/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.156 - (hide annotations) (download)
Wed May 30 18:52:50 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.155: +7 -1 lines
Doing some cleanups, remove stale ebuilds.
(Portage version: 2.1.2.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.156 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.155 2007/05/26 20:57:12 phreak Exp $
4    
5     30 May 2007; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
7     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
8     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
9     Doing some cleanups, remove stale ebuilds.
10 phreak 1.155
11     26 May 2007; Christian Heim <phreak@gentoo.org>
12     hardened-sources-2.6.21-r2.ebuild:
13     Fixing the grsecurity patch, had one '};' too much.
14 phreak 1.154
15     *hardened-sources-2.6.21-r2 (26 May 2007)
16    
17     26 May 2007; Christian Heim <phreak@gentoo.org>
18     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
19     +hardened-sources-2.6.21-r2.ebuild:
20     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
21     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
22 phreak 1.153
23     *hardened-sources-2.6.20-r4 (26 May 2007)
24    
25     26 May 2007; Christian Heim <phreak@gentoo.org>
26     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
27     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
28 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
29 phreak 1.152
30     15 May 2007; Christian Heim <phreak@gentoo.org>
31     hardened-sources-2.6.20-r3.ebuild:
32     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
33     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
34     grsecurity patch fail in that exact same hunk.
35 phreak 1.151
36     *hardened-sources-2.6.20-r3 (15 May 2007)
37    
38     15 May 2007; Christian Heim <phreak@gentoo.org>
39     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
40     Revision bump, incorporating Linux 2.6.20.11.
41    
42     *hardened-sources-2.6.21-r1 (11 May 2007)
43    
44     11 May 2007; Christian Heim <phreak@gentoo.org>
45     +hardened-sources-2.6.21-r1.ebuild:
46     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
47     mentioned in #177234.
48 kevquinn 1.150
49     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
50     files/digest-hardened-sources-2.6.21, Manifest:
51     Fix Manifest/digest for linux-2.6.21.tar.bz2
52 phreak 1.149
53     06 May 2007; Christian Heim <phreak@gentoo.org>
54     hardened-sources-2.6.21.ebuild:
55     Bumping the hardened-patches version, needed for the fix for #177234.
56 phreak 1.148
57     *hardened-sources-2.6.21 (02 May 2007)
58    
59     02 May 2007; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.21.ebuild:
61     Version bump, Linux 2.6.21-hardened.
62 phreak 1.147
63     29 Apr 2007; Christian Heim <phreak@gentoo.org>
64     hardened-sources-2.6.20-r2.ebuild:
65     Adding ~ia64 on Ned's request.
66 phreak 1.146
67     29 Apr 2007; Christian Heim <phreak@gentoo.org>
68     hardened-sources-2.6.20-r2.ebuild:
69     Fixing the included grsecurity patch, wasn't alligning due to the Index:
70     header line(s).
71 phreak 1.145
72     29 Apr 2007; Christian Heim <phreak@gentoo.org>
73     hardened-sources-2.6.20-r2.ebuild:
74     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
75 armin76 1.144
76     *hardened-sources-2.6.20-r2 (10 Apr 2007)
77    
78     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
79     +hardened-sources-2.6.20-r2.ebuild:
80     Version bump, on behalf of phreak
81 phreak 1.143
82     *hardened-sources-2.6.20-r1 (04 Apr 2007)
83    
84     04 Apr 2007; Christian Heim <phreak@gentoo.org>
85     +hardened-sources-2.6.20-r1.ebuild:
86     Revision bump, grabbing a newer grsecurity snapshot.
87 phreak 1.142
88     *hardened-sources-2.6.20 (25 Mar 2007)
89    
90     25 Mar 2007; Christian Heim <phreak@gentoo.org>
91     +hardened-sources-2.6.20.ebuild:
92     Finally a hardened-sources version for 2.6.20; many people have been waiting
93     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
94     testbox.
95 chainsaw 1.141
96     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
97     hardened-sources-2.6.18-r6.ebuild:
98     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
99 phreak 1.140
100     *hardened-sources-2.6.18-r6 (16 Mar 2007)
101    
102     16 Mar 2007; Christian Heim <phreak@gentoo.org>
103     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
104     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
105     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
106     supposed to be.
