/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.160 - (hide annotations) (download)
Tue Jun 12 05:18:07 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.159: +9 -1 lines
Revision bump for hardened-sources-2.6.21, incorporating various CVE (some of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other love.
(Portage version: 2.1.2.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.160 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.159 2007/06/12 05:11:05 phreak Exp $
4    
5     *hardened-sources-2.6.21-r3 (12 Jun 2007)
6    
7     12 Jun 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.21-r3.ebuild:
9     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
10     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
11     love.
12 phreak 1.159
13     *hardened-sources-2.6.20-r5 (11 Jun 2007)
14    
15     11 Jun 2007; Christian Heim <phreak@gentoo.org>
16     +hardened-sources-2.6.20-r5.ebuild:
17     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
18     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
19     love.
20 pappy 1.158
21     *hardened-sources-2.4.34.5 (11 Jun 2007)
22    
23     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
24     +hardened-sources-2.4.34.5.ebuild:
25     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
26 phreak 1.157
27     30 May 2007; Christian Heim <phreak@gentoo.org>
28     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
29     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
30     stale ebuild(s).
31 phreak 1.156
32     30 May 2007; Christian Heim <phreak@gentoo.org>
33     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
34     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
35     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
36     Doing some cleanups, remove stale ebuilds.
37 phreak 1.155
38     26 May 2007; Christian Heim <phreak@gentoo.org>
39     hardened-sources-2.6.21-r2.ebuild:
40     Fixing the grsecurity patch, had one '};' too much.
41 phreak 1.154
42     *hardened-sources-2.6.21-r2 (26 May 2007)
43    
44     26 May 2007; Christian Heim <phreak@gentoo.org>
45     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
46     +hardened-sources-2.6.21-r2.ebuild:
47     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
48     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
49 phreak 1.153
50     *hardened-sources-2.6.20-r4 (26 May 2007)
51    
52     26 May 2007; Christian Heim <phreak@gentoo.org>
53     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
54     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
55 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
56 phreak 1.152
57     15 May 2007; Christian Heim <phreak@gentoo.org>
58     hardened-sources-2.6.20-r3.ebuild:
59     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
60     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
61     grsecurity patch fail in that exact same hunk.
62 phreak 1.151
63     *hardened-sources-2.6.20-r3 (15 May 2007)
64    
65     15 May 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
67     Revision bump, incorporating Linux 2.6.20.11.
68    
69     *hardened-sources-2.6.21-r1 (11 May 2007)
70    
71     11 May 2007; Christian Heim <phreak@gentoo.org>
72     +hardened-sources-2.6.21-r1.ebuild:
73     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
74     mentioned in #177234.
75 kevquinn 1.150
76     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
77     files/digest-hardened-sources-2.6.21, Manifest:
78     Fix Manifest/digest for linux-2.6.21.tar.bz2
79 phreak 1.149
80     06 May 2007; Christian Heim <phreak@gentoo.org>
81     hardened-sources-2.6.21.ebuild:
82     Bumping the hardened-patches version, needed for the fix for #177234.
83 phreak 1.148
84     *hardened-sources-2.6.21 (02 May 2007)
85    
86     02 May 2007; Christian Heim <phreak@gentoo.org>
87     +hardened-sources-2.6.21.ebuild:
88     Version bump, Linux 2.6.21-hardened.
89 phreak 1.147
90     29 Apr 2007; Christian Heim <phreak@gentoo.org>
91     hardened-sources-2.6.20-r2.ebuild:
92     Adding ~ia64 on Ned's request.
93 phreak 1.146
94     29 Apr 2007; Christian Heim <phreak@gentoo.org>
95     hardened-sources-2.6.20-r2.ebuild:
96     Fixing the included grsecurity patch, wasn't alligning due to the Index:
97     header line(s).
98 phreak 1.145
99     29 Apr 2007; Christian Heim <phreak@gentoo.org>
100     hardened-sources-2.6.20-r2.ebuild:
101     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
102 armin76 1.144
103     *hardened-sources-2.6.20-r2 (10 Apr 2007)
104    
105     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
106     +hardened-sources-2.6.20-r2.ebuild:
107     Version bump, on behalf of phreak
108 phreak 1.143
109     *hardened-sources-2.6.20-r1 (04 Apr 2007)
110    
111     04 Apr 2007; Christian Heim <phreak@gentoo.org>
112     +hardened-sources-2.6.20-r1.ebuild:
113     Revision bump, grabbing a newer grsecurity snapshot.
114 phreak 1.142
115     *hardened-sources-2.6.20 (25 Mar 2007)
116    
117     25 Mar 2007; Christian Heim <phreak@gentoo.org>
118     +hardened-sources-2.6.20.ebuild:
119     Finally a hardened-sources version for 2.6.20; many people have been waiting
120     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
121     testbox.
