/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.166 - (hide annotations) (download)
Sat Aug 4 09:17:33 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.165: +6 -1 lines
Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux 2.6.20.15.
(Portage version: 2.1.3.3)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.166 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.165 2007/07/10 19:50:04 phreak Exp $
4    
5     04 Aug 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.20-r6.ebuild:
7     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
8     2.6.20.15.
9 phreak 1.165
10     10 Jul 2007; Christian Heim <phreak@gentoo.org>
11     hardened-sources-2.6.20-r5.ebuild:
12     Marking hardened-sources-2.6.20-r5 stable on ppc.
13 phreak 1.164
14     10 Jul 2007; Christian Heim <phreak@gentoo.org>
15     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
16     Cleanup.
17 phreak 1.163
18     *hardened-sources-2.6.20-r6 (08 Jul 2007)
19    
20     08 Jul 2007; Christian Heim <phreak@gentoo.org>
21     +hardened-sources-2.6.20-r6.ebuild:
22     Revision bump, grabbing yet another stable release.
23 phreak 1.162
24     17 Jun 2007; Christian Heim <phreak@gentoo.org>
25     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
26     -hardened-sources-2.6.21-r2.ebuild:
27     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
28     alpha stable KEYWORD by mistake.
29 phreak 1.161
30     17 Jun 2007; Christian Heim <phreak@gentoo.org>
31     hardened-sources-2.6.20-r5.ebuild:
32     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
33     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
34 phreak 1.160
35     *hardened-sources-2.6.21-r3 (12 Jun 2007)
36    
37     12 Jun 2007; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.21-r3.ebuild:
39     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
40     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
41     love.
42 phreak 1.159
43     *hardened-sources-2.6.20-r5 (11 Jun 2007)
44    
45     11 Jun 2007; Christian Heim <phreak@gentoo.org>
46     +hardened-sources-2.6.20-r5.ebuild:
47     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
48     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
49     love.
50 pappy 1.158
51     *hardened-sources-2.4.34.5 (11 Jun 2007)
52    
53     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
54     +hardened-sources-2.4.34.5.ebuild:
55     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
56 phreak 1.157
57     30 May 2007; Christian Heim <phreak@gentoo.org>
58     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
59     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
60     stale ebuild(s).
61 phreak 1.156
62     30 May 2007; Christian Heim <phreak@gentoo.org>
63     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
64     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
65     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
66     Doing some cleanups, remove stale ebuilds.
67 phreak 1.155
68     26 May 2007; Christian Heim <phreak@gentoo.org>
69     hardened-sources-2.6.21-r2.ebuild:
70     Fixing the grsecurity patch, had one '};' too much.
71 phreak 1.154
72     *hardened-sources-2.6.21-r2 (26 May 2007)
73    
74     26 May 2007; Christian Heim <phreak@gentoo.org>
75     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
76     +hardened-sources-2.6.21-r2.ebuild:
77     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
78     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
79 phreak 1.153
80     *hardened-sources-2.6.20-r4 (26 May 2007)
81    
82     26 May 2007; Christian Heim <phreak@gentoo.org>
83     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
84     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
85 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
86 phreak 1.152
87     15 May 2007; Christian Heim <phreak@gentoo.org>
88     hardened-sources-2.6.20-r3.ebuild:
89     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
90     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
91     grsecurity patch fail in that exact same hunk.
92 phreak 1.151
93     *hardened-sources-2.6.20-r3 (15 May 2007)
94    
95     15 May 2007; Christian Heim <phreak@gentoo.org>
96     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
97     Revision bump, incorporating Linux 2.6.20.11.
98    
99     *hardened-sources-2.6.21-r1 (11 May 2007)
100    
101     11 May 2007; Christian Heim <phreak@gentoo.org>
102     +hardened-sources-2.6.21-r1.ebuild:
103     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
104     mentioned in #177234.
105 kevquinn 1.150
106     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
107     files/digest-hardened-sources-2.6.21, Manifest:
108     Fix Manifest/digest for linux-2.6.21.tar.bz2
109 phreak 1.149
110     06 May 2007; Christian Heim <phreak@gentoo.org>
111     hardened-sources-2.6.21.ebuild:
112     Bumping the hardened-patches version, needed for the fix for #177234.
113 phreak 1.148
114     *hardened-sources-2.6.21 (02 May 2007)
115    
116     02 May 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.21.ebuild:
118     Version bump, Linux 2.6.21-hardened.
119 phreak 1.147
120     29 Apr 2007; Christian Heim <phreak@gentoo.org>
121     hardened-sources-2.6.20-r2.ebuild:
122     Adding ~ia64 on Ned's request.
123 phreak 1.146
124     29 Apr 2007; Christian Heim <phreak@gentoo.org>
125     hardened-sources-2.6.20-r2.ebuild:
126     Fixing the included grsecurity patch, wasn't alligning due to the Index:
127     header line(s).
