/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.171 - (hide annotations) (download)
Thu Aug 16 20:02:59 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.170: +7 -1 lines
Version bump, initial version for Linux 2.4.35.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.171 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.170 2007/08/16 16:19:06 phreak Exp $
4    
5     *hardened-sources-2.4.35 (16 Aug 2007)
6    
7     16 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.4.35.ebuild:
9     Version bump, initial version for Linux 2.4.35.
10 phreak 1.170
11     *hardened-sources-2.6.21-r4 (16 Aug 2007)
12    
13     16 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.21-r4.ebuild:
15     Revision bump for Linux 2.6.21.6.
16 phreak 1.169
17     *hardened-sources-2.6.20-r7 (16 Aug 2007)
18    
19     16 Aug 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.20-r7.ebuild:
21     Revision bump for Linux 2.6.20.16.
22 phreak 1.168
23     *hardened-sources-2.6.22-r1 (13 Aug 2007)
24    
25     13 Aug 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.6.22-r1.ebuild:
27     Yet another revision bump.
28 phreak 1.167
29     *hardened-sources-2.6.22 (10 Aug 2007)
30    
31     10 Aug 2007; Christian Heim <phreak@gentoo.org>
32     +hardened-sources-2.6.22.ebuild:
33     Initial release for 2.6.22. If you are using hardened-sources on a desktop
34     machine (P4 or newer), be aware you might need to disable
35     CONFIG_PAX_PAGEEXEC.
36 phreak 1.166
37     04 Aug 2007; Christian Heim <phreak@gentoo.org>
38     hardened-sources-2.6.20-r6.ebuild:
39     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
40     2.6.20.15.
41 phreak 1.165
42     10 Jul 2007; Christian Heim <phreak@gentoo.org>
43     hardened-sources-2.6.20-r5.ebuild:
44     Marking hardened-sources-2.6.20-r5 stable on ppc.
45 phreak 1.164
46     10 Jul 2007; Christian Heim <phreak@gentoo.org>
47     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
48     Cleanup.
49 phreak 1.163
50     *hardened-sources-2.6.20-r6 (08 Jul 2007)
51    
52     08 Jul 2007; Christian Heim <phreak@gentoo.org>
53     +hardened-sources-2.6.20-r6.ebuild:
54     Revision bump, grabbing yet another stable release.
55 phreak 1.162
56     17 Jun 2007; Christian Heim <phreak@gentoo.org>
57     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
58     -hardened-sources-2.6.21-r2.ebuild:
59     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
60     alpha stable KEYWORD by mistake.
61 phreak 1.161
62     17 Jun 2007; Christian Heim <phreak@gentoo.org>
63     hardened-sources-2.6.20-r5.ebuild:
64     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
65     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
66 phreak 1.160
67     *hardened-sources-2.6.21-r3 (12 Jun 2007)
68    
69     12 Jun 2007; Christian Heim <phreak@gentoo.org>
70     +hardened-sources-2.6.21-r3.ebuild:
71     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
72     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
73     love.
74 phreak 1.159
75     *hardened-sources-2.6.20-r5 (11 Jun 2007)
76    
77     11 Jun 2007; Christian Heim <phreak@gentoo.org>
78     +hardened-sources-2.6.20-r5.ebuild:
79     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
80     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
81     love.
82 pappy 1.158
83     *hardened-sources-2.4.34.5 (11 Jun 2007)
84    
85     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
86     +hardened-sources-2.4.34.5.ebuild:
87     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
88 phreak 1.157
89     30 May 2007; Christian Heim <phreak@gentoo.org>
90     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
91     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
92     stale ebuild(s).
93 phreak 1.156
94     30 May 2007; Christian Heim <phreak@gentoo.org>
95     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
96     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
97     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
98     Doing some cleanups, remove stale ebuilds.
99 phreak 1.155
100     26 May 2007; Christian Heim <phreak@gentoo.org>
101     hardened-sources-2.6.21-r2.ebuild:
102     Fixing the grsecurity patch, had one '};' too much.
103 phreak 1.154
104     *hardened-sources-2.6.21-r2 (26 May 2007)
105    
106     26 May 2007; Christian Heim <phreak@gentoo.org>
107     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
108     +hardened-sources-2.6.21-r2.ebuild:
109     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
110     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
111 phreak 1.153
112     *hardened-sources-2.6.20-r4 (26 May 2007)
113    
114     26 May 2007; Christian Heim <phreak@gentoo.org>
115     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
116     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
117 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
118 phreak 1.152
119     15 May 2007; Christian Heim <phreak@gentoo.org>
120     hardened-sources-2.6.20-r3.ebuild:
121     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
122     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
123     grsecurity patch fail in that exact same hunk.
