/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.193 - (hide annotations) (download)
Sun Oct 21 15:58:24 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.192: +8 -1 lines
Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable patches.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.193 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.192 2007/10/21 12:25:33 phreak Exp $
4    
5     *hardened-sources-2.4.35-r2 (21 Oct 2007)
6    
7     21 Oct 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.4.35-r2.ebuild:
9     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
10     patches.
11 phreak 1.192
12     *hardened-sources-2.6.22-r8 (21 Oct 2007)
13    
14     21 Oct 2007; Christian Heim <phreak@gentoo.org>
15     +hardened-sources-2.6.22-r8.ebuild:
16     Yet another new patch, hopefully fixing the remaining issues we had w/
17     2.6.22. Candidate for stabling.
18 phreak 1.191
19     *hardened-sources-2.6.23 (13 Oct 2007)
20    
21     13 Oct 2007; Christian Heim <phreak@gentoo.org>
22     +hardened-sources-2.6.23.ebuild:
23     Initial hardened-sources-2.6.23. If people still have problems w/ bug
24     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
25 phreak 1.190
26     11 Oct 2007; Christian Heim <phreak@gentoo.org>
27     hardened-sources-2.6.20-r10.ebuild:
28     Pulling in yet another new genpatches version, fixing the PWC bug for real.
29 phreak 1.189
30     04 Oct 2007; Christian Heim <phreak@gentoo.org>
31     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
32     Removing old versions.
33 phreak 1.188
34     *hardened-sources-2.6.22-r7 (01 Oct 2007)
35    
36     01 Oct 2007; Christian Heim <phreak@gentoo.org>
37     +hardened-sources-2.6.22-r7.ebuild:
38     Revision bump, pulling in a newer patch. Should fix #194276.
39 phreak 1.187
40     30 Sep 2007; Christian Heim <phreak@gentoo.org>
41     hardened-sources-2.6.20-r10.ebuild:
42     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
43     Mike Doty).
44 phreak 1.186
45     *hardened-sources-2.6.22-r6 (26 Sep 2007)
46    
47     26 Sep 2007; Christian Heim <phreak@gentoo.org>
48     +hardened-sources-2.6.22-r6.ebuild:
49     Revision bump, grabbing up till Linux 2.6.22.9.
50 phreak 1.185
51     24 Sep 2007; Christian Heim <phreak@gentoo.org>
52     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
53     Cleaning up further.
54 phreak 1.184
55     *hardened-sources-2.6.20-r10 (24 Sep 2007)
56    
57     24 Sep 2007; Christian Heim <phreak@gentoo.org>
58     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
59     +hardened-sources-2.6.20-r10.ebuild:
60     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
61     revisions.
62 phreak 1.183
63     *hardened-sources-2.6.22-r5 (22 Sep 2007)
64    
65     22 Sep 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.22-r5.ebuild:
67     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
68 phreak 1.182
69     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
70     Removing johnm from metadata.xml (see #186467 for reference).
71 phreak 1.181
72     *hardened-sources-2.6.22-r4 (17 Sep 2007)
73    
74     17 Sep 2007; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.22-r4.ebuild:
76     Revision bump, hopefully fixing all those weird PAX failures.
77 phreak 1.180
78     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
79     Updating the metadata.xml.
80 phreak 1.179
81     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
82     Removing tocharian from metadata due to his retirement (see #71718 for
83     reference).
84 phreak 1.178
85     *hardened-sources-2.6.20-r9 (30 Aug 2007)
86    
87     30 Aug 2007; Christian Heim <phreak@gentoo.org>
88     +hardened-sources-2.6.20-r9.ebuild:
89     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
90 phreak 1.177
91     29 Aug 2007; Christian Heim <phreak@gentoo.org>
92     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
93     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
94     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
95     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
96     -hardened-sources-2.6.22-r2.ebuild:
97     Removing some redundant versions.
98 phreak 1.176
99     *hardened-sources-2.4.35-r1 (29 Aug 2007)
100    
101     29 Aug 2007; Christian Heim <phreak@gentoo.org>
102     +hardened-sources-2.4.35-r1.ebuild:
103     Revision bump, new grsecurity patch.
104 phreak 1.175
105     *hardened-sources-2.6.20-r8 (26 Aug 2007)
106    
107     26 Aug 2007; Christian Heim <phreak@gentoo.org>
108     +hardened-sources-2.6.20-r8.ebuild:
109     Revision bump for Linux 2.6.20.17.
110 phreak 1.174
111     *hardened-sources-2.6.22-r3 (22 Aug 2007)
112    
113     22 Aug 2007; Christian Heim <phreak@gentoo.org>
114     +hardened-sources-2.6.22-r3.ebuild:
115     Revision bump for Linux 2.6.22.4.
116 phreak 1.173
117     16 Aug 2007; Christian Heim <phreak@gentoo.org>
118     hardened-sources-2.6.22-r2.ebuild:
119     Updated patchset, to fix the alignment against 2.6.22.3.
120 phreak 1.172
121     *hardened-sources-2.6.22-r2 (16 Aug 2007)
122    
123     16 Aug 2007; Christian Heim <phreak@gentoo.org>
124     +hardened-sources-2.6.22-r2.ebuild:
125     Revision bump for Linux 2.6.22.3.
126 phreak 1.171
127     *hardened-sources-2.4.35 (16 Aug 2007)
128    
129     16 Aug 2007; Christian Heim <phreak@gentoo.org>
130     +hardened-sources-2.4.35.ebuild:
131     Version bump, initial version for Linux 2.4.35.
132 phreak 1.170
133     *hardened-sources-2.6.21-r4 (16 Aug 2007)
134    
135     16 Aug 2007; Christian Heim <phreak@gentoo.org>
136     +hardened-sources-2.6.21-r4.ebuild:
137     Revision bump for Linux 2.6.21.6.
138 phreak 1.169
139     *hardened-sources-2.6.20-r7 (16 Aug 2007)
140    
141     16 Aug 2007; Christian Heim <phreak@gentoo.org>
142     +hardened-sources-2.6.20-r7.ebuild:
143     Revision bump for Linux 2.6.20.16.
144 phreak 1.168
145     *hardened-sources-2.6.22-r1 (13 Aug 2007)
146    
147     13 Aug 2007; Christian Heim <phreak@gentoo.org>
148     +hardened-sources-2.6.22-r1.ebuild:
149     Yet another revision bump.
150 phreak 1.167
151     *hardened-sources-2.6.22 (10 Aug 2007)
152    
153     10 Aug 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.6.22.ebuild:
155     Initial release for 2.6.22. If you are using hardened-sources on a desktop
156     machine (P4 or newer), be aware you might need to disable
157     CONFIG_PAX_PAGEEXEC.
158 phreak 1.166
159     04 Aug 2007; Christian Heim <phreak@gentoo.org>
160     hardened-sources-2.6.20-r6.ebuild:
161     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
162     2.6.20.15.
163 phreak 1.165
164     10 Jul 2007; Christian Heim <phreak@gentoo.org>
165     hardened-sources-2.6.20-r5.ebuild:
166     Marking hardened-sources-2.6.20-r5 stable on ppc.
167 phreak 1.164
168     10 Jul 2007; Christian Heim <phreak@gentoo.org>
169     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
170     Cleanup.
171 phreak 1.163
172     *hardened-sources-2.6.20-r6 (08 Jul 2007)
173    
174     08 Jul 2007; Christian Heim <phreak@gentoo.org>
175     +hardened-sources-2.6.20-r6.ebuild:
176     Revision bump, grabbing yet another stable release.
177 phreak 1.162
178     17 Jun 2007; Christian Heim <phreak@gentoo.org>
179     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
180     -hardened-sources-2.6.21-r2.ebuild:
181     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
182     alpha stable KEYWORD by mistake.
183 phreak 1.161
184     17 Jun 2007; Christian Heim <phreak@gentoo.org>
185     hardened-sources-2.6.20-r5.ebuild:
186     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
187     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
188 phreak 1.160
189     *hardened-sources-2.6.21-r3 (12 Jun 2007)
190    
191     12 Jun 2007; Christian Heim <phreak@gentoo.org>
192     +hardened-sources-2.6.21-r3.ebuild:
193     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
194     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
195     love.
196 phreak 1.159
197     *hardened-sources-2.6.20-r5 (11 Jun 2007)
198    
199     11 Jun 2007; Christian Heim <phreak@gentoo.org>
200     +hardened-sources-2.6.20-r5.ebuild:
201     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
202     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
203     love.
204 pappy 1.158
205     *hardened-sources-2.4.34.5 (11 Jun 2007)
206    
207     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
208     +hardened-sources-2.4.34.5.ebuild:
209     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
210 phreak 1.157
211     30 May 2007; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
213     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
214     stale ebuild(s).
215 phreak 1.156
216     30 May 2007; Christian Heim <phreak@gentoo.org>
217     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
218     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
219     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
220     Doing some cleanups, remove stale ebuilds.
221 phreak 1.155
222     26 May 2007; Christian Heim <phreak@gentoo.org>
223     hardened-sources-2.6.21-r2.ebuild:
224     Fixing the grsecurity patch, had one '};' too much.
225 phreak 1.154
226     *hardened-sources-2.6.21-r2 (26 May 2007)
227    
228     26 May 2007; Christian Heim <phreak@gentoo.org>
229     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
230     +hardened-sources-2.6.21-r2.ebuild:
231     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
232     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
233 phreak 1.153
234     *hardened-sources-2.6.20-r4 (26 May 2007)
235    
236     26 May 2007; Christian Heim <phreak@gentoo.org>
237     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
238     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
239 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
240 phreak 1.152
241     15 May 2007; Christian Heim <phreak@gentoo.org>
242     hardened-sources-2.6.20-r3.ebuild:
243     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
244     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
245     grsecurity patch fail in that exact same hunk.
246 phreak 1.151
247     *hardened-sources-2.6.20-r3 (15 May 2007)
248    
249     15 May 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
251     Revision bump, incorporating Linux 2.6.20.11.
252    
253     *hardened-sources-2.6.21-r1 (11 May 2007)
254    
255     11 May 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.21-r1.ebuild:
257     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
258     mentioned in #177234.
