/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.172 - (hide annotations) (download)
Thu Aug 16 20:06:45 2007 UTC (7 years, 4 months ago) by phreak
Branch: MAIN
Changes since 1.171: +7 -1 lines
Revision bump for Linux 2.6.22.3.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.172 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.171 2007/08/16 20:02:59 phreak Exp $
4    
5     *hardened-sources-2.6.22-r2 (16 Aug 2007)
6    
7     16 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.22-r2.ebuild:
9     Revision bump for Linux 2.6.22.3.
10 phreak 1.171
11     *hardened-sources-2.4.35 (16 Aug 2007)
12    
13     16 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.4.35.ebuild:
15     Version bump, initial version for Linux 2.4.35.
16 phreak 1.170
17     *hardened-sources-2.6.21-r4 (16 Aug 2007)
18    
19     16 Aug 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.21-r4.ebuild:
21     Revision bump for Linux 2.6.21.6.
22 phreak 1.169
23     *hardened-sources-2.6.20-r7 (16 Aug 2007)
24    
25     16 Aug 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.6.20-r7.ebuild:
27     Revision bump for Linux 2.6.20.16.
28 phreak 1.168
29     *hardened-sources-2.6.22-r1 (13 Aug 2007)
30    
31     13 Aug 2007; Christian Heim <phreak@gentoo.org>
32     +hardened-sources-2.6.22-r1.ebuild:
33     Yet another revision bump.
34 phreak 1.167
35     *hardened-sources-2.6.22 (10 Aug 2007)
36    
37     10 Aug 2007; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.22.ebuild:
39     Initial release for 2.6.22. If you are using hardened-sources on a desktop
40     machine (P4 or newer), be aware you might need to disable
41     CONFIG_PAX_PAGEEXEC.
42 phreak 1.166
43     04 Aug 2007; Christian Heim <phreak@gentoo.org>
44     hardened-sources-2.6.20-r6.ebuild:
45     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
46     2.6.20.15.
47 phreak 1.165
48     10 Jul 2007; Christian Heim <phreak@gentoo.org>
49     hardened-sources-2.6.20-r5.ebuild:
50     Marking hardened-sources-2.6.20-r5 stable on ppc.
51 phreak 1.164
52     10 Jul 2007; Christian Heim <phreak@gentoo.org>
53     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
54     Cleanup.
55 phreak 1.163
56     *hardened-sources-2.6.20-r6 (08 Jul 2007)
57    
58     08 Jul 2007; Christian Heim <phreak@gentoo.org>
59     +hardened-sources-2.6.20-r6.ebuild:
60     Revision bump, grabbing yet another stable release.
61 phreak 1.162
62     17 Jun 2007; Christian Heim <phreak@gentoo.org>
63     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
64     -hardened-sources-2.6.21-r2.ebuild:
65     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
66     alpha stable KEYWORD by mistake.
67 phreak 1.161
68     17 Jun 2007; Christian Heim <phreak@gentoo.org>
69     hardened-sources-2.6.20-r5.ebuild:
70     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
71     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
72 phreak 1.160
73     *hardened-sources-2.6.21-r3 (12 Jun 2007)
74    
75     12 Jun 2007; Christian Heim <phreak@gentoo.org>
76     +hardened-sources-2.6.21-r3.ebuild:
77     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
78     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
79     love.
80 phreak 1.159
81     *hardened-sources-2.6.20-r5 (11 Jun 2007)
82    
83     11 Jun 2007; Christian Heim <phreak@gentoo.org>
84     +hardened-sources-2.6.20-r5.ebuild:
85     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
86     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
87     love.
88 pappy 1.158
89     *hardened-sources-2.4.34.5 (11 Jun 2007)
90    
91     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
92     +hardened-sources-2.4.34.5.ebuild:
93     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
94 phreak 1.157
95     30 May 2007; Christian Heim <phreak@gentoo.org>
96     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
97     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
98     stale ebuild(s).
99 phreak 1.156
100     30 May 2007; Christian Heim <phreak@gentoo.org>
101     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
102     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
103     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
104     Doing some cleanups, remove stale ebuilds.
105 phreak 1.155
106     26 May 2007; Christian Heim <phreak@gentoo.org>
107     hardened-sources-2.6.21-r2.ebuild:
108     Fixing the grsecurity patch, had one '};' too much.
109 phreak 1.154
110     *hardened-sources-2.6.21-r2 (26 May 2007)
111    
112     26 May 2007; Christian Heim <phreak@gentoo.org>
113     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
114     +hardened-sources-2.6.21-r2.ebuild:
115     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
116     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
117 phreak 1.153
118     *hardened-sources-2.6.20-r4 (26 May 2007)
119    
120     26 May 2007; Christian Heim <phreak@gentoo.org>
121     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
122     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
123 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
124 phreak 1.152
125     15 May 2007; Christian Heim <phreak@gentoo.org>
126     hardened-sources-2.6.20-r3.ebuild:
127     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
128     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
129     grsecurity patch fail in that exact same hunk.