107 phreak 1.139
108     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
109     Fixing the Manifest, the previous one was broken (as in still had the
110     deleted ebuild in it).
111 phreak 1.138
112     06 Mar 2007; Christian Heim <phreak@gentoo.org>
113     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
114     +hardened-sources-2.6.18-r5.ebuild:
115     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
116     Linux 2.6.18.8. Also cleaning up the older version.
117    
118     *hardened-sources-2.6.18-r5 (06 Mar 2007)
119    
120     06 Mar 2007; Christian Heim <phreak@gentoo.org>
121     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
122     +hardened-sources-2.6.18-r5.ebuild:
123     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
124     Linux 2.6.18.8. Also cleaning up the older version.
125 phreak 1.137
126     24 Feb 2007; Christian Heim <phreak@gentoo.org>
127     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
128     -hardened-sources-2.6.19-r5.ebuild:
129     Removing some of the old version, that didn't work.
130 phreak 1.136
131     *hardened-sources-2.6.19-r6 (12 Feb 2007)
132    
133     12 Feb 2007; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.19-r6.ebuild:
135     Revision bump, including a new grsec version fixing #166235.
136 pappy 1.134
137     *hardened-sources-2.4.34 (24 Jan 2007)
138    
139     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
140 pappy 1.135 Manifest:
141     updating Manifest with checksums of new tarball and ebuild
142    
143     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
144 pappy 1.134 +hardened-sources-2.4.34.ebuild:
145     I added new hardened sources 2.4 update, this is a critical path
146     security bugfix - all users of h-s are strongly advised
147     to update their existing hardened sources to this version.
148     It contains a fix for a kernel vulnerability that is pertaining
149     to the PaX changes to virtual memory management, possibly leading
150     to a local kernel exploit ... see grsecurity.net forums and homepage
151 phreak 1.133
152     23 Jan 2007; Christian Heim <phreak@gentoo.org>
153     files/digest-hardened-sources-2.6.19-r5, Manifest:
154     Fixing the patch-tarball digest.
155 phreak 1.132
156     *hardened-sources-2.6.19-r5 (23 Jan 2007)
157    
158     23 Jan 2007; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.19-r5.ebuild:
160     Revision bump, closing the recently discovered PaX expand_stack()
161     vulnerability.
162 phreak 1.131
163     *hardened-sources-2.6.19-r4 (14 Jan 2007)
164    
165     14 Jan 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.19-r4.ebuild:
167     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
168     dropping the randomized PID feature.
169 opfer 1.130
170     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
171     hardened-sources-2.4.33.4.ebuild:
172     stable x86, bug #161171
173 phreak 1.129
174     *hardened-sources-2.6.19-r3 (27 Dec 2006)
175    
176     27 Dec 2006; Christian Heim <phreak@gentoo.org>
177     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
178     Revision bump for bug #157186 and #158786.
179 phreak 1.128
180     *hardened-sources-2.6.18-r4 (27 Dec 2006)
181    
182     27 Dec 2006; Christian Heim <phreak@gentoo.org>
183     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
184     Revision bump for bug #157186.
185 phreak 1.127
186     *hardened-sources-2.6.19-r2 (23 Dec 2006)
187    
188     23 Dec 2006; Christian Heim <phreak@gentoo.org>
189     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
190     Revision bump to pull in genpatches-2.6.19-3 for #157186.
191 phreak 1.126
192     17 Dec 2006; Christian Heim <phreak@gentoo.org>
193     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
194     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
195     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
196     hardened-sources-2.6.19-r1.ebuild:
197     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
198     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
199 pappy 1.125
200     *hardened-sources-2.4.33.4 (17 Dec 2006)
201    
202     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
203     +hardened-sources-2.4.33.4.ebuild:
204     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
205     and quilting
206 phreak 1.124
207     *hardened-sources-2.6.19-r1 (14 Dec 2006)
208    
209     14 Dec 2006; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
211     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
212     for reporting).
