/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.164 - (hide annotations) (download)
Tue Jul 10 19:48:09 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.163: +5 -1 lines
Cleanup.
(Portage version: 2.1.3_rc7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.164 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.163 2007/07/08 21:09:37 phreak Exp $
4    
5     10 Jul 2007; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
7     Cleanup.
8 phreak 1.163
9     *hardened-sources-2.6.20-r6 (08 Jul 2007)
10    
11     08 Jul 2007; Christian Heim <phreak@gentoo.org>
12     +hardened-sources-2.6.20-r6.ebuild:
13     Revision bump, grabbing yet another stable release.
14 phreak 1.162
15     17 Jun 2007; Christian Heim <phreak@gentoo.org>
16     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
17     -hardened-sources-2.6.21-r2.ebuild:
18     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
19     alpha stable KEYWORD by mistake.
20 phreak 1.161
21     17 Jun 2007; Christian Heim <phreak@gentoo.org>
22     hardened-sources-2.6.20-r5.ebuild:
23     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
24     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
25 phreak 1.160
26     *hardened-sources-2.6.21-r3 (12 Jun 2007)
27    
28     12 Jun 2007; Christian Heim <phreak@gentoo.org>
29     +hardened-sources-2.6.21-r3.ebuild:
30     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
31     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
32     love.
33 phreak 1.159
34     *hardened-sources-2.6.20-r5 (11 Jun 2007)
35    
36     11 Jun 2007; Christian Heim <phreak@gentoo.org>
37     +hardened-sources-2.6.20-r5.ebuild:
38     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
39     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
40     love.
41 pappy 1.158
42     *hardened-sources-2.4.34.5 (11 Jun 2007)
43    
44     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
45     +hardened-sources-2.4.34.5.ebuild:
46     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
47 phreak 1.157
48     30 May 2007; Christian Heim <phreak@gentoo.org>
49     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
50     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
51     stale ebuild(s).
52 phreak 1.156
53     30 May 2007; Christian Heim <phreak@gentoo.org>
54     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
55     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
56     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
57     Doing some cleanups, remove stale ebuilds.
58 phreak 1.155
59     26 May 2007; Christian Heim <phreak@gentoo.org>
60     hardened-sources-2.6.21-r2.ebuild:
61     Fixing the grsecurity patch, had one '};' too much.
62 phreak 1.154
63     *hardened-sources-2.6.21-r2 (26 May 2007)
64    
65     26 May 2007; Christian Heim <phreak@gentoo.org>
66     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
67     +hardened-sources-2.6.21-r2.ebuild:
68     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
69     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
70 phreak 1.153
71     *hardened-sources-2.6.20-r4 (26 May 2007)
72    
73     26 May 2007; Christian Heim <phreak@gentoo.org>
74     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
75     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
76 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
77 phreak 1.152
78     15 May 2007; Christian Heim <phreak@gentoo.org>
79     hardened-sources-2.6.20-r3.ebuild:
80     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
81     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
82     grsecurity patch fail in that exact same hunk.
83 phreak 1.151
84     *hardened-sources-2.6.20-r3 (15 May 2007)
85    
86     15 May 2007; Christian Heim <phreak@gentoo.org>
87     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
88     Revision bump, incorporating Linux 2.6.20.11.
89    
90     *hardened-sources-2.6.21-r1 (11 May 2007)
91    
92     11 May 2007; Christian Heim <phreak@gentoo.org>
93     +hardened-sources-2.6.21-r1.ebuild:
94     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
95     mentioned in #177234.
96 kevquinn 1.150
97     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
98     files/digest-hardened-sources-2.6.21, Manifest:
99     Fix Manifest/digest for linux-2.6.21.tar.bz2
100 phreak 1.149
101     06 May 2007; Christian Heim <phreak@gentoo.org>
102     hardened-sources-2.6.21.ebuild:
103     Bumping the hardened-patches version, needed for the fix for #177234.
104 phreak 1.148
105     *hardened-sources-2.6.21 (02 May 2007)
106    
107     02 May 2007; Christian Heim <phreak@gentoo.org>
108     +hardened-sources-2.6.21.ebuild:
109     Version bump, Linux 2.6.21-hardened.
110 phreak 1.147
111     29 Apr 2007; Christian Heim <phreak@gentoo.org>
112     hardened-sources-2.6.20-r2.ebuild:
113     Adding ~ia64 on Ned's request.
114 phreak 1.146
115     29 Apr 2007; Christian Heim <phreak@gentoo.org>
116     hardened-sources-2.6.20-r2.ebuild:
117     Fixing the included grsecurity patch, wasn't alligning due to the Index:
118     header line(s).