122 chainsaw 1.141
123     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
124     hardened-sources-2.6.18-r6.ebuild:
125     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
126 phreak 1.140
127     *hardened-sources-2.6.18-r6 (16 Mar 2007)
128    
129     16 Mar 2007; Christian Heim <phreak@gentoo.org>
130     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
131     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
132     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
133     supposed to be.
134 phreak 1.139
135     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
136     Fixing the Manifest, the previous one was broken (as in still had the
137     deleted ebuild in it).
138 phreak 1.138
139     06 Mar 2007; Christian Heim <phreak@gentoo.org>
140     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
141     +hardened-sources-2.6.18-r5.ebuild:
142     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
143     Linux 2.6.18.8. Also cleaning up the older version.
144    
145     *hardened-sources-2.6.18-r5 (06 Mar 2007)
146    
147     06 Mar 2007; Christian Heim <phreak@gentoo.org>
148     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
149     +hardened-sources-2.6.18-r5.ebuild:
150     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
151     Linux 2.6.18.8. Also cleaning up the older version.
152 phreak 1.137
153     24 Feb 2007; Christian Heim <phreak@gentoo.org>
154     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
155     -hardened-sources-2.6.19-r5.ebuild:
156     Removing some of the old version, that didn't work.
157 phreak 1.136
158     *hardened-sources-2.6.19-r6 (12 Feb 2007)
159    
160     12 Feb 2007; Christian Heim <phreak@gentoo.org>
161     +hardened-sources-2.6.19-r6.ebuild:
162     Revision bump, including a new grsec version fixing #166235.
163 pappy 1.134
164     *hardened-sources-2.4.34 (24 Jan 2007)
165    
166     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
167 pappy 1.135 Manifest:
168     updating Manifest with checksums of new tarball and ebuild
169    
170     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
171 pappy 1.134 +hardened-sources-2.4.34.ebuild:
172     I added new hardened sources 2.4 update, this is a critical path
173     security bugfix - all users of h-s are strongly advised
174     to update their existing hardened sources to this version.
175     It contains a fix for a kernel vulnerability that is pertaining
176     to the PaX changes to virtual memory management, possibly leading
177     to a local kernel exploit ... see grsecurity.net forums and homepage
178 phreak 1.133
179     23 Jan 2007; Christian Heim <phreak@gentoo.org>
180     files/digest-hardened-sources-2.6.19-r5, Manifest:
181     Fixing the patch-tarball digest.
182 phreak 1.132
183     *hardened-sources-2.6.19-r5 (23 Jan 2007)
184    
185     23 Jan 2007; Christian Heim <phreak@gentoo.org>
186     +hardened-sources-2.6.19-r5.ebuild:
187     Revision bump, closing the recently discovered PaX expand_stack()
188     vulnerability.
189 phreak 1.131
190     *hardened-sources-2.6.19-r4 (14 Jan 2007)
191    
192     14 Jan 2007; Christian Heim <phreak@gentoo.org>
193     +hardened-sources-2.6.19-r4.ebuild:
194     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
195     dropping the randomized PID feature.
196 opfer 1.130
197     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
198     hardened-sources-2.4.33.4.ebuild:
199     stable x86, bug #161171
200 phreak 1.129
201     *hardened-sources-2.6.19-r3 (27 Dec 2006)
202    
203     27 Dec 2006; Christian Heim <phreak@gentoo.org>
204     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
205     Revision bump for bug #157186 and #158786.
206 phreak 1.128
207     *hardened-sources-2.6.18-r4 (27 Dec 2006)
208    
209     27 Dec 2006; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
211     Revision bump for bug #157186.
212 phreak 1.127
213     *hardened-sources-2.6.19-r2 (23 Dec 2006)
