/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.176 - (hide annotations) (download)
Wed Aug 29 11:15:55 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.175: +7 -1 lines
Revision bump, new grsecurity patch.
(Portage version: 2.1.3.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.176 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.175 2007/08/26 16:22:23 phreak Exp $
4    
5     *hardened-sources-2.4.35-r1 (29 Aug 2007)
6    
7     29 Aug 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.4.35-r1.ebuild:
9     Revision bump, new grsecurity patch.
10 phreak 1.175
11     *hardened-sources-2.6.20-r8 (26 Aug 2007)
12    
13     26 Aug 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.20-r8.ebuild:
15     Revision bump for Linux 2.6.20.17.
16 phreak 1.174
17     *hardened-sources-2.6.22-r3 (22 Aug 2007)
18    
19     22 Aug 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.22-r3.ebuild:
21     Revision bump for Linux 2.6.22.4.
22 phreak 1.173
23     16 Aug 2007; Christian Heim <phreak@gentoo.org>
24     hardened-sources-2.6.22-r2.ebuild:
25     Updated patchset, to fix the alignment against 2.6.22.3.
26 phreak 1.172
27     *hardened-sources-2.6.22-r2 (16 Aug 2007)
28    
29     16 Aug 2007; Christian Heim <phreak@gentoo.org>
30     +hardened-sources-2.6.22-r2.ebuild:
31     Revision bump for Linux 2.6.22.3.
32 phreak 1.171
33     *hardened-sources-2.4.35 (16 Aug 2007)
34    
35     16 Aug 2007; Christian Heim <phreak@gentoo.org>
36     +hardened-sources-2.4.35.ebuild:
37     Version bump, initial version for Linux 2.4.35.
38 phreak 1.170
39     *hardened-sources-2.6.21-r4 (16 Aug 2007)
40    
41     16 Aug 2007; Christian Heim <phreak@gentoo.org>
42     +hardened-sources-2.6.21-r4.ebuild:
43     Revision bump for Linux 2.6.21.6.
44 phreak 1.169
45     *hardened-sources-2.6.20-r7 (16 Aug 2007)
46    
47     16 Aug 2007; Christian Heim <phreak@gentoo.org>
48     +hardened-sources-2.6.20-r7.ebuild:
49     Revision bump for Linux 2.6.20.16.
50 phreak 1.168
51     *hardened-sources-2.6.22-r1 (13 Aug 2007)
52    
53     13 Aug 2007; Christian Heim <phreak@gentoo.org>
54     +hardened-sources-2.6.22-r1.ebuild:
55     Yet another revision bump.
56 phreak 1.167
57     *hardened-sources-2.6.22 (10 Aug 2007)
58    
59     10 Aug 2007; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.22.ebuild:
61     Initial release for 2.6.22. If you are using hardened-sources on a desktop
62     machine (P4 or newer), be aware you might need to disable
63     CONFIG_PAX_PAGEEXEC.
64 phreak 1.166
65     04 Aug 2007; Christian Heim <phreak@gentoo.org>
66     hardened-sources-2.6.20-r6.ebuild:
67     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
68     2.6.20.15.
69 phreak 1.165
70     10 Jul 2007; Christian Heim <phreak@gentoo.org>
71     hardened-sources-2.6.20-r5.ebuild:
72     Marking hardened-sources-2.6.20-r5 stable on ppc.
73 phreak 1.164
74     10 Jul 2007; Christian Heim <phreak@gentoo.org>
75     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
76     Cleanup.
77 phreak 1.163
78     *hardened-sources-2.6.20-r6 (08 Jul 2007)
79    
80     08 Jul 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.20-r6.ebuild:
82     Revision bump, grabbing yet another stable release.
83 phreak 1.162
84     17 Jun 2007; Christian Heim <phreak@gentoo.org>
85     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
86     -hardened-sources-2.6.21-r2.ebuild:
87     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
88     alpha stable KEYWORD by mistake.
89 phreak 1.161
90     17 Jun 2007; Christian Heim <phreak@gentoo.org>
91     hardened-sources-2.6.20-r5.ebuild:
92     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
93     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
94 phreak 1.160
95     *hardened-sources-2.6.21-r3 (12 Jun 2007)
96    
97     12 Jun 2007; Christian Heim <phreak@gentoo.org>
98     +hardened-sources-2.6.21-r3.ebuild:
99     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
100     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
101     love.
102 phreak 1.159
103     *hardened-sources-2.6.20-r5 (11 Jun 2007)
104    
105     11 Jun 2007; Christian Heim <phreak@gentoo.org>
106     +hardened-sources-2.6.20-r5.ebuild:
107     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
108     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
109     love.
