/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.136 - (hide annotations) (download)
Mon Feb 12 17:41:48 2007 UTC (7 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.135: +7 -1 lines
Revision bump, including a new grsec version fixing #166235.
(Portage version: 2.1.2-r9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.136 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.135 2007/01/24 06:39:27 pappy Exp $
4    
5     *hardened-sources-2.6.19-r6 (12 Feb 2007)
6    
7     12 Feb 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.19-r6.ebuild:
9     Revision bump, including a new grsec version fixing #166235.
10 pappy 1.134
11     *hardened-sources-2.4.34 (24 Jan 2007)
12    
13     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
14 pappy 1.135 Manifest:
15     updating Manifest with checksums of new tarball and ebuild
16    
17     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
18 pappy 1.134 +hardened-sources-2.4.34.ebuild:
19     I added new hardened sources 2.4 update, this is a critical path
20     security bugfix - all users of h-s are strongly advised
21     to update their existing hardened sources to this version.
22     It contains a fix for a kernel vulnerability that is pertaining
23     to the PaX changes to virtual memory management, possibly leading
24     to a local kernel exploit ... see grsecurity.net forums and homepage
25 phreak 1.133
26     23 Jan 2007; Christian Heim <phreak@gentoo.org>
27     files/digest-hardened-sources-2.6.19-r5, Manifest:
28     Fixing the patch-tarball digest.
29 phreak 1.132
30     *hardened-sources-2.6.19-r5 (23 Jan 2007)
31    
32     23 Jan 2007; Christian Heim <phreak@gentoo.org>
33     +hardened-sources-2.6.19-r5.ebuild:
34     Revision bump, closing the recently discovered PaX expand_stack()
35     vulnerability.
36 phreak 1.131
37     *hardened-sources-2.6.19-r4 (14 Jan 2007)
38    
39     14 Jan 2007; Christian Heim <phreak@gentoo.org>
40     +hardened-sources-2.6.19-r4.ebuild:
41     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
42     dropping the randomized PID feature.
43 opfer 1.130
44     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
45     hardened-sources-2.4.33.4.ebuild:
46     stable x86, bug #161171
47 phreak 1.129
48     *hardened-sources-2.6.19-r3 (27 Dec 2006)
49    
50     27 Dec 2006; Christian Heim <phreak@gentoo.org>
51     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
52     Revision bump for bug #157186 and #158786.
53 phreak 1.128
54     *hardened-sources-2.6.18-r4 (27 Dec 2006)
55    
56     27 Dec 2006; Christian Heim <phreak@gentoo.org>
57     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
58     Revision bump for bug #157186.
59 phreak 1.127
60     *hardened-sources-2.6.19-r2 (23 Dec 2006)
61    
62     23 Dec 2006; Christian Heim <phreak@gentoo.org>
63     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
64     Revision bump to pull in genpatches-2.6.19-3 for #157186.
65 phreak 1.126
66     17 Dec 2006; Christian Heim <phreak@gentoo.org>
67     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
68     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
69     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
70     hardened-sources-2.6.19-r1.ebuild:
71     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
72     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
73 pappy 1.125
74     *hardened-sources-2.4.33.4 (17 Dec 2006)
75    
76     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
77     +hardened-sources-2.4.33.4.ebuild:
78     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
79     and quilting
80 phreak 1.124
81     *hardened-sources-2.6.19-r1 (14 Dec 2006)
82    
83     14 Dec 2006; Christian Heim <phreak@gentoo.org>
84     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
85     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
86     for reporting).
87 phreak 1.123
88     *hardened-sources-2.6.19 (13 Dec 2006)
89    
90     13 Dec 2006; Christian Heim <phreak@gentoo.org>
91     +hardened-sources-2.6.19.ebuild:
92     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
93     Brad for providing that prompt update.
94 phreak 1.122
95     *hardened-sources-2.6.18-r3 (13 Dec 2006)
96    
97     13 Dec 2006; Christian Heim <phreak@gentoo.org>
98     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
99     +hardened-sources-2.6.18-r3.ebuild:
100     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
101     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
102 phreak 1.121
103     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
104     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
105 nixnut 1.120
106     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
107     Stable on ppc wrt bug 157356
108 opfer 1.119
109     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
110     hardened-sources-2.6.18.ebuild:
111     stable x86, bug #157356
112 phreak 1.118
113     *hardened-sources-2.6.18-r2 (06 Dec 2006)
114    
115     06 Dec 2006; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.6.18-r2.ebuild:
117     Revision bump, including 2.6.18.5 (via genpatches) and
118     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
119     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
120     redesign.
