/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.173 - (hide annotations) (download)
Thu Aug 16 23:05:15 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.172: +5 -1 lines
Updated patchset, to fix the alignment against 2.6.22.3.
(Portage version: 2.1.3.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.173 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.172 2007/08/16 20:06:45 phreak Exp $
4    
5     16 Aug 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.22-r2.ebuild:
7     Updated patchset, to fix the alignment against 2.6.22.3.
8 phreak 1.172
9     *hardened-sources-2.6.22-r2 (16 Aug 2007)
10    
11     16 Aug 2007; Christian Heim <phreak@gentoo.org>
12     +hardened-sources-2.6.22-r2.ebuild:
13     Revision bump for Linux 2.6.22.3.
14 phreak 1.171
15     *hardened-sources-2.4.35 (16 Aug 2007)
16    
17     16 Aug 2007; Christian Heim <phreak@gentoo.org>
18     +hardened-sources-2.4.35.ebuild:
19     Version bump, initial version for Linux 2.4.35.
20 phreak 1.170
21     *hardened-sources-2.6.21-r4 (16 Aug 2007)
22    
23     16 Aug 2007; Christian Heim <phreak@gentoo.org>
24     +hardened-sources-2.6.21-r4.ebuild:
25     Revision bump for Linux 2.6.21.6.
26 phreak 1.169
27     *hardened-sources-2.6.20-r7 (16 Aug 2007)
28    
29     16 Aug 2007; Christian Heim <phreak@gentoo.org>
30     +hardened-sources-2.6.20-r7.ebuild:
31     Revision bump for Linux 2.6.20.16.
32 phreak 1.168
33     *hardened-sources-2.6.22-r1 (13 Aug 2007)
34    
35     13 Aug 2007; Christian Heim <phreak@gentoo.org>
36     +hardened-sources-2.6.22-r1.ebuild:
37     Yet another revision bump.
38 phreak 1.167
39     *hardened-sources-2.6.22 (10 Aug 2007)
40    
41     10 Aug 2007; Christian Heim <phreak@gentoo.org>
42     +hardened-sources-2.6.22.ebuild:
43     Initial release for 2.6.22. If you are using hardened-sources on a desktop
44     machine (P4 or newer), be aware you might need to disable
45     CONFIG_PAX_PAGEEXEC.
46 phreak 1.166
47     04 Aug 2007; Christian Heim <phreak@gentoo.org>
48     hardened-sources-2.6.20-r6.ebuild:
49     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
50     2.6.20.15.
51 phreak 1.165
52     10 Jul 2007; Christian Heim <phreak@gentoo.org>
53     hardened-sources-2.6.20-r5.ebuild:
54     Marking hardened-sources-2.6.20-r5 stable on ppc.
55 phreak 1.164
56     10 Jul 2007; Christian Heim <phreak@gentoo.org>
57     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
58     Cleanup.
59 phreak 1.163
60     *hardened-sources-2.6.20-r6 (08 Jul 2007)
61    
62     08 Jul 2007; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.6.20-r6.ebuild:
64     Revision bump, grabbing yet another stable release.
65 phreak 1.162
66     17 Jun 2007; Christian Heim <phreak@gentoo.org>
67     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
68     -hardened-sources-2.6.21-r2.ebuild:
69     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
70     alpha stable KEYWORD by mistake.
71 phreak 1.161
72     17 Jun 2007; Christian Heim <phreak@gentoo.org>
73     hardened-sources-2.6.20-r5.ebuild:
74     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
75     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
76 phreak 1.160
77     *hardened-sources-2.6.21-r3 (12 Jun 2007)
78    
79     12 Jun 2007; Christian Heim <phreak@gentoo.org>
80     +hardened-sources-2.6.21-r3.ebuild:
81     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
82     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
83     love.
84 phreak 1.159
85     *hardened-sources-2.6.20-r5 (11 Jun 2007)
86    
87     11 Jun 2007; Christian Heim <phreak@gentoo.org>
88     +hardened-sources-2.6.20-r5.ebuild:
89     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
90     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
91     love.
92 pappy 1.158
93     *hardened-sources-2.4.34.5 (11 Jun 2007)
94    
95     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
96     +hardened-sources-2.4.34.5.ebuild:
97     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
98 phreak 1.157
99     30 May 2007; Christian Heim <phreak@gentoo.org>
100     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
101     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
102     stale ebuild(s).
