/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.187 - (hide annotations) (download)
Sun Sep 30 21:08:53 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.186: +6 -1 lines
Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of Mike Doty).
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.187 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.186 2007/09/26 22:34:30 phreak Exp $
4    
5     30 Sep 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.20-r10.ebuild:
7     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
8     Mike Doty).
9 phreak 1.186
10     *hardened-sources-2.6.22-r6 (26 Sep 2007)
11    
12     26 Sep 2007; Christian Heim <phreak@gentoo.org>
13     +hardened-sources-2.6.22-r6.ebuild:
14     Revision bump, grabbing up till Linux 2.6.22.9.
15 phreak 1.185
16     24 Sep 2007; Christian Heim <phreak@gentoo.org>
17     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
18     Cleaning up further.
19 phreak 1.184
20     *hardened-sources-2.6.20-r10 (24 Sep 2007)
21    
22     24 Sep 2007; Christian Heim <phreak@gentoo.org>
23     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
24     +hardened-sources-2.6.20-r10.ebuild:
25     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
26     revisions.
27 phreak 1.183
28     *hardened-sources-2.6.22-r5 (22 Sep 2007)
29    
30     22 Sep 2007; Christian Heim <phreak@gentoo.org>
31     +hardened-sources-2.6.22-r5.ebuild:
32     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
33 phreak 1.182
34     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
35     Removing johnm from metadata.xml (see #186467 for reference).
36 phreak 1.181
37     *hardened-sources-2.6.22-r4 (17 Sep 2007)
38    
39     17 Sep 2007; Christian Heim <phreak@gentoo.org>
40     +hardened-sources-2.6.22-r4.ebuild:
41     Revision bump, hopefully fixing all those weird PAX failures.
42 phreak 1.180
43     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
44     Updating the metadata.xml.
45 phreak 1.179
46     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
47     Removing tocharian from metadata due to his retirement (see #71718 for
48     reference).
49 phreak 1.178
50     *hardened-sources-2.6.20-r9 (30 Aug 2007)
51    
52     30 Aug 2007; Christian Heim <phreak@gentoo.org>
53     +hardened-sources-2.6.20-r9.ebuild:
54     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
55 phreak 1.177
56     29 Aug 2007; Christian Heim <phreak@gentoo.org>
57     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
58     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
59     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
60     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
61     -hardened-sources-2.6.22-r2.ebuild:
62     Removing some redundant versions.
63 phreak 1.176
64     *hardened-sources-2.4.35-r1 (29 Aug 2007)
65    
66     29 Aug 2007; Christian Heim <phreak@gentoo.org>
67     +hardened-sources-2.4.35-r1.ebuild:
68     Revision bump, new grsecurity patch.
69 phreak 1.175
70     *hardened-sources-2.6.20-r8 (26 Aug 2007)
71    
72     26 Aug 2007; Christian Heim <phreak@gentoo.org>
73     +hardened-sources-2.6.20-r8.ebuild:
74     Revision bump for Linux 2.6.20.17.
75 phreak 1.174
76     *hardened-sources-2.6.22-r3 (22 Aug 2007)
77    
78     22 Aug 2007; Christian Heim <phreak@gentoo.org>
79     +hardened-sources-2.6.22-r3.ebuild:
80     Revision bump for Linux 2.6.22.4.
81 phreak 1.173
82     16 Aug 2007; Christian Heim <phreak@gentoo.org>
83     hardened-sources-2.6.22-r2.ebuild:
84     Updated patchset, to fix the alignment against 2.6.22.3.
85 phreak 1.172
86     *hardened-sources-2.6.22-r2 (16 Aug 2007)
87    
88     16 Aug 2007; Christian Heim <phreak@gentoo.org>
89     +hardened-sources-2.6.22-r2.ebuild:
90     Revision bump for Linux 2.6.22.3.
91 phreak 1.171
92     *hardened-sources-2.4.35 (16 Aug 2007)
93    
94     16 Aug 2007; Christian Heim <phreak@gentoo.org>
95     +hardened-sources-2.4.35.ebuild:
96     Version bump, initial version for Linux 2.4.35.
97 phreak 1.170
98     *hardened-sources-2.6.21-r4 (16 Aug 2007)
99    
100     16 Aug 2007; Christian Heim <phreak@gentoo.org>
101     +hardened-sources-2.6.21-r4.ebuild:
102     Revision bump for Linux 2.6.21.6.
103 phreak 1.169
104     *hardened-sources-2.6.20-r7 (16 Aug 2007)
105    
106     16 Aug 2007; Christian Heim <phreak@gentoo.org>
107     +hardened-sources-2.6.20-r7.ebuild:
108     Revision bump for Linux 2.6.20.16.
109 phreak 1.168
110     *hardened-sources-2.6.22-r1 (13 Aug 2007)
111    
112     13 Aug 2007; Christian Heim <phreak@gentoo.org>
113     +hardened-sources-2.6.22-r1.ebuild:
114     Yet another revision bump.
115 phreak 1.167
116     *hardened-sources-2.6.22 (10 Aug 2007)
117    
118     10 Aug 2007; Christian Heim <phreak@gentoo.org>
119     +hardened-sources-2.6.22.ebuild:
120     Initial release for 2.6.22. If you are using hardened-sources on a desktop
121     machine (P4 or newer), be aware you might need to disable
122     CONFIG_PAX_PAGEEXEC.
123 phreak 1.166
124     04 Aug 2007; Christian Heim <phreak@gentoo.org>
125     hardened-sources-2.6.20-r6.ebuild:
126     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
127     2.6.20.15.
