/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.175 - (hide annotations) (download)
Sun Aug 26 16:22:23 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.174: +7 -1 lines
Revision bump for Linux 2.6.20.17.
(Portage version: 2.1.3.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.175 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.174 2007/08/22 20:48:18 phreak Exp $
4    
5     *hardened-sources-2.6.20-r8 (26 Aug 2007)
6    
7     26 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.20-r8.ebuild:
9     Revision bump for Linux 2.6.20.17.
10 phreak 1.174
11     *hardened-sources-2.6.22-r3 (22 Aug 2007)
12    
13     22 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.22-r3.ebuild:
15     Revision bump for Linux 2.6.22.4.
16 phreak 1.173
17     16 Aug 2007; Christian Heim <phreak@gentoo.org>
18     hardened-sources-2.6.22-r2.ebuild:
19     Updated patchset, to fix the alignment against 2.6.22.3.
20 phreak 1.172
21     *hardened-sources-2.6.22-r2 (16 Aug 2007)
22    
23     16 Aug 2007; Christian Heim <phreak@gentoo.org>
24     +hardened-sources-2.6.22-r2.ebuild:
25     Revision bump for Linux 2.6.22.3.
26 phreak 1.171
27     *hardened-sources-2.4.35 (16 Aug 2007)
28    
29     16 Aug 2007; Christian Heim <phreak@gentoo.org>
30     +hardened-sources-2.4.35.ebuild:
31     Version bump, initial version for Linux 2.4.35.
32 phreak 1.170
33     *hardened-sources-2.6.21-r4 (16 Aug 2007)
34    
35     16 Aug 2007; Christian Heim <phreak@gentoo.org>
36     +hardened-sources-2.6.21-r4.ebuild:
37     Revision bump for Linux 2.6.21.6.
38 phreak 1.169
39     *hardened-sources-2.6.20-r7 (16 Aug 2007)
40    
41     16 Aug 2007; Christian Heim <phreak@gentoo.org>
42     +hardened-sources-2.6.20-r7.ebuild:
43     Revision bump for Linux 2.6.20.16.
44 phreak 1.168
45     *hardened-sources-2.6.22-r1 (13 Aug 2007)
46    
47     13 Aug 2007; Christian Heim <phreak@gentoo.org>
48     +hardened-sources-2.6.22-r1.ebuild:
49     Yet another revision bump.
50 phreak 1.167
51     *hardened-sources-2.6.22 (10 Aug 2007)
52    
53     10 Aug 2007; Christian Heim <phreak@gentoo.org>
54     +hardened-sources-2.6.22.ebuild:
55     Initial release for 2.6.22. If you are using hardened-sources on a desktop
56     machine (P4 or newer), be aware you might need to disable
57     CONFIG_PAX_PAGEEXEC.
58 phreak 1.166
59     04 Aug 2007; Christian Heim <phreak@gentoo.org>
60     hardened-sources-2.6.20-r6.ebuild:
61     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
62     2.6.20.15.
63 phreak 1.165
64     10 Jul 2007; Christian Heim <phreak@gentoo.org>
65     hardened-sources-2.6.20-r5.ebuild:
66     Marking hardened-sources-2.6.20-r5 stable on ppc.
67 phreak 1.164
68     10 Jul 2007; Christian Heim <phreak@gentoo.org>
69     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
70     Cleanup.
71 phreak 1.163
72     *hardened-sources-2.6.20-r6 (08 Jul 2007)
73    
74     08 Jul 2007; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.20-r6.ebuild:
76     Revision bump, grabbing yet another stable release.
77 phreak 1.162
78     17 Jun 2007; Christian Heim <phreak@gentoo.org>
79     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
80     -hardened-sources-2.6.21-r2.ebuild:
81     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
82     alpha stable KEYWORD by mistake.
83 phreak 1.161
84     17 Jun 2007; Christian Heim <phreak@gentoo.org>
85     hardened-sources-2.6.20-r5.ebuild:
86     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
87     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
88 phreak 1.160
89     *hardened-sources-2.6.21-r3 (12 Jun 2007)
90    
91     12 Jun 2007; Christian Heim <phreak@gentoo.org>
92     +hardened-sources-2.6.21-r3.ebuild:
93     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
94     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
95     love.
96 phreak 1.159
97     *hardened-sources-2.6.20-r5 (11 Jun 2007)
98    
99     11 Jun 2007; Christian Heim <phreak@gentoo.org>
100     +hardened-sources-2.6.20-r5.ebuild:
101     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
102     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
103     love.
104 pappy 1.158
105     *hardened-sources-2.4.34.5 (11 Jun 2007)
106    
107     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
108     +hardened-sources-2.4.34.5.ebuild:
109     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
110 phreak 1.157
111     30 May 2007; Christian Heim <phreak@gentoo.org>
112     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
113     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
114     stale ebuild(s).
