/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.197 - (hide annotations) (download)
Wed Oct 31 12:48:57 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.196: +7 -1 lines
Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.197 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.196 2007/10/29 04:33:28 solar Exp $
4    
5     *hardened-sources-2.6.23-r1 (31 Oct 2007)
6    
7     31 Oct 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.23-r1.ebuild:
9     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
10 solar 1.196
11     29 Oct 2007; <solar@gentoo.org> metadata.xml:
12     - update metadata.xml
13 phreak 1.195
14     25 Oct 2007; Christian Heim <phreak@gentoo.org>
15     hardened-sources-2.6.22-r8.ebuild:
16     Marking 2.6.22-r8 stable on amd64 and x86.
17 phreak 1.194
18     21 Oct 2007; Christian Heim <phreak@gentoo.org>
19     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
20     -hardened-sources-2.6.21-r4.ebuild:
21     Removing old ebuilds.
22 phreak 1.193
23     *hardened-sources-2.4.35-r2 (21 Oct 2007)
24    
25     21 Oct 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.4.35-r2.ebuild:
27     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
28     patches.
29 phreak 1.192
30     *hardened-sources-2.6.22-r8 (21 Oct 2007)
31    
32     21 Oct 2007; Christian Heim <phreak@gentoo.org>
33     +hardened-sources-2.6.22-r8.ebuild:
34     Yet another new patch, hopefully fixing the remaining issues we had w/
35     2.6.22. Candidate for stabling.
36 phreak 1.191
37     *hardened-sources-2.6.23 (13 Oct 2007)
38    
39     13 Oct 2007; Christian Heim <phreak@gentoo.org>
40     +hardened-sources-2.6.23.ebuild:
41     Initial hardened-sources-2.6.23. If people still have problems w/ bug
42     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
43 phreak 1.190
44     11 Oct 2007; Christian Heim <phreak@gentoo.org>
45     hardened-sources-2.6.20-r10.ebuild:
46     Pulling in yet another new genpatches version, fixing the PWC bug for real.
47 phreak 1.189
48     04 Oct 2007; Christian Heim <phreak@gentoo.org>
49     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
50     Removing old versions.
51 phreak 1.188
52     *hardened-sources-2.6.22-r7 (01 Oct 2007)
53    
54     01 Oct 2007; Christian Heim <phreak@gentoo.org>
55     +hardened-sources-2.6.22-r7.ebuild:
56     Revision bump, pulling in a newer patch. Should fix #194276.
57 phreak 1.187
58     30 Sep 2007; Christian Heim <phreak@gentoo.org>
59     hardened-sources-2.6.20-r10.ebuild:
60     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
61     Mike Doty).
62 phreak 1.186
63     *hardened-sources-2.6.22-r6 (26 Sep 2007)
64    
65     26 Sep 2007; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.22-r6.ebuild:
67     Revision bump, grabbing up till Linux 2.6.22.9.
68 phreak 1.185
69     24 Sep 2007; Christian Heim <phreak@gentoo.org>
70     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
71     Cleaning up further.
72 phreak 1.184
73     *hardened-sources-2.6.20-r10 (24 Sep 2007)
74    
75     24 Sep 2007; Christian Heim <phreak@gentoo.org>
76     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
77     +hardened-sources-2.6.20-r10.ebuild:
78     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
79     revisions.
80 phreak 1.183
81     *hardened-sources-2.6.22-r5 (22 Sep 2007)
82    
83     22 Sep 2007; Christian Heim <phreak@gentoo.org>
84     +hardened-sources-2.6.22-r5.ebuild:
85     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
86 phreak 1.182
87     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
88     Removing johnm from metadata.xml (see #186467 for reference).
89 phreak 1.181
90     *hardened-sources-2.6.22-r4 (17 Sep 2007)
91    
92     17 Sep 2007; Christian Heim <phreak@gentoo.org>
93     +hardened-sources-2.6.22-r4.ebuild:
94     Revision bump, hopefully fixing all those weird PAX failures.
95 phreak 1.180
96     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
97     Updating the metadata.xml.
98 phreak 1.179
99     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
100     Removing tocharian from metadata due to his retirement (see #71718 for
101     reference).
102 phreak 1.178
103     *hardened-sources-2.6.20-r9 (30 Aug 2007)
104    
105     30 Aug 2007; Christian Heim <phreak@gentoo.org>
106     +hardened-sources-2.6.20-r9.ebuild:
107     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
108 phreak 1.177
109     29 Aug 2007; Christian Heim <phreak@gentoo.org>
110     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
111     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
112     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
113     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
114     -hardened-sources-2.6.22-r2.ebuild:
115     Removing some redundant versions.
116 phreak 1.176
117     *hardened-sources-2.4.35-r1 (29 Aug 2007)
118    
119     29 Aug 2007; Christian Heim <phreak@gentoo.org>
120     +hardened-sources-2.4.35-r1.ebuild:
121     Revision bump, new grsecurity patch.
122 phreak 1.175
123     *hardened-sources-2.6.20-r8 (26 Aug 2007)
124    
125     26 Aug 2007; Christian Heim <phreak@gentoo.org>
126     +hardened-sources-2.6.20-r8.ebuild:
127     Revision bump for Linux 2.6.20.17.
128 phreak 1.174
129     *hardened-sources-2.6.22-r3 (22 Aug 2007)
130    
131     22 Aug 2007; Christian Heim <phreak@gentoo.org>
132     +hardened-sources-2.6.22-r3.ebuild:
133     Revision bump for Linux 2.6.22.4.
134 phreak 1.173
135     16 Aug 2007; Christian Heim <phreak@gentoo.org>
136     hardened-sources-2.6.22-r2.ebuild:
137     Updated patchset, to fix the alignment against 2.6.22.3.
138 phreak 1.172
139     *hardened-sources-2.6.22-r2 (16 Aug 2007)
140    
141     16 Aug 2007; Christian Heim <phreak@gentoo.org>
142     +hardened-sources-2.6.22-r2.ebuild:
143     Revision bump for Linux 2.6.22.3.
144 phreak 1.171
145     *hardened-sources-2.4.35 (16 Aug 2007)
146    
147     16 Aug 2007; Christian Heim <phreak@gentoo.org>
148     +hardened-sources-2.4.35.ebuild:
149     Version bump, initial version for Linux 2.4.35.
150 phreak 1.170
151     *hardened-sources-2.6.21-r4 (16 Aug 2007)
152    
153     16 Aug 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.6.21-r4.ebuild:
155     Revision bump for Linux 2.6.21.6.
156 phreak 1.169
157     *hardened-sources-2.6.20-r7 (16 Aug 2007)
158    
159     16 Aug 2007; Christian Heim <phreak@gentoo.org>
160     +hardened-sources-2.6.20-r7.ebuild:
161     Revision bump for Linux 2.6.20.16.
162 phreak 1.168
163     *hardened-sources-2.6.22-r1 (13 Aug 2007)
164    
165     13 Aug 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.22-r1.ebuild:
167     Yet another revision bump.
168 phreak 1.167
169     *hardened-sources-2.6.22 (10 Aug 2007)
170    
171     10 Aug 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.22.ebuild:
173     Initial release for 2.6.22. If you are using hardened-sources on a desktop
174     machine (P4 or newer), be aware you might need to disable
175     CONFIG_PAX_PAGEEXEC.
176 phreak 1.166
177     04 Aug 2007; Christian Heim <phreak@gentoo.org>
178     hardened-sources-2.6.20-r6.ebuild:
179     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
180     2.6.20.15.
181 phreak 1.165
182     10 Jul 2007; Christian Heim <phreak@gentoo.org>
183     hardened-sources-2.6.20-r5.ebuild:
184     Marking hardened-sources-2.6.20-r5 stable on ppc.
185 phreak 1.164
186     10 Jul 2007; Christian Heim <phreak@gentoo.org>
187     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
188     Cleanup.
189 phreak 1.163
190     *hardened-sources-2.6.20-r6 (08 Jul 2007)
191    
192     08 Jul 2007; Christian Heim <phreak@gentoo.org>
193     +hardened-sources-2.6.20-r6.ebuild:
194     Revision bump, grabbing yet another stable release.
195 phreak 1.162
196     17 Jun 2007; Christian Heim <phreak@gentoo.org>
197     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
198     -hardened-sources-2.6.21-r2.ebuild:
199     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
200     alpha stable KEYWORD by mistake.
201 phreak 1.161
202     17 Jun 2007; Christian Heim <phreak@gentoo.org>
203     hardened-sources-2.6.20-r5.ebuild:
204     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
205     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
206 phreak 1.160
207     *hardened-sources-2.6.21-r3 (12 Jun 2007)
208    
209     12 Jun 2007; Christian Heim <phreak@gentoo.org>
210     +hardened-sources-2.6.21-r3.ebuild:
211     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
212     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
213     love.
214 phreak 1.159
215     *hardened-sources-2.6.20-r5 (11 Jun 2007)
216    
217     11 Jun 2007; Christian Heim <phreak@gentoo.org>
218     +hardened-sources-2.6.20-r5.ebuild:
219     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
220     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
221     love.
222 pappy 1.158
223     *hardened-sources-2.4.34.5 (11 Jun 2007)
224    
225     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
226     +hardened-sources-2.4.34.5.ebuild:
227     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
228 phreak 1.157
229     30 May 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
231     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
232     stale ebuild(s).
233 phreak 1.156
234     30 May 2007; Christian Heim <phreak@gentoo.org>
235     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
236     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
237     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
238     Doing some cleanups, remove stale ebuilds.
239 phreak 1.155
240     26 May 2007; Christian Heim <phreak@gentoo.org>
241     hardened-sources-2.6.21-r2.ebuild:
242     Fixing the grsecurity patch, had one '};' too much.
243 phreak 1.154
244     *hardened-sources-2.6.21-r2 (26 May 2007)
245    
246     26 May 2007; Christian Heim <phreak@gentoo.org>
247     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
248     +hardened-sources-2.6.21-r2.ebuild:
249     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
250     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
251 phreak 1.153
252     *hardened-sources-2.6.20-r4 (26 May 2007)
253    
254     26 May 2007; Christian Heim <phreak@gentoo.org>
255     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
256     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
257 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
258 phreak 1.152
259     15 May 2007; Christian Heim <phreak@gentoo.org>
260     hardened-sources-2.6.20-r3.ebuild:
261     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
262     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
263     grsecurity patch fail in that exact same hunk.
