/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.177 - (hide annotations) (download)
Wed Aug 29 11:23:35 2007 UTC (6 years, 7 months ago) by phreak
Branch: MAIN
Changes since 1.176: +9 -1 lines
Removing some redundant versions.
(Portage version: 2.1.3.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.177 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.176 2007/08/29 11:15:55 phreak Exp $
4    
5     29 Aug 2007; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
7     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
8     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
9     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
10     -hardened-sources-2.6.22-r2.ebuild:
11     Removing some redundant versions.
12 phreak 1.176
13     *hardened-sources-2.4.35-r1 (29 Aug 2007)
14    
15     29 Aug 2007; Christian Heim <phreak@gentoo.org>
16     +hardened-sources-2.4.35-r1.ebuild:
17     Revision bump, new grsecurity patch.
18 phreak 1.175
19     *hardened-sources-2.6.20-r8 (26 Aug 2007)
20    
21     26 Aug 2007; Christian Heim <phreak@gentoo.org>
22     +hardened-sources-2.6.20-r8.ebuild:
23     Revision bump for Linux 2.6.20.17.
24 phreak 1.174
25     *hardened-sources-2.6.22-r3 (22 Aug 2007)
26    
27     22 Aug 2007; Christian Heim <phreak@gentoo.org>
28     +hardened-sources-2.6.22-r3.ebuild:
29     Revision bump for Linux 2.6.22.4.
30 phreak 1.173
31     16 Aug 2007; Christian Heim <phreak@gentoo.org>
32     hardened-sources-2.6.22-r2.ebuild:
33     Updated patchset, to fix the alignment against 2.6.22.3.
34 phreak 1.172
35     *hardened-sources-2.6.22-r2 (16 Aug 2007)
36    
37     16 Aug 2007; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.22-r2.ebuild:
39     Revision bump for Linux 2.6.22.3.
40 phreak 1.171
41     *hardened-sources-2.4.35 (16 Aug 2007)
42    
43     16 Aug 2007; Christian Heim <phreak@gentoo.org>
44     +hardened-sources-2.4.35.ebuild:
45     Version bump, initial version for Linux 2.4.35.
46 phreak 1.170
47     *hardened-sources-2.6.21-r4 (16 Aug 2007)
48    
49     16 Aug 2007; Christian Heim <phreak@gentoo.org>
50     +hardened-sources-2.6.21-r4.ebuild:
51     Revision bump for Linux 2.6.21.6.
52 phreak 1.169
53     *hardened-sources-2.6.20-r7 (16 Aug 2007)
54    
55     16 Aug 2007; Christian Heim <phreak@gentoo.org>
56     +hardened-sources-2.6.20-r7.ebuild:
57     Revision bump for Linux 2.6.20.16.
58 phreak 1.168
59     *hardened-sources-2.6.22-r1 (13 Aug 2007)
60    
61     13 Aug 2007; Christian Heim <phreak@gentoo.org>
62     +hardened-sources-2.6.22-r1.ebuild:
63     Yet another revision bump.
64 phreak 1.167
65     *hardened-sources-2.6.22 (10 Aug 2007)
66    
67     10 Aug 2007; Christian Heim <phreak@gentoo.org>
68     +hardened-sources-2.6.22.ebuild:
69     Initial release for 2.6.22. If you are using hardened-sources on a desktop
70     machine (P4 or newer), be aware you might need to disable
71     CONFIG_PAX_PAGEEXEC.
72 phreak 1.166
73     04 Aug 2007; Christian Heim <phreak@gentoo.org>
74     hardened-sources-2.6.20-r6.ebuild:
75     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
76     2.6.20.15.
77 phreak 1.165
78     10 Jul 2007; Christian Heim <phreak@gentoo.org>
79     hardened-sources-2.6.20-r5.ebuild:
80     Marking hardened-sources-2.6.20-r5 stable on ppc.
81 phreak 1.164
82     10 Jul 2007; Christian Heim <phreak@gentoo.org>
83     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
84     Cleanup.
85 phreak 1.163
86     *hardened-sources-2.6.20-r6 (08 Jul 2007)
87    
88     08 Jul 2007; Christian Heim <phreak@gentoo.org>
89     +hardened-sources-2.6.20-r6.ebuild:
90     Revision bump, grabbing yet another stable release.
91 phreak 1.162
92     17 Jun 2007; Christian Heim <phreak@gentoo.org>
93     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
94     -hardened-sources-2.6.21-r2.ebuild:
95     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
96     alpha stable KEYWORD by mistake.
97 phreak 1.161
98     17 Jun 2007; Christian Heim <phreak@gentoo.org>
99     hardened-sources-2.6.20-r5.ebuild:
100     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
101     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
102 phreak 1.160
103     *hardened-sources-2.6.21-r3 (12 Jun 2007)
104    
105     12 Jun 2007; Christian Heim <phreak@gentoo.org>
106     +hardened-sources-2.6.21-r3.ebuild:
107     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
108     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
109     love.
