/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.170 - (hide annotations) (download)
Thu Aug 16 16:19:06 2007 UTC (7 years, 4 months ago) by phreak
Branch: MAIN
Changes since 1.169: +7 -1 lines
Revision bump for Linux 2.6.21.6.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.170 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.169 2007/08/16 16:15:03 phreak Exp $
4    
5     *hardened-sources-2.6.21-r4 (16 Aug 2007)
6    
7     16 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.21-r4.ebuild:
9     Revision bump for Linux 2.6.21.6.
10 phreak 1.169
11     *hardened-sources-2.6.20-r7 (16 Aug 2007)
12    
13     16 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.20-r7.ebuild:
15     Revision bump for Linux 2.6.20.16.
16 phreak 1.168
17     *hardened-sources-2.6.22-r1 (13 Aug 2007)
18    
19     13 Aug 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.22-r1.ebuild:
21     Yet another revision bump.
22 phreak 1.167
23     *hardened-sources-2.6.22 (10 Aug 2007)
24    
25     10 Aug 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.6.22.ebuild:
27     Initial release for 2.6.22. If you are using hardened-sources on a desktop
28     machine (P4 or newer), be aware you might need to disable
29     CONFIG_PAX_PAGEEXEC.
30 phreak 1.166
31     04 Aug 2007; Christian Heim <phreak@gentoo.org>
32     hardened-sources-2.6.20-r6.ebuild:
33     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
34     2.6.20.15.
35 phreak 1.165
36     10 Jul 2007; Christian Heim <phreak@gentoo.org>
37     hardened-sources-2.6.20-r5.ebuild:
38     Marking hardened-sources-2.6.20-r5 stable on ppc.
39 phreak 1.164
40     10 Jul 2007; Christian Heim <phreak@gentoo.org>
41     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
42     Cleanup.
43 phreak 1.163
44     *hardened-sources-2.6.20-r6 (08 Jul 2007)
45    
46     08 Jul 2007; Christian Heim <phreak@gentoo.org>
47     +hardened-sources-2.6.20-r6.ebuild:
48     Revision bump, grabbing yet another stable release.
49 phreak 1.162
50     17 Jun 2007; Christian Heim <phreak@gentoo.org>
51     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
52     -hardened-sources-2.6.21-r2.ebuild:
53     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
54     alpha stable KEYWORD by mistake.
55 phreak 1.161
56     17 Jun 2007; Christian Heim <phreak@gentoo.org>
57     hardened-sources-2.6.20-r5.ebuild:
58     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
59     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
60 phreak 1.160
61     *hardened-sources-2.6.21-r3 (12 Jun 2007)
62    
63     12 Jun 2007; Christian Heim <phreak@gentoo.org>
64     +hardened-sources-2.6.21-r3.ebuild:
65     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
66     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
67     love.
68 phreak 1.159
69     *hardened-sources-2.6.20-r5 (11 Jun 2007)
70    
71     11 Jun 2007; Christian Heim <phreak@gentoo.org>
72     +hardened-sources-2.6.20-r5.ebuild:
73     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
74     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
75     love.
76 pappy 1.158
77     *hardened-sources-2.4.34.5 (11 Jun 2007)
78    
79     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
80     +hardened-sources-2.4.34.5.ebuild:
81     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
82 phreak 1.157
83     30 May 2007; Christian Heim <phreak@gentoo.org>
84     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
85     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
86     stale ebuild(s).
87 phreak 1.156
88     30 May 2007; Christian Heim <phreak@gentoo.org>
89     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
90     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
91     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
92     Doing some cleanups, remove stale ebuilds.
93 phreak 1.155
94     26 May 2007; Christian Heim <phreak@gentoo.org>
95     hardened-sources-2.6.21-r2.ebuild:
96     Fixing the grsecurity patch, had one '};' too much.
97 phreak 1.154
98     *hardened-sources-2.6.21-r2 (26 May 2007)
99    
100     26 May 2007; Christian Heim <phreak@gentoo.org>
101     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
102     +hardened-sources-2.6.21-r2.ebuild:
103     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
104     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
105 phreak 1.153
106     *hardened-sources-2.6.20-r4 (26 May 2007)
107    
108     26 May 2007; Christian Heim <phreak@gentoo.org>
109     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
110     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
111 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
112 phreak 1.152
113     15 May 2007; Christian Heim <phreak@gentoo.org>
114     hardened-sources-2.6.20-r3.ebuild:
115     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
116     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
117     grsecurity patch fail in that exact same hunk.