103 phreak 1.156
104     30 May 2007; Christian Heim <phreak@gentoo.org>
105     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
106     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
107     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
108     Doing some cleanups, remove stale ebuilds.
109 phreak 1.155
110     26 May 2007; Christian Heim <phreak@gentoo.org>
111     hardened-sources-2.6.21-r2.ebuild:
112     Fixing the grsecurity patch, had one '};' too much.
113 phreak 1.154
114     *hardened-sources-2.6.21-r2 (26 May 2007)
115    
116     26 May 2007; Christian Heim <phreak@gentoo.org>
117     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
118     +hardened-sources-2.6.21-r2.ebuild:
119     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
120     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
121 phreak 1.153
122     *hardened-sources-2.6.20-r4 (26 May 2007)
123    
124     26 May 2007; Christian Heim <phreak@gentoo.org>
125     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
126     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
127 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
128 phreak 1.152
129     15 May 2007; Christian Heim <phreak@gentoo.org>
130     hardened-sources-2.6.20-r3.ebuild:
131     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
132     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
133     grsecurity patch fail in that exact same hunk.
134 phreak 1.151
135     *hardened-sources-2.6.20-r3 (15 May 2007)
136    
137     15 May 2007; Christian Heim <phreak@gentoo.org>
138     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
139     Revision bump, incorporating Linux 2.6.20.11.
140    
141     *hardened-sources-2.6.21-r1 (11 May 2007)
142    
143     11 May 2007; Christian Heim <phreak@gentoo.org>
144     +hardened-sources-2.6.21-r1.ebuild:
145     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
146     mentioned in #177234.
147 kevquinn 1.150
148     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
149     files/digest-hardened-sources-2.6.21, Manifest:
150     Fix Manifest/digest for linux-2.6.21.tar.bz2
151 phreak 1.149
152     06 May 2007; Christian Heim <phreak@gentoo.org>
153     hardened-sources-2.6.21.ebuild:
154     Bumping the hardened-patches version, needed for the fix for #177234.
155 phreak 1.148
156     *hardened-sources-2.6.21 (02 May 2007)
157    
158     02 May 2007; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.21.ebuild:
160     Version bump, Linux 2.6.21-hardened.
161 phreak 1.147
162     29 Apr 2007; Christian Heim <phreak@gentoo.org>
163     hardened-sources-2.6.20-r2.ebuild:
164     Adding ~ia64 on Ned's request.
165 phreak 1.146
166     29 Apr 2007; Christian Heim <phreak@gentoo.org>
167     hardened-sources-2.6.20-r2.ebuild:
168     Fixing the included grsecurity patch, wasn't alligning due to the Index:
169     header line(s).
170 phreak 1.145
171     29 Apr 2007; Christian Heim <phreak@gentoo.org>
172     hardened-sources-2.6.20-r2.ebuild:
173     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
174 armin76 1.144
175     *hardened-sources-2.6.20-r2 (10 Apr 2007)
176    
177     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
178     +hardened-sources-2.6.20-r2.ebuild:
179     Version bump, on behalf of phreak
180 phreak 1.143
181     *hardened-sources-2.6.20-r1 (04 Apr 2007)
182    
183     04 Apr 2007; Christian Heim <phreak@gentoo.org>
184     +hardened-sources-2.6.20-r1.ebuild:
185     Revision bump, grabbing a newer grsecurity snapshot.
186 phreak 1.142
187     *hardened-sources-2.6.20 (25 Mar 2007)
188    
189     25 Mar 2007; Christian Heim <phreak@gentoo.org>
190     +hardened-sources-2.6.20.ebuild:
191     Finally a hardened-sources version for 2.6.20; many people have been waiting
192     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
193     testbox.
194 chainsaw 1.141
195     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
196     hardened-sources-2.6.18-r6.ebuild:
197     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
198 phreak 1.140
199     *hardened-sources-2.6.18-r6 (16 Mar 2007)
200    
201     16 Mar 2007; Christian Heim <phreak@gentoo.org>
202     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
203     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
204     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
205     supposed to be.
206 phreak 1.139
207     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
208     Fixing the Manifest, the previous one was broken (as in still had the
209     deleted ebuild in it).
210 phreak 1.138
211     06 Mar 2007; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
213     +hardened-sources-2.6.18-r5.ebuild:
214     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
215     Linux 2.6.18.8. Also cleaning up the older version.
216    
217     *hardened-sources-2.6.18-r5 (06 Mar 2007)
218    
219     06 Mar 2007; Christian Heim <phreak@gentoo.org>
220     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
221     +hardened-sources-2.6.18-r5.ebuild:
222     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
223     Linux 2.6.18.8. Also cleaning up the older version.
224 phreak 1.137
225     24 Feb 2007; Christian Heim <phreak@gentoo.org>
226     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
227     -hardened-sources-2.6.19-r5.ebuild:
228     Removing some of the old version, that didn't work.
229 phreak 1.136
230     *hardened-sources-2.6.19-r6 (12 Feb 2007)
231    
232     12 Feb 2007; Christian Heim <phreak@gentoo.org>
233     +hardened-sources-2.6.19-r6.ebuild:
234     Revision bump, including a new grsec version fixing #166235.
235 pappy 1.134
236     *hardened-sources-2.4.34 (24 Jan 2007)
237    
238     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
239 pappy 1.135 Manifest:
240     updating Manifest with checksums of new tarball and ebuild
241    
242     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
243 pappy 1.134 +hardened-sources-2.4.34.ebuild:
244     I added new hardened sources 2.4 update, this is a critical path
245     security bugfix - all users of h-s are strongly advised
246     to update their existing hardened sources to this version.