110 pappy 1.158
111     *hardened-sources-2.4.34.5 (11 Jun 2007)
112    
113     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
114     +hardened-sources-2.4.34.5.ebuild:
115     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
116 phreak 1.157
117     30 May 2007; Christian Heim <phreak@gentoo.org>
118     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
119     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
120     stale ebuild(s).
121 phreak 1.156
122     30 May 2007; Christian Heim <phreak@gentoo.org>
123     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
124     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
125     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
126     Doing some cleanups, remove stale ebuilds.
127 phreak 1.155
128     26 May 2007; Christian Heim <phreak@gentoo.org>
129     hardened-sources-2.6.21-r2.ebuild:
130     Fixing the grsecurity patch, had one '};' too much.
131 phreak 1.154
132     *hardened-sources-2.6.21-r2 (26 May 2007)
133    
134     26 May 2007; Christian Heim <phreak@gentoo.org>
135     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
136     +hardened-sources-2.6.21-r2.ebuild:
137     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
138     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
139 phreak 1.153
140     *hardened-sources-2.6.20-r4 (26 May 2007)
141    
142     26 May 2007; Christian Heim <phreak@gentoo.org>
143     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
144     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
145 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
146 phreak 1.152
147     15 May 2007; Christian Heim <phreak@gentoo.org>
148     hardened-sources-2.6.20-r3.ebuild:
149     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
150     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
151     grsecurity patch fail in that exact same hunk.
152 phreak 1.151
153     *hardened-sources-2.6.20-r3 (15 May 2007)
154    
155     15 May 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
157     Revision bump, incorporating Linux 2.6.20.11.
158    
159     *hardened-sources-2.6.21-r1 (11 May 2007)
160    
161     11 May 2007; Christian Heim <phreak@gentoo.org>
162     +hardened-sources-2.6.21-r1.ebuild:
163     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
164     mentioned in #177234.
165 kevquinn 1.150
166     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
167     files/digest-hardened-sources-2.6.21, Manifest:
168     Fix Manifest/digest for linux-2.6.21.tar.bz2
169 phreak 1.149
170     06 May 2007; Christian Heim <phreak@gentoo.org>
171     hardened-sources-2.6.21.ebuild:
172     Bumping the hardened-patches version, needed for the fix for #177234.
173 phreak 1.148
174     *hardened-sources-2.6.21 (02 May 2007)
175    
176     02 May 2007; Christian Heim <phreak@gentoo.org>
177     +hardened-sources-2.6.21.ebuild:
178     Version bump, Linux 2.6.21-hardened.
179 phreak 1.147
180     29 Apr 2007; Christian Heim <phreak@gentoo.org>
181     hardened-sources-2.6.20-r2.ebuild:
182     Adding ~ia64 on Ned's request.
183 phreak 1.146
184     29 Apr 2007; Christian Heim <phreak@gentoo.org>
185     hardened-sources-2.6.20-r2.ebuild:
186     Fixing the included grsecurity patch, wasn't alligning due to the Index:
187     header line(s).
188 phreak 1.145
189     29 Apr 2007; Christian Heim <phreak@gentoo.org>
190     hardened-sources-2.6.20-r2.ebuild:
191     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
192 armin76 1.144
193     *hardened-sources-2.6.20-r2 (10 Apr 2007)
194    
195     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
196     +hardened-sources-2.6.20-r2.ebuild:
197     Version bump, on behalf of phreak
198 phreak 1.143
199     *hardened-sources-2.6.20-r1 (04 Apr 2007)
200    
201     04 Apr 2007; Christian Heim <phreak@gentoo.org>
202     +hardened-sources-2.6.20-r1.ebuild:
203     Revision bump, grabbing a newer grsecurity snapshot.
204 phreak 1.142
205     *hardened-sources-2.6.20 (25 Mar 2007)
206    
207     25 Mar 2007; Christian Heim <phreak@gentoo.org>
208     +hardened-sources-2.6.20.ebuild:
209     Finally a hardened-sources version for 2.6.20; many people have been waiting
210     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
211     testbox.
212 chainsaw 1.141
213     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
214     hardened-sources-2.6.18-r6.ebuild:
215     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
216 phreak 1.140
217     *hardened-sources-2.6.18-r6 (16 Mar 2007)
218    
219     16 Mar 2007; Christian Heim <phreak@gentoo.org>
220     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
221     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
222     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
223     supposed to be.
224 phreak 1.139
225     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
226     Fixing the Manifest, the previous one was broken (as in still had the
227     deleted ebuild in it).