118 phreak 1.151
119     *hardened-sources-2.6.20-r3 (15 May 2007)
120    
121     15 May 2007; Christian Heim <phreak@gentoo.org>
122     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
123     Revision bump, incorporating Linux 2.6.20.11.
124    
125     *hardened-sources-2.6.21-r1 (11 May 2007)
126    
127     11 May 2007; Christian Heim <phreak@gentoo.org>
128     +hardened-sources-2.6.21-r1.ebuild:
129     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
130     mentioned in #177234.
131 kevquinn 1.150
132     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
133     files/digest-hardened-sources-2.6.21, Manifest:
134     Fix Manifest/digest for linux-2.6.21.tar.bz2
135 phreak 1.149
136     06 May 2007; Christian Heim <phreak@gentoo.org>
137     hardened-sources-2.6.21.ebuild:
138     Bumping the hardened-patches version, needed for the fix for #177234.
139 phreak 1.148
140     *hardened-sources-2.6.21 (02 May 2007)
141    
142     02 May 2007; Christian Heim <phreak@gentoo.org>
143     +hardened-sources-2.6.21.ebuild:
144     Version bump, Linux 2.6.21-hardened.
145 phreak 1.147
146     29 Apr 2007; Christian Heim <phreak@gentoo.org>
147     hardened-sources-2.6.20-r2.ebuild:
148     Adding ~ia64 on Ned's request.
149 phreak 1.146
150     29 Apr 2007; Christian Heim <phreak@gentoo.org>
151     hardened-sources-2.6.20-r2.ebuild:
152     Fixing the included grsecurity patch, wasn't alligning due to the Index:
153     header line(s).
154 phreak 1.145
155     29 Apr 2007; Christian Heim <phreak@gentoo.org>
156     hardened-sources-2.6.20-r2.ebuild:
157     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
158 armin76 1.144
159     *hardened-sources-2.6.20-r2 (10 Apr 2007)
160    
161     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
162     +hardened-sources-2.6.20-r2.ebuild:
163     Version bump, on behalf of phreak
164 phreak 1.143
165     *hardened-sources-2.6.20-r1 (04 Apr 2007)
166    
167     04 Apr 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.6.20-r1.ebuild:
169     Revision bump, grabbing a newer grsecurity snapshot.
170 phreak 1.142
171     *hardened-sources-2.6.20 (25 Mar 2007)
172    
173     25 Mar 2007; Christian Heim <phreak@gentoo.org>
174     +hardened-sources-2.6.20.ebuild:
175     Finally a hardened-sources version for 2.6.20; many people have been waiting
176     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
177     testbox.
178 chainsaw 1.141
179     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
180     hardened-sources-2.6.18-r6.ebuild:
181     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
182 phreak 1.140
183     *hardened-sources-2.6.18-r6 (16 Mar 2007)
184    
185     16 Mar 2007; Christian Heim <phreak@gentoo.org>
186     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
187     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
188     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
189     supposed to be.
190 phreak 1.139
191     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
192     Fixing the Manifest, the previous one was broken (as in still had the
193     deleted ebuild in it).
194 phreak 1.138
195     06 Mar 2007; Christian Heim <phreak@gentoo.org>
196     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
197     +hardened-sources-2.6.18-r5.ebuild:
198     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
199     Linux 2.6.18.8. Also cleaning up the older version.
200    
201     *hardened-sources-2.6.18-r5 (06 Mar 2007)
202    
203     06 Mar 2007; Christian Heim <phreak@gentoo.org>
204     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
205     +hardened-sources-2.6.18-r5.ebuild:
206     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
207     Linux 2.6.18.8. Also cleaning up the older version.
208 phreak 1.137
209     24 Feb 2007; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
211     -hardened-sources-2.6.19-r5.ebuild:
212     Removing some of the old version, that didn't work.
213 phreak 1.136
214     *hardened-sources-2.6.19-r6 (12 Feb 2007)
215    
216     12 Feb 2007; Christian Heim <phreak@gentoo.org>
217     +hardened-sources-2.6.19-r6.ebuild:
218     Revision bump, including a new grsec version fixing #166235.
219 pappy 1.134
220     *hardened-sources-2.4.34 (24 Jan 2007)
221    
222     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
223 pappy 1.135 Manifest:
224     updating Manifest with checksums of new tarball and ebuild
225    
226     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
227 pappy 1.134 +hardened-sources-2.4.34.ebuild:
228     I added new hardened sources 2.4 update, this is a critical path
229     security bugfix - all users of h-s are strongly advised
230     to update their existing hardened sources to this version.
