/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.167 - (hide annotations) (download)
Fri Aug 10 09:32:03 2007 UTC (6 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.166: +9 -1 lines
Initial release for 2.6.22. If you are using hardened-sources on a desktop machine (P4 or newer), be aware you might need to disable CONFIG_PAX_PAGEEXEC.
(Portage version: 2.1.3.3)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.167 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.166 2007/08/04 09:17:33 phreak Exp $
4    
5     *hardened-sources-2.6.22 (10 Aug 2007)
6    
7     10 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.22.ebuild:
9     Initial release for 2.6.22. If you are using hardened-sources on a desktop
10     machine (P4 or newer), be aware you might need to disable
11     CONFIG_PAX_PAGEEXEC.
12 phreak 1.166
13     04 Aug 2007; Christian Heim <phreak@gentoo.org>
14     hardened-sources-2.6.20-r6.ebuild:
15     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
16     2.6.20.15.
17 phreak 1.165
18     10 Jul 2007; Christian Heim <phreak@gentoo.org>
19     hardened-sources-2.6.20-r5.ebuild:
20     Marking hardened-sources-2.6.20-r5 stable on ppc.
21 phreak 1.164
22     10 Jul 2007; Christian Heim <phreak@gentoo.org>
23     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
24     Cleanup.
25 phreak 1.163
26     *hardened-sources-2.6.20-r6 (08 Jul 2007)
27    
28     08 Jul 2007; Christian Heim <phreak@gentoo.org>
29     +hardened-sources-2.6.20-r6.ebuild:
30     Revision bump, grabbing yet another stable release.
31 phreak 1.162
32     17 Jun 2007; Christian Heim <phreak@gentoo.org>
33     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
34     -hardened-sources-2.6.21-r2.ebuild:
35     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
36     alpha stable KEYWORD by mistake.
37 phreak 1.161
38     17 Jun 2007; Christian Heim <phreak@gentoo.org>
39     hardened-sources-2.6.20-r5.ebuild:
40     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
41     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
42 phreak 1.160
43     *hardened-sources-2.6.21-r3 (12 Jun 2007)
44    
45     12 Jun 2007; Christian Heim <phreak@gentoo.org>
46     +hardened-sources-2.6.21-r3.ebuild:
47     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
48     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
49     love.
50 phreak 1.159
51     *hardened-sources-2.6.20-r5 (11 Jun 2007)
52    
53     11 Jun 2007; Christian Heim <phreak@gentoo.org>
54     +hardened-sources-2.6.20-r5.ebuild:
55     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
56     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
57     love.
58 pappy 1.158
59     *hardened-sources-2.4.34.5 (11 Jun 2007)
60    
61     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
62     +hardened-sources-2.4.34.5.ebuild:
63     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
64 phreak 1.157
65     30 May 2007; Christian Heim <phreak@gentoo.org>
66     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
67     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
68     stale ebuild(s).
69 phreak 1.156
70     30 May 2007; Christian Heim <phreak@gentoo.org>
71     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
72     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
73     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
74     Doing some cleanups, remove stale ebuilds.
75 phreak 1.155
76     26 May 2007; Christian Heim <phreak@gentoo.org>
77     hardened-sources-2.6.21-r2.ebuild:
78     Fixing the grsecurity patch, had one '};' too much.
79 phreak 1.154
80     *hardened-sources-2.6.21-r2 (26 May 2007)
81    
82     26 May 2007; Christian Heim <phreak@gentoo.org>
83     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
84     +hardened-sources-2.6.21-r2.ebuild:
85     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
86     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
87 phreak 1.153
88     *hardened-sources-2.6.20-r4 (26 May 2007)
89    
90     26 May 2007; Christian Heim <phreak@gentoo.org>
91     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
92     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
93 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
94 phreak 1.152
95     15 May 2007; Christian Heim <phreak@gentoo.org>
96     hardened-sources-2.6.20-r3.ebuild:
97     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
98     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
99     grsecurity patch fail in that exact same hunk.
100 phreak 1.151
101     *hardened-sources-2.6.20-r3 (15 May 2007)
102    
103     15 May 2007; Christian Heim <phreak@gentoo.org>
104     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
105     Revision bump, incorporating Linux 2.6.20.11.
106    
107     *hardened-sources-2.6.21-r1 (11 May 2007)
108    
109     11 May 2007; Christian Heim <phreak@gentoo.org>
110     +hardened-sources-2.6.21-r1.ebuild:
111     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
112     mentioned in #177234.
