/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.168 - (hide annotations) (download)
Mon Aug 13 21:29:33 2007 UTC (6 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.167: +7 -1 lines
Yet another revision bump.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.168 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.167 2007/08/10 09:32:03 phreak Exp $
4    
5     *hardened-sources-2.6.22-r1 (13 Aug 2007)
6    
7     13 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.22-r1.ebuild:
9     Yet another revision bump.
10 phreak 1.167
11     *hardened-sources-2.6.22 (10 Aug 2007)
12    
13     10 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.22.ebuild:
15     Initial release for 2.6.22. If you are using hardened-sources on a desktop
16     machine (P4 or newer), be aware you might need to disable
17     CONFIG_PAX_PAGEEXEC.
18 phreak 1.166
19     04 Aug 2007; Christian Heim <phreak@gentoo.org>
20     hardened-sources-2.6.20-r6.ebuild:
21     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
22     2.6.20.15.
23 phreak 1.165
24     10 Jul 2007; Christian Heim <phreak@gentoo.org>
25     hardened-sources-2.6.20-r5.ebuild:
26     Marking hardened-sources-2.6.20-r5 stable on ppc.
27 phreak 1.164
28     10 Jul 2007; Christian Heim <phreak@gentoo.org>
29     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
30     Cleanup.
31 phreak 1.163
32     *hardened-sources-2.6.20-r6 (08 Jul 2007)
33    
34     08 Jul 2007; Christian Heim <phreak@gentoo.org>
35     +hardened-sources-2.6.20-r6.ebuild:
36     Revision bump, grabbing yet another stable release.
37 phreak 1.162
38     17 Jun 2007; Christian Heim <phreak@gentoo.org>
39     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
40     -hardened-sources-2.6.21-r2.ebuild:
41     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
42     alpha stable KEYWORD by mistake.
43 phreak 1.161
44     17 Jun 2007; Christian Heim <phreak@gentoo.org>
45     hardened-sources-2.6.20-r5.ebuild:
46     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
47     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
48 phreak 1.160
49     *hardened-sources-2.6.21-r3 (12 Jun 2007)
50    
51     12 Jun 2007; Christian Heim <phreak@gentoo.org>
52     +hardened-sources-2.6.21-r3.ebuild:
53     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
54     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
55     love.
56 phreak 1.159
57     *hardened-sources-2.6.20-r5 (11 Jun 2007)
58    
59     11 Jun 2007; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.20-r5.ebuild:
61     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
62     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
63     love.
64 pappy 1.158
65     *hardened-sources-2.4.34.5 (11 Jun 2007)
66    
67     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
68     +hardened-sources-2.4.34.5.ebuild:
69     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
70 phreak 1.157
71     30 May 2007; Christian Heim <phreak@gentoo.org>
72     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
73     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
74     stale ebuild(s).
75 phreak 1.156
76     30 May 2007; Christian Heim <phreak@gentoo.org>
77     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
78     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
79     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
80     Doing some cleanups, remove stale ebuilds.
81 phreak 1.155
82     26 May 2007; Christian Heim <phreak@gentoo.org>
83     hardened-sources-2.6.21-r2.ebuild:
84     Fixing the grsecurity patch, had one '};' too much.
85 phreak 1.154
86     *hardened-sources-2.6.21-r2 (26 May 2007)
87    
88     26 May 2007; Christian Heim <phreak@gentoo.org>
89     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
90     +hardened-sources-2.6.21-r2.ebuild:
91     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
92     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
93 phreak 1.153
94     *hardened-sources-2.6.20-r4 (26 May 2007)
95    
96     26 May 2007; Christian Heim <phreak@gentoo.org>
97     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
98     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
99 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
100 phreak 1.152
101     15 May 2007; Christian Heim <phreak@gentoo.org>
102     hardened-sources-2.6.20-r3.ebuild:
103     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
104     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
105     grsecurity patch fail in that exact same hunk.
106 phreak 1.151
107     *hardened-sources-2.6.20-r3 (15 May 2007)
108    
109     15 May 2007; Christian Heim <phreak@gentoo.org>
110     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
111     Revision bump, incorporating Linux 2.6.20.11.
112    
113     *hardened-sources-2.6.21-r1 (11 May 2007)
114    
115     11 May 2007; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.6.21-r1.ebuild:
117     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
118     mentioned in #177234.