124 phreak 1.151
125     *hardened-sources-2.6.20-r3 (15 May 2007)
126    
127     15 May 2007; Christian Heim <phreak@gentoo.org>
128     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
129     Revision bump, incorporating Linux 2.6.20.11.
130    
131     *hardened-sources-2.6.21-r1 (11 May 2007)
132    
133     11 May 2007; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.21-r1.ebuild:
135     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
136     mentioned in #177234.
137 kevquinn 1.150
138     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
139     files/digest-hardened-sources-2.6.21, Manifest:
140     Fix Manifest/digest for linux-2.6.21.tar.bz2
141 phreak 1.149
142     06 May 2007; Christian Heim <phreak@gentoo.org>
143     hardened-sources-2.6.21.ebuild:
144     Bumping the hardened-patches version, needed for the fix for #177234.
145 phreak 1.148
146     *hardened-sources-2.6.21 (02 May 2007)
147    
148     02 May 2007; Christian Heim <phreak@gentoo.org>
149     +hardened-sources-2.6.21.ebuild:
150     Version bump, Linux 2.6.21-hardened.
151 phreak 1.147
152     29 Apr 2007; Christian Heim <phreak@gentoo.org>
153     hardened-sources-2.6.20-r2.ebuild:
154     Adding ~ia64 on Ned's request.
155 phreak 1.146
156     29 Apr 2007; Christian Heim <phreak@gentoo.org>
157     hardened-sources-2.6.20-r2.ebuild:
158     Fixing the included grsecurity patch, wasn't alligning due to the Index:
159     header line(s).
160 phreak 1.145
161     29 Apr 2007; Christian Heim <phreak@gentoo.org>
162     hardened-sources-2.6.20-r2.ebuild:
163     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
164 armin76 1.144
165     *hardened-sources-2.6.20-r2 (10 Apr 2007)
166    
167     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
168     +hardened-sources-2.6.20-r2.ebuild:
169     Version bump, on behalf of phreak
170 phreak 1.143
171     *hardened-sources-2.6.20-r1 (04 Apr 2007)
172    
173     04 Apr 2007; Christian Heim <phreak@gentoo.org>
174     +hardened-sources-2.6.20-r1.ebuild:
175     Revision bump, grabbing a newer grsecurity snapshot.
176 phreak 1.142
177     *hardened-sources-2.6.20 (25 Mar 2007)
178    
179     25 Mar 2007; Christian Heim <phreak@gentoo.org>
180     +hardened-sources-2.6.20.ebuild:
181     Finally a hardened-sources version for 2.6.20; many people have been waiting
182     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
183     testbox.
184 chainsaw 1.141
185     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
186     hardened-sources-2.6.18-r6.ebuild:
187     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
188 phreak 1.140
189     *hardened-sources-2.6.18-r6 (16 Mar 2007)
190    
191     16 Mar 2007; Christian Heim <phreak@gentoo.org>
192     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
193     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
194     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
195     supposed to be.
196 phreak 1.139
197     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
198     Fixing the Manifest, the previous one was broken (as in still had the
199     deleted ebuild in it).
200 phreak 1.138
201     06 Mar 2007; Christian Heim <phreak@gentoo.org>
202     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
203     +hardened-sources-2.6.18-r5.ebuild:
204     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
205     Linux 2.6.18.8. Also cleaning up the older version.
206    
207     *hardened-sources-2.6.18-r5 (06 Mar 2007)
208    
209     06 Mar 2007; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
211     +hardened-sources-2.6.18-r5.ebuild:
212     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
213     Linux 2.6.18.8. Also cleaning up the older version.
214 phreak 1.137
215     24 Feb 2007; Christian Heim <phreak@gentoo.org>
216     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
217     -hardened-sources-2.6.19-r5.ebuild:
218     Removing some of the old version, that didn't work.
219 phreak 1.136
220     *hardened-sources-2.6.19-r6 (12 Feb 2007)
221    
222     12 Feb 2007; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.19-r6.ebuild:
224     Revision bump, including a new grsec version fixing #166235.
225 pappy 1.134
226     *hardened-sources-2.4.34 (24 Jan 2007)
227    
228     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
229 pappy 1.135 Manifest:
230     updating Manifest with checksums of new tarball and ebuild
231    
232     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
233 pappy 1.134 +hardened-sources-2.4.34.ebuild:
234     I added new hardened sources 2.4 update, this is a critical path
235     security bugfix - all users of h-s are strongly advised
236     to update their existing hardened sources to this version.
