/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.161 - (hide annotations) (download)
Sun Jun 17 16:53:54 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.160: +6 -1 lines
Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
(Portage version: 2.1.3_rc3)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.161 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.160 2007/06/12 05:18:07 phreak Exp $
4    
5     17 Jun 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.20-r5.ebuild:
7     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
8     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
9 phreak 1.160
10     *hardened-sources-2.6.21-r3 (12 Jun 2007)
11    
12     12 Jun 2007; Christian Heim <phreak@gentoo.org>
13     +hardened-sources-2.6.21-r3.ebuild:
14     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
15     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
16     love.
17 phreak 1.159
18     *hardened-sources-2.6.20-r5 (11 Jun 2007)
19    
20     11 Jun 2007; Christian Heim <phreak@gentoo.org>
21     +hardened-sources-2.6.20-r5.ebuild:
22     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
23     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
24     love.
25 pappy 1.158
26     *hardened-sources-2.4.34.5 (11 Jun 2007)
27    
28     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
29     +hardened-sources-2.4.34.5.ebuild:
30     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
31 phreak 1.157
32     30 May 2007; Christian Heim <phreak@gentoo.org>
33     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
34     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
35     stale ebuild(s).
36 phreak 1.156
37     30 May 2007; Christian Heim <phreak@gentoo.org>
38     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
39     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
40     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
41     Doing some cleanups, remove stale ebuilds.
42 phreak 1.155
43     26 May 2007; Christian Heim <phreak@gentoo.org>
44     hardened-sources-2.6.21-r2.ebuild:
45     Fixing the grsecurity patch, had one '};' too much.
46 phreak 1.154
47     *hardened-sources-2.6.21-r2 (26 May 2007)
48    
49     26 May 2007; Christian Heim <phreak@gentoo.org>
50     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
51     +hardened-sources-2.6.21-r2.ebuild:
52     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
53     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
54 phreak 1.153
55     *hardened-sources-2.6.20-r4 (26 May 2007)
56    
57     26 May 2007; Christian Heim <phreak@gentoo.org>
58     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
59     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
60 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
61 phreak 1.152
62     15 May 2007; Christian Heim <phreak@gentoo.org>
63     hardened-sources-2.6.20-r3.ebuild:
64     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
65     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
66     grsecurity patch fail in that exact same hunk.
67 phreak 1.151
68     *hardened-sources-2.6.20-r3 (15 May 2007)
69    
70     15 May 2007; Christian Heim <phreak@gentoo.org>
71     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
72     Revision bump, incorporating Linux 2.6.20.11.
73    
74     *hardened-sources-2.6.21-r1 (11 May 2007)
75    
76     11 May 2007; Christian Heim <phreak@gentoo.org>
77     +hardened-sources-2.6.21-r1.ebuild:
78     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
79     mentioned in #177234.
80 kevquinn 1.150
81     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
82     files/digest-hardened-sources-2.6.21, Manifest:
83     Fix Manifest/digest for linux-2.6.21.tar.bz2
84 phreak 1.149
85     06 May 2007; Christian Heim <phreak@gentoo.org>
86     hardened-sources-2.6.21.ebuild:
87     Bumping the hardened-patches version, needed for the fix for #177234.
88 phreak 1.148
89     *hardened-sources-2.6.21 (02 May 2007)
90    
91     02 May 2007; Christian Heim <phreak@gentoo.org>
92     +hardened-sources-2.6.21.ebuild:
93     Version bump, Linux 2.6.21-hardened.
94 phreak 1.147
95     29 Apr 2007; Christian Heim <phreak@gentoo.org>
96     hardened-sources-2.6.20-r2.ebuild:
97     Adding ~ia64 on Ned's request.
98 phreak 1.146
99     29 Apr 2007; Christian Heim <phreak@gentoo.org>
100     hardened-sources-2.6.20-r2.ebuild:
101     Fixing the included grsecurity patch, wasn't alligning due to the Index:
102     header line(s).