130 phreak 1.151
131     *hardened-sources-2.6.20-r3 (15 May 2007)
132    
133     15 May 2007; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
135     Revision bump, incorporating Linux 2.6.20.11.
136    
137     *hardened-sources-2.6.21-r1 (11 May 2007)
138    
139     11 May 2007; Christian Heim <phreak@gentoo.org>
140     +hardened-sources-2.6.21-r1.ebuild:
141     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
142     mentioned in #177234.
143 kevquinn 1.150
144     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
145     files/digest-hardened-sources-2.6.21, Manifest:
146     Fix Manifest/digest for linux-2.6.21.tar.bz2
147 phreak 1.149
148     06 May 2007; Christian Heim <phreak@gentoo.org>
149     hardened-sources-2.6.21.ebuild:
150     Bumping the hardened-patches version, needed for the fix for #177234.
151 phreak 1.148
152     *hardened-sources-2.6.21 (02 May 2007)
153    
154     02 May 2007; Christian Heim <phreak@gentoo.org>
155     +hardened-sources-2.6.21.ebuild:
156     Version bump, Linux 2.6.21-hardened.
157 phreak 1.147
158     29 Apr 2007; Christian Heim <phreak@gentoo.org>
159     hardened-sources-2.6.20-r2.ebuild:
160     Adding ~ia64 on Ned's request.
161 phreak 1.146
162     29 Apr 2007; Christian Heim <phreak@gentoo.org>
163     hardened-sources-2.6.20-r2.ebuild:
164     Fixing the included grsecurity patch, wasn't alligning due to the Index:
165     header line(s).
166 phreak 1.145
167     29 Apr 2007; Christian Heim <phreak@gentoo.org>
168     hardened-sources-2.6.20-r2.ebuild:
169     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
170 armin76 1.144
171     *hardened-sources-2.6.20-r2 (10 Apr 2007)
172    
173     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
174     +hardened-sources-2.6.20-r2.ebuild:
175     Version bump, on behalf of phreak
176 phreak 1.143
177     *hardened-sources-2.6.20-r1 (04 Apr 2007)
178    
179     04 Apr 2007; Christian Heim <phreak@gentoo.org>
180     +hardened-sources-2.6.20-r1.ebuild:
181     Revision bump, grabbing a newer grsecurity snapshot.
182 phreak 1.142
183     *hardened-sources-2.6.20 (25 Mar 2007)
184    
185     25 Mar 2007; Christian Heim <phreak@gentoo.org>
186     +hardened-sources-2.6.20.ebuild:
187     Finally a hardened-sources version for 2.6.20; many people have been waiting
188     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
189     testbox.
190 chainsaw 1.141
191     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
192     hardened-sources-2.6.18-r6.ebuild:
193     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
194 phreak 1.140
195     *hardened-sources-2.6.18-r6 (16 Mar 2007)
196    
197     16 Mar 2007; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
199     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
200     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
201     supposed to be.
202 phreak 1.139
203     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
204     Fixing the Manifest, the previous one was broken (as in still had the
205     deleted ebuild in it).
206 phreak 1.138
207     06 Mar 2007; Christian Heim <phreak@gentoo.org>
208     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
209     +hardened-sources-2.6.18-r5.ebuild:
210     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
211     Linux 2.6.18.8. Also cleaning up the older version.
212    
213     *hardened-sources-2.6.18-r5 (06 Mar 2007)
214    
215     06 Mar 2007; Christian Heim <phreak@gentoo.org>
216     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
217     +hardened-sources-2.6.18-r5.ebuild:
218     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
219     Linux 2.6.18.8. Also cleaning up the older version.
220 phreak 1.137
221     24 Feb 2007; Christian Heim <phreak@gentoo.org>
222     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
223     -hardened-sources-2.6.19-r5.ebuild:
224     Removing some of the old version, that didn't work.
225 phreak 1.136
226     *hardened-sources-2.6.19-r6 (12 Feb 2007)
227    
228     12 Feb 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.19-r6.ebuild:
230     Revision bump, including a new grsec version fixing #166235.
231 pappy 1.134
232     *hardened-sources-2.4.34 (24 Jan 2007)
233    
234     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
235 pappy 1.135 Manifest:
236     updating Manifest with checksums of new tarball and ebuild
237    
238     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
239 pappy 1.134 +hardened-sources-2.4.34.ebuild:
240     I added new hardened sources 2.4 update, this is a critical path
241     security bugfix - all users of h-s are strongly advised
242     to update their existing hardened sources to this version.