113 kevquinn 1.150
114     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
115     files/digest-hardened-sources-2.6.21, Manifest:
116     Fix Manifest/digest for linux-2.6.21.tar.bz2
117 phreak 1.149
118     06 May 2007; Christian Heim <phreak@gentoo.org>
119     hardened-sources-2.6.21.ebuild:
120     Bumping the hardened-patches version, needed for the fix for #177234.
121 phreak 1.148
122     *hardened-sources-2.6.21 (02 May 2007)
123    
124     02 May 2007; Christian Heim <phreak@gentoo.org>
125     +hardened-sources-2.6.21.ebuild:
126     Version bump, Linux 2.6.21-hardened.
127 phreak 1.147
128     29 Apr 2007; Christian Heim <phreak@gentoo.org>
129     hardened-sources-2.6.20-r2.ebuild:
130     Adding ~ia64 on Ned's request.
131 phreak 1.146
132     29 Apr 2007; Christian Heim <phreak@gentoo.org>
133     hardened-sources-2.6.20-r2.ebuild:
134     Fixing the included grsecurity patch, wasn't alligning due to the Index:
135     header line(s).
136 phreak 1.145
137     29 Apr 2007; Christian Heim <phreak@gentoo.org>
138     hardened-sources-2.6.20-r2.ebuild:
139     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
140 armin76 1.144
141     *hardened-sources-2.6.20-r2 (10 Apr 2007)
142    
143     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
144     +hardened-sources-2.6.20-r2.ebuild:
145     Version bump, on behalf of phreak
146 phreak 1.143
147     *hardened-sources-2.6.20-r1 (04 Apr 2007)
148    
149     04 Apr 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.20-r1.ebuild:
151     Revision bump, grabbing a newer grsecurity snapshot.
152 phreak 1.142
153     *hardened-sources-2.6.20 (25 Mar 2007)
154    
155     25 Mar 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.20.ebuild:
157     Finally a hardened-sources version for 2.6.20; many people have been waiting
158     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
159     testbox.
160 chainsaw 1.141
161     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
162     hardened-sources-2.6.18-r6.ebuild:
163     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
164 phreak 1.140
165     *hardened-sources-2.6.18-r6 (16 Mar 2007)
166    
167     16 Mar 2007; Christian Heim <phreak@gentoo.org>
168     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
169     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
170     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
171     supposed to be.
172 phreak 1.139
173     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
174     Fixing the Manifest, the previous one was broken (as in still had the
175     deleted ebuild in it).
176 phreak 1.138
177     06 Mar 2007; Christian Heim <phreak@gentoo.org>
178     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
179     +hardened-sources-2.6.18-r5.ebuild:
180     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
181     Linux 2.6.18.8. Also cleaning up the older version.
182    
183     *hardened-sources-2.6.18-r5 (06 Mar 2007)
184    
185     06 Mar 2007; Christian Heim <phreak@gentoo.org>
186     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
187     +hardened-sources-2.6.18-r5.ebuild:
188     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
189     Linux 2.6.18.8. Also cleaning up the older version.
190 phreak 1.137
191     24 Feb 2007; Christian Heim <phreak@gentoo.org>
192     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
193     -hardened-sources-2.6.19-r5.ebuild:
194     Removing some of the old version, that didn't work.
195 phreak 1.136
196     *hardened-sources-2.6.19-r6 (12 Feb 2007)
197    
198     12 Feb 2007; Christian Heim <phreak@gentoo.org>
199     +hardened-sources-2.6.19-r6.ebuild:
200     Revision bump, including a new grsec version fixing #166235.
201 pappy 1.134
202     *hardened-sources-2.4.34 (24 Jan 2007)
203    
204     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
205 pappy 1.135 Manifest:
206     updating Manifest with checksums of new tarball and ebuild
207    
208     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
209 pappy 1.134 +hardened-sources-2.4.34.ebuild:
210     I added new hardened sources 2.4 update, this is a critical path
211     security bugfix - all users of h-s are strongly advised
212     to update their existing hardened sources to this version.
213     It contains a fix for a kernel vulnerability that is pertaining
214     to the PaX changes to virtual memory management, possibly leading
215     to a local kernel exploit ... see grsecurity.net forums and homepage
216 phreak 1.133
217     23 Jan 2007; Christian Heim <phreak@gentoo.org>
218     files/digest-hardened-sources-2.6.19-r5, Manifest:
219     Fixing the patch-tarball digest.
220 phreak 1.132
221     *hardened-sources-2.6.19-r5 (23 Jan 2007)
222    
223     23 Jan 2007; Christian Heim <phreak@gentoo.org>
224     +hardened-sources-2.6.19-r5.ebuild:
225     Revision bump, closing the recently discovered PaX expand_stack()
226     vulnerability.
