/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.198 - (hide annotations) (download)
Sun Nov 25 18:25:39 2007 UTC (6 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.197: +7 -1 lines
Updated patchset, thanks to solar.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.198 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.197 2007/10/31 12:48:57 phreak Exp $
4    
5     *hardened-sources-2.6.23-r2 (25 Nov 2007)
6    
7     25 Nov 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.23-r2.ebuild:
9     Updated patchset, thanks to solar.
10 phreak 1.197
11     *hardened-sources-2.6.23-r1 (31 Oct 2007)
12    
13     31 Oct 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.23-r1.ebuild:
15     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
16 solar 1.196
17     29 Oct 2007; <solar@gentoo.org> metadata.xml:
18     - update metadata.xml
19 phreak 1.195
20     25 Oct 2007; Christian Heim <phreak@gentoo.org>
21     hardened-sources-2.6.22-r8.ebuild:
22     Marking 2.6.22-r8 stable on amd64 and x86.
23 phreak 1.194
24     21 Oct 2007; Christian Heim <phreak@gentoo.org>
25     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
26     -hardened-sources-2.6.21-r4.ebuild:
27     Removing old ebuilds.
28 phreak 1.193
29     *hardened-sources-2.4.35-r2 (21 Oct 2007)
30    
31     21 Oct 2007; Christian Heim <phreak@gentoo.org>
32     +hardened-sources-2.4.35-r2.ebuild:
33     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
34     patches.
35 phreak 1.192
36     *hardened-sources-2.6.22-r8 (21 Oct 2007)
37    
38     21 Oct 2007; Christian Heim <phreak@gentoo.org>
39     +hardened-sources-2.6.22-r8.ebuild:
40     Yet another new patch, hopefully fixing the remaining issues we had w/
41     2.6.22. Candidate for stabling.
42 phreak 1.191
43     *hardened-sources-2.6.23 (13 Oct 2007)
44    
45     13 Oct 2007; Christian Heim <phreak@gentoo.org>
46     +hardened-sources-2.6.23.ebuild:
47     Initial hardened-sources-2.6.23. If people still have problems w/ bug
48     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
49 phreak 1.190
50     11 Oct 2007; Christian Heim <phreak@gentoo.org>
51     hardened-sources-2.6.20-r10.ebuild:
52     Pulling in yet another new genpatches version, fixing the PWC bug for real.
53 phreak 1.189
54     04 Oct 2007; Christian Heim <phreak@gentoo.org>
55     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
56     Removing old versions.
57 phreak 1.188
58     *hardened-sources-2.6.22-r7 (01 Oct 2007)
59    
60     01 Oct 2007; Christian Heim <phreak@gentoo.org>
61     +hardened-sources-2.6.22-r7.ebuild:
62     Revision bump, pulling in a newer patch. Should fix #194276.
63 phreak 1.187
64     30 Sep 2007; Christian Heim <phreak@gentoo.org>
65     hardened-sources-2.6.20-r10.ebuild:
66     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
67     Mike Doty).
68 phreak 1.186
69     *hardened-sources-2.6.22-r6 (26 Sep 2007)
70    
71     26 Sep 2007; Christian Heim <phreak@gentoo.org>
72     +hardened-sources-2.6.22-r6.ebuild:
73     Revision bump, grabbing up till Linux 2.6.22.9.
74 phreak 1.185
75     24 Sep 2007; Christian Heim <phreak@gentoo.org>
76     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
77     Cleaning up further.
78 phreak 1.184
79     *hardened-sources-2.6.20-r10 (24 Sep 2007)
80    
81     24 Sep 2007; Christian Heim <phreak@gentoo.org>
82     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
83     +hardened-sources-2.6.20-r10.ebuild:
84     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
85     revisions.