115 phreak 1.156
116     30 May 2007; Christian Heim <phreak@gentoo.org>
117     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
118     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
119     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
120     Doing some cleanups, remove stale ebuilds.
121 phreak 1.155
122     26 May 2007; Christian Heim <phreak@gentoo.org>
123     hardened-sources-2.6.21-r2.ebuild:
124     Fixing the grsecurity patch, had one '};' too much.
125 phreak 1.154
126     *hardened-sources-2.6.21-r2 (26 May 2007)
127    
128     26 May 2007; Christian Heim <phreak@gentoo.org>
129     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
130     +hardened-sources-2.6.21-r2.ebuild:
131     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
132     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
133 phreak 1.153
134     *hardened-sources-2.6.20-r4 (26 May 2007)
135    
136     26 May 2007; Christian Heim <phreak@gentoo.org>
137     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
138     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
139 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
140 phreak 1.152
141     15 May 2007; Christian Heim <phreak@gentoo.org>
142     hardened-sources-2.6.20-r3.ebuild:
143     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
144     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
145     grsecurity patch fail in that exact same hunk.
146 phreak 1.151
147     *hardened-sources-2.6.20-r3 (15 May 2007)
148    
149     15 May 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
151     Revision bump, incorporating Linux 2.6.20.11.
152    
153     *hardened-sources-2.6.21-r1 (11 May 2007)
154    
155     11 May 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.21-r1.ebuild:
157     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
158     mentioned in #177234.
159 kevquinn 1.150
160     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
161     files/digest-hardened-sources-2.6.21, Manifest:
162     Fix Manifest/digest for linux-2.6.21.tar.bz2
163 phreak 1.149
164     06 May 2007; Christian Heim <phreak@gentoo.org>
165     hardened-sources-2.6.21.ebuild:
166     Bumping the hardened-patches version, needed for the fix for #177234.
167 phreak 1.148
168     *hardened-sources-2.6.21 (02 May 2007)
169    
170     02 May 2007; Christian Heim <phreak@gentoo.org>
171     +hardened-sources-2.6.21.ebuild:
172     Version bump, Linux 2.6.21-hardened.
173 phreak 1.147
174     29 Apr 2007; Christian Heim <phreak@gentoo.org>
175     hardened-sources-2.6.20-r2.ebuild:
176     Adding ~ia64 on Ned's request.
177 phreak 1.146
178     29 Apr 2007; Christian Heim <phreak@gentoo.org>
179     hardened-sources-2.6.20-r2.ebuild:
180     Fixing the included grsecurity patch, wasn't alligning due to the Index:
181     header line(s).
182 phreak 1.145
183     29 Apr 2007; Christian Heim <phreak@gentoo.org>
184     hardened-sources-2.6.20-r2.ebuild:
185     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
186 armin76 1.144
187     *hardened-sources-2.6.20-r2 (10 Apr 2007)
188    
189     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
190     +hardened-sources-2.6.20-r2.ebuild:
191     Version bump, on behalf of phreak
192 phreak 1.143
193     *hardened-sources-2.6.20-r1 (04 Apr 2007)
194    
195     04 Apr 2007; Christian Heim <phreak@gentoo.org>
196     +hardened-sources-2.6.20-r1.ebuild:
197     Revision bump, grabbing a newer grsecurity snapshot.
198 phreak 1.142
199     *hardened-sources-2.6.20 (25 Mar 2007)
200    
201     25 Mar 2007; Christian Heim <phreak@gentoo.org>
202     +hardened-sources-2.6.20.ebuild:
203     Finally a hardened-sources version for 2.6.20; many people have been waiting
204     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
205     testbox.
206 chainsaw 1.141
207     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
208     hardened-sources-2.6.18-r6.ebuild:
209     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
210 phreak 1.140
211     *hardened-sources-2.6.18-r6 (16 Mar 2007)
212    
213     16 Mar 2007; Christian Heim <phreak@gentoo.org>
214     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
215     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
216     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
217     supposed to be.
218 phreak 1.139
219     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
220     Fixing the Manifest, the previous one was broken (as in still had the
221     deleted ebuild in it).
