/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.181 - (hide annotations) (download)
Mon Sep 17 20:28:37 2007 UTC (6 years, 10 months ago) by phreak
Branch: MAIN
Changes since 1.180: +7 -1 lines
Revision bump, hopefully fixing all those weird PAX failures.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.181 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.180 2007/09/01 12:10:05 phreak Exp $
4    
5     *hardened-sources-2.6.22-r4 (17 Sep 2007)
6    
7     17 Sep 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.22-r4.ebuild:
9     Revision bump, hopefully fixing all those weird PAX failures.
10 phreak 1.180
11     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
12     Updating the metadata.xml.
13 phreak 1.179
14     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
15     Removing tocharian from metadata due to his retirement (see #71718 for
16     reference).
17 phreak 1.178
18     *hardened-sources-2.6.20-r9 (30 Aug 2007)
19    
20     30 Aug 2007; Christian Heim <phreak@gentoo.org>
21     +hardened-sources-2.6.20-r9.ebuild:
22     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
23 phreak 1.177
24     29 Aug 2007; Christian Heim <phreak@gentoo.org>
25     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
26     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
27     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
28     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
29     -hardened-sources-2.6.22-r2.ebuild:
30     Removing some redundant versions.
31 phreak 1.176
32     *hardened-sources-2.4.35-r1 (29 Aug 2007)
33    
34     29 Aug 2007; Christian Heim <phreak@gentoo.org>
35     +hardened-sources-2.4.35-r1.ebuild:
36     Revision bump, new grsecurity patch.
37 phreak 1.175
38     *hardened-sources-2.6.20-r8 (26 Aug 2007)
39    
40     26 Aug 2007; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.20-r8.ebuild:
42     Revision bump for Linux 2.6.20.17.
43 phreak 1.174
44     *hardened-sources-2.6.22-r3 (22 Aug 2007)
45    
46     22 Aug 2007; Christian Heim <phreak@gentoo.org>
47     +hardened-sources-2.6.22-r3.ebuild:
48     Revision bump for Linux 2.6.22.4.
49 phreak 1.173
50     16 Aug 2007; Christian Heim <phreak@gentoo.org>
51     hardened-sources-2.6.22-r2.ebuild:
52     Updated patchset, to fix the alignment against 2.6.22.3.
53 phreak 1.172
54     *hardened-sources-2.6.22-r2 (16 Aug 2007)
55    
56     16 Aug 2007; Christian Heim <phreak@gentoo.org>
57     +hardened-sources-2.6.22-r2.ebuild:
58     Revision bump for Linux 2.6.22.3.
59 phreak 1.171
60     *hardened-sources-2.4.35 (16 Aug 2007)
61    
62     16 Aug 2007; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.4.35.ebuild:
64     Version bump, initial version for Linux 2.4.35.
65 phreak 1.170
66     *hardened-sources-2.6.21-r4 (16 Aug 2007)
67    
68     16 Aug 2007; Christian Heim <phreak@gentoo.org>
69     +hardened-sources-2.6.21-r4.ebuild:
70     Revision bump for Linux 2.6.21.6.
71 phreak 1.169
72     *hardened-sources-2.6.20-r7 (16 Aug 2007)
73    
74     16 Aug 2007; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.20-r7.ebuild:
76     Revision bump for Linux 2.6.20.16.
77 phreak 1.168
78     *hardened-sources-2.6.22-r1 (13 Aug 2007)
79    
80     13 Aug 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.22-r1.ebuild:
82     Yet another revision bump.
83 phreak 1.167
84     *hardened-sources-2.6.22 (10 Aug 2007)
85    
86     10 Aug 2007; Christian Heim <phreak@gentoo.org>
87     +hardened-sources-2.6.22.ebuild:
88     Initial release for 2.6.22. If you are using hardened-sources on a desktop
89     machine (P4 or newer), be aware you might need to disable
90     CONFIG_PAX_PAGEEXEC.
91 phreak 1.166
92     04 Aug 2007; Christian Heim <phreak@gentoo.org>
93     hardened-sources-2.6.20-r6.ebuild:
94     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
95     2.6.20.15.
96 phreak 1.165
97     10 Jul 2007; Christian Heim <phreak@gentoo.org>
98     hardened-sources-2.6.20-r5.ebuild:
99     Marking hardened-sources-2.6.20-r5 stable on ppc.
100 phreak 1.164
101     10 Jul 2007; Christian Heim <phreak@gentoo.org>
102     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
103     Cleanup.
104 phreak 1.163
105     *hardened-sources-2.6.20-r6 (08 Jul 2007)
106    
107     08 Jul 2007; Christian Heim <phreak@gentoo.org>
108     +hardened-sources-2.6.20-r6.ebuild:
109     Revision bump, grabbing yet another stable release.
110 phreak 1.162
111     17 Jun 2007; Christian Heim <phreak@gentoo.org>
112     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
113     -hardened-sources-2.6.21-r2.ebuild:
114     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
115     alpha stable KEYWORD by mistake.
