Aug 2006)
140    
141     26 Aug 2006; Christian Heim <phreak@gentoo.org>
142     +hardened-sources-2.6.17-r1.ebuild:
143     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
144     grsecurity patch.
145 phreak 1.110
146     *hardened-sources-2.6.17 (17 Aug 2006)
147    
148     17 Aug 2006; Christian Heim <phreak@gentoo.org>
149     +hardened-sources-2.6.17.ebuild:
150     Bumping the hardened-sources-2.6 series to 2.6.17, using
151     genpatches-2.6.17-6.base.
152 solar 1.109
153     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
154     - stable on x86 and amd64
155 solar 1.108
156     *hardened-sources-2.6.16-r11 (15 Jul 2006)
157    
158     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
159     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
160     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
161     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
162     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
163     crusty ebuilds
164 johnm 1.107
165     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
166     hardened-sources-2.6.16-r10.ebuild:
167     marking stable on x86 and amd64
168 solar 1.106
169     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
170     - 2.4.32-r6 stable on x86. RSBAC state unknown
171 kang 1.105
172     *hardened-sources-2.4.32-r7 (10 Jul 2006)
173    
174     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
175     +hardened-sources-2.4.32-r7.ebuild:
176     Bump PaX for RSBAC to test-17
177 johnm 1.104
178     *hardened-sources-2.6.16-r9 (03 Jul 2006)
179    
180     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
181     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
182     hardened-sources-2.6.16 bump to latest -base.
183 solar 1.103
184     *hardened-sources-2.4.32-r6 (30 Jun 2006)
185    
186     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
187     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
188     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
189     sysctl controlable resource logging
190 johnm 1.102
191     *hardened-sources-2.6.16-r7 (05 Jun 2006)
192    
193     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
194     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
195     push new 2.6.16 release in preparation for stable
196 solar 1.101
197     22 May 2006; <solar@gentoo.org> :
198     - redigest bug 134002
199 kang 1.100
200     *hardened-sources-2.4.32-r5 (16 May 2006)
201    
202     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
203     +hardened-sources-2.4.32-r5.ebuild:
204     Fixes rsbac common patching (new patch in new -r5 patchset)
205 solar 1.99
206     *hardened-sources-2.4.32-r4 (13 May 2006)
207    
208     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
209     +hardened-sources-2.4.32-r4.ebuild:
210     - security bumps
211 johnm 1.98
212     *hardened-sources-2.6.16-r6 (03 May 2006)
213    
214     03 May 2006; John Mylchreest <johnm@gentoo.org>
215     +hardened-sources-2.6.16-r6.ebuild:
216     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
217 johnm 1.97
218     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
219     hardened-sources-2.6.14-r8.ebuild:
220     fix x86_64 build problem, this will delay the digest issue again for a short
221     while but it will sort itself out
222 johnm 1.96
223     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
224     hardened-sources-2.6.14-r8.ebuild:
225     bump hardened patchset
226 antarus 1.94
227     27 Apr 2006; Alec Warner <antarus@gentoo.org>
228     files/digest-hardened-sources-2.4.32-r2,
229     files/digest-hardened-sources-2.4.32-r3,
230     files/digest-hardened-sources-2.6.14-r8, Manifest:
231     Fixing duff SHA256 digests: Bug # 131293
232 johnm 1.93
233 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
234    
235     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
236     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
237     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
238     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
239     cleanup of old uneccessary sources
240    
241 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
242     fix digest
243 johnm 1.92
244     *hardened-sources-2.6.14-r8 (20 Apr 2006)
245    
246     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
247     +hardened-sources-2.6.14-r8.ebuild:
248     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
249 johnm 1.91
250     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
251     Turning on gpg-signing again, and recomitting
252 johnm 1.90
253     *hardened-sources-2.6.16-r4 (20 Apr 2006)
254    
255     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
256     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
257     +hardened-sources-2.6.16-r4.ebuild:
258     Fix numerous security vulns
259 solar 1.89
260     *hardened-sources-2.4.32-r3 (16 Apr 2006)
261    
262     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
263     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
264     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
265     - security bump for bug #112791. Removed old ebuilds
266 johnm 1.88
267     *hardened-sources-2.6.16-r3 (15 Apr 2006)
268    
269     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
270     +hardened-sources-2.6.16-r3.ebuild:
271     Removing silly localversion which I missed
272 johnm 1.87
273     *hardened-sources-2.6.14-r7 (14 Apr 2006)
274    
275     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
276     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
277     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
278 johnm 1.86
279     *hardened-sources-2.6.16-r2 (13 Apr 2006)
280    
281     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
282     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
283     +hardened-sources-2.6.16-r2.ebuild:
284     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
285     labels, dropping USERGROUP define fixes, since these were merged mainstream.