264 phreak 1.151
265     *hardened-sources-2.6.20-r3 (15 May 2007)
266    
267     15 May 2007; Christian Heim <phreak@gentoo.org>
268     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
269     Revision bump, incorporating Linux 2.6.20.11.
270    
271     *hardened-sources-2.6.21-r1 (11 May 2007)
272    
273     11 May 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.21-r1.ebuild:
275     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
276     mentioned in #177234.
277 kevquinn 1.150
278     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
279     files/digest-hardened-sources-2.6.21, Manifest:
280     Fix Manifest/digest for linux-2.6.21.tar.bz2
281 phreak 1.149
282     06 May 2007; Christian Heim <phreak@gentoo.org>
283     hardened-sources-2.6.21.ebuild:
284     Bumping the hardened-patches version, needed for the fix for #177234.
285 phreak 1.148
286     *hardened-sources-2.6.21 (02 May 2007)
287    
288     02 May 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.21.ebuild:
290     Version bump, Linux 2.6.21-hardened.
291 phreak 1.147
292     29 Apr 2007; Christian Heim <phreak@gentoo.org>
293     hardened-sources-2.6.20-r2.ebuild:
294     Adding ~ia64 on Ned's request.
295 phreak 1.146
296     29 Apr 2007; Christian Heim <phreak@gentoo.org>
297     hardened-sources-2.6.20-r2.ebuild:
298     Fixing the included grsecurity patch, wasn't alligning due to the Index:
299     header line(s).
300 phreak 1.145
301     29 Apr 2007; Christian Heim <phreak@gentoo.org>
302     hardened-sources-2.6.20-r2.ebuild:
303     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
304 armin76 1.144
305     *hardened-sources-2.6.20-r2 (10 Apr 2007)
306    
307     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
308     +hardened-sources-2.6.20-r2.ebuild:
309     Version bump, on behalf of phreak
310 phreak 1.143
311     *hardened-sources-2.6.20-r1 (04 Apr 2007)
312    
313     04 Apr 2007; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.20-r1.ebuild:
315     Revision bump, grabbing a newer grsecurity snapshot.
316 phreak 1.142
317     *hardened-sources-2.6.20 (25 Mar 2007)
318    
319     25 Mar 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.20.ebuild:
321     Finally a hardened-sources version for 2.6.20; many people have been waiting
322     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
323     testbox.
324 chainsaw 1.141
325     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
326     hardened-sources-2.6.18-r6.ebuild:
327     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
328 phreak 1.140
329     *hardened-sources-2.6.18-r6 (16 Mar 2007)
330    
331     16 Mar 2007; Christian Heim <phreak@gentoo.org>
332     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
333     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
334     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
335     supposed to be.
336 phreak 1.139
337     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
338     Fixing the Manifest, the previous one was broken (as in still had the
339     deleted ebuild in it).
340 phreak 1.138
341     06 Mar 2007; Christian Heim <phreak@gentoo.org>
342     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
343     +hardened-sources-2.6.18-r5.ebuild:
344     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
345     Linux 2.6.18.8. Also cleaning up the older version.
346    
347     *hardened-sources-2.6.18-r5 (06 Mar 2007)
348    
349     06 Mar 2007; Christian Heim <phreak@gentoo.org>
350     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
351     +hardened-sources-2.6.18-r5.ebuild:
352     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
353     Linux 2.6.18.8. Also cleaning up the older version.
354 phreak 1.137
355     24 Feb 2007; Christian Heim <phreak@gentoo.org>
356     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
357     -hardened-sources-2.6.19-r5.ebuild:
358     Removing some of the old version, that didn't work.
359 phreak 1.136
360     *hardened-sources-2.6.19-r6 (12 Feb 2007)
361    
362     12 Feb 2007; Christian Heim <phreak@gentoo.org>
363     +hardened-sources-2.6.19-r6.ebuild:
364     Revision bump, including a new grsec version fixing #166235.
365 pappy 1.134
366     *hardened-sources-2.4.34 (24 Jan 2007)
367    
368     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
369 pappy 1.135 Manifest:
370     updating Manifest with checksums of new tarball and ebuild
371    
372     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
373 pappy 1.134 +hardened-sources-2.4.34.ebuild:
374     I added new hardened sources 2.4 update, this is a critical path
375     security bugfix - all users of h-s are strongly advised
376     to update their existing hardened sources to this version.
377     It contains a fix for a kernel vulnerability that is pertaining
378     to the PaX changes to virtual memory management, possibly leading
379     to a local kernel exploit ... see grsecurity.net forums and homepage
380 phreak 1.133
381     23 Jan 2007; Christian Heim <phreak@gentoo.org>
382     files/digest-hardened-sources-2.6.19-r5, Manifest:
383     Fixing the patch-tarball digest.
384 phreak 1.132
385     *hardened-sources-2.6.19-r5 (23 Jan 2007)
386    
387     23 Jan 2007; Christian Heim <phreak@gentoo.org>
388     +hardened-sources-2.6.19-r5.ebuild:
389     Revision bump, closing the recently discovered PaX expand_stack()
390     vulnerability.
391 phreak 1.131
392     *hardened-sources-2.6.19-r4 (14 Jan 2007)
393    
394     14 Jan 2007; Christian Heim <phreak@gentoo.org>
395     +hardened-sources-2.6.19-r4.ebuild:
396     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
397     dropping the randomized PID feature.
