/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.152 - (hide annotations) (download)
Tue May 15 23:07:53 2007 UTC (6 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.151: +7 -1 lines
Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the grsecurity patch fail in that exact same hunk.
(Portage version: 2.1.2.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.152 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.151 2007/05/15 04:29:36 phreak Exp $
4    
5     15 May 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.20-r3.ebuild:
7     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
8     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
9     grsecurity patch fail in that exact same hunk.
10 phreak 1.151
11     *hardened-sources-2.6.20-r3 (15 May 2007)
12    
13     15 May 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
15     Revision bump, incorporating Linux 2.6.20.11.
16    
17     *hardened-sources-2.6.21-r1 (11 May 2007)
18    
19     11 May 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.21-r1.ebuild:
21     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
22     mentioned in #177234.
23 kevquinn 1.150
24     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
25     files/digest-hardened-sources-2.6.21, Manifest:
26     Fix Manifest/digest for linux-2.6.21.tar.bz2
27 phreak 1.149
28     06 May 2007; Christian Heim <phreak@gentoo.org>
29     hardened-sources-2.6.21.ebuild:
30     Bumping the hardened-patches version, needed for the fix for #177234.
31 phreak 1.148
32     *hardened-sources-2.6.21 (02 May 2007)
33    
34     02 May 2007; Christian Heim <phreak@gentoo.org>
35     +hardened-sources-2.6.21.ebuild:
36     Version bump, Linux 2.6.21-hardened.
37 phreak 1.147
38     29 Apr 2007; Christian Heim <phreak@gentoo.org>
39     hardened-sources-2.6.20-r2.ebuild:
40     Adding ~ia64 on Ned's request.
41 phreak 1.146
42     29 Apr 2007; Christian Heim <phreak@gentoo.org>
43     hardened-sources-2.6.20-r2.ebuild:
44     Fixing the included grsecurity patch, wasn't alligning due to the Index:
45     header line(s).
46 phreak 1.145
47     29 Apr 2007; Christian Heim <phreak@gentoo.org>
48     hardened-sources-2.6.20-r2.ebuild:
49     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
50 armin76 1.144
51     *hardened-sources-2.6.20-r2 (10 Apr 2007)
52    
53     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
54     +hardened-sources-2.6.20-r2.ebuild:
55     Version bump, on behalf of phreak
56 phreak 1.143
57     *hardened-sources-2.6.20-r1 (04 Apr 2007)
58    
59     04 Apr 2007; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.20-r1.ebuild:
61     Revision bump, grabbing a newer grsecurity snapshot.
62 phreak 1.142
63     *hardened-sources-2.6.20 (25 Mar 2007)
64    
65     25 Mar 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.20.ebuild:
67     Finally a hardened-sources version for 2.6.20; many people have been waiting
68     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
69     testbox.
70 chainsaw 1.141
71     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
72     hardened-sources-2.6.18-r6.ebuild:
73     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
74 phreak 1.140
75     *hardened-sources-2.6.18-r6 (16 Mar 2007)
76    
77     16 Mar 2007; Christian Heim <phreak@gentoo.org>
78     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
79     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
80     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
81     supposed to be.
82 phreak 1.139
83     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
84     Fixing the Manifest, the previous one was broken (as in still had the
85     deleted ebuild in it).
86 phreak 1.138
87     06 Mar 2007; Christian Heim <phreak@gentoo.org>
88     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
89     +hardened-sources-2.6.18-r5.ebuild:
90     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
91     Linux 2.6.18.8. Also cleaning up the older version.
92    
93     *hardened-sources-2.6.18-r5 (06 Mar 2007)
94    
95     06 Mar 2007; Christian Heim <phreak@gentoo.org>
96     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
97     +hardened-sources-2.6.18-r5.ebuild:
98     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
99     Linux 2.6.18.8. Also cleaning up the older version.
100 phreak 1.137
101     24 Feb 2007; Christian Heim <phreak@gentoo.org>
102     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
103     -hardened-sources-2.6.19-r5.ebuild:
104     Removing some of the old version, that didn't work.
105 phreak 1.136
106     *hardened-sources-2.6.19-r6 (12 Feb 2007)
107    
108     12 Feb 2007; Christian Heim <phreak@gentoo.org>
109     +hardened-sources-2.6.19-r6.ebuild:
110     Revision bump, including a new grsec version fixing #166235.
111 pappy 1.134
112     *hardened-sources-2.4.34 (24 Jan 2007)
113    
114     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
115 pappy 1.135 Manifest:
116     updating Manifest with checksums of new tarball and ebuild
117    
118     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
119 pappy 1.134 +hardened-sources-2.4.34.ebuild:
120     I added new hardened sources 2.4 update, this is a critical path
121     security bugfix - all users of h-s are strongly advised
122     to update their existing hardened sources to this version.
123     It contains a fix for a kernel vulnerability that is pertaining
124     to the PaX changes to virtual memory management, possibly leading
125     to a local kernel exploit ... see grsecurity.net forums and homepage
126 phreak 1.133
127     23 Jan 2007; Christian Heim <phreak@gentoo.org>
128     files/digest-hardened-sources-2.6.19-r5, Manifest:
129     Fixing the patch-tarball digest.
130 phreak 1.132
131     *hardened-sources-2.6.19-r5 (23 Jan 2007)
132    
133     23 Jan 2007; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.19-r5.ebuild:
135     Revision bump, closing the recently discovered PaX expand_stack()
136     vulnerability.
137 phreak 1.131
138     *hardened-sources-2.6.19-r4 (14 Jan 2007)
139    
140     14 Jan 2007; Christian Heim <phreak@gentoo.org>
141     +hardened-sources-2.6.19-r4.ebuild:
142     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
143     dropping the randomized PID feature.
144 opfer 1.130
145     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
146     hardened-sources-2.4.33.4.ebuild:
147     stable x86, bug #161171
148 phreak 1.129
149     *hardened-sources-2.6.19-r3 (27 Dec 2006)
150    
151     27 Dec 2006; Christian Heim <phreak@gentoo.org>
152     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
153     Revision bump for bug #157186 and #158786.
154 phreak 1.128
155     *hardened-sources-2.6.18-r4 (27 Dec 2006)
156    
157     27 Dec 2006; Christian Heim <phreak@gentoo.org>
158     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
159     Revision bump for bug #157186.
160 phreak 1.127
161     *hardened-sources-2.6.19-r2 (23 Dec 2006)
162    
163     23 Dec 2006; Christian Heim <phreak@gentoo.org>
164     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
165     Revision bump to pull in genpatches-2.6.19-3 for #157186.
166 phreak 1.126
167     17 Dec 2006; Christian Heim <phreak@gentoo.org>
168     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
169     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
170     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
171     hardened-sources-2.6.19-r1.ebuild:
172     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
173     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
174 pappy 1.125
175     *hardened-sources-2.4.33.4 (17 Dec 2006)
176    
177     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
178     +hardened-sources-2.4.33.4.ebuild:
179     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
180     and quilting
181 phreak 1.124
182     *hardened-sources-2.6.19-r1 (14 Dec 2006)
183    
184     14 Dec 2006; Christian Heim <phreak@gentoo.org>
185     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
186     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
187     for reporting).
188 phreak 1.123
189     *hardened-sources-2.6.19 (13 Dec 2006)
190    
191     13 Dec 2006; Christian Heim <phreak@gentoo.org>
192     +hardened-sources-2.6.19.ebuild:
193     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
194     Brad for providing that prompt update.
195 phreak 1.122
196     *hardened-sources-2.6.18-r3 (13 Dec 2006)
197    
198     13 Dec 2006; Christian Heim <phreak@gentoo.org>
199     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
200     +hardened-sources-2.6.18-r3.ebuild:
201     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
202     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
203 phreak 1.121
204     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
205     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
206 nixnut 1.120
207     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
208     Stable on ppc wrt bug 157356
209 opfer 1.119
210     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
211     hardened-sources-2.6.18.ebuild:
212     stable x86, bug #157356
213 phreak 1.118
214     *hardened-sources-2.6.18-r2 (06 Dec 2006)
215    
216     06 Dec 2006; Christian Heim <phreak@gentoo.org>
217     +hardened-sources-2.6.18-r2.ebuild:
218     Revision bump, including 2.6.18.5 (via genpatches) and
219     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
220     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
221     redesign.