222 phreak 1.138
223     06 Mar 2007; Christian Heim <phreak@gentoo.org>
224     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
225     +hardened-sources-2.6.18-r5.ebuild:
226     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
227     Linux 2.6.18.8. Also cleaning up the older version.
228    
229     *hardened-sources-2.6.18-r5 (06 Mar 2007)
230    
231     06 Mar 2007; Christian Heim <phreak@gentoo.org>
232     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
233     +hardened-sources-2.6.18-r5.ebuild:
234     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
235     Linux 2.6.18.8. Also cleaning up the older version.
236 phreak 1.137
237     24 Feb 2007; Christian Heim <phreak@gentoo.org>
238     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
239     -hardened-sources-2.6.19-r5.ebuild:
240     Removing some of the old version, that didn't work.
241 phreak 1.136
242     *hardened-sources-2.6.19-r6 (12 Feb 2007)
243    
244     12 Feb 2007; Christian Heim <phreak@gentoo.org>
245     +hardened-sources-2.6.19-r6.ebuild:
246     Revision bump, including a new grsec version fixing #166235.
247 pappy 1.134
248     *hardened-sources-2.4.34 (24 Jan 2007)
249    
250     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
251 pappy 1.135 Manifest:
252     updating Manifest with checksums of new tarball and ebuild
253    
254     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
255 pappy 1.134 +hardened-sources-2.4.34.ebuild:
256     I added new hardened sources 2.4 update, this is a critical path
257     security bugfix - all users of h-s are strongly advised
258     to update their existing hardened sources to this version.
259     It contains a fix for a kernel vulnerability that is pertaining
260     to the PaX changes to virtual memory management, possibly leading
261     to a local kernel exploit ... see grsecurity.net forums and homepage
262 phreak 1.133
263     23 Jan 2007; Christian Heim <phreak@gentoo.org>
264     files/digest-hardened-sources-2.6.19-r5, Manifest:
265     Fixing the patch-tarball digest.
266 phreak 1.132
267     *hardened-sources-2.6.19-r5 (23 Jan 2007)
268    
269     23 Jan 2007; Christian Heim <phreak@gentoo.org>
270     +hardened-sources-2.6.19-r5.ebuild:
271     Revision bump, closing the recently discovered PaX expand_stack()
272     vulnerability.
273 phreak 1.131
274     *hardened-sources-2.6.19-r4 (14 Jan 2007)
275    
276     14 Jan 2007; Christian Heim <phreak@gentoo.org>
277     +hardened-sources-2.6.19-r4.ebuild:
278     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
279     dropping the randomized PID feature.
280 opfer 1.130
281     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
282     hardened-sources-2.4.33.4.ebuild:
283     stable x86, bug #161171
284 phreak 1.129
285     *hardened-sources-2.6.19-r3 (27 Dec 2006)
286    
287     27 Dec 2006; Christian Heim <phreak@gentoo.org>
288     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
289     Revision bump for bug #157186 and #158786.
290 phreak 1.128
291     *hardened-sources-2.6.18-r4 (27 Dec 2006)
292    
293     27 Dec 2006; Christian Heim <phreak@gentoo.org>
294     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
295     Revision bump for bug #157186.
296 phreak 1.127
297     *hardened-sources-2.6.19-r2 (23 Dec 2006)
298    
299     23 Dec 2006; Christian Heim <phreak@gentoo.org>
300     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
301     Revision bump to pull in genpatches-2.6.19-3 for #157186.
302 phreak 1.126
303     17 Dec 2006; Christian Heim <phreak@gentoo.org>
304     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
305     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
306     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
307     hardened-sources-2.6.19-r1.ebuild:
308     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
309     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
310 pappy 1.125
311     *hardened-sources-2.4.33.4 (17 Dec 2006)
312    
313     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
314     +hardened-sources-2.4.33.4.ebuild:
315     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
316     and quilting
317 phreak 1.124
318     *hardened-sources-2.6.19-r1 (14 Dec 2006)
319    
320     14 Dec 2006; Christian Heim <phreak@gentoo.org>
321     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
322     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
323     for reporting).
324 phreak 1.123
325     *hardened-sources-2.6.19 (13 Dec 2006)
326    
327     13 Dec 2006; Christian Heim <phreak@gentoo.org>
328     +hardened-sources-2.6.19.ebuild:
329     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
330     Brad for providing that prompt update.
331 phreak 1.122
332     *hardened-sources-2.6.18-r3 (13 Dec 2006)
333    
334     13 Dec 2006; Christian Heim <phreak@gentoo.org>
335     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
336     +hardened-sources-2.6.18-r3.ebuild:
337     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
338     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
339 phreak 1.121
340     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
341     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
342 nixnut 1.120
343     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
344     Stable on ppc wrt bug 157356
345 opfer 1.119
346     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
347     hardened-sources-2.6.18.ebuild:
348     stable x86, bug #157356
349 phreak 1.118
350     *hardened-sources-2.6.18-r2 (06 Dec 2006)
351    
352     06 Dec 2006; Christian Heim <phreak@gentoo.org>
353     +hardened-sources-2.6.18-r2.ebuild:
354     Revision bump, including 2.6.18.5 (via genpatches) and
355     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
356     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
357     redesign.
358 phreak 1.117
359     06 Dec 2006; Christian Heim <phreak@gentoo.org>
360     hardened-sources-2.6.18.ebuild:
361     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
362     of Mike Doty).
