/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.169 - (hide annotations) (download)
Thu Aug 16 16:15:03 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.168: +7 -1 lines
Revision bump for Linux 2.6.20.16.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.169 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.168 2007/08/13 21:29:33 phreak Exp $
4    
5     *hardened-sources-2.6.20-r7 (16 Aug 2007)
6    
7     16 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.20-r7.ebuild:
9     Revision bump for Linux 2.6.20.16.
10 phreak 1.168
11     *hardened-sources-2.6.22-r1 (13 Aug 2007)
12    
13     13 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.22-r1.ebuild:
15     Yet another revision bump.
16 phreak 1.167
17     *hardened-sources-2.6.22 (10 Aug 2007)
18    
19     10 Aug 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.22.ebuild:
21     Initial release for 2.6.22. If you are using hardened-sources on a desktop
22     machine (P4 or newer), be aware you might need to disable
23     CONFIG_PAX_PAGEEXEC.
24 phreak 1.166
25     04 Aug 2007; Christian Heim <phreak@gentoo.org>
26     hardened-sources-2.6.20-r6.ebuild:
27     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
28     2.6.20.15.
29 phreak 1.165
30     10 Jul 2007; Christian Heim <phreak@gentoo.org>
31     hardened-sources-2.6.20-r5.ebuild:
32     Marking hardened-sources-2.6.20-r5 stable on ppc.
33 phreak 1.164
34     10 Jul 2007; Christian Heim <phreak@gentoo.org>
35     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
36     Cleanup.
37 phreak 1.163
38     *hardened-sources-2.6.20-r6 (08 Jul 2007)
39    
40     08 Jul 2007; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.20-r6.ebuild:
42     Revision bump, grabbing yet another stable release.
43 phreak 1.162
44     17 Jun 2007; Christian Heim <phreak@gentoo.org>
45     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
46     -hardened-sources-2.6.21-r2.ebuild:
47     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
48     alpha stable KEYWORD by mistake.
49 phreak 1.161
50     17 Jun 2007; Christian Heim <phreak@gentoo.org>
51     hardened-sources-2.6.20-r5.ebuild:
52     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
53     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
54 phreak 1.160
55     *hardened-sources-2.6.21-r3 (12 Jun 2007)
56    
57     12 Jun 2007; Christian Heim <phreak@gentoo.org>
58     +hardened-sources-2.6.21-r3.ebuild:
59     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
60     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
61     love.
62 phreak 1.159
63     *hardened-sources-2.6.20-r5 (11 Jun 2007)
64    
65     11 Jun 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.20-r5.ebuild:
67     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
68     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
69     love.
70 pappy 1.158
71     *hardened-sources-2.4.34.5 (11 Jun 2007)
72    
73     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
74     +hardened-sources-2.4.34.5.ebuild:
75     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
76 phreak 1.157
77     30 May 2007; Christian Heim <phreak@gentoo.org>
78     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
79     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
80     stale ebuild(s).
81 phreak 1.156
82     30 May 2007; Christian Heim <phreak@gentoo.org>
83     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
84     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
85     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
86     Doing some cleanups, remove stale ebuilds.
87 phreak 1.155
88     26 May 2007; Christian Heim <phreak@gentoo.org>
89     hardened-sources-2.6.21-r2.ebuild:
90     Fixing the grsecurity patch, had one '};' too much.
91 phreak 1.154
92     *hardened-sources-2.6.21-r2 (26 May 2007)
93    
94     26 May 2007; Christian Heim <phreak@gentoo.org>
95     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
96     +hardened-sources-2.6.21-r2.ebuild:
97     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
98     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
99 phreak 1.153
100     *hardened-sources-2.6.20-r4 (26 May 2007)
101    
102     26 May 2007; Christian Heim <phreak@gentoo.org>
103     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
104     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
105 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
106 phreak 1.152
107     15 May 2007; Christian Heim <phreak@gentoo.org>
108     hardened-sources-2.6.20-r3.ebuild:
109     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
110     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
111     grsecurity patch fail in that exact same hunk.
112 phreak 1.151
113     *hardened-sources-2.6.20-r3 (15 May 2007)
114    
115     15 May 2007; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
117     Revision bump, incorporating Linux 2.6.20.11.
118    
119     *hardened-sources-2.6.21-r1 (11 May 2007)
120    
121     11 May 2007; Christian Heim <phreak@gentoo.org>
122     +hardened-sources-2.6.21-r1.ebuild:
123     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
124     mentioned in #177234.