247     It contains a fix for a kernel vulnerability that is pertaining
248     to the PaX changes to virtual memory management, possibly leading
249     to a local kernel exploit ... see grsecurity.net forums and homepage
250 phreak 1.133
251     23 Jan 2007; Christian Heim <phreak@gentoo.org>
252     files/digest-hardened-sources-2.6.19-r5, Manifest:
253     Fixing the patch-tarball digest.
254 phreak 1.132
255     *hardened-sources-2.6.19-r5 (23 Jan 2007)
256    
257     23 Jan 2007; Christian Heim <phreak@gentoo.org>
258     +hardened-sources-2.6.19-r5.ebuild:
259     Revision bump, closing the recently discovered PaX expand_stack()
260     vulnerability.
261 phreak 1.131
262     *hardened-sources-2.6.19-r4 (14 Jan 2007)
263    
264     14 Jan 2007; Christian Heim <phreak@gentoo.org>
265     +hardened-sources-2.6.19-r4.ebuild:
266     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
267     dropping the randomized PID feature.
268 opfer 1.130
269     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
270     hardened-sources-2.4.33.4.ebuild:
271     stable x86, bug #161171
272 phreak 1.129
273     *hardened-sources-2.6.19-r3 (27 Dec 2006)
274    
275     27 Dec 2006; Christian Heim <phreak@gentoo.org>
276     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
277     Revision bump for bug #157186 and #158786.
278 phreak 1.128
279     *hardened-sources-2.6.18-r4 (27 Dec 2006)
280    
281     27 Dec 2006; Christian Heim <phreak@gentoo.org>
282     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
283     Revision bump for bug #157186.
284 phreak 1.127
285     *hardened-sources-2.6.19-r2 (23 Dec 2006)
286    
287     23 Dec 2006; Christian Heim <phreak@gentoo.org>
288     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
289     Revision bump to pull in genpatches-2.6.19-3 for #157186.
290 phreak 1.126
291     17 Dec 2006; Christian Heim <phreak@gentoo.org>
292     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
293     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
294     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
295     hardened-sources-2.6.19-r1.ebuild:
296     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
297     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
298 pappy 1.125
299     *hardened-sources-2.4.33.4 (17 Dec 2006)
300    
301     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
302     +hardened-sources-2.4.33.4.ebuild:
303     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
304     and quilting
305 phreak 1.124
306     *hardened-sources-2.6.19-r1 (14 Dec 2006)
307    
308     14 Dec 2006; Christian Heim <phreak@gentoo.org>
309     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
310     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
311     for reporting).
312 phreak 1.123
313     *hardened-sources-2.6.19 (13 Dec 2006)
314    
315     13 Dec 2006; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.6.19.ebuild:
317     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
318     Brad for providing that prompt update.
319 phreak 1.122
320     *hardened-sources-2.6.18-r3 (13 Dec 2006)
321    
322     13 Dec 2006; Christian Heim <phreak@gentoo.org>
323     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
324     +hardened-sources-2.6.18-r3.ebuild:
325     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
326     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
327 phreak 1.121
328     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
329     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
330 nixnut 1.120
331     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
332     Stable on ppc wrt bug 157356
333 opfer 1.119
334     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
335     hardened-sources-2.6.18.ebuild:
336     stable x86, bug #157356
337 phreak 1.118
338     *hardened-sources-2.6.18-r2 (06 Dec 2006)
339    
340     06 Dec 2006; Christian Heim <phreak@gentoo.org>
341     +hardened-sources-2.6.18-r2.ebuild:
342     Revision bump, including 2.6.18.5 (via genpatches) and
343     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
344     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
345     redesign.
346 phreak 1.117
347     06 Dec 2006; Christian Heim <phreak@gentoo.org>
348     hardened-sources-2.6.18.ebuild:
349     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
350     of Mike Doty).