222 phreak 1.117
223     06 Dec 2006; Christian Heim <phreak@gentoo.org>
224     hardened-sources-2.6.18.ebuild:
225     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
226     of Mike Doty).
227 phreak 1.116
228     *hardened-sources-2.6.18-r1 (23 Nov 2006)
229    
230     23 Nov 2006; Christian Heim <phreak@gentoo.org>
231     +hardened-sources-2.6.18-r1.ebuild:
232     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
233 phreak 1.115
234     *hardened-sources-2.6.18 (11 Nov 2006)
235    
236     11 Nov 2006; Christian Heim <phreak@gentoo.org>
237     +hardened-sources-2.6.18.ebuild:
238     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
239 solar 1.114
240     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
241     - mark amd64 stable also. bug #151877
242 solar 1.113
243     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
244     - mark 2.6.17-r1 stable
245 phreak 1.112
246     27 Aug 2006; Christian Heim <phreak@gentoo.org>
247     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
248     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
249 phreak 1.111
250     *hardened-sources-2.6.17-r1 (26 Aug 2006)
251    
252     26 Aug 2006; Christian Heim <phreak@gentoo.org>
253     +hardened-sources-2.6.17-r1.ebuild:
254     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
255     grsecurity patch.
256 phreak 1.110
257     *hardened-sources-2.6.17 (17 Aug 2006)
258    
259     17 Aug 2006; Christian Heim <phreak@gentoo.org>
260     +hardened-sources-2.6.17.ebuild:
261     Bumping the hardened-sources-2.6 series to 2.6.17, using
262     genpatches-2.6.17-6.base.
263 solar 1.109
264     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
265     - stable on x86 and amd64
266 solar 1.108
267     *hardened-sources-2.6.16-r11 (15 Jul 2006)
268    
269     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
270     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
271     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
272     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
273     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
274     crusty ebuilds
275 johnm 1.107
276     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
277     hardened-sources-2.6.16-r10.ebuild:
278     marking stable on x86 and amd64
279 solar 1.106
280     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
281     - 2.4.32-r6 stable on x86. RSBAC state unknown
282 kang 1.105
283     *hardened-sources-2.4.32-r7 (10 Jul 2006)
284    
285     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
286     +hardened-sources-2.4.32-r7.ebuild:
287     Bump PaX for RSBAC to test-17
288 johnm 1.104
289     *hardened-sources-2.6.16-r9 (03 Jul 2006)
290    
291     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
292     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
293     hardened-sources-2.6.16 bump to latest -base.
294 solar 1.103
295     *hardened-sources-2.4.32-r6 (30 Jun 2006)
296    
297     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
298     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
299     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
300     sysctl controlable resource logging
301 johnm 1.102
302     *hardened-sources-2.6.16-r7 (05 Jun 2006)
303    
304     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
305     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
306     push new 2.6.16 release in preparation for stable
307 solar 1.101
308     22 May 2006; <solar@gentoo.org> :
309     - redigest bug 134002
310 kang 1.100
311     *hardened-sources-2.4.32-r5 (16 May 2006)
312    
313     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
314     +hardened-sources-2.4.32-r5.ebuild:
315     Fixes rsbac common patching (new patch in new -r5 patchset)
316 solar 1.99
317     *hardened-sources-2.4.32-r4 (13 May 2006)
318    
319     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
320     +hardened-sources-2.4.32-r4.ebuild:
321     - security bumps
322 johnm 1.98
323     *hardened-sources-2.6.16-r6 (03 May 2006)
324    
325     03 May 2006; John Mylchreest <johnm@gentoo.org>
326     +hardened-sources-2.6.16-r6.ebuild:
327     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
328 johnm 1.97
329     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
330     hardened-sources-2.6.14-r8.ebuild:
331     fix x86_64 build problem, this will delay the digest issue again for a short
332     while but it will sort itself out
333 johnm 1.96
334     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
335     hardened-sources-2.6.14-r8.ebuild:
336     bump hardened patchset
337 antarus 1.94
338     27 Apr 2006; Alec Warner <antarus@gentoo.org>
339     files/digest-hardened-sources-2.4.32-r2,
340     files/digest-hardened-sources-2.4.32-r3,
341     files/digest-hardened-sources-2.6.14-r8, Manifest:
342     Fixing duff SHA256 digests: Bug # 131293
343 johnm 1.93
344 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
345    
346     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
347     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
348     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
349     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
350     cleanup of old uneccessary sources
351    
352 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
353     fix digest
354 johnm 1.92
355     *hardened-sources-2.6.14-r8 (20 Apr 2006)
356    
357     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
358     +hardened-sources-2.6.14-r8.ebuild:
359     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
360 johnm 1.91
361     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
362     Turning on gpg-signing again, and recomitting
363 johnm 1.90
364     *hardened-sources-2.6.16-r4 (20 Apr 2006)
365    
366     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
367     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
368     +hardened-sources-2.6.16-r4.ebuild:
369     Fix numerous security vulns
370 solar 1.89
371     *hardened-sources-2.4.32-r3 (16 Apr 2006)
372    
373     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
374     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
375     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
376     - security bump for bug #112791. Removed old ebuilds
377 johnm 1.88
378     *hardened-sources-2.6.16-r3 (15 Apr 2006)
379    
380     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
381     +hardened-sources-2.6.16-r3.ebuild:
382     Removing silly localversion which I missed
383 johnm 1.87
384     *hardened-sources-2.6.14-r7 (14 Apr 2006)
385    
386     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
387     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
388     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
389 johnm 1.86
390     *hardened-sources-2.6.16-r2 (13 Apr 2006)
391    
392     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
393     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
394     +hardened-sources-2.6.16-r2.ebuild:
395     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
396     labels, dropping USERGROUP define fixes, since these were merged mainstream.
397 johnm 1.85
398     *hardened-sources-2.6.16-r1 (11 Apr 2006)
399    
400     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
401     +hardened-sources-2.6.16-r1.ebuild:
402     Bumping to include ppc build fix and 2.6.16.3
403 tsunam 1.84
404     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
405     hardened-sources-2.6.14-r6.ebuild:
406     Stable on x86; bug #127718
407 johnm 1.83
408     *hardened-sources-2.6.16 (31 Mar 2006)
409    
410     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
411     +hardened-sources-2.6.16.ebuild:
412     Bumping to new version of grsec, and kernel base. New squashfs. Based on
413     2.6.16.1
414 cryos 1.82
415     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
416     hardened-sources-2.6.14-r6.ebuild:
417     Stable on amd64, bug 127718.
418 nixnut 1.81
419     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
420     Stable on ppc. Bug #127718
421 johnm 1.80
422     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
423     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
424     -hardened-sources-2.6.14-r4.ebuild:
425     Cleanup.
426 johnm 1.79
427     *hardened-sources-2.6.14-r6 (15 Mar 2006)
428    
429     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
430     +hardened-sources-2.6.14-r6.ebuild:
431     Fixes grsec policy recreation bug and adds a
432     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
433 solar 1.78
434     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
435     - stable on x86
436 hansmi 1.77
437     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
438     hardened-sources-2.6.14-r5.ebuild:
439     Stable on ppc.
440 johnm 1.76
441     *hardened-sources-2.6.14-r5 (01 Feb 2006)
442    
443     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
444     +hardened-sources-2.6.14-r5.ebuild:
445     fixing every known exploit
446 solar 1.75
447     *hardened-sources-2.4.32-r2 (26 Jan 2006)
448    
449     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
450     +hardened-sources-2.4.32-r2.ebuild:
451     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
452 solar 1.74
453     *hardened-sources-2.6.14-r4 (12 Jan 2006)
454    
455     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
456     - version bump for new genpatches which fix up a few sec holes
457 solar 1.73
458     *hardened-sources-2.4.32-r1 (05 Jan 2006)
459    
460     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
461     - revision bump to add misc vital linux kernel security patches.
