/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.179 - (hide annotations) (download)
Sat Sep 1 12:06:55 2007 UTC (6 years, 7 months ago) by phreak
Branch: MAIN
Changes since 1.178: +5 -1 lines
Removing tocharian from metadata due to his retirement (see #71718 for reference).
(Portage version: 2.1.3.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.179 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.178 2007/08/30 13:51:24 phreak Exp $
4    
5     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
6     Removing tocharian from metadata due to his retirement (see #71718 for
7     reference).
8 phreak 1.178
9     *hardened-sources-2.6.20-r9 (30 Aug 2007)
10    
11     30 Aug 2007; Christian Heim <phreak@gentoo.org>
12     +hardened-sources-2.6.20-r9.ebuild:
13     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
14 phreak 1.177
15     29 Aug 2007; Christian Heim <phreak@gentoo.org>
16     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
17     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
18     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
19     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
20     -hardened-sources-2.6.22-r2.ebuild:
21     Removing some redundant versions.
22 phreak 1.176
23     *hardened-sources-2.4.35-r1 (29 Aug 2007)
24    
25     29 Aug 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.4.35-r1.ebuild:
27     Revision bump, new grsecurity patch.
28 phreak 1.175
29     *hardened-sources-2.6.20-r8 (26 Aug 2007)
30    
31     26 Aug 2007; Christian Heim <phreak@gentoo.org>
32     +hardened-sources-2.6.20-r8.ebuild:
33     Revision bump for Linux 2.6.20.17.
34 phreak 1.174
35     *hardened-sources-2.6.22-r3 (22 Aug 2007)
36    
37     22 Aug 2007; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.22-r3.ebuild:
39     Revision bump for Linux 2.6.22.4.
40 phreak 1.173
41     16 Aug 2007; Christian Heim <phreak@gentoo.org>
42     hardened-sources-2.6.22-r2.ebuild:
43     Updated patchset, to fix the alignment against 2.6.22.3.
44 phreak 1.172
45     *hardened-sources-2.6.22-r2 (16 Aug 2007)
46    
47     16 Aug 2007; Christian Heim <phreak@gentoo.org>
48     +hardened-sources-2.6.22-r2.ebuild:
49     Revision bump for Linux 2.6.22.3.
50 phreak 1.171
51     *hardened-sources-2.4.35 (16 Aug 2007)
52    
53     16 Aug 2007; Christian Heim <phreak@gentoo.org>
54     +hardened-sources-2.4.35.ebuild:
55     Version bump, initial version for Linux 2.4.35.
56 phreak 1.170
57     *hardened-sources-2.6.21-r4 (16 Aug 2007)
58    
59     16 Aug 2007; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.21-r4.ebuild:
61     Revision bump for Linux 2.6.21.6.
62 phreak 1.169
63     *hardened-sources-2.6.20-r7 (16 Aug 2007)
64    
65     16 Aug 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.20-r7.ebuild:
67     Revision bump for Linux 2.6.20.16.
68 phreak 1.168
69     *hardened-sources-2.6.22-r1 (13 Aug 2007)
70    
71     13 Aug 2007; Christian Heim <phreak@gentoo.org>
72     +hardened-sources-2.6.22-r1.ebuild:
73     Yet another revision bump.
74 phreak 1.167
75     *hardened-sources-2.6.22 (10 Aug 2007)
76    
77     10 Aug 2007; Christian Heim <phreak@gentoo.org>
78     +hardened-sources-2.6.22.ebuild:
79     Initial release for 2.6.22. If you are using hardened-sources on a desktop
80     machine (P4 or newer), be aware you might need to disable
81     CONFIG_PAX_PAGEEXEC.
82 phreak 1.166
83     04 Aug 2007; Christian Heim <phreak@gentoo.org>
84     hardened-sources-2.6.20-r6.ebuild:
85     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
86     2.6.20.15.
87 phreak 1.165
88     10 Jul 2007; Christian Heim <phreak@gentoo.org>
89     hardened-sources-2.6.20-r5.ebuild:
90     Marking hardened-sources-2.6.20-r5 stable on ppc.
91 phreak 1.164
92     10 Jul 2007; Christian Heim <phreak@gentoo.org>
93     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
94     Cleanup.
95 phreak 1.163
96     *hardened-sources-2.6.20-r6 (08 Jul 2007)
97    
98     08 Jul 2007; Christian Heim <phreak@gentoo.org>
99     +hardened-sources-2.6.20-r6.ebuild:
100     Revision bump, grabbing yet another stable release.
101 phreak 1.162
102     17 Jun 2007; Christian Heim <phreak@gentoo.org>
103     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
104     -hardened-sources-2.6.21-r2.ebuild:
105     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
106     alpha stable KEYWORD by mistake.