259 kevquinn 1.150
260     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
261     files/digest-hardened-sources-2.6.21, Manifest:
262     Fix Manifest/digest for linux-2.6.21.tar.bz2
263 phreak 1.149
264     06 May 2007; Christian Heim <phreak@gentoo.org>
265     hardened-sources-2.6.21.ebuild:
266     Bumping the hardened-patches version, needed for the fix for #177234.
267 phreak 1.148
268     *hardened-sources-2.6.21 (02 May 2007)
269    
270     02 May 2007; Christian Heim <phreak@gentoo.org>
271     +hardened-sources-2.6.21.ebuild:
272     Version bump, Linux 2.6.21-hardened.
273 phreak 1.147
274     29 Apr 2007; Christian Heim <phreak@gentoo.org>
275     hardened-sources-2.6.20-r2.ebuild:
276     Adding ~ia64 on Ned's request.
277 phreak 1.146
278     29 Apr 2007; Christian Heim <phreak@gentoo.org>
279     hardened-sources-2.6.20-r2.ebuild:
280     Fixing the included grsecurity patch, wasn't alligning due to the Index:
281     header line(s).
282 phreak 1.145
283     29 Apr 2007; Christian Heim <phreak@gentoo.org>
284     hardened-sources-2.6.20-r2.ebuild:
285     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
286 armin76 1.144
287     *hardened-sources-2.6.20-r2 (10 Apr 2007)
288    
289     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
290     +hardened-sources-2.6.20-r2.ebuild:
291     Version bump, on behalf of phreak
292 phreak 1.143
293     *hardened-sources-2.6.20-r1 (04 Apr 2007)
294    
295     04 Apr 2007; Christian Heim <phreak@gentoo.org>
296     +hardened-sources-2.6.20-r1.ebuild:
297     Revision bump, grabbing a newer grsecurity snapshot.
298 phreak 1.142
299     *hardened-sources-2.6.20 (25 Mar 2007)
300    
301     25 Mar 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.20.ebuild:
303     Finally a hardened-sources version for 2.6.20; many people have been waiting
304     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
305     testbox.
306 chainsaw 1.141
307     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
308     hardened-sources-2.6.18-r6.ebuild:
309     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
310 phreak 1.140
311     *hardened-sources-2.6.18-r6 (16 Mar 2007)
312    
313     16 Mar 2007; Christian Heim <phreak@gentoo.org>
314     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
315     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
316     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
317     supposed to be.
318 phreak 1.139
319     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
320     Fixing the Manifest, the previous one was broken (as in still had the
321     deleted ebuild in it).
322 phreak 1.138
323     06 Mar 2007; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
325     +hardened-sources-2.6.18-r5.ebuild:
326     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
327     Linux 2.6.18.8. Also cleaning up the older version.
328    
329     *hardened-sources-2.6.18-r5 (06 Mar 2007)
330    
331     06 Mar 2007; Christian Heim <phreak@gentoo.org>
332     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
333     +hardened-sources-2.6.18-r5.ebuild:
334     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
335     Linux 2.6.18.8. Also cleaning up the older version.
336 phreak 1.137
337     24 Feb 2007; Christian Heim <phreak@gentoo.org>
338     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
339     -hardened-sources-2.6.19-r5.ebuild:
340     Removing some of the old version, that didn't work.
341 phreak 1.136
342     *hardened-sources-2.6.19-r6 (12 Feb 2007)
343    
344     12 Feb 2007; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.19-r6.ebuild:
346     Revision bump, including a new grsec version fixing #166235.
347 pappy 1.134
348     *hardened-sources-2.4.34 (24 Jan 2007)
349    
350     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
351 pappy 1.135 Manifest:
352     updating Manifest with checksums of new tarball and ebuild
353    
354     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
355 pappy 1.134 +hardened-sources-2.4.34.ebuild:
356     I added new hardened sources 2.4 update, this is a critical path
357     security bugfix - all users of h-s are strongly advised
358     to update their existing hardened sources to this version.
359     It contains a fix for a kernel vulnerability that is pertaining
360     to the PaX changes to virtual memory management, possibly leading
361     to a local kernel exploit ... see grsecurity.net forums and homepage
362 phreak 1.133
363     23 Jan 2007; Christian Heim <phreak@gentoo.org>
364     files/digest-hardened-sources-2.6.19-r5, Manifest:
365     Fixing the patch-tarball digest.
366 phreak 1.132
367     *hardened-sources-2.6.19-r5 (23 Jan 2007)
368    
369     23 Jan 2007; Christian Heim <phreak@gentoo.org>
370     +hardened-sources-2.6.19-r5.ebuild:
371     Revision bump, closing the recently discovered PaX expand_stack()
372     vulnerability.
373 phreak 1.131
374     *hardened-sources-2.6.19-r4 (14 Jan 2007)
375    
376     14 Jan 2007; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.19-r4.ebuild:
378     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
379     dropping the randomized PID feature.
