/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.135 - (hide annotations) (download)
Wed Jan 24 06:39:27 2007 UTC (7 years, 5 months ago) by pappy
Branch: MAIN
Changes since 1.134: +5 -1 lines
updating changelog to propagate Manifest change
(Portage version: 2.1.1-r2)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 pappy 1.135 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.134 2007/01/24 05:46:13 pappy Exp $
4 pappy 1.134
5     *hardened-sources-2.4.34 (24 Jan 2007)
6    
7     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
8 pappy 1.135 Manifest:
9     updating Manifest with checksums of new tarball and ebuild
10    
11     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
12 pappy 1.134 +hardened-sources-2.4.34.ebuild:
13     I added new hardened sources 2.4 update, this is a critical path
14     security bugfix - all users of h-s are strongly advised
15     to update their existing hardened sources to this version.
16     It contains a fix for a kernel vulnerability that is pertaining
17     to the PaX changes to virtual memory management, possibly leading
18     to a local kernel exploit ... see grsecurity.net forums and homepage
19 phreak 1.133
20     23 Jan 2007; Christian Heim <phreak@gentoo.org>
21     files/digest-hardened-sources-2.6.19-r5, Manifest:
22     Fixing the patch-tarball digest.
23 phreak 1.132
24     *hardened-sources-2.6.19-r5 (23 Jan 2007)
25    
26     23 Jan 2007; Christian Heim <phreak@gentoo.org>
27     +hardened-sources-2.6.19-r5.ebuild:
28     Revision bump, closing the recently discovered PaX expand_stack()
29     vulnerability.
30 phreak 1.131
31     *hardened-sources-2.6.19-r4 (14 Jan 2007)
32    
33     14 Jan 2007; Christian Heim <phreak@gentoo.org>
34     +hardened-sources-2.6.19-r4.ebuild:
35     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
36     dropping the randomized PID feature.
37 opfer 1.130
38     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
39     hardened-sources-2.4.33.4.ebuild:
40     stable x86, bug #161171
41 phreak 1.129
42     *hardened-sources-2.6.19-r3 (27 Dec 2006)
43    
44     27 Dec 2006; Christian Heim <phreak@gentoo.org>
45     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
46     Revision bump for bug #157186 and #158786.
47 phreak 1.128
48     *hardened-sources-2.6.18-r4 (27 Dec 2006)
49    
50     27 Dec 2006; Christian Heim <phreak@gentoo.org>
51     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
52     Revision bump for bug #157186.
53 phreak 1.127
54     *hardened-sources-2.6.19-r2 (23 Dec 2006)
55    
56     23 Dec 2006; Christian Heim <phreak@gentoo.org>
57     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
58     Revision bump to pull in genpatches-2.6.19-3 for #157186.
59 phreak 1.126
60     17 Dec 2006; Christian Heim <phreak@gentoo.org>
61     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
62     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
63     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
64     hardened-sources-2.6.19-r1.ebuild:
65     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
66     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
67 pappy 1.125
68     *hardened-sources-2.4.33.4 (17 Dec 2006)
69    
70     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
71     +hardened-sources-2.4.33.4.ebuild:
72     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
73     and quilting
74 phreak 1.124
75     *hardened-sources-2.6.19-r1 (14 Dec 2006)
76    
77     14 Dec 2006; Christian Heim <phreak@gentoo.org>
78     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
79     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
80     for reporting).
81 phreak 1.123
82     *hardened-sources-2.6.19 (13 Dec 2006)
83    
84     13 Dec 2006; Christian Heim <phreak@gentoo.org>
85     +hardened-sources-2.6.19.ebuild:
86     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
87     Brad for providing that prompt update.
88 phreak 1.122
89     *hardened-sources-2.6.18-r3 (13 Dec 2006)
90    
91     13 Dec 2006; Christian Heim <phreak@gentoo.org>
92     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
93     +hardened-sources-2.6.18-r3.ebuild:
94     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
95     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
96 phreak 1.121
97     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
98     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
99 nixnut 1.120
100     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
101     Stable on ppc wrt bug 157356
102 opfer 1.119
103     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
104     hardened-sources-2.6.18.ebuild:
105     stable x86, bug #157356
106 phreak 1.118
107     *hardened-sources-2.6.18-r2 (06 Dec 2006)
108    
109     06 Dec 2006; Christian Heim <phreak@gentoo.org>
110     +hardened-sources-2.6.18-r2.ebuild:
111     Revision bump, including 2.6.18.5 (via genpatches) and
112     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
113     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
114     redesign.