228 phreak 1.138
229     06 Mar 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
231     +hardened-sources-2.6.18-r5.ebuild:
232     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
233     Linux 2.6.18.8. Also cleaning up the older version.
234    
235     *hardened-sources-2.6.18-r5 (06 Mar 2007)
236    
237     06 Mar 2007; Christian Heim <phreak@gentoo.org>
238     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
239     +hardened-sources-2.6.18-r5.ebuild:
240     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
241     Linux 2.6.18.8. Also cleaning up the older version.
242 phreak 1.137
243     24 Feb 2007; Christian Heim <phreak@gentoo.org>
244     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
245     -hardened-sources-2.6.19-r5.ebuild:
246     Removing some of the old version, that didn't work.
247 phreak 1.136
248     *hardened-sources-2.6.19-r6 (12 Feb 2007)
249    
250     12 Feb 2007; Christian Heim <phreak@gentoo.org>
251     +hardened-sources-2.6.19-r6.ebuild:
252     Revision bump, including a new grsec version fixing #166235.
253 pappy 1.134
254     *hardened-sources-2.4.34 (24 Jan 2007)
255    
256     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
257 pappy 1.135 Manifest:
258     updating Manifest with checksums of new tarball and ebuild
259    
260     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
261 pappy 1.134 +hardened-sources-2.4.34.ebuild:
262     I added new hardened sources 2.4 update, this is a critical path
263     security bugfix - all users of h-s are strongly advised
264     to update their existing hardened sources to this version.
265     It contains a fix for a kernel vulnerability that is pertaining
266     to the PaX changes to virtual memory management, possibly leading
267     to a local kernel exploit ... see grsecurity.net forums and homepage
268 phreak 1.133
269     23 Jan 2007; Christian Heim <phreak@gentoo.org>
270     files/digest-hardened-sources-2.6.19-r5, Manifest:
271     Fixing the patch-tarball digest.
272 phreak 1.132
273     *hardened-sources-2.6.19-r5 (23 Jan 2007)
274    
275     23 Jan 2007; Christian Heim <phreak@gentoo.org>
276     +hardened-sources-2.6.19-r5.ebuild:
277     Revision bump, closing the recently discovered PaX expand_stack()
278     vulnerability.
279 phreak 1.131
280     *hardened-sources-2.6.19-r4 (14 Jan 2007)
281    
282     14 Jan 2007; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.6.19-r4.ebuild:
284     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
285     dropping the randomized PID feature.
286 opfer 1.130
287     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
288     hardened-sources-2.4.33.4.ebuild:
289     stable x86, bug #161171
290 phreak 1.129
291     *hardened-sources-2.6.19-r3 (27 Dec 2006)
292    
293     27 Dec 2006; Christian Heim <phreak@gentoo.org>
294     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
295     Revision bump for bug #157186 and #158786.
296 phreak 1.128
297     *hardened-sources-2.6.18-r4 (27 Dec 2006)
298    
299     27 Dec 2006; Christian Heim <phreak@gentoo.org>
300     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
301     Revision bump for bug #157186.
302 phreak 1.127
303     *hardened-sources-2.6.19-r2 (23 Dec 2006)
304    
305     23 Dec 2006; Christian Heim <phreak@gentoo.org>
306     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
307     Revision bump to pull in genpatches-2.6.19-3 for #157186.
308 phreak 1.126
309     17 Dec 2006; Christian Heim <phreak@gentoo.org>
310     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
311     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
312     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
313     hardened-sources-2.6.19-r1.ebuild:
314     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
315     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
316 pappy 1.125
317     *hardened-sources-2.4.33.4 (17 Dec 2006)
318    
319     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
320     +hardened-sources-2.4.33.4.ebuild:
321     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
322     and quilting
323 phreak 1.124
324     *hardened-sources-2.6.19-r1 (14 Dec 2006)
325    
326     14 Dec 2006; Christian Heim <phreak@gentoo.org>
327     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
328     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
329     for reporting).
330 phreak 1.123
331     *hardened-sources-2.6.19 (13 Dec 2006)
332    
333     13 Dec 2006; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.19.ebuild:
335     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
336     Brad for providing that prompt update.
337 phreak 1.122
338     *hardened-sources-2.6.18-r3 (13 Dec 2006)
339    
340     13 Dec 2006; Christian Heim <phreak@gentoo.org>
341     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
342     +hardened-sources-2.6.18-r3.ebuild:
343     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
344     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
345 phreak 1.121
346     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
347     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
348 nixnut 1.120
349     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
350     Stable on ppc wrt bug 157356
351 opfer 1.119
352     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
353     hardened-sources-2.6.18.ebuild:
354     stable x86, bug #157356
355 phreak 1.118
356     *hardened-sources-2.6.18-r2 (06 Dec 2006)
357    
358     06 Dec 2006; Christian Heim <phreak@gentoo.org>
359     +hardened-sources-2.6.18-r2.ebuild:
360     Revision bump, including 2.6.18.5 (via genpatches) and
361     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
362     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
363     redesign.
364 phreak 1.117
365     06 Dec 2006; Christian Heim <phreak@gentoo.org>
366     hardened-sources-2.6.18.ebuild:
367     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
368     of Mike Doty).