363 phreak 1.116
364     *hardened-sources-2.6.18-r1 (23 Nov 2006)
365    
366     23 Nov 2006; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.18-r1.ebuild:
368     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
369 phreak 1.115
370     *hardened-sources-2.6.18 (11 Nov 2006)
371    
372     11 Nov 2006; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.18.ebuild:
374     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
375 solar 1.114
376     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
377     - mark amd64 stable also. bug #151877
378 solar 1.113
379     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
380     - mark 2.6.17-r1 stable
381 phreak 1.112
382     27 Aug 2006; Christian Heim <phreak@gentoo.org>
383     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
384     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
385 phreak 1.111
386     *hardened-sources-2.6.17-r1 (26 Aug 2006)
387    
388     26 Aug 2006; Christian Heim <phreak@gentoo.org>
389     +hardened-sources-2.6.17-r1.ebuild:
390     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
391     grsecurity patch.
392 phreak 1.110
393     *hardened-sources-2.6.17 (17 Aug 2006)
394    
395     17 Aug 2006; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.6.17.ebuild:
397     Bumping the hardened-sources-2.6 series to 2.6.17, using
398     genpatches-2.6.17-6.base.
399 solar 1.109
400     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
401     - stable on x86 and amd64
402 solar 1.108
403     *hardened-sources-2.6.16-r11 (15 Jul 2006)
404    
405     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
406     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
407     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
408     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
409     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
410     crusty ebuilds
411 johnm 1.107
412     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
413     hardened-sources-2.6.16-r10.ebuild:
414     marking stable on x86 and amd64
415 solar 1.106
416     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
417     - 2.4.32-r6 stable on x86. RSBAC state unknown
418 kang 1.105
419     *hardened-sources-2.4.32-r7 (10 Jul 2006)
420    
421     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
422     +hardened-sources-2.4.32-r7.ebuild:
423     Bump PaX for RSBAC to test-17
424 johnm 1.104
425     *hardened-sources-2.6.16-r9 (03 Jul 2006)
426    
427     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
428     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
429     hardened-sources-2.6.16 bump to latest -base.
430 solar 1.103
431     *hardened-sources-2.4.32-r6 (30 Jun 2006)
432    
433     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
434     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
435     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
436     sysctl controlable resource logging
437 johnm 1.102
438     *hardened-sources-2.6.16-r7 (05 Jun 2006)
439    
440     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
441     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
442     push new 2.6.16 release in preparation for stable
443 solar 1.101
444     22 May 2006; <solar@gentoo.org> :
445     - redigest bug 134002
446 kang 1.100
447     *hardened-sources-2.4.32-r5 (16 May 2006)
448    
449     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
450     +hardened-sources-2.4.32-r5.ebuild:
451     Fixes rsbac common patching (new patch in new -r5 patchset)
452 solar 1.99
453     *hardened-sources-2.4.32-r4 (13 May 2006)
454    
455     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
456     +hardened-sources-2.4.32-r4.ebuild:
457     - security bumps
458 johnm 1.98
459     *hardened-sources-2.6.16-r6 (03 May 2006)
460    
461     03 May 2006; John Mylchreest <johnm@gentoo.org>
462     +hardened-sources-2.6.16-r6.ebuild:
463     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
464 johnm 1.97
465     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
466     hardened-sources-2.6.14-r8.ebuild:
467     fix x86_64 build problem, this will delay the digest issue again for a short
468     while but it will sort itself out
469 johnm 1.96
470     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
471     hardened-sources-2.6.14-r8.ebuild:
472     bump hardened patchset
473 antarus 1.94
474     27 Apr 2006; Alec Warner <antarus@gentoo.org>
475     files/digest-hardened-sources-2.4.32-r2,
476     files/digest-hardened-sources-2.4.32-r3,
477     files/digest-hardened-sources-2.6.14-r8, Manifest:
478     Fixing duff SHA256 digests: Bug # 131293
479 johnm 1.93
480 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
481    
482     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
483     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
484     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
485     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
486     cleanup of old uneccessary sources
487    
488 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
489     fix digest
490 johnm 1.92
491     *hardened-sources-2.6.14-r8 (20 Apr 2006)
492    
493     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
494     +hardened-sources-2.6.14-r8.ebuild:
495     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
496 johnm 1.91
497     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
498     Turning on gpg-signing again, and recomitting
499 johnm 1.90
500     *hardened-sources-2.6.16-r4 (20 Apr 2006)
501    
502     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
503     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
504     +hardened-sources-2.6.16-r4.ebuild:
505     Fix numerous security vulns
506 solar 1.89
507     *hardened-sources-2.4.32-r3 (16 Apr 2006)
508    
509     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
510     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
511     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
512     - security bump for bug #112791. Removed old ebuilds
513 johnm 1.88
514     *hardened-sources-2.6.16-r3 (15 Apr 2006)
515    
516     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
517     +hardened-sources-2.6.16-r3.ebuild:
518     Removing silly localversion which I missed
519 johnm 1.87
520     *hardened-sources-2.6.14-r7 (14 Apr 2006)
521    
522     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
523     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
524     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
525 johnm 1.86
526     *hardened-sources-2.6.16-r2 (13 Apr 2006)
527    
528     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
529     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
530     +hardened-sources-2.6.16-r2.ebuild:
531     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
532     labels, dropping USERGROUP define fixes, since these were merged mainstream.