119 kevquinn 1.150
120     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
121     files/digest-hardened-sources-2.6.21, Manifest:
122     Fix Manifest/digest for linux-2.6.21.tar.bz2
123 phreak 1.149
124     06 May 2007; Christian Heim <phreak@gentoo.org>
125     hardened-sources-2.6.21.ebuild:
126     Bumping the hardened-patches version, needed for the fix for #177234.
127 phreak 1.148
128     *hardened-sources-2.6.21 (02 May 2007)
129    
130     02 May 2007; Christian Heim <phreak@gentoo.org>
131     +hardened-sources-2.6.21.ebuild:
132     Version bump, Linux 2.6.21-hardened.
133 phreak 1.147
134     29 Apr 2007; Christian Heim <phreak@gentoo.org>
135     hardened-sources-2.6.20-r2.ebuild:
136     Adding ~ia64 on Ned's request.
137 phreak 1.146
138     29 Apr 2007; Christian Heim <phreak@gentoo.org>
139     hardened-sources-2.6.20-r2.ebuild:
140     Fixing the included grsecurity patch, wasn't alligning due to the Index:
141     header line(s).
142 phreak 1.145
143     29 Apr 2007; Christian Heim <phreak@gentoo.org>
144     hardened-sources-2.6.20-r2.ebuild:
145     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
146 armin76 1.144
147     *hardened-sources-2.6.20-r2 (10 Apr 2007)
148    
149     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
150     +hardened-sources-2.6.20-r2.ebuild:
151     Version bump, on behalf of phreak
152 phreak 1.143
153     *hardened-sources-2.6.20-r1 (04 Apr 2007)
154    
155     04 Apr 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.20-r1.ebuild:
157     Revision bump, grabbing a newer grsecurity snapshot.
158 phreak 1.142
159     *hardened-sources-2.6.20 (25 Mar 2007)
160    
161     25 Mar 2007; Christian Heim <phreak@gentoo.org>
162     +hardened-sources-2.6.20.ebuild:
163     Finally a hardened-sources version for 2.6.20; many people have been waiting
164     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
165     testbox.
166 chainsaw 1.141
167     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
168     hardened-sources-2.6.18-r6.ebuild:
169     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
170 phreak 1.140
171     *hardened-sources-2.6.18-r6 (16 Mar 2007)
172    
173     16 Mar 2007; Christian Heim <phreak@gentoo.org>
174     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
175     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
176     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
177     supposed to be.
178 phreak 1.139
179     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
180     Fixing the Manifest, the previous one was broken (as in still had the
181     deleted ebuild in it).
182 phreak 1.138
183     06 Mar 2007; Christian Heim <phreak@gentoo.org>
184     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
185     +hardened-sources-2.6.18-r5.ebuild:
186     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
187     Linux 2.6.18.8. Also cleaning up the older version.
188    
189     *hardened-sources-2.6.18-r5 (06 Mar 2007)
190    
191     06 Mar 2007; Christian Heim <phreak@gentoo.org>
192     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
193     +hardened-sources-2.6.18-r5.ebuild:
194     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
195     Linux 2.6.18.8. Also cleaning up the older version.
196 phreak 1.137
197     24 Feb 2007; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
199     -hardened-sources-2.6.19-r5.ebuild:
200     Removing some of the old version, that didn't work.
201 phreak 1.136
202     *hardened-sources-2.6.19-r6 (12 Feb 2007)
203    
204     12 Feb 2007; Christian Heim <phreak@gentoo.org>
205     +hardened-sources-2.6.19-r6.ebuild:
206     Revision bump, including a new grsec version fixing #166235.
207 pappy 1.134
208     *hardened-sources-2.4.34 (24 Jan 2007)
209    
210     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
211 pappy 1.135 Manifest:
212     updating Manifest with checksums of new tarball and ebuild
213    
214     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
215 pappy 1.134 +hardened-sources-2.4.34.ebuild:
216     I added new hardened sources 2.4 update, this is a critical path
217     security bugfix - all users of h-s are strongly advised
218     to update their existing hardened sources to this version.
219     It contains a fix for a kernel vulnerability that is pertaining
220     to the PaX changes to virtual memory management, possibly leading
221     to a local kernel exploit ... see grsecurity.net forums and homepage
222 phreak 1.133
223     23 Jan 2007; Christian Heim <phreak@gentoo.org>
224     files/digest-hardened-sources-2.6.19-r5, Manifest:
225     Fixing the patch-tarball digest.
226 phreak 1.132
227     *hardened-sources-2.6.19-r5 (23 Jan 2007)
228    
229     23 Jan 2007; Christian Heim <phreak@gentoo.org>
230     +hardened-sources-2.6.19-r5.ebuild:
231     Revision bump, closing the recently discovered PaX expand_stack()
232     vulnerability.
