/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.192 - (hide annotations) (download)
Sun Oct 21 12:25:33 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.191: +8 -1 lines
Yet another new patch, hopefully fixing the remaining issues we had w/ 2.6.22. Candidate for stabling.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.192 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.191 2007/10/13 17:42:37 phreak Exp $
4    
5     *hardened-sources-2.6.22-r8 (21 Oct 2007)
6    
7     21 Oct 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.22-r8.ebuild:
9     Yet another new patch, hopefully fixing the remaining issues we had w/
10     2.6.22. Candidate for stabling.
11 phreak 1.191
12     *hardened-sources-2.6.23 (13 Oct 2007)
13    
14     13 Oct 2007; Christian Heim <phreak@gentoo.org>
15     +hardened-sources-2.6.23.ebuild:
16     Initial hardened-sources-2.6.23. If people still have problems w/ bug
17     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
18 phreak 1.190
19     11 Oct 2007; Christian Heim <phreak@gentoo.org>
20     hardened-sources-2.6.20-r10.ebuild:
21     Pulling in yet another new genpatches version, fixing the PWC bug for real.
22 phreak 1.189
23     04 Oct 2007; Christian Heim <phreak@gentoo.org>
24     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
25     Removing old versions.
26 phreak 1.188
27     *hardened-sources-2.6.22-r7 (01 Oct 2007)
28    
29     01 Oct 2007; Christian Heim <phreak@gentoo.org>
30     +hardened-sources-2.6.22-r7.ebuild:
31     Revision bump, pulling in a newer patch. Should fix #194276.
32 phreak 1.187
33     30 Sep 2007; Christian Heim <phreak@gentoo.org>
34     hardened-sources-2.6.20-r10.ebuild:
35     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
36     Mike Doty).
37 phreak 1.186
38     *hardened-sources-2.6.22-r6 (26 Sep 2007)
39    
40     26 Sep 2007; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.22-r6.ebuild:
42     Revision bump, grabbing up till Linux 2.6.22.9.
43 phreak 1.185
44     24 Sep 2007; Christian Heim <phreak@gentoo.org>
45     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
46     Cleaning up further.
47 phreak 1.184
48     *hardened-sources-2.6.20-r10 (24 Sep 2007)
49    
50     24 Sep 2007; Christian Heim <phreak@gentoo.org>
51     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
52     +hardened-sources-2.6.20-r10.ebuild:
53     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
54     revisions.
55 phreak 1.183
56     *hardened-sources-2.6.22-r5 (22 Sep 2007)
57    
58     22 Sep 2007; Christian Heim <phreak@gentoo.org>
59     +hardened-sources-2.6.22-r5.ebuild:
60     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
61 phreak 1.182
62     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
63     Removing johnm from metadata.xml (see #186467 for reference).
64 phreak 1.181
65     *hardened-sources-2.6.22-r4 (17 Sep 2007)
66    
67     17 Sep 2007; Christian Heim <phreak@gentoo.org>
68     +hardened-sources-2.6.22-r4.ebuild:
69     Revision bump, hopefully fixing all those weird PAX failures.
70 phreak 1.180
71     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
72     Updating the metadata.xml.
73 phreak 1.179
74     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
75     Removing tocharian from metadata due to his retirement (see #71718 for
76     reference).
77 phreak 1.178
78     *hardened-sources-2.6.20-r9 (30 Aug 2007)
79    
80     30 Aug 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.20-r9.ebuild:
82     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
83 phreak 1.177
84     29 Aug 2007; Christian Heim <phreak@gentoo.org>
85     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
86     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
87     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
88     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
89     -hardened-sources-2.6.22-r2.ebuild:
90     Removing some redundant versions.
91 phreak 1.176
92     *hardened-sources-2.4.35-r1 (29 Aug 2007)
93    
94     29 Aug 2007; Christian Heim <phreak@gentoo.org>
95     +hardened-sources-2.4.35-r1.ebuild:
96     Revision bump, new grsecurity patch.
97 phreak 1.175
98     *hardened-sources-2.6.20-r8 (26 Aug 2007)
99    
100     26 Aug 2007; Christian Heim <phreak@gentoo.org>
101     +hardened-sources-2.6.20-r8.ebuild:
102     Revision bump for Linux 2.6.20.17.
103 phreak 1.174
104     *hardened-sources-2.6.22-r3 (22 Aug 2007)
105    
106     22 Aug 2007; Christian Heim <phreak@gentoo.org>
107     +hardened-sources-2.6.22-r3.ebuild:
108     Revision bump for Linux 2.6.22.4.
109 phreak 1.173
110     16 Aug 2007; Christian Heim <phreak@gentoo.org>
111     hardened-sources-2.6.22-r2.ebuild:
112     Updated patchset, to fix the alignment against 2.6.22.3.
113 phreak 1.172
114     *hardened-sources-2.6.22-r2 (16 Aug 2007)
115    
116     16 Aug 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.22-r2.ebuild:
118     Revision bump for Linux 2.6.22.3.
119 phreak 1.171
120     *hardened-sources-2.4.35 (16 Aug 2007)
121    
122     16 Aug 2007; Christian Heim <phreak@gentoo.org>
123     +hardened-sources-2.4.35.ebuild:
