/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.162 - (hide annotations) (download)
Sun Jun 17 17:23:08 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.161: +7 -1 lines
Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the alpha stable KEYWORD by mistake.
(Portage version: 2.1.3_rc3)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.162 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.161 2007/06/17 16:53:54 phreak Exp $
4    
5     17 Jun 2007; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
7     -hardened-sources-2.6.21-r2.ebuild:
8     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
9     alpha stable KEYWORD by mistake.
10 phreak 1.161
11     17 Jun 2007; Christian Heim <phreak@gentoo.org>
12     hardened-sources-2.6.20-r5.ebuild:
13     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
14     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
15 phreak 1.160
16     *hardened-sources-2.6.21-r3 (12 Jun 2007)
17    
18     12 Jun 2007; Christian Heim <phreak@gentoo.org>
19     +hardened-sources-2.6.21-r3.ebuild:
20     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
21     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
22     love.
23 phreak 1.159
24     *hardened-sources-2.6.20-r5 (11 Jun 2007)
25    
26     11 Jun 2007; Christian Heim <phreak@gentoo.org>
27     +hardened-sources-2.6.20-r5.ebuild:
28     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
29     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
30     love.
31 pappy 1.158
32     *hardened-sources-2.4.34.5 (11 Jun 2007)
33    
34     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
35     +hardened-sources-2.4.34.5.ebuild:
36     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
37 phreak 1.157
38     30 May 2007; Christian Heim <phreak@gentoo.org>
39     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
40     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
41     stale ebuild(s).
42 phreak 1.156
43     30 May 2007; Christian Heim <phreak@gentoo.org>
44     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
45     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
46     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
47     Doing some cleanups, remove stale ebuilds.
48 phreak 1.155
49     26 May 2007; Christian Heim <phreak@gentoo.org>
50     hardened-sources-2.6.21-r2.ebuild:
51     Fixing the grsecurity patch, had one '};' too much.
52 phreak 1.154
53     *hardened-sources-2.6.21-r2 (26 May 2007)
54    
55     26 May 2007; Christian Heim <phreak@gentoo.org>
56     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
57     +hardened-sources-2.6.21-r2.ebuild:
58     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
59     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
60 phreak 1.153
61     *hardened-sources-2.6.20-r4 (26 May 2007)
62    
63     26 May 2007; Christian Heim <phreak@gentoo.org>
64     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
65     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
66 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
67 phreak 1.152
68     15 May 2007; Christian Heim <phreak@gentoo.org>
69     hardened-sources-2.6.20-r3.ebuild:
70     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
71     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
72     grsecurity patch fail in that exact same hunk.
73 phreak 1.151
74     *hardened-sources-2.6.20-r3 (15 May 2007)
75    
76     15 May 2007; Christian Heim <phreak@gentoo.org>
77     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
78     Revision bump, incorporating Linux 2.6.20.11.
79    
80     *hardened-sources-2.6.21-r1 (11 May 2007)
81    
82     11 May 2007; Christian Heim <phreak@gentoo.org>
83     +hardened-sources-2.6.21-r1.ebuild:
84     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
85     mentioned in #177234.
86 kevquinn 1.150
87     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
88     files/digest-hardened-sources-2.6.21, Manifest:
89     Fix Manifest/digest for linux-2.6.21.tar.bz2
90 phreak 1.149
91     06 May 2007; Christian Heim <phreak@gentoo.org>
92     hardened-sources-2.6.21.ebuild:
93     Bumping the hardened-patches version, needed for the fix for #177234.
94 phreak 1.148
95     *hardened-sources-2.6.21 (02 May 2007)
96    
97     02 May 2007; Christian Heim <phreak@gentoo.org>
98     +hardened-sources-2.6.21.ebuild:
99     Version bump, Linux 2.6.21-hardened.
100 phreak 1.147
101     29 Apr 2007; Christian Heim <phreak@gentoo.org>
102     hardened-sources-2.6.20-r2.ebuild:
103     Adding ~ia64 on Ned's request.
104 phreak 1.146
105     29 Apr 2007; Christian Heim <phreak@gentoo.org>
106     hardened-sources-2.6.20-r2.ebuild:
107     Fixing the included grsecurity patch, wasn't alligning due to the Index:
108     header line(s).