233 phreak 1.131
234     *hardened-sources-2.6.19-r4 (14 Jan 2007)
235    
236     14 Jan 2007; Christian Heim <phreak@gentoo.org>
237     +hardened-sources-2.6.19-r4.ebuild:
238     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
239     dropping the randomized PID feature.
240 opfer 1.130
241     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
242     hardened-sources-2.4.33.4.ebuild:
243     stable x86, bug #161171
244 phreak 1.129
245     *hardened-sources-2.6.19-r3 (27 Dec 2006)
246    
247     27 Dec 2006; Christian Heim <phreak@gentoo.org>
248     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
249     Revision bump for bug #157186 and #158786.
250 phreak 1.128
251     *hardened-sources-2.6.18-r4 (27 Dec 2006)
252    
253     27 Dec 2006; Christian Heim <phreak@gentoo.org>
254     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
255     Revision bump for bug #157186.
256 phreak 1.127
257     *hardened-sources-2.6.19-r2 (23 Dec 2006)
258    
259     23 Dec 2006; Christian Heim <phreak@gentoo.org>
260     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
261     Revision bump to pull in genpatches-2.6.19-3 for #157186.
262 phreak 1.126
263     17 Dec 2006; Christian Heim <phreak@gentoo.org>
264     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
265     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
266     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
267     hardened-sources-2.6.19-r1.ebuild:
268     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
269     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
270 pappy 1.125
271     *hardened-sources-2.4.33.4 (17 Dec 2006)
272    
273     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
274     +hardened-sources-2.4.33.4.ebuild:
275     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
276     and quilting
277 phreak 1.124
278     *hardened-sources-2.6.19-r1 (14 Dec 2006)
279    
280     14 Dec 2006; Christian Heim <phreak@gentoo.org>
281     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
282     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
283     for reporting).
284 phreak 1.123
285     *hardened-sources-2.6.19 (13 Dec 2006)
286    
287     13 Dec 2006; Christian Heim <phreak@gentoo.org>
288     +hardened-sources-2.6.19.ebuild:
289     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
290     Brad for providing that prompt update.
291 phreak 1.122
292     *hardened-sources-2.6.18-r3 (13 Dec 2006)
293    
294     13 Dec 2006; Christian Heim <phreak@gentoo.org>
295     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
296     +hardened-sources-2.6.18-r3.ebuild:
297     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
298     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
299 phreak 1.121
300     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
301     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
302 nixnut 1.120
303     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
304     Stable on ppc wrt bug 157356
305 opfer 1.119
306     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
307     hardened-sources-2.6.18.ebuild:
308     stable x86, bug #157356
309 phreak 1.118
310     *hardened-sources-2.6.18-r2 (06 Dec 2006)
311    
312     06 Dec 2006; Christian Heim <phreak@gentoo.org>
313     +hardened-sources-2.6.18-r2.ebuild:
314     Revision bump, including 2.6.18.5 (via genpatches) and
315     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
316     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
317     redesign.
318 phreak 1.117
319     06 Dec 2006; Christian Heim <phreak@gentoo.org>
320     hardened-sources-2.6.18.ebuild:
321     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
322     of Mike Doty).
323 phreak 1.116
324     *hardened-sources-2.6.18-r1 (23 Nov 2006)
325    
326     23 Nov 2006; Christian Heim <phreak@gentoo.org>
327     +hardened-sources-2.6.18-r1.ebuild:
328     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
329 phreak 1.115
330     *hardened-sources-2.6.18 (11 Nov 2006)
331    
332     11 Nov 2006; Christian Heim <phreak@gentoo.org>
333     +hardened-sources-2.6.18.ebuild:
334     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
335 solar 1.114
336     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
337     - mark amd64 stable also. bug #151877
338 solar 1.113
339     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
340     - mark 2.6.17-r1 stable
341 phreak 1.112
342     27 Aug 2006; Christian Heim <phreak@gentoo.org>
343     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
344     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
345 phreak 1.111
346     *hardened-sources-2.6.17-r1 (26 Aug 2006)
347    
348     26 Aug 2006; Christian Heim <phreak@gentoo.org>
349     +hardened-sources-2.6.17-r1.ebuild:
350     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
351     grsecurity patch.
352 phreak 1.110
353     *hardened-sources-2.6.17 (17 Aug 2006)
354    
355     17 Aug 2006; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.17.ebuild:
357     Bumping the hardened-sources-2.6 series to 2.6.17, using
358     genpatches-2.6.17-6.base.