124     Version bump, initial version for Linux 2.4.35.
125 phreak 1.170
126     *hardened-sources-2.6.21-r4 (16 Aug 2007)
127    
128     16 Aug 2007; Christian Heim <phreak@gentoo.org>
129     +hardened-sources-2.6.21-r4.ebuild:
130     Revision bump for Linux 2.6.21.6.
131 phreak 1.169
132     *hardened-sources-2.6.20-r7 (16 Aug 2007)
133    
134     16 Aug 2007; Christian Heim <phreak@gentoo.org>
135     +hardened-sources-2.6.20-r7.ebuild:
136     Revision bump for Linux 2.6.20.16.
137 phreak 1.168
138     *hardened-sources-2.6.22-r1 (13 Aug 2007)
139    
140     13 Aug 2007; Christian Heim <phreak@gentoo.org>
141     +hardened-sources-2.6.22-r1.ebuild:
142     Yet another revision bump.
143 phreak 1.167
144     *hardened-sources-2.6.22 (10 Aug 2007)
145    
146     10 Aug 2007; Christian Heim <phreak@gentoo.org>
147     +hardened-sources-2.6.22.ebuild:
148     Initial release for 2.6.22. If you are using hardened-sources on a desktop
149     machine (P4 or newer), be aware you might need to disable
150     CONFIG_PAX_PAGEEXEC.
151 phreak 1.166
152     04 Aug 2007; Christian Heim <phreak@gentoo.org>
153     hardened-sources-2.6.20-r6.ebuild:
154     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
155     2.6.20.15.
156 phreak 1.165
157     10 Jul 2007; Christian Heim <phreak@gentoo.org>
158     hardened-sources-2.6.20-r5.ebuild:
159     Marking hardened-sources-2.6.20-r5 stable on ppc.
160 phreak 1.164
161     10 Jul 2007; Christian Heim <phreak@gentoo.org>
162     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
163     Cleanup.
164 phreak 1.163
165     *hardened-sources-2.6.20-r6 (08 Jul 2007)
166    
167     08 Jul 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.6.20-r6.ebuild:
169     Revision bump, grabbing yet another stable release.
170 phreak 1.162
171     17 Jun 2007; Christian Heim <phreak@gentoo.org>
172     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
173     -hardened-sources-2.6.21-r2.ebuild:
174     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
175     alpha stable KEYWORD by mistake.
176 phreak 1.161
177     17 Jun 2007; Christian Heim <phreak@gentoo.org>
178     hardened-sources-2.6.20-r5.ebuild:
179     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
180     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
181 phreak 1.160
182     *hardened-sources-2.6.21-r3 (12 Jun 2007)
183    
184     12 Jun 2007; Christian Heim <phreak@gentoo.org>
185     +hardened-sources-2.6.21-r3.ebuild:
186     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
187     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
188     love.
189 phreak 1.159
190     *hardened-sources-2.6.20-r5 (11 Jun 2007)
191    
192     11 Jun 2007; Christian Heim <phreak@gentoo.org>
193     +hardened-sources-2.6.20-r5.ebuild:
194     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
195     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
196     love.
197 pappy 1.158
198     *hardened-sources-2.4.34.5 (11 Jun 2007)
199    
200     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
201     +hardened-sources-2.4.34.5.ebuild:
202     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
203 phreak 1.157
204     30 May 2007; Christian Heim <phreak@gentoo.org>
205     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
206     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
207     stale ebuild(s).
208 phreak 1.156
209     30 May 2007; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
211     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
212     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
213     Doing some cleanups, remove stale ebuilds.
214 phreak 1.155
215     26 May 2007; Christian Heim <phreak@gentoo.org>
216     hardened-sources-2.6.21-r2.ebuild:
217     Fixing the grsecurity patch, had one '};' too much.
218 phreak 1.154
219     *hardened-sources-2.6.21-r2 (26 May 2007)
220    
221     26 May 2007; Christian Heim <phreak@gentoo.org>
222     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
223     +hardened-sources-2.6.21-r2.ebuild:
224     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
225     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
226 phreak 1.153
227     *hardened-sources-2.6.20-r4 (26 May 2007)
228    
229     26 May 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
231     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
232 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
233 phreak 1.152
234     15 May 2007; Christian Heim <phreak@gentoo.org>
235     hardened-sources-2.6.20-r3.ebuild:
236     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
237     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
238     grsecurity patch fail in that exact same hunk.
239 phreak 1.151
240     *hardened-sources-2.6.20-r3 (15 May 2007)
241    
242     15 May 2007; Christian Heim <phreak@gentoo.org>
243     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
244     Revision bump, incorporating Linux 2.6.20.11.
245    
246     *hardened-sources-2.6.21-r1 (11 May 2007)
247    
248     11 May 2007; Christian Heim <phreak@gentoo.org>
249     +hardened-sources-2.6.21-r1.ebuild:
250     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
251     mentioned in #177234.