462 johnm 1.72
463     *hardened-sources-2.6.14-r3 (30 Dec 2005)
464    
465     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
466     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
467     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
468 johnm 1.71
469     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
470     hardened-sources-2.6.14-r2.ebuild:
471     making x86 & amd64 stable following testing.
472 johnm 1.70
473     *hardened-sources-2.6.14-r2 (27 Dec 2005)
474    
475     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
476     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
477     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
478     network hooks.
479 johnm 1.69
480     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
481     hardened-sources-2.6.14-r1.ebuild:
482     bumping to stable early for sec fix on x86 & amd64
483 johnm 1.68
484     *hardened-sources-2.6.14-r1 (05 Dec 2005)
485    
486     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
487     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
488     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
489 solar 1.67
490     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
491     - stable on x86 security bug #114227 CAN-2005-3257
492 kang 1.66
493     *hardened-sources-2.4.32 (19 Nov 2005)
494    
495     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
496     +hardened-sources-2.4.32.ebuild:
497     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
498     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
499     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
500     rsbac >> /etc/portage/package.use)
501 johnm 1.65
502     *hardened-sources-2.6.14 (14 Nov 2005)
503    
504     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
505     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
506     Bumping 2.6 series to 2.6.14.2
507 johnm 1.64
508     *hardened-sources-2.6.13-r2 (20 Oct 2005)
509    
510     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
511     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
512     +hardened-sources-2.6.13-r2.ebuild:
513     Fixes minor build error in ppc.
514 johnm 1.63
515     *hardened-sources-2.6.13-r1 (17 Oct 2005)
516    
517     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
518     +hardened-sources-2.6.13-r1.ebuild:
519     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
520     2.6.13.4, fixes some major amd64 stability problems.
521 johnm 1.62
522     *hardened-sources-2.6.13 (16 Sep 2005)
523    
524     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
525     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
526     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
527     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
528     users should test this thoroughly.
529 solar 1.61
530     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
531     - stable on x86
532 johnm 1.60
533     *hardened-sources-2.6.11-r15 (27 Jun 2005)
534    
535     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
536     +hardened-sources-2.6.11-r15.ebuild:
537     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
538     grsec redefining curr_ip struct.
539 solar 1.59
540     *hardened-sources-2.4.31 (20 Jun 2005)
541    
542     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
543     initial import of 2.4.31 tree
544 johnm 1.58
545     *hardened-sources-2.6.11-r14 (14 Jun 2005)
546    
547     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
548     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
549     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
550     naming scheme to abide by genpatches
551 johnm 1.57
552     *hardened-sources-2.6.11-r13 (18 May 2005)
553    
554     18 May 2005; John Mylchreest <johnm@gentoo.org>
555     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
556     Managed to mangle the Makefile patch from grsec, to miss out the grsec
557     target. sorry about that. Fixes bug #93022
558 johnm 1.56
559     *hardened-sources-2.6.11-r12 (17 May 2005)
560    
561     17 May 2005; John Mylchreest <johnm@gentoo.org>
562     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
563     +hardened-sources-2.6.11-r12.ebuild:
564     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
565     merges in genpatches-base
566 johnm 1.55
567     *hardened-sources-2.6.11-r12 (17 May 2005)
568    
569     17 May 2005; John Mylchreest <johnm@gentoo.org>
570     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
571     +hardened-sources-2.6.11-r12.ebuild:
572     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
573     merges in genpatches-base
574 solar 1.54
575     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
576     -files/2.4.27-cmdline-race.patch,
577     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
578     -files/2.4.28-grsec-binfmt_a.out.patch,
579     -files/2.4.28-grsec-cmdline-race.patch,
580     -files/2.4.28-selinux-binfmt_a.out.patch,
581     -files/2.4.28-selinux-cmdline-race.patch,
582     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
583     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
584     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
585     cleanup..
