/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.190 - (hide annotations) (download)
Thu Oct 11 00:17:30 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.189: +5 -1 lines
Pulling in yet another new genpatches version, fixing the PWC bug for real.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.190 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.189 2007/10/04 18:13:52 phreak Exp $
4    
5     11 Oct 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.20-r10.ebuild:
7     Pulling in yet another new genpatches version, fixing the PWC bug for real.
8 phreak 1.189
9     04 Oct 2007; Christian Heim <phreak@gentoo.org>
10     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
11     Removing old versions.
12 phreak 1.188
13     *hardened-sources-2.6.22-r7 (01 Oct 2007)
14    
15     01 Oct 2007; Christian Heim <phreak@gentoo.org>
16     +hardened-sources-2.6.22-r7.ebuild:
17     Revision bump, pulling in a newer patch. Should fix #194276.
18 phreak 1.187
19     30 Sep 2007; Christian Heim <phreak@gentoo.org>
20     hardened-sources-2.6.20-r10.ebuild:
21     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
22     Mike Doty).
23 phreak 1.186
24     *hardened-sources-2.6.22-r6 (26 Sep 2007)
25    
26     26 Sep 2007; Christian Heim <phreak@gentoo.org>
27     +hardened-sources-2.6.22-r6.ebuild:
28     Revision bump, grabbing up till Linux 2.6.22.9.
29 phreak 1.185
30     24 Sep 2007; Christian Heim <phreak@gentoo.org>
31     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
32     Cleaning up further.
33 phreak 1.184
34     *hardened-sources-2.6.20-r10 (24 Sep 2007)
35    
36     24 Sep 2007; Christian Heim <phreak@gentoo.org>
37     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
38     +hardened-sources-2.6.20-r10.ebuild:
39     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
40     revisions.
41 phreak 1.183
42     *hardened-sources-2.6.22-r5 (22 Sep 2007)
43    
44     22 Sep 2007; Christian Heim <phreak@gentoo.org>
45     +hardened-sources-2.6.22-r5.ebuild:
46     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
47 phreak 1.182
48     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
49     Removing johnm from metadata.xml (see #186467 for reference).
50 phreak 1.181
51     *hardened-sources-2.6.22-r4 (17 Sep 2007)
52    
53     17 Sep 2007; Christian Heim <phreak@gentoo.org>
54     +hardened-sources-2.6.22-r4.ebuild:
55     Revision bump, hopefully fixing all those weird PAX failures.
56 phreak 1.180
57     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
58     Updating the metadata.xml.
59 phreak 1.179
60     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
61     Removing tocharian from metadata due to his retirement (see #71718 for
62     reference).
63 phreak 1.178
64     *hardened-sources-2.6.20-r9 (30 Aug 2007)
65    
66     30 Aug 2007; Christian Heim <phreak@gentoo.org>
67     +hardened-sources-2.6.20-r9.ebuild:
68     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
69 phreak 1.177
70     29 Aug 2007; Christian Heim <phreak@gentoo.org>
71     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
72     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
73     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
74     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
75     -hardened-sources-2.6.22-r2.ebuild:
76     Removing some redundant versions.
77 phreak 1.176
78     *hardened-sources-2.4.35-r1 (29 Aug 2007)
79    
80     29 Aug 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.4.35-r1.ebuild:
82     Revision bump, new grsecurity patch.
83 phreak 1.175
84     *hardened-sources-2.6.20-r8 (26 Aug 2007)
85    
86     26 Aug 2007; Christian Heim <phreak@gentoo.org>
87     +hardened-sources-2.6.20-r8.ebuild:
88     Revision bump for Linux 2.6.20.17.
89 phreak 1.174
90     *hardened-sources-2.6.22-r3 (22 Aug 2007)
91    
92     22 Aug 2007; Christian Heim <phreak@gentoo.org>
93     +hardened-sources-2.6.22-r3.ebuild:
94     Revision bump for Linux 2.6.22.4.
95 phreak 1.173
96     16 Aug 2007; Christian Heim <phreak@gentoo.org>
97     hardened-sources-2.6.22-r2.ebuild:
98     Updated patchset, to fix the alignment against 2.6.22.3.
99 phreak 1.172
100     *hardened-sources-2.6.22-r2 (16 Aug 2007)
101    
102     16 Aug 2007; Christian Heim <phreak@gentoo.org>
103     +hardened-sources-2.6.22-r2.ebuild:
104     Revision bump for Linux 2.6.22.3.
105 phreak 1.171
106     *hardened-sources-2.4.35 (16 Aug 2007)
107    
108     16 Aug 2007; Christian Heim <phreak@gentoo.org>
109     +hardened-sources-2.4.35.ebuild:
110     Version bump, initial version for Linux 2.4.35.
111 phreak 1.170
112     *hardened-sources-2.6.21-r4 (16 Aug 2007)
113    
114     16 Aug 2007; Christian Heim <phreak@gentoo.org>
115     +hardened-sources-2.6.21-r4.ebuild:
116     Revision bump for Linux 2.6.21.6.
117 phreak 1.169
118     *hardened-sources-2.6.20-r7 (16 Aug 2007)
119    
120     16 Aug 2007; Christian Heim <phreak@gentoo.org>
121     +hardened-sources-2.6.20-r7.ebuild:
122     Revision bump for Linux 2.6.20.16.
123 phreak 1.168
124     *hardened-sources-2.6.22-r1 (13 Aug 2007)
125    
126     13 Aug 2007; Christian Heim <phreak@gentoo.org>
127     +hardened-sources-2.6.22-r1.ebuild:
128     Yet another revision bump.
129 phreak 1.167
130     *hardened-sources-2.6.22 (10 Aug 2007)
131    
132     10 Aug 2007; Christian Heim <phreak@gentoo.org>
133     +hardened-sources-2.6.22.ebuild:
134     Initial release for 2.6.22. If you are using hardened-sources on a desktop
135     machine (P4 or newer), be aware you might need to disable
136     CONFIG_PAX_PAGEEXEC.
137 phreak 1.166
138     04 Aug 2007; Christian Heim <phreak@gentoo.org>
139     hardened-sources-2.6.20-r6.ebuild:
140     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
141     2.6.20.15.
142 phreak 1.165
143     10 Jul 2007; Christian Heim <phreak@gentoo.org>
144     hardened-sources-2.6.20-r5.ebuild:
145     Marking hardened-sources-2.6.20-r5 stable on ppc.
146 phreak 1.164
147     10 Jul 2007; Christian Heim <phreak@gentoo.org>
148     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
149     Cleanup.
150 phreak 1.163
151     *hardened-sources-2.6.20-r6 (08 Jul 2007)
152    
153     08 Jul 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.6.20-r6.ebuild:
155     Revision bump, grabbing yet another stable release.
156 phreak 1.162
157     17 Jun 2007; Christian Heim <phreak@gentoo.org>
158     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
159     -hardened-sources-2.6.21-r2.ebuild:
160     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
161     alpha stable KEYWORD by mistake.
162 phreak 1.161
163     17 Jun 2007; Christian Heim <phreak@gentoo.org>
164     hardened-sources-2.6.20-r5.ebuild:
165     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
166     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
167 phreak 1.160
168     *hardened-sources-2.6.21-r3 (12 Jun 2007)
169    
170     12 Jun 2007; Christian Heim <phreak@gentoo.org>
171     +hardened-sources-2.6.21-r3.ebuild:
172     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
173     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
174     love.
175 phreak 1.159
176     *hardened-sources-2.6.20-r5 (11 Jun 2007)
177    
178     11 Jun 2007; Christian Heim <phreak@gentoo.org>
179     +hardened-sources-2.6.20-r5.ebuild:
180     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
181     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
182     love.
183 pappy 1.158
184     *hardened-sources-2.4.34.5 (11 Jun 2007)
185    
186     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
187     +hardened-sources-2.4.34.5.ebuild:
188     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
189 phreak 1.157
190     30 May 2007; Christian Heim <phreak@gentoo.org>
191     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
192     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
193     stale ebuild(s).
194 phreak 1.156
195     30 May 2007; Christian Heim <phreak@gentoo.org>
196     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
197     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
198     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
199     Doing some cleanups, remove stale ebuilds.
200 phreak 1.155
201     26 May 2007; Christian Heim <phreak@gentoo.org>
202     hardened-sources-2.6.21-r2.ebuild:
203     Fixing the grsecurity patch, had one '};' too much.
204 phreak 1.154
205     *hardened-sources-2.6.21-r2 (26 May 2007)
206    
207     26 May 2007; Christian Heim <phreak@gentoo.org>
208     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
209     +hardened-sources-2.6.21-r2.ebuild:
210     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
211     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
212 phreak 1.153
213     *hardened-sources-2.6.20-r4 (26 May 2007)
214    
215     26 May 2007; Christian Heim <phreak@gentoo.org>
216     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
217     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
218 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
219 phreak 1.152
220     15 May 2007; Christian Heim <phreak@gentoo.org>
221     hardened-sources-2.6.20-r3.ebuild:
222     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
223     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
224     grsecurity patch fail in that exact same hunk.
225 phreak 1.151
226     *hardened-sources-2.6.20-r3 (15 May 2007)
227    
228     15 May 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
230     Revision bump, incorporating Linux 2.6.20.11.
231    
232     *hardened-sources-2.6.21-r1 (11 May 2007)
233    
234     11 May 2007; Christian Heim <phreak@gentoo.org>
235     +hardened-sources-2.6.21-r1.ebuild:
236     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
237     mentioned in #177234.
238 kevquinn 1.150
239     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
240     files/digest-hardened-sources-2.6.21, Manifest:
241     Fix Manifest/digest for linux-2.6.21.tar.bz2
242 phreak 1.149
243     06 May 2007; Christian Heim <phreak@gentoo.org>
244     hardened-sources-2.6.21.ebuild:
245     Bumping the hardened-patches version, needed for the fix for #177234.
246 phreak 1.148
247     *hardened-sources-2.6.21 (02 May 2007)
248    
249     02 May 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.21.ebuild:
251     Version bump, Linux 2.6.21-hardened.
252 phreak 1.147
253     29 Apr 2007; Christian Heim <phreak@gentoo.org>
254     hardened-sources-2.6.20-r2.ebuild:
255     Adding ~ia64 on Ned's request.
256 phreak 1.146
257     29 Apr 2007; Christian Heim <phreak@gentoo.org>
258     hardened-sources-2.6.20-r2.ebuild:
259     Fixing the included grsecurity patch, wasn't alligning due to the Index:
260     header line(s).