359 solar 1.109
360     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
361     - stable on x86 and amd64
362 solar 1.108
363     *hardened-sources-2.6.16-r11 (15 Jul 2006)
364    
365     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
366     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
367     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
368     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
369     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
370     crusty ebuilds
371 johnm 1.107
372     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
373     hardened-sources-2.6.16-r10.ebuild:
374     marking stable on x86 and amd64
375 solar 1.106
376     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
377     - 2.4.32-r6 stable on x86. RSBAC state unknown
378 kang 1.105
379     *hardened-sources-2.4.32-r7 (10 Jul 2006)
380    
381     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
382     +hardened-sources-2.4.32-r7.ebuild:
383     Bump PaX for RSBAC to test-17
384 johnm 1.104
385     *hardened-sources-2.6.16-r9 (03 Jul 2006)
386    
387     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
388     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
389     hardened-sources-2.6.16 bump to latest -base.
390 solar 1.103
391     *hardened-sources-2.4.32-r6 (30 Jun 2006)
392    
393     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
394     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
395     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
396     sysctl controlable resource logging
397 johnm 1.102
398     *hardened-sources-2.6.16-r7 (05 Jun 2006)
399    
400     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
401     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
402     push new 2.6.16 release in preparation for stable
403 solar 1.101
404     22 May 2006; <solar@gentoo.org> :
405     - redigest bug 134002
406 kang 1.100
407     *hardened-sources-2.4.32-r5 (16 May 2006)
408    
409     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
410     +hardened-sources-2.4.32-r5.ebuild:
411     Fixes rsbac common patching (new patch in new -r5 patchset)
412 solar 1.99
413     *hardened-sources-2.4.32-r4 (13 May 2006)
414    
415     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
416     +hardened-sources-2.4.32-r4.ebuild:
417     - security bumps
418 johnm 1.98
419     *hardened-sources-2.6.16-r6 (03 May 2006)
420    
421     03 May 2006; John Mylchreest <johnm@gentoo.org>
422     +hardened-sources-2.6.16-r6.ebuild:
423     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
424 johnm 1.97
425     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
426     hardened-sources-2.6.14-r8.ebuild:
427     fix x86_64 build problem, this will delay the digest issue again for a short
428     while but it will sort itself out
429 johnm 1.96
430     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
431     hardened-sources-2.6.14-r8.ebuild:
432     bump hardened patchset
433 antarus 1.94
434     27 Apr 2006; Alec Warner <antarus@gentoo.org>
435     files/digest-hardened-sources-2.4.32-r2,
436     files/digest-hardened-sources-2.4.32-r3,
437     files/digest-hardened-sources-2.6.14-r8, Manifest:
438     Fixing duff SHA256 digests: Bug # 131293
439 johnm 1.93
440 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
441    
442     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
443     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
444     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
445     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
446     cleanup of old uneccessary sources
447    
448 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
449     fix digest
450 johnm 1.92
451     *hardened-sources-2.6.14-r8 (20 Apr 2006)
452    
453     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
454     +hardened-sources-2.6.14-r8.ebuild:
455     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
456 johnm 1.91
457     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
458     Turning on gpg-signing again, and recomitting
459 johnm 1.90
460     *hardened-sources-2.6.16-r4 (20 Apr 2006)
461    
462     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
463     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
464     +hardened-sources-2.6.16-r4.ebuild:
465     Fix numerous security vulns
466 solar 1.89
467     *hardened-sources-2.4.32-r3 (16 Apr 2006)
468    
469     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
470     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
471     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
472     - security bump for bug #112791. Removed old ebuilds
473 johnm 1.88
474     *hardened-sources-2.6.16-r3 (15 Apr 2006)
475    
476     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
477     +hardened-sources-2.6.16-r3.ebuild:
478     Removing silly localversion which I missed
479 johnm 1.87
480     *hardened-sources-2.6.14-r7 (14 Apr 2006)
481    
482     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
483     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
484     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
485 johnm 1.86
486     *hardened-sources-2.6.16-r2 (13 Apr 2006)
487    
488     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
489     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
490     +hardened-sources-2.6.16-r2.ebuild:
491     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
492     labels, dropping USERGROUP define fixes, since these were merged mainstream.