369 phreak 1.116
370     *hardened-sources-2.6.18-r1 (23 Nov 2006)
371    
372     23 Nov 2006; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.18-r1.ebuild:
374     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
375 phreak 1.115
376     *hardened-sources-2.6.18 (11 Nov 2006)
377    
378     11 Nov 2006; Christian Heim <phreak@gentoo.org>
379     +hardened-sources-2.6.18.ebuild:
380     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
381 solar 1.114
382     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
383     - mark amd64 stable also. bug #151877
384 solar 1.113
385     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
386     - mark 2.6.17-r1 stable
387 phreak 1.112
388     27 Aug 2006; Christian Heim <phreak@gentoo.org>
389     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
390     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
391 phreak 1.111
392     *hardened-sources-2.6.17-r1 (26 Aug 2006)
393    
394     26 Aug 2006; Christian Heim <phreak@gentoo.org>
395     +hardened-sources-2.6.17-r1.ebuild:
396     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
397     grsecurity patch.
398 phreak 1.110
399     *hardened-sources-2.6.17 (17 Aug 2006)
400    
401     17 Aug 2006; Christian Heim <phreak@gentoo.org>
402     +hardened-sources-2.6.17.ebuild:
403     Bumping the hardened-sources-2.6 series to 2.6.17, using
404     genpatches-2.6.17-6.base.
405 solar 1.109
406     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
407     - stable on x86 and amd64
408 solar 1.108
409     *hardened-sources-2.6.16-r11 (15 Jul 2006)
410    
411     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
412     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
413     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
414     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
415     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
416     crusty ebuilds
417 johnm 1.107
418     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
419     hardened-sources-2.6.16-r10.ebuild:
420     marking stable on x86 and amd64
421 solar 1.106
422     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
423     - 2.4.32-r6 stable on x86. RSBAC state unknown
424 kang 1.105
425     *hardened-sources-2.4.32-r7 (10 Jul 2006)
426    
427     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
428     +hardened-sources-2.4.32-r7.ebuild:
429     Bump PaX for RSBAC to test-17
430 johnm 1.104
431     *hardened-sources-2.6.16-r9 (03 Jul 2006)
432    
433     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
434     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
435     hardened-sources-2.6.16 bump to latest -base.
436 solar 1.103
437     *hardened-sources-2.4.32-r6 (30 Jun 2006)
438    
439     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
440     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
441     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
442     sysctl controlable resource logging
443 johnm 1.102
444     *hardened-sources-2.6.16-r7 (05 Jun 2006)
445    
446     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
447     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
448     push new 2.6.16 release in preparation for stable
449 solar 1.101
450     22 May 2006; <solar@gentoo.org> :
451     - redigest bug 134002
452 kang 1.100
453     *hardened-sources-2.4.32-r5 (16 May 2006)
454    
455     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
456     +hardened-sources-2.4.32-r5.ebuild:
457     Fixes rsbac common patching (new patch in new -r5 patchset)
458 solar 1.99
459     *hardened-sources-2.4.32-r4 (13 May 2006)
460    
461     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
462     +hardened-sources-2.4.32-r4.ebuild:
463     - security bumps
464 johnm 1.98
465     *hardened-sources-2.6.16-r6 (03 May 2006)
466    
467     03 May 2006; John Mylchreest <johnm@gentoo.org>
468     +hardened-sources-2.6.16-r6.ebuild:
469     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
470 johnm 1.97
471     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
472     hardened-sources-2.6.14-r8.ebuild:
473     fix x86_64 build problem, this will delay the digest issue again for a short
474     while but it will sort itself out
475 johnm 1.96
476     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
477     hardened-sources-2.6.14-r8.ebuild:
478     bump hardened patchset
479 antarus 1.94
480     27 Apr 2006; Alec Warner <antarus@gentoo.org>
481     files/digest-hardened-sources-2.4.32-r2,
482     files/digest-hardened-sources-2.4.32-r3,
483     files/digest-hardened-sources-2.6.14-r8, Manifest:
484     Fixing duff SHA256 digests: Bug # 131293
485 johnm 1.93
486 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
487    
488     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
489     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
490     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
491     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
492     cleanup of old uneccessary sources
493    
494 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
495     fix digest
496 johnm 1.92
497     *hardened-sources-2.6.14-r8 (20 Apr 2006)
498    
499     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
500     +hardened-sources-2.6.14-r8.ebuild:
501     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
502 johnm 1.91
503     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
504     Turning on gpg-signing again, and recomitting
505 johnm 1.90
506     *hardened-sources-2.6.16-r4 (20 Apr 2006)
507    
508     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
509     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
510     +hardened-sources-2.6.16-r4.ebuild:
511     Fix numerous security vulns
512 solar 1.89
513     *hardened-sources-2.4.32-r3 (16 Apr 2006)
514    
515     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
516     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
517     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
518     - security bump for bug #112791. Removed old ebuilds
519 johnm 1.88
520     *hardened-sources-2.6.16-r3 (15 Apr 2006)
521    
522     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
523     +hardened-sources-2.6.16-r3.ebuild:
524     Removing silly localversion which I missed
525 johnm 1.87
526     *hardened-sources-2.6.14-r7 (14 Apr 2006)
527    
528     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
529     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
530     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
531 johnm 1.86
532     *hardened-sources-2.6.16-r2 (13 Apr 2006)
533    
534     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
535     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
536     +hardened-sources-2.6.16-r2.ebuild:
537     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
538     labels, dropping USERGROUP define fixes, since these were merged mainstream.