115 phreak 1.117
116     06 Dec 2006; Christian Heim <phreak@gentoo.org>
117     hardened-sources-2.6.18.ebuild:
118     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
119     of Mike Doty).
120 phreak 1.116
121     *hardened-sources-2.6.18-r1 (23 Nov 2006)
122    
123     23 Nov 2006; Christian Heim <phreak@gentoo.org>
124     +hardened-sources-2.6.18-r1.ebuild:
125     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
126 phreak 1.115
127     *hardened-sources-2.6.18 (11 Nov 2006)
128    
129     11 Nov 2006; Christian Heim <phreak@gentoo.org>
130     +hardened-sources-2.6.18.ebuild:
131     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
132 solar 1.114
133     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
134     - mark amd64 stable also. bug #151877
135 solar 1.113
136     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
137     - mark 2.6.17-r1 stable
138 phreak 1.112
139     27 Aug 2006; Christian Heim <phreak@gentoo.org>
140     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
141     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
142 phreak 1.111
143     *hardened-sources-2.6.17-r1 (26 Aug 2006)
144    
145     26 Aug 2006; Christian Heim <phreak@gentoo.org>
146     +hardened-sources-2.6.17-r1.ebuild:
147     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
148     grsecurity patch.
149 phreak 1.110
150     *hardened-sources-2.6.17 (17 Aug 2006)
151    
152     17 Aug 2006; Christian Heim <phreak@gentoo.org>
153     +hardened-sources-2.6.17.ebuild:
154     Bumping the hardened-sources-2.6 series to 2.6.17, using
155     genpatches-2.6.17-6.base.
156 solar 1.109
157     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
158     - stable on x86 and amd64
159 solar 1.108
160     *hardened-sources-2.6.16-r11 (15 Jul 2006)
161    
162     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
163     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
164     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
165     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
166     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
167     crusty ebuilds
168 johnm 1.107
169     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
170     hardened-sources-2.6.16-r10.ebuild:
171     marking stable on x86 and amd64
172 solar 1.106
173     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
174     - 2.4.32-r6 stable on x86. RSBAC state unknown
175 kang 1.105
176     *hardened-sources-2.4.32-r7 (10 Jul 2006)
177    
178     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
179     +hardened-sources-2.4.32-r7.ebuild:
180     Bump PaX for RSBAC to test-17
181 johnm 1.104
182     *hardened-sources-2.6.16-r9 (03 Jul 2006)
183    
184     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
185     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
186     hardened-sources-2.6.16 bump to latest -base.