243     It contains a fix for a kernel vulnerability that is pertaining
244     to the PaX changes to virtual memory management, possibly leading
245     to a local kernel exploit ... see grsecurity.net forums and homepage
246 phreak 1.133
247     23 Jan 2007; Christian Heim <phreak@gentoo.org>
248     files/digest-hardened-sources-2.6.19-r5, Manifest:
249     Fixing the patch-tarball digest.
250 phreak 1.132
251     *hardened-sources-2.6.19-r5 (23 Jan 2007)
252    
253     23 Jan 2007; Christian Heim <phreak@gentoo.org>
254     +hardened-sources-2.6.19-r5.ebuild:
255     Revision bump, closing the recently discovered PaX expand_stack()
256     vulnerability.
257 phreak 1.131
258     *hardened-sources-2.6.19-r4 (14 Jan 2007)
259    
260     14 Jan 2007; Christian Heim <phreak@gentoo.org>
261     +hardened-sources-2.6.19-r4.ebuild:
262     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
263     dropping the randomized PID feature.
264 opfer 1.130
265     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
266     hardened-sources-2.4.33.4.ebuild:
267     stable x86, bug #161171
268 phreak 1.129
269     *hardened-sources-2.6.19-r3 (27 Dec 2006)
270    
271     27 Dec 2006; Christian Heim <phreak@gentoo.org>
272     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
273     Revision bump for bug #157186 and #158786.
274 phreak 1.128
275     *hardened-sources-2.6.18-r4 (27 Dec 2006)
276    
277     27 Dec 2006; Christian Heim <phreak@gentoo.org>
278     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
279     Revision bump for bug #157186.
280 phreak 1.127
281     *hardened-sources-2.6.19-r2 (23 Dec 2006)
282    
283     23 Dec 2006; Christian Heim <phreak@gentoo.org>
284     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
285     Revision bump to pull in genpatches-2.6.19-3 for #157186.
286 phreak 1.126
287     17 Dec 2006; Christian Heim <phreak@gentoo.org>
288     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
289     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
290     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
291     hardened-sources-2.6.19-r1.ebuild:
292     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
293     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
294 pappy 1.125
295     *hardened-sources-2.4.33.4 (17 Dec 2006)
296    
297     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
298     +hardened-sources-2.4.33.4.ebuild:
299     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
300     and quilting
301 phreak 1.124
302     *hardened-sources-2.6.19-r1 (14 Dec 2006)
303    
304     14 Dec 2006; Christian Heim <phreak@gentoo.org>
305     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
306     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
307     for reporting).
308 phreak 1.123
309     *hardened-sources-2.6.19 (13 Dec 2006)
310    
311     13 Dec 2006; Christian Heim <phreak@gentoo.org>
312     +hardened-sources-2.6.19.ebuild:
313     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
314     Brad for providing that prompt update.
315 phreak 1.122
316     *hardened-sources-2.6.18-r3 (13 Dec 2006)
317    
318     13 Dec 2006; Christian Heim <phreak@gentoo.org>
319     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
320     +hardened-sources-2.6.18-r3.ebuild:
321     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
322     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
323 phreak 1.121
324     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
325     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
326 nixnut 1.120
327     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
328     Stable on ppc wrt bug 157356
329 opfer 1.119
330     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
331     hardened-sources-2.6.18.ebuild:
332     stable x86, bug #157356
333 phreak 1.118
334     *hardened-sources-2.6.18-r2 (06 Dec 2006)
335    
336     06 Dec 2006; Christian Heim <phreak@gentoo.org>
337     +hardened-sources-2.6.18-r2.ebuild:
338     Revision bump, including 2.6.18.5 (via genpatches) and
339     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
340     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
341     redesign.
342 phreak 1.117
343     06 Dec 2006; Christian Heim <phreak@gentoo.org>
344     hardened-sources-2.6.18.ebuild:
345     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
346     of Mike Doty).
347 phreak 1.116
348     *hardened-sources-2.6.18-r1 (23 Nov 2006)
349    
350     23 Nov 2006; Christian Heim <phreak@gentoo.org>
351     +hardened-sources-2.6.18-r1.ebuild:
352     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
353 phreak 1.115
354     *hardened-sources-2.6.18 (11 Nov 2006)
355    
356     11 Nov 2006; Christian Heim <phreak@gentoo.org>
357     +hardened-sources-2.6.18.ebuild:
358     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
359 solar 1.114
360     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
361     - mark amd64 stable also. bug #151877
362 solar 1.113
363     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
364     - mark 2.6.17-r1 stable
365 phreak 1.112
366     27 Aug 2006; Christian Heim <phreak@gentoo.org>
367     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
368     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
369 phreak 1.111
370     *hardened-sources-2.6.17-r1 (26 Aug 2006)
371    
372     26 Aug 2006; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.17-r1.ebuild:
374     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
375     grsecurity patch.