107 phreak 1.161
108     17 Jun 2007; Christian Heim <phreak@gentoo.org>
109     hardened-sources-2.6.20-r5.ebuild:
110     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
111     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
112 phreak 1.160
113     *hardened-sources-2.6.21-r3 (12 Jun 2007)
114    
115     12 Jun 2007; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.6.21-r3.ebuild:
117     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
118     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
119     love.
120 phreak 1.159
121     *hardened-sources-2.6.20-r5 (11 Jun 2007)
122    
123     11 Jun 2007; Christian Heim <phreak@gentoo.org>
124     +hardened-sources-2.6.20-r5.ebuild:
125     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
126     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
127     love.
128 pappy 1.158
129     *hardened-sources-2.4.34.5 (11 Jun 2007)
130    
131     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
132     +hardened-sources-2.4.34.5.ebuild:
133     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
134 phreak 1.157
135     30 May 2007; Christian Heim <phreak@gentoo.org>
136     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
137     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
138     stale ebuild(s).
139 phreak 1.156
140     30 May 2007; Christian Heim <phreak@gentoo.org>
141     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
142     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
143     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
144     Doing some cleanups, remove stale ebuilds.
145 phreak 1.155
146     26 May 2007; Christian Heim <phreak@gentoo.org>
147     hardened-sources-2.6.21-r2.ebuild:
148     Fixing the grsecurity patch, had one '};' too much.
149 phreak 1.154
150     *hardened-sources-2.6.21-r2 (26 May 2007)
151    
152     26 May 2007; Christian Heim <phreak@gentoo.org>
153     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
154     +hardened-sources-2.6.21-r2.ebuild:
155     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
156     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
157 phreak 1.153
158     *hardened-sources-2.6.20-r4 (26 May 2007)
159    
160     26 May 2007; Christian Heim <phreak@gentoo.org>
161     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
162     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
163 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
164 phreak 1.152
165     15 May 2007; Christian Heim <phreak@gentoo.org>
166     hardened-sources-2.6.20-r3.ebuild:
167     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
168     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
169     grsecurity patch fail in that exact same hunk.
170 phreak 1.151
171     *hardened-sources-2.6.20-r3 (15 May 2007)
172    
173     15 May 2007; Christian Heim <phreak@gentoo.org>
174     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
175     Revision bump, incorporating Linux 2.6.20.11.
176    
177     *hardened-sources-2.6.21-r1 (11 May 2007)
178    
179     11 May 2007; Christian Heim <phreak@gentoo.org>
180     +hardened-sources-2.6.21-r1.ebuild:
181     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
182     mentioned in #177234.
183 kevquinn 1.150
184     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
185     files/digest-hardened-sources-2.6.21, Manifest:
186     Fix Manifest/digest for linux-2.6.21.tar.bz2
187 phreak 1.149
188     06 May 2007; Christian Heim <phreak@gentoo.org>
189     hardened-sources-2.6.21.ebuild:
190     Bumping the hardened-patches version, needed for the fix for #177234.
191 phreak 1.148
192     *hardened-sources-2.6.21 (02 May 2007)
193    
194     02 May 2007; Christian Heim <phreak@gentoo.org>
195     +hardened-sources-2.6.21.ebuild:
196     Version bump, Linux 2.6.21-hardened.
197 phreak 1.147
198     29 Apr 2007; Christian Heim <phreak@gentoo.org>
199     hardened-sources-2.6.20-r2.ebuild:
200     Adding ~ia64 on Ned's request.
201 phreak 1.146
202     29 Apr 2007; Christian Heim <phreak@gentoo.org>
203     hardened-sources-2.6.20-r2.ebuild:
204     Fixing the included grsecurity patch, wasn't alligning due to the Index:
205     header line(s).
206 phreak 1.145
207     29 Apr 2007; Christian Heim <phreak@gentoo.org>
208     hardened-sources-2.6.20-r2.ebuild:
209     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
210 armin76 1.144
211     *hardened-sources-2.6.20-r2 (10 Apr 2007)
212    
213     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
214     +hardened-sources-2.6.20-r2.ebuild:
215     Version bump, on behalf of phreak
216 phreak 1.143
217     *hardened-sources-2.6.20-r1 (04 Apr 2007)
218    
219     04 Apr 2007; Christian Heim <phreak@gentoo.org>
220     +hardened-sources-2.6.20-r1.ebuild:
221     Revision bump, grabbing a newer grsecurity snapshot.
222 phreak 1.142
223     *hardened-sources-2.6.20 (25 Mar 2007)
224    
225     25 Mar 2007; Christian Heim <phreak@gentoo.org>
226     +hardened-sources-2.6.20.ebuild:
227     Finally a hardened-sources version for 2.6.20; many people have been waiting
228     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
229     testbox.
230 chainsaw 1.141
231     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
232     hardened-sources-2.6.18-r6.ebuild:
233     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
234 phreak 1.140
235     *hardened-sources-2.6.18-r6 (16 Mar 2007)
236    
237     16 Mar 2007; Christian Heim <phreak@gentoo.org>
238     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
239     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
240     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
241     supposed to be.