187 solar 1.103
188     *hardened-sources-2.4.32-r6 (30 Jun 2006)
189    
190     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
191     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
192     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
193     sysctl controlable resource logging
194 johnm 1.102
195     *hardened-sources-2.6.16-r7 (05 Jun 2006)
196    
197     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
198     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
199     push new 2.6.16 release in preparation for stable
200 solar 1.101
201     22 May 2006; <solar@gentoo.org> :
202     - redigest bug 134002
203 kang 1.100
204     *hardened-sources-2.4.32-r5 (16 May 2006)
205    
206     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
207     +hardened-sources-2.4.32-r5.ebuild:
208     Fixes rsbac common patching (new patch in new -r5 patchset)
209 solar 1.99
210     *hardened-sources-2.4.32-r4 (13 May 2006)
211    
212     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
213     +hardened-sources-2.4.32-r4.ebuild:
214     - security bumps
215 johnm 1.98
216     *hardened-sources-2.6.16-r6 (03 May 2006)
217    
218     03 May 2006; John Mylchreest <johnm@gentoo.org>
219     +hardened-sources-2.6.16-r6.ebuild:
220     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
221 johnm 1.97
222     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
223     hardened-sources-2.6.14-r8.ebuild:
224     fix x86_64 build problem, this will delay the digest issue again for a short
225     while but it will sort itself out
226 johnm 1.96
227     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
228     hardened-sources-2.6.14-r8.ebuild:
229     bump hardened patchset
230 antarus 1.94
231     27 Apr 2006; Alec Warner <antarus@gentoo.org>
232     files/digest-hardened-sources-2.4.32-r2,
233     files/digest-hardened-sources-2.4.32-r3,
234     files/digest-hardened-sources-2.6.14-r8, Manifest:
235     Fixing duff SHA256 digests: Bug # 131293
236 johnm 1.93
237 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
238    
239     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
240     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
241     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
242     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
243     cleanup of old uneccessary sources
244    
245 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
246     fix digest
247 johnm 1.92
248     *hardened-sources-2.6.14-r8 (20 Apr 2006)
249    
250     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
251     +hardened-sources-2.6.14-r8.ebuild:
252     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
253 johnm 1.91
254     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
255     Turning on gpg-signing again, and recomitting
256 johnm 1.90
257     *hardened-sources-2.6.16-r4 (20 Apr 2006)
258    
259     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
260     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
261     +hardened-sources-2.6.16-r4.ebuild:
262     Fix numerous security vulns
263 solar 1.89
264     *hardened-sources-2.4.32-r3 (16 Apr 2006)
265    
266     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
267     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
268     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
269     - security bump for bug #112791. Removed old ebuilds
270 johnm 1.88
271     *hardened-sources-2.6.16-r3 (15 Apr 2006)
272    
273     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
274     +hardened-sources-2.6.16-r3.ebuild:
275     Removing silly localversion which I missed
276 johnm 1.87
277     *hardened-sources-2.6.14-r7 (14 Apr 2006)
278    
279     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
280     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
281     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
282 johnm 1.86
283     *hardened-sources-2.6.16-r2 (13 Apr 2006)
284    
285     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
286     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
287     +hardened-sources-2.6.16-r2.ebuild:
288     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
289     labels, dropping USERGROUP define fixes, since these were merged mainstream.
290 johnm 1.85
291     *hardened-sources-2.6.16-r1 (11 Apr 2006)
292    
293     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
294     +hardened-sources-2.6.16-r1.ebuild:
295     Bumping to include ppc build fix and 2.6.16.3
296 tsunam 1.84
297     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
298     hardened-sources-2.6.14-r6.ebuild:
299     Stable on x86; bug #127718
300 johnm 1.83
301     *hardened-sources-2.6.16 (31 Mar 2006)
302    
303     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
304     +hardened-sources-2.6.16.ebuild:
305     Bumping to new version of grsec, and kernel base. New squashfs. Based on
306     2.6.16.1
307 cryos 1.82
308     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
309     hardened-sources-2.6.14-r6.ebuild:
310     Stable on amd64, bug 127718.
311 nixnut 1.81
312     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
313     Stable on ppc. Bug #127718
314 johnm 1.80
315     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
316     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
317     -hardened-sources-2.6.14-r4.ebuild:
318     Cleanup.
319 johnm 1.79
320     *hardened-sources-2.6.14-r6 (15 Mar 2006)
321    
322     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
323     +hardened-sources-2.6.14-r6.ebuild:
324     Fixes grsec policy recreation bug and adds a
325     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
326 solar 1.78
327     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
328     - stable on x86
329 hansmi 1.77
330     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
331     hardened-sources-2.6.14-r5.ebuild:
332     Stable on ppc.
333 johnm 1.76
334     *hardened-sources-2.6.14-r5 (01 Feb 2006)
335    
336     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
337     +hardened-sources-2.6.14-r5.ebuild:
338     fixing every known exploit
339 solar 1.75
340     *hardened-sources-2.4.32-r2 (26 Jan 2006)
341    
342     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
343     +hardened-sources-2.4.32-r2.ebuild:
344     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
345 solar 1.74
346     *hardened-sources-2.6.14-r4 (12 Jan 2006)
347    
348     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
349     - version bump for new genpatches which fix up a few sec holes
350 solar 1.73
351     *hardened-sources-2.4.32-r1 (05 Jan 2006)
352    
353     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
354     - revision bump to add misc vital linux kernel security patches.