119 phreak 1.145
120     29 Apr 2007; Christian Heim <phreak@gentoo.org>
121     hardened-sources-2.6.20-r2.ebuild:
122     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
123 armin76 1.144
124     *hardened-sources-2.6.20-r2 (10 Apr 2007)
125    
126     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
127     +hardened-sources-2.6.20-r2.ebuild:
128     Version bump, on behalf of phreak
129 phreak 1.143
130     *hardened-sources-2.6.20-r1 (04 Apr 2007)
131    
132     04 Apr 2007; Christian Heim <phreak@gentoo.org>
133     +hardened-sources-2.6.20-r1.ebuild:
134     Revision bump, grabbing a newer grsecurity snapshot.
135 phreak 1.142
136     *hardened-sources-2.6.20 (25 Mar 2007)
137    
138     25 Mar 2007; Christian Heim <phreak@gentoo.org>
139     +hardened-sources-2.6.20.ebuild:
140     Finally a hardened-sources version for 2.6.20; many people have been waiting
141     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
142     testbox.
143 chainsaw 1.141
144     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
145     hardened-sources-2.6.18-r6.ebuild:
146     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
147 phreak 1.140
148     *hardened-sources-2.6.18-r6 (16 Mar 2007)
149    
150     16 Mar 2007; Christian Heim <phreak@gentoo.org>
151     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
152     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
153     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
154     supposed to be.
155 phreak 1.139
156     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
157     Fixing the Manifest, the previous one was broken (as in still had the
158     deleted ebuild in it).
159 phreak 1.138
160     06 Mar 2007; Christian Heim <phreak@gentoo.org>
161     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
162     +hardened-sources-2.6.18-r5.ebuild:
163     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
164     Linux 2.6.18.8. Also cleaning up the older version.
165    
166     *hardened-sources-2.6.18-r5 (06 Mar 2007)
167    
168     06 Mar 2007; Christian Heim <phreak@gentoo.org>
169     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
170     +hardened-sources-2.6.18-r5.ebuild:
171     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
172     Linux 2.6.18.8. Also cleaning up the older version.
173 phreak 1.137
174     24 Feb 2007; Christian Heim <phreak@gentoo.org>
175     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
176     -hardened-sources-2.6.19-r5.ebuild:
177     Removing some of the old version, that didn't work.
178 phreak 1.136
179     *hardened-sources-2.6.19-r6 (12 Feb 2007)
180    
181     12 Feb 2007; Christian Heim <phreak@gentoo.org>
182     +hardened-sources-2.6.19-r6.ebuild:
183     Revision bump, including a new grsec version fixing #166235.
184 pappy 1.134
185     *hardened-sources-2.4.34 (24 Jan 2007)
186    
187     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
188 pappy 1.135 Manifest:
189     updating Manifest with checksums of new tarball and ebuild
190    
191     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
192 pappy 1.134 +hardened-sources-2.4.34.ebuild:
193     I added new hardened sources 2.4 update, this is a critical path
194     security bugfix - all users of h-s are strongly advised
195     to update their existing hardened sources to this version.
196     It contains a fix for a kernel vulnerability that is pertaining
197     to the PaX changes to virtual memory management, possibly leading
198     to a local kernel exploit ... see grsecurity.net forums and homepage
199 phreak 1.133
200     23 Jan 2007; Christian Heim <phreak@gentoo.org>
201     files/digest-hardened-sources-2.6.19-r5, Manifest:
202     Fixing the patch-tarball digest.
203 phreak 1.132
204     *hardened-sources-2.6.19-r5 (23 Jan 2007)
205    
206     23 Jan 2007; Christian Heim <phreak@gentoo.org>
207     +hardened-sources-2.6.19-r5.ebuild:
208     Revision bump, closing the recently discovered PaX expand_stack()
209     vulnerability.
210 phreak 1.131
211     *hardened-sources-2.6.19-r4 (14 Jan 2007)
212    
213     14 Jan 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.19-r4.ebuild:
215     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
216     dropping the randomized PID feature.
