/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.158 - (hide annotations) (download)
Mon Jun 11 20:30:22 2007 UTC (7 years, 6 months ago) by pappy
Branch: MAIN
Changes since 1.157: +7 -1 lines
committing new version
(Portage version: 2.1.2.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 pappy 1.158 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.157 2007/05/30 19:24:16 phreak Exp $
4    
5     *hardened-sources-2.4.34.5 (11 Jun 2007)
6    
7     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
8     +hardened-sources-2.4.34.5.ebuild:
9     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
10 phreak 1.157
11     30 May 2007; Christian Heim <phreak@gentoo.org>
12     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
13     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
14     stale ebuild(s).
15 phreak 1.156
16     30 May 2007; Christian Heim <phreak@gentoo.org>
17     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
18     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
19     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
20     Doing some cleanups, remove stale ebuilds.
21 phreak 1.155
22     26 May 2007; Christian Heim <phreak@gentoo.org>
23     hardened-sources-2.6.21-r2.ebuild:
24     Fixing the grsecurity patch, had one '};' too much.
25 phreak 1.154
26     *hardened-sources-2.6.21-r2 (26 May 2007)
27    
28     26 May 2007; Christian Heim <phreak@gentoo.org>
29     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
30     +hardened-sources-2.6.21-r2.ebuild:
31     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
32     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
33 phreak 1.153
34     *hardened-sources-2.6.20-r4 (26 May 2007)
35    
36     26 May 2007; Christian Heim <phreak@gentoo.org>
37     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
38     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
39 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
40 phreak 1.152
41     15 May 2007; Christian Heim <phreak@gentoo.org>
42     hardened-sources-2.6.20-r3.ebuild:
43     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
44     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
45     grsecurity patch fail in that exact same hunk.
46 phreak 1.151
47     *hardened-sources-2.6.20-r3 (15 May 2007)
48    
49     15 May 2007; Christian Heim <phreak@gentoo.org>
50     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
51     Revision bump, incorporating Linux 2.6.20.11.
52    
53     *hardened-sources-2.6.21-r1 (11 May 2007)
54    
55     11 May 2007; Christian Heim <phreak@gentoo.org>
56     +hardened-sources-2.6.21-r1.ebuild:
57     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
58     mentioned in #177234.
59 kevquinn 1.150
60     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
61     files/digest-hardened-sources-2.6.21, Manifest:
62     Fix Manifest/digest for linux-2.6.21.tar.bz2
63 phreak 1.149
64     06 May 2007; Christian Heim <phreak@gentoo.org>
65     hardened-sources-2.6.21.ebuild:
66     Bumping the hardened-patches version, needed for the fix for #177234.
67 phreak 1.148
68     *hardened-sources-2.6.21 (02 May 2007)
69    
70     02 May 2007; Christian Heim <phreak@gentoo.org>
71     +hardened-sources-2.6.21.ebuild:
72     Version bump, Linux 2.6.21-hardened.
73 phreak 1.147
74     29 Apr 2007; Christian Heim <phreak@gentoo.org>
75     hardened-sources-2.6.20-r2.ebuild:
76     Adding ~ia64 on Ned's request.
77 phreak 1.146
78     29 Apr 2007; Christian Heim <phreak@gentoo.org>
79     hardened-sources-2.6.20-r2.ebuild:
80     Fixing the included grsecurity patch, wasn't alligning due to the Index:
81     header line(s).
82 phreak 1.145
83     29 Apr 2007; Christian Heim <phreak@gentoo.org>
84     hardened-sources-2.6.20-r2.ebuild:
85     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
86 armin76 1.144
87     *hardened-sources-2.6.20-r2 (10 Apr 2007)
88    
89     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
90     +hardened-sources-2.6.20-r2.ebuild:
91     Version bump, on behalf of phreak
92 phreak 1.143
93     *hardened-sources-2.6.20-r1 (04 Apr 2007)
94    
95     04 Apr 2007; Christian Heim <phreak@gentoo.org>
96     +hardened-sources-2.6.20-r1.ebuild:
97     Revision bump, grabbing a newer grsecurity snapshot.
98 phreak 1.142
99     *hardened-sources-2.6.20 (25 Mar 2007)
100    
101     25 Mar 2007; Christian Heim <phreak@gentoo.org>
102     +hardened-sources-2.6.20.ebuild:
103     Finally a hardened-sources version for 2.6.20; many people have been waiting
104     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
105     testbox.