109 phreak 1.145
110     29 Apr 2007; Christian Heim <phreak@gentoo.org>
111     hardened-sources-2.6.20-r2.ebuild:
112     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
113 armin76 1.144
114     *hardened-sources-2.6.20-r2 (10 Apr 2007)
115    
116     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
117     +hardened-sources-2.6.20-r2.ebuild:
118     Version bump, on behalf of phreak
119 phreak 1.143
120     *hardened-sources-2.6.20-r1 (04 Apr 2007)
121    
122     04 Apr 2007; Christian Heim <phreak@gentoo.org>
123     +hardened-sources-2.6.20-r1.ebuild:
124     Revision bump, grabbing a newer grsecurity snapshot.
125 phreak 1.142
126     *hardened-sources-2.6.20 (25 Mar 2007)
127    
128     25 Mar 2007; Christian Heim <phreak@gentoo.org>
129     +hardened-sources-2.6.20.ebuild:
130     Finally a hardened-sources version for 2.6.20; many people have been waiting
131     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
132     testbox.
133 chainsaw 1.141
134     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
135     hardened-sources-2.6.18-r6.ebuild:
136     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
137 phreak 1.140
138     *hardened-sources-2.6.18-r6 (16 Mar 2007)
139    
140     16 Mar 2007; Christian Heim <phreak@gentoo.org>
141     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
142     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
143     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
144     supposed to be.
145 phreak 1.139
146     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
147     Fixing the Manifest, the previous one was broken (as in still had the
148     deleted ebuild in it).
149 phreak 1.138
150     06 Mar 2007; Christian Heim <phreak@gentoo.org>
151     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
152     +hardened-sources-2.6.18-r5.ebuild:
153     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
154     Linux 2.6.18.8. Also cleaning up the older version.
155    
156     *hardened-sources-2.6.18-r5 (06 Mar 2007)
157    
158     06 Mar 2007; Christian Heim <phreak@gentoo.org>
159     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
160     +hardened-sources-2.6.18-r5.ebuild:
161     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
162     Linux 2.6.18.8. Also cleaning up the older version.
163 phreak 1.137
164     24 Feb 2007; Christian Heim <phreak@gentoo.org>
165     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
166     -hardened-sources-2.6.19-r5.ebuild:
167     Removing some of the old version, that didn't work.
168 phreak 1.136
169     *hardened-sources-2.6.19-r6 (12 Feb 2007)
170    
171     12 Feb 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.19-r6.ebuild:
173     Revision bump, including a new grsec version fixing #166235.
174 pappy 1.134
175     *hardened-sources-2.4.34 (24 Jan 2007)
176    
177     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
178 pappy 1.135 Manifest:
179     updating Manifest with checksums of new tarball and ebuild
180    
181     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
182 pappy 1.134 +hardened-sources-2.4.34.ebuild:
183     I added new hardened sources 2.4 update, this is a critical path
184     security bugfix - all users of h-s are strongly advised
185     to update their existing hardened sources to this version.
186     It contains a fix for a kernel vulnerability that is pertaining
187     to the PaX changes to virtual memory management, possibly leading
188     to a local kernel exploit ... see grsecurity.net forums and homepage
189 phreak 1.133
190     23 Jan 2007; Christian Heim <phreak@gentoo.org>
191     files/digest-hardened-sources-2.6.19-r5, Manifest:
192     Fixing the patch-tarball digest.
193 phreak 1.132
194     *hardened-sources-2.6.19-r5 (23 Jan 2007)
195    
196     23 Jan 2007; Christian Heim <phreak@gentoo.org>
197     +hardened-sources-2.6.19-r5.ebuild:
198     Revision bump, closing the recently discovered PaX expand_stack()
199     vulnerability.
200 phreak 1.131
201     *hardened-sources-2.6.19-r4 (14 Jan 2007)
202    
203     14 Jan 2007; Christian Heim <phreak@gentoo.org>
204     +hardened-sources-2.6.19-r4.ebuild:
205     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
206     dropping the randomized PID feature.