116 phreak 1.161
117     17 Jun 2007; Christian Heim <phreak@gentoo.org>
118     hardened-sources-2.6.20-r5.ebuild:
119     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
120     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
121 phreak 1.160
122     *hardened-sources-2.6.21-r3 (12 Jun 2007)
123    
124     12 Jun 2007; Christian Heim <phreak@gentoo.org>
125     +hardened-sources-2.6.21-r3.ebuild:
126     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
127     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
128     love.
129 phreak 1.159
130     *hardened-sources-2.6.20-r5 (11 Jun 2007)
131    
132     11 Jun 2007; Christian Heim <phreak@gentoo.org>
133     +hardened-sources-2.6.20-r5.ebuild:
134     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
135     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
136     love.
137 pappy 1.158
138     *hardened-sources-2.4.34.5 (11 Jun 2007)
139    
140     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
141     +hardened-sources-2.4.34.5.ebuild:
142     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
143 phreak 1.157
144     30 May 2007; Christian Heim <phreak@gentoo.org>
145     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
146     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
147     stale ebuild(s).
148 phreak 1.156
149     30 May 2007; Christian Heim <phreak@gentoo.org>
150     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
151     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
152     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
153     Doing some cleanups, remove stale ebuilds.
154 phreak 1.155
155     26 May 2007; Christian Heim <phreak@gentoo.org>
156     hardened-sources-2.6.21-r2.ebuild:
157     Fixing the grsecurity patch, had one '};' too much.
158 phreak 1.154
159     *hardened-sources-2.6.21-r2 (26 May 2007)
160    
161     26 May 2007; Christian Heim <phreak@gentoo.org>
162     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
163     +hardened-sources-2.6.21-r2.ebuild:
164     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
165     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
166 phreak 1.153
167     *hardened-sources-2.6.20-r4 (26 May 2007)
168    
169     26 May 2007; Christian Heim <phreak@gentoo.org>
170     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
171     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
172 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
173 phreak 1.152
174     15 May 2007; Christian Heim <phreak@gentoo.org>
175     hardened-sources-2.6.20-r3.ebuild:
176     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
177     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
178     grsecurity patch fail in that exact same hunk.
179 phreak 1.151
180     *hardened-sources-2.6.20-r3 (15 May 2007)
181    
182     15 May 2007; Christian Heim <phreak@gentoo.org>
183     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
184     Revision bump, incorporating Linux 2.6.20.11.
185    
186     *hardened-sources-2.6.21-r1 (11 May 2007)
187    
188     11 May 2007; Christian Heim <phreak@gentoo.org>
189     +hardened-sources-2.6.21-r1.ebuild:
190     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
191     mentioned in #177234.
192 kevquinn 1.150
193     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
194     files/digest-hardened-sources-2.6.21, Manifest:
195     Fix Manifest/digest for linux-2.6.21.tar.bz2
196 phreak 1.149
197     06 May 2007; Christian Heim <phreak@gentoo.org>
198     hardened-sources-2.6.21.ebuild:
199     Bumping the hardened-patches version, needed for the fix for #177234.
200 phreak 1.148
201     *hardened-sources-2.6.21 (02 May 2007)
202    
203     02 May 2007; Christian Heim <phreak@gentoo.org>
204     +hardened-sources-2.6.21.ebuild:
205     Version bump, Linux 2.6.21-hardened.
206 phreak 1.147
207     29 Apr 2007; Christian Heim <phreak@gentoo.org>
208     hardened-sources-2.6.20-r2.ebuild:
209     Adding ~ia64 on Ned's request.
210 phreak 1.146
211     29 Apr 2007; Christian Heim <phreak@gentoo.org>
212     hardened-sources-2.6.20-r2.ebuild:
213     Fixing the included grsecurity patch, wasn't alligning due to the Index:
214     header line(s).
215 phreak 1.145
216     29 Apr 2007; Christian Heim <phreak@gentoo.org>
217     hardened-sources-2.6.20-r2.ebuild:
218     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
219 armin76 1.144
220     *hardened-sources-2.6.20-r2 (10 Apr 2007)
221    
222     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
223     +hardened-sources-2.6.20-r2.ebuild:
224     Version bump, on behalf of phreak
225 phreak 1.143
226     *hardened-sources-2.6.20-r1 (04 Apr 2007)
227    
228     04 Apr 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.20-r1.ebuild:
230     Revision bump, grabbing a newer grsecurity snapshot.
231 phreak 1.142
232     *hardened-sources-2.6.20 (25 Mar 2007)
233    
234     25 Mar 2007; Christian Heim <phreak@gentoo.org>
235     +hardened-sources-2.6.20.ebuild:
236     Finally a hardened-sources version for 2.6.20; many people have been waiting
237     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
238     testbox.