86 phreak 1.183
87     *hardened-sources-2.6.22-r5 (22 Sep 2007)
88    
89     22 Sep 2007; Christian Heim <phreak@gentoo.org>
90     +hardened-sources-2.6.22-r5.ebuild:
91     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
92 phreak 1.182
93     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
94     Removing johnm from metadata.xml (see #186467 for reference).
95 phreak 1.181
96     *hardened-sources-2.6.22-r4 (17 Sep 2007)
97    
98     17 Sep 2007; Christian Heim <phreak@gentoo.org>
99     +hardened-sources-2.6.22-r4.ebuild:
100     Revision bump, hopefully fixing all those weird PAX failures.
101 phreak 1.180
102     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
103     Updating the metadata.xml.
104 phreak 1.179
105     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
106     Removing tocharian from metadata due to his retirement (see #71718 for
107     reference).
108 phreak 1.178
109     *hardened-sources-2.6.20-r9 (30 Aug 2007)
110    
111     30 Aug 2007; Christian Heim <phreak@gentoo.org>
112     +hardened-sources-2.6.20-r9.ebuild:
113     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
114 phreak 1.177
115     29 Aug 2007; Christian Heim <phreak@gentoo.org>
116     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
117     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
118     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
119     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
120     -hardened-sources-2.6.22-r2.ebuild:
121     Removing some redundant versions.
122 phreak 1.176
123     *hardened-sources-2.4.35-r1 (29 Aug 2007)
124    
125     29 Aug 2007; Christian Heim <phreak@gentoo.org>
126     +hardened-sources-2.4.35-r1.ebuild:
127     Revision bump, new grsecurity patch.
128 phreak 1.175
129     *hardened-sources-2.6.20-r8 (26 Aug 2007)
130    
131     26 Aug 2007; Christian Heim <phreak@gentoo.org>
132     +hardened-sources-2.6.20-r8.ebuild:
133     Revision bump for Linux 2.6.20.17.
134 phreak 1.174
135     *hardened-sources-2.6.22-r3 (22 Aug 2007)
136    
137     22 Aug 2007; Christian Heim <phreak@gentoo.org>
138     +hardened-sources-2.6.22-r3.ebuild:
139     Revision bump for Linux 2.6.22.4.
140 phreak 1.173
141     16 Aug 2007; Christian Heim <phreak@gentoo.org>
142     hardened-sources-2.6.22-r2.ebuild:
143     Updated patchset, to fix the alignment against 2.6.22.3.
144 phreak 1.172
145     *hardened-sources-2.6.22-r2 (16 Aug 2007)
146    
147     16 Aug 2007; Christian Heim <phreak@gentoo.org>
148     +hardened-sources-2.6.22-r2.ebuild:
149     Revision bump for Linux 2.6.22.3.
150 phreak 1.171
151     *hardened-sources-2.4.35 (16 Aug 2007)
152    
153     16 Aug 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.4.35.ebuild:
155     Version bump, initial version for Linux 2.4.35.
156 phreak 1.170
157     *hardened-sources-2.6.21-r4 (16 Aug 2007)
158    
159     16 Aug 2007; Christian Heim <phreak@gentoo.org>
160     +hardened-sources-2.6.21-r4.ebuild:
161     Revision bump for Linux 2.6.21.6.
162 phreak 1.169
163     *hardened-sources-2.6.20-r7 (16 Aug 2007)
164    
165     16 Aug 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.20-r7.ebuild:
167     Revision bump for Linux 2.6.20.16.
168 phreak 1.168
169     *hardened-sources-2.6.22-r1 (13 Aug 2007)
170    
171     13 Aug 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.22-r1.ebuild:
173     Yet another revision bump.
174 phreak 1.167
175     *hardened-sources-2.6.22 (10 Aug 2007)
176    
177     10 Aug 2007; Christian Heim <phreak@gentoo.org>
178     +hardened-sources-2.6.22.ebuild:
179     Initial release for 2.6.22. If you are using hardened-sources on a desktop
180     machine (P4 or newer), be aware you might need to disable
181     CONFIG_PAX_PAGEEXEC.
182 phreak 1.166
183     04 Aug 2007; Christian Heim <phreak@gentoo.org>
184     hardened-sources-2.6.20-r6.ebuild:
185     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
186     2.6.20.15.