106 chainsaw 1.141
107     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
108     hardened-sources-2.6.18-r6.ebuild:
109     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
110 phreak 1.140
111     *hardened-sources-2.6.18-r6 (16 Mar 2007)
112    
113     16 Mar 2007; Christian Heim <phreak@gentoo.org>
114     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
115     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
116     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
117     supposed to be.
118 phreak 1.139
119     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
120     Fixing the Manifest, the previous one was broken (as in still had the
121     deleted ebuild in it).
122 phreak 1.138
123     06 Mar 2007; Christian Heim <phreak@gentoo.org>
124     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
125     +hardened-sources-2.6.18-r5.ebuild:
126     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
127     Linux 2.6.18.8. Also cleaning up the older version.
128    
129     *hardened-sources-2.6.18-r5 (06 Mar 2007)
130    
131     06 Mar 2007; Christian Heim <phreak@gentoo.org>
132     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
133     +hardened-sources-2.6.18-r5.ebuild:
134     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
135     Linux 2.6.18.8. Also cleaning up the older version.
136 phreak 1.137
137     24 Feb 2007; Christian Heim <phreak@gentoo.org>
138     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
139     -hardened-sources-2.6.19-r5.ebuild:
140     Removing some of the old version, that didn't work.
141 phreak 1.136
142     *hardened-sources-2.6.19-r6 (12 Feb 2007)
143    
144     12 Feb 2007; Christian Heim <phreak@gentoo.org>
145     +hardened-sources-2.6.19-r6.ebuild:
146     Revision bump, including a new grsec version fixing #166235.
147 pappy 1.134
148     *hardened-sources-2.4.34 (24 Jan 2007)
149    
150     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
151 pappy 1.135 Manifest:
152     updating Manifest with checksums of new tarball and ebuild
153    
154     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
155 pappy 1.134 +hardened-sources-2.4.34.ebuild:
156     I added new hardened sources 2.4 update, this is a critical path
157     security bugfix - all users of h-s are strongly advised
158     to update their existing hardened sources to this version.
159     It contains a fix for a kernel vulnerability that is pertaining
160     to the PaX changes to virtual memory management, possibly leading
161     to a local kernel exploit ... see grsecurity.net forums and homepage
162 phreak 1.133
163     23 Jan 2007; Christian Heim <phreak@gentoo.org>
164     files/digest-hardened-sources-2.6.19-r5, Manifest:
165     Fixing the patch-tarball digest.
166 phreak 1.132
167     *hardened-sources-2.6.19-r5 (23 Jan 2007)
168    
169     23 Jan 2007; Christian Heim <phreak@gentoo.org>
170     +hardened-sources-2.6.19-r5.ebuild:
171     Revision bump, closing the recently discovered PaX expand_stack()
172     vulnerability.
173 phreak 1.131
174     *hardened-sources-2.6.19-r4 (14 Jan 2007)
175    
176     14 Jan 2007; Christian Heim <phreak@gentoo.org>
177     +hardened-sources-2.6.19-r4.ebuild:
178     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
179     dropping the randomized PID feature.
180 opfer 1.130
181     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
182     hardened-sources-2.4.33.4.ebuild:
183     stable x86, bug #161171
184 phreak 1.129
185     *hardened-sources-2.6.19-r3 (27 Dec 2006)
186    
187     27 Dec 2006; Christian Heim <phreak@gentoo.org>
188     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
189     Revision bump for bug #157186 and #158786.
190 phreak 1.128
191     *hardened-sources-2.6.18-r4 (27 Dec 2006)
192    
193     27 Dec 2006; Christian Heim <phreak@gentoo.org>
194     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
195     Revision bump for bug #157186.
196 phreak 1.127
197     *hardened-sources-2.6.19-r2 (23 Dec 2006)
198    
199     23 Dec 2006; Christian Heim <phreak@gentoo.org>
200     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
201     Revision bump to pull in genpatches-2.6.19-3 for #157186.
202 phreak 1.126
203     17 Dec 2006; Christian Heim <phreak@gentoo.org>
204     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
205     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
206     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
207     hardened-sources-2.6.19-r1.ebuild:
208     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
209     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
210 pappy 1.125
211     *hardened-sources-2.4.33.4 (17 Dec 2006)
212    
213     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
214     +hardened-sources-2.4.33.4.ebuild:
215     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
216     and quilting
217 phreak 1.124
218     *hardened-sources-2.6.19-r1 (14 Dec 2006)
219    
220     14 Dec 2006; Christian Heim <phreak@gentoo.org>
221     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
222     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
223     for reporting).