231     It contains a fix for a kernel vulnerability that is pertaining
232     to the PaX changes to virtual memory management, possibly leading
233     to a local kernel exploit ... see grsecurity.net forums and homepage
234 phreak 1.133
235     23 Jan 2007; Christian Heim <phreak@gentoo.org>
236     files/digest-hardened-sources-2.6.19-r5, Manifest:
237     Fixing the patch-tarball digest.
238 phreak 1.132
239     *hardened-sources-2.6.19-r5 (23 Jan 2007)
240    
241     23 Jan 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.19-r5.ebuild:
243     Revision bump, closing the recently discovered PaX expand_stack()
244     vulnerability.
245 phreak 1.131
246     *hardened-sources-2.6.19-r4 (14 Jan 2007)
247    
248     14 Jan 2007; Christian Heim <phreak@gentoo.org>
249     +hardened-sources-2.6.19-r4.ebuild:
250     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
251     dropping the randomized PID feature.
252 opfer 1.130
253     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
254     hardened-sources-2.4.33.4.ebuild:
255     stable x86, bug #161171
256 phreak 1.129
257     *hardened-sources-2.6.19-r3 (27 Dec 2006)
258    
259     27 Dec 2006; Christian Heim <phreak@gentoo.org>
260     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
261     Revision bump for bug #157186 and #158786.
262 phreak 1.128
263     *hardened-sources-2.6.18-r4 (27 Dec 2006)
264    
265     27 Dec 2006; Christian Heim <phreak@gentoo.org>
266     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
267     Revision bump for bug #157186.
268 phreak 1.127
269     *hardened-sources-2.6.19-r2 (23 Dec 2006)
270    
271     23 Dec 2006; Christian Heim <phreak@gentoo.org>
272     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
273     Revision bump to pull in genpatches-2.6.19-3 for #157186.
274 phreak 1.126
275     17 Dec 2006; Christian Heim <phreak@gentoo.org>
276     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
277     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
278     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
279     hardened-sources-2.6.19-r1.ebuild:
280     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
281     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
282 pappy 1.125
283     *hardened-sources-2.4.33.4 (17 Dec 2006)
284    
285     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
286     +hardened-sources-2.4.33.4.ebuild:
287     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
288     and quilting
289 phreak 1.124
290     *hardened-sources-2.6.19-r1 (14 Dec 2006)
291    
292     14 Dec 2006; Christian Heim <phreak@gentoo.org>
293     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
294     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
295     for reporting).
296 phreak 1.123
297     *hardened-sources-2.6.19 (13 Dec 2006)
298    
299     13 Dec 2006; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.6.19.ebuild:
301     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
302     Brad for providing that prompt update.
303 phreak 1.122
304     *hardened-sources-2.6.18-r3 (13 Dec 2006)
305    
306     13 Dec 2006; Christian Heim <phreak@gentoo.org>
307     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
308     +hardened-sources-2.6.18-r3.ebuild:
309     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
310     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
311 phreak 1.121
312     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
313     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
314 nixnut 1.120
315     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
316     Stable on ppc wrt bug 157356
317 opfer 1.119
318     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
319     hardened-sources-2.6.18.ebuild:
320     stable x86, bug #157356
321 phreak 1.118
322     *hardened-sources-2.6.18-r2 (06 Dec 2006)
323    
324     06 Dec 2006; Christian Heim <phreak@gentoo.org>
325     +hardened-sources-2.6.18-r2.ebuild:
326     Revision bump, including 2.6.18.5 (via genpatches) and
327     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
328     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
329     redesign.
330 phreak 1.117
331     06 Dec 2006; Christian Heim <phreak@gentoo.org>
332     hardened-sources-2.6.18.ebuild:
333     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
334     of Mike Doty).
335 phreak 1.116
336     *hardened-sources-2.6.18-r1 (23 Nov 2006)
337    
338     23 Nov 2006; Christian Heim <phreak@gentoo.org>
339     +hardened-sources-2.6.18-r1.ebuild:
340     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
341 phreak 1.115
342     *hardened-sources-2.6.18 (11 Nov 2006)
343    
344     11 Nov 2006; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.18.ebuild:
346     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
347 solar 1.114
348     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
349     - mark amd64 stable also. bug #151877
350 solar 1.113
351     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
352     - mark 2.6.17-r1 stable
353 phreak 1.112
354     27 Aug 2006; Christian Heim <phreak@gentoo.org>
355     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
356     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
357 phreak 1.111
358     *hardened-sources-2.6.17-r1 (26 Aug 2006)
359    
360     26 Aug 2006; Christian Heim <phreak@gentoo.org>
361     +hardened-sources-2.6.17-r1.ebuild:
362     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
363     grsecurity patch.