380 opfer 1.130
381     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
382     hardened-sources-2.4.33.4.ebuild:
383     stable x86, bug #161171
384 phreak 1.129
385     *hardened-sources-2.6.19-r3 (27 Dec 2006)
386    
387     27 Dec 2006; Christian Heim <phreak@gentoo.org>
388     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
389     Revision bump for bug #157186 and #158786.
390 phreak 1.128
391     *hardened-sources-2.6.18-r4 (27 Dec 2006)
392    
393     27 Dec 2006; Christian Heim <phreak@gentoo.org>
394     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
395     Revision bump for bug #157186.
396 phreak 1.127
397     *hardened-sources-2.6.19-r2 (23 Dec 2006)
398    
399     23 Dec 2006; Christian Heim <phreak@gentoo.org>
400     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
401     Revision bump to pull in genpatches-2.6.19-3 for #157186.
402 phreak 1.126
403     17 Dec 2006; Christian Heim <phreak@gentoo.org>
404     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
405     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
406     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
407     hardened-sources-2.6.19-r1.ebuild:
408     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
409     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
410 pappy 1.125
411     *hardened-sources-2.4.33.4 (17 Dec 2006)
412    
413     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
414     +hardened-sources-2.4.33.4.ebuild:
415     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
416     and quilting
417 phreak 1.124
418     *hardened-sources-2.6.19-r1 (14 Dec 2006)
419    
420     14 Dec 2006; Christian Heim <phreak@gentoo.org>
421     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
422     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
423     for reporting).
424 phreak 1.123
425     *hardened-sources-2.6.19 (13 Dec 2006)
426    
427     13 Dec 2006; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.19.ebuild:
429     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
430     Brad for providing that prompt update.
431 phreak 1.122
432     *hardened-sources-2.6.18-r3 (13 Dec 2006)
433    
434     13 Dec 2006; Christian Heim <phreak@gentoo.org>
435     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
436     +hardened-sources-2.6.18-r3.ebuild:
437     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
438     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
439 phreak 1.121
440     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
441     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
442 nixnut 1.120
443     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
444     Stable on ppc wrt bug 157356
445 opfer 1.119
446     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
447     hardened-sources-2.6.18.ebuild:
448     stable x86, bug #157356
449 phreak 1.118
450     *hardened-sources-2.6.18-r2 (06 Dec 2006)
451    
452     06 Dec 2006; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.18-r2.ebuild:
454     Revision bump, including 2.6.18.5 (via genpatches) and
455     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
456     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
457     redesign.
458 phreak 1.117
459     06 Dec 2006; Christian Heim <phreak@gentoo.org>
460     hardened-sources-2.6.18.ebuild:
461     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
462     of Mike Doty).
463 phreak 1.116
464     *hardened-sources-2.6.18-r1 (23 Nov 2006)
465    
466     23 Nov 2006; Christian Heim <phreak@gentoo.org>
467     +hardened-sources-2.6.18-r1.ebuild:
468     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
469 phreak 1.115
470     *hardened-sources-2.6.18 (11 Nov 2006)
471    
472     11 Nov 2006; Christian Heim <phreak@gentoo.org>
473     +hardened-sources-2.6.18.ebuild:
474     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
475 solar 1.114
476     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
477     - mark amd64 stable also. bug #151877
478 solar 1.113
479     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
480     - mark 2.6.17-r1 stable
481 phreak 1.112
482     27 Aug 2006; Christian Heim <phreak@gentoo.org>
483     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
484     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
485 phreak 1.111
486     *hardened-sources-2.6.17-r1 (26 Aug 2006)
487    
488     26 Aug 2006; Christian Heim <phreak@gentoo.org>
489     +hardened-sources-2.6.17-r1.ebuild:
490     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
491     grsecurity patch.
492 phreak 1.110
493     *hardened-sources-2.6.17 (17 Aug 2006)
494    
495     17 Aug 2006; Christian Heim <phreak@gentoo.org>
496     +hardened-sources-2.6.17.ebuild:
497     Bumping the hardened-sources-2.6 series to 2.6.17, using
498     genpatches-2.6.17-6.base.
499 solar 1.109
500     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
501     - stable on x86 and amd64
502 solar 1.108
503     *hardened-sources-2.6.16-r11 (15 Jul 2006)
504    
505     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
506     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
507     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
508     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
509     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
510     crusty ebuilds
511 johnm 1.107
512     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
513     hardened-sources-2.6.16-r10.ebuild:
514     marking stable on x86 and amd64
515 solar 1.106
516     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
517     - 2.4.32-r6 stable on x86. RSBAC state unknown
518 kang 1.105
519     *hardened-sources-2.4.32-r7 (10 Jul 2006)
520    
521     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
522     +hardened-sources-2.4.32-r7.ebuild:
523     Bump PaX for RSBAC to test-17
524 johnm 1.104
525     *hardened-sources-2.6.16-r9 (03 Jul 2006)
526    
527     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
528     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
529     hardened-sources-2.6.16 bump to latest -base.