128 phreak 1.145
129     29 Apr 2007; Christian Heim <phreak@gentoo.org>
130     hardened-sources-2.6.20-r2.ebuild:
131     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
132 armin76 1.144
133     *hardened-sources-2.6.20-r2 (10 Apr 2007)
134    
135     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
136     +hardened-sources-2.6.20-r2.ebuild:
137     Version bump, on behalf of phreak
138 phreak 1.143
139     *hardened-sources-2.6.20-r1 (04 Apr 2007)
140    
141     04 Apr 2007; Christian Heim <phreak@gentoo.org>
142     +hardened-sources-2.6.20-r1.ebuild:
143     Revision bump, grabbing a newer grsecurity snapshot.
144 phreak 1.142
145     *hardened-sources-2.6.20 (25 Mar 2007)
146    
147     25 Mar 2007; Christian Heim <phreak@gentoo.org>
148     +hardened-sources-2.6.20.ebuild:
149     Finally a hardened-sources version for 2.6.20; many people have been waiting
150     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
151     testbox.
152 chainsaw 1.141
153     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
154     hardened-sources-2.6.18-r6.ebuild:
155     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
156 phreak 1.140
157     *hardened-sources-2.6.18-r6 (16 Mar 2007)
158    
159     16 Mar 2007; Christian Heim <phreak@gentoo.org>
160     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
161     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
162     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
163     supposed to be.
164 phreak 1.139
165     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
166     Fixing the Manifest, the previous one was broken (as in still had the
167     deleted ebuild in it).
168 phreak 1.138
169     06 Mar 2007; Christian Heim <phreak@gentoo.org>
170     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
171     +hardened-sources-2.6.18-r5.ebuild:
172     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
173     Linux 2.6.18.8. Also cleaning up the older version.
174    
175     *hardened-sources-2.6.18-r5 (06 Mar 2007)
176    
177     06 Mar 2007; Christian Heim <phreak@gentoo.org>
178     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
179     +hardened-sources-2.6.18-r5.ebuild:
180     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
181     Linux 2.6.18.8. Also cleaning up the older version.
182 phreak 1.137
183     24 Feb 2007; Christian Heim <phreak@gentoo.org>
184     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
185     -hardened-sources-2.6.19-r5.ebuild:
186     Removing some of the old version, that didn't work.
187 phreak 1.136
188     *hardened-sources-2.6.19-r6 (12 Feb 2007)
189    
190     12 Feb 2007; Christian Heim <phreak@gentoo.org>
191     +hardened-sources-2.6.19-r6.ebuild:
192     Revision bump, including a new grsec version fixing #166235.
193 pappy 1.134
194     *hardened-sources-2.4.34 (24 Jan 2007)
195    
196     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
197 pappy 1.135 Manifest:
198     updating Manifest with checksums of new tarball and ebuild
199    
200     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
201 pappy 1.134 +hardened-sources-2.4.34.ebuild:
202     I added new hardened sources 2.4 update, this is a critical path
203     security bugfix - all users of h-s are strongly advised
204     to update their existing hardened sources to this version.
205     It contains a fix for a kernel vulnerability that is pertaining
206     to the PaX changes to virtual memory management, possibly leading
207     to a local kernel exploit ... see grsecurity.net forums and homepage
208 phreak 1.133
209     23 Jan 2007; Christian Heim <phreak@gentoo.org>
210     files/digest-hardened-sources-2.6.19-r5, Manifest:
211     Fixing the patch-tarball digest.
212 phreak 1.132
213     *hardened-sources-2.6.19-r5 (23 Jan 2007)
214    
215     23 Jan 2007; Christian Heim <phreak@gentoo.org>
216     +hardened-sources-2.6.19-r5.ebuild:
217     Revision bump, closing the recently discovered PaX expand_stack()
218     vulnerability.
219 phreak 1.131
220     *hardened-sources-2.6.19-r4 (14 Jan 2007)
221    
222     14 Jan 2007; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.19-r4.ebuild:
224     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
225     dropping the randomized PID feature.