239 chainsaw 1.141
240     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
241     hardened-sources-2.6.18-r6.ebuild:
242     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
243 phreak 1.140
244     *hardened-sources-2.6.18-r6 (16 Mar 2007)
245    
246     16 Mar 2007; Christian Heim <phreak@gentoo.org>
247     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
248     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
249     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
250     supposed to be.
251 phreak 1.139
252     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
253     Fixing the Manifest, the previous one was broken (as in still had the
254     deleted ebuild in it).
255 phreak 1.138
256     06 Mar 2007; Christian Heim <phreak@gentoo.org>
257     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
258     +hardened-sources-2.6.18-r5.ebuild:
259     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
260     Linux 2.6.18.8. Also cleaning up the older version.
261    
262     *hardened-sources-2.6.18-r5 (06 Mar 2007)
263    
264     06 Mar 2007; Christian Heim <phreak@gentoo.org>
265     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
266     +hardened-sources-2.6.18-r5.ebuild:
267     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
268     Linux 2.6.18.8. Also cleaning up the older version.
269 phreak 1.137
270     24 Feb 2007; Christian Heim <phreak@gentoo.org>
271     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
272     -hardened-sources-2.6.19-r5.ebuild:
273     Removing some of the old version, that didn't work.
274 phreak 1.136
275     *hardened-sources-2.6.19-r6 (12 Feb 2007)
276    
277     12 Feb 2007; Christian Heim <phreak@gentoo.org>
278     +hardened-sources-2.6.19-r6.ebuild:
279     Revision bump, including a new grsec version fixing #166235.
280 pappy 1.134
281     *hardened-sources-2.4.34 (24 Jan 2007)
282    
283     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
284 pappy 1.135 Manifest:
285     updating Manifest with checksums of new tarball and ebuild
286    
287     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
288 pappy 1.134 +hardened-sources-2.4.34.ebuild:
289     I added new hardened sources 2.4 update, this is a critical path
290     security bugfix - all users of h-s are strongly advised
291     to update their existing hardened sources to this version.
292     It contains a fix for a kernel vulnerability that is pertaining
293     to the PaX changes to virtual memory management, possibly leading
294     to a local kernel exploit ... see grsecurity.net forums and homepage
295 phreak 1.133
296     23 Jan 2007; Christian Heim <phreak@gentoo.org>
297     files/digest-hardened-sources-2.6.19-r5, Manifest:
298     Fixing the patch-tarball digest.
299 phreak 1.132
300     *hardened-sources-2.6.19-r5 (23 Jan 2007)
301    
302     23 Jan 2007; Christian Heim <phreak@gentoo.org>
303     +hardened-sources-2.6.19-r5.ebuild:
304     Revision bump, closing the recently discovered PaX expand_stack()
305     vulnerability.
306 phreak 1.131
307     *hardened-sources-2.6.19-r4 (14 Jan 2007)
308    
309     14 Jan 2007; Christian Heim <phreak@gentoo.org>
310     +hardened-sources-2.6.19-r4.ebuild:
311     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
312     dropping the randomized PID feature.
313 opfer 1.130
314     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
315     hardened-sources-2.4.33.4.ebuild:
316     stable x86, bug #161171
317 phreak 1.129
318     *hardened-sources-2.6.19-r3 (27 Dec 2006)
319    
320     27 Dec 2006; Christian Heim <phreak@gentoo.org>
321     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
322     Revision bump for bug #157186 and #158786.
323 phreak 1.128
324     *hardened-sources-2.6.18-r4 (27 Dec 2006)
325    
326     27 Dec 2006; Christian Heim <phreak@gentoo.org>
327     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
328     Revision bump for bug #157186.
329 phreak 1.127
330     *hardened-sources-2.6.19-r2 (23 Dec 2006)
331    
332     23 Dec 2006; Christian Heim <phreak@gentoo.org>
333     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
334     Revision bump to pull in genpatches-2.6.19-3 for #157186.
335 phreak 1.126
336     17 Dec 2006; Christian Heim <phreak@gentoo.org>
337     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
338     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
339     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
340     hardened-sources-2.6.19-r1.ebuild:
341     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
342     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
343 pappy 1.125
344     *hardened-sources-2.4.33.4 (17 Dec 2006)
345    
346     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
347     +hardened-sources-2.4.33.4.ebuild:
348     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
349     and quilting
350 phreak 1.124
351     *hardened-sources-2.6.19-r1 (14 Dec 2006)
352    
353     14 Dec 2006; Christian Heim <phreak@gentoo.org>
354     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
355     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
356     for reporting).