121 phreak 1.117
122     06 Dec 2006; Christian Heim <phreak@gentoo.org>
123     hardened-sources-2.6.18.ebuild:
124     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
125     of Mike Doty).
126 phreak 1.116
127     *hardened-sources-2.6.18-r1 (23 Nov 2006)
128    
129     23 Nov 2006; Christian Heim <phreak@gentoo.org>
130     +hardened-sources-2.6.18-r1.ebuild:
131     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
132 phreak 1.115
133     *hardened-sources-2.6.18 (11 Nov 2006)
134    
135     11 Nov 2006; Christian Heim <phreak@gentoo.org>
136     +hardened-sources-2.6.18.ebuild:
137     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
138 solar 1.114
139     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
140     - mark amd64 stable also. bug #151877
141 solar 1.113
142     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
143     - mark 2.6.17-r1 stable
144 phreak 1.112
145     27 Aug 2006; Christian Heim <phreak@gentoo.org>
146     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
147     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
148 phreak 1.111
149     *hardened-sources-2.6.17-r1 (26 Aug 2006)
150    
151     26 Aug 2006; Christian Heim <phreak@gentoo.org>
152     +hardened-sources-2.6.17-r1.ebuild:
153     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
154     grsecurity patch.
155 phreak 1.110
156     *hardened-sources-2.6.17 (17 Aug 2006)
157    
158     17 Aug 2006; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.17.ebuild:
160     Bumping the hardened-sources-2.6 series to 2.6.17, using
161     genpatches-2.6.17-6.base.
162 solar 1.109
163     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
164     - stable on x86 and amd64
165 solar 1.108
166     *hardened-sources-2.6.16-r11 (15 Jul 2006)
167    
168     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
169     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
170     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
171     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
172     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
173     crusty ebuilds
174 johnm 1.107
175     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
176     hardened-sources-2.6.16-r10.ebuild:
177     marking stable on x86 and amd64
178 solar 1.106
179     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
180     - 2.4.32-r6 stable on x86. RSBAC state unknown
181 kang 1.105
182     *hardened-sources-2.4.32-r7 (10 Jul 2006)
183    
184     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
185     +hardened-sources-2.4.32-r7.ebuild:
186     Bump PaX for RSBAC to test-17
187 johnm 1.104
188     *hardened-sources-2.6.16-r9 (03 Jul 2006)
189    
190     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
191     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
192     hardened-sources-2.6.16 bump to latest -base.