364 phreak 1.110
365     *hardened-sources-2.6.17 (17 Aug 2006)
366    
367     17 Aug 2006; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.6.17.ebuild:
369     Bumping the hardened-sources-2.6 series to 2.6.17, using
370     genpatches-2.6.17-6.base.
371 solar 1.109
372     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
373     - stable on x86 and amd64
374 solar 1.108
375     *hardened-sources-2.6.16-r11 (15 Jul 2006)
376    
377     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
378     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
379     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
380     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
381     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
382     crusty ebuilds
383 johnm 1.107
384     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
385     hardened-sources-2.6.16-r10.ebuild:
386     marking stable on x86 and amd64
387 solar 1.106
388     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
389     - 2.4.32-r6 stable on x86. RSBAC state unknown
390 kang 1.105
391     *hardened-sources-2.4.32-r7 (10 Jul 2006)
392    
393     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
394     +hardened-sources-2.4.32-r7.ebuild:
395     Bump PaX for RSBAC to test-17
396 johnm 1.104
397     *hardened-sources-2.6.16-r9 (03 Jul 2006)
398    
399     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
400     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
401     hardened-sources-2.6.16 bump to latest -base.
402 solar 1.103
403     *hardened-sources-2.4.32-r6 (30 Jun 2006)
404    
405     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
406     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
407     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
408     sysctl controlable resource logging
409 johnm 1.102
410     *hardened-sources-2.6.16-r7 (05 Jun 2006)
411    
412     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
413     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
414     push new 2.6.16 release in preparation for stable
415 solar 1.101
416     22 May 2006; <solar@gentoo.org> :
417     - redigest bug 134002
418 kang 1.100
419     *hardened-sources-2.4.32-r5 (16 May 2006)
420    
421     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
422     +hardened-sources-2.4.32-r5.ebuild:
423     Fixes rsbac common patching (new patch in new -r5 patchset)
424 solar 1.99
425     *hardened-sources-2.4.32-r4 (13 May 2006)
426    
427     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
428     +hardened-sources-2.4.32-r4.ebuild:
429     - security bumps
430 johnm 1.98
431     *hardened-sources-2.6.16-r6 (03 May 2006)
432    
433     03 May 2006; John Mylchreest <johnm@gentoo.org>
434     +hardened-sources-2.6.16-r6.ebuild:
435     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
436 johnm 1.97
437     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
438     hardened-sources-2.6.14-r8.ebuild:
439     fix x86_64 build problem, this will delay the digest issue again for a short
440     while but it will sort itself out
441 johnm 1.96
442     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
443     hardened-sources-2.6.14-r8.ebuild:
444     bump hardened patchset
445 antarus 1.94
446     27 Apr 2006; Alec Warner <antarus@gentoo.org>
447     files/digest-hardened-sources-2.4.32-r2,
448     files/digest-hardened-sources-2.4.32-r3,
449     files/digest-hardened-sources-2.6.14-r8, Manifest:
450     Fixing duff SHA256 digests: Bug # 131293
451 johnm 1.93
452 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
453    
454     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
455     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
456     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
457     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
458     cleanup of old uneccessary sources
459    
460 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
461     fix digest
462 johnm 1.92
463     *hardened-sources-2.6.14-r8 (20 Apr 2006)
464    
465     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
466     +hardened-sources-2.6.14-r8.ebuild:
467     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
468 johnm 1.91
469     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
470     Turning on gpg-signing again, and recomitting
471 johnm 1.90
472     *hardened-sources-2.6.16-r4 (20 Apr 2006)
473    
474     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
475     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
476     +hardened-sources-2.6.16-r4.ebuild:
477     Fix numerous security vulns
478 solar 1.89
479     *hardened-sources-2.4.32-r3 (16 Apr 2006)
480    
481     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
482     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
483     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
484     - security bump for bug #112791. Removed old ebuilds
485 johnm 1.88
486     *hardened-sources-2.6.16-r3 (15 Apr 2006)
487    
488     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
489     +hardened-sources-2.6.16-r3.ebuild:
490     Removing silly localversion which I missed
491 johnm 1.87
492     *hardened-sources-2.6.14-r7 (14 Apr 2006)
493    
494     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
495     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
496     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
497 johnm 1.86
498     *hardened-sources-2.6.16-r2 (13 Apr 2006)
499    
500     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
501     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
502     +hardened-sources-2.6.16-r2.ebuild:
503     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
504     labels, dropping USERGROUP define fixes, since these were merged mainstream.
