/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.180 - (hide annotations) (download)
Sat Sep 1 12:10:05 2007 UTC (6 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.179: +4 -1 lines
Updating the metadata.xml.
(Portage version: 2.1.3.7)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.180 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.179 2007/09/01 12:06:55 phreak Exp $
4    
5     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
6     Updating the metadata.xml.
7 phreak 1.179
8     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
9     Removing tocharian from metadata due to his retirement (see #71718 for
10     reference).
11 phreak 1.178
12     *hardened-sources-2.6.20-r9 (30 Aug 2007)
13    
14     30 Aug 2007; Christian Heim <phreak@gentoo.org>
15     +hardened-sources-2.6.20-r9.ebuild:
16     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
17 phreak 1.177
18     29 Aug 2007; Christian Heim <phreak@gentoo.org>
19     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
20     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
21     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
22     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
23     -hardened-sources-2.6.22-r2.ebuild:
24     Removing some redundant versions.
25 phreak 1.176
26     *hardened-sources-2.4.35-r1 (29 Aug 2007)
27    
28     29 Aug 2007; Christian Heim <phreak@gentoo.org>
29     +hardened-sources-2.4.35-r1.ebuild:
30     Revision bump, new grsecurity patch.
31 phreak 1.175
32     *hardened-sources-2.6.20-r8 (26 Aug 2007)
33    
34     26 Aug 2007; Christian Heim <phreak@gentoo.org>
35     +hardened-sources-2.6.20-r8.ebuild:
36     Revision bump for Linux 2.6.20.17.
37 phreak 1.174
38     *hardened-sources-2.6.22-r3 (22 Aug 2007)
39    
40     22 Aug 2007; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.22-r3.ebuild:
42     Revision bump for Linux 2.6.22.4.
43 phreak 1.173
44     16 Aug 2007; Christian Heim <phreak@gentoo.org>
45     hardened-sources-2.6.22-r2.ebuild:
46     Updated patchset, to fix the alignment against 2.6.22.3.
47 phreak 1.172
48     *hardened-sources-2.6.22-r2 (16 Aug 2007)
49    
50     16 Aug 2007; Christian Heim <phreak@gentoo.org>
51     +hardened-sources-2.6.22-r2.ebuild:
52     Revision bump for Linux 2.6.22.3.
53 phreak 1.171
54     *hardened-sources-2.4.35 (16 Aug 2007)
55    
56     16 Aug 2007; Christian Heim <phreak@gentoo.org>
57     +hardened-sources-2.4.35.ebuild:
58     Version bump, initial version for Linux 2.4.35.
59 phreak 1.170
60     *hardened-sources-2.6.21-r4 (16 Aug 2007)
61    
62     16 Aug 2007; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.6.21-r4.ebuild:
64     Revision bump for Linux 2.6.21.6.
65 phreak 1.169
66     *hardened-sources-2.6.20-r7 (16 Aug 2007)
67    
68     16 Aug 2007; Christian Heim <phreak@gentoo.org>
69     +hardened-sources-2.6.20-r7.ebuild:
70     Revision bump for Linux 2.6.20.16.
71 phreak 1.168
72     *hardened-sources-2.6.22-r1 (13 Aug 2007)
73    
74     13 Aug 2007; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.22-r1.ebuild:
76     Yet another revision bump.
77 phreak 1.167
78     *hardened-sources-2.6.22 (10 Aug 2007)
79    
80     10 Aug 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.22.ebuild:
82     Initial release for 2.6.22. If you are using hardened-sources on a desktop
83     machine (P4 or newer), be aware you might need to disable
84     CONFIG_PAX_PAGEEXEC.
85 phreak 1.166
86     04 Aug 2007; Christian Heim <phreak@gentoo.org>
87     hardened-sources-2.6.20-r6.ebuild:
88     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
89     2.6.20.15.
90 phreak 1.165
91     10 Jul 2007; Christian Heim <phreak@gentoo.org>
92     hardened-sources-2.6.20-r5.ebuild:
93     Marking hardened-sources-2.6.20-r5 stable on ppc.
94 phreak 1.164
95     10 Jul 2007; Christian Heim <phreak@gentoo.org>
96     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
97     Cleanup.
98 phreak 1.163
99     *hardened-sources-2.6.20-r6 (08 Jul 2007)
100    
101     08 Jul 2007; Christian Heim <phreak@gentoo.org>
102     +hardened-sources-2.6.20-r6.ebuild:
103     Revision bump, grabbing yet another stable release.
104 phreak 1.162
105     17 Jun 2007; Christian Heim <phreak@gentoo.org>
106     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
107     -hardened-sources-2.6.21-r2.ebuild:
108     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
109     alpha stable KEYWORD by mistake.