376 phreak 1.110
377     *hardened-sources-2.6.17 (17 Aug 2006)
378    
379     17 Aug 2006; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.17.ebuild:
381     Bumping the hardened-sources-2.6 series to 2.6.17, using
382     genpatches-2.6.17-6.base.
383 solar 1.109
384     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
385     - stable on x86 and amd64
386 solar 1.108
387     *hardened-sources-2.6.16-r11 (15 Jul 2006)
388    
389     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
390     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
391     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
392     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
393     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
394     crusty ebuilds
395 johnm 1.107
396     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
397     hardened-sources-2.6.16-r10.ebuild:
398     marking stable on x86 and amd64
399 solar 1.106
400     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
401     - 2.4.32-r6 stable on x86. RSBAC state unknown
402 kang 1.105
403     *hardened-sources-2.4.32-r7 (10 Jul 2006)
404    
405     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
406     +hardened-sources-2.4.32-r7.ebuild:
407     Bump PaX for RSBAC to test-17
408 johnm 1.104
409     *hardened-sources-2.6.16-r9 (03 Jul 2006)
410    
411     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
412     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
413     hardened-sources-2.6.16 bump to latest -base.
414 solar 1.103
415     *hardened-sources-2.4.32-r6 (30 Jun 2006)
416    
417     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
418     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
419     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
420     sysctl controlable resource logging
421 johnm 1.102
422     *hardened-sources-2.6.16-r7 (05 Jun 2006)
423    
424     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
425     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
426     push new 2.6.16 release in preparation for stable
427 solar 1.101
428     22 May 2006; <solar@gentoo.org> :
429     - redigest bug 134002
430 kang 1.100
431     *hardened-sources-2.4.32-r5 (16 May 2006)
432    
433     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
434     +hardened-sources-2.4.32-r5.ebuild:
435     Fixes rsbac common patching (new patch in new -r5 patchset)
436 solar 1.99
437     *hardened-sources-2.4.32-r4 (13 May 2006)
438    
439     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
440     +hardened-sources-2.4.32-r4.ebuild:
441     - security bumps
442 johnm 1.98
443     *hardened-sources-2.6.16-r6 (03 May 2006)
444    
445     03 May 2006; John Mylchreest <johnm@gentoo.org>
446     +hardened-sources-2.6.16-r6.ebuild:
447     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
448 johnm 1.97
449     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
450     hardened-sources-2.6.14-r8.ebuild:
451     fix x86_64 build problem, this will delay the digest issue again for a short
452     while but it will sort itself out
453 johnm 1.96
454     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
455     hardened-sources-2.6.14-r8.ebuild:
456     bump hardened patchset
457 antarus 1.94
458     27 Apr 2006; Alec Warner <antarus@gentoo.org>
459     files/digest-hardened-sources-2.4.32-r2,
460     files/digest-hardened-sources-2.4.32-r3,
461     files/digest-hardened-sources-2.6.14-r8, Manifest:
462     Fixing duff SHA256 digests: Bug # 131293
463 johnm 1.93
464 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
465    
466     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
467     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
468     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
469     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
470     cleanup of old uneccessary sources
471    
472 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
473     fix digest
474 johnm 1.92
475     *hardened-sources-2.6.14-r8 (20 Apr 2006)
476    
477     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
478     +hardened-sources-2.6.14-r8.ebuild:
479     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
480 johnm 1.91
481     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
482     Turning on gpg-signing again, and recomitting
483 johnm 1.90
484     *hardened-sources-2.6.16-r4 (20 Apr 2006)
485    
486     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
487     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
488     +hardened-sources-2.6.16-r4.ebuild:
489     Fix numerous security vulns
490 solar 1.89
491     *hardened-sources-2.4.32-r3 (16 Apr 2006)
492    
493     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
494     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
495     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
496     - security bump for bug #112791. Removed old ebuilds
497 johnm 1.88
498     *hardened-sources-2.6.16-r3 (15 Apr 2006)
499    
500     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
501     +hardened-sources-2.6.16-r3.ebuild:
502     Removing silly localversion which I missed
503 johnm 1.87
504     *hardened-sources-2.6.14-r7 (14 Apr 2006)
505    
506     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
507     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
508     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
509 johnm 1.86
510     *hardened-sources-2.6.16-r2 (13 Apr 2006)
511    
512     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
513     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
514     +hardened-sources-2.6.16-r2.ebuild:
515     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
516     labels, dropping USERGROUP define fixes, since these were merged mainstream.