128 phreak 1.165
129     10 Jul 2007; Christian Heim <phreak@gentoo.org>
130     hardened-sources-2.6.20-r5.ebuild:
131     Marking hardened-sources-2.6.20-r5 stable on ppc.
132 phreak 1.164
133     10 Jul 2007; Christian Heim <phreak@gentoo.org>
134     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
135     Cleanup.
136 phreak 1.163
137     *hardened-sources-2.6.20-r6 (08 Jul 2007)
138    
139     08 Jul 2007; Christian Heim <phreak@gentoo.org>
140     +hardened-sources-2.6.20-r6.ebuild:
141     Revision bump, grabbing yet another stable release.
142 phreak 1.162
143     17 Jun 2007; Christian Heim <phreak@gentoo.org>
144     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
145     -hardened-sources-2.6.21-r2.ebuild:
146     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
147     alpha stable KEYWORD by mistake.
148 phreak 1.161
149     17 Jun 2007; Christian Heim <phreak@gentoo.org>
150     hardened-sources-2.6.20-r5.ebuild:
151     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
152     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
153 phreak 1.160
154     *hardened-sources-2.6.21-r3 (12 Jun 2007)
155    
156     12 Jun 2007; Christian Heim <phreak@gentoo.org>
157     +hardened-sources-2.6.21-r3.ebuild:
158     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
159     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
160     love.
161 phreak 1.159
162     *hardened-sources-2.6.20-r5 (11 Jun 2007)
163    
164     11 Jun 2007; Christian Heim <phreak@gentoo.org>
165     +hardened-sources-2.6.20-r5.ebuild:
166     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
167     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
168     love.
169 pappy 1.158
170     *hardened-sources-2.4.34.5 (11 Jun 2007)
171    
172     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
173     +hardened-sources-2.4.34.5.ebuild:
174     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
175 phreak 1.157
176     30 May 2007; Christian Heim <phreak@gentoo.org>
177     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
178     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
179     stale ebuild(s).
180 phreak 1.156
181     30 May 2007; Christian Heim <phreak@gentoo.org>
182     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
183     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
184     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
185     Doing some cleanups, remove stale ebuilds.
186 phreak 1.155
187     26 May 2007; Christian Heim <phreak@gentoo.org>
188     hardened-sources-2.6.21-r2.ebuild:
189     Fixing the grsecurity patch, had one '};' too much.
190 phreak 1.154
191     *hardened-sources-2.6.21-r2 (26 May 2007)
192    
193     26 May 2007; Christian Heim <phreak@gentoo.org>
194     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
195     +hardened-sources-2.6.21-r2.ebuild:
196     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
197     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
198 phreak 1.153
199     *hardened-sources-2.6.20-r4 (26 May 2007)
200    
201     26 May 2007; Christian Heim <phreak@gentoo.org>
202     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
203     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
204 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
205 phreak 1.152
206     15 May 2007; Christian Heim <phreak@gentoo.org>
207     hardened-sources-2.6.20-r3.ebuild:
208     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
209     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
210     grsecurity patch fail in that exact same hunk.
211 phreak 1.151
212     *hardened-sources-2.6.20-r3 (15 May 2007)
213    
214     15 May 2007; Christian Heim <phreak@gentoo.org>
215     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
216     Revision bump, incorporating Linux 2.6.20.11.
217    
218     *hardened-sources-2.6.21-r1 (11 May 2007)
219    
220     11 May 2007; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.6.21-r1.ebuild:
222     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
223     mentioned in #177234.
224 kevquinn 1.150
225     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
226     files/digest-hardened-sources-2.6.21, Manifest:
227     Fix Manifest/digest for linux-2.6.21.tar.bz2
228 phreak 1.149
229     06 May 2007; Christian Heim <phreak@gentoo.org>
230     hardened-sources-2.6.21.ebuild:
231     Bumping the hardened-patches version, needed for the fix for #177234.
232 phreak 1.148
233     *hardened-sources-2.6.21 (02 May 2007)
234    
235     02 May 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.21.ebuild:
237     Version bump, Linux 2.6.21-hardened.
238 phreak 1.147
239     29 Apr 2007; Christian Heim <phreak@gentoo.org>
240     hardened-sources-2.6.20-r2.ebuild:
241     Adding ~ia64 on Ned's request.
242 phreak 1.146
243     29 Apr 2007; Christian Heim <phreak@gentoo.org>
244     hardened-sources-2.6.20-r2.ebuild:
245     Fixing the included grsecurity patch, wasn't alligning due to the Index:
246     header line(s).