242 phreak 1.139
243     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
244     Fixing the Manifest, the previous one was broken (as in still had the
245     deleted ebuild in it).
246 phreak 1.138
247     06 Mar 2007; Christian Heim <phreak@gentoo.org>
248     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
249     +hardened-sources-2.6.18-r5.ebuild:
250     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
251     Linux 2.6.18.8. Also cleaning up the older version.
252    
253     *hardened-sources-2.6.18-r5 (06 Mar 2007)
254    
255     06 Mar 2007; Christian Heim <phreak@gentoo.org>
256     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
257     +hardened-sources-2.6.18-r5.ebuild:
258     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
259     Linux 2.6.18.8. Also cleaning up the older version.
260 phreak 1.137
261     24 Feb 2007; Christian Heim <phreak@gentoo.org>
262     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
263     -hardened-sources-2.6.19-r5.ebuild:
264     Removing some of the old version, that didn't work.
265 phreak 1.136
266     *hardened-sources-2.6.19-r6 (12 Feb 2007)
267    
268     12 Feb 2007; Christian Heim <phreak@gentoo.org>
269     +hardened-sources-2.6.19-r6.ebuild:
270     Revision bump, including a new grsec version fixing #166235.
271 pappy 1.134
272     *hardened-sources-2.4.34 (24 Jan 2007)
273    
274     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
275 pappy 1.135 Manifest:
276     updating Manifest with checksums of new tarball and ebuild
277    
278     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
279 pappy 1.134 +hardened-sources-2.4.34.ebuild:
280     I added new hardened sources 2.4 update, this is a critical path
281     security bugfix - all users of h-s are strongly advised
282     to update their existing hardened sources to this version.
283     It contains a fix for a kernel vulnerability that is pertaining
284     to the PaX changes to virtual memory management, possibly leading
285     to a local kernel exploit ... see grsecurity.net forums and homepage
286 phreak 1.133
287     23 Jan 2007; Christian Heim <phreak@gentoo.org>
288     files/digest-hardened-sources-2.6.19-r5, Manifest:
289     Fixing the patch-tarball digest.
290 phreak 1.132
291     *hardened-sources-2.6.19-r5 (23 Jan 2007)
292    
293     23 Jan 2007; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.19-r5.ebuild:
295     Revision bump, closing the recently discovered PaX expand_stack()
296     vulnerability.
297 phreak 1.131
298     *hardened-sources-2.6.19-r4 (14 Jan 2007)
299    
300     14 Jan 2007; Christian Heim <phreak@gentoo.org>
301     +hardened-sources-2.6.19-r4.ebuild:
302     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
303     dropping the randomized PID feature.
304 opfer 1.130
305     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
306     hardened-sources-2.4.33.4.ebuild:
307     stable x86, bug #161171
308 phreak 1.129
309     *hardened-sources-2.6.19-r3 (27 Dec 2006)
310    
311     27 Dec 2006; Christian Heim <phreak@gentoo.org>
312     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
313     Revision bump for bug #157186 and #158786.
314 phreak 1.128
315     *hardened-sources-2.6.18-r4 (27 Dec 2006)
316    
317     27 Dec 2006; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
319     Revision bump for bug #157186.
320 phreak 1.127
321     *hardened-sources-2.6.19-r2 (23 Dec 2006)
322    
323     23 Dec 2006; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
325     Revision bump to pull in genpatches-2.6.19-3 for #157186.
326 phreak 1.126
327     17 Dec 2006; Christian Heim <phreak@gentoo.org>
328     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
329     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
330     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
331     hardened-sources-2.6.19-r1.ebuild:
332     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
333     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
334 pappy 1.125
335     *hardened-sources-2.4.33.4 (17 Dec 2006)
336    
337     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
338     +hardened-sources-2.4.33.4.ebuild:
339     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
340     and quilting
341 phreak 1.124
342     *hardened-sources-2.6.19-r1 (14 Dec 2006)
343    
344     14 Dec 2006; Christian Heim <phreak@gentoo.org>
345     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
346     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
347     for reporting).
348 phreak 1.123
349     *hardened-sources-2.6.19 (13 Dec 2006)
350    
351     13 Dec 2006; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.6.19.ebuild:
353     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
354     Brad for providing that prompt update.
355 phreak 1.122
356     *hardened-sources-2.6.18-r3 (13 Dec 2006)
357    
358     13 Dec 2006; Christian Heim <phreak@gentoo.org>
359     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
360     +hardened-sources-2.6.18-r3.ebuild:
361     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
362     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
363 phreak 1.121
364     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
365     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
366 nixnut 1.120
367     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
368     Stable on ppc wrt bug 157356
369 opfer 1.119
370     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
371     hardened-sources-2.6.18.ebuild:
372     stable x86, bug #157356
373 phreak 1.118
374     *hardened-sources-2.6.18-r2 (06 Dec 2006)
375    
376     06 Dec 2006; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.18-r2.ebuild:
378     Revision bump, including 2.6.18.5 (via genpatches) and
379     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
380     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
381     redesign.