110 phreak 1.161
111     17 Jun 2007; Christian Heim <phreak@gentoo.org>
112     hardened-sources-2.6.20-r5.ebuild:
113     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
114     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
115 phreak 1.160
116     *hardened-sources-2.6.21-r3 (12 Jun 2007)
117    
118     12 Jun 2007; Christian Heim <phreak@gentoo.org>
119     +hardened-sources-2.6.21-r3.ebuild:
120     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
121     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
122     love.
123 phreak 1.159
124     *hardened-sources-2.6.20-r5 (11 Jun 2007)
125    
126     11 Jun 2007; Christian Heim <phreak@gentoo.org>
127     +hardened-sources-2.6.20-r5.ebuild:
128     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
129     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
130     love.
131 pappy 1.158
132     *hardened-sources-2.4.34.5 (11 Jun 2007)
133    
134     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
135     +hardened-sources-2.4.34.5.ebuild:
136     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
137 phreak 1.157
138     30 May 2007; Christian Heim <phreak@gentoo.org>
139     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
140     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
141     stale ebuild(s).
142 phreak 1.156
143     30 May 2007; Christian Heim <phreak@gentoo.org>
144     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
145     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
146     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
147     Doing some cleanups, remove stale ebuilds.
148 phreak 1.155
149     26 May 2007; Christian Heim <phreak@gentoo.org>
150     hardened-sources-2.6.21-r2.ebuild:
151     Fixing the grsecurity patch, had one '};' too much.
152 phreak 1.154
153     *hardened-sources-2.6.21-r2 (26 May 2007)
154    
155     26 May 2007; Christian Heim <phreak@gentoo.org>
156     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
157     +hardened-sources-2.6.21-r2.ebuild:
158     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
159     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
160 phreak 1.153
161     *hardened-sources-2.6.20-r4 (26 May 2007)
162    
163     26 May 2007; Christian Heim <phreak@gentoo.org>
164     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
165     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
166 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
167 phreak 1.152
168     15 May 2007; Christian Heim <phreak@gentoo.org>
169     hardened-sources-2.6.20-r3.ebuild:
170     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
171     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
172     grsecurity patch fail in that exact same hunk.
173 phreak 1.151
174     *hardened-sources-2.6.20-r3 (15 May 2007)
175    
176     15 May 2007; Christian Heim <phreak@gentoo.org>
177     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
178     Revision bump, incorporating Linux 2.6.20.11.
179    
180     *hardened-sources-2.6.21-r1 (11 May 2007)
181    
182     11 May 2007; Christian Heim <phreak@gentoo.org>
183     +hardened-sources-2.6.21-r1.ebuild:
184     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
185     mentioned in #177234.
186 kevquinn 1.150
187     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
188     files/digest-hardened-sources-2.6.21, Manifest:
189     Fix Manifest/digest for linux-2.6.21.tar.bz2
190 phreak 1.149
191     06 May 2007; Christian Heim <phreak@gentoo.org>
192     hardened-sources-2.6.21.ebuild:
193     Bumping the hardened-patches version, needed for the fix for #177234.
194 phreak 1.148
195     *hardened-sources-2.6.21 (02 May 2007)
196    
197     02 May 2007; Christian Heim <phreak@gentoo.org>
198     +hardened-sources-2.6.21.ebuild:
199     Version bump, Linux 2.6.21-hardened.
200 phreak 1.147
201     29 Apr 2007; Christian Heim <phreak@gentoo.org>
202     hardened-sources-2.6.20-r2.ebuild:
203     Adding ~ia64 on Ned's request.
204 phreak 1.146
205     29 Apr 2007; Christian Heim <phreak@gentoo.org>
206     hardened-sources-2.6.20-r2.ebuild:
207     Fixing the included grsecurity patch, wasn't alligning due to the Index:
208     header line(s).
209 phreak 1.145
210     29 Apr 2007; Christian Heim <phreak@gentoo.org>
211     hardened-sources-2.6.20-r2.ebuild:
212     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
213 armin76 1.144
214     *hardened-sources-2.6.20-r2 (10 Apr 2007)
215    
216     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
217     +hardened-sources-2.6.20-r2.ebuild:
218     Version bump, on behalf of phreak
219 phreak 1.143
220     *hardened-sources-2.6.20-r1 (04 Apr 2007)
221    
222     04 Apr 2007; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.20-r1.ebuild:
224     Revision bump, grabbing a newer grsecurity snapshot.
225 phreak 1.142
226     *hardened-sources-2.6.20 (25 Mar 2007)
227    
228     25 Mar 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.20.ebuild:
230     Finally a hardened-sources version for 2.6.20; many people have been waiting
231     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
232     testbox.
233 chainsaw 1.141
234     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
235     hardened-sources-2.6.18-r6.ebuild:
236     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
237 phreak 1.140
238     *hardened-sources-2.6.18-r6 (16 Mar 2007)
239    
240     16 Mar 2007; Christian Heim <phreak@gentoo.org>
241     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
242     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
243     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
244     supposed to be.