247 phreak 1.145
248     29 Apr 2007; Christian Heim <phreak@gentoo.org>
249     hardened-sources-2.6.20-r2.ebuild:
250     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
251 armin76 1.144
252     *hardened-sources-2.6.20-r2 (10 Apr 2007)
253    
254     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
255     +hardened-sources-2.6.20-r2.ebuild:
256     Version bump, on behalf of phreak
257 phreak 1.143
258     *hardened-sources-2.6.20-r1 (04 Apr 2007)
259    
260     04 Apr 2007; Christian Heim <phreak@gentoo.org>
261     +hardened-sources-2.6.20-r1.ebuild:
262     Revision bump, grabbing a newer grsecurity snapshot.
263 phreak 1.142
264     *hardened-sources-2.6.20 (25 Mar 2007)
265    
266     25 Mar 2007; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.20.ebuild:
268     Finally a hardened-sources version for 2.6.20; many people have been waiting
269     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
270     testbox.
271 chainsaw 1.141
272     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
273     hardened-sources-2.6.18-r6.ebuild:
274     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
275 phreak 1.140
276     *hardened-sources-2.6.18-r6 (16 Mar 2007)
277    
278     16 Mar 2007; Christian Heim <phreak@gentoo.org>
279     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
280     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
281     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
282     supposed to be.
283 phreak 1.139
284     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
285     Fixing the Manifest, the previous one was broken (as in still had the
286     deleted ebuild in it).
287 phreak 1.138
288     06 Mar 2007; Christian Heim <phreak@gentoo.org>
289     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
290     +hardened-sources-2.6.18-r5.ebuild:
291     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
292     Linux 2.6.18.8. Also cleaning up the older version.
293    
294     *hardened-sources-2.6.18-r5 (06 Mar 2007)
295    
296     06 Mar 2007; Christian Heim <phreak@gentoo.org>
297     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
298     +hardened-sources-2.6.18-r5.ebuild:
299     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
300     Linux 2.6.18.8. Also cleaning up the older version.
301 phreak 1.137
302     24 Feb 2007; Christian Heim <phreak@gentoo.org>
303     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
304     -hardened-sources-2.6.19-r5.ebuild:
305     Removing some of the old version, that didn't work.
306 phreak 1.136
307     *hardened-sources-2.6.19-r6 (12 Feb 2007)
308    
309     12 Feb 2007; Christian Heim <phreak@gentoo.org>
310     +hardened-sources-2.6.19-r6.ebuild:
311     Revision bump, including a new grsec version fixing #166235.
312 pappy 1.134
313     *hardened-sources-2.4.34 (24 Jan 2007)
314    
315     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
316 pappy 1.135 Manifest:
317     updating Manifest with checksums of new tarball and ebuild
318    
319     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
320 pappy 1.134 +hardened-sources-2.4.34.ebuild:
321     I added new hardened sources 2.4 update, this is a critical path
322     security bugfix - all users of h-s are strongly advised
323     to update their existing hardened sources to this version.
324     It contains a fix for a kernel vulnerability that is pertaining
325     to the PaX changes to virtual memory management, possibly leading
326     to a local kernel exploit ... see grsecurity.net forums and homepage
327 phreak 1.133
328     23 Jan 2007; Christian Heim <phreak@gentoo.org>
329     files/digest-hardened-sources-2.6.19-r5, Manifest:
330     Fixing the patch-tarball digest.
331 phreak 1.132
332     *hardened-sources-2.6.19-r5 (23 Jan 2007)
333    
334     23 Jan 2007; Christian Heim <phreak@gentoo.org>
335     +hardened-sources-2.6.19-r5.ebuild:
336     Revision bump, closing the recently discovered PaX expand_stack()
337     vulnerability.
338 phreak 1.131
339     *hardened-sources-2.6.19-r4 (14 Jan 2007)
340    
341     14 Jan 2007; Christian Heim <phreak@gentoo.org>
342     +hardened-sources-2.6.19-r4.ebuild:
343     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
344     dropping the randomized PID feature.
345 opfer 1.130
346     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
347     hardened-sources-2.4.33.4.ebuild:
348     stable x86, bug #161171
349 phreak 1.129
350     *hardened-sources-2.6.19-r3 (27 Dec 2006)
351    
352     27 Dec 2006; Christian Heim <phreak@gentoo.org>
353     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
354     Revision bump for bug #157186 and #158786.
355 phreak 1.128
356     *hardened-sources-2.6.18-r4 (27 Dec 2006)
357    
358     27 Dec 2006; Christian Heim <phreak@gentoo.org>
359     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
360     Revision bump for bug #157186.
361 phreak 1.127
362     *hardened-sources-2.6.19-r2 (23 Dec 2006)
363    
364     23 Dec 2006; Christian Heim <phreak@gentoo.org>
365     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
366     Revision bump to pull in genpatches-2.6.19-3 for #157186.
367 phreak 1.126
368     17 Dec 2006; Christian Heim <phreak@gentoo.org>
369     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
370     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
371     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
372     hardened-sources-2.6.19-r1.ebuild:
373     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
374     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
375 pappy 1.125
376     *hardened-sources-2.4.33.4 (17 Dec 2006)
377    
378     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
379     +hardened-sources-2.4.33.4.ebuild:
380     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
381     and quilting
382 phreak 1.124
383     *hardened-sources-2.6.19-r1 (14 Dec 2006)
384    
385     14 Dec 2006; Christian Heim <phreak@gentoo.org>
386     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
387     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
388     for reporting).