226 opfer 1.130
227     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
228     hardened-sources-2.4.33.4.ebuild:
229     stable x86, bug #161171
230 phreak 1.129
231     *hardened-sources-2.6.19-r3 (27 Dec 2006)
232    
233     27 Dec 2006; Christian Heim <phreak@gentoo.org>
234     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
235     Revision bump for bug #157186 and #158786.
236 phreak 1.128
237     *hardened-sources-2.6.18-r4 (27 Dec 2006)
238    
239     27 Dec 2006; Christian Heim <phreak@gentoo.org>
240     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
241     Revision bump for bug #157186.
242 phreak 1.127
243     *hardened-sources-2.6.19-r2 (23 Dec 2006)
244    
245     23 Dec 2006; Christian Heim <phreak@gentoo.org>
246     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
247     Revision bump to pull in genpatches-2.6.19-3 for #157186.
248 phreak 1.126
249     17 Dec 2006; Christian Heim <phreak@gentoo.org>
250     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
251     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
252     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
253     hardened-sources-2.6.19-r1.ebuild:
254     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
255     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
256 pappy 1.125
257     *hardened-sources-2.4.33.4 (17 Dec 2006)
258    
259     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
260     +hardened-sources-2.4.33.4.ebuild:
261     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
262     and quilting
263 phreak 1.124
264     *hardened-sources-2.6.19-r1 (14 Dec 2006)
265    
266     14 Dec 2006; Christian Heim <phreak@gentoo.org>
267     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
268     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
269     for reporting).
270 phreak 1.123
271     *hardened-sources-2.6.19 (13 Dec 2006)
272    
273     13 Dec 2006; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.19.ebuild:
275     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
276     Brad for providing that prompt update.
277 phreak 1.122
278     *hardened-sources-2.6.18-r3 (13 Dec 2006)
279    
280     13 Dec 2006; Christian Heim <phreak@gentoo.org>
281     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
282     +hardened-sources-2.6.18-r3.ebuild:
283     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
284     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
285 phreak 1.121
286     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
287     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
288 nixnut 1.120
289     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
290     Stable on ppc wrt bug 157356
291 opfer 1.119
292     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
293     hardened-sources-2.6.18.ebuild:
294     stable x86, bug #157356
295 phreak 1.118
296     *hardened-sources-2.6.18-r2 (06 Dec 2006)
297    
298     06 Dec 2006; Christian Heim <phreak@gentoo.org>
299     +hardened-sources-2.6.18-r2.ebuild:
300     Revision bump, including 2.6.18.5 (via genpatches) and
301     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
302     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
303     redesign.
304 phreak 1.117
305     06 Dec 2006; Christian Heim <phreak@gentoo.org>
306     hardened-sources-2.6.18.ebuild:
307     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
308     of Mike Doty).
309 phreak 1.116
310     *hardened-sources-2.6.18-r1 (23 Nov 2006)
311    
312     23 Nov 2006; Christian Heim <phreak@gentoo.org>
313     +hardened-sources-2.6.18-r1.ebuild:
314     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
315 phreak 1.115
316     *hardened-sources-2.6.18 (11 Nov 2006)
317    
318     11 Nov 2006; Christian Heim <phreak@gentoo.org>
319     +hardened-sources-2.6.18.ebuild:
320     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
321 solar 1.114
322     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
323     - mark amd64 stable also. bug #151877
324 solar 1.113
325     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
326     - mark 2.6.17-r1 stable
327 phreak 1.112
328     27 Aug 2006; Christian Heim <phreak@gentoo.org>
329     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
330     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
331 phreak 1.111
332     *hardened-sources-2.6.17-r1 (26 Aug 2006)
333    
334     26 Aug 2006; Christian Heim <phreak@gentoo.org>
335     +hardened-sources-2.6.17-r1.ebuild:
336     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
337     grsecurity patch.
338 phreak 1.110
339     *hardened-sources-2.6.17 (17 Aug 2006)
340    
341     17 Aug 2006; Christian Heim <phreak@gentoo.org>
342     +hardened-sources-2.6.17.ebuild:
343     Bumping the hardened-sources-2.6 series to 2.6.17, using
344     genpatches-2.6.17-6.base.