103 phreak 1.145
104     29 Apr 2007; Christian Heim <phreak@gentoo.org>
105     hardened-sources-2.6.20-r2.ebuild:
106     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
107 armin76 1.144
108     *hardened-sources-2.6.20-r2 (10 Apr 2007)
109    
110     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
111     +hardened-sources-2.6.20-r2.ebuild:
112     Version bump, on behalf of phreak
113 phreak 1.143
114     *hardened-sources-2.6.20-r1 (04 Apr 2007)
115    
116     04 Apr 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.20-r1.ebuild:
118     Revision bump, grabbing a newer grsecurity snapshot.
119 phreak 1.142
120     *hardened-sources-2.6.20 (25 Mar 2007)
121    
122     25 Mar 2007; Christian Heim <phreak@gentoo.org>
123     +hardened-sources-2.6.20.ebuild:
124     Finally a hardened-sources version for 2.6.20; many people have been waiting
125     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
126     testbox.
127 chainsaw 1.141
128     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
129     hardened-sources-2.6.18-r6.ebuild:
130     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
131 phreak 1.140
132     *hardened-sources-2.6.18-r6 (16 Mar 2007)
133    
134     16 Mar 2007; Christian Heim <phreak@gentoo.org>
135     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
136     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
137     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
138     supposed to be.
139 phreak 1.139
140     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
141     Fixing the Manifest, the previous one was broken (as in still had the
142     deleted ebuild in it).
143 phreak 1.138
144     06 Mar 2007; Christian Heim <phreak@gentoo.org>
145     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
146     +hardened-sources-2.6.18-r5.ebuild:
147     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
148     Linux 2.6.18.8. Also cleaning up the older version.
149    
150     *hardened-sources-2.6.18-r5 (06 Mar 2007)
151    
152     06 Mar 2007; Christian Heim <phreak@gentoo.org>
153     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
154     +hardened-sources-2.6.18-r5.ebuild:
155     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
156     Linux 2.6.18.8. Also cleaning up the older version.
157 phreak 1.137
158     24 Feb 2007; Christian Heim <phreak@gentoo.org>
159     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
160     -hardened-sources-2.6.19-r5.ebuild:
161     Removing some of the old version, that didn't work.
162 phreak 1.136
163     *hardened-sources-2.6.19-r6 (12 Feb 2007)
164    
165     12 Feb 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.19-r6.ebuild:
167     Revision bump, including a new grsec version fixing #166235.
168 pappy 1.134
169     *hardened-sources-2.4.34 (24 Jan 2007)
170    
171     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
172 pappy 1.135 Manifest:
173     updating Manifest with checksums of new tarball and ebuild
174    
175     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
176 pappy 1.134 +hardened-sources-2.4.34.ebuild:
177     I added new hardened sources 2.4 update, this is a critical path
178     security bugfix - all users of h-s are strongly advised
179     to update their existing hardened sources to this version.
180     It contains a fix for a kernel vulnerability that is pertaining
181     to the PaX changes to virtual memory management, possibly leading
182     to a local kernel exploit ... see grsecurity.net forums and homepage
183 phreak 1.133
184     23 Jan 2007; Christian Heim <phreak@gentoo.org>
185     files/digest-hardened-sources-2.6.19-r5, Manifest:
186     Fixing the patch-tarball digest.
187 phreak 1.132
188     *hardened-sources-2.6.19-r5 (23 Jan 2007)
189    
190     23 Jan 2007; Christian Heim <phreak@gentoo.org>
191     +hardened-sources-2.6.19-r5.ebuild:
192     Revision bump, closing the recently discovered PaX expand_stack()
193     vulnerability.
194 phreak 1.131
195     *hardened-sources-2.6.19-r4 (14 Jan 2007)
196    
197     14 Jan 2007; Christian Heim <phreak@gentoo.org>
198     +hardened-sources-2.6.19-r4.ebuild:
199     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
200     dropping the randomized PID feature.
201 opfer 1.130
202     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
203     hardened-sources-2.4.33.4.ebuild:
204     stable x86, bug #161171
205 phreak 1.129
206     *hardened-sources-2.6.19-r3 (27 Dec 2006)
207    
208     27 Dec 2006; Christian Heim <phreak@gentoo.org>
209     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
210     Revision bump for bug #157186 and #158786.
211 phreak 1.128
212     *hardened-sources-2.6.18-r4 (27 Dec 2006)
213    
214     27 Dec 2006; Christian Heim <phreak@gentoo.org>
215     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
216     Revision bump for bug #157186.
217 phreak 1.127
218     *hardened-sources-2.6.19-r2 (23 Dec 2006)