382 phreak 1.117
383     06 Dec 2006; Christian Heim <phreak@gentoo.org>
384     hardened-sources-2.6.18.ebuild:
385     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
386     of Mike Doty).
387 phreak 1.116
388     *hardened-sources-2.6.18-r1 (23 Nov 2006)
389    
390     23 Nov 2006; Christian Heim <phreak@gentoo.org>
391     +hardened-sources-2.6.18-r1.ebuild:
392     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
393 phreak 1.115
394     *hardened-sources-2.6.18 (11 Nov 2006)
395    
396     11 Nov 2006; Christian Heim <phreak@gentoo.org>
397     +hardened-sources-2.6.18.ebuild:
398     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
399 solar 1.114
400     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
401     - mark amd64 stable also. bug #151877
402 solar 1.113
403     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
404     - mark 2.6.17-r1 stable
405 phreak 1.112
406     27 Aug 2006; Christian Heim <phreak@gentoo.org>
407     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
408     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
409 phreak 1.111
410     *hardened-sources-2.6.17-r1 (26 Aug 2006)
411    
412     26 Aug 2006; Christian Heim <phreak@gentoo.org>
413     +hardened-sources-2.6.17-r1.ebuild:
414     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
415     grsecurity patch.
416 phreak 1.110
417     *hardened-sources-2.6.17 (17 Aug 2006)
418    
419     17 Aug 2006; Christian Heim <phreak@gentoo.org>
420     +hardened-sources-2.6.17.ebuild:
421     Bumping the hardened-sources-2.6 series to 2.6.17, using
422     genpatches-2.6.17-6.base.
423 solar 1.109
424     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
425     - stable on x86 and amd64
426 solar 1.108
427     *hardened-sources-2.6.16-r11 (15 Jul 2006)
428    
429     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
430     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
431     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
432     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
433     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
434     crusty ebuilds
435 johnm 1.107
436     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
437     hardened-sources-2.6.16-r10.ebuild:
438     marking stable on x86 and amd64
439 solar 1.106
440     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
441     - 2.4.32-r6 stable on x86. RSBAC state unknown
442 kang 1.105
443     *hardened-sources-2.4.32-r7 (10 Jul 2006)
444    
445     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
446     +hardened-sources-2.4.32-r7.ebuild:
447     Bump PaX for RSBAC to test-17
448 johnm 1.104
449     *hardened-sources-2.6.16-r9 (03 Jul 2006)
450    
451     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
452     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
453     hardened-sources-2.6.16 bump to latest -base.
454 solar 1.103
455     *hardened-sources-2.4.32-r6 (30 Jun 2006)
456    
457     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
458     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
459     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
460     sysctl controlable resource logging
461 johnm 1.102
462     *hardened-sources-2.6.16-r7 (05 Jun 2006)
463    
464     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
465     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
466     push new 2.6.16 release in preparation for stable
467 solar 1.101
468     22 May 2006; <solar@gentoo.org> :
469     - redigest bug 134002
470 kang 1.100
471     *hardened-sources-2.4.32-r5 (16 May 2006)
472    
473     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
474     +hardened-sources-2.4.32-r5.ebuild:
475     Fixes rsbac common patching (new patch in new -r5 patchset)
476 solar 1.99
477     *hardened-sources-2.4.32-r4 (13 May 2006)
478    
479     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
480     +hardened-sources-2.4.32-r4.ebuild:
481     - security bumps
482 johnm 1.98
483     *hardened-sources-2.6.16-r6 (03 May 2006)
484    
485     03 May 2006; John Mylchreest <johnm@gentoo.org>
486     +hardened-sources-2.6.16-r6.ebuild:
487     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
488 johnm 1.97
489     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
490     hardened-sources-2.6.14-r8.ebuild:
491     fix x86_64 build problem, this will delay the digest issue again for a short
492     while but it will sort itself out
493 johnm 1.96
494     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
495     hardened-sources-2.6.14-r8.ebuild:
496     bump hardened patchset
497 antarus 1.94
498     27 Apr 2006; Alec Warner <antarus@gentoo.org>
499     files/digest-hardened-sources-2.4.32-r2,
500     files/digest-hardened-sources-2.4.32-r3,
501     files/digest-hardened-sources-2.6.14-r8, Manifest:
502     Fixing duff SHA256 digests: Bug # 131293
503 johnm 1.93
504 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
505    
506     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
507     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
508     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
509     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
510     cleanup of old uneccessary sources
511    
512 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
513     fix digest
514 johnm 1.92
515     *hardened-sources-2.6.14-r8 (20 Apr 2006)
516    
517     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
518     +hardened-sources-2.6.14-r8.ebuild:
519     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
520 johnm 1.91
521     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
522     Turning on gpg-signing again, and recomitting
523 johnm 1.90
524     *hardened-sources-2.6.16-r4 (20 Apr 2006)
525    
526     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
527     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
528     +hardened-sources-2.6.16-r4.ebuild:
529     Fix numerous security vulns
530 solar 1.89
531     *hardened-sources-2.4.32-r3 (16 Apr 2006)
532    
533     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
534     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
535     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
536     - security bump for bug #112791. Removed old ebuilds
537 johnm 1.88
538     *hardened-sources-2.6.16-r3 (15 Apr 2006)
539    
540     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
541     +hardened-sources-2.6.16-r3.ebuild:
542     Removing silly localversion which I missed
543 johnm 1.87
544     *hardened-sources-2.6.14-r7 (14 Apr 2006)
545    
546     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
547     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
548     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
549 johnm 1.86
550     *hardened-sources-2.6.16-r2 (13 Apr 2006)
551    
552     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
553     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
554     +hardened-sources-2.6.16-r2.ebuild:
555     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
556     labels, dropping USERGROUP define fixes, since these were merged mainstream.