125 kevquinn 1.150
126     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
127     files/digest-hardened-sources-2.6.21, Manifest:
128     Fix Manifest/digest for linux-2.6.21.tar.bz2
129 phreak 1.149
130     06 May 2007; Christian Heim <phreak@gentoo.org>
131     hardened-sources-2.6.21.ebuild:
132     Bumping the hardened-patches version, needed for the fix for #177234.
133 phreak 1.148
134     *hardened-sources-2.6.21 (02 May 2007)
135    
136     02 May 2007; Christian Heim <phreak@gentoo.org>
137     +hardened-sources-2.6.21.ebuild:
138     Version bump, Linux 2.6.21-hardened.
139 phreak 1.147
140     29 Apr 2007; Christian Heim <phreak@gentoo.org>
141     hardened-sources-2.6.20-r2.ebuild:
142     Adding ~ia64 on Ned's request.
143 phreak 1.146
144     29 Apr 2007; Christian Heim <phreak@gentoo.org>
145     hardened-sources-2.6.20-r2.ebuild:
146     Fixing the included grsecurity patch, wasn't alligning due to the Index:
147     header line(s).
148 phreak 1.145
149     29 Apr 2007; Christian Heim <phreak@gentoo.org>
150     hardened-sources-2.6.20-r2.ebuild:
151     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
152 armin76 1.144
153     *hardened-sources-2.6.20-r2 (10 Apr 2007)
154    
155     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
156     +hardened-sources-2.6.20-r2.ebuild:
157     Version bump, on behalf of phreak
158 phreak 1.143
159     *hardened-sources-2.6.20-r1 (04 Apr 2007)
160    
161     04 Apr 2007; Christian Heim <phreak@gentoo.org>
162     +hardened-sources-2.6.20-r1.ebuild:
163     Revision bump, grabbing a newer grsecurity snapshot.
164 phreak 1.142
165     *hardened-sources-2.6.20 (25 Mar 2007)
166    
167     25 Mar 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.6.20.ebuild:
169     Finally a hardened-sources version for 2.6.20; many people have been waiting
170     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
171     testbox.
172 chainsaw 1.141
173     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
174     hardened-sources-2.6.18-r6.ebuild:
175     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
176 phreak 1.140
177     *hardened-sources-2.6.18-r6 (16 Mar 2007)
178    
179     16 Mar 2007; Christian Heim <phreak@gentoo.org>
180     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
181     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
182     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
183     supposed to be.
184 phreak 1.139
185     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
186     Fixing the Manifest, the previous one was broken (as in still had the
187     deleted ebuild in it).
188 phreak 1.138
189     06 Mar 2007; Christian Heim <phreak@gentoo.org>
190     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
191     +hardened-sources-2.6.18-r5.ebuild:
192     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
193     Linux 2.6.18.8. Also cleaning up the older version.
194    
195     *hardened-sources-2.6.18-r5 (06 Mar 2007)
196    
197     06 Mar 2007; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
199     +hardened-sources-2.6.18-r5.ebuild:
200     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
201     Linux 2.6.18.8. Also cleaning up the older version.
202 phreak 1.137
203     24 Feb 2007; Christian Heim <phreak@gentoo.org>
204     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
205     -hardened-sources-2.6.19-r5.ebuild:
206     Removing some of the old version, that didn't work.
207 phreak 1.136
208     *hardened-sources-2.6.19-r6 (12 Feb 2007)
209    
210     12 Feb 2007; Christian Heim <phreak@gentoo.org>
211     +hardened-sources-2.6.19-r6.ebuild:
212     Revision bump, including a new grsec version fixing #166235.
213 pappy 1.134
214     *hardened-sources-2.4.34 (24 Jan 2007)
215    
216     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
217 pappy 1.135 Manifest:
218     updating Manifest with checksums of new tarball and ebuild
219    
220     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
221 pappy 1.134 +hardened-sources-2.4.34.ebuild:
222     I added new hardened sources 2.4 update, this is a critical path
223     security bugfix - all users of h-s are strongly advised
224     to update their existing hardened sources to this version.
225     It contains a fix for a kernel vulnerability that is pertaining
226     to the PaX changes to virtual memory management, possibly leading
227     to a local kernel exploit ... see grsecurity.net forums and homepage
228 phreak 1.133
229     23 Jan 2007; Christian Heim <phreak@gentoo.org>
230     files/digest-hardened-sources-2.6.19-r5, Manifest:
231     Fixing the patch-tarball digest.
232 phreak 1.132
233     *hardened-sources-2.6.19-r5 (23 Jan 2007)
234    
235     23 Jan 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.19-r5.ebuild:
237     Revision bump, closing the recently discovered PaX expand_stack()
238     vulnerability.