237     It contains a fix for a kernel vulnerability that is pertaining
238     to the PaX changes to virtual memory management, possibly leading
239     to a local kernel exploit ... see grsecurity.net forums and homepage
240 phreak 1.133
241     23 Jan 2007; Christian Heim <phreak@gentoo.org>
242     files/digest-hardened-sources-2.6.19-r5, Manifest:
243     Fixing the patch-tarball digest.
244 phreak 1.132
245     *hardened-sources-2.6.19-r5 (23 Jan 2007)
246    
247     23 Jan 2007; Christian Heim <phreak@gentoo.org>
248     +hardened-sources-2.6.19-r5.ebuild:
249     Revision bump, closing the recently discovered PaX expand_stack()
250     vulnerability.
251 phreak 1.131
252     *hardened-sources-2.6.19-r4 (14 Jan 2007)
253    
254     14 Jan 2007; Christian Heim <phreak@gentoo.org>
255     +hardened-sources-2.6.19-r4.ebuild:
256     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
257     dropping the randomized PID feature.
258 opfer 1.130
259     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
260     hardened-sources-2.4.33.4.ebuild:
261     stable x86, bug #161171
262 phreak 1.129
263     *hardened-sources-2.6.19-r3 (27 Dec 2006)
264    
265     27 Dec 2006; Christian Heim <phreak@gentoo.org>
266     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
267     Revision bump for bug #157186 and #158786.
268 phreak 1.128
269     *hardened-sources-2.6.18-r4 (27 Dec 2006)
270    
271     27 Dec 2006; Christian Heim <phreak@gentoo.org>
272     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
273     Revision bump for bug #157186.
274 phreak 1.127
275     *hardened-sources-2.6.19-r2 (23 Dec 2006)
276    
277     23 Dec 2006; Christian Heim <phreak@gentoo.org>
278     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
279     Revision bump to pull in genpatches-2.6.19-3 for #157186.
280 phreak 1.126
281     17 Dec 2006; Christian Heim <phreak@gentoo.org>
282     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
283     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
284     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
285     hardened-sources-2.6.19-r1.ebuild:
286     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
287     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
288 pappy 1.125
289     *hardened-sources-2.4.33.4 (17 Dec 2006)
290    
291     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
292     +hardened-sources-2.4.33.4.ebuild:
293     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
294     and quilting
295 phreak 1.124
296     *hardened-sources-2.6.19-r1 (14 Dec 2006)
297    
298     14 Dec 2006; Christian Heim <phreak@gentoo.org>
299     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
300     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
301     for reporting).
302 phreak 1.123
303     *hardened-sources-2.6.19 (13 Dec 2006)
304    
305     13 Dec 2006; Christian Heim <phreak@gentoo.org>
306     +hardened-sources-2.6.19.ebuild:
307     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
308     Brad for providing that prompt update.
309 phreak 1.122
310     *hardened-sources-2.6.18-r3 (13 Dec 2006)
311    
312     13 Dec 2006; Christian Heim <phreak@gentoo.org>
313     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
314     +hardened-sources-2.6.18-r3.ebuild:
315     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
316     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
317 phreak 1.121
318     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
319     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
320 nixnut 1.120
321     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
322     Stable on ppc wrt bug 157356
323 opfer 1.119
324     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
325     hardened-sources-2.6.18.ebuild:
326     stable x86, bug #157356
327 phreak 1.118
328     *hardened-sources-2.6.18-r2 (06 Dec 2006)
329    
330     06 Dec 2006; Christian Heim <phreak@gentoo.org>
331     +hardened-sources-2.6.18-r2.ebuild:
332     Revision bump, including 2.6.18.5 (via genpatches) and
333     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
334     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
335     redesign.
336 phreak 1.117
337     06 Dec 2006; Christian Heim <phreak@gentoo.org>
338     hardened-sources-2.6.18.ebuild:
339     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
340     of Mike Doty).
341 phreak 1.116
342     *hardened-sources-2.6.18-r1 (23 Nov 2006)
343    
344     23 Nov 2006; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.18-r1.ebuild:
346     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
347 phreak 1.115
348     *hardened-sources-2.6.18 (11 Nov 2006)
349    
350     11 Nov 2006; Christian Heim <phreak@gentoo.org>
351     +hardened-sources-2.6.18.ebuild:
352     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
353 solar 1.114
354     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
355     - mark amd64 stable also. bug #151877
356 solar 1.113
357     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
358     - mark 2.6.17-r1 stable
359 phreak 1.112
360     27 Aug 2006; Christian Heim <phreak@gentoo.org>
361     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
362     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
363 phreak 1.111
364     *hardened-sources-2.6.17-r1 (26 Aug 2006)
365    
366     26 Aug 2006; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.17-r1.ebuild:
368     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
369     grsecurity patch.