219    
220     23 Dec 2006; Christian Heim <phreak@gentoo.org>
221     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
222     Revision bump to pull in genpatches-2.6.19-3 for #157186.
223 phreak 1.126
224     17 Dec 2006; Christian Heim <phreak@gentoo.org>
225     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
226     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
227     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
228     hardened-sources-2.6.19-r1.ebuild:
229     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
230     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
231 pappy 1.125
232     *hardened-sources-2.4.33.4 (17 Dec 2006)
233    
234     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
235     +hardened-sources-2.4.33.4.ebuild:
236     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
237     and quilting
238 phreak 1.124
239     *hardened-sources-2.6.19-r1 (14 Dec 2006)
240    
241     14 Dec 2006; Christian Heim <phreak@gentoo.org>
242     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
243     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
244     for reporting).
245 phreak 1.123
246     *hardened-sources-2.6.19 (13 Dec 2006)
247    
248     13 Dec 2006; Christian Heim <phreak@gentoo.org>
249     +hardened-sources-2.6.19.ebuild:
250     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
251     Brad for providing that prompt update.
252 phreak 1.122
253     *hardened-sources-2.6.18-r3 (13 Dec 2006)
254    
255     13 Dec 2006; Christian Heim <phreak@gentoo.org>
256     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
257     +hardened-sources-2.6.18-r3.ebuild:
258     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
259     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
260 phreak 1.121
261     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
262     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
263 nixnut 1.120
264     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
265     Stable on ppc wrt bug 157356
266 opfer 1.119
267     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
268     hardened-sources-2.6.18.ebuild:
269     stable x86, bug #157356
270 phreak 1.118
271     *hardened-sources-2.6.18-r2 (06 Dec 2006)
272    
273     06 Dec 2006; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.18-r2.ebuild:
275     Revision bump, including 2.6.18.5 (via genpatches) and
276     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
277     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
278     redesign.
279 phreak 1.117
280     06 Dec 2006; Christian Heim <phreak@gentoo.org>
281     hardened-sources-2.6.18.ebuild:
282     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
283     of Mike Doty).
284 phreak 1.116
285     *hardened-sources-2.6.18-r1 (23 Nov 2006)
286    
287     23 Nov 2006; Christian Heim <phreak@gentoo.org>
288     +hardened-sources-2.6.18-r1.ebuild:
289     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
290 phreak 1.115
291     *hardened-sources-2.6.18 (11 Nov 2006)
292    
293     11 Nov 2006; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.18.ebuild:
295     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
296 solar 1.114
297     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
298     - mark amd64 stable also. bug #151877
299 solar 1.113
300     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
301     - mark 2.6.17-r1 stable
302 phreak 1.112
303     27 Aug 2006; Christian Heim <phreak@gentoo.org>
304     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
305     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
306 phreak 1.111
307     *hardened-sources-2.6.17-r1 (26 Aug 2006)
308    
309     26 Aug 2006; Christian Heim <phreak@gentoo.org>
310     +hardened-sources-2.6.17-r1.ebuild:
311     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
312     grsecurity patch.
313 phreak 1.110
314     *hardened-sources-2.6.17 (17 Aug 2006)
315    
316     17 Aug 2006; Christian Heim <phreak@gentoo.org>
317     +hardened-sources-2.6.17.ebuild:
318     Bumping the hardened-sources-2.6 series to 2.6.17, using
319     genpatches-2.6.17-6.base.
320 solar 1.109
321     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
322     - stable on x86 and amd64
323 solar 1.108
324     *hardened-sources-2.6.16-r11 (15 Jul 2006)
325    
326     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
327     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
328     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
329     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
330     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
331     crusty ebuilds
332 johnm 1.107
333     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
334     hardened-sources-2.6.16-r10.ebuild:
335     marking stable on x86 and amd64
336 solar 1.106
337     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
338     - 2.4.32-r6 stable on x86. RSBAC state unknown
339 kang 1.105
340     *hardened-sources-2.4.32-r7 (10 Jul 2006)
341    
342     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
343     +hardened-sources-2.4.32-r7.ebuild:
344     Bump PaX for RSBAC to test-17
345 johnm 1.104
346     *hardened-sources-2.6.16-r9 (03 Jul 2006)
347    
348     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
349     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
350     hardened-sources-2.6.16 bump to latest -base.