398 opfer 1.130
399     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
400     hardened-sources-2.4.33.4.ebuild:
401     stable x86, bug #161171
402 phreak 1.129
403     *hardened-sources-2.6.19-r3 (27 Dec 2006)
404    
405     27 Dec 2006; Christian Heim <phreak@gentoo.org>
406     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
407     Revision bump for bug #157186 and #158786.
408 phreak 1.128
409     *hardened-sources-2.6.18-r4 (27 Dec 2006)
410    
411     27 Dec 2006; Christian Heim <phreak@gentoo.org>
412     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
413     Revision bump for bug #157186.
414 phreak 1.127
415     *hardened-sources-2.6.19-r2 (23 Dec 2006)
416    
417     23 Dec 2006; Christian Heim <phreak@gentoo.org>
418     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
419     Revision bump to pull in genpatches-2.6.19-3 for #157186.
420 phreak 1.126
421     17 Dec 2006; Christian Heim <phreak@gentoo.org>
422     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
423     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
424     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
425     hardened-sources-2.6.19-r1.ebuild:
426     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
427     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
428 pappy 1.125
429     *hardened-sources-2.4.33.4 (17 Dec 2006)
430    
431     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
432     +hardened-sources-2.4.33.4.ebuild:
433     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
434     and quilting
435 phreak 1.124
436     *hardened-sources-2.6.19-r1 (14 Dec 2006)
437    
438     14 Dec 2006; Christian Heim <phreak@gentoo.org>
439     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
440     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
441     for reporting).
442 phreak 1.123
443     *hardened-sources-2.6.19 (13 Dec 2006)
444    
445     13 Dec 2006; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.6.19.ebuild:
447     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
448     Brad for providing that prompt update.
449 phreak 1.122
450     *hardened-sources-2.6.18-r3 (13 Dec 2006)
451    
452     13 Dec 2006; Christian Heim <phreak@gentoo.org>
453     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
454     +hardened-sources-2.6.18-r3.ebuild:
455     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
456     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
457 phreak 1.121
458     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
459     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
460 nixnut 1.120
461     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
462     Stable on ppc wrt bug 157356
463 opfer 1.119
464     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
465     hardened-sources-2.6.18.ebuild:
466     stable x86, bug #157356
467 phreak 1.118
468     *hardened-sources-2.6.18-r2 (06 Dec 2006)
469    
470     06 Dec 2006; Christian Heim <phreak@gentoo.org>
471     +hardened-sources-2.6.18-r2.ebuild:
472     Revision bump, including 2.6.18.5 (via genpatches) and
473     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
474     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
475     redesign.
476 phreak 1.117
477     06 Dec 2006; Christian Heim <phreak@gentoo.org>
478     hardened-sources-2.6.18.ebuild:
479     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
480     of Mike Doty).
481 phreak 1.116
482     *hardened-sources-2.6.18-r1 (23 Nov 2006)
483    
484     23 Nov 2006; Christian Heim <phreak@gentoo.org>
485     +hardened-sources-2.6.18-r1.ebuild:
486     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
487 phreak 1.115
488     *hardened-sources-2.6.18 (11 Nov 2006)
489    
490     11 Nov 2006; Christian Heim <phreak@gentoo.org>
491     +hardened-sources-2.6.18.ebuild:
492     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
493 solar 1.114
494     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
495     - mark amd64 stable also. bug #151877
496 solar 1.113
497     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
498     - mark 2.6.17-r1 stable
499 phreak 1.112
500     27 Aug 2006; Christian Heim <phreak@gentoo.org>
501     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
502     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
503 phreak 1.111
504     *hardened-sources-2.6.17-r1 (26 Aug 2006)
505    
506     26 Aug 2006; Christian Heim <phreak@gentoo.org>
507     +hardened-sources-2.6.17-r1.ebuild:
508     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
509     grsecurity patch.
510 phreak 1.110
511     *hardened-sources-2.6.17 (17 Aug 2006)
512    
513     17 Aug 2006; Christian Heim <phreak@gentoo.org>
514     +hardened-sources-2.6.17.ebuild:
515     Bumping the hardened-sources-2.6 series to 2.6.17, using
516     genpatches-2.6.17-6.base.
517 solar 1.109
518     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
519     - stable on x86 and amd64
520 solar 1.108
521     *hardened-sources-2.6.16-r11 (15 Jul 2006)
522    
523     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
524     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
525     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
526     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
527     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
528     crusty ebuilds
529 johnm 1.107
530     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
531     hardened-sources-2.6.16-r10.ebuild:
532     marking stable on x86 and amd64
533 solar 1.106
534     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
535     - 2.4.32-r6 stable on x86. RSBAC state unknown
536 kang 1.105
537     *hardened-sources-2.4.32-r7 (10 Jul 2006)
538    
539     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
540     +hardened-sources-2.4.32-r7.ebuild:
541     Bump PaX for RSBAC to test-17
542 johnm 1.104
543     *hardened-sources-2.6.16-r9 (03 Jul 2006)
544    
545     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
546     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
547     hardened-sources-2.6.16 bump to latest -base.