207 opfer 1.130
208     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
209     hardened-sources-2.4.33.4.ebuild:
210     stable x86, bug #161171
211 phreak 1.129
212     *hardened-sources-2.6.19-r3 (27 Dec 2006)
213    
214     27 Dec 2006; Christian Heim <phreak@gentoo.org>
215     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
216     Revision bump for bug #157186 and #158786.
217 phreak 1.128
218     *hardened-sources-2.6.18-r4 (27 Dec 2006)
219    
220     27 Dec 2006; Christian Heim <phreak@gentoo.org>
221     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
222     Revision bump for bug #157186.
223 phreak 1.127
224     *hardened-sources-2.6.19-r2 (23 Dec 2006)
225    
226     23 Dec 2006; Christian Heim <phreak@gentoo.org>
227     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
228     Revision bump to pull in genpatches-2.6.19-3 for #157186.
229 phreak 1.126
230     17 Dec 2006; Christian Heim <phreak@gentoo.org>
231     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
232     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
233     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
234     hardened-sources-2.6.19-r1.ebuild:
235     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
236     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
237 pappy 1.125
238     *hardened-sources-2.4.33.4 (17 Dec 2006)
239    
240     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
241     +hardened-sources-2.4.33.4.ebuild:
242     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
243     and quilting
244 phreak 1.124
245     *hardened-sources-2.6.19-r1 (14 Dec 2006)
246    
247     14 Dec 2006; Christian Heim <phreak@gentoo.org>
248     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
249     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
250     for reporting).
251 phreak 1.123
252     *hardened-sources-2.6.19 (13 Dec 2006)
253    
254     13 Dec 2006; Christian Heim <phreak@gentoo.org>
255     +hardened-sources-2.6.19.ebuild:
256     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
257     Brad for providing that prompt update.
258 phreak 1.122
259     *hardened-sources-2.6.18-r3 (13 Dec 2006)
260    
261     13 Dec 2006; Christian Heim <phreak@gentoo.org>
262     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
263     +hardened-sources-2.6.18-r3.ebuild:
264     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
265     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
266 phreak 1.121
267     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
268     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
269 nixnut 1.120
270     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
271     Stable on ppc wrt bug 157356
272 opfer 1.119
273     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
274     hardened-sources-2.6.18.ebuild:
275     stable x86, bug #157356
276 phreak 1.118
277     *hardened-sources-2.6.18-r2 (06 Dec 2006)
278    
279     06 Dec 2006; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.6.18-r2.ebuild:
281     Revision bump, including 2.6.18.5 (via genpatches) and
282     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
283     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
284     redesign.
285 phreak 1.117
286     06 Dec 2006; Christian Heim <phreak@gentoo.org>
287     hardened-sources-2.6.18.ebuild:
288     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
289     of Mike Doty).
290 phreak 1.116
291     *hardened-sources-2.6.18-r1 (23 Nov 2006)
292    
293     23 Nov 2006; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.18-r1.ebuild:
295     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
296 phreak 1.115
297     *hardened-sources-2.6.18 (11 Nov 2006)
298    
299     11 Nov 2006; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.6.18.ebuild:
301     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
302 solar 1.114
303     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
304     - mark amd64 stable also. bug #151877
305 solar 1.113
306     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
307     - mark 2.6.17-r1 stable
308 phreak 1.112
309     27 Aug 2006; Christian Heim <phreak@gentoo.org>
310     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
311     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
312 phreak 1.111
313     *hardened-sources-2.6.17-r1 (26 Aug 2006)
314    
315     26 Aug 2006; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.6.17-r1.ebuild:
317     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
318     grsecurity patch.
319 phreak 1.110
320     *hardened-sources-2.6.17 (17 Aug 2006)
321    
322     17 Aug 2006; Christian Heim <phreak@gentoo.org>
323     +hardened-sources-2.6.17.ebuild:
324     Bumping the hardened-sources-2.6 series to 2.6.17, using
325     genpatches-2.6.17-6.base.
326 solar 1.109
327     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
328     - stable on x86 and amd64
329 solar 1.108
330     *hardened-sources-2.6.16-r11 (15 Jul 2006)
331    
332     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
333     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
334     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
335     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
336     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
337     crusty ebuilds
338 johnm 1.107
339     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
340     hardened-sources-2.6.16-r10.ebuild:
341     marking stable on x86 and amd64
342 solar 1.106
343     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
344     - 2.4.32-r6 stable on x86. RSBAC state unknown
345 kang 1.105
346     *hardened-sources-2.4.32-r7 (10 Jul 2006)
347    
348     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
349     +hardened-sources-2.4.32-r7.ebuild:
350     Bump PaX for RSBAC to test-17
351 johnm 1.104
352     *hardened-sources-2.6.16-r9 (03 Jul 2006)
353    
354     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
355     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
356     hardened-sources-2.6.16 bump to latest -base.