370 phreak 1.110
371     *hardened-sources-2.6.17 (17 Aug 2006)
372    
373     17 Aug 2006; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.6.17.ebuild:
375     Bumping the hardened-sources-2.6 series to 2.6.17, using
376     genpatches-2.6.17-6.base.
377 solar 1.109
378     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
379     - stable on x86 and amd64
380 solar 1.108
381     *hardened-sources-2.6.16-r11 (15 Jul 2006)
382    
383     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
384     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
385     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
386     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
387     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
388     crusty ebuilds
389 johnm 1.107
390     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
391     hardened-sources-2.6.16-r10.ebuild:
392     marking stable on x86 and amd64
393 solar 1.106
394     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
395     - 2.4.32-r6 stable on x86. RSBAC state unknown
396 kang 1.105
397     *hardened-sources-2.4.32-r7 (10 Jul 2006)
398    
399     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
400     +hardened-sources-2.4.32-r7.ebuild:
401     Bump PaX for RSBAC to test-17
402 johnm 1.104
403     *hardened-sources-2.6.16-r9 (03 Jul 2006)
404    
405     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
406     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
407     hardened-sources-2.6.16 bump to latest -base.
408 solar 1.103
409     *hardened-sources-2.4.32-r6 (30 Jun 2006)
410    
411     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
412     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
413     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
414     sysctl controlable resource logging
415 johnm 1.102
416     *hardened-sources-2.6.16-r7 (05 Jun 2006)
417    
418     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
419     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
420     push new 2.6.16 release in preparation for stable
421 solar 1.101
422     22 May 2006; <solar@gentoo.org> :
423     - redigest bug 134002
424 kang 1.100
425     *hardened-sources-2.4.32-r5 (16 May 2006)
426    
427     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
428     +hardened-sources-2.4.32-r5.ebuild:
429     Fixes rsbac common patching (new patch in new -r5 patchset)
430 solar 1.99
431     *hardened-sources-2.4.32-r4 (13 May 2006)
432    
433     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
434     +hardened-sources-2.4.32-r4.ebuild:
435     - security bumps
436 johnm 1.98
437     *hardened-sources-2.6.16-r6 (03 May 2006)
438    
439     03 May 2006; John Mylchreest <johnm@gentoo.org>
440     +hardened-sources-2.6.16-r6.ebuild:
441     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
442 johnm 1.97
443     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
444     hardened-sources-2.6.14-r8.ebuild:
445     fix x86_64 build problem, this will delay the digest issue again for a short
446     while but it will sort itself out
447 johnm 1.96
448     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
449     hardened-sources-2.6.14-r8.ebuild:
450     bump hardened patchset
451 antarus 1.94
452     27 Apr 2006; Alec Warner <antarus@gentoo.org>
453     files/digest-hardened-sources-2.4.32-r2,
454     files/digest-hardened-sources-2.4.32-r3,
455     files/digest-hardened-sources-2.6.14-r8, Manifest:
456     Fixing duff SHA256 digests: Bug # 131293
457 johnm 1.93
458 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
459    
460     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
461     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
462     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
463     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
464     cleanup of old uneccessary sources
465    
466 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
467     fix digest
468 johnm 1.92
469     *hardened-sources-2.6.14-r8 (20 Apr 2006)
470    
471     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
472     +hardened-sources-2.6.14-r8.ebuild:
473     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
474 johnm 1.91
475     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
476     Turning on gpg-signing again, and recomitting
477 johnm 1.90
478     *hardened-sources-2.6.16-r4 (20 Apr 2006)
479    
480     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
481     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
482     +hardened-sources-2.6.16-r4.ebuild:
483     Fix numerous security vulns
484 solar 1.89
485     *hardened-sources-2.4.32-r3 (16 Apr 2006)
486    
487     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
488     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
489     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
490     - security bump for bug #112791. Removed old ebuilds
491 johnm 1.88
492     *hardened-sources-2.6.16-r3 (15 Apr 2006)
493    
494     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
495     +hardened-sources-2.6.16-r3.ebuild:
496     Removing silly localversion which I missed
497 johnm 1.87
498     *hardened-sources-2.6.14-r7 (14 Apr 2006)
499    
500     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
501     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
502     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
503 johnm 1.86
504     *hardened-sources-2.6.16-r2 (13 Apr 2006)
505    
506     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
507     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
508     +hardened-sources-2.6.16-r2.ebuild:
509     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
510     labels, dropping USERGROUP define fixes, since these were merged mainstream.