557 johnm 1.85
558     *hardened-sources-2.6.16-r1 (11 Apr 2006)
559    
560     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
561     +hardened-sources-2.6.16-r1.ebuild:
562     Bumping to include ppc build fix and 2.6.16.3
563 tsunam 1.84
564     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
565     hardened-sources-2.6.14-r6.ebuild:
566     Stable on x86; bug #127718
567 johnm 1.83
568     *hardened-sources-2.6.16 (31 Mar 2006)
569    
570     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
571     +hardened-sources-2.6.16.ebuild:
572     Bumping to new version of grsec, and kernel base. New squashfs. Based on
573     2.6.16.1
574 cryos 1.82
575     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
576     hardened-sources-2.6.14-r6.ebuild:
577     Stable on amd64, bug 127718.
578 nixnut 1.81
579     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
580     Stable on ppc. Bug #127718
581 johnm 1.80
582     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
583     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
584     -hardened-sources-2.6.14-r4.ebuild:
585     Cleanup.
586 johnm 1.79
587     *hardened-sources-2.6.14-r6 (15 Mar 2006)
588    
589     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
590     +hardened-sources-2.6.14-r6.ebuild:
591     Fixes grsec policy recreation bug and adds a
592     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
593 solar 1.78
594     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
595     - stable on x86
596 hansmi 1.77
597     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
598     hardened-sources-2.6.14-r5.ebuild:
599     Stable on ppc.
600 johnm 1.76
601     *hardened-sources-2.6.14-r5 (01 Feb 2006)
602    
603     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
604     +hardened-sources-2.6.14-r5.ebuild:
605     fixing every known exploit
606 solar 1.75
607     *hardened-sources-2.4.32-r2 (26 Jan 2006)
608    
609     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
610     +hardened-sources-2.4.32-r2.ebuild:
611     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
612 solar 1.74
613     *hardened-sources-2.6.14-r4 (12 Jan 2006)
614    
615     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
616     - version bump for new genpatches which fix up a few sec holes
617 solar 1.73
618     *hardened-sources-2.4.32-r1 (05 Jan 2006)
619    
620     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
621     - revision bump to add misc vital linux kernel security patches.
622 johnm 1.72
623     *hardened-sources-2.6.14-r3 (30 Dec 2005)
624    
625     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
626     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
627     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
628 johnm 1.71
629     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
630     hardened-sources-2.6.14-r2.ebuild:
631     making x86 & amd64 stable following testing.
632 johnm 1.70
633     *hardened-sources-2.6.14-r2 (27 Dec 2005)
634    
635     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
636     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
637     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
638     network hooks.
639 johnm 1.69
640     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
641     hardened-sources-2.6.14-r1.ebuild:
642     bumping to stable early for sec fix on x86 & amd64
643 johnm 1.68
644     *hardened-sources-2.6.14-r1 (05 Dec 2005)
645    
646     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
648     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
649 solar 1.67
650     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
651     - stable on x86 security bug #114227 CAN-2005-3257
652 kang 1.66
653     *hardened-sources-2.4.32 (19 Nov 2005)
654    
655     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
656     +hardened-sources-2.4.32.ebuild:
657     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
658     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
659     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
660     rsbac >> /etc/portage/package.use)
661 johnm 1.65
662     *hardened-sources-2.6.14 (14 Nov 2005)
663    
664     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
665     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
666     Bumping 2.6 series to 2.6.14.2
667 johnm 1.64
668     *hardened-sources-2.6.13-r2 (20 Oct 2005)
669    
670     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
671     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
672     +hardened-sources-2.6.13-r2.ebuild:
673     Fixes minor build error in ppc.
674 johnm 1.63
675     *hardened-sources-2.6.13-r1 (17 Oct 2005)
676    
677     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
678     +hardened-sources-2.6.13-r1.ebuild:
679     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
680     2.6.13.4, fixes some major amd64 stability problems.