530 solar 1.103
531     *hardened-sources-2.4.32-r6 (30 Jun 2006)
532    
533     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
534     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
535     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
536     sysctl controlable resource logging
537 johnm 1.102
538     *hardened-sources-2.6.16-r7 (05 Jun 2006)
539    
540     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
541     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
542     push new 2.6.16 release in preparation for stable
543 solar 1.101
544     22 May 2006; <solar@gentoo.org> :
545     - redigest bug 134002
546 kang 1.100
547     *hardened-sources-2.4.32-r5 (16 May 2006)
548    
549     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
550     +hardened-sources-2.4.32-r5.ebuild:
551     Fixes rsbac common patching (new patch in new -r5 patchset)
552 solar 1.99
553     *hardened-sources-2.4.32-r4 (13 May 2006)
554    
555     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
556     +hardened-sources-2.4.32-r4.ebuild:
557     - security bumps
558 johnm 1.98
559     *hardened-sources-2.6.16-r6 (03 May 2006)
560    
561     03 May 2006; John Mylchreest <johnm@gentoo.org>
562     +hardened-sources-2.6.16-r6.ebuild:
563     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
564 johnm 1.97
565     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
566     hardened-sources-2.6.14-r8.ebuild:
567     fix x86_64 build problem, this will delay the digest issue again for a short
568     while but it will sort itself out
569 johnm 1.96
570     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
571     hardened-sources-2.6.14-r8.ebuild:
572     bump hardened patchset
573 antarus 1.94
574     27 Apr 2006; Alec Warner <antarus@gentoo.org>
575     files/digest-hardened-sources-2.4.32-r2,
576     files/digest-hardened-sources-2.4.32-r3,
577     files/digest-hardened-sources-2.6.14-r8, Manifest:
578     Fixing duff SHA256 digests: Bug # 131293
579 johnm 1.93
580 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
581    
582     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
583     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
584     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
585     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
586     cleanup of old uneccessary sources
587    
588 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
589     fix digest
590 johnm 1.92
591     *hardened-sources-2.6.14-r8 (20 Apr 2006)
592    
593     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
594     +hardened-sources-2.6.14-r8.ebuild:
595     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
596 johnm 1.91
597     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
598     Turning on gpg-signing again, and recomitting
599 johnm 1.90
600     *hardened-sources-2.6.16-r4 (20 Apr 2006)
601    
602     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
603     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
604     +hardened-sources-2.6.16-r4.ebuild:
605     Fix numerous security vulns
606 solar 1.89
607     *hardened-sources-2.4.32-r3 (16 Apr 2006)
608    
609     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
610     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
611     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
612     - security bump for bug #112791. Removed old ebuilds
613 johnm 1.88
614     *hardened-sources-2.6.16-r3 (15 Apr 2006)
615    
616     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
617     +hardened-sources-2.6.16-r3.ebuild:
618     Removing silly localversion which I missed
619 johnm 1.87
620     *hardened-sources-2.6.14-r7 (14 Apr 2006)
621    
622     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
623     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
624     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
625 johnm 1.86
626     *hardened-sources-2.6.16-r2 (13 Apr 2006)
627    
628     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
629     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
630     +hardened-sources-2.6.16-r2.ebuild:
631     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
632     labels, dropping USERGROUP define fixes, since these were merged mainstream.
633 johnm 1.85
634     *hardened-sources-2.6.16-r1 (11 Apr 2006)
635    
636     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
637     +hardened-sources-2.6.16-r1.ebuild:
638     Bumping to include ppc build fix and 2.6.16.3
639 tsunam 1.84
640     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
641     hardened-sources-2.6.14-r6.ebuild:
642     Stable on x86; bug #127718
643 johnm 1.83
644     *hardened-sources-2.6.16 (31 Mar 2006)
645    
646     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
647     +hardened-sources-2.6.16.ebuild:
648     Bumping to new version of grsec, and kernel base. New squashfs. Based on
649     2.6.16.1
650 cryos 1.82
651     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
652     hardened-sources-2.6.14-r6.ebuild:
653     Stable on amd64, bug 127718.
654 nixnut 1.81
655     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
656     Stable on ppc. Bug #127718
657 johnm 1.80
658     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
659     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
660     -hardened-sources-2.6.14-r4.ebuild:
661     Cleanup.
662 johnm 1.79
663     *hardened-sources-2.6.14-r6 (15 Mar 2006)
664    
665     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
666     +hardened-sources-2.6.14-r6.ebuild:
667     Fixes grsec policy recreation bug and adds a
668     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
669 solar 1.78
670     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
671     - stable on x86
672 hansmi 1.77
673     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
674     hardened-sources-2.6.14-r5.ebuild:
675     Stable on ppc.
676 johnm 1.76
677     *hardened-sources-2.6.14-r5 (01 Feb 2006)
678    
679     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
680     +hardened-sources-2.6.14-r5.ebuild:
681     fixing every known exploit
682 solar 1.75
683     *hardened-sources-2.4.32-r2 (26 Jan 2006)
684    
685     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
686     +hardened-sources-2.4.32-r2.ebuild:
687     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
688 solar 1.74
689     *hardened-sources-2.6.14-r4 (12 Jan 2006)
690    
691     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
692     - version bump for new genpatches which fix up a few sec holes
693 solar 1.73
694     *hardened-sources-2.4.32-r1 (05 Jan 2006)
695    
696     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
697     - revision bump to add misc vital linux kernel security patches.
698 johnm 1.72
699     *hardened-sources-2.6.14-r3 (30 Dec 2005)
700    
701     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
702     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
703     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
704 johnm 1.71
705     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
706     hardened-sources-2.6.14-r2.ebuild:
707     making x86 & amd64 stable following testing.
708 johnm 1.70
709     *hardened-sources-2.6.14-r2 (27 Dec 2005)
710    
711     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
712     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
713     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
714     network hooks.