252 kevquinn 1.150
253     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
254     files/digest-hardened-sources-2.6.21, Manifest:
255     Fix Manifest/digest for linux-2.6.21.tar.bz2
256 phreak 1.149
257     06 May 2007; Christian Heim <phreak@gentoo.org>
258     hardened-sources-2.6.21.ebuild:
259     Bumping the hardened-patches version, needed for the fix for #177234.
260 phreak 1.148
261     *hardened-sources-2.6.21 (02 May 2007)
262    
263     02 May 2007; Christian Heim <phreak@gentoo.org>
264     +hardened-sources-2.6.21.ebuild:
265     Version bump, Linux 2.6.21-hardened.
266 phreak 1.147
267     29 Apr 2007; Christian Heim <phreak@gentoo.org>
268     hardened-sources-2.6.20-r2.ebuild:
269     Adding ~ia64 on Ned's request.
270 phreak 1.146
271     29 Apr 2007; Christian Heim <phreak@gentoo.org>
272     hardened-sources-2.6.20-r2.ebuild:
273     Fixing the included grsecurity patch, wasn't alligning due to the Index:
274     header line(s).
275 phreak 1.145
276     29 Apr 2007; Christian Heim <phreak@gentoo.org>
277     hardened-sources-2.6.20-r2.ebuild:
278     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
279 armin76 1.144
280     *hardened-sources-2.6.20-r2 (10 Apr 2007)
281    
282     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
283     +hardened-sources-2.6.20-r2.ebuild:
284     Version bump, on behalf of phreak
285 phreak 1.143
286     *hardened-sources-2.6.20-r1 (04 Apr 2007)
287    
288     04 Apr 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.20-r1.ebuild:
290     Revision bump, grabbing a newer grsecurity snapshot.
291 phreak 1.142
292     *hardened-sources-2.6.20 (25 Mar 2007)
293    
294     25 Mar 2007; Christian Heim <phreak@gentoo.org>
295     +hardened-sources-2.6.20.ebuild:
296     Finally a hardened-sources version for 2.6.20; many people have been waiting
297     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
298     testbox.
299 chainsaw 1.141
300     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
301     hardened-sources-2.6.18-r6.ebuild:
302     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
303 phreak 1.140
304     *hardened-sources-2.6.18-r6 (16 Mar 2007)
305    
306     16 Mar 2007; Christian Heim <phreak@gentoo.org>
307     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
308     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
309     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
310     supposed to be.
311 phreak 1.139
312     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
313     Fixing the Manifest, the previous one was broken (as in still had the
314     deleted ebuild in it).
315 phreak 1.138
316     06 Mar 2007; Christian Heim <phreak@gentoo.org>
317     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
318     +hardened-sources-2.6.18-r5.ebuild:
319     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
320     Linux 2.6.18.8. Also cleaning up the older version.
321    
322     *hardened-sources-2.6.18-r5 (06 Mar 2007)
323    
324     06 Mar 2007; Christian Heim <phreak@gentoo.org>
325     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
326     +hardened-sources-2.6.18-r5.ebuild:
327     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
328     Linux 2.6.18.8. Also cleaning up the older version.
329 phreak 1.137
330     24 Feb 2007; Christian Heim <phreak@gentoo.org>
331     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
332     -hardened-sources-2.6.19-r5.ebuild:
333     Removing some of the old version, that didn't work.
334 phreak 1.136
335     *hardened-sources-2.6.19-r6 (12 Feb 2007)
336    
337     12 Feb 2007; Christian Heim <phreak@gentoo.org>
338     +hardened-sources-2.6.19-r6.ebuild:
339     Revision bump, including a new grsec version fixing #166235.
340 pappy 1.134
341     *hardened-sources-2.4.34 (24 Jan 2007)
342    
343     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
344 pappy 1.135 Manifest:
345     updating Manifest with checksums of new tarball and ebuild
346    
347     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
348 pappy 1.134 +hardened-sources-2.4.34.ebuild:
349     I added new hardened sources 2.4 update, this is a critical path
350     security bugfix - all users of h-s are strongly advised
351     to update their existing hardened sources to this version.
352     It contains a fix for a kernel vulnerability that is pertaining
353     to the PaX changes to virtual memory management, possibly leading
354     to a local kernel exploit ... see grsecurity.net forums and homepage
355 phreak 1.133
356     23 Jan 2007; Christian Heim <phreak@gentoo.org>
357     files/digest-hardened-sources-2.6.19-r5, Manifest:
358     Fixing the patch-tarball digest.
359 phreak 1.132
360     *hardened-sources-2.6.19-r5 (23 Jan 2007)
361    
362     23 Jan 2007; Christian Heim <phreak@gentoo.org>
363     +hardened-sources-2.6.19-r5.ebuild:
364     Revision bump, closing the recently discovered PaX expand_stack()
365     vulnerability.
366 phreak 1.131
367     *hardened-sources-2.6.19-r4 (14 Jan 2007)
368    
369     14 Jan 2007; Christian Heim <phreak@gentoo.org>
370     +hardened-sources-2.6.19-r4.ebuild:
371     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
372     dropping the randomized PID feature.