681 johnm 1.62
682     *hardened-sources-2.6.13 (16 Sep 2005)
683    
684     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
685     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
686     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
687     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
688     users should test this thoroughly.
689 solar 1.61
690     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
691     - stable on x86
692 johnm 1.60
693     *hardened-sources-2.6.11-r15 (27 Jun 2005)
694    
695     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
696     +hardened-sources-2.6.11-r15.ebuild:
697     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
698     grsec redefining curr_ip struct.
699 solar 1.59
700     *hardened-sources-2.4.31 (20 Jun 2005)
701    
702     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
703     initial import of 2.4.31 tree
704 johnm 1.58
705     *hardened-sources-2.6.11-r14 (14 Jun 2005)
706    
707     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
708     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
709     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
710     naming scheme to abide by genpatches
711 johnm 1.57
712     *hardened-sources-2.6.11-r13 (18 May 2005)
713    
714     18 May 2005; John Mylchreest <johnm@gentoo.org>
715     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
716     Managed to mangle the Makefile patch from grsec, to miss out the grsec
717     target. sorry about that. Fixes bug #93022
718 johnm 1.56
719     *hardened-sources-2.6.11-r12 (17 May 2005)
720    
721     17 May 2005; John Mylchreest <johnm@gentoo.org>
722     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
723     +hardened-sources-2.6.11-r12.ebuild:
724     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
725     merges in genpatches-base
726 johnm 1.55
727     *hardened-sources-2.6.11-r12 (17 May 2005)
728    
729     17 May 2005; John Mylchreest <johnm@gentoo.org>
730     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
731     +hardened-sources-2.6.11-r12.ebuild:
732     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
733     merges in genpatches-base
734 solar 1.54
735     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
736     -files/2.4.27-cmdline-race.patch,
737     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
738     -files/2.4.28-grsec-binfmt_a.out.patch,
739     -files/2.4.28-grsec-cmdline-race.patch,
740     -files/2.4.28-selinux-binfmt_a.out.patch,
741     -files/2.4.28-selinux-cmdline-race.patch,
742     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
743     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
744     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
745     cleanup..
746 solar 1.53
747     *hardened-sources-2.4.30-r1 (21 Apr 2005)
748    
749     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
750     - disable aout by default
751 solar 1.52
752     *hardened-sources-2.4.30 (18 Apr 2005)
753    
754     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
755     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
756     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
757     use
758 tocharian 1.50
759 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
760    
761     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
762     +hardened-sources-2.4.29.ebuild:
763     New hardened-patches-2.4-29.0 patchball.
764     Removed SELinux support, upgraded GRSecurity to 2.1.4.
765    
766     *hardened-sources-2.4.28-r5 (06 Mar 2005)
767    
768     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
769     +hardened-sources-2.4.28-r5.ebuild:
770     Added a fix for a PaX vulnerability.
771    
772     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
773 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
774     Stable on x86
775 solar 1.49
776     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
777     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
778     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
779     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
780     - fixed/added RDEPEND= in all kernel-2 ebuilds
781 tocharian 1.48
782     *hardened-sources-2.4.28-r4 (21 Jan 2005)
783    
784     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
785     +hardened-sources-2.4.28-r4.ebuild:
786     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
787     backport of neighbour hash updates.
788 tocharian 1.47
789     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
790     hardened-sources-2.4.28-r3.ebuild:
791     Stable on x86
792 tseng 1.46
793     *hardened-sources-2.6.10-r3 (20 Jan 2005)
794    
795     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
796     +hardened-sources-2.6.10-r3.ebuild:
797     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
798     in 2005.0
799 tocharian 1.45
800     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
801     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
802     hardened-sources-2.4.28-r2.ebuild:
803     Mark stable on x86
804 tocharian 1.44
805     *hardened-sources-2.4.28-r3 (17 Jan 2005)
806    
807     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
808     +hardened-sources-2.4.28-r3.ebuild:
809     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
810 tocharian 1.43
811     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
812     hardened-sources-2.4.28.ebuild:
813     Mark stable on x86.
814 tocharian 1.42
815     *hardened-sources-2.4.28-r2 (13 Jan 2005)
816    
817     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
818     +hardened-sources-2.4.28-r2.ebuild:
819     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
820     Mazinger for grsecurity patches as well.
821 plasmaroo 1.41
822     *hardened-sources-2.4.28-r1 (23 Dec 2004)
823    
824     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
825     Security bump. Thank tocharian for rolling a new patchset...
826 solar 1.40
827     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
828     +files/2.4.28-grsec-cmdline-race.patch,
829     +files/2.4.28-selinux-binfmt_a.out.patch,
830     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
831     - Round up remaining security patches that appear to be missing in 2.4.28. -
832     PaX standalone updated to current. hgpv=28.1
833 solar 1.39
834     *hardened-sources-2.4.28 (28 Nov 2004)
835    
836     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
837     security bump. Thank tocharian for rolling a new patchset
838 scox 1.31
839 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
840    
841     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
842     +hardened-sources-2.4.27-r3.ebuild:
843     Applies the new 2.4-27.2 patchball which updates
844     GRSecurity to the 2.0.1 version.
845    
846 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
847    
848     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
849     +hardened-sources-2.4.27-r2.ebuild:
850     Version bump.
851     This version uses the new 2.4-27.1 patchball which updates
852     both the SELinux PaX hooks patch and the SELinux headers.