187 phreak 1.165
188     10 Jul 2007; Christian Heim <phreak@gentoo.org>
189     hardened-sources-2.6.20-r5.ebuild:
190     Marking hardened-sources-2.6.20-r5 stable on ppc.
191 phreak 1.164
192     10 Jul 2007; Christian Heim <phreak@gentoo.org>
193     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
194     Cleanup.
195 phreak 1.163
196     *hardened-sources-2.6.20-r6 (08 Jul 2007)
197    
198     08 Jul 2007; Christian Heim <phreak@gentoo.org>
199     +hardened-sources-2.6.20-r6.ebuild:
200     Revision bump, grabbing yet another stable release.
201 phreak 1.162
202     17 Jun 2007; Christian Heim <phreak@gentoo.org>
203     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
204     -hardened-sources-2.6.21-r2.ebuild:
205     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
206     alpha stable KEYWORD by mistake.
207 phreak 1.161
208     17 Jun 2007; Christian Heim <phreak@gentoo.org>
209     hardened-sources-2.6.20-r5.ebuild:
210     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
211     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
212 phreak 1.160
213     *hardened-sources-2.6.21-r3 (12 Jun 2007)
214    
215     12 Jun 2007; Christian Heim <phreak@gentoo.org>
216     +hardened-sources-2.6.21-r3.ebuild:
217     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
218     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
219     love.
220 phreak 1.159
221     *hardened-sources-2.6.20-r5 (11 Jun 2007)
222    
223     11 Jun 2007; Christian Heim <phreak@gentoo.org>
224     +hardened-sources-2.6.20-r5.ebuild:
225     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
226     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
227     love.
228 pappy 1.158
229     *hardened-sources-2.4.34.5 (11 Jun 2007)
230    
231     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
232     +hardened-sources-2.4.34.5.ebuild:
233     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
234 phreak 1.157
235     30 May 2007; Christian Heim <phreak@gentoo.org>
236     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
237     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
238     stale ebuild(s).
239 phreak 1.156
240     30 May 2007; Christian Heim <phreak@gentoo.org>
241     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
242     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
243     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
244     Doing some cleanups, remove stale ebuilds.
245 phreak 1.155
246     26 May 2007; Christian Heim <phreak@gentoo.org>
247     hardened-sources-2.6.21-r2.ebuild:
248     Fixing the grsecurity patch, had one '};' too much.
249 phreak 1.154
250     *hardened-sources-2.6.21-r2 (26 May 2007)
251    
252     26 May 2007; Christian Heim <phreak@gentoo.org>
253     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
254     +hardened-sources-2.6.21-r2.ebuild:
255     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
256     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
257 phreak 1.153
258     *hardened-sources-2.6.20-r4 (26 May 2007)
259    
260     26 May 2007; Christian Heim <phreak@gentoo.org>
261     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
262     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
263 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
264 phreak 1.152
265     15 May 2007; Christian Heim <phreak@gentoo.org>
266     hardened-sources-2.6.20-r3.ebuild:
267     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
268     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
269     grsecurity patch fail in that exact same hunk.
270 phreak 1.151
271     *hardened-sources-2.6.20-r3 (15 May 2007)
272    
273     15 May 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
275     Revision bump, incorporating Linux 2.6.20.11.
276    
277     *hardened-sources-2.6.21-r1 (11 May 2007)
278    
279     11 May 2007; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.6.21-r1.ebuild:
281     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
282     mentioned in #177234.
283 kevquinn 1.150
284     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
285     files/digest-hardened-sources-2.6.21, Manifest:
286     Fix Manifest/digest for linux-2.6.21.tar.bz2
287 phreak 1.149
288     06 May 2007; Christian Heim <phreak@gentoo.org>
289     hardened-sources-2.6.21.ebuild:
290     Bumping the hardened-patches version, needed for the fix for #177234.
291 phreak 1.148
292     *hardened-sources-2.6.21 (02 May 2007)
293    
294     02 May 2007; Christian Heim <phreak@gentoo.org>
295     +hardened-sources-2.6.21.ebuild:
296     Version bump, Linux 2.6.21-hardened.
297 phreak 1.147
298     29 Apr 2007; Christian Heim <phreak@gentoo.org>
299     hardened-sources-2.6.20-r2.ebuild:
300     Adding ~ia64 on Ned's request.
301 phreak 1.146
302     29 Apr 2007; Christian Heim <phreak@gentoo.org>
303     hardened-sources-2.6.20-r2.ebuild:
304     Fixing the included grsecurity patch, wasn't alligning due to the Index:
305     header line(s).