517 johnm 1.85
518     *hardened-sources-2.6.16-r1 (11 Apr 2006)
519    
520     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
521     +hardened-sources-2.6.16-r1.ebuild:
522     Bumping to include ppc build fix and 2.6.16.3
523 tsunam 1.84
524     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
525     hardened-sources-2.6.14-r6.ebuild:
526     Stable on x86; bug #127718
527 johnm 1.83
528     *hardened-sources-2.6.16 (31 Mar 2006)
529    
530     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
531     +hardened-sources-2.6.16.ebuild:
532     Bumping to new version of grsec, and kernel base. New squashfs. Based on
533     2.6.16.1
534 cryos 1.82
535     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
536     hardened-sources-2.6.14-r6.ebuild:
537     Stable on amd64, bug 127718.
538 nixnut 1.81
539     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
540     Stable on ppc. Bug #127718
541 johnm 1.80
542     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
543     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
544     -hardened-sources-2.6.14-r4.ebuild:
545     Cleanup.
546 johnm 1.79
547     *hardened-sources-2.6.14-r6 (15 Mar 2006)
548    
549     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
550     +hardened-sources-2.6.14-r6.ebuild:
551     Fixes grsec policy recreation bug and adds a
552     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
553 solar 1.78
554     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
555     - stable on x86
556 hansmi 1.77
557     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
558     hardened-sources-2.6.14-r5.ebuild:
559     Stable on ppc.
560 johnm 1.76
561     *hardened-sources-2.6.14-r5 (01 Feb 2006)
562    
563     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
564     +hardened-sources-2.6.14-r5.ebuild:
565     fixing every known exploit
566 solar 1.75
567     *hardened-sources-2.4.32-r2 (26 Jan 2006)
568    
569     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
570     +hardened-sources-2.4.32-r2.ebuild:
571     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
572 solar 1.74
573     *hardened-sources-2.6.14-r4 (12 Jan 2006)
574    
575     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
576     - version bump for new genpatches which fix up a few sec holes
577 solar 1.73
578     *hardened-sources-2.4.32-r1 (05 Jan 2006)
579    
580     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
581     - revision bump to add misc vital linux kernel security patches.
582 johnm 1.72
583     *hardened-sources-2.6.14-r3 (30 Dec 2005)
584    
585     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
586     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
587     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
588 johnm 1.71
589     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
590     hardened-sources-2.6.14-r2.ebuild:
591     making x86 & amd64 stable following testing.
592 johnm 1.70
593     *hardened-sources-2.6.14-r2 (27 Dec 2005)
594    
595     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
596     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
597     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
598     network hooks.
599 johnm 1.69
600     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
601     hardened-sources-2.6.14-r1.ebuild:
602     bumping to stable early for sec fix on x86 & amd64
603 johnm 1.68
604     *hardened-sources-2.6.14-r1 (05 Dec 2005)
605    
606     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
608     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
609 solar 1.67
610     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
611     - stable on x86 security bug #114227 CAN-2005-3257
612 kang 1.66
613     *hardened-sources-2.4.32 (19 Nov 2005)
614    
615     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
616     +hardened-sources-2.4.32.ebuild:
617     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
618     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
619     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
620     rsbac >> /etc/portage/package.use)
621 johnm 1.65
622     *hardened-sources-2.6.14 (14 Nov 2005)
623    
624     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
625     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
626     Bumping 2.6 series to 2.6.14.2
627 johnm 1.64
628     *hardened-sources-2.6.13-r2 (20 Oct 2005)
629    
630     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
631     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
632     +hardened-sources-2.6.13-r2.ebuild:
633     Fixes minor build error in ppc.
634 johnm 1.63
635     *hardened-sources-2.6.13-r1 (17 Oct 2005)
636    
637     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
638     +hardened-sources-2.6.13-r1.ebuild:
639     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
640     2.6.13.4, fixes some major amd64 stability problems.
641 johnm 1.62
642     *hardened-sources-2.6.13 (16 Sep 2005)
643    
644     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
645     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
646     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
647     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
648     users should test this thoroughly.
649 solar 1.61
650     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
651     - stable on x86
652 johnm 1.60
653     *hardened-sources-2.6.11-r15 (27 Jun 2005)
654    
655     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
656     +hardened-sources-2.6.11-r15.ebuild:
657     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
658     grsec redefining curr_ip struct.