351 phreak 1.116
352     *hardened-sources-2.6.18-r1 (23 Nov 2006)
353    
354     23 Nov 2006; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.18-r1.ebuild:
356     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
357 phreak 1.115
358     *hardened-sources-2.6.18 (11 Nov 2006)
359    
360     11 Nov 2006; Christian Heim <phreak@gentoo.org>
361     +hardened-sources-2.6.18.ebuild:
362     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
363 solar 1.114
364     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
365     - mark amd64 stable also. bug #151877
366 solar 1.113
367     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
368     - mark 2.6.17-r1 stable
369 phreak 1.112
370     27 Aug 2006; Christian Heim <phreak@gentoo.org>
371     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
372     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
373 phreak 1.111
374     *hardened-sources-2.6.17-r1 (26 Aug 2006)
375    
376     26 Aug 2006; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.17-r1.ebuild:
378     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
379     grsecurity patch.
380 phreak 1.110
381     *hardened-sources-2.6.17 (17 Aug 2006)
382    
383     17 Aug 2006; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.17.ebuild:
385     Bumping the hardened-sources-2.6 series to 2.6.17, using
386     genpatches-2.6.17-6.base.
387 solar 1.109
388     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
389     - stable on x86 and amd64
390 solar 1.108
391     *hardened-sources-2.6.16-r11 (15 Jul 2006)
392    
393     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
394     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
395     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
396     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
397     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
398     crusty ebuilds
399 johnm 1.107
400     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
401     hardened-sources-2.6.16-r10.ebuild:
402     marking stable on x86 and amd64
403 solar 1.106
404     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
405     - 2.4.32-r6 stable on x86. RSBAC state unknown
406 kang 1.105
407     *hardened-sources-2.4.32-r7 (10 Jul 2006)
408    
409     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
410     +hardened-sources-2.4.32-r7.ebuild:
411     Bump PaX for RSBAC to test-17
412 johnm 1.104
413     *hardened-sources-2.6.16-r9 (03 Jul 2006)
414    
415     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
416     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
417     hardened-sources-2.6.16 bump to latest -base.
418 solar 1.103
419     *hardened-sources-2.4.32-r6 (30 Jun 2006)
420    
421     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
422     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
423     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
424     sysctl controlable resource logging
425 johnm 1.102
426     *hardened-sources-2.6.16-r7 (05 Jun 2006)
427    
428     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
429     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
430     push new 2.6.16 release in preparation for stable
431 solar 1.101
432     22 May 2006; <solar@gentoo.org> :
433     - redigest bug 134002
434 kang 1.100
435     *hardened-sources-2.4.32-r5 (16 May 2006)
436    
437     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
438     +hardened-sources-2.4.32-r5.ebuild:
439     Fixes rsbac common patching (new patch in new -r5 patchset)
440 solar 1.99
441     *hardened-sources-2.4.32-r4 (13 May 2006)
442    
443     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
444     +hardened-sources-2.4.32-r4.ebuild:
445     - security bumps
446 johnm 1.98
447     *hardened-sources-2.6.16-r6 (03 May 2006)
448    
449     03 May 2006; John Mylchreest <johnm@gentoo.org>
450     +hardened-sources-2.6.16-r6.ebuild:
451     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
452 johnm 1.97
453     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
454     hardened-sources-2.6.14-r8.ebuild:
455     fix x86_64 build problem, this will delay the digest issue again for a short
456     while but it will sort itself out
457 johnm 1.96
458     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
459     hardened-sources-2.6.14-r8.ebuild:
460     bump hardened patchset
461 antarus 1.94
462     27 Apr 2006; Alec Warner <antarus@gentoo.org>
463     files/digest-hardened-sources-2.4.32-r2,
464     files/digest-hardened-sources-2.4.32-r3,
465     files/digest-hardened-sources-2.6.14-r8, Manifest:
466     Fixing duff SHA256 digests: Bug # 131293
467 johnm 1.93
468 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
469    
470     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
471     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
472     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
473     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
474     cleanup of old uneccessary sources
475    
476 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
477     fix digest
478 johnm 1.92
479     *hardened-sources-2.6.14-r8 (20 Apr 2006)
480    
481     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
482     +hardened-sources-2.6.14-r8.ebuild:
483     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
484 johnm 1.91
485     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
486     Turning on gpg-signing again, and recomitting
487 johnm 1.90
488     *hardened-sources-2.6.16-r4 (20 Apr 2006)
489    
490     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
491     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
492     +hardened-sources-2.6.16-r4.ebuild:
493     Fix numerous security vulns
494 solar 1.89
495     *hardened-sources-2.4.32-r3 (16 Apr 2006)
496    
497     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
498     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
499     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
500     - security bump for bug #112791. Removed old ebuilds
501 johnm 1.88
502     *hardened-sources-2.6.16-r3 (15 Apr 2006)
503    
504     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
505     +hardened-sources-2.6.16-r3.ebuild:
506     Removing silly localversion which I missed
507 johnm 1.87
508     *hardened-sources-2.6.14-r7 (14 Apr 2006)
509    
510     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
511     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
512     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
513 johnm 1.86
514     *hardened-sources-2.6.16-r2 (13 Apr 2006)
515    
516     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
517     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
518     +hardened-sources-2.6.16-r2.ebuild:
519     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
520     labels, dropping USERGROUP define fixes, since these were merged mainstream.