357 phreak 1.123
358     *hardened-sources-2.6.19 (13 Dec 2006)
359    
360     13 Dec 2006; Christian Heim <phreak@gentoo.org>
361     +hardened-sources-2.6.19.ebuild:
362     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
363     Brad for providing that prompt update.
364 phreak 1.122
365     *hardened-sources-2.6.18-r3 (13 Dec 2006)
366    
367     13 Dec 2006; Christian Heim <phreak@gentoo.org>
368     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
369     +hardened-sources-2.6.18-r3.ebuild:
370     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
371     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
372 phreak 1.121
373     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
374     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
375 nixnut 1.120
376     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
377     Stable on ppc wrt bug 157356
378 opfer 1.119
379     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
380     hardened-sources-2.6.18.ebuild:
381     stable x86, bug #157356
382 phreak 1.118
383     *hardened-sources-2.6.18-r2 (06 Dec 2006)
384    
385     06 Dec 2006; Christian Heim <phreak@gentoo.org>
386     +hardened-sources-2.6.18-r2.ebuild:
387     Revision bump, including 2.6.18.5 (via genpatches) and
388     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
389     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
390     redesign.
391 phreak 1.117
392     06 Dec 2006; Christian Heim <phreak@gentoo.org>
393     hardened-sources-2.6.18.ebuild:
394     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
395     of Mike Doty).
396 phreak 1.116
397     *hardened-sources-2.6.18-r1 (23 Nov 2006)
398    
399     23 Nov 2006; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.18-r1.ebuild:
401     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
402 phreak 1.115
403     *hardened-sources-2.6.18 (11 Nov 2006)
404    
405     11 Nov 2006; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.18.ebuild:
407     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
408 solar 1.114
409     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
410     - mark amd64 stable also. bug #151877
411 solar 1.113
412     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
413     - mark 2.6.17-r1 stable
414 phreak 1.112
415     27 Aug 2006; Christian Heim <phreak@gentoo.org>
416     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
417     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
418 phreak 1.111
419     *hardened-sources-2.6.17-r1 (26 Aug 2006)
420    
421     26 Aug 2006; Christian Heim <phreak@gentoo.org>
422     +hardened-sources-2.6.17-r1.ebuild:
423     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
424     grsecurity patch.
425 phreak 1.110
426     *hardened-sources-2.6.17 (17 Aug 2006)
427    
428     17 Aug 2006; Christian Heim <phreak@gentoo.org>
429     +hardened-sources-2.6.17.ebuild:
430     Bumping the hardened-sources-2.6 series to 2.6.17, using
431     genpatches-2.6.17-6.base.
432 solar 1.109
433     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
434     - stable on x86 and amd64
435 solar 1.108
436     *hardened-sources-2.6.16-r11 (15 Jul 2006)
437    
438     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
439     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
440     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
441     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
442     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
443     crusty ebuilds
444 johnm 1.107
445     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
446     hardened-sources-2.6.16-r10.ebuild:
447     marking stable on x86 and amd64
448 solar 1.106
449     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
450     - 2.4.32-r6 stable on x86. RSBAC state unknown
451 kang 1.105
452     *hardened-sources-2.4.32-r7 (10 Jul 2006)
453    
454     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
455     +hardened-sources-2.4.32-r7.ebuild:
456     Bump PaX for RSBAC to test-17
457 johnm 1.104
458     *hardened-sources-2.6.16-r9 (03 Jul 2006)
459    
460     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
461     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
462     hardened-sources-2.6.16 bump to latest -base.
463 solar 1.103
464     *hardened-sources-2.4.32-r6 (30 Jun 2006)
465    
466     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
467     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
468     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
469     sysctl controlable resource logging
470 johnm 1.102
471     *hardened-sources-2.6.16-r7 (05 Jun 2006)
472    
473     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
474     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
475     push new 2.6.16 release in preparation for stable
476 solar 1.101
477     22 May 2006; <solar@gentoo.org> :
478     - redigest bug 134002
479 kang 1.100
480     *hardened-sources-2.4.32-r5 (16 May 2006)
481    
482     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
483     +hardened-sources-2.4.32-r5.ebuild:
484     Fixes rsbac common patching (new patch in new -r5 patchset)
485 solar 1.99
486     *hardened-sources-2.4.32-r4 (13 May 2006)
487    
488     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
489     +hardened-sources-2.4.32-r4.ebuild:
490     - security bumps
491 johnm 1.98
492     *hardened-sources-2.6.16-r6 (03 May 2006)
493    
494     03 May 2006; John Mylchreest <johnm@gentoo.org>
495     +hardened-sources-2.6.16-r6.ebuild:
496     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
497 johnm 1.97
498     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
499     hardened-sources-2.6.14-r8.ebuild:
500     fix x86_64 build problem, this will delay the digest issue again for a short
501     while but it will sort itself out
502 johnm 1.96
503     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
504     hardened-sources-2.6.14-r8.ebuild:
505     bump hardened patchset
506 antarus 1.94
507     27 Apr 2006; Alec Warner <antarus@gentoo.org>
508     files/digest-hardened-sources-2.4.32-r2,
509     files/digest-hardened-sources-2.4.32-r3,
510     files/digest-hardened-sources-2.6.14-r8, Manifest:
511     Fixing duff SHA256 digests: Bug # 131293
512 johnm 1.93
513 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
514    
515     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
516     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
517     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
518     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
519     cleanup of old uneccessary sources
520    
521 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
522     fix digest
523 johnm 1.92
524     *hardened-sources-2.6.14-r8 (20 Apr 2006)
525    
526     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
527     +hardened-sources-2.6.14-r8.ebuild:
528     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
529 johnm 1.91
530     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
531     Turning on gpg-signing again, and recomitting
532 johnm 1.90
533     *hardened-sources-2.6.16-r4 (20 Apr 2006)
534    
535     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
536     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
537     +hardened-sources-2.6.16-r4.ebuild:
538     Fix numerous security vulns
539 solar 1.89
540     *hardened-sources-2.4.32-r3 (16 Apr 2006)
541    
542     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
543     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
544     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
545     - security bump for bug #112791. Removed old ebuilds
546 johnm 1.88
547     *hardened-sources-2.6.16-r3 (15 Apr 2006)
548    
549     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
550     +hardened-sources-2.6.16-r3.ebuild:
551     Removing silly localversion which I missed
552 johnm 1.87
553     *hardened-sources-2.6.14-r7 (14 Apr 2006)
554    
555     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
556     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
557     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
558 johnm 1.86
559     *hardened-sources-2.6.16-r2 (13 Apr 2006)
560    
561     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
562     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
563     +hardened-sources-2.6.16-r2.ebuild:
564     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
565     labels, dropping USERGROUP define fixes, since these were merged mainstream.