533 johnm 1.85
534     *hardened-sources-2.6.16-r1 (11 Apr 2006)
535    
536     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
537     +hardened-sources-2.6.16-r1.ebuild:
538     Bumping to include ppc build fix and 2.6.16.3
539 tsunam 1.84
540     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
541     hardened-sources-2.6.14-r6.ebuild:
542     Stable on x86; bug #127718
543 johnm 1.83
544     *hardened-sources-2.6.16 (31 Mar 2006)
545    
546     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
547     +hardened-sources-2.6.16.ebuild:
548     Bumping to new version of grsec, and kernel base. New squashfs. Based on
549     2.6.16.1
550 cryos 1.82
551     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
552     hardened-sources-2.6.14-r6.ebuild:
553     Stable on amd64, bug 127718.
554 nixnut 1.81
555     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
556     Stable on ppc. Bug #127718
557 johnm 1.80
558     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
559     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
560     -hardened-sources-2.6.14-r4.ebuild:
561     Cleanup.
562 johnm 1.79
563     *hardened-sources-2.6.14-r6 (15 Mar 2006)
564    
565     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
566     +hardened-sources-2.6.14-r6.ebuild:
567     Fixes grsec policy recreation bug and adds a
568     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
569 solar 1.78
570     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
571     - stable on x86
572 hansmi 1.77
573     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
574     hardened-sources-2.6.14-r5.ebuild:
575     Stable on ppc.
576 johnm 1.76
577     *hardened-sources-2.6.14-r5 (01 Feb 2006)
578    
579     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
580     +hardened-sources-2.6.14-r5.ebuild:
581     fixing every known exploit
582 solar 1.75
583     *hardened-sources-2.4.32-r2 (26 Jan 2006)
584    
585     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
586     +hardened-sources-2.4.32-r2.ebuild:
587     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
588 solar 1.74
589     *hardened-sources-2.6.14-r4 (12 Jan 2006)
590    
591     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
592     - version bump for new genpatches which fix up a few sec holes
593 solar 1.73
594     *hardened-sources-2.4.32-r1 (05 Jan 2006)
595    
596     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
597     - revision bump to add misc vital linux kernel security patches.
598 johnm 1.72
599     *hardened-sources-2.6.14-r3 (30 Dec 2005)
600    
601     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
602     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
603     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
604 johnm 1.71
605     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
606     hardened-sources-2.6.14-r2.ebuild:
607     making x86 & amd64 stable following testing.
608 johnm 1.70
609     *hardened-sources-2.6.14-r2 (27 Dec 2005)
610    
611     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
612     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
613     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
614     network hooks.
615 johnm 1.69
616     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
617     hardened-sources-2.6.14-r1.ebuild:
618     bumping to stable early for sec fix on x86 & amd64
619 johnm 1.68
620     *hardened-sources-2.6.14-r1 (05 Dec 2005)
621    
622     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
623     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
624     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
625 solar 1.67
626     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
627     - stable on x86 security bug #114227 CAN-2005-3257
628 kang 1.66
629     *hardened-sources-2.4.32 (19 Nov 2005)
630    
631     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
632     +hardened-sources-2.4.32.ebuild:
633     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
634     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
635     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
636     rsbac >> /etc/portage/package.use)
637 johnm 1.65
638     *hardened-sources-2.6.14 (14 Nov 2005)
639    
640     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
641     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
642     Bumping 2.6 series to 2.6.14.2
643 johnm 1.64
644     *hardened-sources-2.6.13-r2 (20 Oct 2005)
645    
646     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
648     +hardened-sources-2.6.13-r2.ebuild:
649     Fixes minor build error in ppc.
650 johnm 1.63
651     *hardened-sources-2.6.13-r1 (17 Oct 2005)
652    
653     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
654     +hardened-sources-2.6.13-r1.ebuild:
655     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
656     2.6.13.4, fixes some major amd64 stability problems.
657 johnm 1.62
658     *hardened-sources-2.6.13 (16 Sep 2005)
659    
660     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
661     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
662     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
663     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
664     users should test this thoroughly.