389 phreak 1.123
390     *hardened-sources-2.6.19 (13 Dec 2006)
391    
392     13 Dec 2006; Christian Heim <phreak@gentoo.org>
393     +hardened-sources-2.6.19.ebuild:
394     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
395     Brad for providing that prompt update.
396 phreak 1.122
397     *hardened-sources-2.6.18-r3 (13 Dec 2006)
398    
399     13 Dec 2006; Christian Heim <phreak@gentoo.org>
400     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
401     +hardened-sources-2.6.18-r3.ebuild:
402     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
403     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
404 phreak 1.121
405     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
406     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
407 nixnut 1.120
408     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
409     Stable on ppc wrt bug 157356
410 opfer 1.119
411     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
412     hardened-sources-2.6.18.ebuild:
413     stable x86, bug #157356
414 phreak 1.118
415     *hardened-sources-2.6.18-r2 (06 Dec 2006)
416    
417     06 Dec 2006; Christian Heim <phreak@gentoo.org>
418     +hardened-sources-2.6.18-r2.ebuild:
419     Revision bump, including 2.6.18.5 (via genpatches) and
420     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
421     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
422     redesign.
423 phreak 1.117
424     06 Dec 2006; Christian Heim <phreak@gentoo.org>
425     hardened-sources-2.6.18.ebuild:
426     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
427     of Mike Doty).
428 phreak 1.116
429     *hardened-sources-2.6.18-r1 (23 Nov 2006)
430    
431     23 Nov 2006; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.6.18-r1.ebuild:
433     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
434 phreak 1.115
435     *hardened-sources-2.6.18 (11 Nov 2006)
436    
437     11 Nov 2006; Christian Heim <phreak@gentoo.org>
438     +hardened-sources-2.6.18.ebuild:
439     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
440 solar 1.114
441     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
442     - mark amd64 stable also. bug #151877
443 solar 1.113
444     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
445     - mark 2.6.17-r1 stable
446 phreak 1.112
447     27 Aug 2006; Christian Heim <phreak@gentoo.org>
448     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
449     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
450 phreak 1.111
451     *hardened-sources-2.6.17-r1 (26 Aug 2006)
452    
453     26 Aug 2006; Christian Heim <phreak@gentoo.org>
454     +hardened-sources-2.6.17-r1.ebuild:
455     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
456     grsecurity patch.
457 phreak 1.110
458     *hardened-sources-2.6.17 (17 Aug 2006)
459    
460     17 Aug 2006; Christian Heim <phreak@gentoo.org>
461     +hardened-sources-2.6.17.ebuild:
462     Bumping the hardened-sources-2.6 series to 2.6.17, using
463     genpatches-2.6.17-6.base.
464 solar 1.109
465     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
466     - stable on x86 and amd64
467 solar 1.108
468     *hardened-sources-2.6.16-r11 (15 Jul 2006)
469    
470     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
471     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
472     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
473     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
474     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
475     crusty ebuilds
476 johnm 1.107
477     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
478     hardened-sources-2.6.16-r10.ebuild:
479     marking stable on x86 and amd64
480 solar 1.106
481     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
482     - 2.4.32-r6 stable on x86. RSBAC state unknown
483 kang 1.105
484     *hardened-sources-2.4.32-r7 (10 Jul 2006)
485    
486     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
487     +hardened-sources-2.4.32-r7.ebuild:
488     Bump PaX for RSBAC to test-17
489 johnm 1.104
490     *hardened-sources-2.6.16-r9 (03 Jul 2006)
491    
492     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
493     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
494     hardened-sources-2.6.16 bump to latest -base.