566 johnm 1.85
567     *hardened-sources-2.6.16-r1 (11 Apr 2006)
568    
569     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
570     +hardened-sources-2.6.16-r1.ebuild:
571     Bumping to include ppc build fix and 2.6.16.3
572 tsunam 1.84
573     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
574     hardened-sources-2.6.14-r6.ebuild:
575     Stable on x86; bug #127718
576 johnm 1.83
577     *hardened-sources-2.6.16 (31 Mar 2006)
578    
579     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
580     +hardened-sources-2.6.16.ebuild:
581     Bumping to new version of grsec, and kernel base. New squashfs. Based on
582     2.6.16.1
583 cryos 1.82
584     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
585     hardened-sources-2.6.14-r6.ebuild:
586     Stable on amd64, bug 127718.
587 nixnut 1.81
588     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
589     Stable on ppc. Bug #127718
590 johnm 1.80
591     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
592     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
593     -hardened-sources-2.6.14-r4.ebuild:
594     Cleanup.
595 johnm 1.79
596     *hardened-sources-2.6.14-r6 (15 Mar 2006)
597    
598     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
599     +hardened-sources-2.6.14-r6.ebuild:
600     Fixes grsec policy recreation bug and adds a
601     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
602 solar 1.78
603     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
604     - stable on x86
605 hansmi 1.77
606     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
607     hardened-sources-2.6.14-r5.ebuild:
608     Stable on ppc.
609 johnm 1.76
610     *hardened-sources-2.6.14-r5 (01 Feb 2006)
611    
612     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
613     +hardened-sources-2.6.14-r5.ebuild:
614     fixing every known exploit
615 solar 1.75
616     *hardened-sources-2.4.32-r2 (26 Jan 2006)
617    
618     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
619     +hardened-sources-2.4.32-r2.ebuild:
620     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
621 solar 1.74
622     *hardened-sources-2.6.14-r4 (12 Jan 2006)
623    
624     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
625     - version bump for new genpatches which fix up a few sec holes
626 solar 1.73
627     *hardened-sources-2.4.32-r1 (05 Jan 2006)
628    
629     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
630     - revision bump to add misc vital linux kernel security patches.
631 johnm 1.72
632     *hardened-sources-2.6.14-r3 (30 Dec 2005)
633    
634     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
635     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
636     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
637 johnm 1.71
638     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
639     hardened-sources-2.6.14-r2.ebuild:
640     making x86 & amd64 stable following testing.
641 johnm 1.70
642     *hardened-sources-2.6.14-r2 (27 Dec 2005)
643    
644     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
645     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
646     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
647     network hooks.
648 johnm 1.69
649     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
650     hardened-sources-2.6.14-r1.ebuild:
651     bumping to stable early for sec fix on x86 & amd64
652 johnm 1.68
653     *hardened-sources-2.6.14-r1 (05 Dec 2005)
654    
655     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
656     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
657     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
658 solar 1.67
659     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
660     - stable on x86 security bug #114227 CAN-2005-3257
661 kang 1.66
662     *hardened-sources-2.4.32 (19 Nov 2005)
663    
664     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
665     +hardened-sources-2.4.32.ebuild:
666     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
667     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
668     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
669     rsbac >> /etc/portage/package.use)
670 johnm 1.65
671     *hardened-sources-2.6.14 (14 Nov 2005)
672    
673     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
674     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
675     Bumping 2.6 series to 2.6.14.2
676 johnm 1.64
677     *hardened-sources-2.6.13-r2 (20 Oct 2005)
678    
679     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
680     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
681     +hardened-sources-2.6.13-r2.ebuild:
682     Fixes minor build error in ppc.
683 johnm 1.63
684     *hardened-sources-2.6.13-r1 (17 Oct 2005)
685    
686     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
687     +hardened-sources-2.6.13-r1.ebuild:
688     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
689     2.6.13.4, fixes some major amd64 stability problems.