245 phreak 1.139
246     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
247     Fixing the Manifest, the previous one was broken (as in still had the
248     deleted ebuild in it).
249 phreak 1.138
250     06 Mar 2007; Christian Heim <phreak@gentoo.org>
251     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
252     +hardened-sources-2.6.18-r5.ebuild:
253     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
254     Linux 2.6.18.8. Also cleaning up the older version.
255    
256     *hardened-sources-2.6.18-r5 (06 Mar 2007)
257    
258     06 Mar 2007; Christian Heim <phreak@gentoo.org>
259     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
260     +hardened-sources-2.6.18-r5.ebuild:
261     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
262     Linux 2.6.18.8. Also cleaning up the older version.
263 phreak 1.137
264     24 Feb 2007; Christian Heim <phreak@gentoo.org>
265     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
266     -hardened-sources-2.6.19-r5.ebuild:
267     Removing some of the old version, that didn't work.
268 phreak 1.136
269     *hardened-sources-2.6.19-r6 (12 Feb 2007)
270    
271     12 Feb 2007; Christian Heim <phreak@gentoo.org>
272     +hardened-sources-2.6.19-r6.ebuild:
273     Revision bump, including a new grsec version fixing #166235.
274 pappy 1.134
275     *hardened-sources-2.4.34 (24 Jan 2007)
276    
277     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
278 pappy 1.135 Manifest:
279     updating Manifest with checksums of new tarball and ebuild
280    
281     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
282 pappy 1.134 +hardened-sources-2.4.34.ebuild:
283     I added new hardened sources 2.4 update, this is a critical path
284     security bugfix - all users of h-s are strongly advised
285     to update their existing hardened sources to this version.
286     It contains a fix for a kernel vulnerability that is pertaining
287     to the PaX changes to virtual memory management, possibly leading
288     to a local kernel exploit ... see grsecurity.net forums and homepage
289 phreak 1.133
290     23 Jan 2007; Christian Heim <phreak@gentoo.org>
291     files/digest-hardened-sources-2.6.19-r5, Manifest:
292     Fixing the patch-tarball digest.
293 phreak 1.132
294     *hardened-sources-2.6.19-r5 (23 Jan 2007)
295    
296     23 Jan 2007; Christian Heim <phreak@gentoo.org>
297     +hardened-sources-2.6.19-r5.ebuild:
298     Revision bump, closing the recently discovered PaX expand_stack()
299     vulnerability.
300 phreak 1.131
301     *hardened-sources-2.6.19-r4 (14 Jan 2007)
302    
303     14 Jan 2007; Christian Heim <phreak@gentoo.org>
304     +hardened-sources-2.6.19-r4.ebuild:
305     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
306     dropping the randomized PID feature.
307 opfer 1.130
308     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
309     hardened-sources-2.4.33.4.ebuild:
310     stable x86, bug #161171
311 phreak 1.129
312     *hardened-sources-2.6.19-r3 (27 Dec 2006)
313    
314     27 Dec 2006; Christian Heim <phreak@gentoo.org>
315     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
316     Revision bump for bug #157186 and #158786.
317 phreak 1.128
318     *hardened-sources-2.6.18-r4 (27 Dec 2006)
319    
320     27 Dec 2006; Christian Heim <phreak@gentoo.org>
321     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
322     Revision bump for bug #157186.
323 phreak 1.127
324     *hardened-sources-2.6.19-r2 (23 Dec 2006)
325    
326     23 Dec 2006; Christian Heim <phreak@gentoo.org>
327     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
328     Revision bump to pull in genpatches-2.6.19-3 for #157186.
329 phreak 1.126
330     17 Dec 2006; Christian Heim <phreak@gentoo.org>
331     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
332     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
333     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
334     hardened-sources-2.6.19-r1.ebuild:
335     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
336     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
337 pappy 1.125
338     *hardened-sources-2.4.33.4 (17 Dec 2006)
339    
340     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
341     +hardened-sources-2.4.33.4.ebuild:
342     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
343     and quilting
344 phreak 1.124
345     *hardened-sources-2.6.19-r1 (14 Dec 2006)
346    
347     14 Dec 2006; Christian Heim <phreak@gentoo.org>
348     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
349     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
350     for reporting).
351 phreak 1.123
352     *hardened-sources-2.6.19 (13 Dec 2006)
353    
354     13 Dec 2006; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.19.ebuild:
356     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
357     Brad for providing that prompt update.
358 phreak 1.122
359     *hardened-sources-2.6.18-r3 (13 Dec 2006)
360    
361     13 Dec 2006; Christian Heim <phreak@gentoo.org>
362     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
363     +hardened-sources-2.6.18-r3.ebuild:
364     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
365     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
366 phreak 1.121
367     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
368     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
369 nixnut 1.120
370     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
371     Stable on ppc wrt bug 157356
372 opfer 1.119
373     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
374     hardened-sources-2.6.18.ebuild:
375     stable x86, bug #157356
376 phreak 1.118
377     *hardened-sources-2.6.18-r2 (06 Dec 2006)
378    
379     06 Dec 2006; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.18-r2.ebuild:
381     Revision bump, including 2.6.18.5 (via genpatches) and
382     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
383     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
384     redesign.