665 solar 1.61
666     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
667     - stable on x86
668 johnm 1.60
669     *hardened-sources-2.6.11-r15 (27 Jun 2005)
670    
671     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
672     +hardened-sources-2.6.11-r15.ebuild:
673     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
674     grsec redefining curr_ip struct.
675 solar 1.59
676     *hardened-sources-2.4.31 (20 Jun 2005)
677    
678     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
679     initial import of 2.4.31 tree
680 johnm 1.58
681     *hardened-sources-2.6.11-r14 (14 Jun 2005)
682    
683     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
684     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
685     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
686     naming scheme to abide by genpatches
687 johnm 1.57
688     *hardened-sources-2.6.11-r13 (18 May 2005)
689    
690     18 May 2005; John Mylchreest <johnm@gentoo.org>
691     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
692     Managed to mangle the Makefile patch from grsec, to miss out the grsec
693     target. sorry about that. Fixes bug #93022
694 johnm 1.56
695     *hardened-sources-2.6.11-r12 (17 May 2005)
696    
697     17 May 2005; John Mylchreest <johnm@gentoo.org>
698     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
699     +hardened-sources-2.6.11-r12.ebuild:
700     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
701     merges in genpatches-base
702 johnm 1.55
703     *hardened-sources-2.6.11-r12 (17 May 2005)
704    
705     17 May 2005; John Mylchreest <johnm@gentoo.org>
706     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
707     +hardened-sources-2.6.11-r12.ebuild:
708     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
709     merges in genpatches-base
710 solar 1.54
711     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
712     -files/2.4.27-cmdline-race.patch,
713     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
714     -files/2.4.28-grsec-binfmt_a.out.patch,
715     -files/2.4.28-grsec-cmdline-race.patch,
716     -files/2.4.28-selinux-binfmt_a.out.patch,
717     -files/2.4.28-selinux-cmdline-race.patch,
718     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
719     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
720     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
721     cleanup..
722 solar 1.53
723     *hardened-sources-2.4.30-r1 (21 Apr 2005)
724    
725     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
726     - disable aout by default
727 solar 1.52
728     *hardened-sources-2.4.30 (18 Apr 2005)
729    
730     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
731     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
732     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
733     use
734 tocharian 1.50
735 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
736    
737     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
738     +hardened-sources-2.4.29.ebuild:
739     New hardened-patches-2.4-29.0 patchball.
740     Removed SELinux support, upgraded GRSecurity to 2.1.4.
741    
742     *hardened-sources-2.4.28-r5 (06 Mar 2005)
743    
744     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
745     +hardened-sources-2.4.28-r5.ebuild:
746     Added a fix for a PaX vulnerability.
747    
748     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
749 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
750     Stable on x86
751 solar 1.49
752     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
753     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
754     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
755     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
756     - fixed/added RDEPEND= in all kernel-2 ebuilds
757 tocharian 1.48
758     *hardened-sources-2.4.28-r4 (21 Jan 2005)
759    
760     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
761     +hardened-sources-2.4.28-r4.ebuild:
762     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
763     backport of neighbour hash updates.
764 tocharian 1.47
765     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
766     hardened-sources-2.4.28-r3.ebuild:
767     Stable on x86
768 tseng 1.46
769     *hardened-sources-2.6.10-r3 (20 Jan 2005)
770    
771     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
772     +hardened-sources-2.6.10-r3.ebuild:
773     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
774     in 2005.0
775 tocharian 1.45
776     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
777     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
778     hardened-sources-2.4.28-r2.ebuild:
779     Mark stable on x86
780 tocharian 1.44
781     *hardened-sources-2.4.28-r3 (17 Jan 2005)
782    
783     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
784     +hardened-sources-2.4.28-r3.ebuild:
785     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
786 tocharian 1.43
787     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
788     hardened-sources-2.4.28.ebuild:
789     Mark stable on x86.
790 tocharian 1.42
791     *hardened-sources-2.4.28-r2 (13 Jan 2005)
792    
793     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
794     +hardened-sources-2.4.28-r2.ebuild:
795     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
796     Mazinger for grsecurity patches as well.
797 plasmaroo 1.41
798     *hardened-sources-2.4.28-r1 (23 Dec 2004)
799    
800     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
801     Security bump. Thank tocharian for rolling a new patchset...
802 solar 1.40
803     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
804     +files/2.4.28-grsec-cmdline-race.patch,
805     +files/2.4.28-selinux-binfmt_a.out.patch,
806     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
807     - Round up remaining security patches that appear to be missing in 2.4.28. -
808     PaX standalone updated to current. hgpv=28.1
809 solar 1.39
810     *hardened-sources-2.4.28 (28 Nov 2004)
811    
812     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
813     security bump. Thank tocharian for rolling a new patchset
814 scox 1.31
815 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
816    
817     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
818     +hardened-sources-2.4.27-r3.ebuild:
819     Applies the new 2.4-27.2 patchball which updates
820     GRSecurity to the 2.0.1 version.
821    
822 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
823    
824     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
825     +hardened-sources-2.4.27-r2.ebuild:
826     Version bump.
827     This version uses the new 2.4-27.1 patchball which updates
828     both the SELinux PaX hooks patch and the SELinux headers.