306 phreak 1.145
307     29 Apr 2007; Christian Heim <phreak@gentoo.org>
308     hardened-sources-2.6.20-r2.ebuild:
309     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
310 armin76 1.144
311     *hardened-sources-2.6.20-r2 (10 Apr 2007)
312    
313     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
314     +hardened-sources-2.6.20-r2.ebuild:
315     Version bump, on behalf of phreak
316 phreak 1.143
317     *hardened-sources-2.6.20-r1 (04 Apr 2007)
318    
319     04 Apr 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.20-r1.ebuild:
321     Revision bump, grabbing a newer grsecurity snapshot.
322 phreak 1.142
323     *hardened-sources-2.6.20 (25 Mar 2007)
324    
325     25 Mar 2007; Christian Heim <phreak@gentoo.org>
326     +hardened-sources-2.6.20.ebuild:
327     Finally a hardened-sources version for 2.6.20; many people have been waiting
328     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
329     testbox.
330 chainsaw 1.141
331     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
332     hardened-sources-2.6.18-r6.ebuild:
333     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
334 phreak 1.140
335     *hardened-sources-2.6.18-r6 (16 Mar 2007)
336    
337     16 Mar 2007; Christian Heim <phreak@gentoo.org>
338     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
339     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
340     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
341     supposed to be.
342 phreak 1.139
343     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
344     Fixing the Manifest, the previous one was broken (as in still had the
345     deleted ebuild in it).
346 phreak 1.138
347     06 Mar 2007; Christian Heim <phreak@gentoo.org>
348     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
349     +hardened-sources-2.6.18-r5.ebuild:
350     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
351     Linux 2.6.18.8. Also cleaning up the older version.
352    
353     *hardened-sources-2.6.18-r5 (06 Mar 2007)
354    
355     06 Mar 2007; Christian Heim <phreak@gentoo.org>
356     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
357     +hardened-sources-2.6.18-r5.ebuild:
358     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
359     Linux 2.6.18.8. Also cleaning up the older version.
360 phreak 1.137
361     24 Feb 2007; Christian Heim <phreak@gentoo.org>
362     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
363     -hardened-sources-2.6.19-r5.ebuild:
364     Removing some of the old version, that didn't work.
365 phreak 1.136
366     *hardened-sources-2.6.19-r6 (12 Feb 2007)
367    
368     12 Feb 2007; Christian Heim <phreak@gentoo.org>
369     +hardened-sources-2.6.19-r6.ebuild:
370     Revision bump, including a new grsec version fixing #166235.
371 pappy 1.134
372     *hardened-sources-2.4.34 (24 Jan 2007)
373    
374     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
375 pappy 1.135 Manifest:
376     updating Manifest with checksums of new tarball and ebuild
377    
378     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
379 pappy 1.134 +hardened-sources-2.4.34.ebuild:
380     I added new hardened sources 2.4 update, this is a critical path
381     security bugfix - all users of h-s are strongly advised
382     to update their existing hardened sources to this version.
383     It contains a fix for a kernel vulnerability that is pertaining
384     to the PaX changes to virtual memory management, possibly leading
385     to a local kernel exploit ... see grsecurity.net forums and homepage
386 phreak 1.133
387     23 Jan 2007; Christian Heim <phreak@gentoo.org>
388     files/digest-hardened-sources-2.6.19-r5, Manifest:
389     Fixing the patch-tarball digest.
390 phreak 1.132
391     *hardened-sources-2.6.19-r5 (23 Jan 2007)
392    
393     23 Jan 2007; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.19-r5.ebuild:
395     Revision bump, closing the recently discovered PaX expand_stack()
396     vulnerability.
397 phreak 1.131
398     *hardened-sources-2.6.19-r4 (14 Jan 2007)
399    
400     14 Jan 2007; Christian Heim <phreak@gentoo.org>
401     +hardened-sources-2.6.19-r4.ebuild:
402     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
403     dropping the randomized PID feature.