385 phreak 1.117
386     06 Dec 2006; Christian Heim <phreak@gentoo.org>
387     hardened-sources-2.6.18.ebuild:
388     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
389     of Mike Doty).
390 phreak 1.116
391     *hardened-sources-2.6.18-r1 (23 Nov 2006)
392    
393     23 Nov 2006; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.18-r1.ebuild:
395     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
396 phreak 1.115
397     *hardened-sources-2.6.18 (11 Nov 2006)
398    
399     11 Nov 2006; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.18.ebuild:
401     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
402 solar 1.114
403     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
404     - mark amd64 stable also. bug #151877
405 solar 1.113
406     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
407     - mark 2.6.17-r1 stable
408 phreak 1.112
409     27 Aug 2006; Christian Heim <phreak@gentoo.org>
410     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
411     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
412 phreak 1.111
413     *hardened-sources-2.6.17-r1 (26 Aug 2006)
414    
415     26 Aug 2006; Christian Heim <phreak@gentoo.org>
416     +hardened-sources-2.6.17-r1.ebuild:
417     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
418     grsecurity patch.
419 phreak 1.110
420     *hardened-sources-2.6.17 (17 Aug 2006)
421    
422     17 Aug 2006; Christian Heim <phreak@gentoo.org>
423     +hardened-sources-2.6.17.ebuild:
424     Bumping the hardened-sources-2.6 series to 2.6.17, using
425     genpatches-2.6.17-6.base.
426 solar 1.109
427     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
428     - stable on x86 and amd64
429 solar 1.108
430     *hardened-sources-2.6.16-r11 (15 Jul 2006)
431    
432     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
433     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
434     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
435     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
436     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
437     crusty ebuilds
438 johnm 1.107
439     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
440     hardened-sources-2.6.16-r10.ebuild:
441     marking stable on x86 and amd64
442 solar 1.106
443     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
444     - 2.4.32-r6 stable on x86. RSBAC state unknown
445 kang 1.105
446     *hardened-sources-2.4.32-r7 (10 Jul 2006)
447    
448     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
449     +hardened-sources-2.4.32-r7.ebuild:
450     Bump PaX for RSBAC to test-17
451 johnm 1.104
452     *hardened-sources-2.6.16-r9 (03 Jul 2006)
453    
454     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
455     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
456     hardened-sources-2.6.16 bump to latest -base.
457 solar 1.103
458     *hardened-sources-2.4.32-r6 (30 Jun 2006)
459    
460     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
461     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
462     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
463     sysctl controlable resource logging
464 johnm 1.102
465     *hardened-sources-2.6.16-r7 (05 Jun 2006)
466    
467     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
468     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
469     push new 2.6.16 release in preparation for stable
470 solar 1.101
471     22 May 2006; <solar@gentoo.org> :
472     - redigest bug 134002
473 kang 1.100
474     *hardened-sources-2.4.32-r5 (16 May 2006)
475    
476     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
477     +hardened-sources-2.4.32-r5.ebuild:
478     Fixes rsbac common patching (new patch in new -r5 patchset)
479 solar 1.99
480     *hardened-sources-2.4.32-r4 (13 May 2006)
481    
482     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
483     +hardened-sources-2.4.32-r4.ebuild:
484     - security bumps
485 johnm 1.98
486     *hardened-sources-2.6.16-r6 (03 May 2006)
487    
488     03 May 2006; John Mylchreest <johnm@gentoo.org>
489     +hardened-sources-2.6.16-r6.ebuild:
490     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
491 johnm 1.97
492     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
493     hardened-sources-2.6.14-r8.ebuild:
494     fix x86_64 build problem, this will delay the digest issue again for a short
495     while but it will sort itself out
496 johnm 1.96
497     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
498     hardened-sources-2.6.14-r8.ebuild:
499     bump hardened patchset
500 antarus 1.94
501     27 Apr 2006; Alec Warner <antarus@gentoo.org>
502     files/digest-hardened-sources-2.4.32-r2,
503     files/digest-hardened-sources-2.4.32-r3,
504     files/digest-hardened-sources-2.6.14-r8, Manifest:
505     Fixing duff SHA256 digests: Bug # 131293
506 johnm 1.93
507 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
508    
509     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
510     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
511     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
512     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
513     cleanup of old uneccessary sources
514    
515 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
516     fix digest
517 johnm 1.92
518     *hardened-sources-2.6.14-r8 (20 Apr 2006)
519    
520     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
521     +hardened-sources-2.6.14-r8.ebuild:
522     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
523 johnm 1.91
524     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
525     Turning on gpg-signing again, and recomitting
526 johnm 1.90
527     *hardened-sources-2.6.16-r4 (20 Apr 2006)
528    
529     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
530     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
531     +hardened-sources-2.6.16-r4.ebuild:
532     Fix numerous security vulns
533 solar 1.89
534     *hardened-sources-2.4.32-r3 (16 Apr 2006)
535    
536     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
537     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
538     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
539     - security bump for bug #112791. Removed old ebuilds
540 johnm 1.88
541     *hardened-sources-2.6.16-r3 (15 Apr 2006)
542    
543     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
544     +hardened-sources-2.6.16-r3.ebuild:
545     Removing silly localversion which I missed
546 johnm 1.87
547     *hardened-sources-2.6.14-r7 (14 Apr 2006)
548    
549     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
550     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
551     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
552 johnm 1.86
553     *hardened-sources-2.6.16-r2 (13 Apr 2006)
554    
555     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
556     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
557     +hardened-sources-2.6.16-r2.ebuild:
558     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
559     labels, dropping USERGROUP define fixes, since these were merged mainstream.