511 johnm 1.85
512     *hardened-sources-2.6.16-r1 (11 Apr 2006)
513    
514     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
515     +hardened-sources-2.6.16-r1.ebuild:
516     Bumping to include ppc build fix and 2.6.16.3
517 tsunam 1.84
518     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
519     hardened-sources-2.6.14-r6.ebuild:
520     Stable on x86; bug #127718
521 johnm 1.83
522     *hardened-sources-2.6.16 (31 Mar 2006)
523    
524     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
525     +hardened-sources-2.6.16.ebuild:
526     Bumping to new version of grsec, and kernel base. New squashfs. Based on
527     2.6.16.1
528 cryos 1.82
529     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
530     hardened-sources-2.6.14-r6.ebuild:
531     Stable on amd64, bug 127718.
532 nixnut 1.81
533     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
534     Stable on ppc. Bug #127718
535 johnm 1.80
536     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
537     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
538     -hardened-sources-2.6.14-r4.ebuild:
539     Cleanup.
540 johnm 1.79
541     *hardened-sources-2.6.14-r6 (15 Mar 2006)
542    
543     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
544     +hardened-sources-2.6.14-r6.ebuild:
545     Fixes grsec policy recreation bug and adds a
546     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
547 solar 1.78
548     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
549     - stable on x86
550 hansmi 1.77
551     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
552     hardened-sources-2.6.14-r5.ebuild:
553     Stable on ppc.
554 johnm 1.76
555     *hardened-sources-2.6.14-r5 (01 Feb 2006)
556    
557     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
558     +hardened-sources-2.6.14-r5.ebuild:
559     fixing every known exploit
560 solar 1.75
561     *hardened-sources-2.4.32-r2 (26 Jan 2006)
562    
563     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
564     +hardened-sources-2.4.32-r2.ebuild:
565     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
566 solar 1.74
567     *hardened-sources-2.6.14-r4 (12 Jan 2006)
568    
569     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
570     - version bump for new genpatches which fix up a few sec holes
571 solar 1.73
572     *hardened-sources-2.4.32-r1 (05 Jan 2006)
573    
574     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
575     - revision bump to add misc vital linux kernel security patches.
576 johnm 1.72
577     *hardened-sources-2.6.14-r3 (30 Dec 2005)
578    
579     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
580     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
581     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
582 johnm 1.71
583     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
584     hardened-sources-2.6.14-r2.ebuild:
585     making x86 & amd64 stable following testing.
586 johnm 1.70
587     *hardened-sources-2.6.14-r2 (27 Dec 2005)
588    
589     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
590     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
591     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
592     network hooks.
593 johnm 1.69
594     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
595     hardened-sources-2.6.14-r1.ebuild:
596     bumping to stable early for sec fix on x86 & amd64
597 johnm 1.68
598     *hardened-sources-2.6.14-r1 (05 Dec 2005)
599    
600     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
601     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
602     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
603 solar 1.67
604     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
605     - stable on x86 security bug #114227 CAN-2005-3257
606 kang 1.66
607     *hardened-sources-2.4.32 (19 Nov 2005)
608    
609     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
610     +hardened-sources-2.4.32.ebuild:
611     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
612     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
613     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
614     rsbac >> /etc/portage/package.use)
615 johnm 1.65
616     *hardened-sources-2.6.14 (14 Nov 2005)
617    
618     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
619     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
620     Bumping 2.6 series to 2.6.14.2
621 johnm 1.64
622     *hardened-sources-2.6.13-r2 (20 Oct 2005)
623    
624     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
625     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
626     +hardened-sources-2.6.13-r2.ebuild:
627     Fixes minor build error in ppc.
628 johnm 1.63
629     *hardened-sources-2.6.13-r1 (17 Oct 2005)
630    
631     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
632     +hardened-sources-2.6.13-r1.ebuild:
633     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
634     2.6.13.4, fixes some major amd64 stability problems.
635 johnm 1.62
636     *hardened-sources-2.6.13 (16 Sep 2005)
637    
638     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
639     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
640     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
641     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
642     users should test this thoroughly.
643 solar 1.61
644     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
645     - stable on x86
646 johnm 1.60
647     *hardened-sources-2.6.11-r15 (27 Jun 2005)
648    
649     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
650     +hardened-sources-2.6.11-r15.ebuild:
651     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
652     grsec redefining curr_ip struct.