110 phreak 1.159
111     *hardened-sources-2.6.20-r5 (11 Jun 2007)
112    
113     11 Jun 2007; Christian Heim <phreak@gentoo.org>
114     +hardened-sources-2.6.20-r5.ebuild:
115     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
116     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
117     love.
118 pappy 1.158
119     *hardened-sources-2.4.34.5 (11 Jun 2007)
120    
121     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
122     +hardened-sources-2.4.34.5.ebuild:
123     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
124 phreak 1.157
125     30 May 2007; Christian Heim <phreak@gentoo.org>
126     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
127     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
128     stale ebuild(s).
129 phreak 1.156
130     30 May 2007; Christian Heim <phreak@gentoo.org>
131     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
132     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
133     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
134     Doing some cleanups, remove stale ebuilds.
135 phreak 1.155
136     26 May 2007; Christian Heim <phreak@gentoo.org>
137     hardened-sources-2.6.21-r2.ebuild:
138     Fixing the grsecurity patch, had one '};' too much.
139 phreak 1.154
140     *hardened-sources-2.6.21-r2 (26 May 2007)
141    
142     26 May 2007; Christian Heim <phreak@gentoo.org>
143     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
144     +hardened-sources-2.6.21-r2.ebuild:
145     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
146     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
147 phreak 1.153
148     *hardened-sources-2.6.20-r4 (26 May 2007)
149    
150     26 May 2007; Christian Heim <phreak@gentoo.org>
151     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
152     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
153 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
154 phreak 1.152
155     15 May 2007; Christian Heim <phreak@gentoo.org>
156     hardened-sources-2.6.20-r3.ebuild:
157     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
158     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
159     grsecurity patch fail in that exact same hunk.
160 phreak 1.151
161     *hardened-sources-2.6.20-r3 (15 May 2007)
162    
163     15 May 2007; Christian Heim <phreak@gentoo.org>
164     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
165     Revision bump, incorporating Linux 2.6.20.11.
166    
167     *hardened-sources-2.6.21-r1 (11 May 2007)
168    
169     11 May 2007; Christian Heim <phreak@gentoo.org>
170     +hardened-sources-2.6.21-r1.ebuild:
171     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
172     mentioned in #177234.
173 kevquinn 1.150
174     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
175     files/digest-hardened-sources-2.6.21, Manifest:
176     Fix Manifest/digest for linux-2.6.21.tar.bz2
177 phreak 1.149
178     06 May 2007; Christian Heim <phreak@gentoo.org>
179     hardened-sources-2.6.21.ebuild:
180     Bumping the hardened-patches version, needed for the fix for #177234.
181 phreak 1.148
182     *hardened-sources-2.6.21 (02 May 2007)
183    
184     02 May 2007; Christian Heim <phreak@gentoo.org>
185     +hardened-sources-2.6.21.ebuild:
186     Version bump, Linux 2.6.21-hardened.
187 phreak 1.147
188     29 Apr 2007; Christian Heim <phreak@gentoo.org>
189     hardened-sources-2.6.20-r2.ebuild:
190     Adding ~ia64 on Ned's request.
191 phreak 1.146
192     29 Apr 2007; Christian Heim <phreak@gentoo.org>
193     hardened-sources-2.6.20-r2.ebuild:
194     Fixing the included grsecurity patch, wasn't alligning due to the Index:
195     header line(s).
196 phreak 1.145
197     29 Apr 2007; Christian Heim <phreak@gentoo.org>
198     hardened-sources-2.6.20-r2.ebuild:
199     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
200 armin76 1.144
201     *hardened-sources-2.6.20-r2 (10 Apr 2007)
202    
203     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
204     +hardened-sources-2.6.20-r2.ebuild:
205     Version bump, on behalf of phreak
206 phreak 1.143
207     *hardened-sources-2.6.20-r1 (04 Apr 2007)
208    
209     04 Apr 2007; Christian Heim <phreak@gentoo.org>
210     +hardened-sources-2.6.20-r1.ebuild:
211     Revision bump, grabbing a newer grsecurity snapshot.
212 phreak 1.142
213     *hardened-sources-2.6.20 (25 Mar 2007)
214    
215     25 Mar 2007; Christian Heim <phreak@gentoo.org>
216     +hardened-sources-2.6.20.ebuild:
217     Finally a hardened-sources version for 2.6.20; many people have been waiting
218     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
219     testbox.
220 chainsaw 1.141
221     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
222     hardened-sources-2.6.18-r6.ebuild:
223     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
224 phreak 1.140
225     *hardened-sources-2.6.18-r6 (16 Mar 2007)
226    
227     16 Mar 2007; Christian Heim <phreak@gentoo.org>
228     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
229     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
230     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
231     supposed to be.
232 phreak 1.139
233     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
234     Fixing the Manifest, the previous one was broken (as in still had the
235     deleted ebuild in it).