539 johnm 1.85
540     *hardened-sources-2.6.16-r1 (11 Apr 2006)
541    
542     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
543     +hardened-sources-2.6.16-r1.ebuild:
544     Bumping to include ppc build fix and 2.6.16.3
545 tsunam 1.84
546     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
547     hardened-sources-2.6.14-r6.ebuild:
548     Stable on x86; bug #127718
549 johnm 1.83
550     *hardened-sources-2.6.16 (31 Mar 2006)
551    
552     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
553     +hardened-sources-2.6.16.ebuild:
554     Bumping to new version of grsec, and kernel base. New squashfs. Based on
555     2.6.16.1
556 cryos 1.82
557     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
558     hardened-sources-2.6.14-r6.ebuild:
559     Stable on amd64, bug 127718.
560 nixnut 1.81
561     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
562     Stable on ppc. Bug #127718
563 johnm 1.80
564     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
565     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
566     -hardened-sources-2.6.14-r4.ebuild:
567     Cleanup.
568 johnm 1.79
569     *hardened-sources-2.6.14-r6 (15 Mar 2006)
570    
571     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
572     +hardened-sources-2.6.14-r6.ebuild:
573     Fixes grsec policy recreation bug and adds a
574     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
575 solar 1.78
576     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
577     - stable on x86
578 hansmi 1.77
579     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
580     hardened-sources-2.6.14-r5.ebuild:
581     Stable on ppc.
582 johnm 1.76
583     *hardened-sources-2.6.14-r5 (01 Feb 2006)
584    
585     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
586     +hardened-sources-2.6.14-r5.ebuild:
587     fixing every known exploit
588 solar 1.75
589     *hardened-sources-2.4.32-r2 (26 Jan 2006)
590    
591     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
592     +hardened-sources-2.4.32-r2.ebuild:
593     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
594 solar 1.74
595     *hardened-sources-2.6.14-r4 (12 Jan 2006)
596    
597     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
598     - version bump for new genpatches which fix up a few sec holes
599 solar 1.73
600     *hardened-sources-2.4.32-r1 (05 Jan 2006)
601    
602     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
603     - revision bump to add misc vital linux kernel security patches.
604 johnm 1.72
605     *hardened-sources-2.6.14-r3 (30 Dec 2005)
606    
607     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
608     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
609     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
610 johnm 1.71
611     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
612     hardened-sources-2.6.14-r2.ebuild:
613     making x86 & amd64 stable following testing.
614 johnm 1.70
615     *hardened-sources-2.6.14-r2 (27 Dec 2005)
616    
617     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
618     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
619     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
620     network hooks.
621 johnm 1.69
622     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
623     hardened-sources-2.6.14-r1.ebuild:
624     bumping to stable early for sec fix on x86 & amd64
625 johnm 1.68
626     *hardened-sources-2.6.14-r1 (05 Dec 2005)
627    
628     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
629     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
630     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
631 solar 1.67
632     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
633     - stable on x86 security bug #114227 CAN-2005-3257
634 kang 1.66
635     *hardened-sources-2.4.32 (19 Nov 2005)
636    
637     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
638     +hardened-sources-2.4.32.ebuild:
639     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
640     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
641     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
642     rsbac >> /etc/portage/package.use)
643 johnm 1.65
644     *hardened-sources-2.6.14 (14 Nov 2005)
645    
646     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
648     Bumping 2.6 series to 2.6.14.2
649 johnm 1.64
650     *hardened-sources-2.6.13-r2 (20 Oct 2005)
651    
652     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
653     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
654     +hardened-sources-2.6.13-r2.ebuild:
655     Fixes minor build error in ppc.
656 johnm 1.63
657     *hardened-sources-2.6.13-r1 (17 Oct 2005)
658    
659     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
660     +hardened-sources-2.6.13-r1.ebuild:
661     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
662     2.6.13.4, fixes some major amd64 stability problems.
663 johnm 1.62
664     *hardened-sources-2.6.13 (16 Sep 2005)
665    
666     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
667     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
668     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
669     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
670     users should test this thoroughly.