227 phreak 1.131
228     *hardened-sources-2.6.19-r4 (14 Jan 2007)
229    
230     14 Jan 2007; Christian Heim <phreak@gentoo.org>
231     +hardened-sources-2.6.19-r4.ebuild:
232     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
233     dropping the randomized PID feature.
234 opfer 1.130
235     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
236     hardened-sources-2.4.33.4.ebuild:
237     stable x86, bug #161171
238 phreak 1.129
239     *hardened-sources-2.6.19-r3 (27 Dec 2006)
240    
241     27 Dec 2006; Christian Heim <phreak@gentoo.org>
242     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
243     Revision bump for bug #157186 and #158786.
244 phreak 1.128
245     *hardened-sources-2.6.18-r4 (27 Dec 2006)
246    
247     27 Dec 2006; Christian Heim <phreak@gentoo.org>
248     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
249     Revision bump for bug #157186.
250 phreak 1.127
251     *hardened-sources-2.6.19-r2 (23 Dec 2006)
252    
253     23 Dec 2006; Christian Heim <phreak@gentoo.org>
254     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
255     Revision bump to pull in genpatches-2.6.19-3 for #157186.
256 phreak 1.126
257     17 Dec 2006; Christian Heim <phreak@gentoo.org>
258     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
259     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
260     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
261     hardened-sources-2.6.19-r1.ebuild:
262     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
263     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
264 pappy 1.125
265     *hardened-sources-2.4.33.4 (17 Dec 2006)
266    
267     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
268     +hardened-sources-2.4.33.4.ebuild:
269     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
270     and quilting
271 phreak 1.124
272     *hardened-sources-2.6.19-r1 (14 Dec 2006)
273    
274     14 Dec 2006; Christian Heim <phreak@gentoo.org>
275     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
276     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
277     for reporting).
278 phreak 1.123
279     *hardened-sources-2.6.19 (13 Dec 2006)
280    
281     13 Dec 2006; Christian Heim <phreak@gentoo.org>
282     +hardened-sources-2.6.19.ebuild:
283     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
284     Brad for providing that prompt update.
285 phreak 1.122
286     *hardened-sources-2.6.18-r3 (13 Dec 2006)
287    
288     13 Dec 2006; Christian Heim <phreak@gentoo.org>
289     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
290     +hardened-sources-2.6.18-r3.ebuild:
291     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
292     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
293 phreak 1.121
294     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
295     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
296 nixnut 1.120
297     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
298     Stable on ppc wrt bug 157356
299 opfer 1.119
300     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
301     hardened-sources-2.6.18.ebuild:
302     stable x86, bug #157356
303 phreak 1.118
304     *hardened-sources-2.6.18-r2 (06 Dec 2006)
305    
306     06 Dec 2006; Christian Heim <phreak@gentoo.org>
307     +hardened-sources-2.6.18-r2.ebuild:
308     Revision bump, including 2.6.18.5 (via genpatches) and
309     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
310     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
311     redesign.
312 phreak 1.117
313     06 Dec 2006; Christian Heim <phreak@gentoo.org>
314     hardened-sources-2.6.18.ebuild:
315     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
316     of Mike Doty).
317 phreak 1.116
318     *hardened-sources-2.6.18-r1 (23 Nov 2006)
319    
320     23 Nov 2006; Christian Heim <phreak@gentoo.org>
321     +hardened-sources-2.6.18-r1.ebuild:
322     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
323 phreak 1.115
324     *hardened-sources-2.6.18 (11 Nov 2006)
325    
326     11 Nov 2006; Christian Heim <phreak@gentoo.org>
327     +hardened-sources-2.6.18.ebuild:
328     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
329 solar 1.114
330     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
331     - mark amd64 stable also. bug #151877
332 solar 1.113
333     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
334     - mark 2.6.17-r1 stable
335 phreak 1.112
336     27 Aug 2006; Christian Heim <phreak@gentoo.org>
337     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
338     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
339 phreak 1.111
340     *hardened-sources-2.6.17-r1 (26 Aug 2006)
341    
342     26 Aug 2006; Christian Heim <phreak@gentoo.org>
343     +hardened-sources-2.6.17-r1.ebuild:
344     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
345     grsecurity patch.
346 phreak 1.110
347     *hardened-sources-2.6.17 (17 Aug 2006)
348    
349     17 Aug 2006; Christian Heim <phreak@gentoo.org>
350     +hardened-sources-2.6.17.ebuild:
351     Bumping the hardened-sources-2.6 series to 2.6.17, using
352     genpatches-2.6.17-6.base.