224 phreak 1.123
225     *hardened-sources-2.6.19 (13 Dec 2006)
226    
227     13 Dec 2006; Christian Heim <phreak@gentoo.org>
228     +hardened-sources-2.6.19.ebuild:
229     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
230     Brad for providing that prompt update.
231 phreak 1.122
232     *hardened-sources-2.6.18-r3 (13 Dec 2006)
233    
234     13 Dec 2006; Christian Heim <phreak@gentoo.org>
235     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
236     +hardened-sources-2.6.18-r3.ebuild:
237     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
238     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
239 phreak 1.121
240     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
241     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
242 nixnut 1.120
243     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
244     Stable on ppc wrt bug 157356
245 opfer 1.119
246     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
247     hardened-sources-2.6.18.ebuild:
248     stable x86, bug #157356
249 phreak 1.118
250     *hardened-sources-2.6.18-r2 (06 Dec 2006)
251    
252     06 Dec 2006; Christian Heim <phreak@gentoo.org>
253     +hardened-sources-2.6.18-r2.ebuild:
254     Revision bump, including 2.6.18.5 (via genpatches) and
255     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
256     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
257     redesign.
258 phreak 1.117
259     06 Dec 2006; Christian Heim <phreak@gentoo.org>
260     hardened-sources-2.6.18.ebuild:
261     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
262     of Mike Doty).
263 phreak 1.116
264     *hardened-sources-2.6.18-r1 (23 Nov 2006)
265    
266     23 Nov 2006; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.18-r1.ebuild:
268     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
269 phreak 1.115
270     *hardened-sources-2.6.18 (11 Nov 2006)
271    
272     11 Nov 2006; Christian Heim <phreak@gentoo.org>
273     +hardened-sources-2.6.18.ebuild:
274     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
275 solar 1.114
276     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
277     - mark amd64 stable also. bug #151877
278 solar 1.113
279     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
280     - mark 2.6.17-r1 stable
281 phreak 1.112
282     27 Aug 2006; Christian Heim <phreak@gentoo.org>
283     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
284     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
285 phreak 1.111
286     *hardened-sources-2.6.17-r1 (26 Aug 2006)
287    
288     26 Aug 2006; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.17-r1.ebuild:
290     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
291     grsecurity patch.
292 phreak 1.110
293     *hardened-sources-2.6.17 (17 Aug 2006)
294    
295     17 Aug 2006; Christian Heim <phreak@gentoo.org>
296     +hardened-sources-2.6.17.ebuild:
297     Bumping the hardened-sources-2.6 series to 2.6.17, using
298     genpatches-2.6.17-6.base.
299 solar 1.109
300     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
301     - stable on x86 and amd64
302 solar 1.108
303     *hardened-sources-2.6.16-r11 (15 Jul 2006)
304    
305     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
306     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
307     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
308     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
309     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
310     crusty ebuilds
311 johnm 1.107
312     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
313     hardened-sources-2.6.16-r10.ebuild:
314     marking stable on x86 and amd64
315 solar 1.106
316     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
317     - 2.4.32-r6 stable on x86. RSBAC state unknown
318 kang 1.105
319     *hardened-sources-2.4.32-r7 (10 Jul 2006)
320    
321     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
322     +hardened-sources-2.4.32-r7.ebuild:
323     Bump PaX for RSBAC to test-17
324 johnm 1.104
325     *hardened-sources-2.6.16-r9 (03 Jul 2006)
326    
327     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
328     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
329     hardened-sources-2.6.16 bump to latest -base.