214    
215     23 Dec 2006; Christian Heim <phreak@gentoo.org>
216     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
217     Revision bump to pull in genpatches-2.6.19-3 for #157186.
218 phreak 1.126
219     17 Dec 2006; Christian Heim <phreak@gentoo.org>
220     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
221     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
222     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
223     hardened-sources-2.6.19-r1.ebuild:
224     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
225     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
226 pappy 1.125
227     *hardened-sources-2.4.33.4 (17 Dec 2006)
228    
229     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
230     +hardened-sources-2.4.33.4.ebuild:
231     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
232     and quilting
233 phreak 1.124
234     *hardened-sources-2.6.19-r1 (14 Dec 2006)
235    
236     14 Dec 2006; Christian Heim <phreak@gentoo.org>
237     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
238     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
239     for reporting).
240 phreak 1.123
241     *hardened-sources-2.6.19 (13 Dec 2006)
242    
243     13 Dec 2006; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.6.19.ebuild:
245     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
246     Brad for providing that prompt update.
247 phreak 1.122
248     *hardened-sources-2.6.18-r3 (13 Dec 2006)
249    
250     13 Dec 2006; Christian Heim <phreak@gentoo.org>
251     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
252     +hardened-sources-2.6.18-r3.ebuild:
253     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
254     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
255 phreak 1.121
256     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
257     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
258 nixnut 1.120
259     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
260     Stable on ppc wrt bug 157356
261 opfer 1.119
262     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
263     hardened-sources-2.6.18.ebuild:
264     stable x86, bug #157356
265 phreak 1.118
266     *hardened-sources-2.6.18-r2 (06 Dec 2006)
267    
268     06 Dec 2006; Christian Heim <phreak@gentoo.org>
269     +hardened-sources-2.6.18-r2.ebuild:
270     Revision bump, including 2.6.18.5 (via genpatches) and
271     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
272     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
273     redesign.
274 phreak 1.117
275     06 Dec 2006; Christian Heim <phreak@gentoo.org>
276     hardened-sources-2.6.18.ebuild:
277     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
278     of Mike Doty).
279 phreak 1.116
280     *hardened-sources-2.6.18-r1 (23 Nov 2006)
281    
282     23 Nov 2006; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.6.18-r1.ebuild:
284     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
285 phreak 1.115
286     *hardened-sources-2.6.18 (11 Nov 2006)
287    
288     11 Nov 2006; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.18.ebuild:
290     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
291 solar 1.114
292     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
293     - mark amd64 stable also. bug #151877
294 solar 1.113
295     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
296     - mark 2.6.17-r1 stable
297 phreak 1.112
298     27 Aug 2006; Christian Heim <phreak@gentoo.org>
299     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
300     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
301 phreak 1.111
302     *hardened-sources-2.6.17-r1 (26 Aug 2006)
303    
304     26 Aug 2006; Christian Heim <phreak@gentoo.org>
305     +hardened-sources-2.6.17-r1.ebuild:
306     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
307     grsecurity patch.
308 phreak 1.110
309     *hardened-sources-2.6.17 (17 Aug 2006)
310    
311     17 Aug 2006; Christian Heim <phreak@gentoo.org>
312     +hardened-sources-2.6.17.ebuild:
313     Bumping the hardened-sources-2.6 series to 2.6.17, using
314     genpatches-2.6.17-6.base.
315 solar 1.109
316     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
317     - stable on x86 and amd64
318 solar 1.108
319     *hardened-sources-2.6.16-r11 (15 Jul 2006)
320    
321     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
322     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
323     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
324     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
325     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
326     crusty ebuilds
327 johnm 1.107
328     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
329     hardened-sources-2.6.16-r10.ebuild:
330     marking stable on x86 and amd64
331 solar 1.106
332     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
333     - 2.4.32-r6 stable on x86. RSBAC state unknown
334 kang 1.105
335     *hardened-sources-2.4.32-r7 (10 Jul 2006)
336    
337     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
338     +hardened-sources-2.4.32-r7.ebuild:
339     Bump PaX for RSBAC to test-17
340 johnm 1.104
341     *hardened-sources-2.6.16-r9 (03 Jul 2006)
342    
343     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
344     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
345     hardened-sources-2.6.16 bump to latest -base.