193 solar 1.103
194     *hardened-sources-2.4.32-r6 (30 Jun 2006)
195    
196     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
197     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
198     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
199     sysctl controlable resource logging
200 johnm 1.102
201     *hardened-sources-2.6.16-r7 (05 Jun 2006)
202    
203     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
204     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
205     push new 2.6.16 release in preparation for stable
206 solar 1.101
207     22 May 2006; <solar@gentoo.org> :
208     - redigest bug 134002
209 kang 1.100
210     *hardened-sources-2.4.32-r5 (16 May 2006)
211    
212     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
213     +hardened-sources-2.4.32-r5.ebuild:
214     Fixes rsbac common patching (new patch in new -r5 patchset)
215 solar 1.99
216     *hardened-sources-2.4.32-r4 (13 May 2006)
217    
218     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
219     +hardened-sources-2.4.32-r4.ebuild:
220     - security bumps
221 johnm 1.98
222     *hardened-sources-2.6.16-r6 (03 May 2006)
223    
224     03 May 2006; John Mylchreest <johnm@gentoo.org>
225     +hardened-sources-2.6.16-r6.ebuild:
226     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
227 johnm 1.97
228     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
229     hardened-sources-2.6.14-r8.ebuild:
230     fix x86_64 build problem, this will delay the digest issue again for a short
231     while but it will sort itself out
232 johnm 1.96
233     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
234     hardened-sources-2.6.14-r8.ebuild:
235     bump hardened patchset
236 antarus 1.94
237     27 Apr 2006; Alec Warner <antarus@gentoo.org>
238     files/digest-hardened-sources-2.4.32-r2,
239     files/digest-hardened-sources-2.4.32-r3,
240     files/digest-hardened-sources-2.6.14-r8, Manifest:
241     Fixing duff SHA256 digests: Bug # 131293
242 johnm 1.93
243 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
244    
245     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
246     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
247     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
248     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
249     cleanup of old uneccessary sources
250    
251 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
252     fix digest
253 johnm 1.92
254     *hardened-sources-2.6.14-r8 (20 Apr 2006)
255    
256     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
257     +hardened-sources-2.6.14-r8.ebuild:
258     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
259 johnm 1.91
260     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
261     Turning on gpg-signing again, and recomitting
262 johnm 1.90
263     *hardened-sources-2.6.16-r4 (20 Apr 2006)
264    
265     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
266     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
267     +hardened-sources-2.6.16-r4.ebuild:
268     Fix numerous security vulns
269 solar 1.89
270     *hardened-sources-2.4.32-r3 (16 Apr 2006)
271    
272     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
273     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
274     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
275     - security bump for bug #112791. Removed old ebuilds
276 johnm 1.88
277     *hardened-sources-2.6.16-r3 (15 Apr 2006)
278    
279     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
280     +hardened-sources-2.6.16-r3.ebuild:
281     Removing silly localversion which I missed
282 johnm 1.87
283     *hardened-sources-2.6.14-r7 (14 Apr 2006)
284    
285     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
286     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
287     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
288 johnm 1.86
289     *hardened-sources-2.6.16-r2 (13 Apr 2006)
290    
291     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
292     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
293     +hardened-sources-2.6.16-r2.ebuild:
294     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
295     labels, dropping USERGROUP define fixes, since these were merged mainstream.
296 johnm 1.85
297     *hardened-sources-2.6.16-r1 (11 Apr 2006)
298    
299     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
300     +hardened-sources-2.6.16-r1.ebuild:
301     Bumping to include ppc build fix and 2.6.16.3
302 tsunam 1.84
303     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
304     hardened-sources-2.6.14-r6.ebuild:
305     Stable on x86; bug #127718
306 johnm 1.83
307     *hardened-sources-2.6.16 (31 Mar 2006)
308    
309     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
310     +hardened-sources-2.6.16.ebuild:
311     Bumping to new version of grsec, and kernel base. New squashfs. Based on
312     2.6.16.1
313 cryos 1.82
314     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
315     hardened-sources-2.6.14-r6.ebuild:
316     Stable on amd64, bug 127718.
317 nixnut 1.81
318     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
319     Stable on ppc. Bug #127718
320 johnm 1.80
321     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
322     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
323     -hardened-sources-2.6.14-r4.ebuild:
324     Cleanup.
325 johnm 1.79
326     *hardened-sources-2.6.14-r6 (15 Mar 2006)
327    
328     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
329     +hardened-sources-2.6.14-r6.ebuild:
330     Fixes grsec policy recreation bug and adds a
331     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
332 solar 1.78
333     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
334     - stable on x86
335 hansmi 1.77
336     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
337     hardened-sources-2.6.14-r5.ebuild:
338     Stable on ppc.
339 johnm 1.76
340     *hardened-sources-2.6.14-r5 (01 Feb 2006)
341    
342     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
343     +hardened-sources-2.6.14-r5.ebuild:
344     fixing every known exploit
345 solar 1.75
346     *hardened-sources-2.4.32-r2 (26 Jan 2006)
347    
348     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
349     +hardened-sources-2.4.32-r2.ebuild:
350     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
351 solar 1.74
352     *hardened-sources-2.6.14-r4 (12 Jan 2006)
353    
354     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
355     - version bump for new genpatches which fix up a few sec holes
356 solar 1.73
357     *hardened-sources-2.4.32-r1 (05 Jan 2006)
358    
359     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
360     - revision bump to add misc vital linux kernel security patches.