853    
854 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
855    
856     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
857     +hardened-sources-2.4.27-r1.ebuild,
858     -hardened-sources-2.4.27.ebuild,
859     +files/2.4.27-cmdline-race.patch:
860     Version bump, fix for cmdline race. See bug #59905.
861    
862     *hardened-sources-2.4.26-r6 (09 Aug 2004)
863    
864     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
865     +hardened-sources-2.4.26-r6.ebuild,
866     -hardened-sources-2.4.26-r5.ebuild,
867     -hardened-sources-2.4.26-r4.ebuild,
868     +files/2.4.26-cmdline-race.patch:
869     Version bump, fix for cmdline race. See bug #59905.
870    
871 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
872    
873     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874     +hardened-sources-2.4.27.ebuild,
875     +files/2.4.27-CAN-2004-0394.patch:
876     Ported the patchball to the 2.4.27 kernel version.
877    
878 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
879    
880     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
881     +hardened-sources-2.4.26-r5.ebuild:
882 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
883 scox 1.34 It adds the following features:
884     - Squashfs
885     - Ebtables
886     - Netdev random (core+drivers)
887     - Watchdog Timer (WDT) fix.
888    
889 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
890    
891     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
892     +hardened-sources-2.4.26-r4.ebuild,
893     +files/2.4.26-CAN-2004-0415.patch,
894     -hardened-sources-2.4.26-3:
895     Version bump, fix for CAN 0415, see bug #59378.
896    
897 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
898    
899     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
900     +hardened-sources-2.4.26-r3.ebuild,
901     +files/2.4.26-CAN-2004-0497.patch,
902     -hardened-sources-2.4.26-r2.ebuild:
903     Version bump, fixed CAN 0497, see bug #56171.
904    
905 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
906    
907     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
908 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
909 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
910     +files/2.4.26-CAN-2004-0535.patch,
911     -hardened-sources-2.4.26-r1.ebuild:
912     Fixes for both CAN 0495 and 0535, see bug #54976
913 pvdabeel 1.27
914 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
915     hardened-sources-2.4.26-r1.ebuild:
916     QA - fix use invocation
917 scox 1.28
918     *hardened-sources-2.4.26-r1 (22 June 2004)
919    
920     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
921     +hardened-sources-2.4.26-r1.ebuild,
922     +files/2.4.26-CAN-2004-0394.patch,
923     +files/2.4.26-signal-race.patch,
924     -hardened-sources-2.4.26.ebuild,
925     -hardened-sources-2.4.24-r3.ebuild:
926     Version bump for the CAN-2004-0394 issue and bug #53804
927     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
928    
929    
930 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
931     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
932     Masked hardened-sources-2.4.26.ebuild broken for ppc
933    
934     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
935     hardened-sources-2.4.24-r3.ebuild:
936     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
937 plasmaroo 1.25
938 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
939    
940     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
941     +hardened-sources-2.4.26.ebuild:
942     Updated hardened-sources for the 2.4.26 kernel
943     Removed broken components, updated almost everything.
944    
945 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
946    
947     17 Apr 2004; <plasmaroo@gentoo.org>
948     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
949     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
950     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
951     +hardened-sources-2.4.24-r3.ebuild:
952     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
953     vulnerabilities. Old revisions removed.
954 plasmaroo 1.24
955     *hardened-sources-2.4.24-r2 (15 Apr 2004)
956    
957     15 Apr 2004; <plasmaroo@gentoo.org>
958     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
959     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
960     Version bump for the CAN-2004-0109 issue; bug #47881.
961 aliz 1.23
962     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
963     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
964     Add eutils to inherit.
965 plasmaroo 1.22
966     *hardened-sources-2.4.24-r1 (19 Feb 2004)
967    
968     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
969     files/hardened-sources-2.4.24.munmap.patch:
970     Added the patch for the mremap/munmap vulnerability. Bug #42024.
971 scox 1.19
972 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
973 scox 1.26
974 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
975     hardened-sources-2.4.24.ebuild:
976     Version bump, updated most of the components.
977     This release includes the following:
978    
979     - Hardened security
980     - Netfilter patch-o-matic 20031219
981     - FreeSWAN 2.04 & x509 1.4.8
982     - EVMS 2.2.2
983     - XFS 1.3.1
984     - cryptoloop jari
985     - grsecurity 2.0-rc4
986     - SELinux
987     - PaX 200402060000
988     - PaX Obscurity 200308302223
989     - Others...