213 phreak 1.123
214     *hardened-sources-2.6.19 (13 Dec 2006)
215    
216     13 Dec 2006; Christian Heim <phreak@gentoo.org>
217     +hardened-sources-2.6.19.ebuild:
218     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
219     Brad for providing that prompt update.
220 phreak 1.122
221     *hardened-sources-2.6.18-r3 (13 Dec 2006)
222    
223     13 Dec 2006; Christian Heim <phreak@gentoo.org>
224     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
225     +hardened-sources-2.6.18-r3.ebuild:
226     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
227     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
228 phreak 1.121
229     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
230     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
231 nixnut 1.120
232     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
233     Stable on ppc wrt bug 157356
234 opfer 1.119
235     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
236     hardened-sources-2.6.18.ebuild:
237     stable x86, bug #157356
238 phreak 1.118
239     *hardened-sources-2.6.18-r2 (06 Dec 2006)
240    
241     06 Dec 2006; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.18-r2.ebuild:
243     Revision bump, including 2.6.18.5 (via genpatches) and
244     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
245     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
246     redesign.
247 phreak 1.117
248     06 Dec 2006; Christian Heim <phreak@gentoo.org>
249     hardened-sources-2.6.18.ebuild:
250     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
251     of Mike Doty).
252 phreak 1.116
253     *hardened-sources-2.6.18-r1 (23 Nov 2006)
254    
255     23 Nov 2006; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.18-r1.ebuild:
257     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
258 phreak 1.115
259     *hardened-sources-2.6.18 (11 Nov 2006)
260    
261     11 Nov 2006; Christian Heim <phreak@gentoo.org>
262     +hardened-sources-2.6.18.ebuild:
263     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
264 solar 1.114
265     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
266     - mark amd64 stable also. bug #151877
267 solar 1.113
268     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
269     - mark 2.6.17-r1 stable
270 phreak 1.112
271     27 Aug 2006; Christian Heim <phreak@gentoo.org>
272     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
273     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
274 phreak 1.111
275     *hardened-sources-2.6.17-r1 (26 Aug 2006)
276    
277     26 Aug 2006; Christian Heim <phreak@gentoo.org>
278     +hardened-sources-2.6.17-r1.ebuild:
279     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
280     grsecurity patch.
281 phreak 1.110
282     *hardened-sources-2.6.17 (17 Aug 2006)
283    
284     17 Aug 2006; Christian Heim <phreak@gentoo.org>
285     +hardened-sources-2.6.17.ebuild:
286     Bumping the hardened-sources-2.6 series to 2.6.17, using
287     genpatches-2.6.17-6.base.
288 solar 1.109
289     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
290     - stable on x86 and amd64
291 solar 1.108
292     *hardened-sources-2.6.16-r11 (15 Jul 2006)
293    
294     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
295     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
296     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
297     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
298     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
299     crusty ebuilds
300 johnm 1.107
301     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
302     hardened-sources-2.6.16-r10.ebuild:
303     marking stable on x86 and amd64
304 solar 1.106
305     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
306     - 2.4.32-r6 stable on x86. RSBAC state unknown
307 kang 1.105
308     *hardened-sources-2.4.32-r7 (10 Jul 2006)
309    
310     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
311     +hardened-sources-2.4.32-r7.ebuild:
312     Bump PaX for RSBAC to test-17
313 johnm 1.104
314     *hardened-sources-2.6.16-r9 (03 Jul 2006)
315    
316     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
317     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
318     hardened-sources-2.6.16 bump to latest -base.