653 solar 1.59
654     *hardened-sources-2.4.31 (20 Jun 2005)
655    
656     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
657     initial import of 2.4.31 tree
658 johnm 1.58
659     *hardened-sources-2.6.11-r14 (14 Jun 2005)
660    
661     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
662     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
663     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
664     naming scheme to abide by genpatches
665 johnm 1.57
666     *hardened-sources-2.6.11-r13 (18 May 2005)
667    
668     18 May 2005; John Mylchreest <johnm@gentoo.org>
669     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
670     Managed to mangle the Makefile patch from grsec, to miss out the grsec
671     target. sorry about that. Fixes bug #93022
672 johnm 1.56
673     *hardened-sources-2.6.11-r12 (17 May 2005)
674    
675     17 May 2005; John Mylchreest <johnm@gentoo.org>
676     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
677     +hardened-sources-2.6.11-r12.ebuild:
678     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
679     merges in genpatches-base
680 johnm 1.55
681     *hardened-sources-2.6.11-r12 (17 May 2005)
682    
683     17 May 2005; John Mylchreest <johnm@gentoo.org>
684     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
685     +hardened-sources-2.6.11-r12.ebuild:
686     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
687     merges in genpatches-base
688 solar 1.54
689     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
690     -files/2.4.27-cmdline-race.patch,
691     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
692     -files/2.4.28-grsec-binfmt_a.out.patch,
693     -files/2.4.28-grsec-cmdline-race.patch,
694     -files/2.4.28-selinux-binfmt_a.out.patch,
695     -files/2.4.28-selinux-cmdline-race.patch,
696     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
697     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
698     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
699     cleanup..
700 solar 1.53
701     *hardened-sources-2.4.30-r1 (21 Apr 2005)
702    
703     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
704     - disable aout by default
705 solar 1.52
706     *hardened-sources-2.4.30 (18 Apr 2005)
707    
708     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
709     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
710     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
711     use
712 tocharian 1.50
713 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
714    
715     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
716     +hardened-sources-2.4.29.ebuild:
717     New hardened-patches-2.4-29.0 patchball.
718     Removed SELinux support, upgraded GRSecurity to 2.1.4.
719    
720     *hardened-sources-2.4.28-r5 (06 Mar 2005)
721    
722     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
723     +hardened-sources-2.4.28-r5.ebuild:
724     Added a fix for a PaX vulnerability.
725    
726     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
727 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
728     Stable on x86
729 solar 1.49
730     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
731     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
732     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
733     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
734     - fixed/added RDEPEND= in all kernel-2 ebuilds
735 tocharian 1.48
736     *hardened-sources-2.4.28-r4 (21 Jan 2005)
737    
738     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
739     +hardened-sources-2.4.28-r4.ebuild:
740     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
741     backport of neighbour hash updates.
742 tocharian 1.47
743     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
744     hardened-sources-2.4.28-r3.ebuild:
745     Stable on x86
746 tseng 1.46
747     *hardened-sources-2.6.10-r3 (20 Jan 2005)
748    
749     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
750     +hardened-sources-2.6.10-r3.ebuild:
751     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
752     in 2005.0
753 tocharian 1.45
754     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
755     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
756     hardened-sources-2.4.28-r2.ebuild:
757     Mark stable on x86
758 tocharian 1.44
759     *hardened-sources-2.4.28-r3 (17 Jan 2005)
760    
761     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
762     +hardened-sources-2.4.28-r3.ebuild:
763     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
764 tocharian 1.43
765     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
766     hardened-sources-2.4.28.ebuild:
767     Mark stable on x86.
768 tocharian 1.42
769     *hardened-sources-2.4.28-r2 (13 Jan 2005)
770    
771     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772     +hardened-sources-2.4.28-r2.ebuild:
773     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
774     Mazinger for grsecurity patches as well.
775 plasmaroo 1.41
776     *hardened-sources-2.4.28-r1 (23 Dec 2004)
777    
778     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
779     Security bump. Thank tocharian for rolling a new patchset...
780 solar 1.40
781     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
782     +files/2.4.28-grsec-cmdline-race.patch,
783     +files/2.4.28-selinux-binfmt_a.out.patch,
784     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
785     - Round up remaining security patches that appear to be missing in 2.4.28. -
786     PaX standalone updated to current. hgpv=28.1
787 solar 1.39
788     *hardened-sources-2.4.28 (28 Nov 2004)
789    
790     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
791     security bump. Thank tocharian for rolling a new patchset
792 scox 1.31
793 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
794    
795     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
796     +hardened-sources-2.4.27-r3.ebuild:
797     Applies the new 2.4-27.2 patchball which updates
798     GRSecurity to the 2.0.1 version.
799    
800 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
801    
802     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
803     +hardened-sources-2.4.27-r2.ebuild:
804     Version bump.
805     This version uses the new 2.4-27.1 patchball which updates
806     both the SELinux PaX hooks patch and the SELinux headers.