346 solar 1.103
347     *hardened-sources-2.4.32-r6 (30 Jun 2006)
348    
349     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
350     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
351     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
352     sysctl controlable resource logging
353 johnm 1.102
354     *hardened-sources-2.6.16-r7 (05 Jun 2006)
355    
356     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
357     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
358     push new 2.6.16 release in preparation for stable
359 solar 1.101
360     22 May 2006; <solar@gentoo.org> :
361     - redigest bug 134002
362 kang 1.100
363     *hardened-sources-2.4.32-r5 (16 May 2006)
364    
365     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
366     +hardened-sources-2.4.32-r5.ebuild:
367     Fixes rsbac common patching (new patch in new -r5 patchset)
368 solar 1.99
369     *hardened-sources-2.4.32-r4 (13 May 2006)
370    
371     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
372     +hardened-sources-2.4.32-r4.ebuild:
373     - security bumps
374 johnm 1.98
375     *hardened-sources-2.6.16-r6 (03 May 2006)
376    
377     03 May 2006; John Mylchreest <johnm@gentoo.org>
378     +hardened-sources-2.6.16-r6.ebuild:
379     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
380 johnm 1.97
381     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
382     hardened-sources-2.6.14-r8.ebuild:
383     fix x86_64 build problem, this will delay the digest issue again for a short
384     while but it will sort itself out
385 johnm 1.96
386     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
387     hardened-sources-2.6.14-r8.ebuild:
388     bump hardened patchset
389 antarus 1.94
390     27 Apr 2006; Alec Warner <antarus@gentoo.org>
391     files/digest-hardened-sources-2.4.32-r2,
392     files/digest-hardened-sources-2.4.32-r3,
393     files/digest-hardened-sources-2.6.14-r8, Manifest:
394     Fixing duff SHA256 digests: Bug # 131293
395 johnm 1.93
396 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
397    
398     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
399     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
400     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
401     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
402     cleanup of old uneccessary sources
403    
404 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
405     fix digest
406 johnm 1.92
407     *hardened-sources-2.6.14-r8 (20 Apr 2006)
408    
409     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
410     +hardened-sources-2.6.14-r8.ebuild:
411     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
412 johnm 1.91
413     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
414     Turning on gpg-signing again, and recomitting
415 johnm 1.90
416     *hardened-sources-2.6.16-r4 (20 Apr 2006)
417    
418     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
419     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
420     +hardened-sources-2.6.16-r4.ebuild:
421     Fix numerous security vulns
422 solar 1.89
423     *hardened-sources-2.4.32-r3 (16 Apr 2006)
424    
425     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
426     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
427     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
428     - security bump for bug #112791. Removed old ebuilds
429 johnm 1.88
430     *hardened-sources-2.6.16-r3 (15 Apr 2006)
431    
432     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
433     +hardened-sources-2.6.16-r3.ebuild:
434     Removing silly localversion which I missed
435 johnm 1.87
436     *hardened-sources-2.6.14-r7 (14 Apr 2006)
437    
438     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
439     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
440     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
441 johnm 1.86
442     *hardened-sources-2.6.16-r2 (13 Apr 2006)
443    
444     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
445     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
446     +hardened-sources-2.6.16-r2.ebuild:
447     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
448     labels, dropping USERGROUP define fixes, since these were merged mainstream.
449 johnm 1.85
450     *hardened-sources-2.6.16-r1 (11 Apr 2006)
451    
452     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
453     +hardened-sources-2.6.16-r1.ebuild:
454     Bumping to include ppc build fix and 2.6.16.3
455 tsunam 1.84
456     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
457     hardened-sources-2.6.14-r6.ebuild:
458     Stable on x86; bug #127718
459 johnm 1.83
460     *hardened-sources-2.6.16 (31 Mar 2006)
461    
462     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
463     +hardened-sources-2.6.16.ebuild:
464     Bumping to new version of grsec, and kernel base. New squashfs. Based on
465     2.6.16.1
466 cryos 1.82
467     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
468     hardened-sources-2.6.14-r6.ebuild:
469     Stable on amd64, bug 127718.
470 nixnut 1.81
471     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
472     Stable on ppc. Bug #127718
473 johnm 1.80
474     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
475     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
476     -hardened-sources-2.6.14-r4.ebuild:
477     Cleanup.
478 johnm 1.79
479     *hardened-sources-2.6.14-r6 (15 Mar 2006)
480    
481     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
482     +hardened-sources-2.6.14-r6.ebuild:
483     Fixes grsec policy recreation bug and adds a
484     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
485 solar 1.78
486     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
487     - stable on x86
488 hansmi 1.77
489     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
490     hardened-sources-2.6.14-r5.ebuild:
491     Stable on ppc.
492 johnm 1.76
493     *hardened-sources-2.6.14-r5 (01 Feb 2006)
494    
495     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
496     +hardened-sources-2.6.14-r5.ebuild:
497     fixing every known exploit
498 solar 1.75
499     *hardened-sources-2.4.32-r2 (26 Jan 2006)
500    
501     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
502     +hardened-sources-2.4.32-r2.ebuild:
503     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
504 solar 1.74
505     *hardened-sources-2.6.14-r4 (12 Jan 2006)
506    
507     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
508     - version bump for new genpatches which fix up a few sec holes
509 solar 1.73
510     *hardened-sources-2.4.32-r1 (05 Jan 2006)
511    
512     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
513     - revision bump to add misc vital linux kernel security patches.
514 johnm 1.72
515     *hardened-sources-2.6.14-r3 (30 Dec 2005)
516    
517     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
518     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
519     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
520 johnm 1.71
521     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
522     hardened-sources-2.6.14-r2.ebuild:
523     making x86 & amd64 stable following testing.
524 johnm 1.70
525     *hardened-sources-2.6.14-r2 (27 Dec 2005)
526    
527     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
528     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
529     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
530     network hooks.
531 johnm 1.69
532     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
533     hardened-sources-2.6.14-r1.ebuild:
534     bumping to stable early for sec fix on x86 & amd64
535 johnm 1.68
536     *hardened-sources-2.6.14-r1 (05 Dec 2005)
537    
538     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
539     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
540     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
541 solar 1.67
542     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
543     - stable on x86 security bug #114227 CAN-2005-3257
544 kang 1.66
545     *hardened-sources-2.4.32 (19 Nov 2005)
546    
547     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
548     +hardened-sources-2.4.32.ebuild:
549     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
550     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
551     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
552     rsbac >> /etc/portage/package.use)
553 johnm 1.65
554     *hardened-sources-2.6.14 (14 Nov 2005)
555    
556     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
557     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
558     Bumping 2.6 series to 2.6.14.2
559 johnm 1.64
560     *hardened-sources-2.6.13-r2 (20 Oct 2005)
561    
562     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
563     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
564     +hardened-sources-2.6.13-r2.ebuild:
565     Fixes minor build error in ppc.
566 johnm 1.63
567     *hardened-sources-2.6.13-r1 (17 Oct 2005)
568    
569     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
570     +hardened-sources-2.6.13-r1.ebuild:
571     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
572     2.6.13.4, fixes some major amd64 stability problems.
573 johnm 1.62
574     *hardened-sources-2.6.13 (16 Sep 2005)
575    
576     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
577     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
578     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
579     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
580     users should test this thoroughly.
581 solar 1.61
582     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
583     - stable on x86
584 johnm 1.60
585     *hardened-sources-2.6.11-r15 (27 Jun 2005)
586    
587     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
588     +hardened-sources-2.6.11-r15.ebuild:
589     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
590     grsec redefining curr_ip struct.
591 solar 1.59
592     *hardened-sources-2.4.31 (20 Jun 2005)
593    
594     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
595     initial import of 2.4.31 tree
596 johnm 1.58
597     *hardened-sources-2.6.11-r14 (14 Jun 2005)
598    
599     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
600     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
601     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
602     naming scheme to abide by genpatches
603 johnm 1.57
604     *hardened-sources-2.6.11-r13 (18 May 2005)
605    
606     18 May 2005; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
608     Managed to mangle the Makefile patch from grsec, to miss out the grsec
609     target. sorry about that. Fixes bug #93022
610 johnm 1.56
611     *hardened-sources-2.6.11-r12 (17 May 2005)
612    
613     17 May 2005; John Mylchreest <johnm@gentoo.org>
614     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
615     +hardened-sources-2.6.11-r12.ebuild:
616     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
617     merges in genpatches-base
618 johnm 1.55
619     *hardened-sources-2.6.11-r12 (17 May 2005)
620    
621     17 May 2005; John Mylchreest <johnm@gentoo.org>
622     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
623     +hardened-sources-2.6.11-r12.ebuild:
624     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
625     merges in genpatches-base
626 solar 1.54
627     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
628     -files/2.4.27-cmdline-race.patch,
629     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
630     -files/2.4.28-grsec-binfmt_a.out.patch,
631     -files/2.4.28-grsec-cmdline-race.patch,
632     -files/2.4.28-selinux-binfmt_a.out.patch,
633     -files/2.4.28-selinux-cmdline-race.patch,
634     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
635     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
636     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
637     cleanup..