239 phreak 1.131
240     *hardened-sources-2.6.19-r4 (14 Jan 2007)
241    
242     14 Jan 2007; Christian Heim <phreak@gentoo.org>
243     +hardened-sources-2.6.19-r4.ebuild:
244     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
245     dropping the randomized PID feature.
246 opfer 1.130
247     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
248     hardened-sources-2.4.33.4.ebuild:
249     stable x86, bug #161171
250 phreak 1.129
251     *hardened-sources-2.6.19-r3 (27 Dec 2006)
252    
253     27 Dec 2006; Christian Heim <phreak@gentoo.org>
254     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
255     Revision bump for bug #157186 and #158786.
256 phreak 1.128
257     *hardened-sources-2.6.18-r4 (27 Dec 2006)
258    
259     27 Dec 2006; Christian Heim <phreak@gentoo.org>
260     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
261     Revision bump for bug #157186.
262 phreak 1.127
263     *hardened-sources-2.6.19-r2 (23 Dec 2006)
264    
265     23 Dec 2006; Christian Heim <phreak@gentoo.org>
266     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
267     Revision bump to pull in genpatches-2.6.19-3 for #157186.
268 phreak 1.126
269     17 Dec 2006; Christian Heim <phreak@gentoo.org>
270     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
271     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
272     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
273     hardened-sources-2.6.19-r1.ebuild:
274     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
275     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
276 pappy 1.125
277     *hardened-sources-2.4.33.4 (17 Dec 2006)
278    
279     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
280     +hardened-sources-2.4.33.4.ebuild:
281     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
282     and quilting
283 phreak 1.124
284     *hardened-sources-2.6.19-r1 (14 Dec 2006)
285    
286     14 Dec 2006; Christian Heim <phreak@gentoo.org>
287     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
288     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
289     for reporting).
290 phreak 1.123
291     *hardened-sources-2.6.19 (13 Dec 2006)
292    
293     13 Dec 2006; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.19.ebuild:
295     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
296     Brad for providing that prompt update.
297 phreak 1.122
298     *hardened-sources-2.6.18-r3 (13 Dec 2006)
299    
300     13 Dec 2006; Christian Heim <phreak@gentoo.org>
301     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
302     +hardened-sources-2.6.18-r3.ebuild:
303     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
304     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
305 phreak 1.121
306     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
307     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
308 nixnut 1.120
309     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
310     Stable on ppc wrt bug 157356
311 opfer 1.119
312     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
313     hardened-sources-2.6.18.ebuild:
314     stable x86, bug #157356
315 phreak 1.118
316     *hardened-sources-2.6.18-r2 (06 Dec 2006)
317    
318     06 Dec 2006; Christian Heim <phreak@gentoo.org>
319     +hardened-sources-2.6.18-r2.ebuild:
320     Revision bump, including 2.6.18.5 (via genpatches) and
321     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
322     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
323     redesign.
324 phreak 1.117
325     06 Dec 2006; Christian Heim <phreak@gentoo.org>
326     hardened-sources-2.6.18.ebuild:
327     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
328     of Mike Doty).
329 phreak 1.116
330     *hardened-sources-2.6.18-r1 (23 Nov 2006)
331    
332     23 Nov 2006; Christian Heim <phreak@gentoo.org>
333     +hardened-sources-2.6.18-r1.ebuild:
334     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
335 phreak 1.115
336     *hardened-sources-2.6.18 (11 Nov 2006)
337    
338     11 Nov 2006; Christian Heim <phreak@gentoo.org>
339     +hardened-sources-2.6.18.ebuild:
340     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
341 solar 1.114
342     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
343     - mark amd64 stable also. bug #151877
344 solar 1.113
345     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
346     - mark 2.6.17-r1 stable
347 phreak 1.112
348     27 Aug 2006; Christian Heim <phreak@gentoo.org>
349     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
350     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
351 phreak 1.111
352     *hardened-sources-2.6.17-r1 (26 Aug 2006)
353    
354     26 Aug 2006; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.17-r1.ebuild:
356     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
357     grsecurity patch.
358 phreak 1.110
359     *hardened-sources-2.6.17 (17 Aug 2006)
360    
361     17 Aug 2006; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.17.ebuild:
363     Bumping the hardened-sources-2.6 series to 2.6.17, using
364     genpatches-2.6.17-6.base.