495 solar 1.103
496     *hardened-sources-2.4.32-r6 (30 Jun 2006)
497    
498     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
499     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
500     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
501     sysctl controlable resource logging
502 johnm 1.102
503     *hardened-sources-2.6.16-r7 (05 Jun 2006)
504    
505     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
506     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
507     push new 2.6.16 release in preparation for stable
508 solar 1.101
509     22 May 2006; <solar@gentoo.org> :
510     - redigest bug 134002
511 kang 1.100
512     *hardened-sources-2.4.32-r5 (16 May 2006)
513    
514     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
515     +hardened-sources-2.4.32-r5.ebuild:
516     Fixes rsbac common patching (new patch in new -r5 patchset)
517 solar 1.99
518     *hardened-sources-2.4.32-r4 (13 May 2006)
519    
520     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
521     +hardened-sources-2.4.32-r4.ebuild:
522     - security bumps
523 johnm 1.98
524     *hardened-sources-2.6.16-r6 (03 May 2006)
525    
526     03 May 2006; John Mylchreest <johnm@gentoo.org>
527     +hardened-sources-2.6.16-r6.ebuild:
528     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
529 johnm 1.97
530     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
531     hardened-sources-2.6.14-r8.ebuild:
532     fix x86_64 build problem, this will delay the digest issue again for a short
533     while but it will sort itself out
534 johnm 1.96
535     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
536     hardened-sources-2.6.14-r8.ebuild:
537     bump hardened patchset
538 antarus 1.94
539     27 Apr 2006; Alec Warner <antarus@gentoo.org>
540     files/digest-hardened-sources-2.4.32-r2,
541     files/digest-hardened-sources-2.4.32-r3,
542     files/digest-hardened-sources-2.6.14-r8, Manifest:
543     Fixing duff SHA256 digests: Bug # 131293
544 johnm 1.93
545 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
546    
547     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
548     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
549     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
550     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
551     cleanup of old uneccessary sources
552    
553 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
554     fix digest
555 johnm 1.92
556     *hardened-sources-2.6.14-r8 (20 Apr 2006)
557    
558     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
559     +hardened-sources-2.6.14-r8.ebuild:
560     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
561 johnm 1.91
562     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
563     Turning on gpg-signing again, and recomitting
564 johnm 1.90
565     *hardened-sources-2.6.16-r4 (20 Apr 2006)
566    
567     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
568     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
569     +hardened-sources-2.6.16-r4.ebuild:
570     Fix numerous security vulns
571 solar 1.89
572     *hardened-sources-2.4.32-r3 (16 Apr 2006)
573    
574     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
575     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
576     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
577     - security bump for bug #112791. Removed old ebuilds
578 johnm 1.88
579     *hardened-sources-2.6.16-r3 (15 Apr 2006)
580    
581     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
582     +hardened-sources-2.6.16-r3.ebuild:
583     Removing silly localversion which I missed
584 johnm 1.87
585     *hardened-sources-2.6.14-r7 (14 Apr 2006)
586    
587     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
588     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
589     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
590 johnm 1.86
591     *hardened-sources-2.6.16-r2 (13 Apr 2006)
592    
593     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
594     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
595     +hardened-sources-2.6.16-r2.ebuild:
596     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
597     labels, dropping USERGROUP define fixes, since these were merged mainstream.
598 johnm 1.85
599     *hardened-sources-2.6.16-r1 (11 Apr 2006)
600    
601     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
602     +hardened-sources-2.6.16-r1.ebuild:
603     Bumping to include ppc build fix and 2.6.16.3
604 tsunam 1.84
605     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
606     hardened-sources-2.6.14-r6.ebuild:
607     Stable on x86; bug #127718
608 johnm 1.83
609     *hardened-sources-2.6.16 (31 Mar 2006)
610    
611     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
612     +hardened-sources-2.6.16.ebuild:
613     Bumping to new version of grsec, and kernel base. New squashfs. Based on
614     2.6.16.1
615 cryos 1.82
616     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
617     hardened-sources-2.6.14-r6.ebuild:
618     Stable on amd64, bug 127718.
619 nixnut 1.81
620     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
621     Stable on ppc. Bug #127718
622 johnm 1.80
623     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
624     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
625     -hardened-sources-2.6.14-r4.ebuild:
626     Cleanup.
627 johnm 1.79
628     *hardened-sources-2.6.14-r6 (15 Mar 2006)
629    
630     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
631     +hardened-sources-2.6.14-r6.ebuild:
632     Fixes grsec policy recreation bug and adds a
633     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
634 solar 1.78
635     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
636     - stable on x86
637 hansmi 1.77
638     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
639     hardened-sources-2.6.14-r5.ebuild:
640     Stable on ppc.
641 johnm 1.76
642     *hardened-sources-2.6.14-r5 (01 Feb 2006)
643    
644     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
645     +hardened-sources-2.6.14-r5.ebuild:
646     fixing every known exploit
647 solar 1.75
648     *hardened-sources-2.4.32-r2 (26 Jan 2006)
649    
650     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
651     +hardened-sources-2.4.32-r2.ebuild:
652     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
653 solar 1.74
654     *hardened-sources-2.6.14-r4 (12 Jan 2006)
655    
656     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
657     - version bump for new genpatches which fix up a few sec holes
658 solar 1.73
659     *hardened-sources-2.4.32-r1 (05 Jan 2006)
660    
661     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
662     - revision bump to add misc vital linux kernel security patches.
663 johnm 1.72
664     *hardened-sources-2.6.14-r3 (30 Dec 2005)
665    
666     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
667     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
668     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
669 johnm 1.71
670     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
671     hardened-sources-2.6.14-r2.ebuild:
672     making x86 & amd64 stable following testing.
673 johnm 1.70
674     *hardened-sources-2.6.14-r2 (27 Dec 2005)
675    
676     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
677     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
678     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
679     network hooks.