319 solar 1.103
320     *hardened-sources-2.4.32-r6 (30 Jun 2006)
321    
322     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
323     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
324     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
325     sysctl controlable resource logging
326 johnm 1.102
327     *hardened-sources-2.6.16-r7 (05 Jun 2006)
328    
329     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
330     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
331     push new 2.6.16 release in preparation for stable
332 solar 1.101
333     22 May 2006; <solar@gentoo.org> :
334     - redigest bug 134002
335 kang 1.100
336     *hardened-sources-2.4.32-r5 (16 May 2006)
337    
338     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
339     +hardened-sources-2.4.32-r5.ebuild:
340     Fixes rsbac common patching (new patch in new -r5 patchset)
341 solar 1.99
342     *hardened-sources-2.4.32-r4 (13 May 2006)
343    
344     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
345     +hardened-sources-2.4.32-r4.ebuild:
346     - security bumps
347 johnm 1.98
348     *hardened-sources-2.6.16-r6 (03 May 2006)
349    
350     03 May 2006; John Mylchreest <johnm@gentoo.org>
351     +hardened-sources-2.6.16-r6.ebuild:
352     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
353 johnm 1.97
354     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
355     hardened-sources-2.6.14-r8.ebuild:
356     fix x86_64 build problem, this will delay the digest issue again for a short
357     while but it will sort itself out
358 johnm 1.96
359     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
360     hardened-sources-2.6.14-r8.ebuild:
361     bump hardened patchset
362 antarus 1.94
363     27 Apr 2006; Alec Warner <antarus@gentoo.org>
364     files/digest-hardened-sources-2.4.32-r2,
365     files/digest-hardened-sources-2.4.32-r3,
366     files/digest-hardened-sources-2.6.14-r8, Manifest:
367     Fixing duff SHA256 digests: Bug # 131293
368 johnm 1.93
369 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
370    
371     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
372     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
373     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
374     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
375     cleanup of old uneccessary sources
376    
377 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
378     fix digest
379 johnm 1.92
380     *hardened-sources-2.6.14-r8 (20 Apr 2006)
381    
382     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
383     +hardened-sources-2.6.14-r8.ebuild:
384     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
385 johnm 1.91
386     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
387     Turning on gpg-signing again, and recomitting
388 johnm 1.90
389     *hardened-sources-2.6.16-r4 (20 Apr 2006)
390    
391     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
392     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
393     +hardened-sources-2.6.16-r4.ebuild:
394     Fix numerous security vulns
395 solar 1.89
396     *hardened-sources-2.4.32-r3 (16 Apr 2006)
397    
398     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
399     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
400     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
401     - security bump for bug #112791. Removed old ebuilds
402 johnm 1.88
403     *hardened-sources-2.6.16-r3 (15 Apr 2006)
404    
405     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
406     +hardened-sources-2.6.16-r3.ebuild:
407     Removing silly localversion which I missed
408 johnm 1.87
409     *hardened-sources-2.6.14-r7 (14 Apr 2006)
410    
411     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
412     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
413     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
414 johnm 1.86
415     *hardened-sources-2.6.16-r2 (13 Apr 2006)
416    
417     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
418     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
419     +hardened-sources-2.6.16-r2.ebuild:
420     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
421     labels, dropping USERGROUP define fixes, since these were merged mainstream.
422 johnm 1.85
423     *hardened-sources-2.6.16-r1 (11 Apr 2006)
424    
425     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
426     +hardened-sources-2.6.16-r1.ebuild:
427     Bumping to include ppc build fix and 2.6.16.3
428 tsunam 1.84
429     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
430     hardened-sources-2.6.14-r6.ebuild:
431     Stable on x86; bug #127718
432 johnm 1.83
433     *hardened-sources-2.6.16 (31 Mar 2006)
434    
435     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
436     +hardened-sources-2.6.16.ebuild:
437     Bumping to new version of grsec, and kernel base. New squashfs. Based on
438     2.6.16.1
439 cryos 1.82
440     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
441     hardened-sources-2.6.14-r6.ebuild:
442     Stable on amd64, bug 127718.
443 nixnut 1.81
444     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
445     Stable on ppc. Bug #127718
446 johnm 1.80
447     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
448     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
449     -hardened-sources-2.6.14-r4.ebuild:
450     Cleanup.
451 johnm 1.79
452     *hardened-sources-2.6.14-r6 (15 Mar 2006)
453    
454     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
455     +hardened-sources-2.6.14-r6.ebuild:
456     Fixes grsec policy recreation bug and adds a
457     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
458 solar 1.78
459     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
460     - stable on x86
461 hansmi 1.77
462     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
463     hardened-sources-2.6.14-r5.ebuild:
464     Stable on ppc.
465 johnm 1.76
466     *hardened-sources-2.6.14-r5 (01 Feb 2006)
467    
468     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
469     +hardened-sources-2.6.14-r5.ebuild:
470     fixing every known exploit
471 solar 1.75
472     *hardened-sources-2.4.32-r2 (26 Jan 2006)
473    
474     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
475     +hardened-sources-2.4.32-r2.ebuild:
476     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
477 solar 1.74
478     *hardened-sources-2.6.14-r4 (12 Jan 2006)
479    
480     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
481     - version bump for new genpatches which fix up a few sec holes
482 solar 1.73
483     *hardened-sources-2.4.32-r1 (05 Jan 2006)
484    
485     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
486     - revision bump to add misc vital linux kernel security patches.