365 solar 1.109
366     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
367     - stable on x86 and amd64
368 solar 1.108
369     *hardened-sources-2.6.16-r11 (15 Jul 2006)
370    
371     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
372     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
373     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
374     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
375     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
376     crusty ebuilds
377 johnm 1.107
378     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
379     hardened-sources-2.6.16-r10.ebuild:
380     marking stable on x86 and amd64
381 solar 1.106
382     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
383     - 2.4.32-r6 stable on x86. RSBAC state unknown
384 kang 1.105
385     *hardened-sources-2.4.32-r7 (10 Jul 2006)
386    
387     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
388     +hardened-sources-2.4.32-r7.ebuild:
389     Bump PaX for RSBAC to test-17
390 johnm 1.104
391     *hardened-sources-2.6.16-r9 (03 Jul 2006)
392    
393     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
394     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
395     hardened-sources-2.6.16 bump to latest -base.
396 solar 1.103
397     *hardened-sources-2.4.32-r6 (30 Jun 2006)
398    
399     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
400     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
401     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
402     sysctl controlable resource logging
403 johnm 1.102
404     *hardened-sources-2.6.16-r7 (05 Jun 2006)
405    
406     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
407     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
408     push new 2.6.16 release in preparation for stable
409 solar 1.101
410     22 May 2006; <solar@gentoo.org> :
411     - redigest bug 134002
412 kang 1.100
413     *hardened-sources-2.4.32-r5 (16 May 2006)
414    
415     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
416     +hardened-sources-2.4.32-r5.ebuild:
417     Fixes rsbac common patching (new patch in new -r5 patchset)
418 solar 1.99
419     *hardened-sources-2.4.32-r4 (13 May 2006)
420    
421     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
422     +hardened-sources-2.4.32-r4.ebuild:
423     - security bumps
424 johnm 1.98
425     *hardened-sources-2.6.16-r6 (03 May 2006)
426    
427     03 May 2006; John Mylchreest <johnm@gentoo.org>
428     +hardened-sources-2.6.16-r6.ebuild:
429     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
430 johnm 1.97
431     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
432     hardened-sources-2.6.14-r8.ebuild:
433     fix x86_64 build problem, this will delay the digest issue again for a short
434     while but it will sort itself out
435 johnm 1.96
436     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
437     hardened-sources-2.6.14-r8.ebuild:
438     bump hardened patchset
439 antarus 1.94
440     27 Apr 2006; Alec Warner <antarus@gentoo.org>
441     files/digest-hardened-sources-2.4.32-r2,
442     files/digest-hardened-sources-2.4.32-r3,
443     files/digest-hardened-sources-2.6.14-r8, Manifest:
444     Fixing duff SHA256 digests: Bug # 131293
445 johnm 1.93
446 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
447    
448     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
449     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
450     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
451     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
452     cleanup of old uneccessary sources
453    
454 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
455     fix digest
456 johnm 1.92
457     *hardened-sources-2.6.14-r8 (20 Apr 2006)
458    
459     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
460     +hardened-sources-2.6.14-r8.ebuild:
461     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
462 johnm 1.91
463     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
464     Turning on gpg-signing again, and recomitting
465 johnm 1.90
466     *hardened-sources-2.6.16-r4 (20 Apr 2006)
467    
468     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
469     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
470     +hardened-sources-2.6.16-r4.ebuild:
471     Fix numerous security vulns
472 solar 1.89
473     *hardened-sources-2.4.32-r3 (16 Apr 2006)
474    
475     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
476     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
477     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
478     - security bump for bug #112791. Removed old ebuilds
479 johnm 1.88
480     *hardened-sources-2.6.16-r3 (15 Apr 2006)
481    
482     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
483     +hardened-sources-2.6.16-r3.ebuild:
484     Removing silly localversion which I missed
485 johnm 1.87
486     *hardened-sources-2.6.14-r7 (14 Apr 2006)
487    
488     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
489     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
490     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
491 johnm 1.86
492     *hardened-sources-2.6.16-r2 (13 Apr 2006)
493    
494     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
495     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
496     +hardened-sources-2.6.16-r2.ebuild:
497     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
498     labels, dropping USERGROUP define fixes, since these were merged mainstream.