659 solar 1.59
660     *hardened-sources-2.4.31 (20 Jun 2005)
661    
662     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
663     initial import of 2.4.31 tree
664 johnm 1.58
665     *hardened-sources-2.6.11-r14 (14 Jun 2005)
666    
667     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
668     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
669     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
670     naming scheme to abide by genpatches
671 johnm 1.57
672     *hardened-sources-2.6.11-r13 (18 May 2005)
673    
674     18 May 2005; John Mylchreest <johnm@gentoo.org>
675     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
676     Managed to mangle the Makefile patch from grsec, to miss out the grsec
677     target. sorry about that. Fixes bug #93022
678 johnm 1.56
679     *hardened-sources-2.6.11-r12 (17 May 2005)
680    
681     17 May 2005; John Mylchreest <johnm@gentoo.org>
682     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
683     +hardened-sources-2.6.11-r12.ebuild:
684     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
685     merges in genpatches-base
686 johnm 1.55
687     *hardened-sources-2.6.11-r12 (17 May 2005)
688    
689     17 May 2005; John Mylchreest <johnm@gentoo.org>
690     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
691     +hardened-sources-2.6.11-r12.ebuild:
692     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
693     merges in genpatches-base
694 solar 1.54
695     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
696     -files/2.4.27-cmdline-race.patch,
697     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
698     -files/2.4.28-grsec-binfmt_a.out.patch,
699     -files/2.4.28-grsec-cmdline-race.patch,
700     -files/2.4.28-selinux-binfmt_a.out.patch,
701     -files/2.4.28-selinux-cmdline-race.patch,
702     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
703     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
704     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
705     cleanup..
706 solar 1.53
707     *hardened-sources-2.4.30-r1 (21 Apr 2005)
708    
709     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
710     - disable aout by default
711 solar 1.52
712     *hardened-sources-2.4.30 (18 Apr 2005)
713    
714     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
715     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
716     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
717     use
718 tocharian 1.50
719 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
720    
721     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
722     +hardened-sources-2.4.29.ebuild:
723     New hardened-patches-2.4-29.0 patchball.
724     Removed SELinux support, upgraded GRSecurity to 2.1.4.
725    
726     *hardened-sources-2.4.28-r5 (06 Mar 2005)
727    
728     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
729     +hardened-sources-2.4.28-r5.ebuild:
730     Added a fix for a PaX vulnerability.
731    
732     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
733 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
734     Stable on x86
735 solar 1.49
736     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
737     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
738     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
739     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
740     - fixed/added RDEPEND= in all kernel-2 ebuilds
741 tocharian 1.48
742     *hardened-sources-2.4.28-r4 (21 Jan 2005)
743    
744     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
745     +hardened-sources-2.4.28-r4.ebuild:
746     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
747     backport of neighbour hash updates.
748 tocharian 1.47
749     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
750     hardened-sources-2.4.28-r3.ebuild:
751     Stable on x86
752 tseng 1.46
753     *hardened-sources-2.6.10-r3 (20 Jan 2005)
754    
755     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
756     +hardened-sources-2.6.10-r3.ebuild:
757     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
758     in 2005.0
759 tocharian 1.45
760     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
761     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
762     hardened-sources-2.4.28-r2.ebuild:
763     Mark stable on x86
764 tocharian 1.44
765     *hardened-sources-2.4.28-r3 (17 Jan 2005)
766    
767     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
768     +hardened-sources-2.4.28-r3.ebuild:
769     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
770 tocharian 1.43
771     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772     hardened-sources-2.4.28.ebuild:
773     Mark stable on x86.
774 tocharian 1.42
775     *hardened-sources-2.4.28-r2 (13 Jan 2005)
776    
777     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
778     +hardened-sources-2.4.28-r2.ebuild:
779     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
780     Mazinger for grsecurity patches as well.
781 plasmaroo 1.41
782     *hardened-sources-2.4.28-r1 (23 Dec 2004)
783    
784     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
785     Security bump. Thank tocharian for rolling a new patchset...
786 solar 1.40
787     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
788     +files/2.4.28-grsec-cmdline-race.patch,
789     +files/2.4.28-selinux-binfmt_a.out.patch,
790     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
791     - Round up remaining security patches that appear to be missing in 2.4.28. -
792     PaX standalone updated to current. hgpv=28.1
793 solar 1.39
794     *hardened-sources-2.4.28 (28 Nov 2004)
795    
796     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
797     security bump. Thank tocharian for rolling a new patchset
798 scox 1.31
799 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
800    
801     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
802     +hardened-sources-2.4.27-r3.ebuild:
803     Applies the new 2.4-27.2 patchball which updates
804     GRSecurity to the 2.0.1 version.
805    
806 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
807    
808     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
809     +hardened-sources-2.4.27-r2.ebuild:
810     Version bump.
811     This version uses the new 2.4-27.1 patchball which updates
812     both the SELinux PaX hooks patch and the SELinux headers.