404 opfer 1.130
405     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
406     hardened-sources-2.4.33.4.ebuild:
407     stable x86, bug #161171
408 phreak 1.129
409     *hardened-sources-2.6.19-r3 (27 Dec 2006)
410    
411     27 Dec 2006; Christian Heim <phreak@gentoo.org>
412     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
413     Revision bump for bug #157186 and #158786.
414 phreak 1.128
415     *hardened-sources-2.6.18-r4 (27 Dec 2006)
416    
417     27 Dec 2006; Christian Heim <phreak@gentoo.org>
418     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
419     Revision bump for bug #157186.
420 phreak 1.127
421     *hardened-sources-2.6.19-r2 (23 Dec 2006)
422    
423     23 Dec 2006; Christian Heim <phreak@gentoo.org>
424     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
425     Revision bump to pull in genpatches-2.6.19-3 for #157186.
426 phreak 1.126
427     17 Dec 2006; Christian Heim <phreak@gentoo.org>
428     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
429     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
430     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
431     hardened-sources-2.6.19-r1.ebuild:
432     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
433     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
434 pappy 1.125
435     *hardened-sources-2.4.33.4 (17 Dec 2006)
436    
437     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
438     +hardened-sources-2.4.33.4.ebuild:
439     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
440     and quilting
441 phreak 1.124
442     *hardened-sources-2.6.19-r1 (14 Dec 2006)
443    
444     14 Dec 2006; Christian Heim <phreak@gentoo.org>
445     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
446     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
447     for reporting).
448 phreak 1.123
449     *hardened-sources-2.6.19 (13 Dec 2006)
450    
451     13 Dec 2006; Christian Heim <phreak@gentoo.org>
452     +hardened-sources-2.6.19.ebuild:
453     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
454     Brad for providing that prompt update.
455 phreak 1.122
456     *hardened-sources-2.6.18-r3 (13 Dec 2006)
457    
458     13 Dec 2006; Christian Heim <phreak@gentoo.org>
459     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
460     +hardened-sources-2.6.18-r3.ebuild:
461     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
462     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
463 phreak 1.121
464     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
465     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
466 nixnut 1.120
467     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
468     Stable on ppc wrt bug 157356
469 opfer 1.119
470     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
471     hardened-sources-2.6.18.ebuild:
472     stable x86, bug #157356
473 phreak 1.118
474     *hardened-sources-2.6.18-r2 (06 Dec 2006)
475    
476     06 Dec 2006; Christian Heim <phreak@gentoo.org>
477     +hardened-sources-2.6.18-r2.ebuild:
478     Revision bump, including 2.6.18.5 (via genpatches) and
479     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
480     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
481     redesign.
482 phreak 1.117
483     06 Dec 2006; Christian Heim <phreak@gentoo.org>
484     hardened-sources-2.6.18.ebuild:
485     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
486     of Mike Doty).
487 phreak 1.116
488     *hardened-sources-2.6.18-r1 (23 Nov 2006)
489    
490     23 Nov 2006; Christian Heim <phreak@gentoo.org>
491     +hardened-sources-2.6.18-r1.ebuild:
492     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
493 phreak 1.115
494     *hardened-sources-2.6.18 (11 Nov 2006)
495    
496     11 Nov 2006; Christian Heim <phreak@gentoo.org>
497     +hardened-sources-2.6.18.ebuild:
498     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
499 solar 1.114
500     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
501     - mark amd64 stable also. bug #151877
502 solar 1.113
503     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
504     - mark 2.6.17-r1 stable
505 phreak 1.112
506     27 Aug 2006; Christian Heim <phreak@gentoo.org>
507     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
508     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
509 phreak 1.111
510     *hardened-sources-2.6.17-r1 (26 Aug 2006)
511    
512     26 Aug 2006; Christian Heim <phreak@gentoo.org>
513     +hardened-sources-2.6.17-r1.ebuild:
514     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
515     grsecurity patch.
516 phreak 1.110
517     *hardened-sources-2.6.17 (17 Aug 2006)
518    
519     17 Aug 2006; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.17.ebuild:
521     Bumping the hardened-sources-2.6 series to 2.6.17, using
522     genpatches-2.6.17-6.base.