671 solar 1.61
672     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
673     - stable on x86
674 johnm 1.60
675     *hardened-sources-2.6.11-r15 (27 Jun 2005)
676    
677     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
678     +hardened-sources-2.6.11-r15.ebuild:
679     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
680     grsec redefining curr_ip struct.
681 solar 1.59
682     *hardened-sources-2.4.31 (20 Jun 2005)
683    
684     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
685     initial import of 2.4.31 tree
686 johnm 1.58
687     *hardened-sources-2.6.11-r14 (14 Jun 2005)
688    
689     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
690     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
691     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
692     naming scheme to abide by genpatches
693 johnm 1.57
694     *hardened-sources-2.6.11-r13 (18 May 2005)
695    
696     18 May 2005; John Mylchreest <johnm@gentoo.org>
697     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
698     Managed to mangle the Makefile patch from grsec, to miss out the grsec
699     target. sorry about that. Fixes bug #93022
700 johnm 1.56
701     *hardened-sources-2.6.11-r12 (17 May 2005)
702    
703     17 May 2005; John Mylchreest <johnm@gentoo.org>
704     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
705     +hardened-sources-2.6.11-r12.ebuild:
706     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
707     merges in genpatches-base
708 johnm 1.55
709     *hardened-sources-2.6.11-r12 (17 May 2005)
710    
711     17 May 2005; John Mylchreest <johnm@gentoo.org>
712     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
713     +hardened-sources-2.6.11-r12.ebuild:
714     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
715     merges in genpatches-base
716 solar 1.54
717     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
718     -files/2.4.27-cmdline-race.patch,
719     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
720     -files/2.4.28-grsec-binfmt_a.out.patch,
721     -files/2.4.28-grsec-cmdline-race.patch,
722     -files/2.4.28-selinux-binfmt_a.out.patch,
723     -files/2.4.28-selinux-cmdline-race.patch,
724     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
725     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
726     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
727     cleanup..
728 solar 1.53
729     *hardened-sources-2.4.30-r1 (21 Apr 2005)
730    
731     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
732     - disable aout by default
733 solar 1.52
734     *hardened-sources-2.4.30 (18 Apr 2005)
735    
736     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
737     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
738     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
739     use
740 tocharian 1.50
741 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
742    
743     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
744     +hardened-sources-2.4.29.ebuild:
745     New hardened-patches-2.4-29.0 patchball.
746     Removed SELinux support, upgraded GRSecurity to 2.1.4.
747    
748     *hardened-sources-2.4.28-r5 (06 Mar 2005)
749    
750     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
751     +hardened-sources-2.4.28-r5.ebuild:
752     Added a fix for a PaX vulnerability.
753    
754     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
755 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
756     Stable on x86
757 solar 1.49
758     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
759     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
760     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
761     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
762     - fixed/added RDEPEND= in all kernel-2 ebuilds
763 tocharian 1.48
764     *hardened-sources-2.4.28-r4 (21 Jan 2005)
765    
766     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
767     +hardened-sources-2.4.28-r4.ebuild:
768     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
769     backport of neighbour hash updates.
770 tocharian 1.47
771     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772     hardened-sources-2.4.28-r3.ebuild:
773     Stable on x86
774 tseng 1.46
775     *hardened-sources-2.6.10-r3 (20 Jan 2005)
776    
777     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
778     +hardened-sources-2.6.10-r3.ebuild:
779     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
780     in 2005.0
781 tocharian 1.45
782     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
783     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
784     hardened-sources-2.4.28-r2.ebuild:
785     Mark stable on x86
786 tocharian 1.44
787     *hardened-sources-2.4.28-r3 (17 Jan 2005)
788    
789     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
790     +hardened-sources-2.4.28-r3.ebuild:
791     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
792 tocharian 1.43
793     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
794     hardened-sources-2.4.28.ebuild:
795     Mark stable on x86.
796 tocharian 1.42
797     *hardened-sources-2.4.28-r2 (13 Jan 2005)
798    
799     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
800     +hardened-sources-2.4.28-r2.ebuild:
801     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
802     Mazinger for grsecurity patches as well.
803 plasmaroo 1.41
804     *hardened-sources-2.4.28-r1 (23 Dec 2004)
805    
806     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
807     Security bump. Thank tocharian for rolling a new patchset...
808 solar 1.40
809     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
810     +files/2.4.28-grsec-cmdline-race.patch,
811     +files/2.4.28-selinux-binfmt_a.out.patch,
812     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
813     - Round up remaining security patches that appear to be missing in 2.4.28. -
814     PaX standalone updated to current. hgpv=28.1
815 solar 1.39
816     *hardened-sources-2.4.28 (28 Nov 2004)
817    
818     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
819     security bump. Thank tocharian for rolling a new patchset
820 scox 1.31
821 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
822    
823     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
824     +hardened-sources-2.4.27-r3.ebuild:
825     Applies the new 2.4-27.2 patchball which updates
826     GRSecurity to the 2.0.1 version.
827    
828 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
829    
830     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
831     +hardened-sources-2.4.27-r2.ebuild:
832     Version bump.
833     This version uses the new 2.4-27.1 patchball which updates
834     both the SELinux PaX hooks patch and the SELinux headers.