548 solar 1.103
549     *hardened-sources-2.4.32-r6 (30 Jun 2006)
550    
551     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
552     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
553     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
554     sysctl controlable resource logging
555 johnm 1.102
556     *hardened-sources-2.6.16-r7 (05 Jun 2006)
557    
558     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
559     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
560     push new 2.6.16 release in preparation for stable
561 solar 1.101
562     22 May 2006; <solar@gentoo.org> :
563     - redigest bug 134002
564 kang 1.100
565     *hardened-sources-2.4.32-r5 (16 May 2006)
566    
567     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
568     +hardened-sources-2.4.32-r5.ebuild:
569     Fixes rsbac common patching (new patch in new -r5 patchset)
570 solar 1.99
571     *hardened-sources-2.4.32-r4 (13 May 2006)
572    
573     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
574     +hardened-sources-2.4.32-r4.ebuild:
575     - security bumps
576 johnm 1.98
577     *hardened-sources-2.6.16-r6 (03 May 2006)
578    
579     03 May 2006; John Mylchreest <johnm@gentoo.org>
580     +hardened-sources-2.6.16-r6.ebuild:
581     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
582 johnm 1.97
583     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
584     hardened-sources-2.6.14-r8.ebuild:
585     fix x86_64 build problem, this will delay the digest issue again for a short
586     while but it will sort itself out
587 johnm 1.96
588     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
589     hardened-sources-2.6.14-r8.ebuild:
590     bump hardened patchset
591 antarus 1.94
592     27 Apr 2006; Alec Warner <antarus@gentoo.org>
593     files/digest-hardened-sources-2.4.32-r2,
594     files/digest-hardened-sources-2.4.32-r3,
595     files/digest-hardened-sources-2.6.14-r8, Manifest:
596     Fixing duff SHA256 digests: Bug # 131293
597 johnm 1.93
598 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
599    
600     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
601     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
602     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
603     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
604     cleanup of old uneccessary sources
605    
606 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
607     fix digest
608 johnm 1.92
609     *hardened-sources-2.6.14-r8 (20 Apr 2006)
610    
611     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
612     +hardened-sources-2.6.14-r8.ebuild:
613     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
614 johnm 1.91
615     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
616     Turning on gpg-signing again, and recomitting
617 johnm 1.90
618     *hardened-sources-2.6.16-r4 (20 Apr 2006)
619    
620     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
621     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
622     +hardened-sources-2.6.16-r4.ebuild:
623     Fix numerous security vulns
624 solar 1.89
625     *hardened-sources-2.4.32-r3 (16 Apr 2006)
626    
627     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
628     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
629     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
630     - security bump for bug #112791. Removed old ebuilds
631 johnm 1.88
632     *hardened-sources-2.6.16-r3 (15 Apr 2006)
633    
634     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
635     +hardened-sources-2.6.16-r3.ebuild:
636     Removing silly localversion which I missed
637 johnm 1.87
638     *hardened-sources-2.6.14-r7 (14 Apr 2006)
639    
640     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
641     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
642     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
643 johnm 1.86
644     *hardened-sources-2.6.16-r2 (13 Apr 2006)
645    
646     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
648     +hardened-sources-2.6.16-r2.ebuild:
649     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
650     labels, dropping USERGROUP define fixes, since these were merged mainstream.
651 johnm 1.85
652     *hardened-sources-2.6.16-r1 (11 Apr 2006)
653    
654     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
655     +hardened-sources-2.6.16-r1.ebuild:
656     Bumping to include ppc build fix and 2.6.16.3
657 tsunam 1.84
658     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
659     hardened-sources-2.6.14-r6.ebuild:
660     Stable on x86; bug #127718
661 johnm 1.83
662     *hardened-sources-2.6.16 (31 Mar 2006)
663    
664     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
665     +hardened-sources-2.6.16.ebuild:
666     Bumping to new version of grsec, and kernel base. New squashfs. Based on
667     2.6.16.1
668 cryos 1.82
669     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
670     hardened-sources-2.6.14-r6.ebuild:
671     Stable on amd64, bug 127718.
672 nixnut 1.81
673     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
674     Stable on ppc. Bug #127718
675 johnm 1.80
676     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
677     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
678     -hardened-sources-2.6.14-r4.ebuild:
679     Cleanup.
680 johnm 1.79
681     *hardened-sources-2.6.14-r6 (15 Mar 2006)
682    
683     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
684     +hardened-sources-2.6.14-r6.ebuild:
685     Fixes grsec policy recreation bug and adds a
686     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
687 solar 1.78
688     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
689     - stable on x86
690 hansmi 1.77
691     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
692     hardened-sources-2.6.14-r5.ebuild:
693     Stable on ppc.
694 johnm 1.76
695     *hardened-sources-2.6.14-r5 (01 Feb 2006)
696    
697     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
698     +hardened-sources-2.6.14-r5.ebuild:
699     fixing every known exploit
700 solar 1.75
701     *hardened-sources-2.4.32-r2 (26 Jan 2006)
702    
703     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
704     +hardened-sources-2.4.32-r2.ebuild:
705     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
706 solar 1.74
707     *hardened-sources-2.6.14-r4 (12 Jan 2006)
708    
709     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
710     - version bump for new genpatches which fix up a few sec holes
711 solar 1.73
712     *hardened-sources-2.4.32-r1 (05 Jan 2006)
713    
714     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
715     - revision bump to add misc vital linux kernel security patches.