286 johnm 1.85
287     *hardened-sources-2.6.16-r1 (11 Apr 2006)
288    
289     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
290     +hardened-sources-2.6.16-r1.ebuild:
291     Bumping to include ppc build fix and 2.6.16.3
292 tsunam 1.84
293     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
294     hardened-sources-2.6.14-r6.ebuild:
295     Stable on x86; bug #127718
296 johnm 1.83
297     *hardened-sources-2.6.16 (31 Mar 2006)
298    
299     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
300     +hardened-sources-2.6.16.ebuild:
301     Bumping to new version of grsec, and kernel base. New squashfs. Based on
302     2.6.16.1
303 cryos 1.82
304     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
305     hardened-sources-2.6.14-r6.ebuild:
306     Stable on amd64, bug 127718.
307 nixnut 1.81
308     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
309     Stable on ppc. Bug #127718
310 johnm 1.80
311     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
312     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
313     -hardened-sources-2.6.14-r4.ebuild:
314     Cleanup.
315 johnm 1.79
316     *hardened-sources-2.6.14-r6 (15 Mar 2006)
317    
318     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
319     +hardened-sources-2.6.14-r6.ebuild:
320     Fixes grsec policy recreation bug and adds a
321     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
322 solar 1.78
323     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
324     - stable on x86
325 hansmi 1.77
326     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
327     hardened-sources-2.6.14-r5.ebuild:
328     Stable on ppc.
329 johnm 1.76
330     *hardened-sources-2.6.14-r5 (01 Feb 2006)
331    
332     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
333     +hardened-sources-2.6.14-r5.ebuild:
334     fixing every known exploit
335 solar 1.75
336     *hardened-sources-2.4.32-r2 (26 Jan 2006)
337    
338     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
339     +hardened-sources-2.4.32-r2.ebuild:
340     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
341 solar 1.74
342     *hardened-sources-2.6.14-r4 (12 Jan 2006)
343    
344     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
345     - version bump for new genpatches which fix up a few sec holes
346 solar 1.73
347     *hardened-sources-2.4.32-r1 (05 Jan 2006)
348    
349     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
350     - revision bump to add misc vital linux kernel security patches.
351 johnm 1.72
352     *hardened-sources-2.6.14-r3 (30 Dec 2005)
353    
354     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
355     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
356     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
357 johnm 1.71
358     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
359     hardened-sources-2.6.14-r2.ebuild:
360     making x86 & amd64 stable following testing.
361 johnm 1.70
362     *hardened-sources-2.6.14-r2 (27 Dec 2005)
363    
364     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
365     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
366     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
367     network hooks.