493 johnm 1.85
494     *hardened-sources-2.6.16-r1 (11 Apr 2006)
495    
496     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
497     +hardened-sources-2.6.16-r1.ebuild:
498     Bumping to include ppc build fix and 2.6.16.3
499 tsunam 1.84
500     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
501     hardened-sources-2.6.14-r6.ebuild:
502     Stable on x86; bug #127718
503 johnm 1.83
504     *hardened-sources-2.6.16 (31 Mar 2006)
505    
506     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
507     +hardened-sources-2.6.16.ebuild:
508     Bumping to new version of grsec, and kernel base. New squashfs. Based on
509     2.6.16.1
510 cryos 1.82
511     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
512     hardened-sources-2.6.14-r6.ebuild:
513     Stable on amd64, bug 127718.
514 nixnut 1.81
515     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
516     Stable on ppc. Bug #127718
517 johnm 1.80
518     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
519     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
520     -hardened-sources-2.6.14-r4.ebuild:
521     Cleanup.
522 johnm 1.79
523     *hardened-sources-2.6.14-r6 (15 Mar 2006)
524    
525     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
526     +hardened-sources-2.6.14-r6.ebuild:
527     Fixes grsec policy recreation bug and adds a
528     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
529 solar 1.78
530     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
531     - stable on x86
532 hansmi 1.77
533     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
534     hardened-sources-2.6.14-r5.ebuild:
535     Stable on ppc.
536 johnm 1.76
537     *hardened-sources-2.6.14-r5 (01 Feb 2006)
538    
539     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
540     +hardened-sources-2.6.14-r5.ebuild:
541     fixing every known exploit
542 solar 1.75
543     *hardened-sources-2.4.32-r2 (26 Jan 2006)
544    
545     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
546     +hardened-sources-2.4.32-r2.ebuild:
547     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
548 solar 1.74
549     *hardened-sources-2.6.14-r4 (12 Jan 2006)
550    
551     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
552     - version bump for new genpatches which fix up a few sec holes
553 solar 1.73
554     *hardened-sources-2.4.32-r1 (05 Jan 2006)
555    
556     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
557     - revision bump to add misc vital linux kernel security patches.
558 johnm 1.72
559     *hardened-sources-2.6.14-r3 (30 Dec 2005)
560    
561     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
562     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
563     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
564 johnm 1.71
565     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
566     hardened-sources-2.6.14-r2.ebuild:
567     making x86 & amd64 stable following testing.
568 johnm 1.70
569     *hardened-sources-2.6.14-r2 (27 Dec 2005)
570    
571     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
572     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
573     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
574     network hooks.
575 johnm 1.69
576     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
577     hardened-sources-2.6.14-r1.ebuild:
578     bumping to stable early for sec fix on x86 & amd64
579 johnm 1.68
580     *hardened-sources-2.6.14-r1 (05 Dec 2005)
581    
582     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
583     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
584     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
585 solar 1.67
586     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
587     - stable on x86 security bug #114227 CAN-2005-3257
588 kang 1.66
589     *hardened-sources-2.4.32 (19 Nov 2005)
590    
591     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
592     +hardened-sources-2.4.32.ebuild:
593     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
594     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
595     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
596     rsbac >> /etc/portage/package.use)
597 johnm 1.65
598     *hardened-sources-2.6.14 (14 Nov 2005)
599    
600     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
601     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
602     Bumping 2.6 series to 2.6.14.2
603 johnm 1.64
604     *hardened-sources-2.6.13-r2 (20 Oct 2005)
605    
606     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
608     +hardened-sources-2.6.13-r2.ebuild:
609     Fixes minor build error in ppc.
610 johnm 1.63
611     *hardened-sources-2.6.13-r1 (17 Oct 2005)
612    
613     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
614     +hardened-sources-2.6.13-r1.ebuild:
615     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
616     2.6.13.4, fixes some major amd64 stability problems.
617 johnm 1.62
618     *hardened-sources-2.6.13 (16 Sep 2005)
619    
620     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
621     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
622     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
623     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
624     users should test this thoroughly.
625 solar 1.61
626     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
627     - stable on x86
628 johnm 1.60
629     *hardened-sources-2.6.11-r15 (27 Jun 2005)
630    
631     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
632     +hardened-sources-2.6.11-r15.ebuild:
633     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
634     grsec redefining curr_ip struct.