351 solar 1.103
352     *hardened-sources-2.4.32-r6 (30 Jun 2006)
353    
354     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
355     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
356     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
357     sysctl controlable resource logging
358 johnm 1.102
359     *hardened-sources-2.6.16-r7 (05 Jun 2006)
360    
361     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
362     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
363     push new 2.6.16 release in preparation for stable
364 solar 1.101
365     22 May 2006; <solar@gentoo.org> :
366     - redigest bug 134002
367 kang 1.100
368     *hardened-sources-2.4.32-r5 (16 May 2006)
369    
370     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
371     +hardened-sources-2.4.32-r5.ebuild:
372     Fixes rsbac common patching (new patch in new -r5 patchset)
373 solar 1.99
374     *hardened-sources-2.4.32-r4 (13 May 2006)
375    
376     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
377     +hardened-sources-2.4.32-r4.ebuild:
378     - security bumps
379 johnm 1.98
380     *hardened-sources-2.6.16-r6 (03 May 2006)
381    
382     03 May 2006; John Mylchreest <johnm@gentoo.org>
383     +hardened-sources-2.6.16-r6.ebuild:
384     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
385 johnm 1.97
386     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
387     hardened-sources-2.6.14-r8.ebuild:
388     fix x86_64 build problem, this will delay the digest issue again for a short
389     while but it will sort itself out
390 johnm 1.96
391     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
392     hardened-sources-2.6.14-r8.ebuild:
393     bump hardened patchset
394 antarus 1.94
395     27 Apr 2006; Alec Warner <antarus@gentoo.org>
396     files/digest-hardened-sources-2.4.32-r2,
397     files/digest-hardened-sources-2.4.32-r3,
398     files/digest-hardened-sources-2.6.14-r8, Manifest:
399     Fixing duff SHA256 digests: Bug # 131293
400 johnm 1.93
401 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
402    
403     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
404     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
405     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
406     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
407     cleanup of old uneccessary sources
408    
409 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
410     fix digest
411 johnm 1.92
412     *hardened-sources-2.6.14-r8 (20 Apr 2006)
413    
414     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
415     +hardened-sources-2.6.14-r8.ebuild:
416     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
417 johnm 1.91
418     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
419     Turning on gpg-signing again, and recomitting
420 johnm 1.90
421     *hardened-sources-2.6.16-r4 (20 Apr 2006)
422    
423     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
424     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
425     +hardened-sources-2.6.16-r4.ebuild:
426     Fix numerous security vulns
427 solar 1.89
428     *hardened-sources-2.4.32-r3 (16 Apr 2006)
429    
430     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
431     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
432     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
433     - security bump for bug #112791. Removed old ebuilds
434 johnm 1.88
435     *hardened-sources-2.6.16-r3 (15 Apr 2006)
436    
437     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
438     +hardened-sources-2.6.16-r3.ebuild:
439     Removing silly localversion which I missed
440 johnm 1.87
441     *hardened-sources-2.6.14-r7 (14 Apr 2006)
442    
443     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
444     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
445     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
446 johnm 1.86
447     *hardened-sources-2.6.16-r2 (13 Apr 2006)
448    
449     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
450     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
451     +hardened-sources-2.6.16-r2.ebuild:
452     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
453     labels, dropping USERGROUP define fixes, since these were merged mainstream.
454 johnm 1.85
455     *hardened-sources-2.6.16-r1 (11 Apr 2006)
456    
457     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
458     +hardened-sources-2.6.16-r1.ebuild:
459     Bumping to include ppc build fix and 2.6.16.3
460 tsunam 1.84
461     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
462     hardened-sources-2.6.14-r6.ebuild:
463     Stable on x86; bug #127718
464 johnm 1.83
465     *hardened-sources-2.6.16 (31 Mar 2006)
466    
467     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
468     +hardened-sources-2.6.16.ebuild:
469     Bumping to new version of grsec, and kernel base. New squashfs. Based on
470     2.6.16.1
471 cryos 1.82
472     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
473     hardened-sources-2.6.14-r6.ebuild:
474     Stable on amd64, bug 127718.
475 nixnut 1.81
476     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
477     Stable on ppc. Bug #127718
478 johnm 1.80
479     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
480     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
481     -hardened-sources-2.6.14-r4.ebuild:
482     Cleanup.
483 johnm 1.79
484     *hardened-sources-2.6.14-r6 (15 Mar 2006)
485    
486     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
487     +hardened-sources-2.6.14-r6.ebuild:
488     Fixes grsec policy recreation bug and adds a
489     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
490 solar 1.78
491     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
492     - stable on x86
493 hansmi 1.77
494     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
495     hardened-sources-2.6.14-r5.ebuild:
496     Stable on ppc.
497 johnm 1.76
498     *hardened-sources-2.6.14-r5 (01 Feb 2006)
499    
500     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
501     +hardened-sources-2.6.14-r5.ebuild:
502     fixing every known exploit
503 solar 1.75
504     *hardened-sources-2.4.32-r2 (26 Jan 2006)
505    
506     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
507     +hardened-sources-2.4.32-r2.ebuild:
508     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
509 solar 1.74
510     *hardened-sources-2.6.14-r4 (12 Jan 2006)
511    
512     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
513     - version bump for new genpatches which fix up a few sec holes
514 solar 1.73
515     *hardened-sources-2.4.32-r1 (05 Jan 2006)
516    
517     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
518     - revision bump to add misc vital linux kernel security patches.
519 johnm 1.72
520     *hardened-sources-2.6.14-r3 (30 Dec 2005)
521    
522     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
523     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
524     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
525 johnm 1.71
526     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
527     hardened-sources-2.6.14-r2.ebuild:
528     making x86 & amd64 stable following testing.
529 johnm 1.70
530     *hardened-sources-2.6.14-r2 (27 Dec 2005)
531    
532     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
533     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
534     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
535     network hooks.
536 johnm 1.69
537     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
538     hardened-sources-2.6.14-r1.ebuild:
539     bumping to stable early for sec fix on x86 & amd64
540 johnm 1.68
541     *hardened-sources-2.6.14-r1 (05 Dec 2005)
542    
543     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
544     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
545     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
546 solar 1.67
547     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
548     - stable on x86 security bug #114227 CAN-2005-3257
549 kang 1.66
550     *hardened-sources-2.4.32 (19 Nov 2005)
551    
552     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
553     +hardened-sources-2.4.32.ebuild:
554     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
555     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
556     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
557     rsbac >> /etc/portage/package.use)
558 johnm 1.65
559     *hardened-sources-2.6.14 (14 Nov 2005)
560    
561     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
562     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
563     Bumping 2.6 series to 2.6.14.2
564 johnm 1.64
565     *hardened-sources-2.6.13-r2 (20 Oct 2005)
566    
567     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
568     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
569     +hardened-sources-2.6.13-r2.ebuild:
570     Fixes minor build error in ppc.
571 johnm 1.63
572     *hardened-sources-2.6.13-r1 (17 Oct 2005)
573    
574     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
575     +hardened-sources-2.6.13-r1.ebuild:
576     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
577     2.6.13.4, fixes some major amd64 stability problems.
578 johnm 1.62
579     *hardened-sources-2.6.13 (16 Sep 2005)
580    
581     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
582     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
583     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
584     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
585     users should test this thoroughly.
586 solar 1.61
587     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
588     - stable on x86
589 johnm 1.60
590     *hardened-sources-2.6.11-r15 (27 Jun 2005)
591    
592     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
593     +hardened-sources-2.6.11-r15.ebuild:
594     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
595     grsec redefining curr_ip struct.
596 solar 1.59
597     *hardened-sources-2.4.31 (20 Jun 2005)
598    
599     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
600     initial import of 2.4.31 tree
601 johnm 1.58
602     *hardened-sources-2.6.11-r14 (14 Jun 2005)
603    
604     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
605     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
606     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
607     naming scheme to abide by genpatches
608 johnm 1.57
609     *hardened-sources-2.6.11-r13 (18 May 2005)
610    
611     18 May 2005; John Mylchreest <johnm@gentoo.org>
612     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
613     Managed to mangle the Makefile patch from grsec, to miss out the grsec
614     target. sorry about that. Fixes bug #93022
615 johnm 1.56
616     *hardened-sources-2.6.11-r12 (17 May 2005)
617    
618     17 May 2005; John Mylchreest <johnm@gentoo.org>
619     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
620     +hardened-sources-2.6.11-r12.ebuild:
621     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
622     merges in genpatches-base
623 johnm 1.55
624     *hardened-sources-2.6.11-r12 (17 May 2005)
625    
626     17 May 2005; John Mylchreest <johnm@gentoo.org>
627     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
628     +hardened-sources-2.6.11-r12.ebuild:
629     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
630     merges in genpatches-base
631 solar 1.54
632     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
633     -files/2.4.27-cmdline-race.patch,
634     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
635     -files/2.4.28-grsec-binfmt_a.out.patch,
636     -files/2.4.28-grsec-cmdline-race.patch,
637     -files/2.4.28-selinux-binfmt_a.out.patch,
638     -files/2.4.28-selinux-cmdline-race.patch,
639     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
640     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
641     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
642     cleanup..