236 phreak 1.138
237     06 Mar 2007; Christian Heim <phreak@gentoo.org>
238     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
239     +hardened-sources-2.6.18-r5.ebuild:
240     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
241     Linux 2.6.18.8. Also cleaning up the older version.
242    
243     *hardened-sources-2.6.18-r5 (06 Mar 2007)
244    
245     06 Mar 2007; Christian Heim <phreak@gentoo.org>
246     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
247     +hardened-sources-2.6.18-r5.ebuild:
248     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
249     Linux 2.6.18.8. Also cleaning up the older version.
250 phreak 1.137
251     24 Feb 2007; Christian Heim <phreak@gentoo.org>
252     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
253     -hardened-sources-2.6.19-r5.ebuild:
254     Removing some of the old version, that didn't work.
255 phreak 1.136
256     *hardened-sources-2.6.19-r6 (12 Feb 2007)
257    
258     12 Feb 2007; Christian Heim <phreak@gentoo.org>
259     +hardened-sources-2.6.19-r6.ebuild:
260     Revision bump, including a new grsec version fixing #166235.
261 pappy 1.134
262     *hardened-sources-2.4.34 (24 Jan 2007)
263    
264     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
265 pappy 1.135 Manifest:
266     updating Manifest with checksums of new tarball and ebuild
267    
268     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
269 pappy 1.134 +hardened-sources-2.4.34.ebuild:
270     I added new hardened sources 2.4 update, this is a critical path
271     security bugfix - all users of h-s are strongly advised
272     to update their existing hardened sources to this version.
273     It contains a fix for a kernel vulnerability that is pertaining
274     to the PaX changes to virtual memory management, possibly leading
275     to a local kernel exploit ... see grsecurity.net forums and homepage
276 phreak 1.133
277     23 Jan 2007; Christian Heim <phreak@gentoo.org>
278     files/digest-hardened-sources-2.6.19-r5, Manifest:
279     Fixing the patch-tarball digest.
280 phreak 1.132
281     *hardened-sources-2.6.19-r5 (23 Jan 2007)
282    
283     23 Jan 2007; Christian Heim <phreak@gentoo.org>
284     +hardened-sources-2.6.19-r5.ebuild:
285     Revision bump, closing the recently discovered PaX expand_stack()
286     vulnerability.
287 phreak 1.131
288     *hardened-sources-2.6.19-r4 (14 Jan 2007)
289    
290     14 Jan 2007; Christian Heim <phreak@gentoo.org>
291     +hardened-sources-2.6.19-r4.ebuild:
292     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
293     dropping the randomized PID feature.
294 opfer 1.130
295     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
296     hardened-sources-2.4.33.4.ebuild:
297     stable x86, bug #161171
298 phreak 1.129
299     *hardened-sources-2.6.19-r3 (27 Dec 2006)
300    
301     27 Dec 2006; Christian Heim <phreak@gentoo.org>
302     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
303     Revision bump for bug #157186 and #158786.
304 phreak 1.128
305     *hardened-sources-2.6.18-r4 (27 Dec 2006)
306    
307     27 Dec 2006; Christian Heim <phreak@gentoo.org>
308     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
309     Revision bump for bug #157186.
310 phreak 1.127
311     *hardened-sources-2.6.19-r2 (23 Dec 2006)
312    
313     23 Dec 2006; Christian Heim <phreak@gentoo.org>
314     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
315     Revision bump to pull in genpatches-2.6.19-3 for #157186.
316 phreak 1.126
317     17 Dec 2006; Christian Heim <phreak@gentoo.org>
318     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
319     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
320     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
321     hardened-sources-2.6.19-r1.ebuild:
322     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
323     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
324 pappy 1.125
325     *hardened-sources-2.4.33.4 (17 Dec 2006)
326    
327     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
328     +hardened-sources-2.4.33.4.ebuild:
329     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
330     and quilting
331 phreak 1.124
332     *hardened-sources-2.6.19-r1 (14 Dec 2006)
333    
334     14 Dec 2006; Christian Heim <phreak@gentoo.org>
335     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
336     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
337     for reporting).
338 phreak 1.123
339     *hardened-sources-2.6.19 (13 Dec 2006)
340    
341     13 Dec 2006; Christian Heim <phreak@gentoo.org>
342     +hardened-sources-2.6.19.ebuild:
343     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
344     Brad for providing that prompt update.
345 phreak 1.122
346     *hardened-sources-2.6.18-r3 (13 Dec 2006)
347    
348     13 Dec 2006; Christian Heim <phreak@gentoo.org>
349     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
350     +hardened-sources-2.6.18-r3.ebuild:
351     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
352     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
353 phreak 1.121
354     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
355     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
356 nixnut 1.120
357     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
358     Stable on ppc wrt bug 157356
359 opfer 1.119
360     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
361     hardened-sources-2.6.18.ebuild:
362     stable x86, bug #157356
363 phreak 1.118
364     *hardened-sources-2.6.18-r2 (06 Dec 2006)
365    
366     06 Dec 2006; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.18-r2.ebuild:
368     Revision bump, including 2.6.18.5 (via genpatches) and
369     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
370     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
371     redesign.