261 phreak 1.145
262     29 Apr 2007; Christian Heim <phreak@gentoo.org>
263     hardened-sources-2.6.20-r2.ebuild:
264     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
265 armin76 1.144
266     *hardened-sources-2.6.20-r2 (10 Apr 2007)
267    
268     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
269     +hardened-sources-2.6.20-r2.ebuild:
270     Version bump, on behalf of phreak
271 phreak 1.143
272     *hardened-sources-2.6.20-r1 (04 Apr 2007)
273    
274     04 Apr 2007; Christian Heim <phreak@gentoo.org>
275     +hardened-sources-2.6.20-r1.ebuild:
276     Revision bump, grabbing a newer grsecurity snapshot.
277 phreak 1.142
278     *hardened-sources-2.6.20 (25 Mar 2007)
279    
280     25 Mar 2007; Christian Heim <phreak@gentoo.org>
281     +hardened-sources-2.6.20.ebuild:
282     Finally a hardened-sources version for 2.6.20; many people have been waiting
283     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
284     testbox.
285 chainsaw 1.141
286     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
287     hardened-sources-2.6.18-r6.ebuild:
288     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
289 phreak 1.140
290     *hardened-sources-2.6.18-r6 (16 Mar 2007)
291    
292     16 Mar 2007; Christian Heim <phreak@gentoo.org>
293     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
294     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
295     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
296     supposed to be.
297 phreak 1.139
298     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
299     Fixing the Manifest, the previous one was broken (as in still had the
300     deleted ebuild in it).
301 phreak 1.138
302     06 Mar 2007; Christian Heim <phreak@gentoo.org>
303     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
304     +hardened-sources-2.6.18-r5.ebuild:
305     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
306     Linux 2.6.18.8. Also cleaning up the older version.
307    
308     *hardened-sources-2.6.18-r5 (06 Mar 2007)
309    
310     06 Mar 2007; Christian Heim <phreak@gentoo.org>
311     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
312     +hardened-sources-2.6.18-r5.ebuild:
313     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
314     Linux 2.6.18.8. Also cleaning up the older version.
315 phreak 1.137
316     24 Feb 2007; Christian Heim <phreak@gentoo.org>
317     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
318     -hardened-sources-2.6.19-r5.ebuild:
319     Removing some of the old version, that didn't work.
320 phreak 1.136
321     *hardened-sources-2.6.19-r6 (12 Feb 2007)
322    
323     12 Feb 2007; Christian Heim <phreak@gentoo.org>
324     +hardened-sources-2.6.19-r6.ebuild:
325     Revision bump, including a new grsec version fixing #166235.
326 pappy 1.134
327     *hardened-sources-2.4.34 (24 Jan 2007)
328    
329     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
330 pappy 1.135 Manifest:
331     updating Manifest with checksums of new tarball and ebuild
332    
333     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
334 pappy 1.134 +hardened-sources-2.4.34.ebuild:
335     I added new hardened sources 2.4 update, this is a critical path
336     security bugfix - all users of h-s are strongly advised
337     to update their existing hardened sources to this version.
338     It contains a fix for a kernel vulnerability that is pertaining
339     to the PaX changes to virtual memory management, possibly leading
340     to a local kernel exploit ... see grsecurity.net forums and homepage
341 phreak 1.133
342     23 Jan 2007; Christian Heim <phreak@gentoo.org>
343     files/digest-hardened-sources-2.6.19-r5, Manifest:
344     Fixing the patch-tarball digest.
345 phreak 1.132
346     *hardened-sources-2.6.19-r5 (23 Jan 2007)
347    
348     23 Jan 2007; Christian Heim <phreak@gentoo.org>
349     +hardened-sources-2.6.19-r5.ebuild:
350     Revision bump, closing the recently discovered PaX expand_stack()
351     vulnerability.
352 phreak 1.131
353     *hardened-sources-2.6.19-r4 (14 Jan 2007)
354    
355     14 Jan 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.19-r4.ebuild:
357     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
358     dropping the randomized PID feature.