807    
808 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
809    
810     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
811     +hardened-sources-2.4.27-r1.ebuild,
812     -hardened-sources-2.4.27.ebuild,
813     +files/2.4.27-cmdline-race.patch:
814     Version bump, fix for cmdline race. See bug #59905.
815    
816     *hardened-sources-2.4.26-r6 (09 Aug 2004)
817    
818     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
819     +hardened-sources-2.4.26-r6.ebuild,
820     -hardened-sources-2.4.26-r5.ebuild,
821     -hardened-sources-2.4.26-r4.ebuild,
822     +files/2.4.26-cmdline-race.patch:
823     Version bump, fix for cmdline race. See bug #59905.
824    
825 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
826    
827     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
828     +hardened-sources-2.4.27.ebuild,
829     +files/2.4.27-CAN-2004-0394.patch:
830     Ported the patchball to the 2.4.27 kernel version.
831    
832 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
833    
834     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
835     +hardened-sources-2.4.26-r5.ebuild:
836 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
837 scox 1.34 It adds the following features:
838     - Squashfs
839     - Ebtables
840     - Netdev random (core+drivers)
841     - Watchdog Timer (WDT) fix.
842    
843 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
844    
845     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
846     +hardened-sources-2.4.26-r4.ebuild,
847     +files/2.4.26-CAN-2004-0415.patch,
848     -hardened-sources-2.4.26-3:
849     Version bump, fix for CAN 0415, see bug #59378.
850    
851 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
852    
853     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
854     +hardened-sources-2.4.26-r3.ebuild,
855     +files/2.4.26-CAN-2004-0497.patch,
856     -hardened-sources-2.4.26-r2.ebuild:
857     Version bump, fixed CAN 0497, see bug #56171.
858    
859 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
860    
861     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
862 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
863 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
864     +files/2.4.26-CAN-2004-0535.patch,
865     -hardened-sources-2.4.26-r1.ebuild:
866     Fixes for both CAN 0495 and 0535, see bug #54976
867 pvdabeel 1.27
868 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
869     hardened-sources-2.4.26-r1.ebuild:
870     QA - fix use invocation
871 scox 1.28
872     *hardened-sources-2.4.26-r1 (22 June 2004)
873    
874     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
875     +hardened-sources-2.4.26-r1.ebuild,
876     +files/2.4.26-CAN-2004-0394.patch,
877     +files/2.4.26-signal-race.patch,
878     -hardened-sources-2.4.26.ebuild,
879     -hardened-sources-2.4.24-r3.ebuild:
880     Version bump for the CAN-2004-0394 issue and bug #53804
881     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
882    
883    
884 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
885     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
886     Masked hardened-sources-2.4.26.ebuild broken for ppc
887    
888     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
889     hardened-sources-2.4.24-r3.ebuild:
890     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
891 plasmaroo 1.25
892 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
893    
894     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
895     +hardened-sources-2.4.26.ebuild:
896     Updated hardened-sources for the 2.4.26 kernel
897     Removed broken components, updated almost everything.
898    
899 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
900    
901     17 Apr 2004; <plasmaroo@gentoo.org>
902     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
903     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
904     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
905     +hardened-sources-2.4.24-r3.ebuild:
906     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
907     vulnerabilities. Old revisions removed.
908 plasmaroo 1.24
909     *hardened-sources-2.4.24-r2 (15 Apr 2004)
910    
911     15 Apr 2004; <plasmaroo@gentoo.org>
912     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
913     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
914     Version bump for the CAN-2004-0109 issue; bug #47881.
915 aliz 1.23
916     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
917     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
918     Add eutils to inherit.
919 plasmaroo 1.22
920     *hardened-sources-2.4.24-r1 (19 Feb 2004)
921    
922     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
923     files/hardened-sources-2.4.24.munmap.patch:
924     Added the patch for the mremap/munmap vulnerability. Bug #42024.
925 scox 1.19
926 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
927 scox 1.26
928 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
929     hardened-sources-2.4.24.ebuild:
930     Version bump, updated most of the components.
931     This release includes the following:
932    
933     - Hardened security
934     - Netfilter patch-o-matic 20031219
935     - FreeSWAN 2.04 & x509 1.4.8
936     - EVMS 2.2.2
937     - XFS 1.3.1
938     - cryptoloop jari
939     - grsecurity 2.0-rc4
940     - SELinux
941     - PaX 200402060000
942     - PaX Obscurity 200308302223
943     - Others...