353 solar 1.109
354     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
355     - stable on x86 and amd64
356 solar 1.108
357     *hardened-sources-2.6.16-r11 (15 Jul 2006)
358    
359     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
360     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
361     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
362     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
363     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
364     crusty ebuilds
365 johnm 1.107
366     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
367     hardened-sources-2.6.16-r10.ebuild:
368     marking stable on x86 and amd64
369 solar 1.106
370     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
371     - 2.4.32-r6 stable on x86. RSBAC state unknown
372 kang 1.105
373     *hardened-sources-2.4.32-r7 (10 Jul 2006)
374    
375     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
376     +hardened-sources-2.4.32-r7.ebuild:
377     Bump PaX for RSBAC to test-17
378 johnm 1.104
379     *hardened-sources-2.6.16-r9 (03 Jul 2006)
380    
381     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
382     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
383     hardened-sources-2.6.16 bump to latest -base.
384 solar 1.103
385     *hardened-sources-2.4.32-r6 (30 Jun 2006)
386    
387     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
388     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
389     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
390     sysctl controlable resource logging
391 johnm 1.102
392     *hardened-sources-2.6.16-r7 (05 Jun 2006)
393    
394     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
395     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
396     push new 2.6.16 release in preparation for stable
397 solar 1.101
398     22 May 2006; <solar@gentoo.org> :
399     - redigest bug 134002
400 kang 1.100
401     *hardened-sources-2.4.32-r5 (16 May 2006)
402    
403     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
404     +hardened-sources-2.4.32-r5.ebuild:
405     Fixes rsbac common patching (new patch in new -r5 patchset)
406 solar 1.99
407     *hardened-sources-2.4.32-r4 (13 May 2006)
408    
409     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
410     +hardened-sources-2.4.32-r4.ebuild:
411     - security bumps
412 johnm 1.98
413     *hardened-sources-2.6.16-r6 (03 May 2006)
414    
415     03 May 2006; John Mylchreest <johnm@gentoo.org>
416     +hardened-sources-2.6.16-r6.ebuild:
417     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
418 johnm 1.97
419     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
420     hardened-sources-2.6.14-r8.ebuild:
421     fix x86_64 build problem, this will delay the digest issue again for a short
422     while but it will sort itself out
423 johnm 1.96
424     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
425     hardened-sources-2.6.14-r8.ebuild:
426     bump hardened patchset
427 antarus 1.94
428     27 Apr 2006; Alec Warner <antarus@gentoo.org>
429     files/digest-hardened-sources-2.4.32-r2,
430     files/digest-hardened-sources-2.4.32-r3,
431     files/digest-hardened-sources-2.6.14-r8, Manifest:
432     Fixing duff SHA256 digests: Bug # 131293
433 johnm 1.93
434 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
435    
436     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
437     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
438     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
439     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
440     cleanup of old uneccessary sources
441    
442 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
443     fix digest
444 johnm 1.92
445     *hardened-sources-2.6.14-r8 (20 Apr 2006)
446    
447     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
448     +hardened-sources-2.6.14-r8.ebuild:
449     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
450 johnm 1.91
451     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
452     Turning on gpg-signing again, and recomitting
453 johnm 1.90
454     *hardened-sources-2.6.16-r4 (20 Apr 2006)
455    
456     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
457     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
458     +hardened-sources-2.6.16-r4.ebuild:
459     Fix numerous security vulns
460 solar 1.89
461     *hardened-sources-2.4.32-r3 (16 Apr 2006)
462    
463     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
464     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
465     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
466     - security bump for bug #112791. Removed old ebuilds
467 johnm 1.88
468     *hardened-sources-2.6.16-r3 (15 Apr 2006)
469    
470     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
471     +hardened-sources-2.6.16-r3.ebuild:
472     Removing silly localversion which I missed
473 johnm 1.87
474     *hardened-sources-2.6.14-r7 (14 Apr 2006)
475    
476     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
477     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
478     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
479 johnm 1.86
480     *hardened-sources-2.6.16-r2 (13 Apr 2006)
481    
482     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
483     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
484     +hardened-sources-2.6.16-r2.ebuild:
485     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
486     labels, dropping USERGROUP define fixes, since these were merged mainstream.