523 solar 1.109
524     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
525     - stable on x86 and amd64
526 solar 1.108
527     *hardened-sources-2.6.16-r11 (15 Jul 2006)
528    
529     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
530     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
531     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
532     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
533     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
534     crusty ebuilds
535 johnm 1.107
536     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
537     hardened-sources-2.6.16-r10.ebuild:
538     marking stable on x86 and amd64
539 solar 1.106
540     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
541     - 2.4.32-r6 stable on x86. RSBAC state unknown
542 kang 1.105
543     *hardened-sources-2.4.32-r7 (10 Jul 2006)
544    
545     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
546     +hardened-sources-2.4.32-r7.ebuild:
547     Bump PaX for RSBAC to test-17
548 johnm 1.104
549     *hardened-sources-2.6.16-r9 (03 Jul 2006)
550    
551     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
552     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
553     hardened-sources-2.6.16 bump to latest -base.
554 solar 1.103
555     *hardened-sources-2.4.32-r6 (30 Jun 2006)
556    
557     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
558     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
559     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
560     sysctl controlable resource logging
561 johnm 1.102
562     *hardened-sources-2.6.16-r7 (05 Jun 2006)
563    
564     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
565     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
566     push new 2.6.16 release in preparation for stable
567 solar 1.101
568     22 May 2006; <solar@gentoo.org> :
569     - redigest bug 134002
570 kang 1.100
571     *hardened-sources-2.4.32-r5 (16 May 2006)
572    
573     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
574     +hardened-sources-2.4.32-r5.ebuild:
575     Fixes rsbac common patching (new patch in new -r5 patchset)
576 solar 1.99
577     *hardened-sources-2.4.32-r4 (13 May 2006)
578    
579     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
580     +hardened-sources-2.4.32-r4.ebuild:
581     - security bumps
582 johnm 1.98
583     *hardened-sources-2.6.16-r6 (03 May 2006)
584    
585     03 May 2006; John Mylchreest <johnm@gentoo.org>
586     +hardened-sources-2.6.16-r6.ebuild:
587     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
588 johnm 1.97
589     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
590     hardened-sources-2.6.14-r8.ebuild:
591     fix x86_64 build problem, this will delay the digest issue again for a short
592     while but it will sort itself out
593 johnm 1.96
594     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
595     hardened-sources-2.6.14-r8.ebuild:
596     bump hardened patchset
597 antarus 1.94
598     27 Apr 2006; Alec Warner <antarus@gentoo.org>
599     files/digest-hardened-sources-2.4.32-r2,
600     files/digest-hardened-sources-2.4.32-r3,
601     files/digest-hardened-sources-2.6.14-r8, Manifest:
602     Fixing duff SHA256 digests: Bug # 131293
603 johnm 1.93
604 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
605    
606     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
608     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
609     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
610     cleanup of old uneccessary sources
611    
612 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
613     fix digest
614 johnm 1.92
615     *hardened-sources-2.6.14-r8 (20 Apr 2006)
616    
617     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
618     +hardened-sources-2.6.14-r8.ebuild:
619     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
620 johnm 1.91
621     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
622     Turning on gpg-signing again, and recomitting
623 johnm 1.90
624     *hardened-sources-2.6.16-r4 (20 Apr 2006)
625    
626     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
627     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
628     +hardened-sources-2.6.16-r4.ebuild:
629     Fix numerous security vulns
630 solar 1.89
631     *hardened-sources-2.4.32-r3 (16 Apr 2006)
632    
633     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
634     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
635     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
636     - security bump for bug #112791. Removed old ebuilds
637 johnm 1.88
638     *hardened-sources-2.6.16-r3 (15 Apr 2006)
639    
640     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
641     +hardened-sources-2.6.16-r3.ebuild:
642     Removing silly localversion which I missed
643 johnm 1.87
644     *hardened-sources-2.6.14-r7 (14 Apr 2006)
645    
646     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
648     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
649 johnm 1.86
650     *hardened-sources-2.6.16-r2 (13 Apr 2006)
651    
652     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
653     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
654     +hardened-sources-2.6.16-r2.ebuild:
655     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
656     labels, dropping USERGROUP define fixes, since these were merged mainstream.