487 johnm 1.72
488     *hardened-sources-2.6.14-r3 (30 Dec 2005)
489    
490     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
491     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
492     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
493 johnm 1.71
494     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
495     hardened-sources-2.6.14-r2.ebuild:
496     making x86 & amd64 stable following testing.
497 johnm 1.70
498     *hardened-sources-2.6.14-r2 (27 Dec 2005)
499    
500     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
501     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
502     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
503     network hooks.
504 johnm 1.69
505     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
506     hardened-sources-2.6.14-r1.ebuild:
507     bumping to stable early for sec fix on x86 & amd64
508 johnm 1.68
509     *hardened-sources-2.6.14-r1 (05 Dec 2005)
510    
511     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
512     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
513     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
514 solar 1.67
515     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
516     - stable on x86 security bug #114227 CAN-2005-3257
517 kang 1.66
518     *hardened-sources-2.4.32 (19 Nov 2005)
519    
520     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
521     +hardened-sources-2.4.32.ebuild:
522     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
523     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
524     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
525     rsbac >> /etc/portage/package.use)
526 johnm 1.65
527     *hardened-sources-2.6.14 (14 Nov 2005)
528    
529     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
530     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
531     Bumping 2.6 series to 2.6.14.2
532 johnm 1.64
533     *hardened-sources-2.6.13-r2 (20 Oct 2005)
534    
535     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
536     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
537     +hardened-sources-2.6.13-r2.ebuild:
538     Fixes minor build error in ppc.
539 johnm 1.63
540     *hardened-sources-2.6.13-r1 (17 Oct 2005)
541    
542     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
543     +hardened-sources-2.6.13-r1.ebuild:
544     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
545     2.6.13.4, fixes some major amd64 stability problems.
546 johnm 1.62
547     *hardened-sources-2.6.13 (16 Sep 2005)
548    
549     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
550     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
551     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
552     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
553     users should test this thoroughly.
554 solar 1.61
555     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
556     - stable on x86
557 johnm 1.60
558     *hardened-sources-2.6.11-r15 (27 Jun 2005)
559    
560     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
561     +hardened-sources-2.6.11-r15.ebuild:
562     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
563     grsec redefining curr_ip struct.
564 solar 1.59
565     *hardened-sources-2.4.31 (20 Jun 2005)
566    
567     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
568     initial import of 2.4.31 tree
569 johnm 1.58
570     *hardened-sources-2.6.11-r14 (14 Jun 2005)
571    
572     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
573     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
574     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
575     naming scheme to abide by genpatches
576 johnm 1.57
577     *hardened-sources-2.6.11-r13 (18 May 2005)
578    
579     18 May 2005; John Mylchreest <johnm@gentoo.org>
580     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
581     Managed to mangle the Makefile patch from grsec, to miss out the grsec
582     target. sorry about that. Fixes bug #93022
583 johnm 1.56
584     *hardened-sources-2.6.11-r12 (17 May 2005)
585    
586     17 May 2005; John Mylchreest <johnm@gentoo.org>
587     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
588     +hardened-sources-2.6.11-r12.ebuild:
589     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
590     merges in genpatches-base
591 johnm 1.55
592     *hardened-sources-2.6.11-r12 (17 May 2005)
593    
594     17 May 2005; John Mylchreest <johnm@gentoo.org>
595     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
596     +hardened-sources-2.6.11-r12.ebuild:
597     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
598     merges in genpatches-base
599 solar 1.54
600     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
601     -files/2.4.27-cmdline-race.patch,
602     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
603     -files/2.4.28-grsec-binfmt_a.out.patch,
604     -files/2.4.28-grsec-cmdline-race.patch,
605     -files/2.4.28-selinux-binfmt_a.out.patch,
606     -files/2.4.28-selinux-cmdline-race.patch,
607     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
608     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
609     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
610     cleanup..