690 johnm 1.62
691     *hardened-sources-2.6.13 (16 Sep 2005)
692    
693     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
694     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
695     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
696     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
697     users should test this thoroughly.
698 solar 1.61
699     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
700     - stable on x86
701 johnm 1.60
702     *hardened-sources-2.6.11-r15 (27 Jun 2005)
703    
704     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
705     +hardened-sources-2.6.11-r15.ebuild:
706     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
707     grsec redefining curr_ip struct.
708 solar 1.59
709     *hardened-sources-2.4.31 (20 Jun 2005)
710    
711     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
712     initial import of 2.4.31 tree
713 johnm 1.58
714     *hardened-sources-2.6.11-r14 (14 Jun 2005)
715    
716     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
717     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
718     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
719     naming scheme to abide by genpatches
720 johnm 1.57
721     *hardened-sources-2.6.11-r13 (18 May 2005)
722    
723     18 May 2005; John Mylchreest <johnm@gentoo.org>
724     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
725     Managed to mangle the Makefile patch from grsec, to miss out the grsec
726     target. sorry about that. Fixes bug #93022
727 johnm 1.56
728     *hardened-sources-2.6.11-r12 (17 May 2005)
729    
730     17 May 2005; John Mylchreest <johnm@gentoo.org>
731     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
732     +hardened-sources-2.6.11-r12.ebuild:
733     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
734     merges in genpatches-base
735 johnm 1.55
736     *hardened-sources-2.6.11-r12 (17 May 2005)
737    
738     17 May 2005; John Mylchreest <johnm@gentoo.org>
739     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
740     +hardened-sources-2.6.11-r12.ebuild:
741     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
742     merges in genpatches-base
743 solar 1.54
744     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
745     -files/2.4.27-cmdline-race.patch,
746     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
747     -files/2.4.28-grsec-binfmt_a.out.patch,
748     -files/2.4.28-grsec-cmdline-race.patch,
749     -files/2.4.28-selinux-binfmt_a.out.patch,
750     -files/2.4.28-selinux-cmdline-race.patch,
751     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
752     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
753     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
754     cleanup..
755 solar 1.53
756     *hardened-sources-2.4.30-r1 (21 Apr 2005)
757    
758     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
759     - disable aout by default
760 solar 1.52
761     *hardened-sources-2.4.30 (18 Apr 2005)
762    
763     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
764     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
765     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
766     use
767 tocharian 1.50
768 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
769    
770     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
771     +hardened-sources-2.4.29.ebuild:
772     New hardened-patches-2.4-29.0 patchball.
773     Removed SELinux support, upgraded GRSecurity to 2.1.4.
774    
775     *hardened-sources-2.4.28-r5 (06 Mar 2005)
776    
777     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
778     +hardened-sources-2.4.28-r5.ebuild:
779     Added a fix for a PaX vulnerability.
780    
781     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
782 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
783     Stable on x86
784 solar 1.49
785     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
786     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
787     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
788     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
789     - fixed/added RDEPEND= in all kernel-2 ebuilds
790 tocharian 1.48
791     *hardened-sources-2.4.28-r4 (21 Jan 2005)
792    
793     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
794     +hardened-sources-2.4.28-r4.ebuild:
795     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
796     backport of neighbour hash updates.
797 tocharian 1.47
798     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
799     hardened-sources-2.4.28-r3.ebuild:
800     Stable on x86
801 tseng 1.46
802     *hardened-sources-2.6.10-r3 (20 Jan 2005)
803    
804     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
805     +hardened-sources-2.6.10-r3.ebuild:
806     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
807     in 2005.0
808 tocharian 1.45
809     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
810     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
811     hardened-sources-2.4.28-r2.ebuild:
812     Mark stable on x86
813 tocharian 1.44
814     *hardened-sources-2.4.28-r3 (17 Jan 2005)
815    
816     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
817     +hardened-sources-2.4.28-r3.ebuild:
818     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
819 tocharian 1.43
820     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
821     hardened-sources-2.4.28.ebuild:
822     Mark stable on x86.
823 tocharian 1.42
824     *hardened-sources-2.4.28-r2 (13 Jan 2005)
825    
826     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
827     +hardened-sources-2.4.28-r2.ebuild:
828     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
829     Mazinger for grsecurity patches as well.
830 plasmaroo 1.41
831     *hardened-sources-2.4.28-r1 (23 Dec 2004)