499 johnm 1.85
500     *hardened-sources-2.6.16-r1 (11 Apr 2006)
501    
502     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
503     +hardened-sources-2.6.16-r1.ebuild:
504     Bumping to include ppc build fix and 2.6.16.3
505 tsunam 1.84
506     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
507     hardened-sources-2.6.14-r6.ebuild:
508     Stable on x86; bug #127718
509 johnm 1.83
510     *hardened-sources-2.6.16 (31 Mar 2006)
511    
512     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
513     +hardened-sources-2.6.16.ebuild:
514     Bumping to new version of grsec, and kernel base. New squashfs. Based on
515     2.6.16.1
516 cryos 1.82
517     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
518     hardened-sources-2.6.14-r6.ebuild:
519     Stable on amd64, bug 127718.
520 nixnut 1.81
521     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
522     Stable on ppc. Bug #127718
523 johnm 1.80
524     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
525     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
526     -hardened-sources-2.6.14-r4.ebuild:
527     Cleanup.
528 johnm 1.79
529     *hardened-sources-2.6.14-r6 (15 Mar 2006)
530    
531     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
532     +hardened-sources-2.6.14-r6.ebuild:
533     Fixes grsec policy recreation bug and adds a
534     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
535 solar 1.78
536     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
537     - stable on x86
538 hansmi 1.77
539     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
540     hardened-sources-2.6.14-r5.ebuild:
541     Stable on ppc.
542 johnm 1.76
543     *hardened-sources-2.6.14-r5 (01 Feb 2006)
544    
545     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
546     +hardened-sources-2.6.14-r5.ebuild:
547     fixing every known exploit
548 solar 1.75
549     *hardened-sources-2.4.32-r2 (26 Jan 2006)
550    
551     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
552     +hardened-sources-2.4.32-r2.ebuild:
553     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
554 solar 1.74
555     *hardened-sources-2.6.14-r4 (12 Jan 2006)
556    
557     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
558     - version bump for new genpatches which fix up a few sec holes
559 solar 1.73
560     *hardened-sources-2.4.32-r1 (05 Jan 2006)
561    
562     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
563     - revision bump to add misc vital linux kernel security patches.
564 johnm 1.72
565     *hardened-sources-2.6.14-r3 (30 Dec 2005)
566    
567     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
568     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
569     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
570 johnm 1.71
571     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
572     hardened-sources-2.6.14-r2.ebuild:
573     making x86 & amd64 stable following testing.
574 johnm 1.70
575     *hardened-sources-2.6.14-r2 (27 Dec 2005)
576    
577     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
578     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
579     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
580     network hooks.
581 johnm 1.69
582     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
583     hardened-sources-2.6.14-r1.ebuild:
584     bumping to stable early for sec fix on x86 & amd64
585 johnm 1.68
586     *hardened-sources-2.6.14-r1 (05 Dec 2005)
587    
588     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
589     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
590     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
591 solar 1.67
592     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
593     - stable on x86 security bug #114227 CAN-2005-3257
594 kang 1.66
595     *hardened-sources-2.4.32 (19 Nov 2005)
596    
597     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
598     +hardened-sources-2.4.32.ebuild:
599     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
600     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
601     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
602     rsbac >> /etc/portage/package.use)
603 johnm 1.65
604     *hardened-sources-2.6.14 (14 Nov 2005)
605    
606     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
608     Bumping 2.6 series to 2.6.14.2
609 johnm 1.64
610     *hardened-sources-2.6.13-r2 (20 Oct 2005)
611    
612     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
613     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
614     +hardened-sources-2.6.13-r2.ebuild:
615     Fixes minor build error in ppc.
616 johnm 1.63
617     *hardened-sources-2.6.13-r1 (17 Oct 2005)
618    
619     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
620     +hardened-sources-2.6.13-r1.ebuild:
621     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
622     2.6.13.4, fixes some major amd64 stability problems.
623 johnm 1.62
624     *hardened-sources-2.6.13 (16 Sep 2005)
625    
626     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
627     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
628     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
629     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
630     users should test this thoroughly.
631 solar 1.61
632     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
633     - stable on x86
634 johnm 1.60
635     *hardened-sources-2.6.11-r15 (27 Jun 2005)
636    
637     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
638     +hardened-sources-2.6.11-r15.ebuild:
639     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
640     grsec redefining curr_ip struct.