944    
945     Neither -ck nor systrace are included anymore.
946    
947 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
948    
949     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
950     hardened-sources-2.4.22-r2.ebuild:
951 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
952 scox 1.19
953     *hardened-sources-2.4.22-r1 (02 Dec 2003)
954 iggy 1.17
955     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
956 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
957 iggy 1.16
958     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
959 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
960     Version bump for the 'do_brk' vulnerability.
961 iggy 1.15
962     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
963     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
964     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
965     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
966 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
967 frogger 1.14
968     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
969     hardened-sources-2.4.22.ebuild:
970 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
971     components. These are no longer handled in the kernel
972     so this code was not necessary.
973 frogger 1.13
974     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
975     New 2.4.22 based hardened-sources thanks to
976     Phil West <p.west@computer.org>.
977    
978     These sources include:
979 plasmaroo 1.18 - New SELinux API
980     - Updated CK-base
981     - Updated GRSec
982     - Systrace
983     - SuperFreeS/WAN 1.99.8
984     - Propolice kernel build support
985     - EVMS
986     - Other various security related patches
987 frogger 1.11
988 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
989    
990     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
991     Updated hardened-sources based on the 2.4.21 Linux kernel.
992     This includes updates to most major components such as:
993 plasmaroo 1.18 - ck-base-0306300059
994     - selinux-2.4-2003071106
995     - grsecurity-2.0-rc1
996     - Updated IPTables patch-o-matic
997     - Updated SuperFreeS/WAN
998    
999 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1000     updated patch set ready for the 2.4.21 based kernel.
1001    
1002 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1003     Initial import of hardened-sources-2.4.20-r4. This revision
1004     includes only a few changes, but one of these is an important
1005     security fix. It is recommended all users of hardened-sources
1006     upgrade to this release.
1007 plasmaroo 1.18
1008 frogger 1.11 - ioperm bug fix
1009     - fixed compilation failure when building without GRSec
1010 plasmaroo 1.18
1011 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1012     due to time constraints, but is planned for inclusion in the near
1013     future.
1014 msterret 1.10
1015     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1016    
1017     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1018     hardened-sources-2.4.20-r3.ebuild:
1019 plasmaroo 1.18 Add Header...
1020 frogger 1.9
1021     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1022     hardened-sources-2.4.20-r3.ebuild:
1023     Removed warnings from ebuild. This kernel should be safe to
1024     use at this point.
1025 frogger 1.8
1026     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1027    
1028     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1029     hardened-sources-2.4.20-r3.ebuild:
1030     New revision. Includes the following changes over -r2:
1031 plasmaroo 1.18
1032 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1033     - Super FreeS/WAN 1.99.7rc2
1034     - PaX for the LSM/SELinux branch
1035     - GRSecurity 2.0-pre4 (role based access control)
1036     - Systrace 1.3
1037     - EXT3 fixes
1038     - EVMS 2.0.1
1039     - GCC 3.1+ compile optimizations
1040     - ProPolice kernel build support
1041     - Hashing table security fixes
1042 frogger 1.3
1043     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1044 frogger 1.7
1045     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1046     Initial import of hardened-sources-r2. This new
1047     ebuild includes many new performance and security
1048     related patches. As in -r1, it will patch in
1049     LSM/SELinux if "selinux" is in USE, otherwise it
1050     will patch in GRSecurity. The following patches
1051     are included in this revision:
1052 plasmaroo 1.18
1053 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1054     (pulled from the base CK patch)
1055     - ptrace exploit patch for the LSM kernel
1056     (the GRSec patch already fixes this)
1057     - LSM 2.4-2003040709
1058     - SELinux 2.4-2003040709
1059     - Systrace v1.2
1060     - IPTables patch-o-matic base patches - 20030107
1061     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1062     - Super FreeS/WAN 1.99.6.1
1063     - GRSecurity 1.9.9g
1064     - MPPE
1065     - EXT3 data journal fix
1066     - CIPE 1.5.4
1067 frogger 1.6
1068     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1069     hardened-sources-2.4.20-r1.ebuild, manifest:
1070 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1071 frogger 1.5
1072     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1073     hardened-sources-2.4.20-r1.ebuild:
1074     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1075     is patched in instead. Ptrace patches for selinux have also been added. In
1076     either case, systrace support will be patched in as well.
1077 frogger 1.3
1078     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1080 plasmaroo 1.18 Revision bump for new sources.
1081 frogger 1.4
1082 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1083 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1084 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1085 method 1.1
1086 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1087    
1088 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1089     hardened-sources-2.4.20.ebuild:
1090 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20