345 solar 1.109
346     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
347     - stable on x86 and amd64
348 solar 1.108
349     *hardened-sources-2.6.16-r11 (15 Jul 2006)
350    
351     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
352     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
353     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
354     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
355     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
356     crusty ebuilds
357 johnm 1.107
358     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
359     hardened-sources-2.6.16-r10.ebuild:
360     marking stable on x86 and amd64
361 solar 1.106
362     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
363     - 2.4.32-r6 stable on x86. RSBAC state unknown
364 kang 1.105
365     *hardened-sources-2.4.32-r7 (10 Jul 2006)
366    
367     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
368     +hardened-sources-2.4.32-r7.ebuild:
369     Bump PaX for RSBAC to test-17
370 johnm 1.104
371     *hardened-sources-2.6.16-r9 (03 Jul 2006)
372    
373     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
374     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
375     hardened-sources-2.6.16 bump to latest -base.
376 solar 1.103
377     *hardened-sources-2.4.32-r6 (30 Jun 2006)
378    
379     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
380     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
381     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
382     sysctl controlable resource logging
383 johnm 1.102
384     *hardened-sources-2.6.16-r7 (05 Jun 2006)
385    
386     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
387     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
388     push new 2.6.16 release in preparation for stable
389 solar 1.101
390     22 May 2006; <solar@gentoo.org> :
391     - redigest bug 134002
392 kang 1.100
393     *hardened-sources-2.4.32-r5 (16 May 2006)
394    
395     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
396     +hardened-sources-2.4.32-r5.ebuild:
397     Fixes rsbac common patching (new patch in new -r5 patchset)
398 solar 1.99
399     *hardened-sources-2.4.32-r4 (13 May 2006)
400    
401     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
402     +hardened-sources-2.4.32-r4.ebuild:
403     - security bumps
404 johnm 1.98
405     *hardened-sources-2.6.16-r6 (03 May 2006)
406    
407     03 May 2006; John Mylchreest <johnm@gentoo.org>
408     +hardened-sources-2.6.16-r6.ebuild:
409     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
410 johnm 1.97
411     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
412     hardened-sources-2.6.14-r8.ebuild:
413     fix x86_64 build problem, this will delay the digest issue again for a short
414     while but it will sort itself out
415 johnm 1.96
416     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
417     hardened-sources-2.6.14-r8.ebuild:
418     bump hardened patchset
419 antarus 1.94
420     27 Apr 2006; Alec Warner <antarus@gentoo.org>
421     files/digest-hardened-sources-2.4.32-r2,
422     files/digest-hardened-sources-2.4.32-r3,
423     files/digest-hardened-sources-2.6.14-r8, Manifest:
424     Fixing duff SHA256 digests: Bug # 131293
425 johnm 1.93
426 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
427    
428     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
429     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
430     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
431     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
432     cleanup of old uneccessary sources
433    
434 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
435     fix digest
436 johnm 1.92
437     *hardened-sources-2.6.14-r8 (20 Apr 2006)
438    
439     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
440     +hardened-sources-2.6.14-r8.ebuild:
441     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
442 johnm 1.91
443     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
444     Turning on gpg-signing again, and recomitting
445 johnm 1.90
446     *hardened-sources-2.6.16-r4 (20 Apr 2006)
447    
448     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
449     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
450     +hardened-sources-2.6.16-r4.ebuild:
451     Fix numerous security vulns
452 solar 1.89
453     *hardened-sources-2.4.32-r3 (16 Apr 2006)
454    
455     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
456     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
457     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
458     - security bump for bug #112791. Removed old ebuilds
459 johnm 1.88
460     *hardened-sources-2.6.16-r3 (15 Apr 2006)
461    
462     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
463     +hardened-sources-2.6.16-r3.ebuild:
464     Removing silly localversion which I missed
465 johnm 1.87
466     *hardened-sources-2.6.14-r7 (14 Apr 2006)
467    
468     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
469     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
470     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
471 johnm 1.86
472     *hardened-sources-2.6.16-r2 (13 Apr 2006)
473    
474     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
475     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
476     +hardened-sources-2.6.16-r2.ebuild:
477     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
478     labels, dropping USERGROUP define fixes, since these were merged mainstream.