505 johnm 1.85
506     *hardened-sources-2.6.16-r1 (11 Apr 2006)
507    
508     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
509     +hardened-sources-2.6.16-r1.ebuild:
510     Bumping to include ppc build fix and 2.6.16.3
511 tsunam 1.84
512     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
513     hardened-sources-2.6.14-r6.ebuild:
514     Stable on x86; bug #127718
515 johnm 1.83
516     *hardened-sources-2.6.16 (31 Mar 2006)
517    
518     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
519     +hardened-sources-2.6.16.ebuild:
520     Bumping to new version of grsec, and kernel base. New squashfs. Based on
521     2.6.16.1
522 cryos 1.82
523     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
524     hardened-sources-2.6.14-r6.ebuild:
525     Stable on amd64, bug 127718.
526 nixnut 1.81
527     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
528     Stable on ppc. Bug #127718
529 johnm 1.80
530     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
531     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
532     -hardened-sources-2.6.14-r4.ebuild:
533     Cleanup.
534 johnm 1.79
535     *hardened-sources-2.6.14-r6 (15 Mar 2006)
536    
537     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
538     +hardened-sources-2.6.14-r6.ebuild:
539     Fixes grsec policy recreation bug and adds a
540     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
541 solar 1.78
542     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
543     - stable on x86
544 hansmi 1.77
545     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
546     hardened-sources-2.6.14-r5.ebuild:
547     Stable on ppc.
548 johnm 1.76
549     *hardened-sources-2.6.14-r5 (01 Feb 2006)
550    
551     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
552     +hardened-sources-2.6.14-r5.ebuild:
553     fixing every known exploit
554 solar 1.75
555     *hardened-sources-2.4.32-r2 (26 Jan 2006)
556    
557     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
558     +hardened-sources-2.4.32-r2.ebuild:
559     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
560 solar 1.74
561     *hardened-sources-2.6.14-r4 (12 Jan 2006)
562    
563     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
564     - version bump for new genpatches which fix up a few sec holes
565 solar 1.73
566     *hardened-sources-2.4.32-r1 (05 Jan 2006)
567    
568     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
569     - revision bump to add misc vital linux kernel security patches.
570 johnm 1.72
571     *hardened-sources-2.6.14-r3 (30 Dec 2005)
572    
573     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
574     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
575     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
576 johnm 1.71
577     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
578     hardened-sources-2.6.14-r2.ebuild:
579     making x86 & amd64 stable following testing.
580 johnm 1.70
581     *hardened-sources-2.6.14-r2 (27 Dec 2005)
582    
583     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
584     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
585     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
586     network hooks.
587 johnm 1.69
588     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
589     hardened-sources-2.6.14-r1.ebuild:
590     bumping to stable early for sec fix on x86 & amd64
591 johnm 1.68
592     *hardened-sources-2.6.14-r1 (05 Dec 2005)
593    
594     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
595     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
596     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
597 solar 1.67
598     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
599     - stable on x86 security bug #114227 CAN-2005-3257
600 kang 1.66
601     *hardened-sources-2.4.32 (19 Nov 2005)
602    
603     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
604     +hardened-sources-2.4.32.ebuild:
605     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
606     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
607     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
608     rsbac >> /etc/portage/package.use)
609 johnm 1.65
610     *hardened-sources-2.6.14 (14 Nov 2005)
611    
612     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
613     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
614     Bumping 2.6 series to 2.6.14.2
615 johnm 1.64
616     *hardened-sources-2.6.13-r2 (20 Oct 2005)
617    
618     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
619     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
620     +hardened-sources-2.6.13-r2.ebuild:
621     Fixes minor build error in ppc.
622 johnm 1.63
623     *hardened-sources-2.6.13-r1 (17 Oct 2005)
624    
625     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
626     +hardened-sources-2.6.13-r1.ebuild:
627     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
628     2.6.13.4, fixes some major amd64 stability problems.
629 johnm 1.62
630     *hardened-sources-2.6.13 (16 Sep 2005)
631    
632     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
633     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
634     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
635     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
636     users should test this thoroughly.
637 solar 1.61
638     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
639     - stable on x86
640 johnm 1.60
641     *hardened-sources-2.6.11-r15 (27 Jun 2005)
642    
643     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
644     +hardened-sources-2.6.11-r15.ebuild:
645     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
646     grsec redefining curr_ip struct.