586 solar 1.53
587     *hardened-sources-2.4.30-r1 (21 Apr 2005)
588    
589     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
590     - disable aout by default
591 solar 1.52
592     *hardened-sources-2.4.30 (18 Apr 2005)
593    
594     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
595     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
596     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
597     use
598 tocharian 1.50
599 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
600    
601     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
602     +hardened-sources-2.4.29.ebuild:
603     New hardened-patches-2.4-29.0 patchball.
604     Removed SELinux support, upgraded GRSecurity to 2.1.4.
605    
606     *hardened-sources-2.4.28-r5 (06 Mar 2005)
607    
608     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
609     +hardened-sources-2.4.28-r5.ebuild:
610     Added a fix for a PaX vulnerability.
611    
612     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
613 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
614     Stable on x86
615 solar 1.49
616     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
617     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
618     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
619     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
620     - fixed/added RDEPEND= in all kernel-2 ebuilds
621 tocharian 1.48
622     *hardened-sources-2.4.28-r4 (21 Jan 2005)
623    
624     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
625     +hardened-sources-2.4.28-r4.ebuild:
626     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
627     backport of neighbour hash updates.
628 tocharian 1.47
629     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
630     hardened-sources-2.4.28-r3.ebuild:
631     Stable on x86
632 tseng 1.46
633     *hardened-sources-2.6.10-r3 (20 Jan 2005)
634    
635     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
636     +hardened-sources-2.6.10-r3.ebuild:
637     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
638     in 2005.0
639 tocharian 1.45
640     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
641     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
642     hardened-sources-2.4.28-r2.ebuild:
643     Mark stable on x86
644 tocharian 1.44
645     *hardened-sources-2.4.28-r3 (17 Jan 2005)
646    
647     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
648     +hardened-sources-2.4.28-r3.ebuild:
649     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
650 tocharian 1.43
651     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
652     hardened-sources-2.4.28.ebuild:
653     Mark stable on x86.
654 tocharian 1.42
655     *hardened-sources-2.4.28-r2 (13 Jan 2005)
656    
657     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
658     +hardened-sources-2.4.28-r2.ebuild:
659     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
660     Mazinger for grsecurity patches as well.
661 plasmaroo 1.41
662     *hardened-sources-2.4.28-r1 (23 Dec 2004)
663    
664     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
665     Security bump. Thank tocharian for rolling a new patchset...
666 solar 1.40
667     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
668     +files/2.4.28-grsec-cmdline-race.patch,
669     +files/2.4.28-selinux-binfmt_a.out.patch,
670     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
671     - Round up remaining security patches that appear to be missing in 2.4.28. -
672     PaX standalone updated to current. hgpv=28.1
673 solar 1.39
674     *hardened-sources-2.4.28 (28 Nov 2004)
675    
676     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
677     security bump. Thank tocharian for rolling a new patchset
678 scox 1.31
679 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
680    
681     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
682     +hardened-sources-2.4.27-r3.ebuild:
683     Applies the new 2.4-27.2 patchball which updates
684     GRSecurity to the 2.0.1 version.
685    
686 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
687    
688     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
689     +hardened-sources-2.4.27-r2.ebuild:
690     Version bump.
691     This version uses the new 2.4-27.1 patchball which updates
692     both the SELinux PaX hooks patch and the SELinux headers.
693    
694 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
695    
696     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
697     +hardened-sources-2.4.27-r1.ebuild,
698     -hardened-sources-2.4.27.ebuild,
699     +files/2.4.27-cmdline-race.patch:
700     Version bump, fix for cmdline race. See bug #59905.
701    
702     *hardened-sources-2.4.26-r6 (09 Aug 2004)
703    
704     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
705     +hardened-sources-2.4.26-r6.ebuild,
706     -hardened-sources-2.4.26-r5.ebuild,
707     -hardened-sources-2.4.26-r4.ebuild,
708     +files/2.4.26-cmdline-race.patch:
709     Version bump, fix for cmdline race. See bug #59905.
710    
711 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
712    
713     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
714     +hardened-sources-2.4.27.ebuild,
715     +files/2.4.27-CAN-2004-0394.patch:
716     Ported the patchball to the 2.4.27 kernel version.
717    
718 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
719    
720     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
721     +hardened-sources-2.4.26-r5.ebuild:
722 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
723 scox 1.34 It adds the following features:
724     - Squashfs
725     - Ebtables
726     - Netdev random (core+drivers)
727     - Watchdog Timer (WDT) fix.