330 solar 1.103
331     *hardened-sources-2.4.32-r6 (30 Jun 2006)
332    
333     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
334     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
335     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
336     sysctl controlable resource logging
337 johnm 1.102
338     *hardened-sources-2.6.16-r7 (05 Jun 2006)
339    
340     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
341     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
342     push new 2.6.16 release in preparation for stable
343 solar 1.101
344     22 May 2006; <solar@gentoo.org> :
345     - redigest bug 134002
346 kang 1.100
347     *hardened-sources-2.4.32-r5 (16 May 2006)
348    
349     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
350     +hardened-sources-2.4.32-r5.ebuild:
351     Fixes rsbac common patching (new patch in new -r5 patchset)
352 solar 1.99
353     *hardened-sources-2.4.32-r4 (13 May 2006)
354    
355     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
356     +hardened-sources-2.4.32-r4.ebuild:
357     - security bumps
358 johnm 1.98
359     *hardened-sources-2.6.16-r6 (03 May 2006)
360    
361     03 May 2006; John Mylchreest <johnm@gentoo.org>
362     +hardened-sources-2.6.16-r6.ebuild:
363     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
364 johnm 1.97
365     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
366     hardened-sources-2.6.14-r8.ebuild:
367     fix x86_64 build problem, this will delay the digest issue again for a short
368     while but it will sort itself out
369 johnm 1.96
370     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
371     hardened-sources-2.6.14-r8.ebuild:
372     bump hardened patchset
373 antarus 1.94
374     27 Apr 2006; Alec Warner <antarus@gentoo.org>
375     files/digest-hardened-sources-2.4.32-r2,
376     files/digest-hardened-sources-2.4.32-r3,
377     files/digest-hardened-sources-2.6.14-r8, Manifest:
378     Fixing duff SHA256 digests: Bug # 131293
379 johnm 1.93
380 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
381    
382     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
383     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
384     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
385     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
386     cleanup of old uneccessary sources
387    
388 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
389     fix digest
390 johnm 1.92
391     *hardened-sources-2.6.14-r8 (20 Apr 2006)
392    
393     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
394     +hardened-sources-2.6.14-r8.ebuild:
395     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
396 johnm 1.91
397     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
398     Turning on gpg-signing again, and recomitting
399 johnm 1.90
400     *hardened-sources-2.6.16-r4 (20 Apr 2006)
401    
402     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
403     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
404     +hardened-sources-2.6.16-r4.ebuild:
405     Fix numerous security vulns
406 solar 1.89
407     *hardened-sources-2.4.32-r3 (16 Apr 2006)
408    
409     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
410     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
411     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
412     - security bump for bug #112791. Removed old ebuilds
413 johnm 1.88
414     *hardened-sources-2.6.16-r3 (15 Apr 2006)
415    
416     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
417     +hardened-sources-2.6.16-r3.ebuild:
418     Removing silly localversion which I missed
419 johnm 1.87
420     *hardened-sources-2.6.14-r7 (14 Apr 2006)
421    
422     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
423     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
424     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
425 johnm 1.86
426     *hardened-sources-2.6.16-r2 (13 Apr 2006)
427    
428     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
429     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
430     +hardened-sources-2.6.16-r2.ebuild:
431     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
432     labels, dropping USERGROUP define fixes, since these were merged mainstream.
433 johnm 1.85
434     *hardened-sources-2.6.16-r1 (11 Apr 2006)
435    
436     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
437     +hardened-sources-2.6.16-r1.ebuild:
438     Bumping to include ppc build fix and 2.6.16.3
439 tsunam 1.84
440     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
441     hardened-sources-2.6.14-r6.ebuild:
442     Stable on x86; bug #127718
443 johnm 1.83
444     *hardened-sources-2.6.16 (31 Mar 2006)
445    
446     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
447     +hardened-sources-2.6.16.ebuild:
448     Bumping to new version of grsec, and kernel base. New squashfs. Based on
449     2.6.16.1
450 cryos 1.82
451     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
452     hardened-sources-2.6.14-r6.ebuild:
453     Stable on amd64, bug 127718.
454 nixnut 1.81
455     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
456     Stable on ppc. Bug #127718
457 johnm 1.80
458     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
459     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
460     -hardened-sources-2.6.14-r4.ebuild:
461     Cleanup.
462 johnm 1.79
463     *hardened-sources-2.6.14-r6 (15 Mar 2006)
464    
465     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
466     +hardened-sources-2.6.14-r6.ebuild:
467     Fixes grsec policy recreation bug and adds a
468     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
469 solar 1.78
470     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
471     - stable on x86
472 hansmi 1.77
473     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
474     hardened-sources-2.6.14-r5.ebuild:
475     Stable on ppc.
476 johnm 1.76
477     *hardened-sources-2.6.14-r5 (01 Feb 2006)
478    
479     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
480     +hardened-sources-2.6.14-r5.ebuild:
481     fixing every known exploit
482 solar 1.75
483     *hardened-sources-2.4.32-r2 (26 Jan 2006)
484    
485     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
486     +hardened-sources-2.4.32-r2.ebuild:
487     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
488 solar 1.74
489     *hardened-sources-2.6.14-r4 (12 Jan 2006)
490    
491     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
492     - version bump for new genpatches which fix up a few sec holes
493 solar 1.73
494     *hardened-sources-2.4.32-r1 (05 Jan 2006)
495    
496     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
497     - revision bump to add misc vital linux kernel security patches.
498 johnm 1.72
499     *hardened-sources-2.6.14-r3 (30 Dec 2005)
500    
501     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
502     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
503     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
504 johnm 1.71
505     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
506     hardened-sources-2.6.14-r2.ebuild:
507     making x86 & amd64 stable following testing.
508 johnm 1.70
509     *hardened-sources-2.6.14-r2 (27 Dec 2005)
510    
511     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
512     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
513     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
514     network hooks.
515 johnm 1.69
516     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
517     hardened-sources-2.6.14-r1.ebuild:
518     bumping to stable early for sec fix on x86 & amd64
519 johnm 1.68
520     *hardened-sources-2.6.14-r1 (05 Dec 2005)
521    
522     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
523     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
524     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
525 solar 1.67
526     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
527     - stable on x86 security bug #114227 CAN-2005-3257
528 kang 1.66
529     *hardened-sources-2.4.32 (19 Nov 2005)
530    
531     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
532     +hardened-sources-2.4.32.ebuild:
533     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
534     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
535     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
536     rsbac >> /etc/portage/package.use)
537 johnm 1.65
538     *hardened-sources-2.6.14 (14 Nov 2005)
539    
540     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
541     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
542     Bumping 2.6 series to 2.6.14.2
543 johnm 1.64
544     *hardened-sources-2.6.13-r2 (20 Oct 2005)
545    
546     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
547     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
548     +hardened-sources-2.6.13-r2.ebuild:
549     Fixes minor build error in ppc.
550 johnm 1.63
551     *hardened-sources-2.6.13-r1 (17 Oct 2005)
552    
553     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
554     +hardened-sources-2.6.13-r1.ebuild:
555     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
556     2.6.13.4, fixes some major amd64 stability problems.
557 johnm 1.62
558     *hardened-sources-2.6.13 (16 Sep 2005)
559    
560     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
561     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
562     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
563     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
564     users should test this thoroughly.
565 solar 1.61
566     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
567     - stable on x86
568 johnm 1.60
569     *hardened-sources-2.6.11-r15 (27 Jun 2005)
570    
571     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
572     +hardened-sources-2.6.11-r15.ebuild:
573     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
574     grsec redefining curr_ip struct.
575 solar 1.59
576     *hardened-sources-2.4.31 (20 Jun 2005)
577    
578     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
579     initial import of 2.4.31 tree
580 johnm 1.58
581     *hardened-sources-2.6.11-r14 (14 Jun 2005)
582    
583     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
584     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
585     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
586     naming scheme to abide by genpatches
587 johnm 1.57
588     *hardened-sources-2.6.11-r13 (18 May 2005)
589    
590     18 May 2005; John Mylchreest <johnm@gentoo.org>
591     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
592     Managed to mangle the Makefile patch from grsec, to miss out the grsec
593     target. sorry about that. Fixes bug #93022
594 johnm 1.56
595     *hardened-sources-2.6.11-r12 (17 May 2005)
596    
597     17 May 2005; John Mylchreest <johnm@gentoo.org>
598     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
599     +hardened-sources-2.6.11-r12.ebuild:
600     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
601     merges in genpatches-base
602 johnm 1.55
603     *hardened-sources-2.6.11-r12 (17 May 2005)
604    
605     17 May 2005; John Mylchreest <johnm@gentoo.org>
606     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
607     +hardened-sources-2.6.11-r12.ebuild:
608     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
609     merges in genpatches-base
610 solar 1.54
611     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
612     -files/2.4.27-cmdline-race.patch,
613     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
614     -files/2.4.28-grsec-binfmt_a.out.patch,
615     -files/2.4.28-grsec-cmdline-race.patch,
616     -files/2.4.28-selinux-binfmt_a.out.patch,
617     -files/2.4.28-selinux-cmdline-race.patch,
618     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
619     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
620     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
621     cleanup..