479 johnm 1.85
480     *hardened-sources-2.6.16-r1 (11 Apr 2006)
481    
482     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
483     +hardened-sources-2.6.16-r1.ebuild:
484     Bumping to include ppc build fix and 2.6.16.3
485 tsunam 1.84
486     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
487     hardened-sources-2.6.14-r6.ebuild:
488     Stable on x86; bug #127718
489 johnm 1.83
490     *hardened-sources-2.6.16 (31 Mar 2006)
491    
492     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
493     +hardened-sources-2.6.16.ebuild:
494     Bumping to new version of grsec, and kernel base. New squashfs. Based on
495     2.6.16.1
496 cryos 1.82
497     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
498     hardened-sources-2.6.14-r6.ebuild:
499     Stable on amd64, bug 127718.
500 nixnut 1.81
501     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
502     Stable on ppc. Bug #127718
503 johnm 1.80
504     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
505     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
506     -hardened-sources-2.6.14-r4.ebuild:
507     Cleanup.
508 johnm 1.79
509     *hardened-sources-2.6.14-r6 (15 Mar 2006)
510    
511     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
512     +hardened-sources-2.6.14-r6.ebuild:
513     Fixes grsec policy recreation bug and adds a
514     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
515 solar 1.78
516     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
517     - stable on x86
518 hansmi 1.77
519     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
520     hardened-sources-2.6.14-r5.ebuild:
521     Stable on ppc.
522 johnm 1.76
523     *hardened-sources-2.6.14-r5 (01 Feb 2006)
524    
525     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
526     +hardened-sources-2.6.14-r5.ebuild:
527     fixing every known exploit
528 solar 1.75
529     *hardened-sources-2.4.32-r2 (26 Jan 2006)
530    
531     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
532     +hardened-sources-2.4.32-r2.ebuild:
533     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
534 solar 1.74
535     *hardened-sources-2.6.14-r4 (12 Jan 2006)
536    
537     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
538     - version bump for new genpatches which fix up a few sec holes
539 solar 1.73
540     *hardened-sources-2.4.32-r1 (05 Jan 2006)
541    
542     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
543     - revision bump to add misc vital linux kernel security patches.
544 johnm 1.72
545     *hardened-sources-2.6.14-r3 (30 Dec 2005)
546    
547     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
548     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
549     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
550 johnm 1.71
551     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
552     hardened-sources-2.6.14-r2.ebuild:
553     making x86 & amd64 stable following testing.
554 johnm 1.70
555     *hardened-sources-2.6.14-r2 (27 Dec 2005)
556    
557     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
558     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
559     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
560     network hooks.
561 johnm 1.69
562     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
563     hardened-sources-2.6.14-r1.ebuild:
564     bumping to stable early for sec fix on x86 & amd64
565 johnm 1.68
566     *hardened-sources-2.6.14-r1 (05 Dec 2005)
567    
568     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
569     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
570     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
571 solar 1.67
572     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
573     - stable on x86 security bug #114227 CAN-2005-3257
574 kang 1.66
575     *hardened-sources-2.4.32 (19 Nov 2005)
576    
577     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
578     +hardened-sources-2.4.32.ebuild:
579     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
580     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
581     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
582     rsbac >> /etc/portage/package.use)
583 johnm 1.65
584     *hardened-sources-2.6.14 (14 Nov 2005)
585    
586     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
587     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
588     Bumping 2.6 series to 2.6.14.2
589 johnm 1.64
590     *hardened-sources-2.6.13-r2 (20 Oct 2005)
591    
592     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
593     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
594     +hardened-sources-2.6.13-r2.ebuild:
595     Fixes minor build error in ppc.
596 johnm 1.63
597     *hardened-sources-2.6.13-r1 (17 Oct 2005)
598    
599     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
600     +hardened-sources-2.6.13-r1.ebuild:
601     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
602     2.6.13.4, fixes some major amd64 stability problems.
603 johnm 1.62
604     *hardened-sources-2.6.13 (16 Sep 2005)
605    
606     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
608     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
609     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
610     users should test this thoroughly.
611 solar 1.61
612     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
613     - stable on x86
614 johnm 1.60
615     *hardened-sources-2.6.11-r15 (27 Jun 2005)
616    
617     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
618     +hardened-sources-2.6.11-r15.ebuild:
619     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
620     grsec redefining curr_ip struct.