832    
833     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
834     Security bump. Thank tocharian for rolling a new patchset...
835 solar 1.40
836     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
837     +files/2.4.28-grsec-cmdline-race.patch,
838     +files/2.4.28-selinux-binfmt_a.out.patch,
839     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
840     - Round up remaining security patches that appear to be missing in 2.4.28. -
841     PaX standalone updated to current. hgpv=28.1
842 solar 1.39
843     *hardened-sources-2.4.28 (28 Nov 2004)
844    
845     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
846     security bump. Thank tocharian for rolling a new patchset
847 scox 1.31
848 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
849    
850     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
851     +hardened-sources-2.4.27-r3.ebuild:
852     Applies the new 2.4-27.2 patchball which updates
853     GRSecurity to the 2.0.1 version.
854    
855 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
856    
857     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
858     +hardened-sources-2.4.27-r2.ebuild:
859     Version bump.
860     This version uses the new 2.4-27.1 patchball which updates
861     both the SELinux PaX hooks patch and the SELinux headers.
862    
863 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
864    
865     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
866     +hardened-sources-2.4.27-r1.ebuild,
867     -hardened-sources-2.4.27.ebuild,
868     +files/2.4.27-cmdline-race.patch:
869     Version bump, fix for cmdline race. See bug #59905.
870    
871     *hardened-sources-2.4.26-r6 (09 Aug 2004)
872    
873     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874     +hardened-sources-2.4.26-r6.ebuild,
875     -hardened-sources-2.4.26-r5.ebuild,
876     -hardened-sources-2.4.26-r4.ebuild,
877     +files/2.4.26-cmdline-race.patch:
878     Version bump, fix for cmdline race. See bug #59905.
879    
880 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
881    
882     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
883     +hardened-sources-2.4.27.ebuild,
884     +files/2.4.27-CAN-2004-0394.patch:
885     Ported the patchball to the 2.4.27 kernel version.
886    
887 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
888    
889     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
890     +hardened-sources-2.4.26-r5.ebuild:
891 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
892 scox 1.34 It adds the following features:
893     - Squashfs
894     - Ebtables
895     - Netdev random (core+drivers)
896     - Watchdog Timer (WDT) fix.
897    
898 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
899    
900     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
901     +hardened-sources-2.4.26-r4.ebuild,
902     +files/2.4.26-CAN-2004-0415.patch,
903     -hardened-sources-2.4.26-3:
904     Version bump, fix for CAN 0415, see bug #59378.
905    
906 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
907    
908     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
909     +hardened-sources-2.4.26-r3.ebuild,
910     +files/2.4.26-CAN-2004-0497.patch,
911     -hardened-sources-2.4.26-r2.ebuild:
912     Version bump, fixed CAN 0497, see bug #56171.
913    
914 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
915    
916     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
917 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
918 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
919     +files/2.4.26-CAN-2004-0535.patch,
920     -hardened-sources-2.4.26-r1.ebuild:
921     Fixes for both CAN 0495 and 0535, see bug #54976
922 pvdabeel 1.27
923 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
924     hardened-sources-2.4.26-r1.ebuild:
925     QA - fix use invocation
926 scox 1.28
927     *hardened-sources-2.4.26-r1 (22 June 2004)
928    
929     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
930     +hardened-sources-2.4.26-r1.ebuild,
931     +files/2.4.26-CAN-2004-0394.patch,
932     +files/2.4.26-signal-race.patch,
933     -hardened-sources-2.4.26.ebuild,
934     -hardened-sources-2.4.24-r3.ebuild:
935     Version bump for the CAN-2004-0394 issue and bug #53804
936     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
937    
938    
939 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
940     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
941     Masked hardened-sources-2.4.26.ebuild broken for ppc
942    
943     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
944     hardened-sources-2.4.24-r3.ebuild:
945     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
946 plasmaroo 1.25
947 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
948    
949     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
950     +hardened-sources-2.4.26.ebuild:
951     Updated hardened-sources for the 2.4.26 kernel
952     Removed broken components, updated almost everything.
953    
954 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
955    
956     17 Apr 2004; <plasmaroo@gentoo.org>
957     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
958     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
959     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
960     +hardened-sources-2.4.24-r3.ebuild:
961     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
962     vulnerabilities. Old revisions removed.
963 plasmaroo 1.24
964     *hardened-sources-2.4.24-r2 (15 Apr 2004)
965    
966     15 Apr 2004; <plasmaroo@gentoo.org>
967     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
968     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
969     Version bump for the CAN-2004-0109 issue; bug #47881.
970 aliz 1.23
971     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
972     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
973     Add eutils to inherit.
974 plasmaroo 1.22
975     *hardened-sources-2.4.24-r1 (19 Feb 2004)
976    
977     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
978     files/hardened-sources-2.4.24.munmap.patch:
979     Added the patch for the mremap/munmap vulnerability. Bug #42024.
980 scox 1.19
981 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
982 scox 1.26
983 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
984     hardened-sources-2.4.24.ebuild:
985     Version bump, updated most of the components.
986     This release includes the following:
987    
988     - Hardened security
989     - Netfilter patch-o-matic 20031219
990     - FreeSWAN 2.04 & x509 1.4.8
991     - EVMS 2.2.2
992     - XFS 1.3.1
993     - cryptoloop jari
994     - grsecurity 2.0-rc4
995     - SELinux
996     - PaX 200402060000
997     - PaX Obscurity 200308302223
998     - Others...