361 johnm 1.72
362     *hardened-sources-2.6.14-r3 (30 Dec 2005)
363    
364     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
365     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
366     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
367 johnm 1.71
368     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
369     hardened-sources-2.6.14-r2.ebuild:
370     making x86 & amd64 stable following testing.
371 johnm 1.70
372     *hardened-sources-2.6.14-r2 (27 Dec 2005)
373    
374     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
375     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
376     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
377     network hooks.
378 johnm 1.69
379     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
380     hardened-sources-2.6.14-r1.ebuild:
381     bumping to stable early for sec fix on x86 & amd64
382 johnm 1.68
383     *hardened-sources-2.6.14-r1 (05 Dec 2005)
384    
385     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
386     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
387     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
388 solar 1.67
389     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
390     - stable on x86 security bug #114227 CAN-2005-3257
391 kang 1.66
392     *hardened-sources-2.4.32 (19 Nov 2005)
393    
394     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
395     +hardened-sources-2.4.32.ebuild:
396     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
397     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
398     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
399     rsbac >> /etc/portage/package.use)
400 johnm 1.65
401     *hardened-sources-2.6.14 (14 Nov 2005)
402    
403     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
404     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
405     Bumping 2.6 series to 2.6.14.2
406 johnm 1.64
407     *hardened-sources-2.6.13-r2 (20 Oct 2005)
408    
409     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
410     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
411     +hardened-sources-2.6.13-r2.ebuild:
412     Fixes minor build error in ppc.
413 johnm 1.63
414     *hardened-sources-2.6.13-r1 (17 Oct 2005)
415    
416     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
417     +hardened-sources-2.6.13-r1.ebuild:
418     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
419     2.6.13.4, fixes some major amd64 stability problems.
420 johnm 1.62
421     *hardened-sources-2.6.13 (16 Sep 2005)
422    
423     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
424     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
425     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
426     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
427     users should test this thoroughly.
428 solar 1.61
429     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
430     - stable on x86
431 johnm 1.60
432     *hardened-sources-2.6.11-r15 (27 Jun 2005)
433    
434     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
435     +hardened-sources-2.6.11-r15.ebuild:
436     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
437     grsec redefining curr_ip struct.
438 solar 1.59
439     *hardened-sources-2.4.31 (20 Jun 2005)
440    
441     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
442     initial import of 2.4.31 tree
443 johnm 1.58
444     *hardened-sources-2.6.11-r14 (14 Jun 2005)
445    
446     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
447     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
448     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
449     naming scheme to abide by genpatches
450 johnm 1.57
451     *hardened-sources-2.6.11-r13 (18 May 2005)
452    
453     18 May 2005; John Mylchreest <johnm@gentoo.org>
454     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
455     Managed to mangle the Makefile patch from grsec, to miss out the grsec
456     target. sorry about that. Fixes bug #93022
457 johnm 1.56
458     *hardened-sources-2.6.11-r12 (17 May 2005)
459    
460     17 May 2005; John Mylchreest <johnm@gentoo.org>
461     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
462     +hardened-sources-2.6.11-r12.ebuild:
463     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
464     merges in genpatches-base
465 johnm 1.55
466     *hardened-sources-2.6.11-r12 (17 May 2005)
467    
468     17 May 2005; John Mylchreest <johnm@gentoo.org>
469     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
470     +hardened-sources-2.6.11-r12.ebuild:
471     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
472     merges in genpatches-base
473 solar 1.54
474     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
475     -files/2.4.27-cmdline-race.patch,
476     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
477     -files/2.4.28-grsec-binfmt_a.out.patch,
478     -files/2.4.28-grsec-cmdline-race.patch,
479     -files/2.4.28-selinux-binfmt_a.out.patch,
480     -files/2.4.28-selinux-cmdline-race.patch,
481     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
482     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
483     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
484     cleanup..