635 solar 1.59
636     *hardened-sources-2.4.31 (20 Jun 2005)
637    
638     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
639     initial import of 2.4.31 tree
640 johnm 1.58
641     *hardened-sources-2.6.11-r14 (14 Jun 2005)
642    
643     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
644     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
645     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
646     naming scheme to abide by genpatches
647 johnm 1.57
648     *hardened-sources-2.6.11-r13 (18 May 2005)
649    
650     18 May 2005; John Mylchreest <johnm@gentoo.org>
651     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
652     Managed to mangle the Makefile patch from grsec, to miss out the grsec
653     target. sorry about that. Fixes bug #93022
654 johnm 1.56
655     *hardened-sources-2.6.11-r12 (17 May 2005)
656    
657     17 May 2005; John Mylchreest <johnm@gentoo.org>
658     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
659     +hardened-sources-2.6.11-r12.ebuild:
660     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
661     merges in genpatches-base
662 johnm 1.55
663     *hardened-sources-2.6.11-r12 (17 May 2005)
664    
665     17 May 2005; John Mylchreest <johnm@gentoo.org>
666     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
667     +hardened-sources-2.6.11-r12.ebuild:
668     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
669     merges in genpatches-base
670 solar 1.54
671     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
672     -files/2.4.27-cmdline-race.patch,
673     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
674     -files/2.4.28-grsec-binfmt_a.out.patch,
675     -files/2.4.28-grsec-cmdline-race.patch,
676     -files/2.4.28-selinux-binfmt_a.out.patch,
677     -files/2.4.28-selinux-cmdline-race.patch,
678     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
679     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
680     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
681     cleanup..
682 solar 1.53
683     *hardened-sources-2.4.30-r1 (21 Apr 2005)
684    
685     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
686     - disable aout by default
687 solar 1.52
688     *hardened-sources-2.4.30 (18 Apr 2005)
689    
690     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
691     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
692     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
693     use
694 tocharian 1.50
695 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
696    
697     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
698     +hardened-sources-2.4.29.ebuild:
699     New hardened-patches-2.4-29.0 patchball.
700     Removed SELinux support, upgraded GRSecurity to 2.1.4.
701    
702     *hardened-sources-2.4.28-r5 (06 Mar 2005)
703    
704     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
705     +hardened-sources-2.4.28-r5.ebuild:
706     Added a fix for a PaX vulnerability.
707    
708     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
709 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
710     Stable on x86
711 solar 1.49
712     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
713     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
714     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
715     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
716     - fixed/added RDEPEND= in all kernel-2 ebuilds
717 tocharian 1.48
718     *hardened-sources-2.4.28-r4 (21 Jan 2005)
719    
720     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721     +hardened-sources-2.4.28-r4.ebuild:
722     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
723     backport of neighbour hash updates.
724 tocharian 1.47
725     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
726     hardened-sources-2.4.28-r3.ebuild:
727     Stable on x86
728 tseng 1.46
729     *hardened-sources-2.6.10-r3 (20 Jan 2005)
730    
731     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
732     +hardened-sources-2.6.10-r3.ebuild:
733     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
734     in 2005.0
735 tocharian 1.45
736     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
737     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
738     hardened-sources-2.4.28-r2.ebuild:
739     Mark stable on x86
740 tocharian 1.44
741     *hardened-sources-2.4.28-r3 (17 Jan 2005)
742    
743     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
744     +hardened-sources-2.4.28-r3.ebuild:
745     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
746 tocharian 1.43
747     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
748     hardened-sources-2.4.28.ebuild:
749     Mark stable on x86.
750 tocharian 1.42
751     *hardened-sources-2.4.28-r2 (13 Jan 2005)
752    
753     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754     +hardened-sources-2.4.28-r2.ebuild:
755     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
756     Mazinger for grsecurity patches as well.
757 plasmaroo 1.41
758     *hardened-sources-2.4.28-r1 (23 Dec 2004)
759    
760     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
761     Security bump. Thank tocharian for rolling a new patchset...
762 solar 1.40
763     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
764     +files/2.4.28-grsec-cmdline-race.patch,
765     +files/2.4.28-selinux-binfmt_a.out.patch,
766     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
767     - Round up remaining security patches that appear to be missing in 2.4.28. -
768     PaX standalone updated to current. hgpv=28.1
769 solar 1.39
770     *hardened-sources-2.4.28 (28 Nov 2004)
771    
772     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
773     security bump. Thank tocharian for rolling a new patchset
774 scox 1.31
775 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
776    
777     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
778     +hardened-sources-2.4.27-r3.ebuild:
779     Applies the new 2.4-27.2 patchball which updates
780     GRSecurity to the 2.0.1 version.
781    
782 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
783    
784     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
785     +hardened-sources-2.4.27-r2.ebuild:
786     Version bump.
787     This version uses the new 2.4-27.1 patchball which updates
788     both the SELinux PaX hooks patch and the SELinux headers.