359 opfer 1.130
360     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
361     hardened-sources-2.4.33.4.ebuild:
362     stable x86, bug #161171
363 phreak 1.129
364     *hardened-sources-2.6.19-r3 (27 Dec 2006)
365    
366     27 Dec 2006; Christian Heim <phreak@gentoo.org>
367     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
368     Revision bump for bug #157186 and #158786.
369 phreak 1.128
370     *hardened-sources-2.6.18-r4 (27 Dec 2006)
371    
372     27 Dec 2006; Christian Heim <phreak@gentoo.org>
373     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
374     Revision bump for bug #157186.
375 phreak 1.127
376     *hardened-sources-2.6.19-r2 (23 Dec 2006)
377    
378     23 Dec 2006; Christian Heim <phreak@gentoo.org>
379     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
380     Revision bump to pull in genpatches-2.6.19-3 for #157186.
381 phreak 1.126
382     17 Dec 2006; Christian Heim <phreak@gentoo.org>
383     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
384     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
385     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
386     hardened-sources-2.6.19-r1.ebuild:
387     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
388     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
389 pappy 1.125
390     *hardened-sources-2.4.33.4 (17 Dec 2006)
391    
392     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
393     +hardened-sources-2.4.33.4.ebuild:
394     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
395     and quilting
396 phreak 1.124
397     *hardened-sources-2.6.19-r1 (14 Dec 2006)
398    
399     14 Dec 2006; Christian Heim <phreak@gentoo.org>
400     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
401     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
402     for reporting).
403 phreak 1.123
404     *hardened-sources-2.6.19 (13 Dec 2006)
405    
406     13 Dec 2006; Christian Heim <phreak@gentoo.org>
407     +hardened-sources-2.6.19.ebuild:
408     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
409     Brad for providing that prompt update.
410 phreak 1.122
411     *hardened-sources-2.6.18-r3 (13 Dec 2006)
412    
413     13 Dec 2006; Christian Heim <phreak@gentoo.org>
414     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
415     +hardened-sources-2.6.18-r3.ebuild:
416     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
417     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
418 phreak 1.121
419     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
420     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
421 nixnut 1.120
422     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
423     Stable on ppc wrt bug 157356
424 opfer 1.119
425     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
426     hardened-sources-2.6.18.ebuild:
427     stable x86, bug #157356
428 phreak 1.118
429     *hardened-sources-2.6.18-r2 (06 Dec 2006)
430    
431     06 Dec 2006; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.6.18-r2.ebuild:
433     Revision bump, including 2.6.18.5 (via genpatches) and
434     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
435     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
436     redesign.
437 phreak 1.117
438     06 Dec 2006; Christian Heim <phreak@gentoo.org>
439     hardened-sources-2.6.18.ebuild:
440     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
441     of Mike Doty).
442 phreak 1.116
443     *hardened-sources-2.6.18-r1 (23 Nov 2006)
444    
445     23 Nov 2006; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.6.18-r1.ebuild:
447     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
448 phreak 1.115
449     *hardened-sources-2.6.18 (11 Nov 2006)
450    
451     11 Nov 2006; Christian Heim <phreak@gentoo.org>
452     +hardened-sources-2.6.18.ebuild:
453     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
454 solar 1.114
455     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
456     - mark amd64 stable also. bug #151877
457 solar 1.113
458     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
459     - mark 2.6.17-r1 stable
460 phreak 1.112
461     27 Aug 2006; Christian Heim <phreak@gentoo.org>
462     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
463     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
464 phreak 1.111
465     *hardened-sources-2.6.17-r1 (26 Aug 2006)
466    
467     26 Aug 2006; Christian Heim <phreak@gentoo.org>
468     +hardened-sources-2.6.17-r1.ebuild:
469     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
470     grsecurity patch.
471 phreak 1.110
472     *hardened-sources-2.6.17 (17 Aug 2006)
473    
474     17 Aug 2006; Christian Heim <phreak@gentoo.org>
475     +hardened-sources-2.6.17.ebuild:
476     Bumping the hardened-sources-2.6 series to 2.6.17, using
477     genpatches-2.6.17-6.base.
478 solar 1.109
479     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
480     - stable on x86 and amd64
481 solar 1.108
482     *hardened-sources-2.6.16-r11 (15 Jul 2006)
483    
484     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
485     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
486     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
487     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
488     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
489     crusty ebuilds
490 johnm 1.107
491     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
492     hardened-sources-2.6.16-r10.ebuild:
493     marking stable on x86 and amd64
494 solar 1.106
495     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
496     - 2.4.32-r6 stable on x86. RSBAC state unknown
497 kang 1.105
498     *hardened-sources-2.4.32-r7 (10 Jul 2006)
499    
500     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
501     +hardened-sources-2.4.32-r7.ebuild:
502     Bump PaX for RSBAC to test-17
503 johnm 1.104
504     *hardened-sources-2.6.16-r9 (03 Jul 2006)
505    
506     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
507     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
508     hardened-sources-2.6.16 bump to latest -base.