355 johnm 1.72
356     *hardened-sources-2.6.14-r3 (30 Dec 2005)
357    
358     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
359     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
360     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
361 johnm 1.71
362     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
363     hardened-sources-2.6.14-r2.ebuild:
364     making x86 & amd64 stable following testing.
365 johnm 1.70
366     *hardened-sources-2.6.14-r2 (27 Dec 2005)
367    
368     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
369     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
370     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
371     network hooks.
372 johnm 1.69
373     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
374     hardened-sources-2.6.14-r1.ebuild:
375     bumping to stable early for sec fix on x86 & amd64
376 johnm 1.68
377     *hardened-sources-2.6.14-r1 (05 Dec 2005)
378    
379     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
380     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
381     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
382 solar 1.67
383     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
384     - stable on x86 security bug #114227 CAN-2005-3257
385 kang 1.66
386     *hardened-sources-2.4.32 (19 Nov 2005)
387    
388     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
389     +hardened-sources-2.4.32.ebuild:
390     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
391     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
392     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
393     rsbac >> /etc/portage/package.use)
394 johnm 1.65
395     *hardened-sources-2.6.14 (14 Nov 2005)
396    
397     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
398     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
399     Bumping 2.6 series to 2.6.14.2
400 johnm 1.64
401     *hardened-sources-2.6.13-r2 (20 Oct 2005)
402    
403     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
404     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
405     +hardened-sources-2.6.13-r2.ebuild:
406     Fixes minor build error in ppc.
407 johnm 1.63
408     *hardened-sources-2.6.13-r1 (17 Oct 2005)
409    
410     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
411     +hardened-sources-2.6.13-r1.ebuild:
412     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
413     2.6.13.4, fixes some major amd64 stability problems.
414 johnm 1.62
415     *hardened-sources-2.6.13 (16 Sep 2005)
416    
417     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
418     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
419     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
420     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
421     users should test this thoroughly.
422 solar 1.61
423     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
424     - stable on x86
425 johnm 1.60
426     *hardened-sources-2.6.11-r15 (27 Jun 2005)
427    
428     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
429     +hardened-sources-2.6.11-r15.ebuild:
430     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
431     grsec redefining curr_ip struct.
432 solar 1.59
433     *hardened-sources-2.4.31 (20 Jun 2005)
434    
435     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
436     initial import of 2.4.31 tree
437 johnm 1.58
438     *hardened-sources-2.6.11-r14 (14 Jun 2005)
439    
440     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
441     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
442     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
443     naming scheme to abide by genpatches
444 johnm 1.57
445     *hardened-sources-2.6.11-r13 (18 May 2005)
446    
447     18 May 2005; John Mylchreest <johnm@gentoo.org>
448     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
449     Managed to mangle the Makefile patch from grsec, to miss out the grsec
450     target. sorry about that. Fixes bug #93022
451 johnm 1.56
452     *hardened-sources-2.6.11-r12 (17 May 2005)
453    
454     17 May 2005; John Mylchreest <johnm@gentoo.org>
455     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
456     +hardened-sources-2.6.11-r12.ebuild:
457     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
458     merges in genpatches-base
459 johnm 1.55
460     *hardened-sources-2.6.11-r12 (17 May 2005)
461    
462     17 May 2005; John Mylchreest <johnm@gentoo.org>
463     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
464     +hardened-sources-2.6.11-r12.ebuild:
465     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
466     merges in genpatches-base
467 solar 1.54
468     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
469     -files/2.4.27-cmdline-race.patch,
470     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
471     -files/2.4.28-grsec-binfmt_a.out.patch,
472     -files/2.4.28-grsec-cmdline-race.patch,
473     -files/2.4.28-selinux-binfmt_a.out.patch,
474     -files/2.4.28-selinux-cmdline-race.patch,
475     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
476     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
477     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
478     cleanup..