487 johnm 1.85
488     *hardened-sources-2.6.16-r1 (11 Apr 2006)
489    
490     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
491     +hardened-sources-2.6.16-r1.ebuild:
492     Bumping to include ppc build fix and 2.6.16.3
493 tsunam 1.84
494     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
495     hardened-sources-2.6.14-r6.ebuild:
496     Stable on x86; bug #127718
497 johnm 1.83
498     *hardened-sources-2.6.16 (31 Mar 2006)
499    
500     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
501     +hardened-sources-2.6.16.ebuild:
502     Bumping to new version of grsec, and kernel base. New squashfs. Based on
503     2.6.16.1
504 cryos 1.82
505     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
506     hardened-sources-2.6.14-r6.ebuild:
507     Stable on amd64, bug 127718.
508 nixnut 1.81
509     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
510     Stable on ppc. Bug #127718
511 johnm 1.80
512     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
513     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
514     -hardened-sources-2.6.14-r4.ebuild:
515     Cleanup.
516 johnm 1.79
517     *hardened-sources-2.6.14-r6 (15 Mar 2006)
518    
519     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
520     +hardened-sources-2.6.14-r6.ebuild:
521     Fixes grsec policy recreation bug and adds a
522     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
523 solar 1.78
524     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
525     - stable on x86
526 hansmi 1.77
527     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
528     hardened-sources-2.6.14-r5.ebuild:
529     Stable on ppc.
530 johnm 1.76
531     *hardened-sources-2.6.14-r5 (01 Feb 2006)
532    
533     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
534     +hardened-sources-2.6.14-r5.ebuild:
535     fixing every known exploit
536 solar 1.75
537     *hardened-sources-2.4.32-r2 (26 Jan 2006)
538    
539     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
540     +hardened-sources-2.4.32-r2.ebuild:
541     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
542 solar 1.74
543     *hardened-sources-2.6.14-r4 (12 Jan 2006)
544    
545     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
546     - version bump for new genpatches which fix up a few sec holes
547 solar 1.73
548     *hardened-sources-2.4.32-r1 (05 Jan 2006)
549    
550     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
551     - revision bump to add misc vital linux kernel security patches.
552 johnm 1.72
553     *hardened-sources-2.6.14-r3 (30 Dec 2005)
554    
555     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
556     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
557     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
558 johnm 1.71
559     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
560     hardened-sources-2.6.14-r2.ebuild:
561     making x86 & amd64 stable following testing.
562 johnm 1.70
563     *hardened-sources-2.6.14-r2 (27 Dec 2005)
564    
565     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
566     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
567     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
568     network hooks.
569 johnm 1.69
570     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
571     hardened-sources-2.6.14-r1.ebuild:
572     bumping to stable early for sec fix on x86 & amd64
573 johnm 1.68
574     *hardened-sources-2.6.14-r1 (05 Dec 2005)
575    
576     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
577     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
578     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
579 solar 1.67
580     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
581     - stable on x86 security bug #114227 CAN-2005-3257
582 kang 1.66
583     *hardened-sources-2.4.32 (19 Nov 2005)
584    
585     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
586     +hardened-sources-2.4.32.ebuild:
587     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
588     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
589     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
590     rsbac >> /etc/portage/package.use)
591 johnm 1.65
592     *hardened-sources-2.6.14 (14 Nov 2005)
593    
594     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
595     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
596     Bumping 2.6 series to 2.6.14.2
597 johnm 1.64
598     *hardened-sources-2.6.13-r2 (20 Oct 2005)
599    
600     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
601     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
602     +hardened-sources-2.6.13-r2.ebuild:
603     Fixes minor build error in ppc.
604 johnm 1.63
605     *hardened-sources-2.6.13-r1 (17 Oct 2005)
606    
607     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
608     +hardened-sources-2.6.13-r1.ebuild:
609     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
610     2.6.13.4, fixes some major amd64 stability problems.
611 johnm 1.62
612     *hardened-sources-2.6.13 (16 Sep 2005)
613    
614     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
615     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
616     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
617     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
618     users should test this thoroughly.
619 solar 1.61
620     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
621     - stable on x86
622 johnm 1.60
623     *hardened-sources-2.6.11-r15 (27 Jun 2005)
624    
625     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
626     +hardened-sources-2.6.11-r15.ebuild:
627     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
628     grsec redefining curr_ip struct.