621 solar 1.59
622     *hardened-sources-2.4.31 (20 Jun 2005)
623    
624     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
625     initial import of 2.4.31 tree
626 johnm 1.58
627     *hardened-sources-2.6.11-r14 (14 Jun 2005)
628    
629     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
630     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
631     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
632     naming scheme to abide by genpatches
633 johnm 1.57
634     *hardened-sources-2.6.11-r13 (18 May 2005)
635    
636     18 May 2005; John Mylchreest <johnm@gentoo.org>
637     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
638     Managed to mangle the Makefile patch from grsec, to miss out the grsec
639     target. sorry about that. Fixes bug #93022
640 johnm 1.56
641     *hardened-sources-2.6.11-r12 (17 May 2005)
642    
643     17 May 2005; John Mylchreest <johnm@gentoo.org>
644     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
645     +hardened-sources-2.6.11-r12.ebuild:
646     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
647     merges in genpatches-base
648 johnm 1.55
649     *hardened-sources-2.6.11-r12 (17 May 2005)
650    
651     17 May 2005; John Mylchreest <johnm@gentoo.org>
652     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
653     +hardened-sources-2.6.11-r12.ebuild:
654     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
655     merges in genpatches-base
656 solar 1.54
657     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
658     -files/2.4.27-cmdline-race.patch,
659     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
660     -files/2.4.28-grsec-binfmt_a.out.patch,
661     -files/2.4.28-grsec-cmdline-race.patch,
662     -files/2.4.28-selinux-binfmt_a.out.patch,
663     -files/2.4.28-selinux-cmdline-race.patch,
664     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
665     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
666     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
667     cleanup..
668 solar 1.53
669     *hardened-sources-2.4.30-r1 (21 Apr 2005)
670    
671     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
672     - disable aout by default
673 solar 1.52
674     *hardened-sources-2.4.30 (18 Apr 2005)
675    
676     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
677     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
678     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
679     use
680 tocharian 1.50
681 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
682    
683     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
684     +hardened-sources-2.4.29.ebuild:
685     New hardened-patches-2.4-29.0 patchball.
686     Removed SELinux support, upgraded GRSecurity to 2.1.4.
687    
688     *hardened-sources-2.4.28-r5 (06 Mar 2005)
689    
690     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
691     +hardened-sources-2.4.28-r5.ebuild:
692     Added a fix for a PaX vulnerability.
693    
694     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
695 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
696     Stable on x86
697 solar 1.49
698     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
699     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
700     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
701     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
702     - fixed/added RDEPEND= in all kernel-2 ebuilds
703 tocharian 1.48
704     *hardened-sources-2.4.28-r4 (21 Jan 2005)
705    
706     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
707     +hardened-sources-2.4.28-r4.ebuild:
708     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
709     backport of neighbour hash updates.
710 tocharian 1.47
711     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
712     hardened-sources-2.4.28-r3.ebuild:
713     Stable on x86
714 tseng 1.46
715     *hardened-sources-2.6.10-r3 (20 Jan 2005)
716    
717     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
718     +hardened-sources-2.6.10-r3.ebuild:
719     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
720     in 2005.0
721 tocharian 1.45
722     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
723     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
724     hardened-sources-2.4.28-r2.ebuild:
725     Mark stable on x86
726 tocharian 1.44
727     *hardened-sources-2.4.28-r3 (17 Jan 2005)
728    
729     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
730     +hardened-sources-2.4.28-r3.ebuild:
731     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
732 tocharian 1.43
733     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
734     hardened-sources-2.4.28.ebuild:
735     Mark stable on x86.
736 tocharian 1.42
737     *hardened-sources-2.4.28-r2 (13 Jan 2005)
738    
739     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
740     +hardened-sources-2.4.28-r2.ebuild:
741     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
742     Mazinger for grsecurity patches as well.
743 plasmaroo 1.41
744     *hardened-sources-2.4.28-r1 (23 Dec 2004)
745    
746     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
747     Security bump. Thank tocharian for rolling a new patchset...
748 solar 1.40
749     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
750     +files/2.4.28-grsec-cmdline-race.patch,
751     +files/2.4.28-selinux-binfmt_a.out.patch,
752     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
753     - Round up remaining security patches that appear to be missing in 2.4.28. -
754     PaX standalone updated to current. hgpv=28.1
755 solar 1.39
756     *hardened-sources-2.4.28 (28 Nov 2004)
757    
758     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
759     security bump. Thank tocharian for rolling a new patchset
760 scox 1.31
761 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
762    
763     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
764     +hardened-sources-2.4.27-r3.ebuild:
765     Applies the new 2.4-27.2 patchball which updates
766     GRSecurity to the 2.0.1 version.
767    
768 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
769    
770     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
771     +hardened-sources-2.4.27-r2.ebuild:
772     Version bump.
773     This version uses the new 2.4-27.1 patchball which updates
774     both the SELinux PaX hooks patch and the SELinux headers.