217 opfer 1.130
218     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
219     hardened-sources-2.4.33.4.ebuild:
220     stable x86, bug #161171
221 phreak 1.129
222     *hardened-sources-2.6.19-r3 (27 Dec 2006)
223    
224     27 Dec 2006; Christian Heim <phreak@gentoo.org>
225     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
226     Revision bump for bug #157186 and #158786.
227 phreak 1.128
228     *hardened-sources-2.6.18-r4 (27 Dec 2006)
229    
230     27 Dec 2006; Christian Heim <phreak@gentoo.org>
231     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
232     Revision bump for bug #157186.
233 phreak 1.127
234     *hardened-sources-2.6.19-r2 (23 Dec 2006)
235    
236     23 Dec 2006; Christian Heim <phreak@gentoo.org>
237     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
238     Revision bump to pull in genpatches-2.6.19-3 for #157186.
239 phreak 1.126
240     17 Dec 2006; Christian Heim <phreak@gentoo.org>
241     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
242     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
243     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
244     hardened-sources-2.6.19-r1.ebuild:
245     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
246     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
247 pappy 1.125
248     *hardened-sources-2.4.33.4 (17 Dec 2006)
249    
250     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
251     +hardened-sources-2.4.33.4.ebuild:
252     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
253     and quilting
254 phreak 1.124
255     *hardened-sources-2.6.19-r1 (14 Dec 2006)
256    
257     14 Dec 2006; Christian Heim <phreak@gentoo.org>
258     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
259     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
260     for reporting).
261 phreak 1.123
262     *hardened-sources-2.6.19 (13 Dec 2006)
263    
264     13 Dec 2006; Christian Heim <phreak@gentoo.org>
265     +hardened-sources-2.6.19.ebuild:
266     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
267     Brad for providing that prompt update.
268 phreak 1.122
269     *hardened-sources-2.6.18-r3 (13 Dec 2006)
270    
271     13 Dec 2006; Christian Heim <phreak@gentoo.org>
272     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
273     +hardened-sources-2.6.18-r3.ebuild:
274     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
275     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
276 phreak 1.121
277     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
278     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
279 nixnut 1.120
280     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
281     Stable on ppc wrt bug 157356
282 opfer 1.119
283     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
284     hardened-sources-2.6.18.ebuild:
285     stable x86, bug #157356
286 phreak 1.118
287     *hardened-sources-2.6.18-r2 (06 Dec 2006)
288    
289     06 Dec 2006; Christian Heim <phreak@gentoo.org>
290     +hardened-sources-2.6.18-r2.ebuild:
291     Revision bump, including 2.6.18.5 (via genpatches) and
292     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
293     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
294     redesign.
295 phreak 1.117
296     06 Dec 2006; Christian Heim <phreak@gentoo.org>
297     hardened-sources-2.6.18.ebuild:
298     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
299     of Mike Doty).
300 phreak 1.116
301     *hardened-sources-2.6.18-r1 (23 Nov 2006)
302    
303     23 Nov 2006; Christian Heim <phreak@gentoo.org>
304     +hardened-sources-2.6.18-r1.ebuild:
305     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
306 phreak 1.115
307     *hardened-sources-2.6.18 (11 Nov 2006)
308    
309     11 Nov 2006; Christian Heim <phreak@gentoo.org>
310     +hardened-sources-2.6.18.ebuild:
311     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
312 solar 1.114
313     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
314     - mark amd64 stable also. bug #151877
315 solar 1.113
316     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
317     - mark 2.6.17-r1 stable
318 phreak 1.112
319     27 Aug 2006; Christian Heim <phreak@gentoo.org>
320     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
321     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
322 phreak 1.111
323     *hardened-sources-2.6.17-r1 (26 Aug 2006)
324    
325     26 Aug 2006; Christian Heim <phreak@gentoo.org>
326     +hardened-sources-2.6.17-r1.ebuild:
327     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
328     grsecurity patch.
329 phreak 1.110
330     *hardened-sources-2.6.17 (17 Aug 2006)
331    
332     17 Aug 2006; Christian Heim <phreak@gentoo.org>
333     +hardened-sources-2.6.17.ebuild:
334     Bumping the hardened-sources-2.6 series to 2.6.17, using
335     genpatches-2.6.17-6.base.