835    
836 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
837    
838     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
839     +hardened-sources-2.4.27-r1.ebuild,
840     -hardened-sources-2.4.27.ebuild,
841     +files/2.4.27-cmdline-race.patch:
842     Version bump, fix for cmdline race. See bug #59905.
843    
844     *hardened-sources-2.4.26-r6 (09 Aug 2004)
845    
846     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
847     +hardened-sources-2.4.26-r6.ebuild,
848     -hardened-sources-2.4.26-r5.ebuild,
849     -hardened-sources-2.4.26-r4.ebuild,
850     +files/2.4.26-cmdline-race.patch:
851     Version bump, fix for cmdline race. See bug #59905.
852    
853 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
854    
855     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
856     +hardened-sources-2.4.27.ebuild,
857     +files/2.4.27-CAN-2004-0394.patch:
858     Ported the patchball to the 2.4.27 kernel version.
859    
860 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
861    
862     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
863     +hardened-sources-2.4.26-r5.ebuild:
864 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
865 scox 1.34 It adds the following features:
866     - Squashfs
867     - Ebtables
868     - Netdev random (core+drivers)
869     - Watchdog Timer (WDT) fix.
870    
871 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
872    
873     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874     +hardened-sources-2.4.26-r4.ebuild,
875     +files/2.4.26-CAN-2004-0415.patch,
876     -hardened-sources-2.4.26-3:
877     Version bump, fix for CAN 0415, see bug #59378.
878    
879 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
880    
881     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
882     +hardened-sources-2.4.26-r3.ebuild,
883     +files/2.4.26-CAN-2004-0497.patch,
884     -hardened-sources-2.4.26-r2.ebuild:
885     Version bump, fixed CAN 0497, see bug #56171.
886    
887 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
888    
889     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
890 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
891 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
892     +files/2.4.26-CAN-2004-0535.patch,
893     -hardened-sources-2.4.26-r1.ebuild:
894     Fixes for both CAN 0495 and 0535, see bug #54976
895 pvdabeel 1.27
896 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
897     hardened-sources-2.4.26-r1.ebuild:
898     QA - fix use invocation
899 scox 1.28
900     *hardened-sources-2.4.26-r1 (22 June 2004)
901    
902     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
903     +hardened-sources-2.4.26-r1.ebuild,
904     +files/2.4.26-CAN-2004-0394.patch,
905     +files/2.4.26-signal-race.patch,
906     -hardened-sources-2.4.26.ebuild,
907     -hardened-sources-2.4.24-r3.ebuild:
908     Version bump for the CAN-2004-0394 issue and bug #53804
909     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
910    
911    
912 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
913     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
914     Masked hardened-sources-2.4.26.ebuild broken for ppc
915    
916     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
917     hardened-sources-2.4.24-r3.ebuild:
918     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
919 plasmaroo 1.25
920 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
921    
922     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
923     +hardened-sources-2.4.26.ebuild:
924     Updated hardened-sources for the 2.4.26 kernel
925     Removed broken components, updated almost everything.
926    
927 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
928    
929     17 Apr 2004; <plasmaroo@gentoo.org>
930     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
931     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
932     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
933     +hardened-sources-2.4.24-r3.ebuild:
934     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
935     vulnerabilities. Old revisions removed.
936 plasmaroo 1.24
937     *hardened-sources-2.4.24-r2 (15 Apr 2004)
938    
939     15 Apr 2004; <plasmaroo@gentoo.org>
940     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
941     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
942     Version bump for the CAN-2004-0109 issue; bug #47881.
943 aliz 1.23
944     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
945     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
946     Add eutils to inherit.
947 plasmaroo 1.22
948     *hardened-sources-2.4.24-r1 (19 Feb 2004)
949    
950     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
951     files/hardened-sources-2.4.24.munmap.patch:
952     Added the patch for the mremap/munmap vulnerability. Bug #42024.
953 scox 1.19
954 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
955 scox 1.26
956 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
957     hardened-sources-2.4.24.ebuild:
958     Version bump, updated most of the components.
959     This release includes the following:
960    
961     - Hardened security
962     - Netfilter patch-o-matic 20031219
963     - FreeSWAN 2.04 & x509 1.4.8
964     - EVMS 2.2.2
965     - XFS 1.3.1
966     - cryptoloop jari
967     - grsecurity 2.0-rc4
968     - SELinux
969     - PaX 200402060000
970     - PaX Obscurity 200308302223
971     - Others...