638 solar 1.53
639     *hardened-sources-2.4.30-r1 (21 Apr 2005)
640    
641     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
642     - disable aout by default
643 solar 1.52
644     *hardened-sources-2.4.30 (18 Apr 2005)
645    
646     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
647     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
648     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
649     use
650 tocharian 1.50
651 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
652    
653     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
654     +hardened-sources-2.4.29.ebuild:
655     New hardened-patches-2.4-29.0 patchball.
656     Removed SELinux support, upgraded GRSecurity to 2.1.4.
657    
658     *hardened-sources-2.4.28-r5 (06 Mar 2005)
659    
660     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
661     +hardened-sources-2.4.28-r5.ebuild:
662     Added a fix for a PaX vulnerability.
663    
664     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
665 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
666     Stable on x86
667 solar 1.49
668     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
669     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
670     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
671     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
672     - fixed/added RDEPEND= in all kernel-2 ebuilds
673 tocharian 1.48
674     *hardened-sources-2.4.28-r4 (21 Jan 2005)
675    
676     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
677     +hardened-sources-2.4.28-r4.ebuild:
678     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
679     backport of neighbour hash updates.
680 tocharian 1.47
681     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682     hardened-sources-2.4.28-r3.ebuild:
683     Stable on x86
684 tseng 1.46
685     *hardened-sources-2.6.10-r3 (20 Jan 2005)
686    
687     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
688     +hardened-sources-2.6.10-r3.ebuild:
689     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
690     in 2005.0
691 tocharian 1.45
692     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
693     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
694     hardened-sources-2.4.28-r2.ebuild:
695     Mark stable on x86
696 tocharian 1.44
697     *hardened-sources-2.4.28-r3 (17 Jan 2005)
698    
699     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
700     +hardened-sources-2.4.28-r3.ebuild:
701     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
702 tocharian 1.43
703     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
704     hardened-sources-2.4.28.ebuild:
705     Mark stable on x86.
706 tocharian 1.42
707     *hardened-sources-2.4.28-r2 (13 Jan 2005)
708    
709     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
710     +hardened-sources-2.4.28-r2.ebuild:
711     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
712     Mazinger for grsecurity patches as well.
713 plasmaroo 1.41
714     *hardened-sources-2.4.28-r1 (23 Dec 2004)
715    
716     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
717     Security bump. Thank tocharian for rolling a new patchset...
718 solar 1.40
719     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
720     +files/2.4.28-grsec-cmdline-race.patch,
721     +files/2.4.28-selinux-binfmt_a.out.patch,
722     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
723     - Round up remaining security patches that appear to be missing in 2.4.28. -
724     PaX standalone updated to current. hgpv=28.1
725 solar 1.39
726     *hardened-sources-2.4.28 (28 Nov 2004)
727    
728     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
729     security bump. Thank tocharian for rolling a new patchset
730 scox 1.31
731 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
732    
733     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
734     +hardened-sources-2.4.27-r3.ebuild:
735     Applies the new 2.4-27.2 patchball which updates
736     GRSecurity to the 2.0.1 version.
737    
738 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
739    
740     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
741     +hardened-sources-2.4.27-r2.ebuild:
742     Version bump.
743     This version uses the new 2.4-27.1 patchball which updates
744     both the SELinux PaX hooks patch and the SELinux headers.