521 johnm 1.85
522     *hardened-sources-2.6.16-r1 (11 Apr 2006)
523    
524     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
525     +hardened-sources-2.6.16-r1.ebuild:
526     Bumping to include ppc build fix and 2.6.16.3
527 tsunam 1.84
528     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
529     hardened-sources-2.6.14-r6.ebuild:
530     Stable on x86; bug #127718
531 johnm 1.83
532     *hardened-sources-2.6.16 (31 Mar 2006)
533    
534     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
535     +hardened-sources-2.6.16.ebuild:
536     Bumping to new version of grsec, and kernel base. New squashfs. Based on
537     2.6.16.1
538 cryos 1.82
539     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
540     hardened-sources-2.6.14-r6.ebuild:
541     Stable on amd64, bug 127718.
542 nixnut 1.81
543     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
544     Stable on ppc. Bug #127718
545 johnm 1.80
546     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
547     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
548     -hardened-sources-2.6.14-r4.ebuild:
549     Cleanup.
550 johnm 1.79
551     *hardened-sources-2.6.14-r6 (15 Mar 2006)
552    
553     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
554     +hardened-sources-2.6.14-r6.ebuild:
555     Fixes grsec policy recreation bug and adds a
556     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
557 solar 1.78
558     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
559     - stable on x86
560 hansmi 1.77
561     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
562     hardened-sources-2.6.14-r5.ebuild:
563     Stable on ppc.
564 johnm 1.76
565     *hardened-sources-2.6.14-r5 (01 Feb 2006)
566    
567     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
568     +hardened-sources-2.6.14-r5.ebuild:
569     fixing every known exploit
570 solar 1.75
571     *hardened-sources-2.4.32-r2 (26 Jan 2006)
572    
573     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
574     +hardened-sources-2.4.32-r2.ebuild:
575     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
576 solar 1.74
577     *hardened-sources-2.6.14-r4 (12 Jan 2006)
578    
579     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
580     - version bump for new genpatches which fix up a few sec holes
581 solar 1.73
582     *hardened-sources-2.4.32-r1 (05 Jan 2006)
583    
584     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
585     - revision bump to add misc vital linux kernel security patches.
586 johnm 1.72
587     *hardened-sources-2.6.14-r3 (30 Dec 2005)
588    
589     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
590     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
591     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
592 johnm 1.71
593     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
594     hardened-sources-2.6.14-r2.ebuild:
595     making x86 & amd64 stable following testing.
596 johnm 1.70
597     *hardened-sources-2.6.14-r2 (27 Dec 2005)
598    
599     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
600     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
601     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
602     network hooks.
603 johnm 1.69
604     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
605     hardened-sources-2.6.14-r1.ebuild:
606     bumping to stable early for sec fix on x86 & amd64
607 johnm 1.68
608     *hardened-sources-2.6.14-r1 (05 Dec 2005)
609    
610     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
611     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
612     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
613 solar 1.67
614     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
615     - stable on x86 security bug #114227 CAN-2005-3257
616 kang 1.66
617     *hardened-sources-2.4.32 (19 Nov 2005)
618    
619     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
620     +hardened-sources-2.4.32.ebuild:
621     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
622     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
623     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
624     rsbac >> /etc/portage/package.use)
625 johnm 1.65
626     *hardened-sources-2.6.14 (14 Nov 2005)
627    
628     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
629     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
630     Bumping 2.6 series to 2.6.14.2
631 johnm 1.64
632     *hardened-sources-2.6.13-r2 (20 Oct 2005)
633    
634     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
635     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
636     +hardened-sources-2.6.13-r2.ebuild:
637     Fixes minor build error in ppc.
638 johnm 1.63
639     *hardened-sources-2.6.13-r1 (17 Oct 2005)
640    
641     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
642     +hardened-sources-2.6.13-r1.ebuild:
643     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
644     2.6.13.4, fixes some major amd64 stability problems.
645 johnm 1.62
646     *hardened-sources-2.6.13 (16 Sep 2005)
647    
648     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
649     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
650     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
651     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
652     users should test this thoroughly.
653 solar 1.61
654     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
655     - stable on x86
656 johnm 1.60
657     *hardened-sources-2.6.11-r15 (27 Jun 2005)
658    
659     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
660     +hardened-sources-2.6.11-r15.ebuild:
661     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
662     grsec redefining curr_ip struct.