775    
776 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
777    
778     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
779     +hardened-sources-2.4.27-r1.ebuild,
780     -hardened-sources-2.4.27.ebuild,
781     +files/2.4.27-cmdline-race.patch:
782     Version bump, fix for cmdline race. See bug #59905.
783    
784     *hardened-sources-2.4.26-r6 (09 Aug 2004)
785    
786     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
787     +hardened-sources-2.4.26-r6.ebuild,
788     -hardened-sources-2.4.26-r5.ebuild,
789     -hardened-sources-2.4.26-r4.ebuild,
790     +files/2.4.26-cmdline-race.patch:
791     Version bump, fix for cmdline race. See bug #59905.
792    
793 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
794    
795     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
796     +hardened-sources-2.4.27.ebuild,
797     +files/2.4.27-CAN-2004-0394.patch:
798     Ported the patchball to the 2.4.27 kernel version.
799    
800 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
801    
802     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
803     +hardened-sources-2.4.26-r5.ebuild:
804 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
805 scox 1.34 It adds the following features:
806     - Squashfs
807     - Ebtables
808     - Netdev random (core+drivers)
809     - Watchdog Timer (WDT) fix.
810    
811 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
812    
813     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
814     +hardened-sources-2.4.26-r4.ebuild,
815     +files/2.4.26-CAN-2004-0415.patch,
816     -hardened-sources-2.4.26-3:
817     Version bump, fix for CAN 0415, see bug #59378.
818    
819 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
820    
821     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
822     +hardened-sources-2.4.26-r3.ebuild,
823     +files/2.4.26-CAN-2004-0497.patch,
824     -hardened-sources-2.4.26-r2.ebuild:
825     Version bump, fixed CAN 0497, see bug #56171.
826    
827 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
828    
829     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
830 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
831 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
832     +files/2.4.26-CAN-2004-0535.patch,
833     -hardened-sources-2.4.26-r1.ebuild:
834     Fixes for both CAN 0495 and 0535, see bug #54976
835 pvdabeel 1.27
836 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
837     hardened-sources-2.4.26-r1.ebuild:
838     QA - fix use invocation
839 scox 1.28
840     *hardened-sources-2.4.26-r1 (22 June 2004)
841    
842     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
843     +hardened-sources-2.4.26-r1.ebuild,
844     +files/2.4.26-CAN-2004-0394.patch,
845     +files/2.4.26-signal-race.patch,
846     -hardened-sources-2.4.26.ebuild,
847     -hardened-sources-2.4.24-r3.ebuild:
848     Version bump for the CAN-2004-0394 issue and bug #53804
849     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
850    
851    
852 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
853     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
854     Masked hardened-sources-2.4.26.ebuild broken for ppc
855    
856     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
857     hardened-sources-2.4.24-r3.ebuild:
858     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
859 plasmaroo 1.25
860 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
861    
862     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
863     +hardened-sources-2.4.26.ebuild:
864     Updated hardened-sources for the 2.4.26 kernel
865     Removed broken components, updated almost everything.
866    
867 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
868    
869     17 Apr 2004; <plasmaroo@gentoo.org>
870     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
871     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
872     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
873     +hardened-sources-2.4.24-r3.ebuild:
874     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
875     vulnerabilities. Old revisions removed.
876 plasmaroo 1.24
877     *hardened-sources-2.4.24-r2 (15 Apr 2004)
878    
879     15 Apr 2004; <plasmaroo@gentoo.org>
880     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
881     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
882     Version bump for the CAN-2004-0109 issue; bug #47881.
883 aliz 1.23
884     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
885     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
886     Add eutils to inherit.
887 plasmaroo 1.22
888     *hardened-sources-2.4.24-r1 (19 Feb 2004)
889    
890     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
891     files/hardened-sources-2.4.24.munmap.patch:
892     Added the patch for the mremap/munmap vulnerability. Bug #42024.
893 scox 1.19
894 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
895 scox 1.26
896 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
897     hardened-sources-2.4.24.ebuild:
898     Version bump, updated most of the components.
899     This release includes the following:
900    
901     - Hardened security
902     - Netfilter patch-o-matic 20031219
903     - FreeSWAN 2.04 & x509 1.4.8
904     - EVMS 2.2.2
905     - XFS 1.3.1
906     - cryptoloop jari
907     - grsecurity 2.0-rc4
908     - SELinux
909     - PaX 200402060000
910     - PaX Obscurity 200308302223
911     - Others...