716 johnm 1.72
717     *hardened-sources-2.6.14-r3 (30 Dec 2005)
718    
719     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
720     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
721     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
722 johnm 1.71
723     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
724     hardened-sources-2.6.14-r2.ebuild:
725     making x86 & amd64 stable following testing.
726 johnm 1.70
727     *hardened-sources-2.6.14-r2 (27 Dec 2005)
728    
729     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
730     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
731     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
732     network hooks.
733 johnm 1.69
734     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
735     hardened-sources-2.6.14-r1.ebuild:
736     bumping to stable early for sec fix on x86 & amd64
737 johnm 1.68
738     *hardened-sources-2.6.14-r1 (05 Dec 2005)
739    
740     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
741     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
742     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
743 solar 1.67
744     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
745     - stable on x86 security bug #114227 CAN-2005-3257
746 kang 1.66
747     *hardened-sources-2.4.32 (19 Nov 2005)
748    
749     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
750     +hardened-sources-2.4.32.ebuild:
751     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
752     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
753     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
754     rsbac >> /etc/portage/package.use)
755 johnm 1.65
756     *hardened-sources-2.6.14 (14 Nov 2005)
757    
758     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
759     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
760     Bumping 2.6 series to 2.6.14.2
761 johnm 1.64
762     *hardened-sources-2.6.13-r2 (20 Oct 2005)
763    
764     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
765     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
766     +hardened-sources-2.6.13-r2.ebuild:
767     Fixes minor build error in ppc.
768 johnm 1.63
769     *hardened-sources-2.6.13-r1 (17 Oct 2005)
770    
771     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
772     +hardened-sources-2.6.13-r1.ebuild:
773     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
774     2.6.13.4, fixes some major amd64 stability problems.
775 johnm 1.62
776     *hardened-sources-2.6.13 (16 Sep 2005)
777    
778     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
779     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
780     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
781     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
782     users should test this thoroughly.
783 solar 1.61
784     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
785     - stable on x86
786 johnm 1.60
787     *hardened-sources-2.6.11-r15 (27 Jun 2005)
788    
789     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
790     +hardened-sources-2.6.11-r15.ebuild:
791     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
792     grsec redefining curr_ip struct.
793 solar 1.59
794     *hardened-sources-2.4.31 (20 Jun 2005)
795    
796     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
797     initial import of 2.4.31 tree
798 johnm 1.58
799     *hardened-sources-2.6.11-r14 (14 Jun 2005)
800    
801     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
802     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
803     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
804     naming scheme to abide by genpatches
805 johnm 1.57
806     *hardened-sources-2.6.11-r13 (18 May 2005)
807    
808     18 May 2005; John Mylchreest <johnm@gentoo.org>
809     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
810     Managed to mangle the Makefile patch from grsec, to miss out the grsec
811     target. sorry about that. Fixes bug #93022
812 johnm 1.56
813     *hardened-sources-2.6.11-r12 (17 May 2005)
814    
815     17 May 2005; John Mylchreest <johnm@gentoo.org>
816     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
817     +hardened-sources-2.6.11-r12.ebuild:
818     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
819     merges in genpatches-base
820 johnm 1.55
821     *hardened-sources-2.6.11-r12 (17 May 2005)
822    
823     17 May 2005; John Mylchreest <johnm@gentoo.org>
824     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
825     +hardened-sources-2.6.11-r12.ebuild:
826     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
827     merges in genpatches-base
828 solar 1.54
829     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
830     -files/2.4.27-cmdline-race.patch,
831     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
832     -files/2.4.28-grsec-binfmt_a.out.patch,
833     -files/2.4.28-grsec-cmdline-race.patch,
834     -files/2.4.28-selinux-binfmt_a.out.patch,
835     -files/2.4.28-selinux-cmdline-race.patch,
836     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
837     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
838     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
839     cleanup..
840 solar 1.53
841     *hardened-sources-2.4.30-r1 (21 Apr 2005)
842    
843     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
844     - disable aout by default
845 solar 1.52
846     *hardened-sources-2.4.30 (18 Apr 2005)
847    
848     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
849     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
850     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
851     use
852 tocharian 1.50
853 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
854    
855     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
856     +hardened-sources-2.4.29.ebuild:
857     New hardened-patches-2.4-29.0 patchball.
858     Removed SELinux support, upgraded GRSecurity to 2.1.4.
859    
860     *hardened-sources-2.4.28-r5 (06 Mar 2005)
861    
862     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
863     +hardened-sources-2.4.28-r5.ebuild:
864     Added a fix for a PaX vulnerability.
865    
866     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
867 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
868     Stable on x86
869 solar 1.49
870     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
871     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
872     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
873     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
874     - fixed/added RDEPEND= in all kernel-2 ebuilds
875 tocharian 1.48
876     *hardened-sources-2.4.28-r4 (21 Jan 2005)
877    
878     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
879     +hardened-sources-2.4.28-r4.ebuild:
880     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
881     backport of neighbour hash updates.