368 johnm 1.69
369     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
370     hardened-sources-2.6.14-r1.ebuild:
371     bumping to stable early for sec fix on x86 & amd64
372 johnm 1.68
373     *hardened-sources-2.6.14-r1 (05 Dec 2005)
374    
375     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
376     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
377     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
378 solar 1.67
379     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
380     - stable on x86 security bug #114227 CAN-2005-3257
381 kang 1.66
382     *hardened-sources-2.4.32 (19 Nov 2005)
383    
384     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
385     +hardened-sources-2.4.32.ebuild:
386     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
387     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
388     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
389     rsbac >> /etc/portage/package.use)
390 johnm 1.65
391     *hardened-sources-2.6.14 (14 Nov 2005)
392    
393     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
394     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
395     Bumping 2.6 series to 2.6.14.2
396 johnm 1.64
397     *hardened-sources-2.6.13-r2 (20 Oct 2005)
398    
399     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
400     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
401     +hardened-sources-2.6.13-r2.ebuild:
402     Fixes minor build error in ppc.
403 johnm 1.63
404     *hardened-sources-2.6.13-r1 (17 Oct 2005)
405    
406     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
407     +hardened-sources-2.6.13-r1.ebuild:
408     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
409     2.6.13.4, fixes some major amd64 stability problems.
410 johnm 1.62
411     *hardened-sources-2.6.13 (16 Sep 2005)
412    
413     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
414     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
415     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
416     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
417     users should test this thoroughly.
418 solar 1.61
419     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
420     - stable on x86
421 johnm 1.60
422     *hardened-sources-2.6.11-r15 (27 Jun 2005)
423    
424     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
425     +hardened-sources-2.6.11-r15.ebuild:
426     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
427     grsec redefining curr_ip struct.
428 solar 1.59
429     *hardened-sources-2.4.31 (20 Jun 2005)
430    
431     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
432     initial import of 2.4.31 tree
433 johnm 1.58
434     *hardened-sources-2.6.11-r14 (14 Jun 2005)
435    
436     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
437     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
438     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
439     naming scheme to abide by genpatches
440 johnm 1.57
441     *hardened-sources-2.6.11-r13 (18 May 2005)
442    
443     18 May 2005; John Mylchreest <johnm@gentoo.org>
444     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
445     Managed to mangle the Makefile patch from grsec, to miss out the grsec
446     target. sorry about that. Fixes bug #93022
447 johnm 1.56
448     *hardened-sources-2.6.11-r12 (17 May 2005)
449    
450     17 May 2005; John Mylchreest <johnm@gentoo.org>
451     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
452     +hardened-sources-2.6.11-r12.ebuild:
453     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
454     merges in genpatches-base
455 johnm 1.55
456     *hardened-sources-2.6.11-r12 (17 May 2005)
457    
458     17 May 2005; John Mylchreest <johnm@gentoo.org>
459     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
460     +hardened-sources-2.6.11-r12.ebuild:
461     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
462     merges in genpatches-base
463 solar 1.54
464     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
465     -files/2.4.27-cmdline-race.patch,
466     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
467     -files/2.4.28-grsec-binfmt_a.out.patch,
468     -files/2.4.28-grsec-cmdline-race.patch,
469     -files/2.4.28-selinux-binfmt_a.out.patch,
470     -files/2.4.28-selinux-cmdline-race.patch,
471     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
472     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
473     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
474     cleanup..
475 solar 1.53
476     *hardened-sources-2.4.30-r1 (21 Apr 2005)
477    
478     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
479     - disable aout by default
480 solar 1.52
481     *hardened-sources-2.4.30 (18 Apr 2005)
482    
483     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
484     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
485     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
486     use
487 tocharian 1.50
488 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
489    
490     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
491     +hardened-sources-2.4.29.ebuild:
492     New hardened-patches-2.4-29.0 patchball.
493     Removed SELinux support, upgraded GRSecurity to 2.1.4.
494    
495     *hardened-sources-2.4.28-r5 (06 Mar 2005)
496    
497     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
498     +hardened-sources-2.4.28-r5.ebuild:
499     Added a fix for a PaX vulnerability.
500    
501     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
502 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
503     Stable on x86
504 solar 1.49
505     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
506     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
507     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
508     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
509     - fixed/added RDEPEND= in all kernel-2 ebuilds
510 tocharian 1.48
511     *hardened-sources-2.4.28-r4 (21 Jan 2005)
512    
513     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
514     +hardened-sources-2.4.28-r4.ebuild:
515     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
516     backport of neighbour hash updates.