912    
913     Neither -ck nor systrace are included anymore.
914    
915 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
916    
917     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
918     hardened-sources-2.4.22-r2.ebuild:
919 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
920 scox 1.19
921     *hardened-sources-2.4.22-r1 (02 Dec 2003)
922 iggy 1.17
923     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
924 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
925 iggy 1.16
926     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
927 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
928     Version bump for the 'do_brk' vulnerability.
929 iggy 1.15
930     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
931     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
932     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
933     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
934 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
935 frogger 1.14
936     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
937     hardened-sources-2.4.22.ebuild:
938 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
939     components. These are no longer handled in the kernel
940     so this code was not necessary.
941 frogger 1.13
942     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
943     New 2.4.22 based hardened-sources thanks to
944     Phil West <p.west@computer.org>.
945    
946     These sources include:
947 plasmaroo 1.18 - New SELinux API
948     - Updated CK-base
949     - Updated GRSec
950     - Systrace
951     - SuperFreeS/WAN 1.99.8
952     - Propolice kernel build support
953     - EVMS
954     - Other various security related patches
955 frogger 1.11
956 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
957    
958     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
959     Updated hardened-sources based on the 2.4.21 Linux kernel.
960     This includes updates to most major components such as:
961 plasmaroo 1.18 - ck-base-0306300059
962     - selinux-2.4-2003071106
963     - grsecurity-2.0-rc1
964     - Updated IPTables patch-o-matic
965     - Updated SuperFreeS/WAN
966    
967 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
968     updated patch set ready for the 2.4.21 based kernel.
969    
970 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
971     Initial import of hardened-sources-2.4.20-r4. This revision
972     includes only a few changes, but one of these is an important
973     security fix. It is recommended all users of hardened-sources
974     upgrade to this release.
975 plasmaroo 1.18
976 frogger 1.11 - ioperm bug fix
977     - fixed compilation failure when building without GRSec
978 plasmaroo 1.18
979 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
980     due to time constraints, but is planned for inclusion in the near
981     future.
982 msterret 1.10
983     *hardened-sources-2.4.20-r2 (12 Jun 2003)
984    
985     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
986     hardened-sources-2.4.20-r3.ebuild:
987 plasmaroo 1.18 Add Header...
988 frogger 1.9
989     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
990     hardened-sources-2.4.20-r3.ebuild:
991     Removed warnings from ebuild. This kernel should be safe to
992     use at this point.
993 frogger 1.8
994     *hardened-sources-2.4.20-r3 (08 Jun 2003)
995    
996     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
997     hardened-sources-2.4.20-r3.ebuild:
998     New revision. Includes the following changes over -r2:
999 plasmaroo 1.18
1000 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1001     - Super FreeS/WAN 1.99.7rc2
1002     - PaX for the LSM/SELinux branch
1003     - GRSecurity 2.0-pre4 (role based access control)
1004     - Systrace 1.3
1005     - EXT3 fixes
1006     - EVMS 2.0.1
1007     - GCC 3.1+ compile optimizations
1008     - ProPolice kernel build support
1009     - Hashing table security fixes
1010 frogger 1.3
1011     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1012 frogger 1.7
1013     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1014     Initial import of hardened-sources-r2. This new
1015     ebuild includes many new performance and security
1016     related patches. As in -r1, it will patch in
1017     LSM/SELinux if "selinux" is in USE, otherwise it
1018     will patch in GRSecurity. The following patches
1019     are included in this revision:
1020 plasmaroo 1.18
1021 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1022     (pulled from the base CK patch)
1023     - ptrace exploit patch for the LSM kernel
1024     (the GRSec patch already fixes this)
1025     - LSM 2.4-2003040709
1026     - SELinux 2.4-2003040709
1027     - Systrace v1.2
1028     - IPTables patch-o-matic base patches - 20030107
1029     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1030     - Super FreeS/WAN 1.99.6.1
1031     - GRSecurity 1.9.9g
1032     - MPPE
1033     - EXT3 data journal fix
1034     - CIPE 1.5.4
1035 frogger 1.6
1036     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1037     hardened-sources-2.4.20-r1.ebuild, manifest:
1038 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1039 frogger 1.5
1040     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1041     hardened-sources-2.4.20-r1.ebuild:
1042     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1043     is patched in instead. Ptrace patches for selinux have also been added. In
1044     either case, systrace support will be patched in as well.
1045 frogger 1.3
1046     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1047     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1048 plasmaroo 1.18 Revision bump for new sources.
1049 frogger 1.4
1050 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1051 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1052 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1053 method 1.1
1054 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1055    
1056 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1057     hardened-sources-2.4.20.ebuild:
1058 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20