680 johnm 1.69
681     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
682     hardened-sources-2.6.14-r1.ebuild:
683     bumping to stable early for sec fix on x86 & amd64
684 johnm 1.68
685     *hardened-sources-2.6.14-r1 (05 Dec 2005)
686    
687     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
688     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
689     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
690 solar 1.67
691     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
692     - stable on x86 security bug #114227 CAN-2005-3257
693 kang 1.66
694     *hardened-sources-2.4.32 (19 Nov 2005)
695    
696     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
697     +hardened-sources-2.4.32.ebuild:
698     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
699     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
700     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
701     rsbac >> /etc/portage/package.use)
702 johnm 1.65
703     *hardened-sources-2.6.14 (14 Nov 2005)
704    
705     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
706     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
707     Bumping 2.6 series to 2.6.14.2
708 johnm 1.64
709     *hardened-sources-2.6.13-r2 (20 Oct 2005)
710    
711     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
712     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
713     +hardened-sources-2.6.13-r2.ebuild:
714     Fixes minor build error in ppc.
715 johnm 1.63
716     *hardened-sources-2.6.13-r1 (17 Oct 2005)
717    
718     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
719     +hardened-sources-2.6.13-r1.ebuild:
720     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
721     2.6.13.4, fixes some major amd64 stability problems.
722 johnm 1.62
723     *hardened-sources-2.6.13 (16 Sep 2005)
724    
725     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
726     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
727     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
728     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
729     users should test this thoroughly.
730 solar 1.61
731     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
732     - stable on x86
733 johnm 1.60
734     *hardened-sources-2.6.11-r15 (27 Jun 2005)
735    
736     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
737     +hardened-sources-2.6.11-r15.ebuild:
738     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
739     grsec redefining curr_ip struct.
740 solar 1.59
741     *hardened-sources-2.4.31 (20 Jun 2005)
742    
743     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
744     initial import of 2.4.31 tree
745 johnm 1.58
746     *hardened-sources-2.6.11-r14 (14 Jun 2005)
747    
748     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
749     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
750     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
751     naming scheme to abide by genpatches
752 johnm 1.57
753     *hardened-sources-2.6.11-r13 (18 May 2005)
754    
755     18 May 2005; John Mylchreest <johnm@gentoo.org>
756     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
757     Managed to mangle the Makefile patch from grsec, to miss out the grsec
758     target. sorry about that. Fixes bug #93022
759 johnm 1.56
760     *hardened-sources-2.6.11-r12 (17 May 2005)
761    
762     17 May 2005; John Mylchreest <johnm@gentoo.org>
763     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
764     +hardened-sources-2.6.11-r12.ebuild:
765     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
766     merges in genpatches-base
767 johnm 1.55
768     *hardened-sources-2.6.11-r12 (17 May 2005)
769    
770     17 May 2005; John Mylchreest <johnm@gentoo.org>
771     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
772     +hardened-sources-2.6.11-r12.ebuild:
773     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
774     merges in genpatches-base
775 solar 1.54
776     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
777     -files/2.4.27-cmdline-race.patch,
778     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
779     -files/2.4.28-grsec-binfmt_a.out.patch,
780     -files/2.4.28-grsec-cmdline-race.patch,
781     -files/2.4.28-selinux-binfmt_a.out.patch,
782     -files/2.4.28-selinux-cmdline-race.patch,
783     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
784     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
785     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
786     cleanup..
787 solar 1.53
788     *hardened-sources-2.4.30-r1 (21 Apr 2005)
789    
790     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
791     - disable aout by default
792 solar 1.52
793     *hardened-sources-2.4.30 (18 Apr 2005)
794    
795     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
796     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
797     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
798     use
799 tocharian 1.50
800 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
801    
802     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
803     +hardened-sources-2.4.29.ebuild:
804     New hardened-patches-2.4-29.0 patchball.
805     Removed SELinux support, upgraded GRSecurity to 2.1.4.
806    
807     *hardened-sources-2.4.28-r5 (06 Mar 2005)
808    
809     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
810     +hardened-sources-2.4.28-r5.ebuild:
811     Added a fix for a PaX vulnerability.
812    
813     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
814 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
815     Stable on x86
816 solar 1.49
817     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
818     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
819     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
820     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
821     - fixed/added RDEPEND= in all kernel-2 ebuilds
822 tocharian 1.48
823     *hardened-sources-2.4.28-r4 (21 Jan 2005)
824    
825     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
826     +hardened-sources-2.4.28-r4.ebuild:
827     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
828     backport of neighbour hash updates.
829 tocharian 1.47
830     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
831     hardened-sources-2.4.28-r3.ebuild:
832     Stable on x86
833 tseng 1.46
834     *hardened-sources-2.6.10-r3 (20 Jan 2005)
835    
836     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
837     +hardened-sources-2.6.10-r3.ebuild:
838     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
839     in 2005.0
840 tocharian 1.45
841     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
842     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
843     hardened-sources-2.4.28-r2.ebuild:
844     Mark stable on x86
845 tocharian 1.44
846     *hardened-sources-2.4.28-r3 (17 Jan 2005)
847    
848     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
849     +hardened-sources-2.4.28-r3.ebuild:
850     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
851 tocharian 1.43
852     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
853     hardened-sources-2.4.28.ebuild:
854     Mark stable on x86.
855 tocharian 1.42
856     *hardened-sources-2.4.28-r2 (13 Jan 2005)
857    
858     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
859     +hardened-sources-2.4.28-r2.ebuild:
860     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
861     Mazinger for grsecurity patches as well.
862 plasmaroo 1.41
863     *hardened-sources-2.4.28-r1 (23 Dec 2004)
864    
865     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
866     Security bump. Thank tocharian for rolling a new patchset...
867 solar 1.40
868     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
869     +files/2.4.28-grsec-cmdline-race.patch,
870     +files/2.4.28-selinux-binfmt_a.out.patch,
871     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
872     - Round up remaining security patches that appear to be missing in 2.4.28. -
873     PaX standalone updated to current. hgpv=28.1
874 solar 1.39
875     *hardened-sources-2.4.28 (28 Nov 2004)
876    
877     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
878     security bump. Thank tocharian for rolling a new patchset
879 scox 1.31
880 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
881    
882     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
883     +hardened-sources-2.4.27-r3.ebuild:
884     Applies the new 2.4-27.2 patchball which updates
885     GRSecurity to the 2.0.1 version.
886    
887 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
888    
889     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
890     +hardened-sources-2.4.27-r2.ebuild:
891     Version bump.
892     This version uses the new 2.4-27.1 patchball which updates
893     both the SELinux PaX hooks patch and the SELinux headers.
894    
895 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
896    
897     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
898     +hardened-sources-2.4.27-r1.ebuild,
899     -hardened-sources-2.4.27.ebuild,
900     +files/2.4.27-cmdline-race.patch:
901     Version bump, fix for cmdline race. See bug #59905.
902    
903     *hardened-sources-2.4.26-r6 (09 Aug 2004)
904    
905     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
906     +hardened-sources-2.4.26-r6.ebuild,
907     -hardened-sources-2.4.26-r5.ebuild,
908     -hardened-sources-2.4.26-r4.ebuild,
909     +files/2.4.26-cmdline-race.patch:
910     Version bump, fix for cmdline race. See bug #59905.
911    
912 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
913    
914     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
915     +hardened-sources-2.4.27.ebuild,
916     +files/2.4.27-CAN-2004-0394.patch:
917     Ported the patchball to the 2.4.27 kernel version.
918    
919 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
920    
921     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
922     +hardened-sources-2.4.26-r5.ebuild:
923 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
924 scox 1.34 It adds the following features:
925     - Squashfs
926     - Ebtables
927     - Netdev random (core+drivers)
928     - Watchdog Timer (WDT) fix.
929    
930 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
931    
932     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
933     +hardened-sources-2.4.26-r4.ebuild,
934     +files/2.4.26-CAN-2004-0415.patch,
935     -hardened-sources-2.4.26-3:
936     Version bump, fix for CAN 0415, see bug #59378.
937    
938 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
939    
940     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
941     +hardened-sources-2.4.26-r3.ebuild,
942     +files/2.4.26-CAN-2004-0497.patch,
943     -hardened-sources-2.4.26-r2.ebuild:
944     Version bump, fixed CAN 0497, see bug #56171.
945    
946 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
947    
948     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
949 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
950 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
951     +files/2.4.26-CAN-2004-0535.patch,
952     -hardened-sources-2.4.26-r1.ebuild:
953     Fixes for both CAN 0495 and 0535, see bug #54976
954 pvdabeel 1.27
955 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
956     hardened-sources-2.4.26-r1.ebuild:
957     QA - fix use invocation
958 scox 1.28
959     *hardened-sources-2.4.26-r1 (22 June 2004)
960    
961     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
962     +hardened-sources-2.4.26-r1.ebuild,
963     +files/2.4.26-CAN-2004-0394.patch,
964     +files/2.4.26-signal-race.patch,
965     -hardened-sources-2.4.26.ebuild,
966     -hardened-sources-2.4.24-r3.ebuild:
967     Version bump for the CAN-2004-0394 issue and bug #53804
968     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
969    
970    
971 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
972     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
973     Masked hardened-sources-2.4.26.ebuild broken for ppc
974    
975     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
976     hardened-sources-2.4.24-r3.ebuild:
977     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
978 plasmaroo 1.25
979 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
980    
981     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
982     +hardened-sources-2.4.26.ebuild:
983     Updated hardened-sources for the 2.4.26 kernel
984     Removed broken components, updated almost everything.
985    
986 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
987    
988     17 Apr 2004; <plasmaroo@gentoo.org>
989     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
990     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
991     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
992     +hardened-sources-2.4.24-r3.ebuild:
993     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
994     vulnerabilities. Old revisions removed.
995 plasmaroo 1.24
996     *hardened-sources-2.4.24-r2 (15 Apr 2004)
997    
998     15 Apr 2004; <plasmaroo@gentoo.org>
999     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1000     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1001     Version bump for the CAN-2004-0109 issue; bug #47881.
1002 aliz 1.23
1003     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1004     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1005     Add eutils to inherit.