479 solar 1.53
480     *hardened-sources-2.4.30-r1 (21 Apr 2005)
481    
482     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
483     - disable aout by default
484 solar 1.52
485     *hardened-sources-2.4.30 (18 Apr 2005)
486    
487     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
488     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
489     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
490     use
491 tocharian 1.50
492 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
493    
494     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
495     +hardened-sources-2.4.29.ebuild:
496     New hardened-patches-2.4-29.0 patchball.
497     Removed SELinux support, upgraded GRSecurity to 2.1.4.
498    
499     *hardened-sources-2.4.28-r5 (06 Mar 2005)
500    
501     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
502     +hardened-sources-2.4.28-r5.ebuild:
503     Added a fix for a PaX vulnerability.
504    
505     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
506 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
507     Stable on x86
508 solar 1.49
509     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
510     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
511     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
512     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
513     - fixed/added RDEPEND= in all kernel-2 ebuilds
514 tocharian 1.48
515     *hardened-sources-2.4.28-r4 (21 Jan 2005)
516    
517     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
518     +hardened-sources-2.4.28-r4.ebuild:
519     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
520     backport of neighbour hash updates.
521 tocharian 1.47
522     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
523     hardened-sources-2.4.28-r3.ebuild:
524     Stable on x86
525 tseng 1.46
526     *hardened-sources-2.6.10-r3 (20 Jan 2005)
527    
528     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
529     +hardened-sources-2.6.10-r3.ebuild:
530     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
531     in 2005.0
532 tocharian 1.45
533     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
534     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
535     hardened-sources-2.4.28-r2.ebuild:
536     Mark stable on x86
537 tocharian 1.44
538     *hardened-sources-2.4.28-r3 (17 Jan 2005)
539    
540     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
541     +hardened-sources-2.4.28-r3.ebuild:
542     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
543 tocharian 1.43
544     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
545     hardened-sources-2.4.28.ebuild:
546     Mark stable on x86.
547 tocharian 1.42
548     *hardened-sources-2.4.28-r2 (13 Jan 2005)
549    
550     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
551     +hardened-sources-2.4.28-r2.ebuild:
552     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
553     Mazinger for grsecurity patches as well.
554 plasmaroo 1.41
555     *hardened-sources-2.4.28-r1 (23 Dec 2004)
556    
557     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
558     Security bump. Thank tocharian for rolling a new patchset...
559 solar 1.40
560     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
561     +files/2.4.28-grsec-cmdline-race.patch,
562     +files/2.4.28-selinux-binfmt_a.out.patch,
563     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
564     - Round up remaining security patches that appear to be missing in 2.4.28. -
565     PaX standalone updated to current. hgpv=28.1
566 solar 1.39
567     *hardened-sources-2.4.28 (28 Nov 2004)
568    
569     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
570     security bump. Thank tocharian for rolling a new patchset
571 scox 1.31
572 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
573    
574     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
575     +hardened-sources-2.4.27-r3.ebuild:
576     Applies the new 2.4-27.2 patchball which updates
577     GRSecurity to the 2.0.1 version.
578    
579 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
580    
581     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
582     +hardened-sources-2.4.27-r2.ebuild:
583     Version bump.
584     This version uses the new 2.4-27.1 patchball which updates
585     both the SELinux PaX hooks patch and the SELinux headers.
586    
587 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
588    
589     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
590     +hardened-sources-2.4.27-r1.ebuild,
591     -hardened-sources-2.4.27.ebuild,
592     +files/2.4.27-cmdline-race.patch:
593     Version bump, fix for cmdline race. See bug #59905.
594    
595     *hardened-sources-2.4.26-r6 (09 Aug 2004)
596    
597     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
598     +hardened-sources-2.4.26-r6.ebuild,
599     -hardened-sources-2.4.26-r5.ebuild,
600     -hardened-sources-2.4.26-r4.ebuild,
601     +files/2.4.26-cmdline-race.patch:
602     Version bump, fix for cmdline race. See bug #59905.
603    
604 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
605    
606     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
607     +hardened-sources-2.4.27.ebuild,
608     +files/2.4.27-CAN-2004-0394.patch:
609     Ported the patchball to the 2.4.27 kernel version.
610    
611 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
612    
613     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
614     +hardened-sources-2.4.26-r5.ebuild:
615 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
616 scox 1.34 It adds the following features:
617     - Squashfs
618     - Ebtables
619     - Netdev random (core+drivers)
620     - Watchdog Timer (WDT) fix.