813    
814 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
815    
816     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
817     +hardened-sources-2.4.27-r1.ebuild,
818     -hardened-sources-2.4.27.ebuild,
819     +files/2.4.27-cmdline-race.patch:
820     Version bump, fix for cmdline race. See bug #59905.
821    
822     *hardened-sources-2.4.26-r6 (09 Aug 2004)
823    
824     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
825     +hardened-sources-2.4.26-r6.ebuild,
826     -hardened-sources-2.4.26-r5.ebuild,
827     -hardened-sources-2.4.26-r4.ebuild,
828     +files/2.4.26-cmdline-race.patch:
829     Version bump, fix for cmdline race. See bug #59905.
830    
831 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
832    
833     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
834     +hardened-sources-2.4.27.ebuild,
835     +files/2.4.27-CAN-2004-0394.patch:
836     Ported the patchball to the 2.4.27 kernel version.
837    
838 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
839    
840     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
841     +hardened-sources-2.4.26-r5.ebuild:
842 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
843 scox 1.34 It adds the following features:
844     - Squashfs
845     - Ebtables
846     - Netdev random (core+drivers)
847     - Watchdog Timer (WDT) fix.
848    
849 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
850    
851     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
852     +hardened-sources-2.4.26-r4.ebuild,
853     +files/2.4.26-CAN-2004-0415.patch,
854     -hardened-sources-2.4.26-3:
855     Version bump, fix for CAN 0415, see bug #59378.
856    
857 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
858    
859     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
860     +hardened-sources-2.4.26-r3.ebuild,
861     +files/2.4.26-CAN-2004-0497.patch,
862     -hardened-sources-2.4.26-r2.ebuild:
863     Version bump, fixed CAN 0497, see bug #56171.
864    
865 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
866    
867     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
868 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
869 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
870     +files/2.4.26-CAN-2004-0535.patch,
871     -hardened-sources-2.4.26-r1.ebuild:
872     Fixes for both CAN 0495 and 0535, see bug #54976
873 pvdabeel 1.27
874 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
875     hardened-sources-2.4.26-r1.ebuild:
876     QA - fix use invocation
877 scox 1.28
878     *hardened-sources-2.4.26-r1 (22 June 2004)
879    
880     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
881     +hardened-sources-2.4.26-r1.ebuild,
882     +files/2.4.26-CAN-2004-0394.patch,
883     +files/2.4.26-signal-race.patch,
884     -hardened-sources-2.4.26.ebuild,
885     -hardened-sources-2.4.24-r3.ebuild:
886     Version bump for the CAN-2004-0394 issue and bug #53804
887     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
888    
889    
890 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
891     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
892     Masked hardened-sources-2.4.26.ebuild broken for ppc
893    
894     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
895     hardened-sources-2.4.24-r3.ebuild:
896     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
897 plasmaroo 1.25
898 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
899    
900     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
901     +hardened-sources-2.4.26.ebuild:
902     Updated hardened-sources for the 2.4.26 kernel
903     Removed broken components, updated almost everything.
904    
905 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
906    
907     17 Apr 2004; <plasmaroo@gentoo.org>
908     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
909     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
910     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
911     +hardened-sources-2.4.24-r3.ebuild:
912     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
913     vulnerabilities. Old revisions removed.
914 plasmaroo 1.24
915     *hardened-sources-2.4.24-r2 (15 Apr 2004)
916    
917     15 Apr 2004; <plasmaroo@gentoo.org>
918     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
919     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
920     Version bump for the CAN-2004-0109 issue; bug #47881.
921 aliz 1.23
922     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
923     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
924     Add eutils to inherit.
925 plasmaroo 1.22
926     *hardened-sources-2.4.24-r1 (19 Feb 2004)
927    
928     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
929     files/hardened-sources-2.4.24.munmap.patch:
930     Added the patch for the mremap/munmap vulnerability. Bug #42024.
931 scox 1.19
932 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
933 scox 1.26
934 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
935     hardened-sources-2.4.24.ebuild:
936     Version bump, updated most of the components.
937     This release includes the following:
938    
939     - Hardened security
940     - Netfilter patch-o-matic 20031219
941     - FreeSWAN 2.04 & x509 1.4.8
942     - EVMS 2.2.2
943     - XFS 1.3.1
944     - cryptoloop jari
945     - grsecurity 2.0-rc4
946     - SELinux
947     - PaX 200402060000
948     - PaX Obscurity 200308302223
949     - Others...