485 solar 1.53
486     *hardened-sources-2.4.30-r1 (21 Apr 2005)
487    
488     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
489     - disable aout by default
490 solar 1.52
491     *hardened-sources-2.4.30 (18 Apr 2005)
492    
493     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
494     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
495     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
496     use
497 tocharian 1.50
498 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
499    
500     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
501     +hardened-sources-2.4.29.ebuild:
502     New hardened-patches-2.4-29.0 patchball.
503     Removed SELinux support, upgraded GRSecurity to 2.1.4.
504    
505     *hardened-sources-2.4.28-r5 (06 Mar 2005)
506    
507     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
508     +hardened-sources-2.4.28-r5.ebuild:
509     Added a fix for a PaX vulnerability.
510    
511     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
512 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
513     Stable on x86
514 solar 1.49
515     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
516     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
517     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
518     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
519     - fixed/added RDEPEND= in all kernel-2 ebuilds
520 tocharian 1.48
521     *hardened-sources-2.4.28-r4 (21 Jan 2005)
522    
523     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
524     +hardened-sources-2.4.28-r4.ebuild:
525     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
526     backport of neighbour hash updates.
527 tocharian 1.47
528     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
529     hardened-sources-2.4.28-r3.ebuild:
530     Stable on x86
531 tseng 1.46
532     *hardened-sources-2.6.10-r3 (20 Jan 2005)
533    
534     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
535     +hardened-sources-2.6.10-r3.ebuild:
536     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
537     in 2005.0
538 tocharian 1.45
539     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
540     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
541     hardened-sources-2.4.28-r2.ebuild:
542     Mark stable on x86
543 tocharian 1.44
544     *hardened-sources-2.4.28-r3 (17 Jan 2005)
545    
546     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547     +hardened-sources-2.4.28-r3.ebuild:
548     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
549 tocharian 1.43
550     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
551     hardened-sources-2.4.28.ebuild:
552     Mark stable on x86.
553 tocharian 1.42
554     *hardened-sources-2.4.28-r2 (13 Jan 2005)
555    
556     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
557     +hardened-sources-2.4.28-r2.ebuild:
558     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
559     Mazinger for grsecurity patches as well.
560 plasmaroo 1.41
561     *hardened-sources-2.4.28-r1 (23 Dec 2004)
562    
563     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
564     Security bump. Thank tocharian for rolling a new patchset...
565 solar 1.40
566     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
567     +files/2.4.28-grsec-cmdline-race.patch,
568     +files/2.4.28-selinux-binfmt_a.out.patch,
569     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
570     - Round up remaining security patches that appear to be missing in 2.4.28. -
571     PaX standalone updated to current. hgpv=28.1
572 solar 1.39
573     *hardened-sources-2.4.28 (28 Nov 2004)
574    
575     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
576     security bump. Thank tocharian for rolling a new patchset
577 scox 1.31
578 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
579    
580     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
581     +hardened-sources-2.4.27-r3.ebuild:
582     Applies the new 2.4-27.2 patchball which updates
583     GRSecurity to the 2.0.1 version.
584    
585 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
586    
587     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
588     +hardened-sources-2.4.27-r2.ebuild:
589     Version bump.
590     This version uses the new 2.4-27.1 patchball which updates
591     both the SELinux PaX hooks patch and the SELinux headers.
592    
593 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
594    
595     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
596     +hardened-sources-2.4.27-r1.ebuild,
597     -hardened-sources-2.4.27.ebuild,
598     +files/2.4.27-cmdline-race.patch:
599     Version bump, fix for cmdline race. See bug #59905.
600    
601     *hardened-sources-2.4.26-r6 (09 Aug 2004)
602    
603     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
604     +hardened-sources-2.4.26-r6.ebuild,
605     -hardened-sources-2.4.26-r5.ebuild,
606     -hardened-sources-2.4.26-r4.ebuild,
607     +files/2.4.26-cmdline-race.patch:
608     Version bump, fix for cmdline race. See bug #59905.
609    
610 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
611    
612     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
613     +hardened-sources-2.4.27.ebuild,
614     +files/2.4.27-CAN-2004-0394.patch:
615     Ported the patchball to the 2.4.27 kernel version.
616    
617 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
618    
619     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
620     +hardened-sources-2.4.26-r5.ebuild:
621 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
622 scox 1.34 It adds the following features:
623     - Squashfs
624     - Ebtables
625     - Netdev random (core+drivers)
626     - Watchdog Timer (WDT) fix.