373 opfer 1.130
374     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
375     hardened-sources-2.4.33.4.ebuild:
376     stable x86, bug #161171
377 phreak 1.129
378     *hardened-sources-2.6.19-r3 (27 Dec 2006)
379    
380     27 Dec 2006; Christian Heim <phreak@gentoo.org>
381     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
382     Revision bump for bug #157186 and #158786.
383 phreak 1.128
384     *hardened-sources-2.6.18-r4 (27 Dec 2006)
385    
386     27 Dec 2006; Christian Heim <phreak@gentoo.org>
387     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
388     Revision bump for bug #157186.
389 phreak 1.127
390     *hardened-sources-2.6.19-r2 (23 Dec 2006)
391    
392     23 Dec 2006; Christian Heim <phreak@gentoo.org>
393     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
394     Revision bump to pull in genpatches-2.6.19-3 for #157186.
395 phreak 1.126
396     17 Dec 2006; Christian Heim <phreak@gentoo.org>
397     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
398     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
399     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
400     hardened-sources-2.6.19-r1.ebuild:
401     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
402     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
403 pappy 1.125
404     *hardened-sources-2.4.33.4 (17 Dec 2006)
405    
406     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
407     +hardened-sources-2.4.33.4.ebuild:
408     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
409     and quilting
410 phreak 1.124
411     *hardened-sources-2.6.19-r1 (14 Dec 2006)
412    
413     14 Dec 2006; Christian Heim <phreak@gentoo.org>
414     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
415     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
416     for reporting).
417 phreak 1.123
418     *hardened-sources-2.6.19 (13 Dec 2006)
419    
420     13 Dec 2006; Christian Heim <phreak@gentoo.org>
421     +hardened-sources-2.6.19.ebuild:
422     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
423     Brad for providing that prompt update.
424 phreak 1.122
425     *hardened-sources-2.6.18-r3 (13 Dec 2006)
426    
427     13 Dec 2006; Christian Heim <phreak@gentoo.org>
428     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
429     +hardened-sources-2.6.18-r3.ebuild:
430     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
431     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
432 phreak 1.121
433     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
434     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
435 nixnut 1.120
436     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
437     Stable on ppc wrt bug 157356
438 opfer 1.119
439     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
440     hardened-sources-2.6.18.ebuild:
441     stable x86, bug #157356
442 phreak 1.118
443     *hardened-sources-2.6.18-r2 (06 Dec 2006)
444    
445     06 Dec 2006; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.6.18-r2.ebuild:
447     Revision bump, including 2.6.18.5 (via genpatches) and
448     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
449     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
450     redesign.
451 phreak 1.117
452     06 Dec 2006; Christian Heim <phreak@gentoo.org>
453     hardened-sources-2.6.18.ebuild:
454     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
455     of Mike Doty).
456 phreak 1.116
457     *hardened-sources-2.6.18-r1 (23 Nov 2006)
458    
459     23 Nov 2006; Christian Heim <phreak@gentoo.org>
460     +hardened-sources-2.6.18-r1.ebuild:
461     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
462 phreak 1.115
463     *hardened-sources-2.6.18 (11 Nov 2006)
464    
465     11 Nov 2006; Christian Heim <phreak@gentoo.org>
466     +hardened-sources-2.6.18.ebuild:
467     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
468 solar 1.114
469     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
470     - mark amd64 stable also. bug #151877
471 solar 1.113
472     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
473     - mark 2.6.17-r1 stable
474 phreak 1.112
475     27 Aug 2006; Christian Heim <phreak@gentoo.org>
476     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
477     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
478 phreak 1.111
479     *hardened-sources-2.6.17-r1 (26 Aug 2006)
480    
481     26 Aug 2006; Christian Heim <phreak@gentoo.org>
482     +hardened-sources-2.6.17-r1.ebuild:
483     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
484     grsecurity patch.
485 phreak 1.110
486     *hardened-sources-2.6.17 (17 Aug 2006)
487    
488     17 Aug 2006; Christian Heim <phreak@gentoo.org>
489     +hardened-sources-2.6.17.ebuild:
490     Bumping the hardened-sources-2.6 series to 2.6.17, using
491     genpatches-2.6.17-6.base.
492 solar 1.109
493     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
494     - stable on x86 and amd64
495 solar 1.108
496     *hardened-sources-2.6.16-r11 (15 Jul 2006)
497    
498     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
499     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
500     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
501     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
502     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
503     crusty ebuilds
504 johnm 1.107
505     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
506     hardened-sources-2.6.16-r10.ebuild:
507     marking stable on x86 and amd64
508 solar 1.106
509     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
510     - 2.4.32-r6 stable on x86. RSBAC state unknown
511 kang 1.105
512     *hardened-sources-2.4.32-r7 (10 Jul 2006)
513    
514     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
515     +hardened-sources-2.4.32-r7.ebuild:
516     Bump PaX for RSBAC to test-17
517 johnm 1.104
518     *hardened-sources-2.6.16-r9 (03 Jul 2006)
519    
520     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
521     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
522     hardened-sources-2.6.16 bump to latest -base.