789    
790 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
791    
792     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
793     +hardened-sources-2.4.27-r1.ebuild,
794     -hardened-sources-2.4.27.ebuild,
795     +files/2.4.27-cmdline-race.patch:
796     Version bump, fix for cmdline race. See bug #59905.
797    
798     *hardened-sources-2.4.26-r6 (09 Aug 2004)
799    
800     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
801     +hardened-sources-2.4.26-r6.ebuild,
802     -hardened-sources-2.4.26-r5.ebuild,
803     -hardened-sources-2.4.26-r4.ebuild,
804     +files/2.4.26-cmdline-race.patch:
805     Version bump, fix for cmdline race. See bug #59905.
806    
807 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
808    
809     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
810     +hardened-sources-2.4.27.ebuild,
811     +files/2.4.27-CAN-2004-0394.patch:
812     Ported the patchball to the 2.4.27 kernel version.
813    
814 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
815    
816     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
817     +hardened-sources-2.4.26-r5.ebuild:
818 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
819 scox 1.34 It adds the following features:
820     - Squashfs
821     - Ebtables
822     - Netdev random (core+drivers)
823     - Watchdog Timer (WDT) fix.
824    
825 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
826    
827     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
828     +hardened-sources-2.4.26-r4.ebuild,
829     +files/2.4.26-CAN-2004-0415.patch,
830     -hardened-sources-2.4.26-3:
831     Version bump, fix for CAN 0415, see bug #59378.
832    
833 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
834    
835     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
836     +hardened-sources-2.4.26-r3.ebuild,
837     +files/2.4.26-CAN-2004-0497.patch,
838     -hardened-sources-2.4.26-r2.ebuild:
839     Version bump, fixed CAN 0497, see bug #56171.
840    
841 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
842    
843     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
844 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
845 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
846     +files/2.4.26-CAN-2004-0535.patch,
847     -hardened-sources-2.4.26-r1.ebuild:
848     Fixes for both CAN 0495 and 0535, see bug #54976
849 pvdabeel 1.27
850 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
851     hardened-sources-2.4.26-r1.ebuild:
852     QA - fix use invocation
853 scox 1.28
854     *hardened-sources-2.4.26-r1 (22 June 2004)
855    
856     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
857     +hardened-sources-2.4.26-r1.ebuild,
858     +files/2.4.26-CAN-2004-0394.patch,
859     +files/2.4.26-signal-race.patch,
860     -hardened-sources-2.4.26.ebuild,
861     -hardened-sources-2.4.24-r3.ebuild:
862     Version bump for the CAN-2004-0394 issue and bug #53804
863     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
864    
865    
866 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
867     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
868     Masked hardened-sources-2.4.26.ebuild broken for ppc
869    
870     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
871     hardened-sources-2.4.24-r3.ebuild:
872     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
873 plasmaroo 1.25
874 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
875    
876     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
877     +hardened-sources-2.4.26.ebuild:
878     Updated hardened-sources for the 2.4.26 kernel
879     Removed broken components, updated almost everything.
880    
881 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
882    
883     17 Apr 2004; <plasmaroo@gentoo.org>
884     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
885     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
886     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
887     +hardened-sources-2.4.24-r3.ebuild:
888     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
889     vulnerabilities. Old revisions removed.
890 plasmaroo 1.24
891     *hardened-sources-2.4.24-r2 (15 Apr 2004)
892    
893     15 Apr 2004; <plasmaroo@gentoo.org>
894     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
895     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
896     Version bump for the CAN-2004-0109 issue; bug #47881.
897 aliz 1.23
898     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
899     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
900     Add eutils to inherit.
901 plasmaroo 1.22
902     *hardened-sources-2.4.24-r1 (19 Feb 2004)
903    
904     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
905     files/hardened-sources-2.4.24.munmap.patch:
906     Added the patch for the mremap/munmap vulnerability. Bug #42024.
907 scox 1.19
908 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
909 scox 1.26
910 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
911     hardened-sources-2.4.24.ebuild:
912     Version bump, updated most of the components.
913     This release includes the following:
914    
915     - Hardened security
916     - Netfilter patch-o-matic 20031219
917     - FreeSWAN 2.04 & x509 1.4.8
918     - EVMS 2.2.2
919     - XFS 1.3.1
920     - cryptoloop jari
921     - grsecurity 2.0-rc4
922     - SELinux
923     - PaX 200402060000
924     - PaX Obscurity 200308302223
925     - Others...