627    
628 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
629    
630     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
631     +hardened-sources-2.4.26-r4.ebuild,
632     +files/2.4.26-CAN-2004-0415.patch,
633     -hardened-sources-2.4.26-3:
634     Version bump, fix for CAN 0415, see bug #59378.
635    
636 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
637    
638     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
639     +hardened-sources-2.4.26-r3.ebuild,
640     +files/2.4.26-CAN-2004-0497.patch,
641     -hardened-sources-2.4.26-r2.ebuild:
642     Version bump, fixed CAN 0497, see bug #56171.
643    
644 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
645    
646     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
647 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
648 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
649     +files/2.4.26-CAN-2004-0535.patch,
650     -hardened-sources-2.4.26-r1.ebuild:
651     Fixes for both CAN 0495 and 0535, see bug #54976
652 pvdabeel 1.27
653 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
654     hardened-sources-2.4.26-r1.ebuild:
655     QA - fix use invocation
656 scox 1.28
657     *hardened-sources-2.4.26-r1 (22 June 2004)
658    
659     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
660     +hardened-sources-2.4.26-r1.ebuild,
661     +files/2.4.26-CAN-2004-0394.patch,
662     +files/2.4.26-signal-race.patch,
663     -hardened-sources-2.4.26.ebuild,
664     -hardened-sources-2.4.24-r3.ebuild:
665     Version bump for the CAN-2004-0394 issue and bug #53804
666     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
667    
668    
669 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
670     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
671     Masked hardened-sources-2.4.26.ebuild broken for ppc
672    
673     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
674     hardened-sources-2.4.24-r3.ebuild:
675     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
676 plasmaroo 1.25
677 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
678    
679     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
680     +hardened-sources-2.4.26.ebuild:
681     Updated hardened-sources for the 2.4.26 kernel
682     Removed broken components, updated almost everything.
683    
684 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
685    
686     17 Apr 2004; <plasmaroo@gentoo.org>
687     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
688     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
689     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
690     +hardened-sources-2.4.24-r3.ebuild:
691     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
692     vulnerabilities. Old revisions removed.
693 plasmaroo 1.24
694     *hardened-sources-2.4.24-r2 (15 Apr 2004)
695    
696     15 Apr 2004; <plasmaroo@gentoo.org>
697     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
698     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
699     Version bump for the CAN-2004-0109 issue; bug #47881.
700 aliz 1.23
701     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
702     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
703     Add eutils to inherit.
704 plasmaroo 1.22
705     *hardened-sources-2.4.24-r1 (19 Feb 2004)
706    
707     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
708     files/hardened-sources-2.4.24.munmap.patch:
709     Added the patch for the mremap/munmap vulnerability. Bug #42024.
710 scox 1.19
711 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
712 scox 1.26
713 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
714     hardened-sources-2.4.24.ebuild:
715     Version bump, updated most of the components.
716     This release includes the following:
717    
718     - Hardened security
719     - Netfilter patch-o-matic 20031219
720     - FreeSWAN 2.04 & x509 1.4.8
721     - EVMS 2.2.2
722     - XFS 1.3.1
723     - cryptoloop jari
724     - grsecurity 2.0-rc4
725     - SELinux
726     - PaX 200402060000
727     - PaX Obscurity 200308302223
728     - Others...
729    
730     Neither -ck nor systrace are included anymore.
731    
732 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
733    
734     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
735     hardened-sources-2.4.22-r2.ebuild:
736 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
737 scox 1.19
738     *hardened-sources-2.4.22-r1 (02 Dec 2003)
739 iggy 1.17
740     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
741 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
742 iggy 1.16
743     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
744 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
745     Version bump for the 'do_brk' vulnerability.
746 iggy 1.15
747     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
748     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
749     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
750     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
751 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
752 frogger 1.14
753     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
754     hardened-sources-2.4.22.ebuild:
755 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
756     components. These are no longer handled in the kernel
757     so this code was not necessary.