336 solar 1.109
337     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
338     - stable on x86 and amd64
339 solar 1.108
340     *hardened-sources-2.6.16-r11 (15 Jul 2006)
341    
342     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
343     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
344     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
345     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
346     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
347     crusty ebuilds
348 johnm 1.107
349     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
350     hardened-sources-2.6.16-r10.ebuild:
351     marking stable on x86 and amd64
352 solar 1.106
353     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
354     - 2.4.32-r6 stable on x86. RSBAC state unknown
355 kang 1.105
356     *hardened-sources-2.4.32-r7 (10 Jul 2006)
357    
358     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
359     +hardened-sources-2.4.32-r7.ebuild:
360     Bump PaX for RSBAC to test-17
361 johnm 1.104
362     *hardened-sources-2.6.16-r9 (03 Jul 2006)
363    
364     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
365     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
366     hardened-sources-2.6.16 bump to latest -base.
367 solar 1.103
368     *hardened-sources-2.4.32-r6 (30 Jun 2006)
369    
370     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
371     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
372     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
373     sysctl controlable resource logging
374 johnm 1.102
375     *hardened-sources-2.6.16-r7 (05 Jun 2006)
376    
377     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
378     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
379     push new 2.6.16 release in preparation for stable
380 solar 1.101
381     22 May 2006; <solar@gentoo.org> :
382     - redigest bug 134002
383 kang 1.100
384     *hardened-sources-2.4.32-r5 (16 May 2006)
385    
386     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
387     +hardened-sources-2.4.32-r5.ebuild:
388     Fixes rsbac common patching (new patch in new -r5 patchset)
389 solar 1.99
390     *hardened-sources-2.4.32-r4 (13 May 2006)
391    
392     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
393     +hardened-sources-2.4.32-r4.ebuild:
394     - security bumps
395 johnm 1.98
396     *hardened-sources-2.6.16-r6 (03 May 2006)
397    
398     03 May 2006; John Mylchreest <johnm@gentoo.org>
399     +hardened-sources-2.6.16-r6.ebuild:
400     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
401 johnm 1.97
402     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
403     hardened-sources-2.6.14-r8.ebuild:
404     fix x86_64 build problem, this will delay the digest issue again for a short
405     while but it will sort itself out
406 johnm 1.96
407     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
408     hardened-sources-2.6.14-r8.ebuild:
409     bump hardened patchset
410 antarus 1.94
411     27 Apr 2006; Alec Warner <antarus@gentoo.org>
412     files/digest-hardened-sources-2.4.32-r2,
413     files/digest-hardened-sources-2.4.32-r3,
414     files/digest-hardened-sources-2.6.14-r8, Manifest:
415     Fixing duff SHA256 digests: Bug # 131293
416 johnm 1.93
417 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
418    
419     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
420     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
421     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
422     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
423     cleanup of old uneccessary sources
424    
425 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
426     fix digest
427 johnm 1.92
428     *hardened-sources-2.6.14-r8 (20 Apr 2006)
429    
430     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
431     +hardened-sources-2.6.14-r8.ebuild:
432     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
433 johnm 1.91
434     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
435     Turning on gpg-signing again, and recomitting
436 johnm 1.90
437     *hardened-sources-2.6.16-r4 (20 Apr 2006)
438    
439     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
440     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
441     +hardened-sources-2.6.16-r4.ebuild:
442     Fix numerous security vulns
443 solar 1.89
444     *hardened-sources-2.4.32-r3 (16 Apr 2006)
445    
446     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
447     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
448     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
449     - security bump for bug #112791. Removed old ebuilds
450 johnm 1.88
451     *hardened-sources-2.6.16-r3 (15 Apr 2006)
452    
453     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
454     +hardened-sources-2.6.16-r3.ebuild:
455     Removing silly localversion which I missed
456 johnm 1.87
457     *hardened-sources-2.6.14-r7 (14 Apr 2006)
458    
459     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
460     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
461     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
462 johnm 1.86
463     *hardened-sources-2.6.16-r2 (13 Apr 2006)
464    
465     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
466     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
467     +hardened-sources-2.6.16-r2.ebuild:
468     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
469     labels, dropping USERGROUP define fixes, since these were merged mainstream.