663 solar 1.59
664     *hardened-sources-2.4.31 (20 Jun 2005)
665    
666     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
667     initial import of 2.4.31 tree
668 johnm 1.58
669     *hardened-sources-2.6.11-r14 (14 Jun 2005)
670    
671     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
672     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
673     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
674     naming scheme to abide by genpatches
675 johnm 1.57
676     *hardened-sources-2.6.11-r13 (18 May 2005)
677    
678     18 May 2005; John Mylchreest <johnm@gentoo.org>
679     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
680     Managed to mangle the Makefile patch from grsec, to miss out the grsec
681     target. sorry about that. Fixes bug #93022
682 johnm 1.56
683     *hardened-sources-2.6.11-r12 (17 May 2005)
684    
685     17 May 2005; John Mylchreest <johnm@gentoo.org>
686     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
687     +hardened-sources-2.6.11-r12.ebuild:
688     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
689     merges in genpatches-base
690 johnm 1.55
691     *hardened-sources-2.6.11-r12 (17 May 2005)
692    
693     17 May 2005; John Mylchreest <johnm@gentoo.org>
694     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
695     +hardened-sources-2.6.11-r12.ebuild:
696     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
697     merges in genpatches-base
698 solar 1.54
699     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
700     -files/2.4.27-cmdline-race.patch,
701     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
702     -files/2.4.28-grsec-binfmt_a.out.patch,
703     -files/2.4.28-grsec-cmdline-race.patch,
704     -files/2.4.28-selinux-binfmt_a.out.patch,
705     -files/2.4.28-selinux-cmdline-race.patch,
706     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
707     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
708     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
709     cleanup..
710 solar 1.53
711     *hardened-sources-2.4.30-r1 (21 Apr 2005)
712    
713     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
714     - disable aout by default
715 solar 1.52
716     *hardened-sources-2.4.30 (18 Apr 2005)
717    
718     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
719     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
720     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
721     use
722 tocharian 1.50
723 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
724    
725     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
726     +hardened-sources-2.4.29.ebuild:
727     New hardened-patches-2.4-29.0 patchball.
728     Removed SELinux support, upgraded GRSecurity to 2.1.4.
729    
730     *hardened-sources-2.4.28-r5 (06 Mar 2005)
731    
732     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
733     +hardened-sources-2.4.28-r5.ebuild:
734     Added a fix for a PaX vulnerability.
735    
736     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
737 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
738     Stable on x86
739 solar 1.49
740     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
741     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
742     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
743     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
744     - fixed/added RDEPEND= in all kernel-2 ebuilds
745 tocharian 1.48
746     *hardened-sources-2.4.28-r4 (21 Jan 2005)
747    
748     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
749     +hardened-sources-2.4.28-r4.ebuild:
750     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
751     backport of neighbour hash updates.
752 tocharian 1.47
753     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754     hardened-sources-2.4.28-r3.ebuild:
755     Stable on x86
756 tseng 1.46
757     *hardened-sources-2.6.10-r3 (20 Jan 2005)
758    
759     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
760     +hardened-sources-2.6.10-r3.ebuild:
761     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
762     in 2005.0
763 tocharian 1.45
764     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
765     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
766     hardened-sources-2.4.28-r2.ebuild:
767     Mark stable on x86
768 tocharian 1.44
769     *hardened-sources-2.4.28-r3 (17 Jan 2005)
770    
771     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772     +hardened-sources-2.4.28-r3.ebuild:
773     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
774 tocharian 1.43
775     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
776     hardened-sources-2.4.28.ebuild:
777     Mark stable on x86.
778 tocharian 1.42
779     *hardened-sources-2.4.28-r2 (13 Jan 2005)
780    
781     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
782     +hardened-sources-2.4.28-r2.ebuild:
783     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
784     Mazinger for grsecurity patches as well.
785 plasmaroo 1.41
786     *hardened-sources-2.4.28-r1 (23 Dec 2004)
787    
788     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
789     Security bump. Thank tocharian for rolling a new patchset...
790 solar 1.40
791     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
792     +files/2.4.28-grsec-cmdline-race.patch,
793     +files/2.4.28-selinux-binfmt_a.out.patch,
794     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
795     - Round up remaining security patches that appear to be missing in 2.4.28. -
796     PaX standalone updated to current. hgpv=28.1
797 solar 1.39
798     *hardened-sources-2.4.28 (28 Nov 2004)
799    
800     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
801     security bump. Thank tocharian for rolling a new patchset
802 scox 1.31
803 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
804    
805     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
806     +hardened-sources-2.4.27-r3.ebuild:
807     Applies the new 2.4-27.2 patchball which updates
808     GRSecurity to the 2.0.1 version.
809    
810 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
811    
812     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
813     +hardened-sources-2.4.27-r2.ebuild:
814     Version bump.
815     This version uses the new 2.4-27.1 patchball which updates
816     both the SELinux PaX hooks patch and the SELinux headers.