523 solar 1.103
524     *hardened-sources-2.4.32-r6 (30 Jun 2006)
525    
526     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
527     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
528     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
529     sysctl controlable resource logging
530 johnm 1.102
531     *hardened-sources-2.6.16-r7 (05 Jun 2006)
532    
533     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
534     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
535     push new 2.6.16 release in preparation for stable
536 solar 1.101
537     22 May 2006; <solar@gentoo.org> :
538     - redigest bug 134002
539 kang 1.100
540     *hardened-sources-2.4.32-r5 (16 May 2006)
541    
542     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
543     +hardened-sources-2.4.32-r5.ebuild:
544     Fixes rsbac common patching (new patch in new -r5 patchset)
545 solar 1.99
546     *hardened-sources-2.4.32-r4 (13 May 2006)
547    
548     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
549     +hardened-sources-2.4.32-r4.ebuild:
550     - security bumps
551 johnm 1.98
552     *hardened-sources-2.6.16-r6 (03 May 2006)
553    
554     03 May 2006; John Mylchreest <johnm@gentoo.org>
555     +hardened-sources-2.6.16-r6.ebuild:
556     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
557 johnm 1.97
558     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
559     hardened-sources-2.6.14-r8.ebuild:
560     fix x86_64 build problem, this will delay the digest issue again for a short
561     while but it will sort itself out
562 johnm 1.96
563     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
564     hardened-sources-2.6.14-r8.ebuild:
565     bump hardened patchset
566 antarus 1.94
567     27 Apr 2006; Alec Warner <antarus@gentoo.org>
568     files/digest-hardened-sources-2.4.32-r2,
569     files/digest-hardened-sources-2.4.32-r3,
570     files/digest-hardened-sources-2.6.14-r8, Manifest:
571     Fixing duff SHA256 digests: Bug # 131293
572 johnm 1.93
573 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
574    
575     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
576     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
577     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
578     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
579     cleanup of old uneccessary sources
580    
581 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
582     fix digest
583 johnm 1.92
584     *hardened-sources-2.6.14-r8 (20 Apr 2006)
585    
586     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
587     +hardened-sources-2.6.14-r8.ebuild:
588     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
589 johnm 1.91
590     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
591     Turning on gpg-signing again, and recomitting
592 johnm 1.90
593     *hardened-sources-2.6.16-r4 (20 Apr 2006)
594    
595     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
596     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
597     +hardened-sources-2.6.16-r4.ebuild:
598     Fix numerous security vulns
599 solar 1.89
600     *hardened-sources-2.4.32-r3 (16 Apr 2006)
601    
602     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
603     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
604     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
605     - security bump for bug #112791. Removed old ebuilds
606 johnm 1.88
607     *hardened-sources-2.6.16-r3 (15 Apr 2006)
608    
609     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
610     +hardened-sources-2.6.16-r3.ebuild:
611     Removing silly localversion which I missed
612 johnm 1.87
613     *hardened-sources-2.6.14-r7 (14 Apr 2006)
614    
615     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
616     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
617     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
618 johnm 1.86
619     *hardened-sources-2.6.16-r2 (13 Apr 2006)
620    
621     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
622     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
623     +hardened-sources-2.6.16-r2.ebuild:
624     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
625     labels, dropping USERGROUP define fixes, since these were merged mainstream.
626 johnm 1.85
627     *hardened-sources-2.6.16-r1 (11 Apr 2006)
628    
629     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
630     +hardened-sources-2.6.16-r1.ebuild:
631     Bumping to include ppc build fix and 2.6.16.3
632 tsunam 1.84
633     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
634     hardened-sources-2.6.14-r6.ebuild:
635     Stable on x86; bug #127718
636 johnm 1.83
637     *hardened-sources-2.6.16 (31 Mar 2006)
638    
639     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
640     +hardened-sources-2.6.16.ebuild:
641     Bumping to new version of grsec, and kernel base. New squashfs. Based on
642     2.6.16.1
643 cryos 1.82
644     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
645     hardened-sources-2.6.14-r6.ebuild:
646     Stable on amd64, bug 127718.
647 nixnut 1.81
648     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
649     Stable on ppc. Bug #127718
650 johnm 1.80
651     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
652     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
653     -hardened-sources-2.6.14-r4.ebuild:
654     Cleanup.
655 johnm 1.79
656     *hardened-sources-2.6.14-r6 (15 Mar 2006)
657    
658     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
659     +hardened-sources-2.6.14-r6.ebuild:
660     Fixes grsec policy recreation bug and adds a
661     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
662 solar 1.78
663     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
664     - stable on x86
665 hansmi 1.77
666     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
667     hardened-sources-2.6.14-r5.ebuild:
668     Stable on ppc.
669 johnm 1.76
670     *hardened-sources-2.6.14-r5 (01 Feb 2006)
671    
672     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
673     +hardened-sources-2.6.14-r5.ebuild:
674     fixing every known exploit
675 solar 1.75
676     *hardened-sources-2.4.32-r2 (26 Jan 2006)
677    
678     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
679     +hardened-sources-2.4.32-r2.ebuild:
680     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
681 solar 1.74
682     *hardened-sources-2.6.14-r4 (12 Jan 2006)
683    
684     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
685     - version bump for new genpatches which fix up a few sec holes
686 solar 1.73
687     *hardened-sources-2.4.32-r1 (05 Jan 2006)
688    
689     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
690     - revision bump to add misc vital linux kernel security patches.
691 johnm 1.72
692     *hardened-sources-2.6.14-r3 (30 Dec 2005)
693    
694     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
695     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
696     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
697 johnm 1.71
698     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
699     hardened-sources-2.6.14-r2.ebuild:
700     making x86 & amd64 stable following testing.