728    
729 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
730    
731     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
732     +hardened-sources-2.4.26-r4.ebuild,
733     +files/2.4.26-CAN-2004-0415.patch,
734     -hardened-sources-2.4.26-3:
735     Version bump, fix for CAN 0415, see bug #59378.
736    
737 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
738    
739     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
740     +hardened-sources-2.4.26-r3.ebuild,
741     +files/2.4.26-CAN-2004-0497.patch,
742     -hardened-sources-2.4.26-r2.ebuild:
743     Version bump, fixed CAN 0497, see bug #56171.
744    
745 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
746    
747     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
748 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
749 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
750     +files/2.4.26-CAN-2004-0535.patch,
751     -hardened-sources-2.4.26-r1.ebuild:
752     Fixes for both CAN 0495 and 0535, see bug #54976
753 pvdabeel 1.27
754 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
755     hardened-sources-2.4.26-r1.ebuild:
756     QA - fix use invocation
757 scox 1.28
758     *hardened-sources-2.4.26-r1 (22 June 2004)
759    
760     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
761     +hardened-sources-2.4.26-r1.ebuild,
762     +files/2.4.26-CAN-2004-0394.patch,
763     +files/2.4.26-signal-race.patch,
764     -hardened-sources-2.4.26.ebuild,
765     -hardened-sources-2.4.24-r3.ebuild:
766     Version bump for the CAN-2004-0394 issue and bug #53804
767     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
768    
769    
770 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
771     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
772     Masked hardened-sources-2.4.26.ebuild broken for ppc
773    
774     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
775     hardened-sources-2.4.24-r3.ebuild:
776     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
777 plasmaroo 1.25
778 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
779    
780     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
781     +hardened-sources-2.4.26.ebuild:
782     Updated hardened-sources for the 2.4.26 kernel
783     Removed broken components, updated almost everything.
784    
785 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
786    
787     17 Apr 2004; <plasmaroo@gentoo.org>
788     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
789     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
790     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
791     +hardened-sources-2.4.24-r3.ebuild:
792     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
793     vulnerabilities. Old revisions removed.
794 plasmaroo 1.24
795     *hardened-sources-2.4.24-r2 (15 Apr 2004)
796    
797     15 Apr 2004; <plasmaroo@gentoo.org>
798     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
799     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
800     Version bump for the CAN-2004-0109 issue; bug #47881.
801 aliz 1.23
802     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
803     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
804     Add eutils to inherit.
805 plasmaroo 1.22
806     *hardened-sources-2.4.24-r1 (19 Feb 2004)
807    
808     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
809     files/hardened-sources-2.4.24.munmap.patch:
810     Added the patch for the mremap/munmap vulnerability. Bug #42024.
811 scox 1.19
812 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
813 scox 1.26
814 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
815     hardened-sources-2.4.24.ebuild:
816     Version bump, updated most of the components.
817     This release includes the following:
818    
819     - Hardened security
820     - Netfilter patch-o-matic 20031219
821     - FreeSWAN 2.04 & x509 1.4.8
822     - EVMS 2.2.2
823     - XFS 1.3.1
824     - cryptoloop jari
825     - grsecurity 2.0-rc4
826     - SELinux
827     - PaX 200402060000
828     - PaX Obscurity 200308302223
829     - Others...
830    
831     Neither -ck nor systrace are included anymore.
832    
833 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
834    
835     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
836     hardened-sources-2.4.22-r2.ebuild:
837 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
838 scox 1.19
839     *hardened-sources-2.4.22-r1 (02 Dec 2003)
840 iggy 1.17
841     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
842 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
843 iggy 1.16
844     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
845 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
846     Version bump for the 'do_brk' vulnerability.
847 iggy 1.15
848     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
849     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
850     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
851     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
852 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
853 frogger 1.14
854     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
855     hardened-sources-2.4.22.ebuild:
856 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
857     components. These are no longer handled in the kernel
858     so this code was not necessary.