611 solar 1.53
612     *hardened-sources-2.4.30-r1 (21 Apr 2005)
613    
614     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
615     - disable aout by default
616 solar 1.52
617     *hardened-sources-2.4.30 (18 Apr 2005)
618    
619     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
620     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
621     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
622     use
623 tocharian 1.50
624 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
625    
626     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
627     +hardened-sources-2.4.29.ebuild:
628     New hardened-patches-2.4-29.0 patchball.
629     Removed SELinux support, upgraded GRSecurity to 2.1.4.
630    
631     *hardened-sources-2.4.28-r5 (06 Mar 2005)
632    
633     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
634     +hardened-sources-2.4.28-r5.ebuild:
635     Added a fix for a PaX vulnerability.
636    
637     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
638 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
639     Stable on x86
640 solar 1.49
641     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
642     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
643     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
644     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
645     - fixed/added RDEPEND= in all kernel-2 ebuilds
646 tocharian 1.48
647     *hardened-sources-2.4.28-r4 (21 Jan 2005)
648    
649     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
650     +hardened-sources-2.4.28-r4.ebuild:
651     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
652     backport of neighbour hash updates.
653 tocharian 1.47
654     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
655     hardened-sources-2.4.28-r3.ebuild:
656     Stable on x86
657 tseng 1.46
658     *hardened-sources-2.6.10-r3 (20 Jan 2005)
659    
660     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
661     +hardened-sources-2.6.10-r3.ebuild:
662     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
663     in 2005.0
664 tocharian 1.45
665     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
666     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
667     hardened-sources-2.4.28-r2.ebuild:
668     Mark stable on x86
669 tocharian 1.44
670     *hardened-sources-2.4.28-r3 (17 Jan 2005)
671    
672     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
673     +hardened-sources-2.4.28-r3.ebuild:
674     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
675 tocharian 1.43
676     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
677     hardened-sources-2.4.28.ebuild:
678     Mark stable on x86.
679 tocharian 1.42
680     *hardened-sources-2.4.28-r2 (13 Jan 2005)
681    
682     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
683     +hardened-sources-2.4.28-r2.ebuild:
684     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
685     Mazinger for grsecurity patches as well.
686 plasmaroo 1.41
687     *hardened-sources-2.4.28-r1 (23 Dec 2004)
688    
689     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
690     Security bump. Thank tocharian for rolling a new patchset...
691 solar 1.40
692     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
693     +files/2.4.28-grsec-cmdline-race.patch,
694     +files/2.4.28-selinux-binfmt_a.out.patch,
695     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
696     - Round up remaining security patches that appear to be missing in 2.4.28. -
697     PaX standalone updated to current. hgpv=28.1
698 solar 1.39
699     *hardened-sources-2.4.28 (28 Nov 2004)
700    
701     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
702     security bump. Thank tocharian for rolling a new patchset
703 scox 1.31
704 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
705    
706     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
707     +hardened-sources-2.4.27-r3.ebuild:
708     Applies the new 2.4-27.2 patchball which updates
709     GRSecurity to the 2.0.1 version.
710    
711 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
712    
713     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
714     +hardened-sources-2.4.27-r2.ebuild:
715     Version bump.
716     This version uses the new 2.4-27.1 patchball which updates
717     both the SELinux PaX hooks patch and the SELinux headers.
718    
719 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
720    
721     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
722     +hardened-sources-2.4.27-r1.ebuild,
723     -hardened-sources-2.4.27.ebuild,
724     +files/2.4.27-cmdline-race.patch:
725     Version bump, fix for cmdline race. See bug #59905.
726    
727     *hardened-sources-2.4.26-r6 (09 Aug 2004)
728    
729     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
730     +hardened-sources-2.4.26-r6.ebuild,
731     -hardened-sources-2.4.26-r5.ebuild,
732     -hardened-sources-2.4.26-r4.ebuild,
733     +files/2.4.26-cmdline-race.patch:
734     Version bump, fix for cmdline race. See bug #59905.
735    
736 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
737    
738     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
739     +hardened-sources-2.4.27.ebuild,
740     +files/2.4.27-CAN-2004-0394.patch:
741     Ported the patchball to the 2.4.27 kernel version.
742    
743 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
744    
745     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
746     +hardened-sources-2.4.26-r5.ebuild:
747 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
748 scox 1.34 It adds the following features:
749     - Squashfs
750     - Ebtables
751     - Netdev random (core+drivers)
752     - Watchdog Timer (WDT) fix.