715 johnm 1.69
716     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
717     hardened-sources-2.6.14-r1.ebuild:
718     bumping to stable early for sec fix on x86 & amd64
719 johnm 1.68
720     *hardened-sources-2.6.14-r1 (05 Dec 2005)
721    
722     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
723     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
724     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
725 solar 1.67
726     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
727     - stable on x86 security bug #114227 CAN-2005-3257
728 kang 1.66
729     *hardened-sources-2.4.32 (19 Nov 2005)
730    
731     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
732     +hardened-sources-2.4.32.ebuild:
733     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
734     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
735     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
736     rsbac >> /etc/portage/package.use)
737 johnm 1.65
738     *hardened-sources-2.6.14 (14 Nov 2005)
739    
740     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
741     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
742     Bumping 2.6 series to 2.6.14.2
743 johnm 1.64
744     *hardened-sources-2.6.13-r2 (20 Oct 2005)
745    
746     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
747     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
748     +hardened-sources-2.6.13-r2.ebuild:
749     Fixes minor build error in ppc.
750 johnm 1.63
751     *hardened-sources-2.6.13-r1 (17 Oct 2005)
752    
753     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
754     +hardened-sources-2.6.13-r1.ebuild:
755     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
756     2.6.13.4, fixes some major amd64 stability problems.
757 johnm 1.62
758     *hardened-sources-2.6.13 (16 Sep 2005)
759    
760     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
761     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
762     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
763     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
764     users should test this thoroughly.
765 solar 1.61
766     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
767     - stable on x86
768 johnm 1.60
769     *hardened-sources-2.6.11-r15 (27 Jun 2005)
770    
771     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
772     +hardened-sources-2.6.11-r15.ebuild:
773     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
774     grsec redefining curr_ip struct.
775 solar 1.59
776     *hardened-sources-2.4.31 (20 Jun 2005)
777    
778     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
779     initial import of 2.4.31 tree
780 johnm 1.58
781     *hardened-sources-2.6.11-r14 (14 Jun 2005)
782    
783     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
784     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
785     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
786     naming scheme to abide by genpatches
787 johnm 1.57
788     *hardened-sources-2.6.11-r13 (18 May 2005)
789    
790     18 May 2005; John Mylchreest <johnm@gentoo.org>
791     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
792     Managed to mangle the Makefile patch from grsec, to miss out the grsec
793     target. sorry about that. Fixes bug #93022
794 johnm 1.56
795     *hardened-sources-2.6.11-r12 (17 May 2005)
796    
797     17 May 2005; John Mylchreest <johnm@gentoo.org>
798     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
799     +hardened-sources-2.6.11-r12.ebuild:
800     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
801     merges in genpatches-base
802 johnm 1.55
803     *hardened-sources-2.6.11-r12 (17 May 2005)
804    
805     17 May 2005; John Mylchreest <johnm@gentoo.org>
806     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
807     +hardened-sources-2.6.11-r12.ebuild:
808     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
809     merges in genpatches-base
810 solar 1.54
811     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
812     -files/2.4.27-cmdline-race.patch,
813     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
814     -files/2.4.28-grsec-binfmt_a.out.patch,
815     -files/2.4.28-grsec-cmdline-race.patch,
816     -files/2.4.28-selinux-binfmt_a.out.patch,
817     -files/2.4.28-selinux-cmdline-race.patch,
818     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
819     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
820     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
821     cleanup..
822 solar 1.53
823     *hardened-sources-2.4.30-r1 (21 Apr 2005)
824    
825     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
826     - disable aout by default
827 solar 1.52
828     *hardened-sources-2.4.30 (18 Apr 2005)
829    
830     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
831     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
832     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
833     use
834 tocharian 1.50
835 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
836    
837     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
838     +hardened-sources-2.4.29.ebuild:
839     New hardened-patches-2.4-29.0 patchball.
840     Removed SELinux support, upgraded GRSecurity to 2.1.4.
841    
842     *hardened-sources-2.4.28-r5 (06 Mar 2005)
843    
844     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
845     +hardened-sources-2.4.28-r5.ebuild:
846     Added a fix for a PaX vulnerability.
847    
848     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
849 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
850     Stable on x86
851 solar 1.49
852     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
853     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
854     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
855     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
856     - fixed/added RDEPEND= in all kernel-2 ebuilds
857 tocharian 1.48
858     *hardened-sources-2.4.28-r4 (21 Jan 2005)
859    
860     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
861     +hardened-sources-2.4.28-r4.ebuild:
862     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
863     backport of neighbour hash updates.