517 tocharian 1.47
518     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
519     hardened-sources-2.4.28-r3.ebuild:
520     Stable on x86
521 tseng 1.46
522     *hardened-sources-2.6.10-r3 (20 Jan 2005)
523    
524     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
525     +hardened-sources-2.6.10-r3.ebuild:
526     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
527     in 2005.0
528 tocharian 1.45
529     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
530     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
531     hardened-sources-2.4.28-r2.ebuild:
532     Mark stable on x86
533 tocharian 1.44
534     *hardened-sources-2.4.28-r3 (17 Jan 2005)
535    
536     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
537     +hardened-sources-2.4.28-r3.ebuild:
538     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
539 tocharian 1.43
540     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
541     hardened-sources-2.4.28.ebuild:
542     Mark stable on x86.
543 tocharian 1.42
544     *hardened-sources-2.4.28-r2 (13 Jan 2005)
545    
546     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547     +hardened-sources-2.4.28-r2.ebuild:
548     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
549     Mazinger for grsecurity patches as well.
550 plasmaroo 1.41
551     *hardened-sources-2.4.28-r1 (23 Dec 2004)
552    
553     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
554     Security bump. Thank tocharian for rolling a new patchset...
555 solar 1.40
556     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
557     +files/2.4.28-grsec-cmdline-race.patch,
558     +files/2.4.28-selinux-binfmt_a.out.patch,
559     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
560     - Round up remaining security patches that appear to be missing in 2.4.28. -
561     PaX standalone updated to current. hgpv=28.1
562 solar 1.39
563     *hardened-sources-2.4.28 (28 Nov 2004)
564    
565     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
566     security bump. Thank tocharian for rolling a new patchset
567 scox 1.31
568 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
569    
570     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
571     +hardened-sources-2.4.27-r3.ebuild:
572     Applies the new 2.4-27.2 patchball which updates
573     GRSecurity to the 2.0.1 version.
574    
575 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
576    
577     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
578     +hardened-sources-2.4.27-r2.ebuild:
579     Version bump.
580     This version uses the new 2.4-27.1 patchball which updates
581     both the SELinux PaX hooks patch and the SELinux headers.
582    
583 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
584    
585     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
586     +hardened-sources-2.4.27-r1.ebuild,
587     -hardened-sources-2.4.27.ebuild,
588     +files/2.4.27-cmdline-race.patch:
589     Version bump, fix for cmdline race. See bug #59905.
590    
591     *hardened-sources-2.4.26-r6 (09 Aug 2004)
592    
593     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
594     +hardened-sources-2.4.26-r6.ebuild,
595     -hardened-sources-2.4.26-r5.ebuild,
596     -hardened-sources-2.4.26-r4.ebuild,
597     +files/2.4.26-cmdline-race.patch:
598     Version bump, fix for cmdline race. See bug #59905.
599    
600 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
601    
602     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
603     +hardened-sources-2.4.27.ebuild,
604     +files/2.4.27-CAN-2004-0394.patch:
605     Ported the patchball to the 2.4.27 kernel version.
606    
607 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
608    
609     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
610     +hardened-sources-2.4.26-r5.ebuild:
611 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
612 scox 1.34 It adds the following features:
613     - Squashfs
614     - Ebtables
615     - Netdev random (core+drivers)
616     - Watchdog Timer (WDT) fix.