622 solar 1.53
623     *hardened-sources-2.4.30-r1 (21 Apr 2005)
624    
625     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
626     - disable aout by default
627 solar 1.52
628     *hardened-sources-2.4.30 (18 Apr 2005)
629    
630     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
631     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
632     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
633     use
634 tocharian 1.50
635 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
636    
637     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
638     +hardened-sources-2.4.29.ebuild:
639     New hardened-patches-2.4-29.0 patchball.
640     Removed SELinux support, upgraded GRSecurity to 2.1.4.
641    
642     *hardened-sources-2.4.28-r5 (06 Mar 2005)
643    
644     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
645     +hardened-sources-2.4.28-r5.ebuild:
646     Added a fix for a PaX vulnerability.
647    
648     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
649 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
650     Stable on x86
651 solar 1.49
652     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
653     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
654     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
655     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
656     - fixed/added RDEPEND= in all kernel-2 ebuilds
657 tocharian 1.48
658     *hardened-sources-2.4.28-r4 (21 Jan 2005)
659    
660     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
661     +hardened-sources-2.4.28-r4.ebuild:
662     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
663     backport of neighbour hash updates.
664 tocharian 1.47
665     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
666     hardened-sources-2.4.28-r3.ebuild:
667     Stable on x86
668 tseng 1.46
669     *hardened-sources-2.6.10-r3 (20 Jan 2005)
670    
671     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
672     +hardened-sources-2.6.10-r3.ebuild:
673     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
674     in 2005.0
675 tocharian 1.45
676     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
677     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
678     hardened-sources-2.4.28-r2.ebuild:
679     Mark stable on x86
680 tocharian 1.44
681     *hardened-sources-2.4.28-r3 (17 Jan 2005)
682    
683     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
684     +hardened-sources-2.4.28-r3.ebuild:
685     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
686 tocharian 1.43
687     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
688     hardened-sources-2.4.28.ebuild:
689     Mark stable on x86.
690 tocharian 1.42
691     *hardened-sources-2.4.28-r2 (13 Jan 2005)
692    
693     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
694     +hardened-sources-2.4.28-r2.ebuild:
695     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
696     Mazinger for grsecurity patches as well.
697 plasmaroo 1.41
698     *hardened-sources-2.4.28-r1 (23 Dec 2004)
699    
700     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
701     Security bump. Thank tocharian for rolling a new patchset...
702 solar 1.40
703     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
704     +files/2.4.28-grsec-cmdline-race.patch,
705     +files/2.4.28-selinux-binfmt_a.out.patch,
706     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
707     - Round up remaining security patches that appear to be missing in 2.4.28. -
708     PaX standalone updated to current. hgpv=28.1
709 solar 1.39
710     *hardened-sources-2.4.28 (28 Nov 2004)
711    
712     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
713     security bump. Thank tocharian for rolling a new patchset
714 scox 1.31
715 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
716    
717     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
718     +hardened-sources-2.4.27-r3.ebuild:
719     Applies the new 2.4-27.2 patchball which updates
720     GRSecurity to the 2.0.1 version.
721    
722 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
723    
724     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
725     +hardened-sources-2.4.27-r2.ebuild:
726     Version bump.
727     This version uses the new 2.4-27.1 patchball which updates
728     both the SELinux PaX hooks patch and the SELinux headers.
729    
730 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
731    
732     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
733     +hardened-sources-2.4.27-r1.ebuild,
734     -hardened-sources-2.4.27.ebuild,
735     +files/2.4.27-cmdline-race.patch:
736     Version bump, fix for cmdline race. See bug #59905.
737    
738     *hardened-sources-2.4.26-r6 (09 Aug 2004)
739    
740     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
741     +hardened-sources-2.4.26-r6.ebuild,
742     -hardened-sources-2.4.26-r5.ebuild,
743     -hardened-sources-2.4.26-r4.ebuild,
744     +files/2.4.26-cmdline-race.patch:
745     Version bump, fix for cmdline race. See bug #59905.
746    
747 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
748    
749     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
750     +hardened-sources-2.4.27.ebuild,
751     +files/2.4.27-CAN-2004-0394.patch:
752     Ported the patchball to the 2.4.27 kernel version.
753    
754 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
755    
756     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
757     +hardened-sources-2.4.26-r5.ebuild:
758 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
759 scox 1.34 It adds the following features:
760     - Squashfs
761     - Ebtables
762     - Netdev random (core+drivers)
763     - Watchdog Timer (WDT) fix.