647 solar 1.59
648     *hardened-sources-2.4.31 (20 Jun 2005)
649    
650     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
651     initial import of 2.4.31 tree
652 johnm 1.58
653     *hardened-sources-2.6.11-r14 (14 Jun 2005)
654    
655     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
656     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
657     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
658     naming scheme to abide by genpatches
659 johnm 1.57
660     *hardened-sources-2.6.11-r13 (18 May 2005)
661    
662     18 May 2005; John Mylchreest <johnm@gentoo.org>
663     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
664     Managed to mangle the Makefile patch from grsec, to miss out the grsec
665     target. sorry about that. Fixes bug #93022
666 johnm 1.56
667     *hardened-sources-2.6.11-r12 (17 May 2005)
668    
669     17 May 2005; John Mylchreest <johnm@gentoo.org>
670     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
671     +hardened-sources-2.6.11-r12.ebuild:
672     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
673     merges in genpatches-base
674 johnm 1.55
675     *hardened-sources-2.6.11-r12 (17 May 2005)
676    
677     17 May 2005; John Mylchreest <johnm@gentoo.org>
678     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
679     +hardened-sources-2.6.11-r12.ebuild:
680     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
681     merges in genpatches-base
682 solar 1.54
683     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
684     -files/2.4.27-cmdline-race.patch,
685     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
686     -files/2.4.28-grsec-binfmt_a.out.patch,
687     -files/2.4.28-grsec-cmdline-race.patch,
688     -files/2.4.28-selinux-binfmt_a.out.patch,
689     -files/2.4.28-selinux-cmdline-race.patch,
690     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
691     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
692     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
693     cleanup..
694 solar 1.53
695     *hardened-sources-2.4.30-r1 (21 Apr 2005)
696    
697     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
698     - disable aout by default
699 solar 1.52
700     *hardened-sources-2.4.30 (18 Apr 2005)
701    
702     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
703     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
704     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
705     use
706 tocharian 1.50
707 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
708    
709     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
710     +hardened-sources-2.4.29.ebuild:
711     New hardened-patches-2.4-29.0 patchball.
712     Removed SELinux support, upgraded GRSecurity to 2.1.4.
713    
714     *hardened-sources-2.4.28-r5 (06 Mar 2005)
715    
716     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
717     +hardened-sources-2.4.28-r5.ebuild:
718     Added a fix for a PaX vulnerability.
719    
720     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
722     Stable on x86
723 solar 1.49
724     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
725     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
726     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
727     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
728     - fixed/added RDEPEND= in all kernel-2 ebuilds
729 tocharian 1.48
730     *hardened-sources-2.4.28-r4 (21 Jan 2005)
731    
732     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
733     +hardened-sources-2.4.28-r4.ebuild:
734     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
735     backport of neighbour hash updates.
736 tocharian 1.47
737     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
738     hardened-sources-2.4.28-r3.ebuild:
739     Stable on x86
740 tseng 1.46
741     *hardened-sources-2.6.10-r3 (20 Jan 2005)
742    
743     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
744     +hardened-sources-2.6.10-r3.ebuild:
745     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
746     in 2005.0
747 tocharian 1.45
748     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
749     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
750     hardened-sources-2.4.28-r2.ebuild:
751     Mark stable on x86
752 tocharian 1.44
753     *hardened-sources-2.4.28-r3 (17 Jan 2005)
754    
755     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
756     +hardened-sources-2.4.28-r3.ebuild:
757     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
758 tocharian 1.43
759     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
760     hardened-sources-2.4.28.ebuild:
761     Mark stable on x86.
762 tocharian 1.42
763     *hardened-sources-2.4.28-r2 (13 Jan 2005)
764    
765     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
766     +hardened-sources-2.4.28-r2.ebuild:
767     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
768     Mazinger for grsecurity patches as well.
769 plasmaroo 1.41
770     *hardened-sources-2.4.28-r1 (23 Dec 2004)
771    
772     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
773     Security bump. Thank tocharian for rolling a new patchset...
774 solar 1.40
775     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
776     +files/2.4.28-grsec-cmdline-race.patch,
777     +files/2.4.28-selinux-binfmt_a.out.patch,
778     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
779     - Round up remaining security patches that appear to be missing in 2.4.28. -
780     PaX standalone updated to current. hgpv=28.1
781 solar 1.39
782     *hardened-sources-2.4.28 (28 Nov 2004)
783    
784     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
785     security bump. Thank tocharian for rolling a new patchset
786 scox 1.31
787 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
788    
789     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
790     +hardened-sources-2.4.27-r3.ebuild:
791     Applies the new 2.4-27.2 patchball which updates
792     GRSecurity to the 2.0.1 version.
793    
794 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
795    
796     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
797     +hardened-sources-2.4.27-r2.ebuild:
798     Version bump.
799     This version uses the new 2.4-27.1 patchball which updates
800     both the SELinux PaX hooks patch and the SELinux headers.