617    
618 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
619    
620     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
621     +hardened-sources-2.4.26-r4.ebuild,
622     +files/2.4.26-CAN-2004-0415.patch,
623     -hardened-sources-2.4.26-3:
624     Version bump, fix for CAN 0415, see bug #59378.
625    
626 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
627    
628     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
629     +hardened-sources-2.4.26-r3.ebuild,
630     +files/2.4.26-CAN-2004-0497.patch,
631     -hardened-sources-2.4.26-r2.ebuild:
632     Version bump, fixed CAN 0497, see bug #56171.
633    
634 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
635    
636     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
637 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
638 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
639     +files/2.4.26-CAN-2004-0535.patch,
640     -hardened-sources-2.4.26-r1.ebuild:
641     Fixes for both CAN 0495 and 0535, see bug #54976
642 pvdabeel 1.27
643 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
644     hardened-sources-2.4.26-r1.ebuild:
645     QA - fix use invocation
646 scox 1.28
647     *hardened-sources-2.4.26-r1 (22 June 2004)
648    
649     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
650     +hardened-sources-2.4.26-r1.ebuild,
651     +files/2.4.26-CAN-2004-0394.patch,
652     +files/2.4.26-signal-race.patch,
653     -hardened-sources-2.4.26.ebuild,
654     -hardened-sources-2.4.24-r3.ebuild:
655     Version bump for the CAN-2004-0394 issue and bug #53804
656     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
657    
658    
659 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
660     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
661     Masked hardened-sources-2.4.26.ebuild broken for ppc
662    
663     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
664     hardened-sources-2.4.24-r3.ebuild:
665     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
666 plasmaroo 1.25
667 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
668    
669     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
670     +hardened-sources-2.4.26.ebuild:
671     Updated hardened-sources for the 2.4.26 kernel
672     Removed broken components, updated almost everything.
673    
674 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
675    
676     17 Apr 2004; <plasmaroo@gentoo.org>
677     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
678     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
679     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
680     +hardened-sources-2.4.24-r3.ebuild:
681     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
682     vulnerabilities. Old revisions removed.
683 plasmaroo 1.24
684     *hardened-sources-2.4.24-r2 (15 Apr 2004)
685    
686     15 Apr 2004; <plasmaroo@gentoo.org>
687     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
688     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
689     Version bump for the CAN-2004-0109 issue; bug #47881.
690 aliz 1.23
691     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
692     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
693     Add eutils to inherit.
694 plasmaroo 1.22
695     *hardened-sources-2.4.24-r1 (19 Feb 2004)
696    
697     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
698     files/hardened-sources-2.4.24.munmap.patch:
699     Added the patch for the mremap/munmap vulnerability. Bug #42024.
700 scox 1.19
701 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
702 scox 1.26
703 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
704     hardened-sources-2.4.24.ebuild:
705     Version bump, updated most of the components.
706     This release includes the following:
707    
708     - Hardened security
709     - Netfilter patch-o-matic 20031219
710     - FreeSWAN 2.04 & x509 1.4.8
711     - EVMS 2.2.2
712     - XFS 1.3.1
713     - cryptoloop jari
714     - grsecurity 2.0-rc4
715     - SELinux
716     - PaX 200402060000
717     - PaX Obscurity 200308302223
718     - Others...
719    
720     Neither -ck nor systrace are included anymore.
721    
722 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
723    
724     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
725     hardened-sources-2.4.22-r2.ebuild:
726 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
727 scox 1.19
728     *hardened-sources-2.4.22-r1 (02 Dec 2003)
729 iggy 1.17
730     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
731 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
732 iggy 1.16
733     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
734 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
735     Version bump for the 'do_brk' vulnerability.
736 iggy 1.15
737     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
738     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
739     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
740     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
741 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
742 frogger 1.14
743     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
744     hardened-sources-2.4.22.ebuild:
745 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
746     components. These are no longer handled in the kernel
747     so this code was not necessary.