470 johnm 1.85
471     *hardened-sources-2.6.16-r1 (11 Apr 2006)
472    
473     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
474     +hardened-sources-2.6.16-r1.ebuild:
475     Bumping to include ppc build fix and 2.6.16.3
476 tsunam 1.84
477     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
478     hardened-sources-2.6.14-r6.ebuild:
479     Stable on x86; bug #127718
480 johnm 1.83
481     *hardened-sources-2.6.16 (31 Mar 2006)
482    
483     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
484     +hardened-sources-2.6.16.ebuild:
485     Bumping to new version of grsec, and kernel base. New squashfs. Based on
486     2.6.16.1
487 cryos 1.82
488     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
489     hardened-sources-2.6.14-r6.ebuild:
490     Stable on amd64, bug 127718.
491 nixnut 1.81
492     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
493     Stable on ppc. Bug #127718
494 johnm 1.80
495     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
496     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
497     -hardened-sources-2.6.14-r4.ebuild:
498     Cleanup.
499 johnm 1.79
500     *hardened-sources-2.6.14-r6 (15 Mar 2006)
501    
502     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
503     +hardened-sources-2.6.14-r6.ebuild:
504     Fixes grsec policy recreation bug and adds a
505     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
506 solar 1.78
507     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
508     - stable on x86
509 hansmi 1.77
510     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
511     hardened-sources-2.6.14-r5.ebuild:
512     Stable on ppc.
513 johnm 1.76
514     *hardened-sources-2.6.14-r5 (01 Feb 2006)
515    
516     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
517     +hardened-sources-2.6.14-r5.ebuild:
518     fixing every known exploit
519 solar 1.75
520     *hardened-sources-2.4.32-r2 (26 Jan 2006)
521    
522     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
523     +hardened-sources-2.4.32-r2.ebuild:
524     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
525 solar 1.74
526     *hardened-sources-2.6.14-r4 (12 Jan 2006)
527    
528     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
529     - version bump for new genpatches which fix up a few sec holes
530 solar 1.73
531     *hardened-sources-2.4.32-r1 (05 Jan 2006)
532    
533     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
534     - revision bump to add misc vital linux kernel security patches.
535 johnm 1.72
536     *hardened-sources-2.6.14-r3 (30 Dec 2005)
537    
538     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
539     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
540     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
541 johnm 1.71
542     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
543     hardened-sources-2.6.14-r2.ebuild:
544     making x86 & amd64 stable following testing.
545 johnm 1.70
546     *hardened-sources-2.6.14-r2 (27 Dec 2005)
547    
548     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
549     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
550     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
551     network hooks.
552 johnm 1.69
553     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
554     hardened-sources-2.6.14-r1.ebuild:
555     bumping to stable early for sec fix on x86 & amd64
556 johnm 1.68
557     *hardened-sources-2.6.14-r1 (05 Dec 2005)
558    
559     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
560     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
561     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
562 solar 1.67
563     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
564     - stable on x86 security bug #114227 CAN-2005-3257
565 kang 1.66
566     *hardened-sources-2.4.32 (19 Nov 2005)
567    
568     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
569     +hardened-sources-2.4.32.ebuild:
570     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
571     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
572     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
573     rsbac >> /etc/portage/package.use)
574 johnm 1.65
575     *hardened-sources-2.6.14 (14 Nov 2005)
576    
577     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
578     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
579     Bumping 2.6 series to 2.6.14.2
580 johnm 1.64
581     *hardened-sources-2.6.13-r2 (20 Oct 2005)
582    
583     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
584     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
585     +hardened-sources-2.6.13-r2.ebuild:
586     Fixes minor build error in ppc.
587 johnm 1.63
588     *hardened-sources-2.6.13-r1 (17 Oct 2005)
589    
590     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
591     +hardened-sources-2.6.13-r1.ebuild:
592     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
593     2.6.13.4, fixes some major amd64 stability problems.
594 johnm 1.62
595     *hardened-sources-2.6.13 (16 Sep 2005)
596    
597     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
598     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
599     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
600     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
601     users should test this thoroughly.
602 solar 1.61
603     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
604     - stable on x86
605 johnm 1.60
606     *hardened-sources-2.6.11-r15 (27 Jun 2005)
607    
608     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
609     +hardened-sources-2.6.11-r15.ebuild:
610     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
611     grsec redefining curr_ip struct.