801    
802 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
803    
804     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
805     +hardened-sources-2.4.27-r1.ebuild,
806     -hardened-sources-2.4.27.ebuild,
807     +files/2.4.27-cmdline-race.patch:
808     Version bump, fix for cmdline race. See bug #59905.
809    
810     *hardened-sources-2.4.26-r6 (09 Aug 2004)
811    
812     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
813     +hardened-sources-2.4.26-r6.ebuild,
814     -hardened-sources-2.4.26-r5.ebuild,
815     -hardened-sources-2.4.26-r4.ebuild,
816     +files/2.4.26-cmdline-race.patch:
817     Version bump, fix for cmdline race. See bug #59905.
818    
819 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
820    
821     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
822     +hardened-sources-2.4.27.ebuild,
823     +files/2.4.27-CAN-2004-0394.patch:
824     Ported the patchball to the 2.4.27 kernel version.
825    
826 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
827    
828     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
829     +hardened-sources-2.4.26-r5.ebuild:
830 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
831 scox 1.34 It adds the following features:
832     - Squashfs
833     - Ebtables
834     - Netdev random (core+drivers)
835     - Watchdog Timer (WDT) fix.
836    
837 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
838    
839     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
840     +hardened-sources-2.4.26-r4.ebuild,
841     +files/2.4.26-CAN-2004-0415.patch,
842     -hardened-sources-2.4.26-3:
843     Version bump, fix for CAN 0415, see bug #59378.
844    
845 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
846    
847     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
848     +hardened-sources-2.4.26-r3.ebuild,
849     +files/2.4.26-CAN-2004-0497.patch,
850     -hardened-sources-2.4.26-r2.ebuild:
851     Version bump, fixed CAN 0497, see bug #56171.
852    
853 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
854    
855     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
856 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
857 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
858     +files/2.4.26-CAN-2004-0535.patch,
859     -hardened-sources-2.4.26-r1.ebuild:
860     Fixes for both CAN 0495 and 0535, see bug #54976
861 pvdabeel 1.27
862 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
863     hardened-sources-2.4.26-r1.ebuild:
864     QA - fix use invocation
865 scox 1.28
866     *hardened-sources-2.4.26-r1 (22 June 2004)
867    
868     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
869     +hardened-sources-2.4.26-r1.ebuild,
870     +files/2.4.26-CAN-2004-0394.patch,
871     +files/2.4.26-signal-race.patch,
872     -hardened-sources-2.4.26.ebuild,
873     -hardened-sources-2.4.24-r3.ebuild:
874     Version bump for the CAN-2004-0394 issue and bug #53804
875     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
876    
877    
878 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
879     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
880     Masked hardened-sources-2.4.26.ebuild broken for ppc
881    
882     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
883     hardened-sources-2.4.24-r3.ebuild:
884     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
885 plasmaroo 1.25
886 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
887    
888     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
889     +hardened-sources-2.4.26.ebuild:
890     Updated hardened-sources for the 2.4.26 kernel
891     Removed broken components, updated almost everything.
892    
893 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
894    
895     17 Apr 2004; <plasmaroo@gentoo.org>
896     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
897     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
898     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
899     +hardened-sources-2.4.24-r3.ebuild:
900     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
901     vulnerabilities. Old revisions removed.
902 plasmaroo 1.24
903     *hardened-sources-2.4.24-r2 (15 Apr 2004)
904    
905     15 Apr 2004; <plasmaroo@gentoo.org>
906     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
907     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
908     Version bump for the CAN-2004-0109 issue; bug #47881.
909 aliz 1.23
910     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
911     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
912     Add eutils to inherit.
913 plasmaroo 1.22
914     *hardened-sources-2.4.24-r1 (19 Feb 2004)
915    
916     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
917     files/hardened-sources-2.4.24.munmap.patch:
918     Added the patch for the mremap/munmap vulnerability. Bug #42024.
919 scox 1.19
920 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
921 scox 1.26
922 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
923     hardened-sources-2.4.24.ebuild:
924     Version bump, updated most of the components.
925     This release includes the following:
926    
927     - Hardened security
928     - Netfilter patch-o-matic 20031219
929     - FreeSWAN 2.04 & x509 1.4.8
930     - EVMS 2.2.2
931     - XFS 1.3.1
932     - cryptoloop jari
933     - grsecurity 2.0-rc4
934     - SELinux
935     - PaX 200402060000
936     - PaX Obscurity 200308302223
937     - Others...