926    
927     Neither -ck nor systrace are included anymore.
928    
929 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
930    
931     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
932     hardened-sources-2.4.22-r2.ebuild:
933 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
934 scox 1.19
935     *hardened-sources-2.4.22-r1 (02 Dec 2003)
936 iggy 1.17
937     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
938 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
939 iggy 1.16
940     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
941 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
942     Version bump for the 'do_brk' vulnerability.
943 iggy 1.15
944     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
945     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
946     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
947     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
948 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
949 frogger 1.14
950     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
951     hardened-sources-2.4.22.ebuild:
952 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
953     components. These are no longer handled in the kernel
954     so this code was not necessary.
955 frogger 1.13
956     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
957     New 2.4.22 based hardened-sources thanks to
958     Phil West <p.west@computer.org>.
959    
960     These sources include:
961 plasmaroo 1.18 - New SELinux API
962     - Updated CK-base
963     - Updated GRSec
964     - Systrace
965     - SuperFreeS/WAN 1.99.8
966     - Propolice kernel build support
967     - EVMS
968     - Other various security related patches
969 frogger 1.11
970 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
971    
972     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
973     Updated hardened-sources based on the 2.4.21 Linux kernel.
974     This includes updates to most major components such as:
975 plasmaroo 1.18 - ck-base-0306300059
976     - selinux-2.4-2003071106
977     - grsecurity-2.0-rc1
978     - Updated IPTables patch-o-matic
979     - Updated SuperFreeS/WAN
980    
981 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
982     updated patch set ready for the 2.4.21 based kernel.
983    
984 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
985     Initial import of hardened-sources-2.4.20-r4. This revision
986     includes only a few changes, but one of these is an important
987     security fix. It is recommended all users of hardened-sources
988     upgrade to this release.
989 plasmaroo 1.18
990 frogger 1.11 - ioperm bug fix
991     - fixed compilation failure when building without GRSec
992 plasmaroo 1.18
993 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
994     due to time constraints, but is planned for inclusion in the near
995     future.
996 msterret 1.10
997     *hardened-sources-2.4.20-r2 (12 Jun 2003)
998    
999     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1000     hardened-sources-2.4.20-r3.ebuild:
1001 plasmaroo 1.18 Add Header...
1002 frogger 1.9
1003     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1004     hardened-sources-2.4.20-r3.ebuild:
1005     Removed warnings from ebuild. This kernel should be safe to
1006     use at this point.
1007 frogger 1.8
1008     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1009    
1010     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1011     hardened-sources-2.4.20-r3.ebuild:
1012     New revision. Includes the following changes over -r2:
1013 plasmaroo 1.18
1014 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1015     - Super FreeS/WAN 1.99.7rc2
1016     - PaX for the LSM/SELinux branch
1017     - GRSecurity 2.0-pre4 (role based access control)
1018     - Systrace 1.3
1019     - EXT3 fixes
1020     - EVMS 2.0.1
1021     - GCC 3.1+ compile optimizations
1022     - ProPolice kernel build support
1023     - Hashing table security fixes
1024 frogger 1.3
1025     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1026 frogger 1.7
1027     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1028     Initial import of hardened-sources-r2. This new
1029     ebuild includes many new performance and security
1030     related patches. As in -r1, it will patch in
1031     LSM/SELinux if "selinux" is in USE, otherwise it
1032     will patch in GRSecurity. The following patches
1033     are included in this revision:
1034 plasmaroo 1.18
1035 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1036     (pulled from the base CK patch)
1037     - ptrace exploit patch for the LSM kernel
1038     (the GRSec patch already fixes this)
1039     - LSM 2.4-2003040709
1040     - SELinux 2.4-2003040709
1041     - Systrace v1.2
1042     - IPTables patch-o-matic base patches - 20030107
1043     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1044     - Super FreeS/WAN 1.99.6.1
1045     - GRSecurity 1.9.9g
1046     - MPPE
1047     - EXT3 data journal fix
1048     - CIPE 1.5.4
1049 frogger 1.6
1050     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1051     hardened-sources-2.4.20-r1.ebuild, manifest:
1052 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1053 frogger 1.5
1054     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1055     hardened-sources-2.4.20-r1.ebuild:
1056     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1057     is patched in instead. Ptrace patches for selinux have also been added. In
1058     either case, systrace support will be patched in as well.
1059 frogger 1.3
1060     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1061     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1062 plasmaroo 1.18 Revision bump for new sources.
1063 frogger 1.4
1064 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1065 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1066 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1067 method 1.1
1068 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1069    
1070 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1071     hardened-sources-2.4.20.ebuild:
1072 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20