758 frogger 1.13
759     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
760     New 2.4.22 based hardened-sources thanks to
761     Phil West <p.west@computer.org>.
762    
763     These sources include:
764 plasmaroo 1.18 - New SELinux API
765     - Updated CK-base
766     - Updated GRSec
767     - Systrace
768     - SuperFreeS/WAN 1.99.8
769     - Propolice kernel build support
770     - EVMS
771     - Other various security related patches
772 frogger 1.11
773 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
774    
775     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
776     Updated hardened-sources based on the 2.4.21 Linux kernel.
777     This includes updates to most major components such as:
778 plasmaroo 1.18 - ck-base-0306300059
779     - selinux-2.4-2003071106
780     - grsecurity-2.0-rc1
781     - Updated IPTables patch-o-matic
782     - Updated SuperFreeS/WAN
783    
784 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
785     updated patch set ready for the 2.4.21 based kernel.
786    
787 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
788     Initial import of hardened-sources-2.4.20-r4. This revision
789     includes only a few changes, but one of these is an important
790     security fix. It is recommended all users of hardened-sources
791     upgrade to this release.
792 plasmaroo 1.18
793 frogger 1.11 - ioperm bug fix
794     - fixed compilation failure when building without GRSec
795 plasmaroo 1.18
796 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
797     due to time constraints, but is planned for inclusion in the near
798     future.
799 msterret 1.10
800     *hardened-sources-2.4.20-r2 (12 Jun 2003)
801    
802     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
803     hardened-sources-2.4.20-r3.ebuild:
804 plasmaroo 1.18 Add Header...
805 frogger 1.9
806     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
807     hardened-sources-2.4.20-r3.ebuild:
808     Removed warnings from ebuild. This kernel should be safe to
809     use at this point.
810 frogger 1.8
811     *hardened-sources-2.4.20-r3 (08 Jun 2003)
812    
813     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
814     hardened-sources-2.4.20-r3.ebuild:
815     New revision. Includes the following changes over -r2:
816 plasmaroo 1.18
817 frogger 1.8 - ck7-base (O(1), preempt, low latency)
818     - Super FreeS/WAN 1.99.7rc2
819     - PaX for the LSM/SELinux branch
820     - GRSecurity 2.0-pre4 (role based access control)
821     - Systrace 1.3
822     - EXT3 fixes
823     - EVMS 2.0.1
824     - GCC 3.1+ compile optimizations
825     - ProPolice kernel build support
826     - Hashing table security fixes
827 frogger 1.3
828     *hardened-sources-2.4.20-r1 (09 Apr 2003)
829 frogger 1.7
830     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
831     Initial import of hardened-sources-r2. This new
832     ebuild includes many new performance and security
833     related patches. As in -r1, it will patch in
834     LSM/SELinux if "selinux" is in USE, otherwise it
835     will patch in GRSecurity. The following patches
836     are included in this revision:
837 plasmaroo 1.18
838 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
839     (pulled from the base CK patch)
840     - ptrace exploit patch for the LSM kernel
841     (the GRSec patch already fixes this)
842     - LSM 2.4-2003040709
843     - SELinux 2.4-2003040709
844     - Systrace v1.2
845     - IPTables patch-o-matic base patches - 20030107
846     - CryptoAPI 2.4.20.1 w/ loop-jari patch
847     - Super FreeS/WAN 1.99.6.1
848     - GRSecurity 1.9.9g
849     - MPPE
850     - EXT3 data journal fix
851     - CIPE 1.5.4
852 frogger 1.6
853     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
854     hardened-sources-2.4.20-r1.ebuild, manifest:
855 plasmaroo 1.18 Updated to install flask components correctly for selinux.
856 frogger 1.5
857     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858     hardened-sources-2.4.20-r1.ebuild:
859     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
860     is patched in instead. Ptrace patches for selinux have also been added. In
861     either case, systrace support will be patched in as well.
862 frogger 1.3
863     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
864     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
865 plasmaroo 1.18 Revision bump for new sources.
866 frogger 1.4
867 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
868 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
869 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
870 method 1.1
871 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
872    
873 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
874     hardened-sources-2.4.20.ebuild:
875 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20