629 solar 1.59
630     *hardened-sources-2.4.31 (20 Jun 2005)
631    
632     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
633     initial import of 2.4.31 tree
634 johnm 1.58
635     *hardened-sources-2.6.11-r14 (14 Jun 2005)
636    
637     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
638     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
639     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
640     naming scheme to abide by genpatches
641 johnm 1.57
642     *hardened-sources-2.6.11-r13 (18 May 2005)
643    
644     18 May 2005; John Mylchreest <johnm@gentoo.org>
645     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
646     Managed to mangle the Makefile patch from grsec, to miss out the grsec
647     target. sorry about that. Fixes bug #93022
648 johnm 1.56
649     *hardened-sources-2.6.11-r12 (17 May 2005)
650    
651     17 May 2005; John Mylchreest <johnm@gentoo.org>
652     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
653     +hardened-sources-2.6.11-r12.ebuild:
654     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
655     merges in genpatches-base
656 johnm 1.55
657     *hardened-sources-2.6.11-r12 (17 May 2005)
658    
659     17 May 2005; John Mylchreest <johnm@gentoo.org>
660     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
661     +hardened-sources-2.6.11-r12.ebuild:
662     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
663     merges in genpatches-base
664 solar 1.54
665     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
666     -files/2.4.27-cmdline-race.patch,
667     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
668     -files/2.4.28-grsec-binfmt_a.out.patch,
669     -files/2.4.28-grsec-cmdline-race.patch,
670     -files/2.4.28-selinux-binfmt_a.out.patch,
671     -files/2.4.28-selinux-cmdline-race.patch,
672     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
673     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
674     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
675     cleanup..
676 solar 1.53
677     *hardened-sources-2.4.30-r1 (21 Apr 2005)
678    
679     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
680     - disable aout by default
681 solar 1.52
682     *hardened-sources-2.4.30 (18 Apr 2005)
683    
684     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
685     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
686     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
687     use
688 tocharian 1.50
689 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
690    
691     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
692     +hardened-sources-2.4.29.ebuild:
693     New hardened-patches-2.4-29.0 patchball.
694     Removed SELinux support, upgraded GRSecurity to 2.1.4.
695    
696     *hardened-sources-2.4.28-r5 (06 Mar 2005)
697    
698     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
699     +hardened-sources-2.4.28-r5.ebuild:
700     Added a fix for a PaX vulnerability.
701    
702     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
703 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
704     Stable on x86
705 solar 1.49
706     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
707     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
708     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
709     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
710     - fixed/added RDEPEND= in all kernel-2 ebuilds
711 tocharian 1.48
712     *hardened-sources-2.4.28-r4 (21 Jan 2005)
713    
714     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715     +hardened-sources-2.4.28-r4.ebuild:
716     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
717     backport of neighbour hash updates.
718 tocharian 1.47
719     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
720     hardened-sources-2.4.28-r3.ebuild:
721     Stable on x86
722 tseng 1.46
723     *hardened-sources-2.6.10-r3 (20 Jan 2005)
724    
725     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
726     +hardened-sources-2.6.10-r3.ebuild:
727     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
728     in 2005.0
729 tocharian 1.45
730     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
731     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
732     hardened-sources-2.4.28-r2.ebuild:
733     Mark stable on x86
734 tocharian 1.44
735     *hardened-sources-2.4.28-r3 (17 Jan 2005)
736    
737     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
738     +hardened-sources-2.4.28-r3.ebuild:
739     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
740 tocharian 1.43
741     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
742     hardened-sources-2.4.28.ebuild:
743     Mark stable on x86.
744 tocharian 1.42
745     *hardened-sources-2.4.28-r2 (13 Jan 2005)
746    
747     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
748     +hardened-sources-2.4.28-r2.ebuild:
749     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
750     Mazinger for grsecurity patches as well.
751 plasmaroo 1.41
752     *hardened-sources-2.4.28-r1 (23 Dec 2004)
753    
754     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
755     Security bump. Thank tocharian for rolling a new patchset...
756 solar 1.40
757     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
758     +files/2.4.28-grsec-cmdline-race.patch,
759     +files/2.4.28-selinux-binfmt_a.out.patch,
760     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
761     - Round up remaining security patches that appear to be missing in 2.4.28. -
762     PaX standalone updated to current. hgpv=28.1
763 solar 1.39
764     *hardened-sources-2.4.28 (28 Nov 2004)
765    
766     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
767     security bump. Thank tocharian for rolling a new patchset
768 scox 1.31
769 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
770    
771     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
772     +hardened-sources-2.4.27-r3.ebuild:
773     Applies the new 2.4-27.2 patchball which updates
774     GRSecurity to the 2.0.1 version.
775    
776 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
777    
778     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
779     +hardened-sources-2.4.27-r2.ebuild:
780     Version bump.
781     This version uses the new 2.4-27.1 patchball which updates
782     both the SELinux PaX hooks patch and the SELinux headers.