509 solar 1.103
510     *hardened-sources-2.4.32-r6 (30 Jun 2006)
511    
512     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
513     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
514     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
515     sysctl controlable resource logging
516 johnm 1.102
517     *hardened-sources-2.6.16-r7 (05 Jun 2006)
518    
519     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
520     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
521     push new 2.6.16 release in preparation for stable
522 solar 1.101
523     22 May 2006; <solar@gentoo.org> :
524     - redigest bug 134002
525 kang 1.100
526     *hardened-sources-2.4.32-r5 (16 May 2006)
527    
528     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
529     +hardened-sources-2.4.32-r5.ebuild:
530     Fixes rsbac common patching (new patch in new -r5 patchset)
531 solar 1.99
532     *hardened-sources-2.4.32-r4 (13 May 2006)
533    
534     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
535     +hardened-sources-2.4.32-r4.ebuild:
536     - security bumps
537 johnm 1.98
538     *hardened-sources-2.6.16-r6 (03 May 2006)
539    
540     03 May 2006; John Mylchreest <johnm@gentoo.org>
541     +hardened-sources-2.6.16-r6.ebuild:
542     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
543 johnm 1.97
544     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
545     hardened-sources-2.6.14-r8.ebuild:
546     fix x86_64 build problem, this will delay the digest issue again for a short
547     while but it will sort itself out
548 johnm 1.96
549     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
550     hardened-sources-2.6.14-r8.ebuild:
551     bump hardened patchset
552 antarus 1.94
553     27 Apr 2006; Alec Warner <antarus@gentoo.org>
554     files/digest-hardened-sources-2.4.32-r2,
555     files/digest-hardened-sources-2.4.32-r3,
556     files/digest-hardened-sources-2.6.14-r8, Manifest:
557     Fixing duff SHA256 digests: Bug # 131293
558 johnm 1.93
559 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
560    
561     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
562     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
563     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
564     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
565     cleanup of old uneccessary sources
566    
567 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
568     fix digest
569 johnm 1.92
570     *hardened-sources-2.6.14-r8 (20 Apr 2006)
571    
572     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
573     +hardened-sources-2.6.14-r8.ebuild:
574     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
575 johnm 1.91
576     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
577     Turning on gpg-signing again, and recomitting
578 johnm 1.90
579     *hardened-sources-2.6.16-r4 (20 Apr 2006)
580    
581     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
582     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
583     +hardened-sources-2.6.16-r4.ebuild:
584     Fix numerous security vulns
585 solar 1.89
586     *hardened-sources-2.4.32-r3 (16 Apr 2006)
587    
588     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
589     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
590     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
591     - security bump for bug #112791. Removed old ebuilds
592 johnm 1.88
593     *hardened-sources-2.6.16-r3 (15 Apr 2006)
594    
595     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
596     +hardened-sources-2.6.16-r3.ebuild:
597     Removing silly localversion which I missed
598 johnm 1.87
599     *hardened-sources-2.6.14-r7 (14 Apr 2006)
600    
601     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
602     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
603     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
604 johnm 1.86
605     *hardened-sources-2.6.16-r2 (13 Apr 2006)
606    
607     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
608     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
609     +hardened-sources-2.6.16-r2.ebuild:
610     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
611     labels, dropping USERGROUP define fixes, since these were merged mainstream.
612 johnm 1.85
613     *hardened-sources-2.6.16-r1 (11 Apr 2006)
614    
615     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
616     +hardened-sources-2.6.16-r1.ebuild:
617     Bumping to include ppc build fix and 2.6.16.3
618 tsunam 1.84
619     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
620     hardened-sources-2.6.14-r6.ebuild:
621     Stable on x86; bug #127718
622 johnm 1.83
623     *hardened-sources-2.6.16 (31 Mar 2006)
624    
625     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
626     +hardened-sources-2.6.16.ebuild:
627     Bumping to new version of grsec, and kernel base. New squashfs. Based on
628     2.6.16.1
629 cryos 1.82
630     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
631     hardened-sources-2.6.14-r6.ebuild:
632     Stable on amd64, bug 127718.
633 nixnut 1.81
634     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
635     Stable on ppc. Bug #127718
636 johnm 1.80
637     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
638     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
639     -hardened-sources-2.6.14-r4.ebuild:
640     Cleanup.
641 johnm 1.79
642     *hardened-sources-2.6.14-r6 (15 Mar 2006)
643    
644     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
645     +hardened-sources-2.6.14-r6.ebuild:
646     Fixes grsec policy recreation bug and adds a
647     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
648 solar 1.78
649     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
650     - stable on x86
651 hansmi 1.77
652     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
653     hardened-sources-2.6.14-r5.ebuild:
654     Stable on ppc.
655 johnm 1.76
656     *hardened-sources-2.6.14-r5 (01 Feb 2006)
657    
658     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
659     +hardened-sources-2.6.14-r5.ebuild:
660     fixing every known exploit
661 solar 1.75
662     *hardened-sources-2.4.32-r2 (26 Jan 2006)
663    
664     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
665     +hardened-sources-2.4.32-r2.ebuild:
666     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
667 solar 1.74
668     *hardened-sources-2.6.14-r4 (12 Jan 2006)
669    
670     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
671     - version bump for new genpatches which fix up a few sec holes
672 solar 1.73
673     *hardened-sources-2.4.32-r1 (05 Jan 2006)
674    
675     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
676     - revision bump to add misc vital linux kernel security patches.
677 johnm 1.72
678     *hardened-sources-2.6.14-r3 (30 Dec 2005)
679    
680     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
681     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
682     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
683 johnm 1.71
684     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
685     hardened-sources-2.6.14-r2.ebuild:
686     making x86 & amd64 stable following testing.
687 johnm 1.70
688     *hardened-sources-2.6.14-r2 (27 Dec 2005)
689    
690     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
691     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
692     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
693     network hooks.