701 johnm 1.70
702     *hardened-sources-2.6.14-r2 (27 Dec 2005)
703    
704     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
705     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
706     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
707     network hooks.
708 johnm 1.69
709     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
710     hardened-sources-2.6.14-r1.ebuild:
711     bumping to stable early for sec fix on x86 & amd64
712 johnm 1.68
713     *hardened-sources-2.6.14-r1 (05 Dec 2005)
714    
715     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
716     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
717     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
718 solar 1.67
719     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
720     - stable on x86 security bug #114227 CAN-2005-3257
721 kang 1.66
722     *hardened-sources-2.4.32 (19 Nov 2005)
723    
724     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
725     +hardened-sources-2.4.32.ebuild:
726     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
727     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
728     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
729     rsbac >> /etc/portage/package.use)
730 johnm 1.65
731     *hardened-sources-2.6.14 (14 Nov 2005)
732    
733     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
734     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
735     Bumping 2.6 series to 2.6.14.2
736 johnm 1.64
737     *hardened-sources-2.6.13-r2 (20 Oct 2005)
738    
739     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
740     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
741     +hardened-sources-2.6.13-r2.ebuild:
742     Fixes minor build error in ppc.
743 johnm 1.63
744     *hardened-sources-2.6.13-r1 (17 Oct 2005)
745    
746     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
747     +hardened-sources-2.6.13-r1.ebuild:
748     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
749     2.6.13.4, fixes some major amd64 stability problems.
750 johnm 1.62
751     *hardened-sources-2.6.13 (16 Sep 2005)
752    
753     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
754     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
755     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
756     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
757     users should test this thoroughly.
758 solar 1.61
759     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
760     - stable on x86
761 johnm 1.60
762     *hardened-sources-2.6.11-r15 (27 Jun 2005)
763    
764     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
765     +hardened-sources-2.6.11-r15.ebuild:
766     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
767     grsec redefining curr_ip struct.
768 solar 1.59
769     *hardened-sources-2.4.31 (20 Jun 2005)
770    
771     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
772     initial import of 2.4.31 tree
773 johnm 1.58
774     *hardened-sources-2.6.11-r14 (14 Jun 2005)
775    
776     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
778     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
779     naming scheme to abide by genpatches
780 johnm 1.57
781     *hardened-sources-2.6.11-r13 (18 May 2005)
782    
783     18 May 2005; John Mylchreest <johnm@gentoo.org>
784     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
785     Managed to mangle the Makefile patch from grsec, to miss out the grsec
786     target. sorry about that. Fixes bug #93022
787 johnm 1.56
788     *hardened-sources-2.6.11-r12 (17 May 2005)
789    
790     17 May 2005; John Mylchreest <johnm@gentoo.org>
791     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
792     +hardened-sources-2.6.11-r12.ebuild:
793     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
794     merges in genpatches-base
795 johnm 1.55
796     *hardened-sources-2.6.11-r12 (17 May 2005)
797    
798     17 May 2005; John Mylchreest <johnm@gentoo.org>
799     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
800     +hardened-sources-2.6.11-r12.ebuild:
801     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
802     merges in genpatches-base
803 solar 1.54
804     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
805     -files/2.4.27-cmdline-race.patch,
806     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
807     -files/2.4.28-grsec-binfmt_a.out.patch,
808     -files/2.4.28-grsec-cmdline-race.patch,
809     -files/2.4.28-selinux-binfmt_a.out.patch,
810     -files/2.4.28-selinux-cmdline-race.patch,
811     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
812     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
813     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
814     cleanup..
815 solar 1.53
816     *hardened-sources-2.4.30-r1 (21 Apr 2005)
817    
818     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
819     - disable aout by default
820 solar 1.52
821     *hardened-sources-2.4.30 (18 Apr 2005)
822    
823     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
824     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
825     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
826     use
827 tocharian 1.50
828 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
829    
830     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
831     +hardened-sources-2.4.29.ebuild:
832     New hardened-patches-2.4-29.0 patchball.
833     Removed SELinux support, upgraded GRSecurity to 2.1.4.
834    
835     *hardened-sources-2.4.28-r5 (06 Mar 2005)
836    
837     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
838     +hardened-sources-2.4.28-r5.ebuild:
839     Added a fix for a PaX vulnerability.
840    
841     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
842 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
843     Stable on x86
844 solar 1.49
845     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
846     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
847     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
848     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
849     - fixed/added RDEPEND= in all kernel-2 ebuilds
850 tocharian 1.48
851     *hardened-sources-2.4.28-r4 (21 Jan 2005)
852    
853     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
854     +hardened-sources-2.4.28-r4.ebuild:
855     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
856     backport of neighbour hash updates.