753    
754 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
755    
756     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
757     +hardened-sources-2.4.26-r4.ebuild,
758     +files/2.4.26-CAN-2004-0415.patch,
759     -hardened-sources-2.4.26-3:
760     Version bump, fix for CAN 0415, see bug #59378.
761    
762 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
763    
764     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
765     +hardened-sources-2.4.26-r3.ebuild,
766     +files/2.4.26-CAN-2004-0497.patch,
767     -hardened-sources-2.4.26-r2.ebuild:
768     Version bump, fixed CAN 0497, see bug #56171.
769    
770 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
771    
772     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
773 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
774 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
775     +files/2.4.26-CAN-2004-0535.patch,
776     -hardened-sources-2.4.26-r1.ebuild:
777     Fixes for both CAN 0495 and 0535, see bug #54976
778 pvdabeel 1.27
779 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
780     hardened-sources-2.4.26-r1.ebuild:
781     QA - fix use invocation
782 scox 1.28
783     *hardened-sources-2.4.26-r1 (22 June 2004)
784    
785     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
786     +hardened-sources-2.4.26-r1.ebuild,
787     +files/2.4.26-CAN-2004-0394.patch,
788     +files/2.4.26-signal-race.patch,
789     -hardened-sources-2.4.26.ebuild,
790     -hardened-sources-2.4.24-r3.ebuild:
791     Version bump for the CAN-2004-0394 issue and bug #53804
792     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
793    
794    
795 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
796     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
797     Masked hardened-sources-2.4.26.ebuild broken for ppc
798    
799     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
800     hardened-sources-2.4.24-r3.ebuild:
801     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
802 plasmaroo 1.25
803 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
804    
805     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
806     +hardened-sources-2.4.26.ebuild:
807     Updated hardened-sources for the 2.4.26 kernel
808     Removed broken components, updated almost everything.
809    
810 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
811    
812     17 Apr 2004; <plasmaroo@gentoo.org>
813     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
814     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
815     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
816     +hardened-sources-2.4.24-r3.ebuild:
817     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
818     vulnerabilities. Old revisions removed.
819 plasmaroo 1.24
820     *hardened-sources-2.4.24-r2 (15 Apr 2004)
821    
822     15 Apr 2004; <plasmaroo@gentoo.org>
823     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
824     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
825     Version bump for the CAN-2004-0109 issue; bug #47881.
826 aliz 1.23
827     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
828     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
829     Add eutils to inherit.
830 plasmaroo 1.22
831     *hardened-sources-2.4.24-r1 (19 Feb 2004)
832    
833     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
834     files/hardened-sources-2.4.24.munmap.patch:
835     Added the patch for the mremap/munmap vulnerability. Bug #42024.
836 scox 1.19
837 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
838 scox 1.26
839 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
840     hardened-sources-2.4.24.ebuild:
841     Version bump, updated most of the components.
842     This release includes the following:
843    
844     - Hardened security
845     - Netfilter patch-o-matic 20031219
846     - FreeSWAN 2.04 & x509 1.4.8
847     - EVMS 2.2.2
848     - XFS 1.3.1
849     - cryptoloop jari
850     - grsecurity 2.0-rc4
851     - SELinux
852     - PaX 200402060000
853     - PaX Obscurity 200308302223
854     - Others...
855    
856     Neither -ck nor systrace are included anymore.
857    
858 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
859    
860     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
861     hardened-sources-2.4.22-r2.ebuild:
862 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
863 scox 1.19
864     *hardened-sources-2.4.22-r1 (02 Dec 2003)
865 iggy 1.17
866     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
867 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
868 iggy 1.16
869     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
870 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
871     Version bump for the 'do_brk' vulnerability.
872 iggy 1.15
873     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
874     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
875     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
876     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
877 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
878 frogger 1.14
879     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
880     hardened-sources-2.4.22.ebuild:
881 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
882     components. These are no longer handled in the kernel
883     so this code was not necessary.