641 solar 1.59
642     *hardened-sources-2.4.31 (20 Jun 2005)
643    
644     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
645     initial import of 2.4.31 tree
646 johnm 1.58
647     *hardened-sources-2.6.11-r14 (14 Jun 2005)
648    
649     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
650     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
651     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
652     naming scheme to abide by genpatches
653 johnm 1.57
654     *hardened-sources-2.6.11-r13 (18 May 2005)
655    
656     18 May 2005; John Mylchreest <johnm@gentoo.org>
657     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
658     Managed to mangle the Makefile patch from grsec, to miss out the grsec
659     target. sorry about that. Fixes bug #93022
660 johnm 1.56
661     *hardened-sources-2.6.11-r12 (17 May 2005)
662    
663     17 May 2005; John Mylchreest <johnm@gentoo.org>
664     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
665     +hardened-sources-2.6.11-r12.ebuild:
666     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
667     merges in genpatches-base
668 johnm 1.55
669     *hardened-sources-2.6.11-r12 (17 May 2005)
670    
671     17 May 2005; John Mylchreest <johnm@gentoo.org>
672     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
673     +hardened-sources-2.6.11-r12.ebuild:
674     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
675     merges in genpatches-base
676 solar 1.54
677     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
678     -files/2.4.27-cmdline-race.patch,
679     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
680     -files/2.4.28-grsec-binfmt_a.out.patch,
681     -files/2.4.28-grsec-cmdline-race.patch,
682     -files/2.4.28-selinux-binfmt_a.out.patch,
683     -files/2.4.28-selinux-cmdline-race.patch,
684     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
685     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
686     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
687     cleanup..
688 solar 1.53
689     *hardened-sources-2.4.30-r1 (21 Apr 2005)
690    
691     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
692     - disable aout by default
693 solar 1.52
694     *hardened-sources-2.4.30 (18 Apr 2005)
695    
696     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
697     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
698     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
699     use
700 tocharian 1.50
701 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
702    
703     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
704     +hardened-sources-2.4.29.ebuild:
705     New hardened-patches-2.4-29.0 patchball.
706     Removed SELinux support, upgraded GRSecurity to 2.1.4.
707    
708     *hardened-sources-2.4.28-r5 (06 Mar 2005)
709    
710     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
711     +hardened-sources-2.4.28-r5.ebuild:
712     Added a fix for a PaX vulnerability.
713    
714     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
716     Stable on x86
717 solar 1.49
718     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
719     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
720     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
721     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
722     - fixed/added RDEPEND= in all kernel-2 ebuilds
723 tocharian 1.48
724     *hardened-sources-2.4.28-r4 (21 Jan 2005)
725    
726     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
727     +hardened-sources-2.4.28-r4.ebuild:
728     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
729     backport of neighbour hash updates.
730 tocharian 1.47
731     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
732     hardened-sources-2.4.28-r3.ebuild:
733     Stable on x86
734 tseng 1.46
735     *hardened-sources-2.6.10-r3 (20 Jan 2005)
736    
737     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
738     +hardened-sources-2.6.10-r3.ebuild:
739     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
740     in 2005.0
741 tocharian 1.45
742     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
743     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
744     hardened-sources-2.4.28-r2.ebuild:
745     Mark stable on x86
746 tocharian 1.44
747     *hardened-sources-2.4.28-r3 (17 Jan 2005)
748    
749     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
750     +hardened-sources-2.4.28-r3.ebuild:
751     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
752 tocharian 1.43
753     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754     hardened-sources-2.4.28.ebuild:
755     Mark stable on x86.
756 tocharian 1.42
757     *hardened-sources-2.4.28-r2 (13 Jan 2005)
758    
759     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
760     +hardened-sources-2.4.28-r2.ebuild:
761     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
762     Mazinger for grsecurity patches as well.
763 plasmaroo 1.41
764     *hardened-sources-2.4.28-r1 (23 Dec 2004)
765    
766     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
767     Security bump. Thank tocharian for rolling a new patchset...
768 solar 1.40
769     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
770     +files/2.4.28-grsec-cmdline-race.patch,
771     +files/2.4.28-selinux-binfmt_a.out.patch,
772     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
773     - Round up remaining security patches that appear to be missing in 2.4.28. -
774     PaX standalone updated to current. hgpv=28.1
775 solar 1.39
776     *hardened-sources-2.4.28 (28 Nov 2004)
777    
778     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
779     security bump. Thank tocharian for rolling a new patchset
780 scox 1.31
781 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
782    
783     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
784     +hardened-sources-2.4.27-r3.ebuild:
785     Applies the new 2.4-27.2 patchball which updates
786     GRSecurity to the 2.0.1 version.
787    
788 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
789    
790     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
791     +hardened-sources-2.4.27-r2.ebuild:
792     Version bump.
793     This version uses the new 2.4-27.1 patchball which updates
794     both the SELinux PaX hooks patch and the SELinux headers.