783    
784 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
785    
786     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
787     +hardened-sources-2.4.27-r1.ebuild,
788     -hardened-sources-2.4.27.ebuild,
789     +files/2.4.27-cmdline-race.patch:
790     Version bump, fix for cmdline race. See bug #59905.
791    
792     *hardened-sources-2.4.26-r6 (09 Aug 2004)
793    
794     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
795     +hardened-sources-2.4.26-r6.ebuild,
796     -hardened-sources-2.4.26-r5.ebuild,
797     -hardened-sources-2.4.26-r4.ebuild,
798     +files/2.4.26-cmdline-race.patch:
799     Version bump, fix for cmdline race. See bug #59905.
800    
801 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
802    
803     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
804     +hardened-sources-2.4.27.ebuild,
805     +files/2.4.27-CAN-2004-0394.patch:
806     Ported the patchball to the 2.4.27 kernel version.
807    
808 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
809    
810     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
811     +hardened-sources-2.4.26-r5.ebuild:
812 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
813 scox 1.34 It adds the following features:
814     - Squashfs
815     - Ebtables
816     - Netdev random (core+drivers)
817     - Watchdog Timer (WDT) fix.
818    
819 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
820    
821     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
822     +hardened-sources-2.4.26-r4.ebuild,
823     +files/2.4.26-CAN-2004-0415.patch,
824     -hardened-sources-2.4.26-3:
825     Version bump, fix for CAN 0415, see bug #59378.
826    
827 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
828    
829     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
830     +hardened-sources-2.4.26-r3.ebuild,
831     +files/2.4.26-CAN-2004-0497.patch,
832     -hardened-sources-2.4.26-r2.ebuild:
833     Version bump, fixed CAN 0497, see bug #56171.
834    
835 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
836    
837     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
838 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
839 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
840     +files/2.4.26-CAN-2004-0535.patch,
841     -hardened-sources-2.4.26-r1.ebuild:
842     Fixes for both CAN 0495 and 0535, see bug #54976
843 pvdabeel 1.27
844 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
845     hardened-sources-2.4.26-r1.ebuild:
846     QA - fix use invocation
847 scox 1.28
848     *hardened-sources-2.4.26-r1 (22 June 2004)
849    
850     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
851     +hardened-sources-2.4.26-r1.ebuild,
852     +files/2.4.26-CAN-2004-0394.patch,
853     +files/2.4.26-signal-race.patch,
854     -hardened-sources-2.4.26.ebuild,
855     -hardened-sources-2.4.24-r3.ebuild:
856     Version bump for the CAN-2004-0394 issue and bug #53804
857     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
858    
859    
860 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
861     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
862     Masked hardened-sources-2.4.26.ebuild broken for ppc
863    
864     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
865     hardened-sources-2.4.24-r3.ebuild:
866     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
867 plasmaroo 1.25
868 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
869    
870     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
871     +hardened-sources-2.4.26.ebuild:
872     Updated hardened-sources for the 2.4.26 kernel
873     Removed broken components, updated almost everything.
874    
875 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
876    
877     17 Apr 2004; <plasmaroo@gentoo.org>
878     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
879     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
880     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
881     +hardened-sources-2.4.24-r3.ebuild:
882     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
883     vulnerabilities. Old revisions removed.
884 plasmaroo 1.24
885     *hardened-sources-2.4.24-r2 (15 Apr 2004)
886    
887     15 Apr 2004; <plasmaroo@gentoo.org>
888     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
889     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
890     Version bump for the CAN-2004-0109 issue; bug #47881.
891 aliz 1.23
892     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
893     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
894     Add eutils to inherit.
895 plasmaroo 1.22
896     *hardened-sources-2.4.24-r1 (19 Feb 2004)
897    
898     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
899     files/hardened-sources-2.4.24.munmap.patch:
900     Added the patch for the mremap/munmap vulnerability. Bug #42024.
901 scox 1.19
902 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
903 scox 1.26
904 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
905     hardened-sources-2.4.24.ebuild:
906     Version bump, updated most of the components.
907     This release includes the following:
908    
909     - Hardened security
910     - Netfilter patch-o-matic 20031219
911     - FreeSWAN 2.04 & x509 1.4.8
912     - EVMS 2.2.2
913     - XFS 1.3.1
914     - cryptoloop jari
915     - grsecurity 2.0-rc4
916     - SELinux
917     - PaX 200402060000
918     - PaX Obscurity 200308302223
919     - Others...