657 johnm 1.85
658     *hardened-sources-2.6.16-r1 (11 Apr 2006)
659    
660     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
661     +hardened-sources-2.6.16-r1.ebuild:
662     Bumping to include ppc build fix and 2.6.16.3
663 tsunam 1.84
664     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
665     hardened-sources-2.6.14-r6.ebuild:
666     Stable on x86; bug #127718
667 johnm 1.83
668     *hardened-sources-2.6.16 (31 Mar 2006)
669    
670     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
671     +hardened-sources-2.6.16.ebuild:
672     Bumping to new version of grsec, and kernel base. New squashfs. Based on
673     2.6.16.1
674 cryos 1.82
675     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
676     hardened-sources-2.6.14-r6.ebuild:
677     Stable on amd64, bug 127718.
678 nixnut 1.81
679     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
680     Stable on ppc. Bug #127718
681 johnm 1.80
682     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
683     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
684     -hardened-sources-2.6.14-r4.ebuild:
685     Cleanup.
686 johnm 1.79
687     *hardened-sources-2.6.14-r6 (15 Mar 2006)
688    
689     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
690     +hardened-sources-2.6.14-r6.ebuild:
691     Fixes grsec policy recreation bug and adds a
692     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
693 solar 1.78
694     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
695     - stable on x86
696 hansmi 1.77
697     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
698     hardened-sources-2.6.14-r5.ebuild:
699     Stable on ppc.
700 johnm 1.76
701     *hardened-sources-2.6.14-r5 (01 Feb 2006)
702    
703     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
704     +hardened-sources-2.6.14-r5.ebuild:
705     fixing every known exploit
706 solar 1.75
707     *hardened-sources-2.4.32-r2 (26 Jan 2006)
708    
709     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
710     +hardened-sources-2.4.32-r2.ebuild:
711     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
712 solar 1.74
713     *hardened-sources-2.6.14-r4 (12 Jan 2006)
714    
715     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
716     - version bump for new genpatches which fix up a few sec holes
717 solar 1.73
718     *hardened-sources-2.4.32-r1 (05 Jan 2006)
719    
720     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
721     - revision bump to add misc vital linux kernel security patches.
722 johnm 1.72
723     *hardened-sources-2.6.14-r3 (30 Dec 2005)
724    
725     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
726     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
727     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
728 johnm 1.71
729     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
730     hardened-sources-2.6.14-r2.ebuild:
731     making x86 & amd64 stable following testing.
732 johnm 1.70
733     *hardened-sources-2.6.14-r2 (27 Dec 2005)
734    
735     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
736     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
737     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
738     network hooks.
739 johnm 1.69
740     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
741     hardened-sources-2.6.14-r1.ebuild:
742     bumping to stable early for sec fix on x86 & amd64
743 johnm 1.68
744     *hardened-sources-2.6.14-r1 (05 Dec 2005)
745    
746     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
747     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
748     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
749 solar 1.67
750     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
751     - stable on x86 security bug #114227 CAN-2005-3257
752 kang 1.66
753     *hardened-sources-2.4.32 (19 Nov 2005)
754    
755     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
756     +hardened-sources-2.4.32.ebuild:
757     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
758     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
759     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
760     rsbac >> /etc/portage/package.use)
761 johnm 1.65
762     *hardened-sources-2.6.14 (14 Nov 2005)
763    
764     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
765     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
766     Bumping 2.6 series to 2.6.14.2
767 johnm 1.64
768     *hardened-sources-2.6.13-r2 (20 Oct 2005)
769    
770     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
771     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
772     +hardened-sources-2.6.13-r2.ebuild:
773     Fixes minor build error in ppc.
774 johnm 1.63
775     *hardened-sources-2.6.13-r1 (17 Oct 2005)
776    
777     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
778     +hardened-sources-2.6.13-r1.ebuild:
779     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
780     2.6.13.4, fixes some major amd64 stability problems.
781 johnm 1.62
782     *hardened-sources-2.6.13 (16 Sep 2005)
783    
784     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
785     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
786     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
787     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
788     users should test this thoroughly.