817    
818 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
819    
820     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
821     +hardened-sources-2.4.27-r1.ebuild,
822     -hardened-sources-2.4.27.ebuild,
823     +files/2.4.27-cmdline-race.patch:
824     Version bump, fix for cmdline race. See bug #59905.
825    
826     *hardened-sources-2.4.26-r6 (09 Aug 2004)
827    
828     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
829     +hardened-sources-2.4.26-r6.ebuild,
830     -hardened-sources-2.4.26-r5.ebuild,
831     -hardened-sources-2.4.26-r4.ebuild,
832     +files/2.4.26-cmdline-race.patch:
833     Version bump, fix for cmdline race. See bug #59905.
834    
835 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
836    
837     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
838     +hardened-sources-2.4.27.ebuild,
839     +files/2.4.27-CAN-2004-0394.patch:
840     Ported the patchball to the 2.4.27 kernel version.
841    
842 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
843    
844     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
845     +hardened-sources-2.4.26-r5.ebuild:
846 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
847 scox 1.34 It adds the following features:
848     - Squashfs
849     - Ebtables
850     - Netdev random (core+drivers)
851     - Watchdog Timer (WDT) fix.
852    
853 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
854    
855     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
856     +hardened-sources-2.4.26-r4.ebuild,
857     +files/2.4.26-CAN-2004-0415.patch,
858     -hardened-sources-2.4.26-3:
859     Version bump, fix for CAN 0415, see bug #59378.
860    
861 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
862    
863     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
864     +hardened-sources-2.4.26-r3.ebuild,
865     +files/2.4.26-CAN-2004-0497.patch,
866     -hardened-sources-2.4.26-r2.ebuild:
867     Version bump, fixed CAN 0497, see bug #56171.
868    
869 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
870    
871     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
872 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
873 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
874     +files/2.4.26-CAN-2004-0535.patch,
875     -hardened-sources-2.4.26-r1.ebuild:
876     Fixes for both CAN 0495 and 0535, see bug #54976
877 pvdabeel 1.27
878 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
879     hardened-sources-2.4.26-r1.ebuild:
880     QA - fix use invocation
881 scox 1.28
882     *hardened-sources-2.4.26-r1 (22 June 2004)
883    
884     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
885     +hardened-sources-2.4.26-r1.ebuild,
886     +files/2.4.26-CAN-2004-0394.patch,
887     +files/2.4.26-signal-race.patch,
888     -hardened-sources-2.4.26.ebuild,
889     -hardened-sources-2.4.24-r3.ebuild:
890     Version bump for the CAN-2004-0394 issue and bug #53804
891     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
892    
893    
894 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
895     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
896     Masked hardened-sources-2.4.26.ebuild broken for ppc
897    
898     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
899     hardened-sources-2.4.24-r3.ebuild:
900     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
901 plasmaroo 1.25
902 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
903    
904     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
905     +hardened-sources-2.4.26.ebuild:
906     Updated hardened-sources for the 2.4.26 kernel
907     Removed broken components, updated almost everything.
908    
909 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
910    
911     17 Apr 2004; <plasmaroo@gentoo.org>
912     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
913     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
914     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
915     +hardened-sources-2.4.24-r3.ebuild:
916     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
917     vulnerabilities. Old revisions removed.
918 plasmaroo 1.24
919     *hardened-sources-2.4.24-r2 (15 Apr 2004)
920    
921     15 Apr 2004; <plasmaroo@gentoo.org>
922     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
923     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
924     Version bump for the CAN-2004-0109 issue; bug #47881.
925 aliz 1.23
926     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
927     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
928     Add eutils to inherit.
929 plasmaroo 1.22
930     *hardened-sources-2.4.24-r1 (19 Feb 2004)
931    
932     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
933     files/hardened-sources-2.4.24.munmap.patch:
934     Added the patch for the mremap/munmap vulnerability. Bug #42024.
935 scox 1.19
936 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
937 scox 1.26
938 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
939     hardened-sources-2.4.24.ebuild:
940     Version bump, updated most of the components.
941     This release includes the following:
942    
943     - Hardened security
944     - Netfilter patch-o-matic 20031219
945     - FreeSWAN 2.04 & x509 1.4.8
946     - EVMS 2.2.2
947     - XFS 1.3.1
948     - cryptoloop jari
949     - grsecurity 2.0-rc4
950     - SELinux
951     - PaX 200402060000
952     - PaX Obscurity 200308302223
953     - Others...