920    
921     Neither -ck nor systrace are included anymore.
922    
923 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
924    
925     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
926     hardened-sources-2.4.22-r2.ebuild:
927 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
928 scox 1.19
929     *hardened-sources-2.4.22-r1 (02 Dec 2003)
930 iggy 1.17
931     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
932 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
933 iggy 1.16
934     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
935 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
936     Version bump for the 'do_brk' vulnerability.
937 iggy 1.15
938     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
939     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
940     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
941     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
942 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
943 frogger 1.14
944     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
945     hardened-sources-2.4.22.ebuild:
946 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
947     components. These are no longer handled in the kernel
948     so this code was not necessary.
949 frogger 1.13
950     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
951     New 2.4.22 based hardened-sources thanks to
952     Phil West <p.west@computer.org>.
953    
954     These sources include:
955 plasmaroo 1.18 - New SELinux API
956     - Updated CK-base
957     - Updated GRSec
958     - Systrace
959     - SuperFreeS/WAN 1.99.8
960     - Propolice kernel build support
961     - EVMS
962     - Other various security related patches
963 frogger 1.11
964 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
965    
966     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
967     Updated hardened-sources based on the 2.4.21 Linux kernel.
968     This includes updates to most major components such as:
969 plasmaroo 1.18 - ck-base-0306300059
970     - selinux-2.4-2003071106
971     - grsecurity-2.0-rc1
972     - Updated IPTables patch-o-matic
973     - Updated SuperFreeS/WAN
974    
975 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
976     updated patch set ready for the 2.4.21 based kernel.
977    
978 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
979     Initial import of hardened-sources-2.4.20-r4. This revision
980     includes only a few changes, but one of these is an important
981     security fix. It is recommended all users of hardened-sources
982     upgrade to this release.
983 plasmaroo 1.18
984 frogger 1.11 - ioperm bug fix
985     - fixed compilation failure when building without GRSec
986 plasmaroo 1.18
987 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
988     due to time constraints, but is planned for inclusion in the near
989     future.
990 msterret 1.10
991     *hardened-sources-2.4.20-r2 (12 Jun 2003)
992    
993     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
994     hardened-sources-2.4.20-r3.ebuild:
995 plasmaroo 1.18 Add Header...
996 frogger 1.9
997     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
998     hardened-sources-2.4.20-r3.ebuild:
999     Removed warnings from ebuild. This kernel should be safe to
1000     use at this point.
1001 frogger 1.8
1002     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1003    
1004     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1005     hardened-sources-2.4.20-r3.ebuild:
1006     New revision. Includes the following changes over -r2:
1007 plasmaroo 1.18
1008 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1009     - Super FreeS/WAN 1.99.7rc2
1010     - PaX for the LSM/SELinux branch
1011     - GRSecurity 2.0-pre4 (role based access control)
1012     - Systrace 1.3
1013     - EXT3 fixes
1014     - EVMS 2.0.1
1015     - GCC 3.1+ compile optimizations
1016     - ProPolice kernel build support
1017     - Hashing table security fixes
1018 frogger 1.3
1019     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1020 frogger 1.7
1021     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1022     Initial import of hardened-sources-r2. This new
1023     ebuild includes many new performance and security
1024     related patches. As in -r1, it will patch in
1025     LSM/SELinux if "selinux" is in USE, otherwise it
1026     will patch in GRSecurity. The following patches
1027     are included in this revision:
1028 plasmaroo 1.18
1029 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1030     (pulled from the base CK patch)
1031     - ptrace exploit patch for the LSM kernel
1032     (the GRSec patch already fixes this)
1033     - LSM 2.4-2003040709
1034     - SELinux 2.4-2003040709
1035     - Systrace v1.2
1036     - IPTables patch-o-matic base patches - 20030107
1037     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1038     - Super FreeS/WAN 1.99.6.1
1039     - GRSecurity 1.9.9g
1040     - MPPE
1041     - EXT3 data journal fix
1042     - CIPE 1.5.4
1043 frogger 1.6
1044     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1045     hardened-sources-2.4.20-r1.ebuild, manifest:
1046 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1047 frogger 1.5
1048     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1049     hardened-sources-2.4.20-r1.ebuild:
1050     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1051     is patched in instead. Ptrace patches for selinux have also been added. In
1052     either case, systrace support will be patched in as well.
1053 frogger 1.3
1054     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1055     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1056 plasmaroo 1.18 Revision bump for new sources.
1057 frogger 1.4
1058 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1059 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1060 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1061 method 1.1
1062 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1063    
1064 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1065     hardened-sources-2.4.20.ebuild:
1066 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20