1006 plasmaroo 1.22
1007     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1008    
1009     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1010     files/hardened-sources-2.4.24.munmap.patch:
1011     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1012 scox 1.19
1013 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1014 scox 1.26
1015 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1016     hardened-sources-2.4.24.ebuild:
1017     Version bump, updated most of the components.
1018     This release includes the following:
1019    
1020     - Hardened security
1021     - Netfilter patch-o-matic 20031219
1022     - FreeSWAN 2.04 & x509 1.4.8
1023     - EVMS 2.2.2
1024     - XFS 1.3.1
1025     - cryptoloop jari
1026     - grsecurity 2.0-rc4
1027     - SELinux
1028     - PaX 200402060000
1029     - PaX Obscurity 200308302223
1030     - Others...
1031    
1032     Neither -ck nor systrace are included anymore.
1033    
1034 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1035    
1036     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1037     hardened-sources-2.4.22-r2.ebuild:
1038 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1039 scox 1.19
1040     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1041 iggy 1.17
1042     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1043 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1044 iggy 1.16
1045     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1046 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1047     Version bump for the 'do_brk' vulnerability.
1048 iggy 1.15
1049     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1050     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1051     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1052     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1053 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1054 frogger 1.14
1055     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1056     hardened-sources-2.4.22.ebuild:
1057 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1058     components. These are no longer handled in the kernel
1059     so this code was not necessary.
1060 frogger 1.13
1061     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1062     New 2.4.22 based hardened-sources thanks to
1063     Phil West <p.west@computer.org>.
1064    
1065     These sources include:
1066 plasmaroo 1.18 - New SELinux API
1067     - Updated CK-base
1068     - Updated GRSec
1069     - Systrace
1070     - SuperFreeS/WAN 1.99.8
1071     - Propolice kernel build support
1072     - EVMS
1073     - Other various security related patches
1074 frogger 1.11
1075 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1076    
1077     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1078     Updated hardened-sources based on the 2.4.21 Linux kernel.
1079     This includes updates to most major components such as:
1080 plasmaroo 1.18 - ck-base-0306300059
1081     - selinux-2.4-2003071106
1082     - grsecurity-2.0-rc1
1083     - Updated IPTables patch-o-matic
1084     - Updated SuperFreeS/WAN
1085    
1086 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1087     updated patch set ready for the 2.4.21 based kernel.
1088    
1089 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1090     Initial import of hardened-sources-2.4.20-r4. This revision
1091     includes only a few changes, but one of these is an important
1092     security fix. It is recommended all users of hardened-sources
1093     upgrade to this release.
1094 plasmaroo 1.18
1095 frogger 1.11 - ioperm bug fix
1096     - fixed compilation failure when building without GRSec
1097 plasmaroo 1.18
1098 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1099     due to time constraints, but is planned for inclusion in the near
1100     future.
1101 msterret 1.10
1102     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1103    
1104     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1105     hardened-sources-2.4.20-r3.ebuild:
1106 plasmaroo 1.18 Add Header...
1107 frogger 1.9
1108     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1109     hardened-sources-2.4.20-r3.ebuild:
1110     Removed warnings from ebuild. This kernel should be safe to
1111     use at this point.
1112 frogger 1.8
1113     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1114    
1115     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1116     hardened-sources-2.4.20-r3.ebuild:
1117     New revision. Includes the following changes over -r2:
1118 plasmaroo 1.18
1119 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1120     - Super FreeS/WAN 1.99.7rc2
1121     - PaX for the LSM/SELinux branch
1122     - GRSecurity 2.0-pre4 (role based access control)
1123     - Systrace 1.3
1124     - EXT3 fixes
1125     - EVMS 2.0.1
1126     - GCC 3.1+ compile optimizations
1127     - ProPolice kernel build support
1128     - Hashing table security fixes
1129 frogger 1.3
1130     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1131 frogger 1.7
1132     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1133     Initial import of hardened-sources-r2. This new
1134     ebuild includes many new performance and security
1135     related patches. As in -r1, it will patch in
1136     LSM/SELinux if "selinux" is in USE, otherwise it
1137     will patch in GRSecurity. The following patches
1138     are included in this revision:
1139 plasmaroo 1.18
1140 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1141     (pulled from the base CK patch)
1142     - ptrace exploit patch for the LSM kernel
1143     (the GRSec patch already fixes this)
1144     - LSM 2.4-2003040709
1145     - SELinux 2.4-2003040709
1146     - Systrace v1.2
1147     - IPTables patch-o-matic base patches - 20030107
1148     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1149     - Super FreeS/WAN 1.99.6.1
1150     - GRSecurity 1.9.9g
1151     - MPPE
1152     - EXT3 data journal fix
1153     - CIPE 1.5.4
1154 frogger 1.6
1155     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1156     hardened-sources-2.4.20-r1.ebuild, manifest:
1157 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1158 frogger 1.5
1159     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1160     hardened-sources-2.4.20-r1.ebuild:
1161     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1162     is patched in instead. Ptrace patches for selinux have also been added. In
1163     either case, systrace support will be patched in as well.
1164 frogger 1.3
1165     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1166     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1167 plasmaroo 1.18 Revision bump for new sources.
1168 frogger 1.4
1169 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1170 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1171 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1172 method 1.1
1173 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1174    
1175 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1176     hardened-sources-2.4.20.ebuild:
1177 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20