882 tocharian 1.47
883     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
884     hardened-sources-2.4.28-r3.ebuild:
885     Stable on x86
886 tseng 1.46
887     *hardened-sources-2.6.10-r3 (20 Jan 2005)
888    
889     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
890     +hardened-sources-2.6.10-r3.ebuild:
891     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
892     in 2005.0
893 tocharian 1.45
894     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
895     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
896     hardened-sources-2.4.28-r2.ebuild:
897     Mark stable on x86
898 tocharian 1.44
899     *hardened-sources-2.4.28-r3 (17 Jan 2005)
900    
901     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
902     +hardened-sources-2.4.28-r3.ebuild:
903     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
904 tocharian 1.43
905     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
906     hardened-sources-2.4.28.ebuild:
907     Mark stable on x86.
908 tocharian 1.42
909     *hardened-sources-2.4.28-r2 (13 Jan 2005)
910    
911     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
912     +hardened-sources-2.4.28-r2.ebuild:
913     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
914     Mazinger for grsecurity patches as well.
915 plasmaroo 1.41
916     *hardened-sources-2.4.28-r1 (23 Dec 2004)
917    
918     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
919     Security bump. Thank tocharian for rolling a new patchset...
920 solar 1.40
921     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
922     +files/2.4.28-grsec-cmdline-race.patch,
923     +files/2.4.28-selinux-binfmt_a.out.patch,
924     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
925     - Round up remaining security patches that appear to be missing in 2.4.28. -
926     PaX standalone updated to current. hgpv=28.1
927 solar 1.39
928     *hardened-sources-2.4.28 (28 Nov 2004)
929    
930     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
931     security bump. Thank tocharian for rolling a new patchset
932 scox 1.31
933 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
934    
935     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
936     +hardened-sources-2.4.27-r3.ebuild:
937     Applies the new 2.4-27.2 patchball which updates
938     GRSecurity to the 2.0.1 version.
939    
940 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
941    
942     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943     +hardened-sources-2.4.27-r2.ebuild:
944     Version bump.
945     This version uses the new 2.4-27.1 patchball which updates
946     both the SELinux PaX hooks patch and the SELinux headers.
947    
948 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
949    
950     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
951     +hardened-sources-2.4.27-r1.ebuild,
952     -hardened-sources-2.4.27.ebuild,
953     +files/2.4.27-cmdline-race.patch:
954     Version bump, fix for cmdline race. See bug #59905.
955    
956     *hardened-sources-2.4.26-r6 (09 Aug 2004)
957    
958     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
959     +hardened-sources-2.4.26-r6.ebuild,
960     -hardened-sources-2.4.26-r5.ebuild,
961     -hardened-sources-2.4.26-r4.ebuild,
962     +files/2.4.26-cmdline-race.patch:
963     Version bump, fix for cmdline race. See bug #59905.
964    
965 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
966    
967     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
968     +hardened-sources-2.4.27.ebuild,
969     +files/2.4.27-CAN-2004-0394.patch:
970     Ported the patchball to the 2.4.27 kernel version.
971    
972 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
973    
974     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
975     +hardened-sources-2.4.26-r5.ebuild:
976 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
977 scox 1.34 It adds the following features:
978     - Squashfs
979     - Ebtables
980     - Netdev random (core+drivers)
981     - Watchdog Timer (WDT) fix.
982    
983 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
984    
985     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
986     +hardened-sources-2.4.26-r4.ebuild,
987     +files/2.4.26-CAN-2004-0415.patch,
988     -hardened-sources-2.4.26-3:
989     Version bump, fix for CAN 0415, see bug #59378.
990    
991 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
992    
993     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
994     +hardened-sources-2.4.26-r3.ebuild,
995     +files/2.4.26-CAN-2004-0497.patch,
996     -hardened-sources-2.4.26-r2.ebuild:
997     Version bump, fixed CAN 0497, see bug #56171.
998    
999 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1000    
1001     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1002 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1003 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1004     +files/2.4.26-CAN-2004-0535.patch,
1005     -hardened-sources-2.4.26-r1.ebuild:
1006     Fixes for both CAN 0495 and 0535, see bug #54976
1007 pvdabeel 1.27
1008 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1009     hardened-sources-2.4.26-r1.ebuild:
1010     QA - fix use invocation
1011 scox 1.28
1012     *hardened-sources-2.4.26-r1 (22 June 2004)
1013    
1014     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1015     +hardened-sources-2.4.26-r1.ebuild,
1016     +files/2.4.26-CAN-2004-0394.patch,
1017     +files/2.4.26-signal-race.patch,
1018     -hardened-sources-2.4.26.ebuild,
1019     -hardened-sources-2.4.24-r3.ebuild:
1020     Version bump for the CAN-2004-0394 issue and bug #53804
1021     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1022    
1023    
1024 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1025     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1026     Masked hardened-sources-2.4.26.ebuild broken for ppc
1027    
1028     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1029     hardened-sources-2.4.24-r3.ebuild:
1030     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1031 plasmaroo 1.25
1032 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1033    
1034     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1035     +hardened-sources-2.4.26.ebuild:
1036     Updated hardened-sources for the 2.4.26 kernel
1037     Removed broken components, updated almost everything.
1038    
1039 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1040    
1041     17 Apr 2004; <plasmaroo@gentoo.org>
1042     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1043     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1044     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1045     +hardened-sources-2.4.24-r3.ebuild:
1046     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1047     vulnerabilities. Old revisions removed.
1048 plasmaroo 1.24
1049     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1050    
1051     15 Apr 2004; <plasmaroo@gentoo.org>
1052     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1053     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1054     Version bump for the CAN-2004-0109 issue; bug #47881.
1055 aliz 1.23
1056     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1057     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1058     Add eutils to inherit.