990    
991     Neither -ck nor systrace are included anymore.
992    
993 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
994    
995     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
996     hardened-sources-2.4.22-r2.ebuild:
997 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
998 scox 1.19
999     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1000 iggy 1.17
1001     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1002 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1003 iggy 1.16
1004     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1005 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1006     Version bump for the 'do_brk' vulnerability.
1007 iggy 1.15
1008     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1009     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1010     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1011     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1012 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1013 frogger 1.14
1014     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1015     hardened-sources-2.4.22.ebuild:
1016 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1017     components. These are no longer handled in the kernel
1018     so this code was not necessary.
1019 frogger 1.13
1020     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1021     New 2.4.22 based hardened-sources thanks to
1022     Phil West <p.west@computer.org>.
1023    
1024     These sources include:
1025 plasmaroo 1.18 - New SELinux API
1026     - Updated CK-base
1027     - Updated GRSec
1028     - Systrace
1029     - SuperFreeS/WAN 1.99.8
1030     - Propolice kernel build support
1031     - EVMS
1032     - Other various security related patches
1033 frogger 1.11
1034 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1035    
1036     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1037     Updated hardened-sources based on the 2.4.21 Linux kernel.
1038     This includes updates to most major components such as:
1039 plasmaroo 1.18 - ck-base-0306300059
1040     - selinux-2.4-2003071106
1041     - grsecurity-2.0-rc1
1042     - Updated IPTables patch-o-matic
1043     - Updated SuperFreeS/WAN
1044    
1045 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1046     updated patch set ready for the 2.4.21 based kernel.
1047    
1048 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1049     Initial import of hardened-sources-2.4.20-r4. This revision
1050     includes only a few changes, but one of these is an important
1051     security fix. It is recommended all users of hardened-sources
1052     upgrade to this release.
1053 plasmaroo 1.18
1054 frogger 1.11 - ioperm bug fix
1055     - fixed compilation failure when building without GRSec
1056 plasmaroo 1.18
1057 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1058     due to time constraints, but is planned for inclusion in the near
1059     future.
1060 msterret 1.10
1061     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1062    
1063     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1064     hardened-sources-2.4.20-r3.ebuild:
1065 plasmaroo 1.18 Add Header...
1066 frogger 1.9
1067     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1068     hardened-sources-2.4.20-r3.ebuild:
1069     Removed warnings from ebuild. This kernel should be safe to
1070     use at this point.
1071 frogger 1.8
1072     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1073    
1074     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1075     hardened-sources-2.4.20-r3.ebuild:
1076     New revision. Includes the following changes over -r2:
1077 plasmaroo 1.18
1078 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1079     - Super FreeS/WAN 1.99.7rc2
1080     - PaX for the LSM/SELinux branch
1081     - GRSecurity 2.0-pre4 (role based access control)
1082     - Systrace 1.3
1083     - EXT3 fixes
1084     - EVMS 2.0.1
1085     - GCC 3.1+ compile optimizations
1086     - ProPolice kernel build support
1087     - Hashing table security fixes
1088 frogger 1.3
1089     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1090 frogger 1.7
1091     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1092     Initial import of hardened-sources-r2. This new
1093     ebuild includes many new performance and security
1094     related patches. As in -r1, it will patch in
1095     LSM/SELinux if "selinux" is in USE, otherwise it
1096     will patch in GRSecurity. The following patches
1097     are included in this revision:
1098 plasmaroo 1.18
1099 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1100     (pulled from the base CK patch)
1101     - ptrace exploit patch for the LSM kernel
1102     (the GRSec patch already fixes this)
1103     - LSM 2.4-2003040709
1104     - SELinux 2.4-2003040709
1105     - Systrace v1.2
1106     - IPTables patch-o-matic base patches - 20030107
1107     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1108     - Super FreeS/WAN 1.99.6.1
1109     - GRSecurity 1.9.9g
1110     - MPPE
1111     - EXT3 data journal fix
1112     - CIPE 1.5.4
1113 frogger 1.6
1114     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1115     hardened-sources-2.4.20-r1.ebuild, manifest:
1116 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1117 frogger 1.5
1118     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1119     hardened-sources-2.4.20-r1.ebuild:
1120     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1121     is patched in instead. Ptrace patches for selinux have also been added. In
1122     either case, systrace support will be patched in as well.
1123 frogger 1.3
1124     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1125     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1126 plasmaroo 1.18 Revision bump for new sources.
1127 frogger 1.4
1128 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1129 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1130 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1131 method 1.1
1132 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1133    
1134 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1135     hardened-sources-2.4.20.ebuild:
1136 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20