857 tocharian 1.47
858     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
859     hardened-sources-2.4.28-r3.ebuild:
860     Stable on x86
861 tseng 1.46
862     *hardened-sources-2.6.10-r3 (20 Jan 2005)
863    
864     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
865     +hardened-sources-2.6.10-r3.ebuild:
866     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
867     in 2005.0
868 tocharian 1.45
869     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
870     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
871     hardened-sources-2.4.28-r2.ebuild:
872     Mark stable on x86
873 tocharian 1.44
874     *hardened-sources-2.4.28-r3 (17 Jan 2005)
875    
876     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
877     +hardened-sources-2.4.28-r3.ebuild:
878     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
879 tocharian 1.43
880     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
881     hardened-sources-2.4.28.ebuild:
882     Mark stable on x86.
883 tocharian 1.42
884     *hardened-sources-2.4.28-r2 (13 Jan 2005)
885    
886     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
887     +hardened-sources-2.4.28-r2.ebuild:
888     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
889     Mazinger for grsecurity patches as well.
890 plasmaroo 1.41
891     *hardened-sources-2.4.28-r1 (23 Dec 2004)
892    
893     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
894     Security bump. Thank tocharian for rolling a new patchset...
895 solar 1.40
896     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
897     +files/2.4.28-grsec-cmdline-race.patch,
898     +files/2.4.28-selinux-binfmt_a.out.patch,
899     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
900     - Round up remaining security patches that appear to be missing in 2.4.28. -
901     PaX standalone updated to current. hgpv=28.1
902 solar 1.39
903     *hardened-sources-2.4.28 (28 Nov 2004)
904    
905     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
906     security bump. Thank tocharian for rolling a new patchset
907 scox 1.31
908 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
909    
910     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
911     +hardened-sources-2.4.27-r3.ebuild:
912     Applies the new 2.4-27.2 patchball which updates
913     GRSecurity to the 2.0.1 version.
914    
915 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
916    
917     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
918     +hardened-sources-2.4.27-r2.ebuild:
919     Version bump.
920     This version uses the new 2.4-27.1 patchball which updates
921     both the SELinux PaX hooks patch and the SELinux headers.
922    
923 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
924    
925     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
926     +hardened-sources-2.4.27-r1.ebuild,
927     -hardened-sources-2.4.27.ebuild,
928     +files/2.4.27-cmdline-race.patch:
929     Version bump, fix for cmdline race. See bug #59905.
930    
931     *hardened-sources-2.4.26-r6 (09 Aug 2004)
932    
933     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
934     +hardened-sources-2.4.26-r6.ebuild,
935     -hardened-sources-2.4.26-r5.ebuild,
936     -hardened-sources-2.4.26-r4.ebuild,
937     +files/2.4.26-cmdline-race.patch:
938     Version bump, fix for cmdline race. See bug #59905.
939    
940 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
941    
942     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943     +hardened-sources-2.4.27.ebuild,
944     +files/2.4.27-CAN-2004-0394.patch:
945     Ported the patchball to the 2.4.27 kernel version.
946    
947 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
948    
949     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
950     +hardened-sources-2.4.26-r5.ebuild:
951 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
952 scox 1.34 It adds the following features:
953     - Squashfs
954     - Ebtables
955     - Netdev random (core+drivers)
956     - Watchdog Timer (WDT) fix.
957    
958 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
959    
960     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
961     +hardened-sources-2.4.26-r4.ebuild,
962     +files/2.4.26-CAN-2004-0415.patch,
963     -hardened-sources-2.4.26-3:
964     Version bump, fix for CAN 0415, see bug #59378.
965    
966 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
967    
968     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
969     +hardened-sources-2.4.26-r3.ebuild,
970     +files/2.4.26-CAN-2004-0497.patch,
971     -hardened-sources-2.4.26-r2.ebuild:
972     Version bump, fixed CAN 0497, see bug #56171.
973    
974 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
975    
976     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
977 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
978 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
979     +files/2.4.26-CAN-2004-0535.patch,
980     -hardened-sources-2.4.26-r1.ebuild:
981     Fixes for both CAN 0495 and 0535, see bug #54976
982 pvdabeel 1.27
983 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
984     hardened-sources-2.4.26-r1.ebuild:
985     QA - fix use invocation
986 scox 1.28
987     *hardened-sources-2.4.26-r1 (22 June 2004)
988    
989     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
990     +hardened-sources-2.4.26-r1.ebuild,
991     +files/2.4.26-CAN-2004-0394.patch,
992     +files/2.4.26-signal-race.patch,
993     -hardened-sources-2.4.26.ebuild,
994     -hardened-sources-2.4.24-r3.ebuild:
995     Version bump for the CAN-2004-0394 issue and bug #53804
996     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
997    
998    
999 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1000     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1001     Masked hardened-sources-2.4.26.ebuild broken for ppc
1002    
1003     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1004     hardened-sources-2.4.24-r3.ebuild:
1005     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1006 plasmaroo 1.25
1007 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1008    
1009     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1010     +hardened-sources-2.4.26.ebuild:
1011     Updated hardened-sources for the 2.4.26 kernel
1012     Removed broken components, updated almost everything.
1013    
1014 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1015    
1016     17 Apr 2004; <plasmaroo@gentoo.org>
1017     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1018     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1019     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1020     +hardened-sources-2.4.24-r3.ebuild:
1021     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1022     vulnerabilities. Old revisions removed.
1023 plasmaroo 1.24
1024     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1025    
1026     15 Apr 2004; <plasmaroo@gentoo.org>
1027     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1028     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1029     Version bump for the CAN-2004-0109 issue; bug #47881.
1030 aliz 1.23
1031     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1032     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1033     Add eutils to inherit.