560 johnm 1.85
561     *hardened-sources-2.6.16-r1 (11 Apr 2006)
562    
563     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
564     +hardened-sources-2.6.16-r1.ebuild:
565     Bumping to include ppc build fix and 2.6.16.3
566 tsunam 1.84
567     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
568     hardened-sources-2.6.14-r6.ebuild:
569     Stable on x86; bug #127718
570 johnm 1.83
571     *hardened-sources-2.6.16 (31 Mar 2006)
572    
573     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
574     +hardened-sources-2.6.16.ebuild:
575     Bumping to new version of grsec, and kernel base. New squashfs. Based on
576     2.6.16.1
577 cryos 1.82
578     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
579     hardened-sources-2.6.14-r6.ebuild:
580     Stable on amd64, bug 127718.
581 nixnut 1.81
582     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
583     Stable on ppc. Bug #127718
584 johnm 1.80
585     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
586     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
587     -hardened-sources-2.6.14-r4.ebuild:
588     Cleanup.
589 johnm 1.79
590     *hardened-sources-2.6.14-r6 (15 Mar 2006)
591    
592     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
593     +hardened-sources-2.6.14-r6.ebuild:
594     Fixes grsec policy recreation bug and adds a
595     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
596 solar 1.78
597     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
598     - stable on x86
599 hansmi 1.77
600     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
601     hardened-sources-2.6.14-r5.ebuild:
602     Stable on ppc.
603 johnm 1.76
604     *hardened-sources-2.6.14-r5 (01 Feb 2006)
605    
606     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
607     +hardened-sources-2.6.14-r5.ebuild:
608     fixing every known exploit
609 solar 1.75
610     *hardened-sources-2.4.32-r2 (26 Jan 2006)
611    
612     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
613     +hardened-sources-2.4.32-r2.ebuild:
614     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
615 solar 1.74
616     *hardened-sources-2.6.14-r4 (12 Jan 2006)
617    
618     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
619     - version bump for new genpatches which fix up a few sec holes
620 solar 1.73
621     *hardened-sources-2.4.32-r1 (05 Jan 2006)
622    
623     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
624     - revision bump to add misc vital linux kernel security patches.
625 johnm 1.72
626     *hardened-sources-2.6.14-r3 (30 Dec 2005)
627    
628     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
629     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
630     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
631 johnm 1.71
632     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
633     hardened-sources-2.6.14-r2.ebuild:
634     making x86 & amd64 stable following testing.
635 johnm 1.70
636     *hardened-sources-2.6.14-r2 (27 Dec 2005)
637    
638     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
639     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
640     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
641     network hooks.
642 johnm 1.69
643     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
644     hardened-sources-2.6.14-r1.ebuild:
645     bumping to stable early for sec fix on x86 & amd64
646 johnm 1.68
647     *hardened-sources-2.6.14-r1 (05 Dec 2005)
648    
649     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
650     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
651     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
652 solar 1.67
653     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
654     - stable on x86 security bug #114227 CAN-2005-3257
655 kang 1.66
656     *hardened-sources-2.4.32 (19 Nov 2005)
657    
658     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
659     +hardened-sources-2.4.32.ebuild:
660     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
661     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
662     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
663     rsbac >> /etc/portage/package.use)
664 johnm 1.65
665     *hardened-sources-2.6.14 (14 Nov 2005)
666    
667     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
668     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
669     Bumping 2.6 series to 2.6.14.2
670 johnm 1.64
671     *hardened-sources-2.6.13-r2 (20 Oct 2005)
672    
673     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
674     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
675     +hardened-sources-2.6.13-r2.ebuild:
676     Fixes minor build error in ppc.
677 johnm 1.63
678     *hardened-sources-2.6.13-r1 (17 Oct 2005)
679    
680     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
681     +hardened-sources-2.6.13-r1.ebuild:
682     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
683     2.6.13.4, fixes some major amd64 stability problems.