357 solar 1.103
358     *hardened-sources-2.4.32-r6 (30 Jun 2006)
359    
360     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
361     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
362     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
363     sysctl controlable resource logging
364 johnm 1.102
365     *hardened-sources-2.6.16-r7 (05 Jun 2006)
366    
367     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
368     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
369     push new 2.6.16 release in preparation for stable
370 solar 1.101
371     22 May 2006; <solar@gentoo.org> :
372     - redigest bug 134002
373 kang 1.100
374     *hardened-sources-2.4.32-r5 (16 May 2006)
375    
376     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
377     +hardened-sources-2.4.32-r5.ebuild:
378     Fixes rsbac common patching (new patch in new -r5 patchset)
379 solar 1.99
380     *hardened-sources-2.4.32-r4 (13 May 2006)
381    
382     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
383     +hardened-sources-2.4.32-r4.ebuild:
384     - security bumps
385 johnm 1.98
386     *hardened-sources-2.6.16-r6 (03 May 2006)
387    
388     03 May 2006; John Mylchreest <johnm@gentoo.org>
389     +hardened-sources-2.6.16-r6.ebuild:
390     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
391 johnm 1.97
392     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
393     hardened-sources-2.6.14-r8.ebuild:
394     fix x86_64 build problem, this will delay the digest issue again for a short
395     while but it will sort itself out
396 johnm 1.96
397     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
398     hardened-sources-2.6.14-r8.ebuild:
399     bump hardened patchset
400 antarus 1.94
401     27 Apr 2006; Alec Warner <antarus@gentoo.org>
402     files/digest-hardened-sources-2.4.32-r2,
403     files/digest-hardened-sources-2.4.32-r3,
404     files/digest-hardened-sources-2.6.14-r8, Manifest:
405     Fixing duff SHA256 digests: Bug # 131293
406 johnm 1.93
407 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
408    
409     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
410     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
411     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
412     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
413     cleanup of old uneccessary sources
414    
415 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
416     fix digest
417 johnm 1.92
418     *hardened-sources-2.6.14-r8 (20 Apr 2006)
419    
420     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
421     +hardened-sources-2.6.14-r8.ebuild:
422     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
423 johnm 1.91
424     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
425     Turning on gpg-signing again, and recomitting
426 johnm 1.90
427     *hardened-sources-2.6.16-r4 (20 Apr 2006)
428    
429     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
430     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
431     +hardened-sources-2.6.16-r4.ebuild:
432     Fix numerous security vulns
433 solar 1.89
434     *hardened-sources-2.4.32-r3 (16 Apr 2006)
435    
436     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
437     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
438     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
439     - security bump for bug #112791. Removed old ebuilds
440 johnm 1.88
441     *hardened-sources-2.6.16-r3 (15 Apr 2006)
442    
443     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
444     +hardened-sources-2.6.16-r3.ebuild:
445     Removing silly localversion which I missed
446 johnm 1.87
447     *hardened-sources-2.6.14-r7 (14 Apr 2006)
448    
449     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
450     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
451     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
452 johnm 1.86
453     *hardened-sources-2.6.16-r2 (13 Apr 2006)
454    
455     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
456     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
457     +hardened-sources-2.6.16-r2.ebuild:
458     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
459     labels, dropping USERGROUP define fixes, since these were merged mainstream.
460 johnm 1.85
461     *hardened-sources-2.6.16-r1 (11 Apr 2006)
462    
463     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
464     +hardened-sources-2.6.16-r1.ebuild:
465     Bumping to include ppc build fix and 2.6.16.3
466 tsunam 1.84
467     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
468     hardened-sources-2.6.14-r6.ebuild:
469     Stable on x86; bug #127718
470 johnm 1.83
471     *hardened-sources-2.6.16 (31 Mar 2006)
472    
473     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
474     +hardened-sources-2.6.16.ebuild:
475     Bumping to new version of grsec, and kernel base. New squashfs. Based on
476     2.6.16.1
477 cryos 1.82
478     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
479     hardened-sources-2.6.14-r6.ebuild:
480     Stable on amd64, bug 127718.
481 nixnut 1.81
482     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
483     Stable on ppc. Bug #127718
484 johnm 1.80
485     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
486     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
487     -hardened-sources-2.6.14-r4.ebuild:
488     Cleanup.
489 johnm 1.79
490     *hardened-sources-2.6.14-r6 (15 Mar 2006)
491    
492     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
493     +hardened-sources-2.6.14-r6.ebuild:
494     Fixes grsec policy recreation bug and adds a
495     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
496 solar 1.78
497     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
498     - stable on x86
499 hansmi 1.77
500     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
501     hardened-sources-2.6.14-r5.ebuild:
502     Stable on ppc.
503 johnm 1.76
504     *hardened-sources-2.6.14-r5 (01 Feb 2006)
505    
506     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
507     +hardened-sources-2.6.14-r5.ebuild:
508     fixing every known exploit
509 solar 1.75
510     *hardened-sources-2.4.32-r2 (26 Jan 2006)
511    
512     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
513     +hardened-sources-2.4.32-r2.ebuild:
514     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
515 solar 1.74
516     *hardened-sources-2.6.14-r4 (12 Jan 2006)
517    
518     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
519     - version bump for new genpatches which fix up a few sec holes
520 solar 1.73
521     *hardened-sources-2.4.32-r1 (05 Jan 2006)
522    
523     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
524     - revision bump to add misc vital linux kernel security patches.
525 johnm 1.72
526     *hardened-sources-2.6.14-r3 (30 Dec 2005)
527    
528     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
529     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
530     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
531 johnm 1.71
532     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
533     hardened-sources-2.6.14-r2.ebuild:
534     making x86 & amd64 stable following testing.
535 johnm 1.70
536     *hardened-sources-2.6.14-r2 (27 Dec 2005)
537    
538     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
539     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
540     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
541     network hooks.
542 johnm 1.69
543     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
544     hardened-sources-2.6.14-r1.ebuild:
545     bumping to stable early for sec fix on x86 & amd64
546 johnm 1.68
547     *hardened-sources-2.6.14-r1 (05 Dec 2005)
548    
549     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
550     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
551     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
552 solar 1.67
553     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
554     - stable on x86 security bug #114227 CAN-2005-3257
555 kang 1.66
556     *hardened-sources-2.4.32 (19 Nov 2005)
557    
558     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
559     +hardened-sources-2.4.32.ebuild:
560     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
561     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
562     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
563     rsbac >> /etc/portage/package.use)
564 johnm 1.65
565     *hardened-sources-2.6.14 (14 Nov 2005)
566    
567     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
568     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
569     Bumping 2.6 series to 2.6.14.2
570 johnm 1.64
571     *hardened-sources-2.6.13-r2 (20 Oct 2005)
572    
573     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
574     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
575     +hardened-sources-2.6.13-r2.ebuild:
576     Fixes minor build error in ppc.
577 johnm 1.63
578     *hardened-sources-2.6.13-r1 (17 Oct 2005)
579    
580     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
581     +hardened-sources-2.6.13-r1.ebuild:
582     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
583     2.6.13.4, fixes some major amd64 stability problems.
584 johnm 1.62
585     *hardened-sources-2.6.13 (16 Sep 2005)
586    
587     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
588     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
589     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
590     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
591     users should test this thoroughly.
592 solar 1.61
593     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
594     - stable on x86
595 johnm 1.60
596     *hardened-sources-2.6.11-r15 (27 Jun 2005)
597    
598     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
599     +hardened-sources-2.6.11-r15.ebuild:
600     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
601     grsec redefining curr_ip struct.
602 solar 1.59
603     *hardened-sources-2.4.31 (20 Jun 2005)
604    
605     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
606     initial import of 2.4.31 tree
607 johnm 1.58
608     *hardened-sources-2.6.11-r14 (14 Jun 2005)
609    
610     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
611     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
612     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
613     naming scheme to abide by genpatches
614 johnm 1.57
615     *hardened-sources-2.6.11-r13 (18 May 2005)
616    
617     18 May 2005; John Mylchreest <johnm@gentoo.org>
618     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
619     Managed to mangle the Makefile patch from grsec, to miss out the grsec
620     target. sorry about that. Fixes bug #93022
621 johnm 1.56
622     *hardened-sources-2.6.11-r12 (17 May 2005)
623    
624     17 May 2005; John Mylchreest <johnm@gentoo.org>
625     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
626     +hardened-sources-2.6.11-r12.ebuild:
627     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
628     merges in genpatches-base
629 johnm 1.55
630     *hardened-sources-2.6.11-r12 (17 May 2005)
631    
632     17 May 2005; John Mylchreest <johnm@gentoo.org>
633     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
634     +hardened-sources-2.6.11-r12.ebuild:
635     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
636     merges in genpatches-base
637 solar 1.54
638     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
639     -files/2.4.27-cmdline-race.patch,
640     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
641     -files/2.4.28-grsec-binfmt_a.out.patch,
642     -files/2.4.28-grsec-cmdline-race.patch,
643     -files/2.4.28-selinux-binfmt_a.out.patch,
644     -files/2.4.28-selinux-cmdline-race.patch,
645     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
646     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
647     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
648     cleanup..