694 johnm 1.69
695     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
696     hardened-sources-2.6.14-r1.ebuild:
697     bumping to stable early for sec fix on x86 & amd64
698 johnm 1.68
699     *hardened-sources-2.6.14-r1 (05 Dec 2005)
700    
701     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
702     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
703     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
704 solar 1.67
705     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
706     - stable on x86 security bug #114227 CAN-2005-3257
707 kang 1.66
708     *hardened-sources-2.4.32 (19 Nov 2005)
709    
710     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
711     +hardened-sources-2.4.32.ebuild:
712     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
713     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
714     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
715     rsbac >> /etc/portage/package.use)
716 johnm 1.65
717     *hardened-sources-2.6.14 (14 Nov 2005)
718    
719     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
720     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
721     Bumping 2.6 series to 2.6.14.2
722 johnm 1.64
723     *hardened-sources-2.6.13-r2 (20 Oct 2005)
724    
725     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
726     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
727     +hardened-sources-2.6.13-r2.ebuild:
728     Fixes minor build error in ppc.
729 johnm 1.63
730     *hardened-sources-2.6.13-r1 (17 Oct 2005)
731    
732     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
733     +hardened-sources-2.6.13-r1.ebuild:
734     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
735     2.6.13.4, fixes some major amd64 stability problems.
736 johnm 1.62
737     *hardened-sources-2.6.13 (16 Sep 2005)
738    
739     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
740     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
741     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
742     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
743     users should test this thoroughly.
744 solar 1.61
745     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
746     - stable on x86
747 johnm 1.60
748     *hardened-sources-2.6.11-r15 (27 Jun 2005)
749    
750     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
751     +hardened-sources-2.6.11-r15.ebuild:
752     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
753     grsec redefining curr_ip struct.
754 solar 1.59
755     *hardened-sources-2.4.31 (20 Jun 2005)
756    
757     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
758     initial import of 2.4.31 tree
759 johnm 1.58
760     *hardened-sources-2.6.11-r14 (14 Jun 2005)
761    
762     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
763     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
764     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
765     naming scheme to abide by genpatches
766 johnm 1.57
767     *hardened-sources-2.6.11-r13 (18 May 2005)
768    
769     18 May 2005; John Mylchreest <johnm@gentoo.org>
770     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
771     Managed to mangle the Makefile patch from grsec, to miss out the grsec
772     target. sorry about that. Fixes bug #93022
773 johnm 1.56
774     *hardened-sources-2.6.11-r12 (17 May 2005)
775    
776     17 May 2005; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
778     +hardened-sources-2.6.11-r12.ebuild:
779     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
780     merges in genpatches-base
781 johnm 1.55
782     *hardened-sources-2.6.11-r12 (17 May 2005)
783    
784     17 May 2005; John Mylchreest <johnm@gentoo.org>
785     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
786     +hardened-sources-2.6.11-r12.ebuild:
787     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
788     merges in genpatches-base
789 solar 1.54
790     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
791     -files/2.4.27-cmdline-race.patch,
792     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
793     -files/2.4.28-grsec-binfmt_a.out.patch,
794     -files/2.4.28-grsec-cmdline-race.patch,
795     -files/2.4.28-selinux-binfmt_a.out.patch,
796     -files/2.4.28-selinux-cmdline-race.patch,
797     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
798     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
799     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
800     cleanup..
801 solar 1.53
802     *hardened-sources-2.4.30-r1 (21 Apr 2005)
803    
804     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
805     - disable aout by default
806 solar 1.52
807     *hardened-sources-2.4.30 (18 Apr 2005)
808    
809     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
810     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
811     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
812     use
813 tocharian 1.50
814 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
815    
816     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
817     +hardened-sources-2.4.29.ebuild:
818     New hardened-patches-2.4-29.0 patchball.
819     Removed SELinux support, upgraded GRSecurity to 2.1.4.
820    
821     *hardened-sources-2.4.28-r5 (06 Mar 2005)
822    
823     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
824     +hardened-sources-2.4.28-r5.ebuild:
825     Added a fix for a PaX vulnerability.
826    
827     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
828 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
829     Stable on x86
830 solar 1.49
831     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
832     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
833     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
834     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
835     - fixed/added RDEPEND= in all kernel-2 ebuilds
836 tocharian 1.48
837     *hardened-sources-2.4.28-r4 (21 Jan 2005)
838    
839     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
840     +hardened-sources-2.4.28-r4.ebuild:
841     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
842     backport of neighbour hash updates.
843 tocharian 1.47
844     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
845     hardened-sources-2.4.28-r3.ebuild:
846     Stable on x86
847 tseng 1.46
848     *hardened-sources-2.6.10-r3 (20 Jan 2005)
849    
850     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
851     +hardened-sources-2.6.10-r3.ebuild:
852     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
853     in 2005.0
854 tocharian 1.45
855     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
856     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
857     hardened-sources-2.4.28-r2.ebuild:
858     Mark stable on x86
859 tocharian 1.44
860     *hardened-sources-2.4.28-r3 (17 Jan 2005)
861    
862     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
863     +hardened-sources-2.4.28-r3.ebuild:
864     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
865 tocharian 1.43
866     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
867     hardened-sources-2.4.28.ebuild:
868     Mark stable on x86.
869 tocharian 1.42
870     *hardened-sources-2.4.28-r2 (13 Jan 2005)
871    
872     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
873     +hardened-sources-2.4.28-r2.ebuild:
874     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
875     Mazinger for grsecurity patches as well.
876 plasmaroo 1.41
877     *hardened-sources-2.4.28-r1 (23 Dec 2004)
878    
879     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
880     Security bump. Thank tocharian for rolling a new patchset...
881 solar 1.40
882     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
883     +files/2.4.28-grsec-cmdline-race.patch,
884     +files/2.4.28-selinux-binfmt_a.out.patch,
885     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
886     - Round up remaining security patches that appear to be missing in 2.4.28. -
887     PaX standalone updated to current. hgpv=28.1
888 solar 1.39
889     *hardened-sources-2.4.28 (28 Nov 2004)
890    
891     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
892     security bump. Thank tocharian for rolling a new patchset
893 scox 1.31
894 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
895    
896     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
897     +hardened-sources-2.4.27-r3.ebuild:
898     Applies the new 2.4-27.2 patchball which updates
899     GRSecurity to the 2.0.1 version.
900    
901 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
902    
903     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
904     +hardened-sources-2.4.27-r2.ebuild:
905     Version bump.
906     This version uses the new 2.4-27.1 patchball which updates
907     both the SELinux PaX hooks patch and the SELinux headers.
908    
909 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
910    
911     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
912     +hardened-sources-2.4.27-r1.ebuild,
913     -hardened-sources-2.4.27.ebuild,
914     +files/2.4.27-cmdline-race.patch:
915     Version bump, fix for cmdline race. See bug #59905.
916    
917     *hardened-sources-2.4.26-r6 (09 Aug 2004)
918    
919     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
920     +hardened-sources-2.4.26-r6.ebuild,
921     -hardened-sources-2.4.26-r5.ebuild,
922     -hardened-sources-2.4.26-r4.ebuild,
923     +files/2.4.26-cmdline-race.patch:
924     Version bump, fix for cmdline race. See bug #59905.
925    
926 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
927    
928     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
929     +hardened-sources-2.4.27.ebuild,
930     +files/2.4.27-CAN-2004-0394.patch:
931     Ported the patchball to the 2.4.27 kernel version.
932    
933 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
934    
935     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
936     +hardened-sources-2.4.26-r5.ebuild:
937 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
938 scox 1.34 It adds the following features:
939     - Squashfs
940     - Ebtables
941     - Netdev random (core+drivers)
942     - Watchdog Timer (WDT) fix.
943    
944 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
945    
946     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
947     +hardened-sources-2.4.26-r4.ebuild,
948     +files/2.4.26-CAN-2004-0415.patch,
949     -hardened-sources-2.4.26-3:
950     Version bump, fix for CAN 0415, see bug #59378.
951    
952 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
953    
954     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
955     +hardened-sources-2.4.26-r3.ebuild,
956     +files/2.4.26-CAN-2004-0497.patch,
957     -hardened-sources-2.4.26-r2.ebuild:
958     Version bump, fixed CAN 0497, see bug #56171.
959    
960 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
961    
962     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
963 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
964 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
965     +files/2.4.26-CAN-2004-0535.patch,
966     -hardened-sources-2.4.26-r1.ebuild:
967     Fixes for both CAN 0495 and 0535, see bug #54976
968 pvdabeel 1.27
969 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
970     hardened-sources-2.4.26-r1.ebuild:
971     QA - fix use invocation
972 scox 1.28
973     *hardened-sources-2.4.26-r1 (22 June 2004)
974    
975     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
976     +hardened-sources-2.4.26-r1.ebuild,
977     +files/2.4.26-CAN-2004-0394.patch,
978     +files/2.4.26-signal-race.patch,
979     -hardened-sources-2.4.26.ebuild,
980     -hardened-sources-2.4.24-r3.ebuild:
981     Version bump for the CAN-2004-0394 issue and bug #53804
982     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
983    
984    
985 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
986     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
987     Masked hardened-sources-2.4.26.ebuild broken for ppc
988    
989     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
990     hardened-sources-2.4.24-r3.ebuild:
991     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
992 plasmaroo 1.25
993 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
994    
995     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
996     +hardened-sources-2.4.26.ebuild:
997     Updated hardened-sources for the 2.4.26 kernel
998     Removed broken components, updated almost everything.
999    
1000 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1001    
1002     17 Apr 2004; <plasmaroo@gentoo.org>
1003     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1004     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1005     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1006     +hardened-sources-2.4.24-r3.ebuild:
1007     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1008     vulnerabilities. Old revisions removed.
1009 plasmaroo 1.24
1010     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1011    
1012     15 Apr 2004; <plasmaroo@gentoo.org>
1013     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1014     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1015     Version bump for the CAN-2004-0109 issue; bug #47881.
1016 aliz 1.23
1017     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1018     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1019     Add eutils to inherit.