954    
955     Neither -ck nor systrace are included anymore.
956    
957 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
958    
959     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
960     hardened-sources-2.4.22-r2.ebuild:
961 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
962 scox 1.19
963     *hardened-sources-2.4.22-r1 (02 Dec 2003)
964 iggy 1.17
965     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
966 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
967 iggy 1.16
968     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
969 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
970     Version bump for the 'do_brk' vulnerability.
971 iggy 1.15
972     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
973     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
974     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
975     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
976 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
977 frogger 1.14
978     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
979     hardened-sources-2.4.22.ebuild:
980 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
981     components. These are no longer handled in the kernel
982     so this code was not necessary.
983 frogger 1.13
984     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
985     New 2.4.22 based hardened-sources thanks to
986     Phil West <p.west@computer.org>.
987    
988     These sources include:
989 plasmaroo 1.18 - New SELinux API
990     - Updated CK-base
991     - Updated GRSec
992     - Systrace
993     - SuperFreeS/WAN 1.99.8
994     - Propolice kernel build support
995     - EVMS
996     - Other various security related patches
997 frogger 1.11
998 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
999    
1000     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1001     Updated hardened-sources based on the 2.4.21 Linux kernel.
1002     This includes updates to most major components such as:
1003 plasmaroo 1.18 - ck-base-0306300059
1004     - selinux-2.4-2003071106
1005     - grsecurity-2.0-rc1
1006     - Updated IPTables patch-o-matic
1007     - Updated SuperFreeS/WAN
1008    
1009 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1010     updated patch set ready for the 2.4.21 based kernel.
1011    
1012 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1013     Initial import of hardened-sources-2.4.20-r4. This revision
1014     includes only a few changes, but one of these is an important
1015     security fix. It is recommended all users of hardened-sources
1016     upgrade to this release.
1017 plasmaroo 1.18
1018 frogger 1.11 - ioperm bug fix
1019     - fixed compilation failure when building without GRSec
1020 plasmaroo 1.18
1021 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1022     due to time constraints, but is planned for inclusion in the near
1023     future.
1024 msterret 1.10
1025     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1026    
1027     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1028     hardened-sources-2.4.20-r3.ebuild:
1029 plasmaroo 1.18 Add Header...
1030 frogger 1.9
1031     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1032     hardened-sources-2.4.20-r3.ebuild:
1033     Removed warnings from ebuild. This kernel should be safe to
1034     use at this point.
1035 frogger 1.8
1036     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1037    
1038     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1039     hardened-sources-2.4.20-r3.ebuild:
1040     New revision. Includes the following changes over -r2:
1041 plasmaroo 1.18
1042 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1043     - Super FreeS/WAN 1.99.7rc2
1044     - PaX for the LSM/SELinux branch
1045     - GRSecurity 2.0-pre4 (role based access control)
1046     - Systrace 1.3
1047     - EXT3 fixes
1048     - EVMS 2.0.1
1049     - GCC 3.1+ compile optimizations
1050     - ProPolice kernel build support
1051     - Hashing table security fixes
1052 frogger 1.3
1053     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1054 frogger 1.7
1055     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1056     Initial import of hardened-sources-r2. This new
1057     ebuild includes many new performance and security
1058     related patches. As in -r1, it will patch in
1059     LSM/SELinux if "selinux" is in USE, otherwise it
1060     will patch in GRSecurity. The following patches
1061     are included in this revision:
1062 plasmaroo 1.18
1063 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1064     (pulled from the base CK patch)
1065     - ptrace exploit patch for the LSM kernel
1066     (the GRSec patch already fixes this)
1067     - LSM 2.4-2003040709
1068     - SELinux 2.4-2003040709
1069     - Systrace v1.2
1070     - IPTables patch-o-matic base patches - 20030107
1071     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1072     - Super FreeS/WAN 1.99.6.1
1073     - GRSecurity 1.9.9g
1074     - MPPE
1075     - EXT3 data journal fix
1076     - CIPE 1.5.4
1077 frogger 1.6
1078     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079     hardened-sources-2.4.20-r1.ebuild, manifest:
1080 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1081 frogger 1.5
1082     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1083     hardened-sources-2.4.20-r1.ebuild:
1084     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1085     is patched in instead. Ptrace patches for selinux have also been added. In
1086     either case, systrace support will be patched in as well.
1087 frogger 1.3
1088     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1089     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1090 plasmaroo 1.18 Revision bump for new sources.
1091 frogger 1.4
1092 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1093 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1094 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1095 method 1.1
1096 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1097    
1098 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1099     hardened-sources-2.4.20.ebuild:
1100 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20