649 solar 1.53
650     *hardened-sources-2.4.30-r1 (21 Apr 2005)
651    
652     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
653     - disable aout by default
654 solar 1.52
655     *hardened-sources-2.4.30 (18 Apr 2005)
656    
657     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
658     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
659     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
660     use
661 tocharian 1.50
662 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
663    
664     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
665     +hardened-sources-2.4.29.ebuild:
666     New hardened-patches-2.4-29.0 patchball.
667     Removed SELinux support, upgraded GRSecurity to 2.1.4.
668    
669     *hardened-sources-2.4.28-r5 (06 Mar 2005)
670    
671     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
672     +hardened-sources-2.4.28-r5.ebuild:
673     Added a fix for a PaX vulnerability.
674    
675     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
676 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
677     Stable on x86
678 solar 1.49
679     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
680     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
681     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
682     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
683     - fixed/added RDEPEND= in all kernel-2 ebuilds
684 tocharian 1.48
685     *hardened-sources-2.4.28-r4 (21 Jan 2005)
686    
687     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
688     +hardened-sources-2.4.28-r4.ebuild:
689     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
690     backport of neighbour hash updates.
691 tocharian 1.47
692     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
693     hardened-sources-2.4.28-r3.ebuild:
694     Stable on x86
695 tseng 1.46
696     *hardened-sources-2.6.10-r3 (20 Jan 2005)
697    
698     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
699     +hardened-sources-2.6.10-r3.ebuild:
700     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
701     in 2005.0
702 tocharian 1.45
703     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
704     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
705     hardened-sources-2.4.28-r2.ebuild:
706     Mark stable on x86
707 tocharian 1.44
708     *hardened-sources-2.4.28-r3 (17 Jan 2005)
709    
710     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
711     +hardened-sources-2.4.28-r3.ebuild:
712     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
713 tocharian 1.43
714     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715     hardened-sources-2.4.28.ebuild:
716     Mark stable on x86.
717 tocharian 1.42
718     *hardened-sources-2.4.28-r2 (13 Jan 2005)
719    
720     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721     +hardened-sources-2.4.28-r2.ebuild:
722     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
723     Mazinger for grsecurity patches as well.
724 plasmaroo 1.41
725     *hardened-sources-2.4.28-r1 (23 Dec 2004)
726    
727     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
728     Security bump. Thank tocharian for rolling a new patchset...
729 solar 1.40
730     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
731     +files/2.4.28-grsec-cmdline-race.patch,
732     +files/2.4.28-selinux-binfmt_a.out.patch,
733     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
734     - Round up remaining security patches that appear to be missing in 2.4.28. -
735     PaX standalone updated to current. hgpv=28.1
736 solar 1.39
737     *hardened-sources-2.4.28 (28 Nov 2004)
738    
739     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
740     security bump. Thank tocharian for rolling a new patchset
741 scox 1.31
742 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
743    
744     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
745     +hardened-sources-2.4.27-r3.ebuild:
746     Applies the new 2.4-27.2 patchball which updates
747     GRSecurity to the 2.0.1 version.
748    
749 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
750    
751     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
752     +hardened-sources-2.4.27-r2.ebuild:
753     Version bump.
754     This version uses the new 2.4-27.1 patchball which updates
755     both the SELinux PaX hooks patch and the SELinux headers.