745    
746 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
747    
748     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
749     +hardened-sources-2.4.27-r1.ebuild,
750     -hardened-sources-2.4.27.ebuild,
751     +files/2.4.27-cmdline-race.patch:
752     Version bump, fix for cmdline race. See bug #59905.
753    
754     *hardened-sources-2.4.26-r6 (09 Aug 2004)
755    
756     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
757     +hardened-sources-2.4.26-r6.ebuild,
758     -hardened-sources-2.4.26-r5.ebuild,
759     -hardened-sources-2.4.26-r4.ebuild,
760     +files/2.4.26-cmdline-race.patch:
761     Version bump, fix for cmdline race. See bug #59905.
762    
763 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
764    
765     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
766     +hardened-sources-2.4.27.ebuild,
767     +files/2.4.27-CAN-2004-0394.patch:
768     Ported the patchball to the 2.4.27 kernel version.
769    
770 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
771    
772     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
773     +hardened-sources-2.4.26-r5.ebuild:
774 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
775 scox 1.34 It adds the following features:
776     - Squashfs
777     - Ebtables
778     - Netdev random (core+drivers)
779     - Watchdog Timer (WDT) fix.
780    
781 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
782    
783     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
784     +hardened-sources-2.4.26-r4.ebuild,
785     +files/2.4.26-CAN-2004-0415.patch,
786     -hardened-sources-2.4.26-3:
787     Version bump, fix for CAN 0415, see bug #59378.
788    
789 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
790    
791     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
792     +hardened-sources-2.4.26-r3.ebuild,
793     +files/2.4.26-CAN-2004-0497.patch,
794     -hardened-sources-2.4.26-r2.ebuild:
795     Version bump, fixed CAN 0497, see bug #56171.
796    
797 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
798    
799     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
800 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
801 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
802     +files/2.4.26-CAN-2004-0535.patch,
803     -hardened-sources-2.4.26-r1.ebuild:
804     Fixes for both CAN 0495 and 0535, see bug #54976
805 pvdabeel 1.27
806 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
807     hardened-sources-2.4.26-r1.ebuild:
808     QA - fix use invocation
809 scox 1.28
810     *hardened-sources-2.4.26-r1 (22 June 2004)
811    
812     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
813     +hardened-sources-2.4.26-r1.ebuild,
814     +files/2.4.26-CAN-2004-0394.patch,
815     +files/2.4.26-signal-race.patch,
816     -hardened-sources-2.4.26.ebuild,
817     -hardened-sources-2.4.24-r3.ebuild:
818     Version bump for the CAN-2004-0394 issue and bug #53804
819     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
820    
821    
822 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
823     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
824     Masked hardened-sources-2.4.26.ebuild broken for ppc
825    
826     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
827     hardened-sources-2.4.24-r3.ebuild:
828     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
829 plasmaroo 1.25
830 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
831    
832     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
833     +hardened-sources-2.4.26.ebuild:
834     Updated hardened-sources for the 2.4.26 kernel
835     Removed broken components, updated almost everything.
836    
837 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
838    
839     17 Apr 2004; <plasmaroo@gentoo.org>
840     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
841     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
842     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
843     +hardened-sources-2.4.24-r3.ebuild:
844     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
845     vulnerabilities. Old revisions removed.
846 plasmaroo 1.24
847     *hardened-sources-2.4.24-r2 (15 Apr 2004)
848    
849     15 Apr 2004; <plasmaroo@gentoo.org>
850     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
851     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
852     Version bump for the CAN-2004-0109 issue; bug #47881.
853 aliz 1.23
854     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
855     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
856     Add eutils to inherit.
857 plasmaroo 1.22
858     *hardened-sources-2.4.24-r1 (19 Feb 2004)
859    
860     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
861     files/hardened-sources-2.4.24.munmap.patch:
862     Added the patch for the mremap/munmap vulnerability. Bug #42024.
863 scox 1.19
864 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
865 scox 1.26
866 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
867     hardened-sources-2.4.24.ebuild:
868     Version bump, updated most of the components.
869     This release includes the following:
870    
871     - Hardened security
872     - Netfilter patch-o-matic 20031219
873     - FreeSWAN 2.04 & x509 1.4.8
874     - EVMS 2.2.2
875     - XFS 1.3.1
876     - cryptoloop jari
877     - grsecurity 2.0-rc4
878     - SELinux
879     - PaX 200402060000
880     - PaX Obscurity 200308302223
881     - Others...
882    
883     Neither -ck nor systrace are included anymore.
884    
885 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
886    
887     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
888     hardened-sources-2.4.22-r2.ebuild:
889 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
890 scox 1.19
891     *hardened-sources-2.4.22-r1 (02 Dec 2003)
892 iggy 1.17
893     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
894 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
895 iggy 1.16
896     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
897 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
898     Version bump for the 'do_brk' vulnerability.
899 iggy 1.15
900     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
901     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
902     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
903     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
904 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
905 frogger 1.14
906     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
907     hardened-sources-2.4.22.ebuild:
908 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
909     components. These are no longer handled in the kernel
910     so this code was not necessary.