999    
1000     Neither -ck nor systrace are included anymore.
1001    
1002 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1003    
1004     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1005     hardened-sources-2.4.22-r2.ebuild:
1006 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1007 scox 1.19
1008     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1009 iggy 1.17
1010     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1011 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1012 iggy 1.16
1013     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1014 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1015     Version bump for the 'do_brk' vulnerability.
1016 iggy 1.15
1017     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1018     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1019     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1020     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1021 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1022 frogger 1.14
1023     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1024     hardened-sources-2.4.22.ebuild:
1025 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1026     components. These are no longer handled in the kernel
1027     so this code was not necessary.
1028 frogger 1.13
1029     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1030     New 2.4.22 based hardened-sources thanks to
1031     Phil West <p.west@computer.org>.
1032    
1033     These sources include:
1034 plasmaroo 1.18 - New SELinux API
1035     - Updated CK-base
1036     - Updated GRSec
1037     - Systrace
1038     - SuperFreeS/WAN 1.99.8
1039     - Propolice kernel build support
1040     - EVMS
1041     - Other various security related patches
1042 frogger 1.11
1043 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1044    
1045     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1046     Updated hardened-sources based on the 2.4.21 Linux kernel.
1047     This includes updates to most major components such as:
1048 plasmaroo 1.18 - ck-base-0306300059
1049     - selinux-2.4-2003071106
1050     - grsecurity-2.0-rc1
1051     - Updated IPTables patch-o-matic
1052     - Updated SuperFreeS/WAN
1053    
1054 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1055     updated patch set ready for the 2.4.21 based kernel.
1056    
1057 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1058     Initial import of hardened-sources-2.4.20-r4. This revision
1059     includes only a few changes, but one of these is an important
1060     security fix. It is recommended all users of hardened-sources
1061     upgrade to this release.
1062 plasmaroo 1.18
1063 frogger 1.11 - ioperm bug fix
1064     - fixed compilation failure when building without GRSec
1065 plasmaroo 1.18
1066 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1067     due to time constraints, but is planned for inclusion in the near
1068     future.
1069 msterret 1.10
1070     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1071    
1072     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1073     hardened-sources-2.4.20-r3.ebuild:
1074 plasmaroo 1.18 Add Header...
1075 frogger 1.9
1076     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1077     hardened-sources-2.4.20-r3.ebuild:
1078     Removed warnings from ebuild. This kernel should be safe to
1079     use at this point.
1080 frogger 1.8
1081     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1082    
1083     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1084     hardened-sources-2.4.20-r3.ebuild:
1085     New revision. Includes the following changes over -r2:
1086 plasmaroo 1.18
1087 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1088     - Super FreeS/WAN 1.99.7rc2
1089     - PaX for the LSM/SELinux branch
1090     - GRSecurity 2.0-pre4 (role based access control)
1091     - Systrace 1.3
1092     - EXT3 fixes
1093     - EVMS 2.0.1
1094     - GCC 3.1+ compile optimizations
1095     - ProPolice kernel build support
1096     - Hashing table security fixes
1097 frogger 1.3
1098     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1099 frogger 1.7
1100     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1101     Initial import of hardened-sources-r2. This new
1102     ebuild includes many new performance and security
1103     related patches. As in -r1, it will patch in
1104     LSM/SELinux if "selinux" is in USE, otherwise it
1105     will patch in GRSecurity. The following patches
1106     are included in this revision:
1107 plasmaroo 1.18
1108 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1109     (pulled from the base CK patch)
1110     - ptrace exploit patch for the LSM kernel
1111     (the GRSec patch already fixes this)
1112     - LSM 2.4-2003040709
1113     - SELinux 2.4-2003040709
1114     - Systrace v1.2
1115     - IPTables patch-o-matic base patches - 20030107
1116     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1117     - Super FreeS/WAN 1.99.6.1
1118     - GRSecurity 1.9.9g
1119     - MPPE
1120     - EXT3 data journal fix
1121     - CIPE 1.5.4
1122 frogger 1.6
1123     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1124     hardened-sources-2.4.20-r1.ebuild, manifest:
1125 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1126 frogger 1.5
1127     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1128     hardened-sources-2.4.20-r1.ebuild:
1129     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1130     is patched in instead. Ptrace patches for selinux have also been added. In
1131     either case, systrace support will be patched in as well.
1132 frogger 1.3
1133     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1134     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1135 plasmaroo 1.18 Revision bump for new sources.
1136 frogger 1.4
1137 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1138 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1139 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1140 method 1.1
1141 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1142    
1143 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1144     hardened-sources-2.4.20.ebuild:
1145 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20