372 phreak 1.117
373     06 Dec 2006; Christian Heim <phreak@gentoo.org>
374     hardened-sources-2.6.18.ebuild:
375     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
376     of Mike Doty).
377 phreak 1.116
378     *hardened-sources-2.6.18-r1 (23 Nov 2006)
379    
380     23 Nov 2006; Christian Heim <phreak@gentoo.org>
381     +hardened-sources-2.6.18-r1.ebuild:
382     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
383 phreak 1.115
384     *hardened-sources-2.6.18 (11 Nov 2006)
385    
386     11 Nov 2006; Christian Heim <phreak@gentoo.org>
387     +hardened-sources-2.6.18.ebuild:
388     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
389 solar 1.114
390     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
391     - mark amd64 stable also. bug #151877
392 solar 1.113
393     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
394     - mark 2.6.17-r1 stable
395 phreak 1.112
396     27 Aug 2006; Christian Heim <phreak@gentoo.org>
397     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
398     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
399 phreak 1.111
400     *hardened-sources-2.6.17-r1 (26 Aug 2006)
401    
402     26 Aug 2006; Christian Heim <phreak@gentoo.org>
403     +hardened-sources-2.6.17-r1.ebuild:
404     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
405     grsecurity patch.
406 phreak 1.110
407     *hardened-sources-2.6.17 (17 Aug 2006)
408    
409     17 Aug 2006; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.6.17.ebuild:
411     Bumping the hardened-sources-2.6 series to 2.6.17, using
412     genpatches-2.6.17-6.base.
413 solar 1.109
414     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
415     - stable on x86 and amd64
416 solar 1.108
417     *hardened-sources-2.6.16-r11 (15 Jul 2006)
418    
419     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
420     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
421     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
422     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
423     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
424     crusty ebuilds
425 johnm 1.107
426     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
427     hardened-sources-2.6.16-r10.ebuild:
428     marking stable on x86 and amd64
429 solar 1.106
430     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
431     - 2.4.32-r6 stable on x86. RSBAC state unknown
432 kang 1.105
433     *hardened-sources-2.4.32-r7 (10 Jul 2006)
434    
435     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
436     +hardened-sources-2.4.32-r7.ebuild:
437     Bump PaX for RSBAC to test-17
438 johnm 1.104
439     *hardened-sources-2.6.16-r9 (03 Jul 2006)
440    
441     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
442     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
443     hardened-sources-2.6.16 bump to latest -base.
444 solar 1.103
445     *hardened-sources-2.4.32-r6 (30 Jun 2006)
446    
447     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
448     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
449     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
450     sysctl controlable resource logging
451 johnm 1.102
452     *hardened-sources-2.6.16-r7 (05 Jun 2006)
453    
454     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
455     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
456     push new 2.6.16 release in preparation for stable
457 solar 1.101
458     22 May 2006; <solar@gentoo.org> :
459     - redigest bug 134002
460 kang 1.100
461     *hardened-sources-2.4.32-r5 (16 May 2006)
462    
463     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
464     +hardened-sources-2.4.32-r5.ebuild:
465     Fixes rsbac common patching (new patch in new -r5 patchset)
466 solar 1.99
467     *hardened-sources-2.4.32-r4 (13 May 2006)
468    
469     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
470     +hardened-sources-2.4.32-r4.ebuild:
471     - security bumps
472 johnm 1.98
473     *hardened-sources-2.6.16-r6 (03 May 2006)
474    
475     03 May 2006; John Mylchreest <johnm@gentoo.org>
476     +hardened-sources-2.6.16-r6.ebuild:
477     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
478 johnm 1.97
479     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
480     hardened-sources-2.6.14-r8.ebuild:
481     fix x86_64 build problem, this will delay the digest issue again for a short
482     while but it will sort itself out
483 johnm 1.96
484     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
485     hardened-sources-2.6.14-r8.ebuild:
486     bump hardened patchset
487 antarus 1.94
488     27 Apr 2006; Alec Warner <antarus@gentoo.org>
489     files/digest-hardened-sources-2.4.32-r2,
490     files/digest-hardened-sources-2.4.32-r3,
491     files/digest-hardened-sources-2.6.14-r8, Manifest:
492     Fixing duff SHA256 digests: Bug # 131293
493 johnm 1.93
494 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
495    
496     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
497     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
498     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
499     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
500     cleanup of old uneccessary sources
501    
502 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
503     fix digest
504 johnm 1.92
505     *hardened-sources-2.6.14-r8 (20 Apr 2006)
506    
507     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
508     +hardened-sources-2.6.14-r8.ebuild:
509     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
510 johnm 1.91
511     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
512     Turning on gpg-signing again, and recomitting
513 johnm 1.90
514     *hardened-sources-2.6.16-r4 (20 Apr 2006)
515    
516     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
517     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
518     +hardened-sources-2.6.16-r4.ebuild:
519     Fix numerous security vulns
520 solar 1.89
521     *hardened-sources-2.4.32-r3 (16 Apr 2006)
522    
523     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
524     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
525     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
526     - security bump for bug #112791. Removed old ebuilds
527 johnm 1.88
528     *hardened-sources-2.6.16-r3 (15 Apr 2006)
529    
530     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
531     +hardened-sources-2.6.16-r3.ebuild:
532     Removing silly localversion which I missed
533 johnm 1.87
534     *hardened-sources-2.6.14-r7 (14 Apr 2006)
535    
536     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
537     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
538     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
539 johnm 1.86
540     *hardened-sources-2.6.16-r2 (13 Apr 2006)
541    
542     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
543     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
544     +hardened-sources-2.6.16-r2.ebuild:
545     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
546     labels, dropping USERGROUP define fixes, since these were merged mainstream.