859 frogger 1.13
860     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
861     New 2.4.22 based hardened-sources thanks to
862     Phil West <p.west@computer.org>.
863    
864     These sources include:
865 plasmaroo 1.18 - New SELinux API
866     - Updated CK-base
867     - Updated GRSec
868     - Systrace
869     - SuperFreeS/WAN 1.99.8
870     - Propolice kernel build support
871     - EVMS
872     - Other various security related patches
873 frogger 1.11
874 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
875    
876     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
877     Updated hardened-sources based on the 2.4.21 Linux kernel.
878     This includes updates to most major components such as:
879 plasmaroo 1.18 - ck-base-0306300059
880     - selinux-2.4-2003071106
881     - grsecurity-2.0-rc1
882     - Updated IPTables patch-o-matic
883     - Updated SuperFreeS/WAN
884    
885 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
886     updated patch set ready for the 2.4.21 based kernel.
887    
888 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
889     Initial import of hardened-sources-2.4.20-r4. This revision
890     includes only a few changes, but one of these is an important
891     security fix. It is recommended all users of hardened-sources
892     upgrade to this release.
893 plasmaroo 1.18
894 frogger 1.11 - ioperm bug fix
895     - fixed compilation failure when building without GRSec
896 plasmaroo 1.18
897 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
898     due to time constraints, but is planned for inclusion in the near
899     future.
900 msterret 1.10
901     *hardened-sources-2.4.20-r2 (12 Jun 2003)
902    
903     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
904     hardened-sources-2.4.20-r3.ebuild:
905 plasmaroo 1.18 Add Header...
906 frogger 1.9
907     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
908     hardened-sources-2.4.20-r3.ebuild:
909     Removed warnings from ebuild. This kernel should be safe to
910     use at this point.
911 frogger 1.8
912     *hardened-sources-2.4.20-r3 (08 Jun 2003)
913    
914     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
915     hardened-sources-2.4.20-r3.ebuild:
916     New revision. Includes the following changes over -r2:
917 plasmaroo 1.18
918 frogger 1.8 - ck7-base (O(1), preempt, low latency)
919     - Super FreeS/WAN 1.99.7rc2
920     - PaX for the LSM/SELinux branch
921     - GRSecurity 2.0-pre4 (role based access control)
922     - Systrace 1.3
923     - EXT3 fixes
924     - EVMS 2.0.1
925     - GCC 3.1+ compile optimizations
926     - ProPolice kernel build support
927     - Hashing table security fixes
928 frogger 1.3
929     *hardened-sources-2.4.20-r1 (09 Apr 2003)
930 frogger 1.7
931     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
932     Initial import of hardened-sources-r2. This new
933     ebuild includes many new performance and security
934     related patches. As in -r1, it will patch in
935     LSM/SELinux if "selinux" is in USE, otherwise it
936     will patch in GRSecurity. The following patches
937     are included in this revision:
938 plasmaroo 1.18
939 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
940     (pulled from the base CK patch)
941     - ptrace exploit patch for the LSM kernel
942     (the GRSec patch already fixes this)
943     - LSM 2.4-2003040709
944     - SELinux 2.4-2003040709
945     - Systrace v1.2
946     - IPTables patch-o-matic base patches - 20030107
947     - CryptoAPI 2.4.20.1 w/ loop-jari patch
948     - Super FreeS/WAN 1.99.6.1
949     - GRSecurity 1.9.9g
950     - MPPE
951     - EXT3 data journal fix
952     - CIPE 1.5.4
953 frogger 1.6
954     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
955     hardened-sources-2.4.20-r1.ebuild, manifest:
956 plasmaroo 1.18 Updated to install flask components correctly for selinux.
957 frogger 1.5
958     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
959     hardened-sources-2.4.20-r1.ebuild:
960     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
961     is patched in instead. Ptrace patches for selinux have also been added. In
962     either case, systrace support will be patched in as well.
963 frogger 1.3
964     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
965     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
966 plasmaroo 1.18 Revision bump for new sources.
967 frogger 1.4
968 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
969 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
970 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
971 method 1.1
972 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
973    
974 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
975     hardened-sources-2.4.20.ebuild:
976 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20