756    
757 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
758    
759     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
760     +hardened-sources-2.4.27-r1.ebuild,
761     -hardened-sources-2.4.27.ebuild,
762     +files/2.4.27-cmdline-race.patch:
763     Version bump, fix for cmdline race. See bug #59905.
764    
765     *hardened-sources-2.4.26-r6 (09 Aug 2004)
766    
767     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
768     +hardened-sources-2.4.26-r6.ebuild,
769     -hardened-sources-2.4.26-r5.ebuild,
770     -hardened-sources-2.4.26-r4.ebuild,
771     +files/2.4.26-cmdline-race.patch:
772     Version bump, fix for cmdline race. See bug #59905.
773    
774 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
775    
776     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
777     +hardened-sources-2.4.27.ebuild,
778     +files/2.4.27-CAN-2004-0394.patch:
779     Ported the patchball to the 2.4.27 kernel version.
780    
781 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
782    
783     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
784     +hardened-sources-2.4.26-r5.ebuild:
785 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
786 scox 1.34 It adds the following features:
787     - Squashfs
788     - Ebtables
789     - Netdev random (core+drivers)
790     - Watchdog Timer (WDT) fix.
791    
792 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
793    
794     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
795     +hardened-sources-2.4.26-r4.ebuild,
796     +files/2.4.26-CAN-2004-0415.patch,
797     -hardened-sources-2.4.26-3:
798     Version bump, fix for CAN 0415, see bug #59378.
799    
800 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
801    
802     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
803     +hardened-sources-2.4.26-r3.ebuild,
804     +files/2.4.26-CAN-2004-0497.patch,
805     -hardened-sources-2.4.26-r2.ebuild:
806     Version bump, fixed CAN 0497, see bug #56171.
807    
808 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
809    
810     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
811 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
812 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
813     +files/2.4.26-CAN-2004-0535.patch,
814     -hardened-sources-2.4.26-r1.ebuild:
815     Fixes for both CAN 0495 and 0535, see bug #54976
816 pvdabeel 1.27
817 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
818     hardened-sources-2.4.26-r1.ebuild:
819     QA - fix use invocation
820 scox 1.28
821     *hardened-sources-2.4.26-r1 (22 June 2004)
822    
823     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
824     +hardened-sources-2.4.26-r1.ebuild,
825     +files/2.4.26-CAN-2004-0394.patch,
826     +files/2.4.26-signal-race.patch,
827     -hardened-sources-2.4.26.ebuild,
828     -hardened-sources-2.4.24-r3.ebuild:
829     Version bump for the CAN-2004-0394 issue and bug #53804
830     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
831    
832    
833 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
834     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
835     Masked hardened-sources-2.4.26.ebuild broken for ppc
836    
837     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
838     hardened-sources-2.4.24-r3.ebuild:
839     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
840 plasmaroo 1.25
841 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
842    
843     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
844     +hardened-sources-2.4.26.ebuild:
845     Updated hardened-sources for the 2.4.26 kernel
846     Removed broken components, updated almost everything.
847    
848 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
849    
850     17 Apr 2004; <plasmaroo@gentoo.org>
851     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
852     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
853     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
854     +hardened-sources-2.4.24-r3.ebuild:
855     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
856     vulnerabilities. Old revisions removed.
857 plasmaroo 1.24
858     *hardened-sources-2.4.24-r2 (15 Apr 2004)
859    
860     15 Apr 2004; <plasmaroo@gentoo.org>
861     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
862     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
863     Version bump for the CAN-2004-0109 issue; bug #47881.
864 aliz 1.23
865     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
866     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
867     Add eutils to inherit.
868 plasmaroo 1.22
869     *hardened-sources-2.4.24-r1 (19 Feb 2004)
870    
871     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
872     files/hardened-sources-2.4.24.munmap.patch:
873     Added the patch for the mremap/munmap vulnerability. Bug #42024.
874 scox 1.19
875 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
876 scox 1.26
877 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
878     hardened-sources-2.4.24.ebuild:
879     Version bump, updated most of the components.
880     This release includes the following:
881    
882     - Hardened security
883     - Netfilter patch-o-matic 20031219
884     - FreeSWAN 2.04 & x509 1.4.8
885     - EVMS 2.2.2
886     - XFS 1.3.1
887     - cryptoloop jari
888     - grsecurity 2.0-rc4
889     - SELinux
890     - PaX 200402060000
891     - PaX Obscurity 200308302223
892     - Others...
893    
894     Neither -ck nor systrace are included anymore.
895    
896 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
897    
898     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
899     hardened-sources-2.4.22-r2.ebuild:
900 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
901 scox 1.19
902     *hardened-sources-2.4.22-r1 (02 Dec 2003)
903 iggy 1.17
904     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
905 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
906 iggy 1.16
907     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
908 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
909     Version bump for the 'do_brk' vulnerability.
910 iggy 1.15
911     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
912     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
913     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
914     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
915 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
916 frogger 1.14
917     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
918     hardened-sources-2.4.22.ebuild:
919 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
920     components. These are no longer handled in the kernel
921     so this code was not necessary.