547 johnm 1.85
548     *hardened-sources-2.6.16-r1 (11 Apr 2006)
549    
550     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
551     +hardened-sources-2.6.16-r1.ebuild:
552     Bumping to include ppc build fix and 2.6.16.3
553 tsunam 1.84
554     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
555     hardened-sources-2.6.14-r6.ebuild:
556     Stable on x86; bug #127718
557 johnm 1.83
558     *hardened-sources-2.6.16 (31 Mar 2006)
559    
560     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
561     +hardened-sources-2.6.16.ebuild:
562     Bumping to new version of grsec, and kernel base. New squashfs. Based on
563     2.6.16.1
564 cryos 1.82
565     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
566     hardened-sources-2.6.14-r6.ebuild:
567     Stable on amd64, bug 127718.
568 nixnut 1.81
569     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
570     Stable on ppc. Bug #127718
571 johnm 1.80
572     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
573     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
574     -hardened-sources-2.6.14-r4.ebuild:
575     Cleanup.
576 johnm 1.79
577     *hardened-sources-2.6.14-r6 (15 Mar 2006)
578    
579     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
580     +hardened-sources-2.6.14-r6.ebuild:
581     Fixes grsec policy recreation bug and adds a
582     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
583 solar 1.78
584     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
585     - stable on x86
586 hansmi 1.77
587     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
588     hardened-sources-2.6.14-r5.ebuild:
589     Stable on ppc.
590 johnm 1.76
591     *hardened-sources-2.6.14-r5 (01 Feb 2006)
592    
593     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
594     +hardened-sources-2.6.14-r5.ebuild:
595     fixing every known exploit
596 solar 1.75
597     *hardened-sources-2.4.32-r2 (26 Jan 2006)
598    
599     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
600     +hardened-sources-2.4.32-r2.ebuild:
601     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
602 solar 1.74
603     *hardened-sources-2.6.14-r4 (12 Jan 2006)
604    
605     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
606     - version bump for new genpatches which fix up a few sec holes
607 solar 1.73
608     *hardened-sources-2.4.32-r1 (05 Jan 2006)
609    
610     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
611     - revision bump to add misc vital linux kernel security patches.
612 johnm 1.72
613     *hardened-sources-2.6.14-r3 (30 Dec 2005)
614    
615     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
616     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
617     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
618 johnm 1.71
619     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
620     hardened-sources-2.6.14-r2.ebuild:
621     making x86 & amd64 stable following testing.
622 johnm 1.70
623     *hardened-sources-2.6.14-r2 (27 Dec 2005)
624    
625     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
626     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
627     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
628     network hooks.
629 johnm 1.69
630     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
631     hardened-sources-2.6.14-r1.ebuild:
632     bumping to stable early for sec fix on x86 & amd64
633 johnm 1.68
634     *hardened-sources-2.6.14-r1 (05 Dec 2005)
635    
636     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
637     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
638     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
639 solar 1.67
640     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
641     - stable on x86 security bug #114227 CAN-2005-3257
642 kang 1.66
643     *hardened-sources-2.4.32 (19 Nov 2005)
644    
645     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
646     +hardened-sources-2.4.32.ebuild:
647     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
648     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
649     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
650     rsbac >> /etc/portage/package.use)
651 johnm 1.65
652     *hardened-sources-2.6.14 (14 Nov 2005)
653    
654     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
655     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
656     Bumping 2.6 series to 2.6.14.2
657 johnm 1.64
658     *hardened-sources-2.6.13-r2 (20 Oct 2005)
659    
660     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
661     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
662     +hardened-sources-2.6.13-r2.ebuild:
663     Fixes minor build error in ppc.
664 johnm 1.63
665     *hardened-sources-2.6.13-r1 (17 Oct 2005)
666    
667     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
668     +hardened-sources-2.6.13-r1.ebuild:
669     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
670     2.6.13.4, fixes some major amd64 stability problems.