1059 plasmaroo 1.22
1060     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1061    
1062     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1063     files/hardened-sources-2.4.24.munmap.patch:
1064     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1065 scox 1.19
1066 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1067 scox 1.26
1068 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1069     hardened-sources-2.4.24.ebuild:
1070     Version bump, updated most of the components.
1071     This release includes the following:
1072    
1073     - Hardened security
1074     - Netfilter patch-o-matic 20031219
1075     - FreeSWAN 2.04 & x509 1.4.8
1076     - EVMS 2.2.2
1077     - XFS 1.3.1
1078     - cryptoloop jari
1079     - grsecurity 2.0-rc4
1080     - SELinux
1081     - PaX 200402060000
1082     - PaX Obscurity 200308302223
1083     - Others...
1084    
1085     Neither -ck nor systrace are included anymore.
1086    
1087 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1088    
1089     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1090     hardened-sources-2.4.22-r2.ebuild:
1091 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1092 scox 1.19
1093     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1094 iggy 1.17
1095     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1096 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1097 iggy 1.16
1098     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1099 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1100     Version bump for the 'do_brk' vulnerability.
1101 iggy 1.15
1102     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1103     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1104     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1105     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1106 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1107 frogger 1.14
1108     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1109     hardened-sources-2.4.22.ebuild:
1110 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1111     components. These are no longer handled in the kernel
1112     so this code was not necessary.
1113 frogger 1.13
1114     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1115     New 2.4.22 based hardened-sources thanks to
1116     Phil West <p.west@computer.org>.
1117    
1118     These sources include:
1119 plasmaroo 1.18 - New SELinux API
1120     - Updated CK-base
1121     - Updated GRSec
1122     - Systrace
1123     - SuperFreeS/WAN 1.99.8
1124     - Propolice kernel build support
1125     - EVMS
1126     - Other various security related patches
1127 frogger 1.11
1128 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1129    
1130     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1131     Updated hardened-sources based on the 2.4.21 Linux kernel.
1132     This includes updates to most major components such as:
1133 plasmaroo 1.18 - ck-base-0306300059
1134     - selinux-2.4-2003071106
1135     - grsecurity-2.0-rc1
1136     - Updated IPTables patch-o-matic
1137     - Updated SuperFreeS/WAN
1138    
1139 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1140     updated patch set ready for the 2.4.21 based kernel.
1141    
1142 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1143     Initial import of hardened-sources-2.4.20-r4. This revision
1144     includes only a few changes, but one of these is an important
1145     security fix. It is recommended all users of hardened-sources
1146     upgrade to this release.
1147 plasmaroo 1.18
1148 frogger 1.11 - ioperm bug fix
1149     - fixed compilation failure when building without GRSec
1150 plasmaroo 1.18
1151 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1152     due to time constraints, but is planned for inclusion in the near
1153     future.
1154 msterret 1.10
1155     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1156    
1157     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1158     hardened-sources-2.4.20-r3.ebuild:
1159 plasmaroo 1.18 Add Header...
1160 frogger 1.9
1161     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1162     hardened-sources-2.4.20-r3.ebuild:
1163     Removed warnings from ebuild. This kernel should be safe to
1164     use at this point.
1165 frogger 1.8
1166     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1167    
1168     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1169     hardened-sources-2.4.20-r3.ebuild:
1170     New revision. Includes the following changes over -r2:
1171 plasmaroo 1.18
1172 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1173     - Super FreeS/WAN 1.99.7rc2
1174     - PaX for the LSM/SELinux branch
1175     - GRSecurity 2.0-pre4 (role based access control)
1176     - Systrace 1.3
1177     - EXT3 fixes
1178     - EVMS 2.0.1
1179     - GCC 3.1+ compile optimizations
1180     - ProPolice kernel build support
1181     - Hashing table security fixes
1182 frogger 1.3
1183     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1184 frogger 1.7
1185     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1186     Initial import of hardened-sources-r2. This new
1187     ebuild includes many new performance and security
1188     related patches. As in -r1, it will patch in
1189     LSM/SELinux if "selinux" is in USE, otherwise it
1190     will patch in GRSecurity. The following patches
1191     are included in this revision:
1192 plasmaroo 1.18
1193 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1194     (pulled from the base CK patch)
1195     - ptrace exploit patch for the LSM kernel
1196     (the GRSec patch already fixes this)
1197     - LSM 2.4-2003040709
1198     - SELinux 2.4-2003040709
1199     - Systrace v1.2
1200     - IPTables patch-o-matic base patches - 20030107
1201     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1202     - Super FreeS/WAN 1.99.6.1
1203     - GRSecurity 1.9.9g
1204     - MPPE
1205     - EXT3 data journal fix
1206     - CIPE 1.5.4
1207 frogger 1.6
1208     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1209     hardened-sources-2.4.20-r1.ebuild, manifest:
1210 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1211 frogger 1.5
1212     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1213     hardened-sources-2.4.20-r1.ebuild:
1214     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1215     is patched in instead. Ptrace patches for selinux have also been added. In
1216     either case, systrace support will be patched in as well.
1217 frogger 1.3
1218     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1219     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1220 plasmaroo 1.18 Revision bump for new sources.
1221 frogger 1.4
1222 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1223 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1224 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1225 method 1.1
1226 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1227    
1228 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1229     hardened-sources-2.4.20.ebuild:
1230 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20