950    
951     Neither -ck nor systrace are included anymore.
952    
953 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
954    
955     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
956     hardened-sources-2.4.22-r2.ebuild:
957 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
958 scox 1.19
959     *hardened-sources-2.4.22-r1 (02 Dec 2003)
960 iggy 1.17
961     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
962 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
963 iggy 1.16
964     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
965 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
966     Version bump for the 'do_brk' vulnerability.
967 iggy 1.15
968     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
969     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
970     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
971     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
972 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
973 frogger 1.14
974     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
975     hardened-sources-2.4.22.ebuild:
976 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
977     components. These are no longer handled in the kernel
978     so this code was not necessary.
979 frogger 1.13
980     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
981     New 2.4.22 based hardened-sources thanks to
982     Phil West <p.west@computer.org>.
983    
984     These sources include:
985 plasmaroo 1.18 - New SELinux API
986     - Updated CK-base
987     - Updated GRSec
988     - Systrace
989     - SuperFreeS/WAN 1.99.8
990     - Propolice kernel build support
991     - EVMS
992     - Other various security related patches
993 frogger 1.11
994 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
995    
996     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
997     Updated hardened-sources based on the 2.4.21 Linux kernel.
998     This includes updates to most major components such as:
999 plasmaroo 1.18 - ck-base-0306300059
1000     - selinux-2.4-2003071106
1001     - grsecurity-2.0-rc1
1002     - Updated IPTables patch-o-matic
1003     - Updated SuperFreeS/WAN
1004    
1005 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1006     updated patch set ready for the 2.4.21 based kernel.
1007    
1008 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1009     Initial import of hardened-sources-2.4.20-r4. This revision
1010     includes only a few changes, but one of these is an important
1011     security fix. It is recommended all users of hardened-sources
1012     upgrade to this release.
1013 plasmaroo 1.18
1014 frogger 1.11 - ioperm bug fix
1015     - fixed compilation failure when building without GRSec
1016 plasmaroo 1.18
1017 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1018     due to time constraints, but is planned for inclusion in the near
1019     future.
1020 msterret 1.10
1021     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1022    
1023     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1024     hardened-sources-2.4.20-r3.ebuild:
1025 plasmaroo 1.18 Add Header...
1026 frogger 1.9
1027     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1028     hardened-sources-2.4.20-r3.ebuild:
1029     Removed warnings from ebuild. This kernel should be safe to
1030     use at this point.
1031 frogger 1.8
1032     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1033    
1034     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1035     hardened-sources-2.4.20-r3.ebuild:
1036     New revision. Includes the following changes over -r2:
1037 plasmaroo 1.18
1038 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1039     - Super FreeS/WAN 1.99.7rc2
1040     - PaX for the LSM/SELinux branch
1041     - GRSecurity 2.0-pre4 (role based access control)
1042     - Systrace 1.3
1043     - EXT3 fixes
1044     - EVMS 2.0.1
1045     - GCC 3.1+ compile optimizations
1046     - ProPolice kernel build support
1047     - Hashing table security fixes
1048 frogger 1.3
1049     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1050 frogger 1.7
1051     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1052     Initial import of hardened-sources-r2. This new
1053     ebuild includes many new performance and security
1054     related patches. As in -r1, it will patch in
1055     LSM/SELinux if "selinux" is in USE, otherwise it
1056     will patch in GRSecurity. The following patches
1057     are included in this revision:
1058 plasmaroo 1.18
1059 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1060     (pulled from the base CK patch)
1061     - ptrace exploit patch for the LSM kernel
1062     (the GRSec patch already fixes this)
1063     - LSM 2.4-2003040709
1064     - SELinux 2.4-2003040709
1065     - Systrace v1.2
1066     - IPTables patch-o-matic base patches - 20030107
1067     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1068     - Super FreeS/WAN 1.99.6.1
1069     - GRSecurity 1.9.9g
1070     - MPPE
1071     - EXT3 data journal fix
1072     - CIPE 1.5.4
1073 frogger 1.6
1074     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1075     hardened-sources-2.4.20-r1.ebuild, manifest:
1076 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1077 frogger 1.5
1078     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079     hardened-sources-2.4.20-r1.ebuild:
1080     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1081     is patched in instead. Ptrace patches for selinux have also been added. In
1082     either case, systrace support will be patched in as well.
1083 frogger 1.3
1084     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1085     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1086 plasmaroo 1.18 Revision bump for new sources.
1087 frogger 1.4
1088 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1089 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1090 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1091 method 1.1
1092 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1093    
1094 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1095     hardened-sources-2.4.20.ebuild:
1096 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20