612 solar 1.59
613     *hardened-sources-2.4.31 (20 Jun 2005)
614    
615     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
616     initial import of 2.4.31 tree
617 johnm 1.58
618     *hardened-sources-2.6.11-r14 (14 Jun 2005)
619    
620     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
621     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
622     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
623     naming scheme to abide by genpatches
624 johnm 1.57
625     *hardened-sources-2.6.11-r13 (18 May 2005)
626    
627     18 May 2005; John Mylchreest <johnm@gentoo.org>
628     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
629     Managed to mangle the Makefile patch from grsec, to miss out the grsec
630     target. sorry about that. Fixes bug #93022
631 johnm 1.56
632     *hardened-sources-2.6.11-r12 (17 May 2005)
633    
634     17 May 2005; John Mylchreest <johnm@gentoo.org>
635     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
636     +hardened-sources-2.6.11-r12.ebuild:
637     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
638     merges in genpatches-base
639 johnm 1.55
640     *hardened-sources-2.6.11-r12 (17 May 2005)
641    
642     17 May 2005; John Mylchreest <johnm@gentoo.org>
643     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
644     +hardened-sources-2.6.11-r12.ebuild:
645     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
646     merges in genpatches-base
647 solar 1.54
648     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
649     -files/2.4.27-cmdline-race.patch,
650     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
651     -files/2.4.28-grsec-binfmt_a.out.patch,
652     -files/2.4.28-grsec-cmdline-race.patch,
653     -files/2.4.28-selinux-binfmt_a.out.patch,
654     -files/2.4.28-selinux-cmdline-race.patch,
655     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
656     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
657     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
658     cleanup..
659 solar 1.53
660     *hardened-sources-2.4.30-r1 (21 Apr 2005)
661    
662     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
663     - disable aout by default
664 solar 1.52
665     *hardened-sources-2.4.30 (18 Apr 2005)
666    
667     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
668     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
669     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
670     use
671 tocharian 1.50
672 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
673    
674     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
675     +hardened-sources-2.4.29.ebuild:
676     New hardened-patches-2.4-29.0 patchball.
677     Removed SELinux support, upgraded GRSecurity to 2.1.4.
678    
679     *hardened-sources-2.4.28-r5 (06 Mar 2005)
680    
681     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
682     +hardened-sources-2.4.28-r5.ebuild:
683     Added a fix for a PaX vulnerability.
684    
685     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
686 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
687     Stable on x86
688 solar 1.49
689     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
690     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
691     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
692     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
693     - fixed/added RDEPEND= in all kernel-2 ebuilds
694 tocharian 1.48
695     *hardened-sources-2.4.28-r4 (21 Jan 2005)
696    
697     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
698     +hardened-sources-2.4.28-r4.ebuild:
699     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
700     backport of neighbour hash updates.
701 tocharian 1.47
702     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
703     hardened-sources-2.4.28-r3.ebuild:
704     Stable on x86
705 tseng 1.46
706     *hardened-sources-2.6.10-r3 (20 Jan 2005)
707    
708     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
709     +hardened-sources-2.6.10-r3.ebuild:
710     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
711     in 2005.0
712 tocharian 1.45
713     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
714     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
715     hardened-sources-2.4.28-r2.ebuild:
716     Mark stable on x86
717 tocharian 1.44
718     *hardened-sources-2.4.28-r3 (17 Jan 2005)
719    
720     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721     +hardened-sources-2.4.28-r3.ebuild:
722     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
723 tocharian 1.43
724     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
725     hardened-sources-2.4.28.ebuild:
726     Mark stable on x86.
727 tocharian 1.42
728     *hardened-sources-2.4.28-r2 (13 Jan 2005)
729    
730     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
731     +hardened-sources-2.4.28-r2.ebuild:
732     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
733     Mazinger for grsecurity patches as well.
734 plasmaroo 1.41
735     *hardened-sources-2.4.28-r1 (23 Dec 2004)
736    
737     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
738     Security bump. Thank tocharian for rolling a new patchset...
739 solar 1.40
740     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
741     +files/2.4.28-grsec-cmdline-race.patch,
742     +files/2.4.28-selinux-binfmt_a.out.patch,
743     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
744     - Round up remaining security patches that appear to be missing in 2.4.28. -
745     PaX standalone updated to current. hgpv=28.1
746 solar 1.39
747     *hardened-sources-2.4.28 (28 Nov 2004)
748    
749     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
750     security bump. Thank tocharian for rolling a new patchset
751 scox 1.31
752 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
753    
754     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
755     +hardened-sources-2.4.27-r3.ebuild:
756     Applies the new 2.4-27.2 patchball which updates
757     GRSecurity to the 2.0.1 version.
758    
759 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
760    
761     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
762     +hardened-sources-2.4.27-r2.ebuild:
763     Version bump.
764     This version uses the new 2.4-27.1 patchball which updates
765     both the SELinux PaX hooks patch and the SELinux headers.