684 johnm 1.62
685     *hardened-sources-2.6.13 (16 Sep 2005)
686    
687     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
688     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
689     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
690     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
691     users should test this thoroughly.
692 solar 1.61
693     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
694     - stable on x86
695 johnm 1.60
696     *hardened-sources-2.6.11-r15 (27 Jun 2005)
697    
698     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
699     +hardened-sources-2.6.11-r15.ebuild:
700     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
701     grsec redefining curr_ip struct.
702 solar 1.59
703     *hardened-sources-2.4.31 (20 Jun 2005)
704    
705     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
706     initial import of 2.4.31 tree
707 johnm 1.58
708     *hardened-sources-2.6.11-r14 (14 Jun 2005)
709    
710     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
711     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
712     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
713     naming scheme to abide by genpatches
714 johnm 1.57
715     *hardened-sources-2.6.11-r13 (18 May 2005)
716    
717     18 May 2005; John Mylchreest <johnm@gentoo.org>
718     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
719     Managed to mangle the Makefile patch from grsec, to miss out the grsec
720     target. sorry about that. Fixes bug #93022
721 johnm 1.56
722     *hardened-sources-2.6.11-r12 (17 May 2005)
723    
724     17 May 2005; John Mylchreest <johnm@gentoo.org>
725     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
726     +hardened-sources-2.6.11-r12.ebuild:
727     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
728     merges in genpatches-base
729 johnm 1.55
730     *hardened-sources-2.6.11-r12 (17 May 2005)
731    
732     17 May 2005; John Mylchreest <johnm@gentoo.org>
733     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
734     +hardened-sources-2.6.11-r12.ebuild:
735     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
736     merges in genpatches-base
737 solar 1.54
738     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
739     -files/2.4.27-cmdline-race.patch,
740     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
741     -files/2.4.28-grsec-binfmt_a.out.patch,
742     -files/2.4.28-grsec-cmdline-race.patch,
743     -files/2.4.28-selinux-binfmt_a.out.patch,
744     -files/2.4.28-selinux-cmdline-race.patch,
745     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
746     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
747     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
748     cleanup..
749 solar 1.53
750     *hardened-sources-2.4.30-r1 (21 Apr 2005)
751    
752     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
753     - disable aout by default
754 solar 1.52
755     *hardened-sources-2.4.30 (18 Apr 2005)
756    
757     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
758     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
759     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
760     use
761 tocharian 1.50
762 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
763    
764     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
765     +hardened-sources-2.4.29.ebuild:
766     New hardened-patches-2.4-29.0 patchball.
767     Removed SELinux support, upgraded GRSecurity to 2.1.4.
768    
769     *hardened-sources-2.4.28-r5 (06 Mar 2005)
770    
771     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
772     +hardened-sources-2.4.28-r5.ebuild:
773     Added a fix for a PaX vulnerability.
774    
775     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
776 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
777     Stable on x86
778 solar 1.49
779     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
780     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
781     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
782     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
783     - fixed/added RDEPEND= in all kernel-2 ebuilds
784 tocharian 1.48
785     *hardened-sources-2.4.28-r4 (21 Jan 2005)
786    
787     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
788     +hardened-sources-2.4.28-r4.ebuild:
789     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
790     backport of neighbour hash updates.
791 tocharian 1.47
792     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
793     hardened-sources-2.4.28-r3.ebuild:
794     Stable on x86
795 tseng 1.46
796     *hardened-sources-2.6.10-r3 (20 Jan 2005)
797    
798     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
799     +hardened-sources-2.6.10-r3.ebuild:
800     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
801     in 2005.0
802 tocharian 1.45
803     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
804     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
805     hardened-sources-2.4.28-r2.ebuild:
806     Mark stable on x86
807 tocharian 1.44
808     *hardened-sources-2.4.28-r3 (17 Jan 2005)
809    
810     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
811     +hardened-sources-2.4.28-r3.ebuild:
812     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
813 tocharian 1.43
814     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
815     hardened-sources-2.4.28.ebuild:
816     Mark stable on x86.
817 tocharian 1.42
818     *hardened-sources-2.4.28-r2 (13 Jan 2005)
819    
820     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
821     +hardened-sources-2.4.28-r2.ebuild:
822     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
823     Mazinger for grsecurity patches as well.
824 plasmaroo 1.41
825     *hardened-sources-2.4.28-r1 (23 Dec 2004)
826    
827     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
828     Security bump. Thank tocharian for rolling a new patchset...
829 solar 1.40
830     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
831     +files/2.4.28-grsec-cmdline-race.patch,
832     +files/2.4.28-selinux-binfmt_a.out.patch,
833     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
834     - Round up remaining security patches that appear to be missing in 2.4.28. -
835     PaX standalone updated to current. hgpv=28.1
836 solar 1.39
837     *hardened-sources-2.4.28 (28 Nov 2004)
838    
839     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
840     security bump. Thank tocharian for rolling a new patchset
841 scox 1.31
842 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
843    
844     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
845     +hardened-sources-2.4.27-r3.ebuild:
846     Applies the new 2.4-27.2 patchball which updates
847     GRSecurity to the 2.0.1 version.
848    
849 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
850    
851     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
852     +hardened-sources-2.4.27-r2.ebuild:
853     Version bump.
854     This version uses the new 2.4-27.1 patchball which updates
855     both the SELinux PaX hooks patch and the SELinux headers.