829    
830 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
831    
832     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
833     +hardened-sources-2.4.27-r1.ebuild,
834     -hardened-sources-2.4.27.ebuild,
835     +files/2.4.27-cmdline-race.patch:
836     Version bump, fix for cmdline race. See bug #59905.
837    
838     *hardened-sources-2.4.26-r6 (09 Aug 2004)
839    
840     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
841     +hardened-sources-2.4.26-r6.ebuild,
842     -hardened-sources-2.4.26-r5.ebuild,
843     -hardened-sources-2.4.26-r4.ebuild,
844     +files/2.4.26-cmdline-race.patch:
845     Version bump, fix for cmdline race. See bug #59905.
846    
847 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
848    
849     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
850     +hardened-sources-2.4.27.ebuild,
851     +files/2.4.27-CAN-2004-0394.patch:
852     Ported the patchball to the 2.4.27 kernel version.
853    
854 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
855    
856     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
857     +hardened-sources-2.4.26-r5.ebuild:
858 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
859 scox 1.34 It adds the following features:
860     - Squashfs
861     - Ebtables
862     - Netdev random (core+drivers)
863     - Watchdog Timer (WDT) fix.
864    
865 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
866    
867     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
868     +hardened-sources-2.4.26-r4.ebuild,
869     +files/2.4.26-CAN-2004-0415.patch,
870     -hardened-sources-2.4.26-3:
871     Version bump, fix for CAN 0415, see bug #59378.
872    
873 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
874    
875     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
876     +hardened-sources-2.4.26-r3.ebuild,
877     +files/2.4.26-CAN-2004-0497.patch,
878     -hardened-sources-2.4.26-r2.ebuild:
879     Version bump, fixed CAN 0497, see bug #56171.
880    
881 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
882    
883     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
884 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
885 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
886     +files/2.4.26-CAN-2004-0535.patch,
887     -hardened-sources-2.4.26-r1.ebuild:
888     Fixes for both CAN 0495 and 0535, see bug #54976
889 pvdabeel 1.27
890 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
891     hardened-sources-2.4.26-r1.ebuild:
892     QA - fix use invocation
893 scox 1.28
894     *hardened-sources-2.4.26-r1 (22 June 2004)
895    
896     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
897     +hardened-sources-2.4.26-r1.ebuild,
898     +files/2.4.26-CAN-2004-0394.patch,
899     +files/2.4.26-signal-race.patch,
900     -hardened-sources-2.4.26.ebuild,
901     -hardened-sources-2.4.24-r3.ebuild:
902     Version bump for the CAN-2004-0394 issue and bug #53804
903     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
904    
905    
906 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
907     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
908     Masked hardened-sources-2.4.26.ebuild broken for ppc
909    
910     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
911     hardened-sources-2.4.24-r3.ebuild:
912     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
913 plasmaroo 1.25
914 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
915    
916     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
917     +hardened-sources-2.4.26.ebuild:
918     Updated hardened-sources for the 2.4.26 kernel
919     Removed broken components, updated almost everything.
920    
921 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
922    
923     17 Apr 2004; <plasmaroo@gentoo.org>
924     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
925     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
926     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
927     +hardened-sources-2.4.24-r3.ebuild:
928     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
929     vulnerabilities. Old revisions removed.
930 plasmaroo 1.24
931     *hardened-sources-2.4.24-r2 (15 Apr 2004)
932    
933     15 Apr 2004; <plasmaroo@gentoo.org>
934     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
935     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
936     Version bump for the CAN-2004-0109 issue; bug #47881.
937 aliz 1.23
938     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
939     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
940     Add eutils to inherit.
941 plasmaroo 1.22
942     *hardened-sources-2.4.24-r1 (19 Feb 2004)
943    
944     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
945     files/hardened-sources-2.4.24.munmap.patch:
946     Added the patch for the mremap/munmap vulnerability. Bug #42024.
947 scox 1.19
948 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
949 scox 1.26
950 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
951     hardened-sources-2.4.24.ebuild:
952     Version bump, updated most of the components.
953     This release includes the following:
954    
955     - Hardened security
956     - Netfilter patch-o-matic 20031219
957     - FreeSWAN 2.04 & x509 1.4.8
958     - EVMS 2.2.2
959     - XFS 1.3.1
960     - cryptoloop jari
961     - grsecurity 2.0-rc4
962     - SELinux
963     - PaX 200402060000
964     - PaX Obscurity 200308302223
965     - Others...