972    
973     Neither -ck nor systrace are included anymore.
974    
975 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
976    
977     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
978     hardened-sources-2.4.22-r2.ebuild:
979 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
980 scox 1.19
981     *hardened-sources-2.4.22-r1 (02 Dec 2003)
982 iggy 1.17
983     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
984 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
985 iggy 1.16
986     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
987 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
988     Version bump for the 'do_brk' vulnerability.
989 iggy 1.15
990     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
991     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
992     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
993     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
994 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
995 frogger 1.14
996     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
997     hardened-sources-2.4.22.ebuild:
998 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
999     components. These are no longer handled in the kernel
1000     so this code was not necessary.
1001 frogger 1.13
1002     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1003     New 2.4.22 based hardened-sources thanks to
1004     Phil West <p.west@computer.org>.
1005    
1006     These sources include:
1007 plasmaroo 1.18 - New SELinux API
1008     - Updated CK-base
1009     - Updated GRSec
1010     - Systrace
1011     - SuperFreeS/WAN 1.99.8
1012     - Propolice kernel build support
1013     - EVMS
1014     - Other various security related patches
1015 frogger 1.11
1016 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1017    
1018     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1019     Updated hardened-sources based on the 2.4.21 Linux kernel.
1020     This includes updates to most major components such as:
1021 plasmaroo 1.18 - ck-base-0306300059
1022     - selinux-2.4-2003071106
1023     - grsecurity-2.0-rc1
1024     - Updated IPTables patch-o-matic
1025     - Updated SuperFreeS/WAN
1026    
1027 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1028     updated patch set ready for the 2.4.21 based kernel.
1029    
1030 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1031     Initial import of hardened-sources-2.4.20-r4. This revision
1032     includes only a few changes, but one of these is an important
1033     security fix. It is recommended all users of hardened-sources
1034     upgrade to this release.
1035 plasmaroo 1.18
1036 frogger 1.11 - ioperm bug fix
1037     - fixed compilation failure when building without GRSec
1038 plasmaroo 1.18
1039 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1040     due to time constraints, but is planned for inclusion in the near
1041     future.
1042 msterret 1.10
1043     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1044    
1045     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1046     hardened-sources-2.4.20-r3.ebuild:
1047 plasmaroo 1.18 Add Header...
1048 frogger 1.9
1049     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1050     hardened-sources-2.4.20-r3.ebuild:
1051     Removed warnings from ebuild. This kernel should be safe to
1052     use at this point.
1053 frogger 1.8
1054     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1055    
1056     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1057     hardened-sources-2.4.20-r3.ebuild:
1058     New revision. Includes the following changes over -r2:
1059 plasmaroo 1.18
1060 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1061     - Super FreeS/WAN 1.99.7rc2
1062     - PaX for the LSM/SELinux branch
1063     - GRSecurity 2.0-pre4 (role based access control)
1064     - Systrace 1.3
1065     - EXT3 fixes
1066     - EVMS 2.0.1
1067     - GCC 3.1+ compile optimizations
1068     - ProPolice kernel build support
1069     - Hashing table security fixes
1070 frogger 1.3
1071     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1072 frogger 1.7
1073     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1074     Initial import of hardened-sources-r2. This new
1075     ebuild includes many new performance and security
1076     related patches. As in -r1, it will patch in
1077     LSM/SELinux if "selinux" is in USE, otherwise it
1078     will patch in GRSecurity. The following patches
1079     are included in this revision:
1080 plasmaroo 1.18
1081 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1082     (pulled from the base CK patch)
1083     - ptrace exploit patch for the LSM kernel
1084     (the GRSec patch already fixes this)
1085     - LSM 2.4-2003040709
1086     - SELinux 2.4-2003040709
1087     - Systrace v1.2
1088     - IPTables patch-o-matic base patches - 20030107
1089     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1090     - Super FreeS/WAN 1.99.6.1
1091     - GRSecurity 1.9.9g
1092     - MPPE
1093     - EXT3 data journal fix
1094     - CIPE 1.5.4
1095 frogger 1.6
1096     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1097     hardened-sources-2.4.20-r1.ebuild, manifest:
1098 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1099 frogger 1.5
1100     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1101     hardened-sources-2.4.20-r1.ebuild:
1102     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1103     is patched in instead. Ptrace patches for selinux have also been added. In
1104     either case, systrace support will be patched in as well.
1105 frogger 1.3
1106     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1107     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1108 plasmaroo 1.18 Revision bump for new sources.
1109 frogger 1.4
1110 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1111 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1112 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1113 method 1.1
1114 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1115    
1116 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1117     hardened-sources-2.4.20.ebuild:
1118 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20