643 solar 1.53
644     *hardened-sources-2.4.30-r1 (21 Apr 2005)
645    
646     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
647     - disable aout by default
648 solar 1.52
649     *hardened-sources-2.4.30 (18 Apr 2005)
650    
651     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
652     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
653     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
654     use
655 tocharian 1.50
656 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
657    
658     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
659     +hardened-sources-2.4.29.ebuild:
660     New hardened-patches-2.4-29.0 patchball.
661     Removed SELinux support, upgraded GRSecurity to 2.1.4.
662    
663     *hardened-sources-2.4.28-r5 (06 Mar 2005)
664    
665     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
666     +hardened-sources-2.4.28-r5.ebuild:
667     Added a fix for a PaX vulnerability.
668    
669     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
670 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
671     Stable on x86
672 solar 1.49
673     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
674     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
675     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
676     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
677     - fixed/added RDEPEND= in all kernel-2 ebuilds
678 tocharian 1.48
679     *hardened-sources-2.4.28-r4 (21 Jan 2005)
680    
681     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682     +hardened-sources-2.4.28-r4.ebuild:
683     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
684     backport of neighbour hash updates.
685 tocharian 1.47
686     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
687     hardened-sources-2.4.28-r3.ebuild:
688     Stable on x86
689 tseng 1.46
690     *hardened-sources-2.6.10-r3 (20 Jan 2005)
691    
692     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
693     +hardened-sources-2.6.10-r3.ebuild:
694     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
695     in 2005.0
696 tocharian 1.45
697     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
698     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
699     hardened-sources-2.4.28-r2.ebuild:
700     Mark stable on x86
701 tocharian 1.44
702     *hardened-sources-2.4.28-r3 (17 Jan 2005)
703    
704     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
705     +hardened-sources-2.4.28-r3.ebuild:
706     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
707 tocharian 1.43
708     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
709     hardened-sources-2.4.28.ebuild:
710     Mark stable on x86.
711 tocharian 1.42
712     *hardened-sources-2.4.28-r2 (13 Jan 2005)
713    
714     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715     +hardened-sources-2.4.28-r2.ebuild:
716     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
717     Mazinger for grsecurity patches as well.
718 plasmaroo 1.41
719     *hardened-sources-2.4.28-r1 (23 Dec 2004)
720    
721     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
722     Security bump. Thank tocharian for rolling a new patchset...
723 solar 1.40
724     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
725     +files/2.4.28-grsec-cmdline-race.patch,
726     +files/2.4.28-selinux-binfmt_a.out.patch,
727     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
728     - Round up remaining security patches that appear to be missing in 2.4.28. -
729     PaX standalone updated to current. hgpv=28.1
730 solar 1.39
731     *hardened-sources-2.4.28 (28 Nov 2004)
732    
733     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
734     security bump. Thank tocharian for rolling a new patchset
735 scox 1.31
736 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
737    
738     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
739     +hardened-sources-2.4.27-r3.ebuild:
740     Applies the new 2.4-27.2 patchball which updates
741     GRSecurity to the 2.0.1 version.
742    
743 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
744    
745     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
746     +hardened-sources-2.4.27-r2.ebuild:
747     Version bump.
748     This version uses the new 2.4-27.1 patchball which updates
749     both the SELinux PaX hooks patch and the SELinux headers.