795    
796 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
797    
798     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
799     +hardened-sources-2.4.27-r1.ebuild,
800     -hardened-sources-2.4.27.ebuild,
801     +files/2.4.27-cmdline-race.patch:
802     Version bump, fix for cmdline race. See bug #59905.
803    
804     *hardened-sources-2.4.26-r6 (09 Aug 2004)
805    
806     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
807     +hardened-sources-2.4.26-r6.ebuild,
808     -hardened-sources-2.4.26-r5.ebuild,
809     -hardened-sources-2.4.26-r4.ebuild,
810     +files/2.4.26-cmdline-race.patch:
811     Version bump, fix for cmdline race. See bug #59905.
812    
813 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
814    
815     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
816     +hardened-sources-2.4.27.ebuild,
817     +files/2.4.27-CAN-2004-0394.patch:
818     Ported the patchball to the 2.4.27 kernel version.
819    
820 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
821    
822     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
823     +hardened-sources-2.4.26-r5.ebuild:
824 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
825 scox 1.34 It adds the following features:
826     - Squashfs
827     - Ebtables
828     - Netdev random (core+drivers)
829     - Watchdog Timer (WDT) fix.
830    
831 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
832    
833     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
834     +hardened-sources-2.4.26-r4.ebuild,
835     +files/2.4.26-CAN-2004-0415.patch,
836     -hardened-sources-2.4.26-3:
837     Version bump, fix for CAN 0415, see bug #59378.
838    
839 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
840    
841     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
842     +hardened-sources-2.4.26-r3.ebuild,
843     +files/2.4.26-CAN-2004-0497.patch,
844     -hardened-sources-2.4.26-r2.ebuild:
845     Version bump, fixed CAN 0497, see bug #56171.
846    
847 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
848    
849     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
850 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
851 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
852     +files/2.4.26-CAN-2004-0535.patch,
853     -hardened-sources-2.4.26-r1.ebuild:
854     Fixes for both CAN 0495 and 0535, see bug #54976
855 pvdabeel 1.27
856 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
857     hardened-sources-2.4.26-r1.ebuild:
858     QA - fix use invocation
859 scox 1.28
860     *hardened-sources-2.4.26-r1 (22 June 2004)
861    
862     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
863     +hardened-sources-2.4.26-r1.ebuild,
864     +files/2.4.26-CAN-2004-0394.patch,
865     +files/2.4.26-signal-race.patch,
866     -hardened-sources-2.4.26.ebuild,
867     -hardened-sources-2.4.24-r3.ebuild:
868     Version bump for the CAN-2004-0394 issue and bug #53804
869     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
870    
871    
872 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
873     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
874     Masked hardened-sources-2.4.26.ebuild broken for ppc
875    
876     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
877     hardened-sources-2.4.24-r3.ebuild:
878     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
879 plasmaroo 1.25
880 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
881    
882     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
883     +hardened-sources-2.4.26.ebuild:
884     Updated hardened-sources for the 2.4.26 kernel
885     Removed broken components, updated almost everything.
886    
887 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
888    
889     17 Apr 2004; <plasmaroo@gentoo.org>
890     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
891     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
892     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
893     +hardened-sources-2.4.24-r3.ebuild:
894     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
895     vulnerabilities. Old revisions removed.
896 plasmaroo 1.24
897     *hardened-sources-2.4.24-r2 (15 Apr 2004)
898    
899     15 Apr 2004; <plasmaroo@gentoo.org>
900     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
901     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
902     Version bump for the CAN-2004-0109 issue; bug #47881.
903 aliz 1.23
904     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
905     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
906     Add eutils to inherit.
907 plasmaroo 1.22
908     *hardened-sources-2.4.24-r1 (19 Feb 2004)
909    
910     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
911     files/hardened-sources-2.4.24.munmap.patch:
912     Added the patch for the mremap/munmap vulnerability. Bug #42024.
913 scox 1.19
914 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
915 scox 1.26
916 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
917     hardened-sources-2.4.24.ebuild:
918     Version bump, updated most of the components.
919     This release includes the following:
920    
921     - Hardened security
922     - Netfilter patch-o-matic 20031219
923     - FreeSWAN 2.04 & x509 1.4.8
924     - EVMS 2.2.2
925     - XFS 1.3.1
926     - cryptoloop jari
927     - grsecurity 2.0-rc4
928     - SELinux
929     - PaX 200402060000
930     - PaX Obscurity 200308302223
931     - Others...