764    
765 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
766    
767     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
768     +hardened-sources-2.4.26-r4.ebuild,
769     +files/2.4.26-CAN-2004-0415.patch,
770     -hardened-sources-2.4.26-3:
771     Version bump, fix for CAN 0415, see bug #59378.
772    
773 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
774    
775     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
776     +hardened-sources-2.4.26-r3.ebuild,
777     +files/2.4.26-CAN-2004-0497.patch,
778     -hardened-sources-2.4.26-r2.ebuild:
779     Version bump, fixed CAN 0497, see bug #56171.
780    
781 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
782    
783     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
784 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
785 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
786     +files/2.4.26-CAN-2004-0535.patch,
787     -hardened-sources-2.4.26-r1.ebuild:
788     Fixes for both CAN 0495 and 0535, see bug #54976
789 pvdabeel 1.27
790 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
791     hardened-sources-2.4.26-r1.ebuild:
792     QA - fix use invocation
793 scox 1.28
794     *hardened-sources-2.4.26-r1 (22 June 2004)
795    
796     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
797     +hardened-sources-2.4.26-r1.ebuild,
798     +files/2.4.26-CAN-2004-0394.patch,
799     +files/2.4.26-signal-race.patch,
800     -hardened-sources-2.4.26.ebuild,
801     -hardened-sources-2.4.24-r3.ebuild:
802     Version bump for the CAN-2004-0394 issue and bug #53804
803     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
804    
805    
806 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
807     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
808     Masked hardened-sources-2.4.26.ebuild broken for ppc
809    
810     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
811     hardened-sources-2.4.24-r3.ebuild:
812     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
813 plasmaroo 1.25
814 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
815    
816     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
817     +hardened-sources-2.4.26.ebuild:
818     Updated hardened-sources for the 2.4.26 kernel
819     Removed broken components, updated almost everything.
820    
821 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
822    
823     17 Apr 2004; <plasmaroo@gentoo.org>
824     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
825     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
826     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
827     +hardened-sources-2.4.24-r3.ebuild:
828     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
829     vulnerabilities. Old revisions removed.
830 plasmaroo 1.24
831     *hardened-sources-2.4.24-r2 (15 Apr 2004)
832    
833     15 Apr 2004; <plasmaroo@gentoo.org>
834     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
835     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
836     Version bump for the CAN-2004-0109 issue; bug #47881.
837 aliz 1.23
838     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
839     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
840     Add eutils to inherit.
841 plasmaroo 1.22
842     *hardened-sources-2.4.24-r1 (19 Feb 2004)
843    
844     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
845     files/hardened-sources-2.4.24.munmap.patch:
846     Added the patch for the mremap/munmap vulnerability. Bug #42024.
847 scox 1.19
848 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
849 scox 1.26
850 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
851     hardened-sources-2.4.24.ebuild:
852     Version bump, updated most of the components.
853     This release includes the following:
854    
855     - Hardened security
856     - Netfilter patch-o-matic 20031219
857     - FreeSWAN 2.04 & x509 1.4.8
858     - EVMS 2.2.2
859     - XFS 1.3.1
860     - cryptoloop jari
861     - grsecurity 2.0-rc4
862     - SELinux
863     - PaX 200402060000
864     - PaX Obscurity 200308302223
865     - Others...
866    
867     Neither -ck nor systrace are included anymore.
868    
869 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
870    
871     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
872     hardened-sources-2.4.22-r2.ebuild:
873 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
874 scox 1.19
875     *hardened-sources-2.4.22-r1 (02 Dec 2003)
876 iggy 1.17
877     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
878 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
879 iggy 1.16
880     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
881 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
882     Version bump for the 'do_brk' vulnerability.
883 iggy 1.15
884     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
885     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
886     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
887     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
888 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
889 frogger 1.14
890     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
891     hardened-sources-2.4.22.ebuild:
892 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
893     components. These are no longer handled in the kernel
894     so this code was not necessary.