911 frogger 1.13
912     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
913     New 2.4.22 based hardened-sources thanks to
914     Phil West <p.west@computer.org>.
915    
916     These sources include:
917 plasmaroo 1.18 - New SELinux API
918     - Updated CK-base
919     - Updated GRSec
920     - Systrace
921     - SuperFreeS/WAN 1.99.8
922     - Propolice kernel build support
923     - EVMS
924     - Other various security related patches
925 frogger 1.11
926 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
927    
928     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
929     Updated hardened-sources based on the 2.4.21 Linux kernel.
930     This includes updates to most major components such as:
931 plasmaroo 1.18 - ck-base-0306300059
932     - selinux-2.4-2003071106
933     - grsecurity-2.0-rc1
934     - Updated IPTables patch-o-matic
935     - Updated SuperFreeS/WAN
936    
937 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
938     updated patch set ready for the 2.4.21 based kernel.
939    
940 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
941     Initial import of hardened-sources-2.4.20-r4. This revision
942     includes only a few changes, but one of these is an important
943     security fix. It is recommended all users of hardened-sources
944     upgrade to this release.
945 plasmaroo 1.18
946 frogger 1.11 - ioperm bug fix
947     - fixed compilation failure when building without GRSec
948 plasmaroo 1.18
949 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
950     due to time constraints, but is planned for inclusion in the near
951     future.
952 msterret 1.10
953     *hardened-sources-2.4.20-r2 (12 Jun 2003)
954    
955     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
956     hardened-sources-2.4.20-r3.ebuild:
957 plasmaroo 1.18 Add Header...
958 frogger 1.9
959     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
960     hardened-sources-2.4.20-r3.ebuild:
961     Removed warnings from ebuild. This kernel should be safe to
962     use at this point.
963 frogger 1.8
964     *hardened-sources-2.4.20-r3 (08 Jun 2003)
965    
966     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
967     hardened-sources-2.4.20-r3.ebuild:
968     New revision. Includes the following changes over -r2:
969 plasmaroo 1.18
970 frogger 1.8 - ck7-base (O(1), preempt, low latency)
971     - Super FreeS/WAN 1.99.7rc2
972     - PaX for the LSM/SELinux branch
973     - GRSecurity 2.0-pre4 (role based access control)
974     - Systrace 1.3
975     - EXT3 fixes
976     - EVMS 2.0.1
977     - GCC 3.1+ compile optimizations
978     - ProPolice kernel build support
979     - Hashing table security fixes
980 frogger 1.3
981     *hardened-sources-2.4.20-r1 (09 Apr 2003)
982 frogger 1.7
983     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
984     Initial import of hardened-sources-r2. This new
985     ebuild includes many new performance and security
986     related patches. As in -r1, it will patch in
987     LSM/SELinux if "selinux" is in USE, otherwise it
988     will patch in GRSecurity. The following patches
989     are included in this revision:
990 plasmaroo 1.18
991 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
992     (pulled from the base CK patch)
993     - ptrace exploit patch for the LSM kernel
994     (the GRSec patch already fixes this)
995     - LSM 2.4-2003040709
996     - SELinux 2.4-2003040709
997     - Systrace v1.2
998     - IPTables patch-o-matic base patches - 20030107
999     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1000     - Super FreeS/WAN 1.99.6.1
1001     - GRSecurity 1.9.9g
1002     - MPPE
1003     - EXT3 data journal fix
1004     - CIPE 1.5.4
1005 frogger 1.6
1006     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1007     hardened-sources-2.4.20-r1.ebuild, manifest:
1008 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1009 frogger 1.5
1010     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1011     hardened-sources-2.4.20-r1.ebuild:
1012     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1013     is patched in instead. Ptrace patches for selinux have also been added. In
1014     either case, systrace support will be patched in as well.
1015 frogger 1.3
1016     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1017     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1018 plasmaroo 1.18 Revision bump for new sources.
1019 frogger 1.4
1020 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1021 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1022 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1023 method 1.1
1024 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1025    
1026 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1027     hardened-sources-2.4.20.ebuild:
1028 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20