750    
751 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
752    
753     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
754     +hardened-sources-2.4.27-r1.ebuild,
755     -hardened-sources-2.4.27.ebuild,
756     +files/2.4.27-cmdline-race.patch:
757     Version bump, fix for cmdline race. See bug #59905.
758    
759     *hardened-sources-2.4.26-r6 (09 Aug 2004)
760    
761     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
762     +hardened-sources-2.4.26-r6.ebuild,
763     -hardened-sources-2.4.26-r5.ebuild,
764     -hardened-sources-2.4.26-r4.ebuild,
765     +files/2.4.26-cmdline-race.patch:
766     Version bump, fix for cmdline race. See bug #59905.
767    
768 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
769    
770     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
771     +hardened-sources-2.4.27.ebuild,
772     +files/2.4.27-CAN-2004-0394.patch:
773     Ported the patchball to the 2.4.27 kernel version.
774    
775 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
776    
777     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
778     +hardened-sources-2.4.26-r5.ebuild:
779 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
780 scox 1.34 It adds the following features:
781     - Squashfs
782     - Ebtables
783     - Netdev random (core+drivers)
784     - Watchdog Timer (WDT) fix.
785    
786 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
787    
788     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
789     +hardened-sources-2.4.26-r4.ebuild,
790     +files/2.4.26-CAN-2004-0415.patch,
791     -hardened-sources-2.4.26-3:
792     Version bump, fix for CAN 0415, see bug #59378.
793    
794 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
795    
796     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
797     +hardened-sources-2.4.26-r3.ebuild,
798     +files/2.4.26-CAN-2004-0497.patch,
799     -hardened-sources-2.4.26-r2.ebuild:
800     Version bump, fixed CAN 0497, see bug #56171.
801    
802 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
803    
804     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
805 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
806 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
807     +files/2.4.26-CAN-2004-0535.patch,
808     -hardened-sources-2.4.26-r1.ebuild:
809     Fixes for both CAN 0495 and 0535, see bug #54976
810 pvdabeel 1.27
811 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
812     hardened-sources-2.4.26-r1.ebuild:
813     QA - fix use invocation
814 scox 1.28
815     *hardened-sources-2.4.26-r1 (22 June 2004)
816    
817     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
818     +hardened-sources-2.4.26-r1.ebuild,
819     +files/2.4.26-CAN-2004-0394.patch,
820     +files/2.4.26-signal-race.patch,
821     -hardened-sources-2.4.26.ebuild,
822     -hardened-sources-2.4.24-r3.ebuild:
823     Version bump for the CAN-2004-0394 issue and bug #53804
824     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
825    
826    
827 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
828     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
829     Masked hardened-sources-2.4.26.ebuild broken for ppc
830    
831     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
832     hardened-sources-2.4.24-r3.ebuild:
833     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
834 plasmaroo 1.25
835 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
836    
837     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
838     +hardened-sources-2.4.26.ebuild:
839     Updated hardened-sources for the 2.4.26 kernel
840     Removed broken components, updated almost everything.
841    
842 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
843    
844     17 Apr 2004; <plasmaroo@gentoo.org>
845     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
846     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
847     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
848     +hardened-sources-2.4.24-r3.ebuild:
849     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
850     vulnerabilities. Old revisions removed.
851 plasmaroo 1.24
852     *hardened-sources-2.4.24-r2 (15 Apr 2004)
853    
854     15 Apr 2004; <plasmaroo@gentoo.org>
855     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
856     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
857     Version bump for the CAN-2004-0109 issue; bug #47881.
858 aliz 1.23
859     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
860     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
861     Add eutils to inherit.
862 plasmaroo 1.22
863     *hardened-sources-2.4.24-r1 (19 Feb 2004)
864    
865     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
866     files/hardened-sources-2.4.24.munmap.patch:
867     Added the patch for the mremap/munmap vulnerability. Bug #42024.
868 scox 1.19
869 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
870 scox 1.26
871 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
872     hardened-sources-2.4.24.ebuild:
873     Version bump, updated most of the components.
874     This release includes the following:
875    
876     - Hardened security
877     - Netfilter patch-o-matic 20031219
878     - FreeSWAN 2.04 & x509 1.4.8
879     - EVMS 2.2.2
880     - XFS 1.3.1
881     - cryptoloop jari
882     - grsecurity 2.0-rc4
883     - SELinux
884     - PaX 200402060000
885     - PaX Obscurity 200308302223
886     - Others...
887    
888     Neither -ck nor systrace are included anymore.
889    
890 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
891    
892     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
893     hardened-sources-2.4.22-r2.ebuild:
894 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
895 scox 1.19
896     *hardened-sources-2.4.22-r1 (02 Dec 2003)
897 iggy 1.17
898     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
899 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
900 iggy 1.16
901     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
902 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
903     Version bump for the 'do_brk' vulnerability.
904 iggy 1.15
905     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
906     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
907     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
908     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
909 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
910 frogger 1.14
911     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
912     hardened-sources-2.4.22.ebuild:
913 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
914     components. These are no longer handled in the kernel
915     so this code was not necessary.