966    
967     Neither -ck nor systrace are included anymore.
968    
969 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
970    
971     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
972     hardened-sources-2.4.22-r2.ebuild:
973 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
974 scox 1.19
975     *hardened-sources-2.4.22-r1 (02 Dec 2003)
976 iggy 1.17
977     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
978 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
979 iggy 1.16
980     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
981 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
982     Version bump for the 'do_brk' vulnerability.
983 iggy 1.15
984     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
985     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
986     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
987     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
988 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
989 frogger 1.14
990     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
991     hardened-sources-2.4.22.ebuild:
992 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
993     components. These are no longer handled in the kernel
994     so this code was not necessary.
995 frogger 1.13
996     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
997     New 2.4.22 based hardened-sources thanks to
998     Phil West <p.west@computer.org>.
999    
1000     These sources include:
1001 plasmaroo 1.18 - New SELinux API
1002     - Updated CK-base
1003     - Updated GRSec
1004     - Systrace
1005     - SuperFreeS/WAN 1.99.8
1006     - Propolice kernel build support
1007     - EVMS
1008     - Other various security related patches
1009 frogger 1.11
1010 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1011    
1012     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1013     Updated hardened-sources based on the 2.4.21 Linux kernel.
1014     This includes updates to most major components such as:
1015 plasmaroo 1.18 - ck-base-0306300059
1016     - selinux-2.4-2003071106
1017     - grsecurity-2.0-rc1
1018     - Updated IPTables patch-o-matic
1019     - Updated SuperFreeS/WAN
1020    
1021 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1022     updated patch set ready for the 2.4.21 based kernel.
1023    
1024 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1025     Initial import of hardened-sources-2.4.20-r4. This revision
1026     includes only a few changes, but one of these is an important
1027     security fix. It is recommended all users of hardened-sources
1028     upgrade to this release.
1029 plasmaroo 1.18
1030 frogger 1.11 - ioperm bug fix
1031     - fixed compilation failure when building without GRSec
1032 plasmaroo 1.18
1033 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1034     due to time constraints, but is planned for inclusion in the near
1035     future.
1036 msterret 1.10
1037     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1038    
1039     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1040     hardened-sources-2.4.20-r3.ebuild:
1041 plasmaroo 1.18 Add Header...
1042 frogger 1.9
1043     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1044     hardened-sources-2.4.20-r3.ebuild:
1045     Removed warnings from ebuild. This kernel should be safe to
1046     use at this point.
1047 frogger 1.8
1048     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1049    
1050     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1051     hardened-sources-2.4.20-r3.ebuild:
1052     New revision. Includes the following changes over -r2:
1053 plasmaroo 1.18
1054 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1055     - Super FreeS/WAN 1.99.7rc2
1056     - PaX for the LSM/SELinux branch
1057     - GRSecurity 2.0-pre4 (role based access control)
1058     - Systrace 1.3
1059     - EXT3 fixes
1060     - EVMS 2.0.1
1061     - GCC 3.1+ compile optimizations
1062     - ProPolice kernel build support
1063     - Hashing table security fixes
1064 frogger 1.3
1065     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1066 frogger 1.7
1067     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1068     Initial import of hardened-sources-r2. This new
1069     ebuild includes many new performance and security
1070     related patches. As in -r1, it will patch in
1071     LSM/SELinux if "selinux" is in USE, otherwise it
1072     will patch in GRSecurity. The following patches
1073     are included in this revision:
1074 plasmaroo 1.18
1075 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1076     (pulled from the base CK patch)
1077     - ptrace exploit patch for the LSM kernel
1078     (the GRSec patch already fixes this)
1079     - LSM 2.4-2003040709
1080     - SELinux 2.4-2003040709
1081     - Systrace v1.2
1082     - IPTables patch-o-matic base patches - 20030107
1083     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1084     - Super FreeS/WAN 1.99.6.1
1085     - GRSecurity 1.9.9g
1086     - MPPE
1087     - EXT3 data journal fix
1088     - CIPE 1.5.4
1089 frogger 1.6
1090     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1091     hardened-sources-2.4.20-r1.ebuild, manifest:
1092 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1093 frogger 1.5
1094     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1095     hardened-sources-2.4.20-r1.ebuild:
1096     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1097     is patched in instead. Ptrace patches for selinux have also been added. In
1098     either case, systrace support will be patched in as well.
1099 frogger 1.3
1100     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1101     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1102 plasmaroo 1.18 Revision bump for new sources.
1103 frogger 1.4
1104 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1105 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1106 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1107 method 1.1
1108 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1109    
1110 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1111     hardened-sources-2.4.20.ebuild:
1112 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20