671 johnm 1.62
672     *hardened-sources-2.6.13 (16 Sep 2005)
673    
674     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
675     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
676     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
677     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
678     users should test this thoroughly.
679 solar 1.61
680     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
681     - stable on x86
682 johnm 1.60
683     *hardened-sources-2.6.11-r15 (27 Jun 2005)
684    
685     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
686     +hardened-sources-2.6.11-r15.ebuild:
687     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
688     grsec redefining curr_ip struct.
689 solar 1.59
690     *hardened-sources-2.4.31 (20 Jun 2005)
691    
692     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
693     initial import of 2.4.31 tree
694 johnm 1.58
695     *hardened-sources-2.6.11-r14 (14 Jun 2005)
696    
697     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
698     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
699     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
700     naming scheme to abide by genpatches
701 johnm 1.57
702     *hardened-sources-2.6.11-r13 (18 May 2005)
703    
704     18 May 2005; John Mylchreest <johnm@gentoo.org>
705     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
706     Managed to mangle the Makefile patch from grsec, to miss out the grsec
707     target. sorry about that. Fixes bug #93022
708 johnm 1.56
709     *hardened-sources-2.6.11-r12 (17 May 2005)
710    
711     17 May 2005; John Mylchreest <johnm@gentoo.org>
712     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
713     +hardened-sources-2.6.11-r12.ebuild:
714     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
715     merges in genpatches-base
716 johnm 1.55
717     *hardened-sources-2.6.11-r12 (17 May 2005)
718    
719     17 May 2005; John Mylchreest <johnm@gentoo.org>
720     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
721     +hardened-sources-2.6.11-r12.ebuild:
722     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
723     merges in genpatches-base
724 solar 1.54
725     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
726     -files/2.4.27-cmdline-race.patch,
727     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
728     -files/2.4.28-grsec-binfmt_a.out.patch,
729     -files/2.4.28-grsec-cmdline-race.patch,
730     -files/2.4.28-selinux-binfmt_a.out.patch,
731     -files/2.4.28-selinux-cmdline-race.patch,
732     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
733     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
734     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
735     cleanup..
736 solar 1.53
737     *hardened-sources-2.4.30-r1 (21 Apr 2005)
738    
739     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
740     - disable aout by default
741 solar 1.52
742     *hardened-sources-2.4.30 (18 Apr 2005)
743    
744     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
745     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
746     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
747     use
748 tocharian 1.50
749 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
750    
751     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
752     +hardened-sources-2.4.29.ebuild:
753     New hardened-patches-2.4-29.0 patchball.
754     Removed SELinux support, upgraded GRSecurity to 2.1.4.
755    
756     *hardened-sources-2.4.28-r5 (06 Mar 2005)
757    
758     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
759     +hardened-sources-2.4.28-r5.ebuild:
760     Added a fix for a PaX vulnerability.
761    
762     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
763 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
764     Stable on x86
765 solar 1.49
766     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
767     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
768     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
769     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
770     - fixed/added RDEPEND= in all kernel-2 ebuilds
771 tocharian 1.48
772     *hardened-sources-2.4.28-r4 (21 Jan 2005)
773    
774     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
775     +hardened-sources-2.4.28-r4.ebuild:
776     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
777     backport of neighbour hash updates.
778 tocharian 1.47
779     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
780     hardened-sources-2.4.28-r3.ebuild:
781     Stable on x86
782 tseng 1.46
783     *hardened-sources-2.6.10-r3 (20 Jan 2005)
784    
785     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
786     +hardened-sources-2.6.10-r3.ebuild:
787     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
788     in 2005.0
789 tocharian 1.45
790     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
791     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
792     hardened-sources-2.4.28-r2.ebuild:
793     Mark stable on x86
794 tocharian 1.44
795     *hardened-sources-2.4.28-r3 (17 Jan 2005)
796    
797     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
798     +hardened-sources-2.4.28-r3.ebuild:
799     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
800 tocharian 1.43
801     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
802     hardened-sources-2.4.28.ebuild:
803     Mark stable on x86.
804 tocharian 1.42
805     *hardened-sources-2.4.28-r2 (13 Jan 2005)
806    
807     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
808     +hardened-sources-2.4.28-r2.ebuild:
809     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
810     Mazinger for grsecurity patches as well.
811 plasmaroo 1.41
812     *hardened-sources-2.4.28-r1 (23 Dec 2004)
813    
814     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
815     Security bump. Thank tocharian for rolling a new patchset...
816 solar 1.40
817     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
818     +files/2.4.28-grsec-cmdline-race.patch,
819     +files/2.4.28-selinux-binfmt_a.out.patch,
820     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
821     - Round up remaining security patches that appear to be missing in 2.4.28. -
822     PaX standalone updated to current. hgpv=28.1
823 solar 1.39
824     *hardened-sources-2.4.28 (28 Nov 2004)
825    
826     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
827     security bump. Thank tocharian for rolling a new patchset
828 scox 1.31
829 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
830    
831     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
832     +hardened-sources-2.4.27-r3.ebuild:
833     Applies the new 2.4-27.2 patchball which updates
834     GRSecurity to the 2.0.1 version.
835    
836 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
837    
838     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
839     +hardened-sources-2.4.27-r2.ebuild:
840     Version bump.
841     This version uses the new 2.4-27.1 patchball which updates
842     both the SELinux PaX hooks patch and the SELinux headers.