884 frogger 1.13
885     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
886     New 2.4.22 based hardened-sources thanks to
887     Phil West <p.west@computer.org>.
888    
889     These sources include:
890 plasmaroo 1.18 - New SELinux API
891     - Updated CK-base
892     - Updated GRSec
893     - Systrace
894     - SuperFreeS/WAN 1.99.8
895     - Propolice kernel build support
896     - EVMS
897     - Other various security related patches
898 frogger 1.11
899 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
900    
901     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
902     Updated hardened-sources based on the 2.4.21 Linux kernel.
903     This includes updates to most major components such as:
904 plasmaroo 1.18 - ck-base-0306300059
905     - selinux-2.4-2003071106
906     - grsecurity-2.0-rc1
907     - Updated IPTables patch-o-matic
908     - Updated SuperFreeS/WAN
909    
910 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
911     updated patch set ready for the 2.4.21 based kernel.
912    
913 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
914     Initial import of hardened-sources-2.4.20-r4. This revision
915     includes only a few changes, but one of these is an important
916     security fix. It is recommended all users of hardened-sources
917     upgrade to this release.
918 plasmaroo 1.18
919 frogger 1.11 - ioperm bug fix
920     - fixed compilation failure when building without GRSec
921 plasmaroo 1.18
922 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
923     due to time constraints, but is planned for inclusion in the near
924     future.
925 msterret 1.10
926     *hardened-sources-2.4.20-r2 (12 Jun 2003)
927    
928     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
929     hardened-sources-2.4.20-r3.ebuild:
930 plasmaroo 1.18 Add Header...
931 frogger 1.9
932     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
933     hardened-sources-2.4.20-r3.ebuild:
934     Removed warnings from ebuild. This kernel should be safe to
935     use at this point.
936 frogger 1.8
937     *hardened-sources-2.4.20-r3 (08 Jun 2003)
938    
939     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
940     hardened-sources-2.4.20-r3.ebuild:
941     New revision. Includes the following changes over -r2:
942 plasmaroo 1.18
943 frogger 1.8 - ck7-base (O(1), preempt, low latency)
944     - Super FreeS/WAN 1.99.7rc2
945     - PaX for the LSM/SELinux branch
946     - GRSecurity 2.0-pre4 (role based access control)
947     - Systrace 1.3
948     - EXT3 fixes
949     - EVMS 2.0.1
950     - GCC 3.1+ compile optimizations
951     - ProPolice kernel build support
952     - Hashing table security fixes
953 frogger 1.3
954     *hardened-sources-2.4.20-r1 (09 Apr 2003)
955 frogger 1.7
956     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
957     Initial import of hardened-sources-r2. This new
958     ebuild includes many new performance and security
959     related patches. As in -r1, it will patch in
960     LSM/SELinux if "selinux" is in USE, otherwise it
961     will patch in GRSecurity. The following patches
962     are included in this revision:
963 plasmaroo 1.18
964 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
965     (pulled from the base CK patch)
966     - ptrace exploit patch for the LSM kernel
967     (the GRSec patch already fixes this)
968     - LSM 2.4-2003040709
969     - SELinux 2.4-2003040709
970     - Systrace v1.2
971     - IPTables patch-o-matic base patches - 20030107
972     - CryptoAPI 2.4.20.1 w/ loop-jari patch
973     - Super FreeS/WAN 1.99.6.1
974     - GRSecurity 1.9.9g
975     - MPPE
976     - EXT3 data journal fix
977     - CIPE 1.5.4
978 frogger 1.6
979     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
980     hardened-sources-2.4.20-r1.ebuild, manifest:
981 plasmaroo 1.18 Updated to install flask components correctly for selinux.
982 frogger 1.5
983     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
984     hardened-sources-2.4.20-r1.ebuild:
985     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
986     is patched in instead. Ptrace patches for selinux have also been added. In
987     either case, systrace support will be patched in as well.
988 frogger 1.3
989     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
990     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
991 plasmaroo 1.18 Revision bump for new sources.
992 frogger 1.4
993 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
994 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
995 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
996 method 1.1
997 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
998    
999 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1000     hardened-sources-2.4.20.ebuild:
1001 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20