621    
622 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
623    
624     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
625     +hardened-sources-2.4.26-r4.ebuild,
626     +files/2.4.26-CAN-2004-0415.patch,
627     -hardened-sources-2.4.26-3:
628     Version bump, fix for CAN 0415, see bug #59378.
629    
630 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
631    
632     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
633     +hardened-sources-2.4.26-r3.ebuild,
634     +files/2.4.26-CAN-2004-0497.patch,
635     -hardened-sources-2.4.26-r2.ebuild:
636     Version bump, fixed CAN 0497, see bug #56171.
637    
638 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
639    
640     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
641 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
642 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
643     +files/2.4.26-CAN-2004-0535.patch,
644     -hardened-sources-2.4.26-r1.ebuild:
645     Fixes for both CAN 0495 and 0535, see bug #54976
646 pvdabeel 1.27
647 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
648     hardened-sources-2.4.26-r1.ebuild:
649     QA - fix use invocation
650 scox 1.28
651     *hardened-sources-2.4.26-r1 (22 June 2004)
652    
653     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
654     +hardened-sources-2.4.26-r1.ebuild,
655     +files/2.4.26-CAN-2004-0394.patch,
656     +files/2.4.26-signal-race.patch,
657     -hardened-sources-2.4.26.ebuild,
658     -hardened-sources-2.4.24-r3.ebuild:
659     Version bump for the CAN-2004-0394 issue and bug #53804
660     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
661    
662    
663 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
664     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
665     Masked hardened-sources-2.4.26.ebuild broken for ppc
666    
667     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
668     hardened-sources-2.4.24-r3.ebuild:
669     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
670 plasmaroo 1.25
671 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
672    
673     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
674     +hardened-sources-2.4.26.ebuild:
675     Updated hardened-sources for the 2.4.26 kernel
676     Removed broken components, updated almost everything.
677    
678 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
679    
680     17 Apr 2004; <plasmaroo@gentoo.org>
681     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
682     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
683     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
684     +hardened-sources-2.4.24-r3.ebuild:
685     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
686     vulnerabilities. Old revisions removed.
687 plasmaroo 1.24
688     *hardened-sources-2.4.24-r2 (15 Apr 2004)
689    
690     15 Apr 2004; <plasmaroo@gentoo.org>
691     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
692     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
693     Version bump for the CAN-2004-0109 issue; bug #47881.
694 aliz 1.23
695     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
696     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
697     Add eutils to inherit.
698 plasmaroo 1.22
699     *hardened-sources-2.4.24-r1 (19 Feb 2004)
700    
701     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
702     files/hardened-sources-2.4.24.munmap.patch:
703     Added the patch for the mremap/munmap vulnerability. Bug #42024.
704 scox 1.19
705 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
706 scox 1.26
707 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
708     hardened-sources-2.4.24.ebuild:
709     Version bump, updated most of the components.
710     This release includes the following:
711    
712     - Hardened security
713     - Netfilter patch-o-matic 20031219
714     - FreeSWAN 2.04 & x509 1.4.8
715     - EVMS 2.2.2
716     - XFS 1.3.1
717     - cryptoloop jari
718     - grsecurity 2.0-rc4
719     - SELinux
720     - PaX 200402060000
721     - PaX Obscurity 200308302223
722     - Others...
723    
724     Neither -ck nor systrace are included anymore.
725    
726 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
727    
728     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
729     hardened-sources-2.4.22-r2.ebuild:
730 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
731 scox 1.19
732     *hardened-sources-2.4.22-r1 (02 Dec 2003)
733 iggy 1.17
734     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
735 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
736 iggy 1.16
737     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
738 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
739     Version bump for the 'do_brk' vulnerability.
740 iggy 1.15
741     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
742     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
743     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
744     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
745 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
746 frogger 1.14
747     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
748     hardened-sources-2.4.22.ebuild:
749 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
750     components. These are no longer handled in the kernel
751     so this code was not necessary.