856    
857 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
858    
859     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
860     +hardened-sources-2.4.27-r1.ebuild,
861     -hardened-sources-2.4.27.ebuild,
862     +files/2.4.27-cmdline-race.patch:
863     Version bump, fix for cmdline race. See bug #59905.
864    
865     *hardened-sources-2.4.26-r6 (09 Aug 2004)
866    
867     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
868     +hardened-sources-2.4.26-r6.ebuild,
869     -hardened-sources-2.4.26-r5.ebuild,
870     -hardened-sources-2.4.26-r4.ebuild,
871     +files/2.4.26-cmdline-race.patch:
872     Version bump, fix for cmdline race. See bug #59905.
873    
874 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
875    
876     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
877     +hardened-sources-2.4.27.ebuild,
878     +files/2.4.27-CAN-2004-0394.patch:
879     Ported the patchball to the 2.4.27 kernel version.
880    
881 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
882    
883     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
884     +hardened-sources-2.4.26-r5.ebuild:
885 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
886 scox 1.34 It adds the following features:
887     - Squashfs
888     - Ebtables
889     - Netdev random (core+drivers)
890     - Watchdog Timer (WDT) fix.
891    
892 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
893    
894     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
895     +hardened-sources-2.4.26-r4.ebuild,
896     +files/2.4.26-CAN-2004-0415.patch,
897     -hardened-sources-2.4.26-3:
898     Version bump, fix for CAN 0415, see bug #59378.
899    
900 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
901    
902     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
903     +hardened-sources-2.4.26-r3.ebuild,
904     +files/2.4.26-CAN-2004-0497.patch,
905     -hardened-sources-2.4.26-r2.ebuild:
906     Version bump, fixed CAN 0497, see bug #56171.
907    
908 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
909    
910     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
911 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
912 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
913     +files/2.4.26-CAN-2004-0535.patch,
914     -hardened-sources-2.4.26-r1.ebuild:
915     Fixes for both CAN 0495 and 0535, see bug #54976
916 pvdabeel 1.27
917 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
918     hardened-sources-2.4.26-r1.ebuild:
919     QA - fix use invocation
920 scox 1.28
921     *hardened-sources-2.4.26-r1 (22 June 2004)
922    
923     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
924     +hardened-sources-2.4.26-r1.ebuild,
925     +files/2.4.26-CAN-2004-0394.patch,
926     +files/2.4.26-signal-race.patch,
927     -hardened-sources-2.4.26.ebuild,
928     -hardened-sources-2.4.24-r3.ebuild:
929     Version bump for the CAN-2004-0394 issue and bug #53804
930     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
931    
932    
933 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
934     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
935     Masked hardened-sources-2.4.26.ebuild broken for ppc
936    
937     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
938     hardened-sources-2.4.24-r3.ebuild:
939     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
940 plasmaroo 1.25
941 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
942    
943     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
944     +hardened-sources-2.4.26.ebuild:
945     Updated hardened-sources for the 2.4.26 kernel
946     Removed broken components, updated almost everything.
947    
948 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
949    
950     17 Apr 2004; <plasmaroo@gentoo.org>
951     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
952     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
953     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
954     +hardened-sources-2.4.24-r3.ebuild:
955     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
956     vulnerabilities. Old revisions removed.
957 plasmaroo 1.24
958     *hardened-sources-2.4.24-r2 (15 Apr 2004)
959    
960     15 Apr 2004; <plasmaroo@gentoo.org>
961     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
962     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
963     Version bump for the CAN-2004-0109 issue; bug #47881.
964 aliz 1.23
965     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
966     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
967     Add eutils to inherit.
968 plasmaroo 1.22
969     *hardened-sources-2.4.24-r1 (19 Feb 2004)
970    
971     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
972     files/hardened-sources-2.4.24.munmap.patch:
973     Added the patch for the mremap/munmap vulnerability. Bug #42024.
974 scox 1.19
975 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
976 scox 1.26
977 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
978     hardened-sources-2.4.24.ebuild:
979     Version bump, updated most of the components.
980     This release includes the following:
981    
982     - Hardened security
983     - Netfilter patch-o-matic 20031219
984     - FreeSWAN 2.04 & x509 1.4.8
985     - EVMS 2.2.2
986     - XFS 1.3.1
987     - cryptoloop jari
988     - grsecurity 2.0-rc4
989     - SELinux
990     - PaX 200402060000
991     - PaX Obscurity 200308302223
992     - Others...