922 frogger 1.13
923     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
924     New 2.4.22 based hardened-sources thanks to
925     Phil West <p.west@computer.org>.
926    
927     These sources include:
928 plasmaroo 1.18 - New SELinux API
929     - Updated CK-base
930     - Updated GRSec
931     - Systrace
932     - SuperFreeS/WAN 1.99.8
933     - Propolice kernel build support
934     - EVMS
935     - Other various security related patches
936 frogger 1.11
937 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
938    
939     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
940     Updated hardened-sources based on the 2.4.21 Linux kernel.
941     This includes updates to most major components such as:
942 plasmaroo 1.18 - ck-base-0306300059
943     - selinux-2.4-2003071106
944     - grsecurity-2.0-rc1
945     - Updated IPTables patch-o-matic
946     - Updated SuperFreeS/WAN
947    
948 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
949     updated patch set ready for the 2.4.21 based kernel.
950    
951 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
952     Initial import of hardened-sources-2.4.20-r4. This revision
953     includes only a few changes, but one of these is an important
954     security fix. It is recommended all users of hardened-sources
955     upgrade to this release.
956 plasmaroo 1.18
957 frogger 1.11 - ioperm bug fix
958     - fixed compilation failure when building without GRSec
959 plasmaroo 1.18
960 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
961     due to time constraints, but is planned for inclusion in the near
962     future.
963 msterret 1.10
964     *hardened-sources-2.4.20-r2 (12 Jun 2003)
965    
966     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
967     hardened-sources-2.4.20-r3.ebuild:
968 plasmaroo 1.18 Add Header...
969 frogger 1.9
970     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
971     hardened-sources-2.4.20-r3.ebuild:
972     Removed warnings from ebuild. This kernel should be safe to
973     use at this point.
974 frogger 1.8
975     *hardened-sources-2.4.20-r3 (08 Jun 2003)
976    
977     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
978     hardened-sources-2.4.20-r3.ebuild:
979     New revision. Includes the following changes over -r2:
980 plasmaroo 1.18
981 frogger 1.8 - ck7-base (O(1), preempt, low latency)
982     - Super FreeS/WAN 1.99.7rc2
983     - PaX for the LSM/SELinux branch
984     - GRSecurity 2.0-pre4 (role based access control)
985     - Systrace 1.3
986     - EXT3 fixes
987     - EVMS 2.0.1
988     - GCC 3.1+ compile optimizations
989     - ProPolice kernel build support
990     - Hashing table security fixes
991 frogger 1.3
992     *hardened-sources-2.4.20-r1 (09 Apr 2003)
993 frogger 1.7
994     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
995     Initial import of hardened-sources-r2. This new
996     ebuild includes many new performance and security
997     related patches. As in -r1, it will patch in
998     LSM/SELinux if "selinux" is in USE, otherwise it
999     will patch in GRSecurity. The following patches
1000     are included in this revision:
1001 plasmaroo 1.18
1002 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1003     (pulled from the base CK patch)
1004     - ptrace exploit patch for the LSM kernel
1005     (the GRSec patch already fixes this)
1006     - LSM 2.4-2003040709
1007     - SELinux 2.4-2003040709
1008     - Systrace v1.2
1009     - IPTables patch-o-matic base patches - 20030107
1010     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1011     - Super FreeS/WAN 1.99.6.1
1012     - GRSecurity 1.9.9g
1013     - MPPE
1014     - EXT3 data journal fix
1015     - CIPE 1.5.4
1016 frogger 1.6
1017     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1018     hardened-sources-2.4.20-r1.ebuild, manifest:
1019 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1020 frogger 1.5
1021     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1022     hardened-sources-2.4.20-r1.ebuild:
1023     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1024     is patched in instead. Ptrace patches for selinux have also been added. In
1025     either case, systrace support will be patched in as well.
1026 frogger 1.3
1027     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1028     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1029 plasmaroo 1.18 Revision bump for new sources.
1030 frogger 1.4
1031 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1032 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1033 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1034 method 1.1
1035 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1036    
1037 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1038     hardened-sources-2.4.20.ebuild:
1039 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20