938    
939     Neither -ck nor systrace are included anymore.
940    
941 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
942    
943     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
944     hardened-sources-2.4.22-r2.ebuild:
945 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
946 scox 1.19
947     *hardened-sources-2.4.22-r1 (02 Dec 2003)
948 iggy 1.17
949     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
950 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
951 iggy 1.16
952     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
953 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
954     Version bump for the 'do_brk' vulnerability.
955 iggy 1.15
956     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
957     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
958     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
959     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
960 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
961 frogger 1.14
962     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
963     hardened-sources-2.4.22.ebuild:
964 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
965     components. These are no longer handled in the kernel
966     so this code was not necessary.
967 frogger 1.13
968     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
969     New 2.4.22 based hardened-sources thanks to
970     Phil West <p.west@computer.org>.
971    
972     These sources include:
973 plasmaroo 1.18 - New SELinux API
974     - Updated CK-base
975     - Updated GRSec
976     - Systrace
977     - SuperFreeS/WAN 1.99.8
978     - Propolice kernel build support
979     - EVMS
980     - Other various security related patches
981 frogger 1.11
982 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
983    
984     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
985     Updated hardened-sources based on the 2.4.21 Linux kernel.
986     This includes updates to most major components such as:
987 plasmaroo 1.18 - ck-base-0306300059
988     - selinux-2.4-2003071106
989     - grsecurity-2.0-rc1
990     - Updated IPTables patch-o-matic
991     - Updated SuperFreeS/WAN
992    
993 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
994     updated patch set ready for the 2.4.21 based kernel.
995    
996 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
997     Initial import of hardened-sources-2.4.20-r4. This revision
998     includes only a few changes, but one of these is an important
999     security fix. It is recommended all users of hardened-sources
1000     upgrade to this release.
1001 plasmaroo 1.18
1002 frogger 1.11 - ioperm bug fix
1003     - fixed compilation failure when building without GRSec
1004 plasmaroo 1.18
1005 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1006     due to time constraints, but is planned for inclusion in the near
1007     future.
1008 msterret 1.10
1009     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1010    
1011     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1012     hardened-sources-2.4.20-r3.ebuild:
1013 plasmaroo 1.18 Add Header...
1014 frogger 1.9
1015     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1016     hardened-sources-2.4.20-r3.ebuild:
1017     Removed warnings from ebuild. This kernel should be safe to
1018     use at this point.
1019 frogger 1.8
1020     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1021    
1022     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1023     hardened-sources-2.4.20-r3.ebuild:
1024     New revision. Includes the following changes over -r2:
1025 plasmaroo 1.18
1026 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1027     - Super FreeS/WAN 1.99.7rc2
1028     - PaX for the LSM/SELinux branch
1029     - GRSecurity 2.0-pre4 (role based access control)
1030     - Systrace 1.3
1031     - EXT3 fixes
1032     - EVMS 2.0.1
1033     - GCC 3.1+ compile optimizations
1034     - ProPolice kernel build support
1035     - Hashing table security fixes
1036 frogger 1.3
1037     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1038 frogger 1.7
1039     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1040     Initial import of hardened-sources-r2. This new
1041     ebuild includes many new performance and security
1042     related patches. As in -r1, it will patch in
1043     LSM/SELinux if "selinux" is in USE, otherwise it
1044     will patch in GRSecurity. The following patches
1045     are included in this revision:
1046 plasmaroo 1.18
1047 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1048     (pulled from the base CK patch)
1049     - ptrace exploit patch for the LSM kernel
1050     (the GRSec patch already fixes this)
1051     - LSM 2.4-2003040709
1052     - SELinux 2.4-2003040709
1053     - Systrace v1.2
1054     - IPTables patch-o-matic base patches - 20030107
1055     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1056     - Super FreeS/WAN 1.99.6.1
1057     - GRSecurity 1.9.9g
1058     - MPPE
1059     - EXT3 data journal fix
1060     - CIPE 1.5.4
1061 frogger 1.6
1062     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1063     hardened-sources-2.4.20-r1.ebuild, manifest:
1064 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1065 frogger 1.5
1066     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1067     hardened-sources-2.4.20-r1.ebuild:
1068     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1069     is patched in instead. Ptrace patches for selinux have also been added. In
1070     either case, systrace support will be patched in as well.
1071 frogger 1.3
1072     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1073     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1074 plasmaroo 1.18 Revision bump for new sources.
1075 frogger 1.4
1076 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1077 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1078 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1079 method 1.1
1080 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1081    
1082 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1083     hardened-sources-2.4.20.ebuild:
1084 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20