993    
994     Neither -ck nor systrace are included anymore.
995    
996 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
997    
998     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
999     hardened-sources-2.4.22-r2.ebuild:
1000 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1001 scox 1.19
1002     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1003 iggy 1.17
1004     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1005 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1006 iggy 1.16
1007     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1008 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1009     Version bump for the 'do_brk' vulnerability.
1010 iggy 1.15
1011     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1012     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1013     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1014     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1015 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1016 frogger 1.14
1017     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1018     hardened-sources-2.4.22.ebuild:
1019 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1020     components. These are no longer handled in the kernel
1021     so this code was not necessary.
1022 frogger 1.13
1023     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1024     New 2.4.22 based hardened-sources thanks to
1025     Phil West <p.west@computer.org>.
1026    
1027     These sources include:
1028 plasmaroo 1.18 - New SELinux API
1029     - Updated CK-base
1030     - Updated GRSec
1031     - Systrace
1032     - SuperFreeS/WAN 1.99.8
1033     - Propolice kernel build support
1034     - EVMS
1035     - Other various security related patches
1036 frogger 1.11
1037 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1038    
1039     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1040     Updated hardened-sources based on the 2.4.21 Linux kernel.
1041     This includes updates to most major components such as:
1042 plasmaroo 1.18 - ck-base-0306300059
1043     - selinux-2.4-2003071106
1044     - grsecurity-2.0-rc1
1045     - Updated IPTables patch-o-matic
1046     - Updated SuperFreeS/WAN
1047    
1048 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1049     updated patch set ready for the 2.4.21 based kernel.
1050    
1051 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1052     Initial import of hardened-sources-2.4.20-r4. This revision
1053     includes only a few changes, but one of these is an important
1054     security fix. It is recommended all users of hardened-sources
1055     upgrade to this release.
1056 plasmaroo 1.18
1057 frogger 1.11 - ioperm bug fix
1058     - fixed compilation failure when building without GRSec
1059 plasmaroo 1.18
1060 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1061     due to time constraints, but is planned for inclusion in the near
1062     future.
1063 msterret 1.10
1064     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1065    
1066     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1067     hardened-sources-2.4.20-r3.ebuild:
1068 plasmaroo 1.18 Add Header...
1069 frogger 1.9
1070     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1071     hardened-sources-2.4.20-r3.ebuild:
1072     Removed warnings from ebuild. This kernel should be safe to
1073     use at this point.
1074 frogger 1.8
1075     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1076    
1077     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1078     hardened-sources-2.4.20-r3.ebuild:
1079     New revision. Includes the following changes over -r2:
1080 plasmaroo 1.18
1081 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1082     - Super FreeS/WAN 1.99.7rc2
1083     - PaX for the LSM/SELinux branch
1084     - GRSecurity 2.0-pre4 (role based access control)
1085     - Systrace 1.3
1086     - EXT3 fixes
1087     - EVMS 2.0.1
1088     - GCC 3.1+ compile optimizations
1089     - ProPolice kernel build support
1090     - Hashing table security fixes
1091 frogger 1.3
1092     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1093 frogger 1.7
1094     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1095     Initial import of hardened-sources-r2. This new
1096     ebuild includes many new performance and security
1097     related patches. As in -r1, it will patch in
1098     LSM/SELinux if "selinux" is in USE, otherwise it
1099     will patch in GRSecurity. The following patches
1100     are included in this revision:
1101 plasmaroo 1.18
1102 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1103     (pulled from the base CK patch)
1104     - ptrace exploit patch for the LSM kernel
1105     (the GRSec patch already fixes this)
1106     - LSM 2.4-2003040709
1107     - SELinux 2.4-2003040709
1108     - Systrace v1.2
1109     - IPTables patch-o-matic base patches - 20030107
1110     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1111     - Super FreeS/WAN 1.99.6.1
1112     - GRSecurity 1.9.9g
1113     - MPPE
1114     - EXT3 data journal fix
1115     - CIPE 1.5.4
1116 frogger 1.6
1117     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1118     hardened-sources-2.4.20-r1.ebuild, manifest:
1119 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1120 frogger 1.5
1121     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1122     hardened-sources-2.4.20-r1.ebuild:
1123     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1124     is patched in instead. Ptrace patches for selinux have also been added. In
1125     either case, systrace support will be patched in as well.
1126 frogger 1.3
1127     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1128     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1129 plasmaroo 1.18 Revision bump for new sources.
1130 frogger 1.4
1131 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1132 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1133 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1134 method 1.1
1135 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1136    
1137 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1138     hardened-sources-2.4.20.ebuild:
1139 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20