895 frogger 1.13
896     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
897     New 2.4.22 based hardened-sources thanks to
898     Phil West <p.west@computer.org>.
899    
900     These sources include:
901 plasmaroo 1.18 - New SELinux API
902     - Updated CK-base
903     - Updated GRSec
904     - Systrace
905     - SuperFreeS/WAN 1.99.8
906     - Propolice kernel build support
907     - EVMS
908     - Other various security related patches
909 frogger 1.11
910 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
911    
912     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
913     Updated hardened-sources based on the 2.4.21 Linux kernel.
914     This includes updates to most major components such as:
915 plasmaroo 1.18 - ck-base-0306300059
916     - selinux-2.4-2003071106
917     - grsecurity-2.0-rc1
918     - Updated IPTables patch-o-matic
919     - Updated SuperFreeS/WAN
920    
921 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
922     updated patch set ready for the 2.4.21 based kernel.
923    
924 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
925     Initial import of hardened-sources-2.4.20-r4. This revision
926     includes only a few changes, but one of these is an important
927     security fix. It is recommended all users of hardened-sources
928     upgrade to this release.
929 plasmaroo 1.18
930 frogger 1.11 - ioperm bug fix
931     - fixed compilation failure when building without GRSec
932 plasmaroo 1.18
933 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
934     due to time constraints, but is planned for inclusion in the near
935     future.
936 msterret 1.10
937     *hardened-sources-2.4.20-r2 (12 Jun 2003)
938    
939     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
940     hardened-sources-2.4.20-r3.ebuild:
941 plasmaroo 1.18 Add Header...
942 frogger 1.9
943     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
944     hardened-sources-2.4.20-r3.ebuild:
945     Removed warnings from ebuild. This kernel should be safe to
946     use at this point.
947 frogger 1.8
948     *hardened-sources-2.4.20-r3 (08 Jun 2003)
949    
950     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
951     hardened-sources-2.4.20-r3.ebuild:
952     New revision. Includes the following changes over -r2:
953 plasmaroo 1.18
954 frogger 1.8 - ck7-base (O(1), preempt, low latency)
955     - Super FreeS/WAN 1.99.7rc2
956     - PaX for the LSM/SELinux branch
957     - GRSecurity 2.0-pre4 (role based access control)
958     - Systrace 1.3
959     - EXT3 fixes
960     - EVMS 2.0.1
961     - GCC 3.1+ compile optimizations
962     - ProPolice kernel build support
963     - Hashing table security fixes
964 frogger 1.3
965     *hardened-sources-2.4.20-r1 (09 Apr 2003)
966 frogger 1.7
967     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
968     Initial import of hardened-sources-r2. This new
969     ebuild includes many new performance and security
970     related patches. As in -r1, it will patch in
971     LSM/SELinux if "selinux" is in USE, otherwise it
972     will patch in GRSecurity. The following patches
973     are included in this revision:
974 plasmaroo 1.18
975 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
976     (pulled from the base CK patch)
977     - ptrace exploit patch for the LSM kernel
978     (the GRSec patch already fixes this)
979     - LSM 2.4-2003040709
980     - SELinux 2.4-2003040709
981     - Systrace v1.2
982     - IPTables patch-o-matic base patches - 20030107
983     - CryptoAPI 2.4.20.1 w/ loop-jari patch
984     - Super FreeS/WAN 1.99.6.1
985     - GRSecurity 1.9.9g
986     - MPPE
987     - EXT3 data journal fix
988     - CIPE 1.5.4
989 frogger 1.6
990     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
991     hardened-sources-2.4.20-r1.ebuild, manifest:
992 plasmaroo 1.18 Updated to install flask components correctly for selinux.
993 frogger 1.5
994     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
995     hardened-sources-2.4.20-r1.ebuild:
996     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
997     is patched in instead. Ptrace patches for selinux have also been added. In
998     either case, systrace support will be patched in as well.
999 frogger 1.3
1000     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1001     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1002 plasmaroo 1.18 Revision bump for new sources.
1003 frogger 1.4
1004 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1005 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1006 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1007 method 1.1
1008 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1009    
1010 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1011     hardened-sources-2.4.20.ebuild:
1012 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20