766    
767 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
768    
769     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
770     +hardened-sources-2.4.27-r1.ebuild,
771     -hardened-sources-2.4.27.ebuild,
772     +files/2.4.27-cmdline-race.patch:
773     Version bump, fix for cmdline race. See bug #59905.
774    
775     *hardened-sources-2.4.26-r6 (09 Aug 2004)
776    
777     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
778     +hardened-sources-2.4.26-r6.ebuild,
779     -hardened-sources-2.4.26-r5.ebuild,
780     -hardened-sources-2.4.26-r4.ebuild,
781     +files/2.4.26-cmdline-race.patch:
782     Version bump, fix for cmdline race. See bug #59905.
783    
784 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
785    
786     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
787     +hardened-sources-2.4.27.ebuild,
788     +files/2.4.27-CAN-2004-0394.patch:
789     Ported the patchball to the 2.4.27 kernel version.
790    
791 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
792    
793     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
794     +hardened-sources-2.4.26-r5.ebuild:
795 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
796 scox 1.34 It adds the following features:
797     - Squashfs
798     - Ebtables
799     - Netdev random (core+drivers)
800     - Watchdog Timer (WDT) fix.
801    
802 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
803    
804     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
805     +hardened-sources-2.4.26-r4.ebuild,
806     +files/2.4.26-CAN-2004-0415.patch,
807     -hardened-sources-2.4.26-3:
808     Version bump, fix for CAN 0415, see bug #59378.
809    
810 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
811    
812     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
813     +hardened-sources-2.4.26-r3.ebuild,
814     +files/2.4.26-CAN-2004-0497.patch,
815     -hardened-sources-2.4.26-r2.ebuild:
816     Version bump, fixed CAN 0497, see bug #56171.
817    
818 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
819    
820     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
821 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
822 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
823     +files/2.4.26-CAN-2004-0535.patch,
824     -hardened-sources-2.4.26-r1.ebuild:
825     Fixes for both CAN 0495 and 0535, see bug #54976
826 pvdabeel 1.27
827 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
828     hardened-sources-2.4.26-r1.ebuild:
829     QA - fix use invocation
830 scox 1.28
831     *hardened-sources-2.4.26-r1 (22 June 2004)
832    
833     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
834     +hardened-sources-2.4.26-r1.ebuild,
835     +files/2.4.26-CAN-2004-0394.patch,
836     +files/2.4.26-signal-race.patch,
837     -hardened-sources-2.4.26.ebuild,
838     -hardened-sources-2.4.24-r3.ebuild:
839     Version bump for the CAN-2004-0394 issue and bug #53804
840     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
841    
842    
843 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
844     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
845     Masked hardened-sources-2.4.26.ebuild broken for ppc
846    
847     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
848     hardened-sources-2.4.24-r3.ebuild:
849     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
850 plasmaroo 1.25
851 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
852    
853     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
854     +hardened-sources-2.4.26.ebuild:
855     Updated hardened-sources for the 2.4.26 kernel
856     Removed broken components, updated almost everything.
857    
858 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
859    
860     17 Apr 2004; <plasmaroo@gentoo.org>
861     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
862     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
863     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
864     +hardened-sources-2.4.24-r3.ebuild:
865     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
866     vulnerabilities. Old revisions removed.
867 plasmaroo 1.24
868     *hardened-sources-2.4.24-r2 (15 Apr 2004)
869    
870     15 Apr 2004; <plasmaroo@gentoo.org>
871     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
872     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
873     Version bump for the CAN-2004-0109 issue; bug #47881.
874 aliz 1.23
875     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
876     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
877     Add eutils to inherit.
878 plasmaroo 1.22
879     *hardened-sources-2.4.24-r1 (19 Feb 2004)
880    
881     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
882     files/hardened-sources-2.4.24.munmap.patch:
883     Added the patch for the mremap/munmap vulnerability. Bug #42024.
884 scox 1.19
885 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
886 scox 1.26
887 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
888     hardened-sources-2.4.24.ebuild:
889     Version bump, updated most of the components.
890     This release includes the following:
891    
892     - Hardened security
893     - Netfilter patch-o-matic 20031219
894     - FreeSWAN 2.04 & x509 1.4.8
895     - EVMS 2.2.2
896     - XFS 1.3.1
897     - cryptoloop jari
898     - grsecurity 2.0-rc4
899     - SELinux
900     - PaX 200402060000
901     - PaX Obscurity 200308302223
902     - Others...