864 tocharian 1.47
865     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
866     hardened-sources-2.4.28-r3.ebuild:
867     Stable on x86
868 tseng 1.46
869     *hardened-sources-2.6.10-r3 (20 Jan 2005)
870    
871     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
872     +hardened-sources-2.6.10-r3.ebuild:
873     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
874     in 2005.0
875 tocharian 1.45
876     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
877     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
878     hardened-sources-2.4.28-r2.ebuild:
879     Mark stable on x86
880 tocharian 1.44
881     *hardened-sources-2.4.28-r3 (17 Jan 2005)
882    
883     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
884     +hardened-sources-2.4.28-r3.ebuild:
885     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
886 tocharian 1.43
887     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
888     hardened-sources-2.4.28.ebuild:
889     Mark stable on x86.
890 tocharian 1.42
891     *hardened-sources-2.4.28-r2 (13 Jan 2005)
892    
893     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
894     +hardened-sources-2.4.28-r2.ebuild:
895     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
896     Mazinger for grsecurity patches as well.
897 plasmaroo 1.41
898     *hardened-sources-2.4.28-r1 (23 Dec 2004)
899    
900     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
901     Security bump. Thank tocharian for rolling a new patchset...
902 solar 1.40
903     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
904     +files/2.4.28-grsec-cmdline-race.patch,
905     +files/2.4.28-selinux-binfmt_a.out.patch,
906     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
907     - Round up remaining security patches that appear to be missing in 2.4.28. -
908     PaX standalone updated to current. hgpv=28.1
909 solar 1.39
910     *hardened-sources-2.4.28 (28 Nov 2004)
911    
912     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
913     security bump. Thank tocharian for rolling a new patchset
914 scox 1.31
915 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
916    
917     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
918     +hardened-sources-2.4.27-r3.ebuild:
919     Applies the new 2.4-27.2 patchball which updates
920     GRSecurity to the 2.0.1 version.
921    
922 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
923    
924     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
925     +hardened-sources-2.4.27-r2.ebuild:
926     Version bump.
927     This version uses the new 2.4-27.1 patchball which updates
928     both the SELinux PaX hooks patch and the SELinux headers.
929    
930 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
931    
932     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
933     +hardened-sources-2.4.27-r1.ebuild,
934     -hardened-sources-2.4.27.ebuild,
935     +files/2.4.27-cmdline-race.patch:
936     Version bump, fix for cmdline race. See bug #59905.
937    
938     *hardened-sources-2.4.26-r6 (09 Aug 2004)
939    
940     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
941     +hardened-sources-2.4.26-r6.ebuild,
942     -hardened-sources-2.4.26-r5.ebuild,
943     -hardened-sources-2.4.26-r4.ebuild,
944     +files/2.4.26-cmdline-race.patch:
945     Version bump, fix for cmdline race. See bug #59905.
946    
947 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
948    
949     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
950     +hardened-sources-2.4.27.ebuild,
951     +files/2.4.27-CAN-2004-0394.patch:
952     Ported the patchball to the 2.4.27 kernel version.
953    
954 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
955    
956     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
957     +hardened-sources-2.4.26-r5.ebuild:
958 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
959 scox 1.34 It adds the following features:
960     - Squashfs
961     - Ebtables
962     - Netdev random (core+drivers)
963     - Watchdog Timer (WDT) fix.
964    
965 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
966    
967     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
968     +hardened-sources-2.4.26-r4.ebuild,
969     +files/2.4.26-CAN-2004-0415.patch,
970     -hardened-sources-2.4.26-3:
971     Version bump, fix for CAN 0415, see bug #59378.
972    
973 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
974    
975     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
976     +hardened-sources-2.4.26-r3.ebuild,
977     +files/2.4.26-CAN-2004-0497.patch,
978     -hardened-sources-2.4.26-r2.ebuild:
979     Version bump, fixed CAN 0497, see bug #56171.
980    
981 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
982    
983     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
984 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
985 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
986     +files/2.4.26-CAN-2004-0535.patch,
987     -hardened-sources-2.4.26-r1.ebuild:
988     Fixes for both CAN 0495 and 0535, see bug #54976
989 pvdabeel 1.27
990 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
991     hardened-sources-2.4.26-r1.ebuild:
992     QA - fix use invocation
993 scox 1.28
994     *hardened-sources-2.4.26-r1 (22 June 2004)
995    
996     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
997     +hardened-sources-2.4.26-r1.ebuild,
998     +files/2.4.26-CAN-2004-0394.patch,
999     +files/2.4.26-signal-race.patch,
1000     -hardened-sources-2.4.26.ebuild,
1001     -hardened-sources-2.4.24-r3.ebuild:
1002     Version bump for the CAN-2004-0394 issue and bug #53804
1003     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1004    
1005    
1006 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1007     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1008     Masked hardened-sources-2.4.26.ebuild broken for ppc
1009    
1010     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1011     hardened-sources-2.4.24-r3.ebuild:
1012     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1013 plasmaroo 1.25
1014 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1015    
1016     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1017     +hardened-sources-2.4.26.ebuild:
1018     Updated hardened-sources for the 2.4.26 kernel
1019     Removed broken components, updated almost everything.
1020    
1021 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1022    
1023     17 Apr 2004; <plasmaroo@gentoo.org>
1024     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1025     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1026     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1027     +hardened-sources-2.4.24-r3.ebuild:
1028     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1029     vulnerabilities. Old revisions removed.
1030 plasmaroo 1.24
1031     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1032    
1033     15 Apr 2004; <plasmaroo@gentoo.org>
1034     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1035     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1036     Version bump for the CAN-2004-0109 issue; bug #47881.
1037 aliz 1.23
1038     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1039     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1040     Add eutils to inherit.