843    
844 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
845    
846     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
847     +hardened-sources-2.4.27-r1.ebuild,
848     -hardened-sources-2.4.27.ebuild,
849     +files/2.4.27-cmdline-race.patch:
850     Version bump, fix for cmdline race. See bug #59905.
851    
852     *hardened-sources-2.4.26-r6 (09 Aug 2004)
853    
854     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
855     +hardened-sources-2.4.26-r6.ebuild,
856     -hardened-sources-2.4.26-r5.ebuild,
857     -hardened-sources-2.4.26-r4.ebuild,
858     +files/2.4.26-cmdline-race.patch:
859     Version bump, fix for cmdline race. See bug #59905.
860    
861 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
862    
863     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
864     +hardened-sources-2.4.27.ebuild,
865     +files/2.4.27-CAN-2004-0394.patch:
866     Ported the patchball to the 2.4.27 kernel version.
867    
868 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
869    
870     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
871     +hardened-sources-2.4.26-r5.ebuild:
872 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
873 scox 1.34 It adds the following features:
874     - Squashfs
875     - Ebtables
876     - Netdev random (core+drivers)
877     - Watchdog Timer (WDT) fix.
878    
879 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
880    
881     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
882     +hardened-sources-2.4.26-r4.ebuild,
883     +files/2.4.26-CAN-2004-0415.patch,
884     -hardened-sources-2.4.26-3:
885     Version bump, fix for CAN 0415, see bug #59378.
886    
887 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
888    
889     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
890     +hardened-sources-2.4.26-r3.ebuild,
891     +files/2.4.26-CAN-2004-0497.patch,
892     -hardened-sources-2.4.26-r2.ebuild:
893     Version bump, fixed CAN 0497, see bug #56171.
894    
895 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
896    
897     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
898 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
899 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
900     +files/2.4.26-CAN-2004-0535.patch,
901     -hardened-sources-2.4.26-r1.ebuild:
902     Fixes for both CAN 0495 and 0535, see bug #54976
903 pvdabeel 1.27
904 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
905     hardened-sources-2.4.26-r1.ebuild:
906     QA - fix use invocation
907 scox 1.28
908     *hardened-sources-2.4.26-r1 (22 June 2004)
909    
910     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
911     +hardened-sources-2.4.26-r1.ebuild,
912     +files/2.4.26-CAN-2004-0394.patch,
913     +files/2.4.26-signal-race.patch,
914     -hardened-sources-2.4.26.ebuild,
915     -hardened-sources-2.4.24-r3.ebuild:
916     Version bump for the CAN-2004-0394 issue and bug #53804
917     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
918    
919    
920 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
921     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
922     Masked hardened-sources-2.4.26.ebuild broken for ppc
923    
924     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
925     hardened-sources-2.4.24-r3.ebuild:
926     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
927 plasmaroo 1.25
928 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
929    
930     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
931     +hardened-sources-2.4.26.ebuild:
932     Updated hardened-sources for the 2.4.26 kernel
933     Removed broken components, updated almost everything.
934    
935 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
936    
937     17 Apr 2004; <plasmaroo@gentoo.org>
938     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
939     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
940     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
941     +hardened-sources-2.4.24-r3.ebuild:
942     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
943     vulnerabilities. Old revisions removed.
944 plasmaroo 1.24
945     *hardened-sources-2.4.24-r2 (15 Apr 2004)
946    
947     15 Apr 2004; <plasmaroo@gentoo.org>
948     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
949     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
950     Version bump for the CAN-2004-0109 issue; bug #47881.
951 aliz 1.23
952     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
953     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
954     Add eutils to inherit.
955 plasmaroo 1.22
956     *hardened-sources-2.4.24-r1 (19 Feb 2004)
957    
958     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
959     files/hardened-sources-2.4.24.munmap.patch:
960     Added the patch for the mremap/munmap vulnerability. Bug #42024.
961 scox 1.19
962 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
963 scox 1.26
964 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
965     hardened-sources-2.4.24.ebuild:
966     Version bump, updated most of the components.
967     This release includes the following:
968    
969     - Hardened security
970     - Netfilter patch-o-matic 20031219
971     - FreeSWAN 2.04 & x509 1.4.8
972     - EVMS 2.2.2
973     - XFS 1.3.1
974     - cryptoloop jari
975     - grsecurity 2.0-rc4
976     - SELinux
977     - PaX 200402060000
978     - PaX Obscurity 200308302223
979     - Others...