748 frogger 1.13
749     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
750     New 2.4.22 based hardened-sources thanks to
751     Phil West <p.west@computer.org>.
752    
753     These sources include:
754 plasmaroo 1.18 - New SELinux API
755     - Updated CK-base
756     - Updated GRSec
757     - Systrace
758     - SuperFreeS/WAN 1.99.8
759     - Propolice kernel build support
760     - EVMS
761     - Other various security related patches
762 frogger 1.11
763 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
764    
765     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
766     Updated hardened-sources based on the 2.4.21 Linux kernel.
767     This includes updates to most major components such as:
768 plasmaroo 1.18 - ck-base-0306300059
769     - selinux-2.4-2003071106
770     - grsecurity-2.0-rc1
771     - Updated IPTables patch-o-matic
772     - Updated SuperFreeS/WAN
773    
774 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
775     updated patch set ready for the 2.4.21 based kernel.
776    
777 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
778     Initial import of hardened-sources-2.4.20-r4. This revision
779     includes only a few changes, but one of these is an important
780     security fix. It is recommended all users of hardened-sources
781     upgrade to this release.
782 plasmaroo 1.18
783 frogger 1.11 - ioperm bug fix
784     - fixed compilation failure when building without GRSec
785 plasmaroo 1.18
786 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
787     due to time constraints, but is planned for inclusion in the near
788     future.
789 msterret 1.10
790     *hardened-sources-2.4.20-r2 (12 Jun 2003)
791    
792     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
793     hardened-sources-2.4.20-r3.ebuild:
794 plasmaroo 1.18 Add Header...
795 frogger 1.9
796     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
797     hardened-sources-2.4.20-r3.ebuild:
798     Removed warnings from ebuild. This kernel should be safe to
799     use at this point.
800 frogger 1.8
801     *hardened-sources-2.4.20-r3 (08 Jun 2003)
802    
803     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
804     hardened-sources-2.4.20-r3.ebuild:
805     New revision. Includes the following changes over -r2:
806 plasmaroo 1.18
807 frogger 1.8 - ck7-base (O(1), preempt, low latency)
808     - Super FreeS/WAN 1.99.7rc2
809     - PaX for the LSM/SELinux branch
810     - GRSecurity 2.0-pre4 (role based access control)
811     - Systrace 1.3
812     - EXT3 fixes
813     - EVMS 2.0.1
814     - GCC 3.1+ compile optimizations
815     - ProPolice kernel build support
816     - Hashing table security fixes
817 frogger 1.3
818     *hardened-sources-2.4.20-r1 (09 Apr 2003)
819 frogger 1.7
820     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
821     Initial import of hardened-sources-r2. This new
822     ebuild includes many new performance and security
823     related patches. As in -r1, it will patch in
824     LSM/SELinux if "selinux" is in USE, otherwise it
825     will patch in GRSecurity. The following patches
826     are included in this revision:
827 plasmaroo 1.18
828 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
829     (pulled from the base CK patch)
830     - ptrace exploit patch for the LSM kernel
831     (the GRSec patch already fixes this)
832     - LSM 2.4-2003040709
833     - SELinux 2.4-2003040709
834     - Systrace v1.2
835     - IPTables patch-o-matic base patches - 20030107
836     - CryptoAPI 2.4.20.1 w/ loop-jari patch
837     - Super FreeS/WAN 1.99.6.1
838     - GRSecurity 1.9.9g
839     - MPPE
840     - EXT3 data journal fix
841     - CIPE 1.5.4
842 frogger 1.6
843     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
844     hardened-sources-2.4.20-r1.ebuild, manifest:
845 plasmaroo 1.18 Updated to install flask components correctly for selinux.
846 frogger 1.5
847     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
848     hardened-sources-2.4.20-r1.ebuild:
849     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
850     is patched in instead. Ptrace patches for selinux have also been added. In
851     either case, systrace support will be patched in as well.
852 frogger 1.3
853     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
854     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
855 plasmaroo 1.18 Revision bump for new sources.
856 frogger 1.4
857 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
859 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
860 method 1.1
861 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
862    
863 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
864     hardened-sources-2.4.20.ebuild:
865 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20