1041 plasmaroo 1.22
1042     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1043    
1044     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1045     files/hardened-sources-2.4.24.munmap.patch:
1046     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1047 scox 1.19
1048 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1049 scox 1.26
1050 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1051     hardened-sources-2.4.24.ebuild:
1052     Version bump, updated most of the components.
1053     This release includes the following:
1054    
1055     - Hardened security
1056     - Netfilter patch-o-matic 20031219
1057     - FreeSWAN 2.04 & x509 1.4.8
1058     - EVMS 2.2.2
1059     - XFS 1.3.1
1060     - cryptoloop jari
1061     - grsecurity 2.0-rc4
1062     - SELinux
1063     - PaX 200402060000
1064     - PaX Obscurity 200308302223
1065     - Others...
1066    
1067     Neither -ck nor systrace are included anymore.
1068    
1069 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1070    
1071     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1072     hardened-sources-2.4.22-r2.ebuild:
1073 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1074 scox 1.19
1075     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1076 iggy 1.17
1077     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1078 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1079 iggy 1.16
1080     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1081 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1082     Version bump for the 'do_brk' vulnerability.
1083 iggy 1.15
1084     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1085     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1086     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1087     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1088 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1089 frogger 1.14
1090     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1091     hardened-sources-2.4.22.ebuild:
1092 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1093     components. These are no longer handled in the kernel
1094     so this code was not necessary.
1095 frogger 1.13
1096     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1097     New 2.4.22 based hardened-sources thanks to
1098     Phil West <p.west@computer.org>.
1099    
1100     These sources include:
1101 plasmaroo 1.18 - New SELinux API
1102     - Updated CK-base
1103     - Updated GRSec
1104     - Systrace
1105     - SuperFreeS/WAN 1.99.8
1106     - Propolice kernel build support
1107     - EVMS
1108     - Other various security related patches
1109 frogger 1.11
1110 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1111    
1112     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1113     Updated hardened-sources based on the 2.4.21 Linux kernel.
1114     This includes updates to most major components such as:
1115 plasmaroo 1.18 - ck-base-0306300059
1116     - selinux-2.4-2003071106
1117     - grsecurity-2.0-rc1
1118     - Updated IPTables patch-o-matic
1119     - Updated SuperFreeS/WAN
1120    
1121 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1122     updated patch set ready for the 2.4.21 based kernel.
1123    
1124 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1125     Initial import of hardened-sources-2.4.20-r4. This revision
1126     includes only a few changes, but one of these is an important
1127     security fix. It is recommended all users of hardened-sources
1128     upgrade to this release.
1129 plasmaroo 1.18
1130 frogger 1.11 - ioperm bug fix
1131     - fixed compilation failure when building without GRSec
1132 plasmaroo 1.18
1133 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1134     due to time constraints, but is planned for inclusion in the near
1135     future.
1136 msterret 1.10
1137     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1138    
1139     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1140     hardened-sources-2.4.20-r3.ebuild:
1141 plasmaroo 1.18 Add Header...
1142 frogger 1.9
1143     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1144     hardened-sources-2.4.20-r3.ebuild:
1145     Removed warnings from ebuild. This kernel should be safe to
1146     use at this point.
1147 frogger 1.8
1148     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1149    
1150     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1151     hardened-sources-2.4.20-r3.ebuild:
1152     New revision. Includes the following changes over -r2:
1153 plasmaroo 1.18
1154 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1155     - Super FreeS/WAN 1.99.7rc2
1156     - PaX for the LSM/SELinux branch
1157     - GRSecurity 2.0-pre4 (role based access control)
1158     - Systrace 1.3
1159     - EXT3 fixes
1160     - EVMS 2.0.1
1161     - GCC 3.1+ compile optimizations
1162     - ProPolice kernel build support
1163     - Hashing table security fixes
1164 frogger 1.3
1165     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1166 frogger 1.7
1167     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1168     Initial import of hardened-sources-r2. This new
1169     ebuild includes many new performance and security
1170     related patches. As in -r1, it will patch in
1171     LSM/SELinux if "selinux" is in USE, otherwise it
1172     will patch in GRSecurity. The following patches
1173     are included in this revision:
1174 plasmaroo 1.18
1175 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1176     (pulled from the base CK patch)
1177     - ptrace exploit patch for the LSM kernel
1178     (the GRSec patch already fixes this)
1179     - LSM 2.4-2003040709
1180     - SELinux 2.4-2003040709
1181     - Systrace v1.2
1182     - IPTables patch-o-matic base patches - 20030107
1183     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1184     - Super FreeS/WAN 1.99.6.1
1185     - GRSecurity 1.9.9g
1186     - MPPE
1187     - EXT3 data journal fix
1188     - CIPE 1.5.4
1189 frogger 1.6
1190     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1191     hardened-sources-2.4.20-r1.ebuild, manifest:
1192 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1193 frogger 1.5
1194     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1195     hardened-sources-2.4.20-r1.ebuild:
1196     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1197     is patched in instead. Ptrace patches for selinux have also been added. In
1198     either case, systrace support will be patched in as well.
1199 frogger 1.3
1200     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1201     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1202 plasmaroo 1.18 Revision bump for new sources.
1203 frogger 1.4
1204 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1205 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1206 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1207 method 1.1
1208 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1209    
1210 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1211     hardened-sources-2.4.20.ebuild:
1212 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20