916 frogger 1.13
917     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
918     New 2.4.22 based hardened-sources thanks to
919     Phil West <p.west@computer.org>.
920    
921     These sources include:
922 plasmaroo 1.18 - New SELinux API
923     - Updated CK-base
924     - Updated GRSec
925     - Systrace
926     - SuperFreeS/WAN 1.99.8
927     - Propolice kernel build support
928     - EVMS
929     - Other various security related patches
930 frogger 1.11
931 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
932    
933     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
934     Updated hardened-sources based on the 2.4.21 Linux kernel.
935     This includes updates to most major components such as:
936 plasmaroo 1.18 - ck-base-0306300059
937     - selinux-2.4-2003071106
938     - grsecurity-2.0-rc1
939     - Updated IPTables patch-o-matic
940     - Updated SuperFreeS/WAN
941    
942 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
943     updated patch set ready for the 2.4.21 based kernel.
944    
945 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
946     Initial import of hardened-sources-2.4.20-r4. This revision
947     includes only a few changes, but one of these is an important
948     security fix. It is recommended all users of hardened-sources
949     upgrade to this release.
950 plasmaroo 1.18
951 frogger 1.11 - ioperm bug fix
952     - fixed compilation failure when building without GRSec
953 plasmaroo 1.18
954 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
955     due to time constraints, but is planned for inclusion in the near
956     future.
957 msterret 1.10
958     *hardened-sources-2.4.20-r2 (12 Jun 2003)
959    
960     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
961     hardened-sources-2.4.20-r3.ebuild:
962 plasmaroo 1.18 Add Header...
963 frogger 1.9
964     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
965     hardened-sources-2.4.20-r3.ebuild:
966     Removed warnings from ebuild. This kernel should be safe to
967     use at this point.
968 frogger 1.8
969     *hardened-sources-2.4.20-r3 (08 Jun 2003)
970    
971     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
972     hardened-sources-2.4.20-r3.ebuild:
973     New revision. Includes the following changes over -r2:
974 plasmaroo 1.18
975 frogger 1.8 - ck7-base (O(1), preempt, low latency)
976     - Super FreeS/WAN 1.99.7rc2
977     - PaX for the LSM/SELinux branch
978     - GRSecurity 2.0-pre4 (role based access control)
979     - Systrace 1.3
980     - EXT3 fixes
981     - EVMS 2.0.1
982     - GCC 3.1+ compile optimizations
983     - ProPolice kernel build support
984     - Hashing table security fixes
985 frogger 1.3
986     *hardened-sources-2.4.20-r1 (09 Apr 2003)
987 frogger 1.7
988     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
989     Initial import of hardened-sources-r2. This new
990     ebuild includes many new performance and security
991     related patches. As in -r1, it will patch in
992     LSM/SELinux if "selinux" is in USE, otherwise it
993     will patch in GRSecurity. The following patches
994     are included in this revision:
995 plasmaroo 1.18
996 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
997     (pulled from the base CK patch)
998     - ptrace exploit patch for the LSM kernel
999     (the GRSec patch already fixes this)
1000     - LSM 2.4-2003040709
1001     - SELinux 2.4-2003040709
1002     - Systrace v1.2
1003     - IPTables patch-o-matic base patches - 20030107
1004     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1005     - Super FreeS/WAN 1.99.6.1
1006     - GRSecurity 1.9.9g
1007     - MPPE
1008     - EXT3 data journal fix
1009     - CIPE 1.5.4
1010 frogger 1.6
1011     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1012     hardened-sources-2.4.20-r1.ebuild, manifest:
1013 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1014 frogger 1.5
1015     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1016     hardened-sources-2.4.20-r1.ebuild:
1017     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1018     is patched in instead. Ptrace patches for selinux have also been added. In
1019     either case, systrace support will be patched in as well.
1020 frogger 1.3
1021     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1022     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1023 plasmaroo 1.18 Revision bump for new sources.
1024 frogger 1.4
1025 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1026 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1027 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1028 method 1.1
1029 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1030    
1031 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1032     hardened-sources-2.4.20.ebuild:
1033 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20