903    
904     Neither -ck nor systrace are included anymore.
905    
906 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
907    
908     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
909     hardened-sources-2.4.22-r2.ebuild:
910 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
911 scox 1.19
912     *hardened-sources-2.4.22-r1 (02 Dec 2003)
913 iggy 1.17
914     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
915 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
916 iggy 1.16
917     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
918 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
919     Version bump for the 'do_brk' vulnerability.
920 iggy 1.15
921     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
922     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
923     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
924     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
925 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
926 frogger 1.14
927     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
928     hardened-sources-2.4.22.ebuild:
929 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
930     components. These are no longer handled in the kernel
931     so this code was not necessary.
932 frogger 1.13
933     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
934     New 2.4.22 based hardened-sources thanks to
935     Phil West <p.west@computer.org>.
936    
937     These sources include:
938 plasmaroo 1.18 - New SELinux API
939     - Updated CK-base
940     - Updated GRSec
941     - Systrace
942     - SuperFreeS/WAN 1.99.8
943     - Propolice kernel build support
944     - EVMS
945     - Other various security related patches
946 frogger 1.11
947 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
948    
949     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
950     Updated hardened-sources based on the 2.4.21 Linux kernel.
951     This includes updates to most major components such as:
952 plasmaroo 1.18 - ck-base-0306300059
953     - selinux-2.4-2003071106
954     - grsecurity-2.0-rc1
955     - Updated IPTables patch-o-matic
956     - Updated SuperFreeS/WAN
957    
958 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
959     updated patch set ready for the 2.4.21 based kernel.
960    
961 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
962     Initial import of hardened-sources-2.4.20-r4. This revision
963     includes only a few changes, but one of these is an important
964     security fix. It is recommended all users of hardened-sources
965     upgrade to this release.
966 plasmaroo 1.18
967 frogger 1.11 - ioperm bug fix
968     - fixed compilation failure when building without GRSec
969 plasmaroo 1.18
970 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
971     due to time constraints, but is planned for inclusion in the near
972     future.
973 msterret 1.10
974     *hardened-sources-2.4.20-r2 (12 Jun 2003)
975    
976     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
977     hardened-sources-2.4.20-r3.ebuild:
978 plasmaroo 1.18 Add Header...
979 frogger 1.9
980     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
981     hardened-sources-2.4.20-r3.ebuild:
982     Removed warnings from ebuild. This kernel should be safe to
983     use at this point.
984 frogger 1.8
985     *hardened-sources-2.4.20-r3 (08 Jun 2003)
986    
987     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
988     hardened-sources-2.4.20-r3.ebuild:
989     New revision. Includes the following changes over -r2:
990 plasmaroo 1.18
991 frogger 1.8 - ck7-base (O(1), preempt, low latency)
992     - Super FreeS/WAN 1.99.7rc2
993     - PaX for the LSM/SELinux branch
994     - GRSecurity 2.0-pre4 (role based access control)
995     - Systrace 1.3
996     - EXT3 fixes
997     - EVMS 2.0.1
998     - GCC 3.1+ compile optimizations
999     - ProPolice kernel build support
1000     - Hashing table security fixes
1001 frogger 1.3
1002     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1003 frogger 1.7
1004     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1005     Initial import of hardened-sources-r2. This new
1006     ebuild includes many new performance and security
1007     related patches. As in -r1, it will patch in
1008     LSM/SELinux if "selinux" is in USE, otherwise it
1009     will patch in GRSecurity. The following patches
1010     are included in this revision:
1011 plasmaroo 1.18
1012 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1013     (pulled from the base CK patch)
1014     - ptrace exploit patch for the LSM kernel
1015     (the GRSec patch already fixes this)
1016     - LSM 2.4-2003040709
1017     - SELinux 2.4-2003040709
1018     - Systrace v1.2
1019     - IPTables patch-o-matic base patches - 20030107
1020     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1021     - Super FreeS/WAN 1.99.6.1
1022     - GRSecurity 1.9.9g
1023     - MPPE
1024     - EXT3 data journal fix
1025     - CIPE 1.5.4
1026 frogger 1.6
1027     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1028     hardened-sources-2.4.20-r1.ebuild, manifest:
1029 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1030 frogger 1.5
1031     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1032     hardened-sources-2.4.20-r1.ebuild:
1033     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1034     is patched in instead. Ptrace patches for selinux have also been added. In
1035     either case, systrace support will be patched in as well.
1036 frogger 1.3
1037     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1038     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1039 plasmaroo 1.18 Revision bump for new sources.
1040 frogger 1.4
1041 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1042 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1043 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1044 method 1.1
1045 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1046    
1047 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1048     hardened-sources-2.4.20.ebuild:
1049 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20