752 frogger 1.13
753     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
754     New 2.4.22 based hardened-sources thanks to
755     Phil West <p.west@computer.org>.
756    
757     These sources include:
758 plasmaroo 1.18 - New SELinux API
759     - Updated CK-base
760     - Updated GRSec
761     - Systrace
762     - SuperFreeS/WAN 1.99.8
763     - Propolice kernel build support
764     - EVMS
765     - Other various security related patches
766 frogger 1.11
767 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
768    
769     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
770     Updated hardened-sources based on the 2.4.21 Linux kernel.
771     This includes updates to most major components such as:
772 plasmaroo 1.18 - ck-base-0306300059
773     - selinux-2.4-2003071106
774     - grsecurity-2.0-rc1
775     - Updated IPTables patch-o-matic
776     - Updated SuperFreeS/WAN
777    
778 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
779     updated patch set ready for the 2.4.21 based kernel.
780    
781 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
782     Initial import of hardened-sources-2.4.20-r4. This revision
783     includes only a few changes, but one of these is an important
784     security fix. It is recommended all users of hardened-sources
785     upgrade to this release.
786 plasmaroo 1.18
787 frogger 1.11 - ioperm bug fix
788     - fixed compilation failure when building without GRSec
789 plasmaroo 1.18
790 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
791     due to time constraints, but is planned for inclusion in the near
792     future.
793 msterret 1.10
794     *hardened-sources-2.4.20-r2 (12 Jun 2003)
795    
796     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
797     hardened-sources-2.4.20-r3.ebuild:
798 plasmaroo 1.18 Add Header...
799 frogger 1.9
800     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
801     hardened-sources-2.4.20-r3.ebuild:
802     Removed warnings from ebuild. This kernel should be safe to
803     use at this point.
804 frogger 1.8
805     *hardened-sources-2.4.20-r3 (08 Jun 2003)
806    
807     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
808     hardened-sources-2.4.20-r3.ebuild:
809     New revision. Includes the following changes over -r2:
810 plasmaroo 1.18
811 frogger 1.8 - ck7-base (O(1), preempt, low latency)
812     - Super FreeS/WAN 1.99.7rc2
813     - PaX for the LSM/SELinux branch
814     - GRSecurity 2.0-pre4 (role based access control)
815     - Systrace 1.3
816     - EXT3 fixes
817     - EVMS 2.0.1
818     - GCC 3.1+ compile optimizations
819     - ProPolice kernel build support
820     - Hashing table security fixes
821 frogger 1.3
822     *hardened-sources-2.4.20-r1 (09 Apr 2003)
823 frogger 1.7
824     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
825     Initial import of hardened-sources-r2. This new
826     ebuild includes many new performance and security
827     related patches. As in -r1, it will patch in
828     LSM/SELinux if "selinux" is in USE, otherwise it
829     will patch in GRSecurity. The following patches
830     are included in this revision:
831 plasmaroo 1.18
832 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
833     (pulled from the base CK patch)
834     - ptrace exploit patch for the LSM kernel
835     (the GRSec patch already fixes this)
836     - LSM 2.4-2003040709
837     - SELinux 2.4-2003040709
838     - Systrace v1.2
839     - IPTables patch-o-matic base patches - 20030107
840     - CryptoAPI 2.4.20.1 w/ loop-jari patch
841     - Super FreeS/WAN 1.99.6.1
842     - GRSecurity 1.9.9g
843     - MPPE
844     - EXT3 data journal fix
845     - CIPE 1.5.4
846 frogger 1.6
847     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
848     hardened-sources-2.4.20-r1.ebuild, manifest:
849 plasmaroo 1.18 Updated to install flask components correctly for selinux.
850 frogger 1.5
851     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
852     hardened-sources-2.4.20-r1.ebuild:
853     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
854     is patched in instead. Ptrace patches for selinux have also been added. In
855     either case, systrace support will be patched in as well.
856 frogger 1.3
857     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
859 plasmaroo 1.18 Revision bump for new sources.
860 frogger 1.4
861 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
862 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
863 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
864 method 1.1
865 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
866    
867 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
868     hardened-sources-2.4.20.ebuild:
869 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20