932    
933     Neither -ck nor systrace are included anymore.
934    
935 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
936    
937     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
938     hardened-sources-2.4.22-r2.ebuild:
939 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
940 scox 1.19
941     *hardened-sources-2.4.22-r1 (02 Dec 2003)
942 iggy 1.17
943     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
944 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
945 iggy 1.16
946     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
947 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
948     Version bump for the 'do_brk' vulnerability.
949 iggy 1.15
950     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
951     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
952     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
953     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
954 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
955 frogger 1.14
956     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
957     hardened-sources-2.4.22.ebuild:
958 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
959     components. These are no longer handled in the kernel
960     so this code was not necessary.
961 frogger 1.13
962     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
963     New 2.4.22 based hardened-sources thanks to
964     Phil West <p.west@computer.org>.
965    
966     These sources include:
967 plasmaroo 1.18 - New SELinux API
968     - Updated CK-base
969     - Updated GRSec
970     - Systrace
971     - SuperFreeS/WAN 1.99.8
972     - Propolice kernel build support
973     - EVMS
974     - Other various security related patches
975 frogger 1.11
976 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
977    
978     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
979     Updated hardened-sources based on the 2.4.21 Linux kernel.
980     This includes updates to most major components such as:
981 plasmaroo 1.18 - ck-base-0306300059
982     - selinux-2.4-2003071106
983     - grsecurity-2.0-rc1
984     - Updated IPTables patch-o-matic
985     - Updated SuperFreeS/WAN
986    
987 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
988     updated patch set ready for the 2.4.21 based kernel.
989    
990 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
991     Initial import of hardened-sources-2.4.20-r4. This revision
992     includes only a few changes, but one of these is an important
993     security fix. It is recommended all users of hardened-sources
994     upgrade to this release.
995 plasmaroo 1.18
996 frogger 1.11 - ioperm bug fix
997     - fixed compilation failure when building without GRSec
998 plasmaroo 1.18
999 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1000     due to time constraints, but is planned for inclusion in the near
1001     future.
1002 msterret 1.10
1003     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1004    
1005     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1006     hardened-sources-2.4.20-r3.ebuild:
1007 plasmaroo 1.18 Add Header...
1008 frogger 1.9
1009     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1010     hardened-sources-2.4.20-r3.ebuild:
1011     Removed warnings from ebuild. This kernel should be safe to
1012     use at this point.
1013 frogger 1.8
1014     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1015    
1016     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1017     hardened-sources-2.4.20-r3.ebuild:
1018     New revision. Includes the following changes over -r2:
1019 plasmaroo 1.18
1020 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1021     - Super FreeS/WAN 1.99.7rc2
1022     - PaX for the LSM/SELinux branch
1023     - GRSecurity 2.0-pre4 (role based access control)
1024     - Systrace 1.3
1025     - EXT3 fixes
1026     - EVMS 2.0.1
1027     - GCC 3.1+ compile optimizations
1028     - ProPolice kernel build support
1029     - Hashing table security fixes
1030 frogger 1.3
1031     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1032 frogger 1.7
1033     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1034     Initial import of hardened-sources-r2. This new
1035     ebuild includes many new performance and security
1036     related patches. As in -r1, it will patch in
1037     LSM/SELinux if "selinux" is in USE, otherwise it
1038     will patch in GRSecurity. The following patches
1039     are included in this revision:
1040 plasmaroo 1.18
1041 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1042     (pulled from the base CK patch)
1043     - ptrace exploit patch for the LSM kernel
1044     (the GRSec patch already fixes this)
1045     - LSM 2.4-2003040709
1046     - SELinux 2.4-2003040709
1047     - Systrace v1.2
1048     - IPTables patch-o-matic base patches - 20030107
1049     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1050     - Super FreeS/WAN 1.99.6.1
1051     - GRSecurity 1.9.9g
1052     - MPPE
1053     - EXT3 data journal fix
1054     - CIPE 1.5.4
1055 frogger 1.6
1056     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1057     hardened-sources-2.4.20-r1.ebuild, manifest:
1058 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1059 frogger 1.5
1060     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1061     hardened-sources-2.4.20-r1.ebuild:
1062     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1063     is patched in instead. Ptrace patches for selinux have also been added. In
1064     either case, systrace support will be patched in as well.
1065 frogger 1.3
1066     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1067     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1068 plasmaroo 1.18 Revision bump for new sources.
1069 frogger 1.4
1070 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1071 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1072 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1073 method 1.1
1074 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1075    
1076 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1077     hardened-sources-2.4.20.ebuild:
1078 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20