1034 plasmaroo 1.22
1035     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1036    
1037     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1038     files/hardened-sources-2.4.24.munmap.patch:
1039     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1040 scox 1.19
1041 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1042 scox 1.26
1043 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1044     hardened-sources-2.4.24.ebuild:
1045     Version bump, updated most of the components.
1046     This release includes the following:
1047    
1048     - Hardened security
1049     - Netfilter patch-o-matic 20031219
1050     - FreeSWAN 2.04 & x509 1.4.8
1051     - EVMS 2.2.2
1052     - XFS 1.3.1
1053     - cryptoloop jari
1054     - grsecurity 2.0-rc4
1055     - SELinux
1056     - PaX 200402060000
1057     - PaX Obscurity 200308302223
1058     - Others...
1059    
1060     Neither -ck nor systrace are included anymore.
1061    
1062 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1063    
1064     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1065     hardened-sources-2.4.22-r2.ebuild:
1066 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1067 scox 1.19
1068     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1069 iggy 1.17
1070     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1071 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1072 iggy 1.16
1073     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1074 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1075     Version bump for the 'do_brk' vulnerability.
1076 iggy 1.15
1077     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1078     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1079     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1080     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1081 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1082 frogger 1.14
1083     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1084     hardened-sources-2.4.22.ebuild:
1085 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1086     components. These are no longer handled in the kernel
1087     so this code was not necessary.
1088 frogger 1.13
1089     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1090     New 2.4.22 based hardened-sources thanks to
1091     Phil West <p.west@computer.org>.
1092    
1093     These sources include:
1094 plasmaroo 1.18 - New SELinux API
1095     - Updated CK-base
1096     - Updated GRSec
1097     - Systrace
1098     - SuperFreeS/WAN 1.99.8
1099     - Propolice kernel build support
1100     - EVMS
1101     - Other various security related patches
1102 frogger 1.11
1103 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1104    
1105     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1106     Updated hardened-sources based on the 2.4.21 Linux kernel.
1107     This includes updates to most major components such as:
1108 plasmaroo 1.18 - ck-base-0306300059
1109     - selinux-2.4-2003071106
1110     - grsecurity-2.0-rc1
1111     - Updated IPTables patch-o-matic
1112     - Updated SuperFreeS/WAN
1113    
1114 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1115     updated patch set ready for the 2.4.21 based kernel.
1116    
1117 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1118     Initial import of hardened-sources-2.4.20-r4. This revision
1119     includes only a few changes, but one of these is an important
1120     security fix. It is recommended all users of hardened-sources
1121     upgrade to this release.
1122 plasmaroo 1.18
1123 frogger 1.11 - ioperm bug fix
1124     - fixed compilation failure when building without GRSec
1125 plasmaroo 1.18
1126 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1127     due to time constraints, but is planned for inclusion in the near
1128     future.
1129 msterret 1.10
1130     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1131    
1132     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1133     hardened-sources-2.4.20-r3.ebuild:
1134 plasmaroo 1.18 Add Header...
1135 frogger 1.9
1136     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1137     hardened-sources-2.4.20-r3.ebuild:
1138     Removed warnings from ebuild. This kernel should be safe to
1139     use at this point.
1140 frogger 1.8
1141     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1142    
1143     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1144     hardened-sources-2.4.20-r3.ebuild:
1145     New revision. Includes the following changes over -r2:
1146 plasmaroo 1.18
1147 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1148     - Super FreeS/WAN 1.99.7rc2
1149     - PaX for the LSM/SELinux branch
1150     - GRSecurity 2.0-pre4 (role based access control)
1151     - Systrace 1.3
1152     - EXT3 fixes
1153     - EVMS 2.0.1
1154     - GCC 3.1+ compile optimizations
1155     - ProPolice kernel build support
1156     - Hashing table security fixes
1157 frogger 1.3
1158     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1159 frogger 1.7
1160     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1161     Initial import of hardened-sources-r2. This new
1162     ebuild includes many new performance and security
1163     related patches. As in -r1, it will patch in
1164     LSM/SELinux if "selinux" is in USE, otherwise it
1165     will patch in GRSecurity. The following patches
1166     are included in this revision:
1167 plasmaroo 1.18
1168 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1169     (pulled from the base CK patch)
1170     - ptrace exploit patch for the LSM kernel
1171     (the GRSec patch already fixes this)
1172     - LSM 2.4-2003040709
1173     - SELinux 2.4-2003040709
1174     - Systrace v1.2
1175     - IPTables patch-o-matic base patches - 20030107
1176     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1177     - Super FreeS/WAN 1.99.6.1
1178     - GRSecurity 1.9.9g
1179     - MPPE
1180     - EXT3 data journal fix
1181     - CIPE 1.5.4
1182 frogger 1.6
1183     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1184     hardened-sources-2.4.20-r1.ebuild, manifest:
1185 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1186 frogger 1.5
1187     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1188     hardened-sources-2.4.20-r1.ebuild:
1189     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1190     is patched in instead. Ptrace patches for selinux have also been added. In
1191     either case, systrace support will be patched in as well.
1192 frogger 1.3
1193     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1194     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1195 plasmaroo 1.18 Revision bump for new sources.
1196 frogger 1.4
1197 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1198 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1199 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1200 method 1.1
1201 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1202    
1203 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1204     hardened-sources-2.4.20.ebuild:
1205 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20