980    
981     Neither -ck nor systrace are included anymore.
982    
983 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
984    
985     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
986     hardened-sources-2.4.22-r2.ebuild:
987 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
988 scox 1.19
989     *hardened-sources-2.4.22-r1 (02 Dec 2003)
990 iggy 1.17
991     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
992 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
993 iggy 1.16
994     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
995 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
996     Version bump for the 'do_brk' vulnerability.
997 iggy 1.15
998     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
999     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1000     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1001     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1002 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1003 frogger 1.14
1004     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1005     hardened-sources-2.4.22.ebuild:
1006 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1007     components. These are no longer handled in the kernel
1008     so this code was not necessary.
1009 frogger 1.13
1010     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1011     New 2.4.22 based hardened-sources thanks to
1012     Phil West <p.west@computer.org>.
1013    
1014     These sources include:
1015 plasmaroo 1.18 - New SELinux API
1016     - Updated CK-base
1017     - Updated GRSec
1018     - Systrace
1019     - SuperFreeS/WAN 1.99.8
1020     - Propolice kernel build support
1021     - EVMS
1022     - Other various security related patches
1023 frogger 1.11
1024 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1025    
1026     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1027     Updated hardened-sources based on the 2.4.21 Linux kernel.
1028     This includes updates to most major components such as:
1029 plasmaroo 1.18 - ck-base-0306300059
1030     - selinux-2.4-2003071106
1031     - grsecurity-2.0-rc1
1032     - Updated IPTables patch-o-matic
1033     - Updated SuperFreeS/WAN
1034    
1035 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1036     updated patch set ready for the 2.4.21 based kernel.
1037    
1038 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1039     Initial import of hardened-sources-2.4.20-r4. This revision
1040     includes only a few changes, but one of these is an important
1041     security fix. It is recommended all users of hardened-sources
1042     upgrade to this release.
1043 plasmaroo 1.18
1044 frogger 1.11 - ioperm bug fix
1045     - fixed compilation failure when building without GRSec
1046 plasmaroo 1.18
1047 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1048     due to time constraints, but is planned for inclusion in the near
1049     future.
1050 msterret 1.10
1051     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1052    
1053     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1054     hardened-sources-2.4.20-r3.ebuild:
1055 plasmaroo 1.18 Add Header...
1056 frogger 1.9
1057     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1058     hardened-sources-2.4.20-r3.ebuild:
1059     Removed warnings from ebuild. This kernel should be safe to
1060     use at this point.
1061 frogger 1.8
1062     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1063    
1064     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1065     hardened-sources-2.4.20-r3.ebuild:
1066     New revision. Includes the following changes over -r2:
1067 plasmaroo 1.18
1068 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1069     - Super FreeS/WAN 1.99.7rc2
1070     - PaX for the LSM/SELinux branch
1071     - GRSecurity 2.0-pre4 (role based access control)
1072     - Systrace 1.3
1073     - EXT3 fixes
1074     - EVMS 2.0.1
1075     - GCC 3.1+ compile optimizations
1076     - ProPolice kernel build support
1077     - Hashing table security fixes
1078 frogger 1.3
1079     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1080 frogger 1.7
1081     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1082     Initial import of hardened-sources-r2. This new
1083     ebuild includes many new performance and security
1084     related patches. As in -r1, it will patch in
1085     LSM/SELinux if "selinux" is in USE, otherwise it
1086     will patch in GRSecurity. The following patches
1087     are included in this revision:
1088 plasmaroo 1.18
1089 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1090     (pulled from the base CK patch)
1091     - ptrace exploit patch for the LSM kernel
1092     (the GRSec patch already fixes this)
1093     - LSM 2.4-2003040709
1094     - SELinux 2.4-2003040709
1095     - Systrace v1.2
1096     - IPTables patch-o-matic base patches - 20030107
1097     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1098     - Super FreeS/WAN 1.99.6.1
1099     - GRSecurity 1.9.9g
1100     - MPPE
1101     - EXT3 data journal fix
1102     - CIPE 1.5.4
1103 frogger 1.6
1104     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1105     hardened-sources-2.4.20-r1.ebuild, manifest:
1106 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1107 frogger 1.5
1108     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1109     hardened-sources-2.4.20-r1.ebuild:
1110     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1111     is patched in instead. Ptrace patches for selinux have also been added. In
1112     either case, systrace support will be patched in as well.
1113 frogger 1.3
1114     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1115     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1116 plasmaroo 1.18 Revision bump for new sources.
1117 frogger 1.4
1118 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1119 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1120 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1121 method 1.1
1122 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1123    
1124 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1125     hardened-sources-2.4.20.ebuild:
1126 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20