1020 plasmaroo 1.22
1021     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1022    
1023     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1024     files/hardened-sources-2.4.24.munmap.patch:
1025     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1026 scox 1.19
1027 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1028 scox 1.26
1029 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1030     hardened-sources-2.4.24.ebuild:
1031     Version bump, updated most of the components.
1032     This release includes the following:
1033    
1034     - Hardened security
1035     - Netfilter patch-o-matic 20031219
1036     - FreeSWAN 2.04 & x509 1.4.8
1037     - EVMS 2.2.2
1038     - XFS 1.3.1
1039     - cryptoloop jari
1040     - grsecurity 2.0-rc4
1041     - SELinux
1042     - PaX 200402060000
1043     - PaX Obscurity 200308302223
1044     - Others...
1045    
1046     Neither -ck nor systrace are included anymore.
1047    
1048 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1049    
1050     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1051     hardened-sources-2.4.22-r2.ebuild:
1052 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1053 scox 1.19
1054     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1055 iggy 1.17
1056     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1057 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1058 iggy 1.16
1059     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1060 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1061     Version bump for the 'do_brk' vulnerability.
1062 iggy 1.15
1063     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1064     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1065     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1066     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1067 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1068 frogger 1.14
1069     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1070     hardened-sources-2.4.22.ebuild:
1071 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1072     components. These are no longer handled in the kernel
1073     so this code was not necessary.
1074 frogger 1.13
1075     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1076     New 2.4.22 based hardened-sources thanks to
1077     Phil West <p.west@computer.org>.
1078    
1079     These sources include:
1080 plasmaroo 1.18 - New SELinux API
1081     - Updated CK-base
1082     - Updated GRSec
1083     - Systrace
1084     - SuperFreeS/WAN 1.99.8
1085     - Propolice kernel build support
1086     - EVMS
1087     - Other various security related patches
1088 frogger 1.11
1089 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1090    
1091     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1092     Updated hardened-sources based on the 2.4.21 Linux kernel.
1093     This includes updates to most major components such as:
1094 plasmaroo 1.18 - ck-base-0306300059
1095     - selinux-2.4-2003071106
1096     - grsecurity-2.0-rc1
1097     - Updated IPTables patch-o-matic
1098     - Updated SuperFreeS/WAN
1099    
1100 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1101     updated patch set ready for the 2.4.21 based kernel.
1102    
1103 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1104     Initial import of hardened-sources-2.4.20-r4. This revision
1105     includes only a few changes, but one of these is an important
1106     security fix. It is recommended all users of hardened-sources
1107     upgrade to this release.
1108 plasmaroo 1.18
1109 frogger 1.11 - ioperm bug fix
1110     - fixed compilation failure when building without GRSec
1111 plasmaroo 1.18
1112 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1113     due to time constraints, but is planned for inclusion in the near
1114     future.
1115 msterret 1.10
1116     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1117    
1118     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1119     hardened-sources-2.4.20-r3.ebuild:
1120 plasmaroo 1.18 Add Header...
1121 frogger 1.9
1122     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1123     hardened-sources-2.4.20-r3.ebuild:
1124     Removed warnings from ebuild. This kernel should be safe to
1125     use at this point.
1126 frogger 1.8
1127     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1128    
1129     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1130     hardened-sources-2.4.20-r3.ebuild:
1131     New revision. Includes the following changes over -r2:
1132 plasmaroo 1.18
1133 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1134     - Super FreeS/WAN 1.99.7rc2
1135     - PaX for the LSM/SELinux branch
1136     - GRSecurity 2.0-pre4 (role based access control)
1137     - Systrace 1.3
1138     - EXT3 fixes
1139     - EVMS 2.0.1
1140     - GCC 3.1+ compile optimizations
1141     - ProPolice kernel build support
1142     - Hashing table security fixes
1143 frogger 1.3
1144     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1145 frogger 1.7
1146     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1147     Initial import of hardened-sources-r2. This new
1148     ebuild includes many new performance and security
1149     related patches. As in -r1, it will patch in
1150     LSM/SELinux if "selinux" is in USE, otherwise it
1151     will patch in GRSecurity. The following patches
1152     are included in this revision:
1153 plasmaroo 1.18
1154 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1155     (pulled from the base CK patch)
1156     - ptrace exploit patch for the LSM kernel
1157     (the GRSec patch already fixes this)
1158     - LSM 2.4-2003040709
1159     - SELinux 2.4-2003040709
1160     - Systrace v1.2
1161     - IPTables patch-o-matic base patches - 20030107
1162     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1163     - Super FreeS/WAN 1.99.6.1
1164     - GRSecurity 1.9.9g
1165     - MPPE
1166     - EXT3 data journal fix
1167     - CIPE 1.5.4
1168 frogger 1.6
1169     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1170     hardened-sources-2.4.20-r1.ebuild, manifest:
1171 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1172 frogger 1.5
1173     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1174     hardened-sources-2.4.20-r1.ebuild:
1175     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1176     is patched in instead. Ptrace patches for selinux have also been added. In
1177     either case, systrace support will be patched in as well.
1178 frogger 1.3
1179     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1180     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1181 plasmaroo 1.18 Revision bump for new sources.
1182 frogger 1.4
1183 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1184 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1185 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1186 method 1.1
1187 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1188    
1189 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1190     hardened-sources-2.4.20.ebuild:
1191 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20