789 solar 1.61
790     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
791     - stable on x86
792 johnm 1.60
793     *hardened-sources-2.6.11-r15 (27 Jun 2005)
794    
795     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
796     +hardened-sources-2.6.11-r15.ebuild:
797     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
798     grsec redefining curr_ip struct.
799 solar 1.59
800     *hardened-sources-2.4.31 (20 Jun 2005)
801    
802     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
803     initial import of 2.4.31 tree
804 johnm 1.58
805     *hardened-sources-2.6.11-r14 (14 Jun 2005)
806    
807     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
808     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
809     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
810     naming scheme to abide by genpatches
811 johnm 1.57
812     *hardened-sources-2.6.11-r13 (18 May 2005)
813    
814     18 May 2005; John Mylchreest <johnm@gentoo.org>
815     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
816     Managed to mangle the Makefile patch from grsec, to miss out the grsec
817     target. sorry about that. Fixes bug #93022
818 johnm 1.56
819     *hardened-sources-2.6.11-r12 (17 May 2005)
820    
821     17 May 2005; John Mylchreest <johnm@gentoo.org>
822     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
823     +hardened-sources-2.6.11-r12.ebuild:
824     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
825     merges in genpatches-base
826 johnm 1.55
827     *hardened-sources-2.6.11-r12 (17 May 2005)
828    
829     17 May 2005; John Mylchreest <johnm@gentoo.org>
830     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
831     +hardened-sources-2.6.11-r12.ebuild:
832     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
833     merges in genpatches-base
834 solar 1.54
835     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
836     -files/2.4.27-cmdline-race.patch,
837     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
838     -files/2.4.28-grsec-binfmt_a.out.patch,
839     -files/2.4.28-grsec-cmdline-race.patch,
840     -files/2.4.28-selinux-binfmt_a.out.patch,
841     -files/2.4.28-selinux-cmdline-race.patch,
842     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
843     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
844     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
845     cleanup..
846 solar 1.53
847     *hardened-sources-2.4.30-r1 (21 Apr 2005)
848    
849     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
850     - disable aout by default
851 solar 1.52
852     *hardened-sources-2.4.30 (18 Apr 2005)
853    
854     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
855     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
856     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
857     use
858 tocharian 1.50
859 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
860    
861     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
862     +hardened-sources-2.4.29.ebuild:
863     New hardened-patches-2.4-29.0 patchball.
864     Removed SELinux support, upgraded GRSecurity to 2.1.4.
865    
866     *hardened-sources-2.4.28-r5 (06 Mar 2005)
867    
868     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
869     +hardened-sources-2.4.28-r5.ebuild:
870     Added a fix for a PaX vulnerability.
871    
872     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
873 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
874     Stable on x86
875 solar 1.49
876     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
877     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
878     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
879     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
880     - fixed/added RDEPEND= in all kernel-2 ebuilds
881 tocharian 1.48
882     *hardened-sources-2.4.28-r4 (21 Jan 2005)
883    
884     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
885     +hardened-sources-2.4.28-r4.ebuild:
886     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
887     backport of neighbour hash updates.
888 tocharian 1.47
889     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
890     hardened-sources-2.4.28-r3.ebuild:
891     Stable on x86
892 tseng 1.46
893     *hardened-sources-2.6.10-r3 (20 Jan 2005)
894    
895     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
896     +hardened-sources-2.6.10-r3.ebuild:
897     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
898     in 2005.0
899 tocharian 1.45
900     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
901     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
902     hardened-sources-2.4.28-r2.ebuild:
903     Mark stable on x86
904 tocharian 1.44
905     *hardened-sources-2.4.28-r3 (17 Jan 2005)
906    
907     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
908     +hardened-sources-2.4.28-r3.ebuild:
909     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
910 tocharian 1.43
911     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
912     hardened-sources-2.4.28.ebuild:
913     Mark stable on x86.
914 tocharian 1.42
915     *hardened-sources-2.4.28-r2 (13 Jan 2005)
916    
917     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
918     +hardened-sources-2.4.28-r2.ebuild:
919     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
920     Mazinger for grsecurity patches as well.
921 plasmaroo 1.41
922     *hardened-sources-2.4.28-r1 (23 Dec 2004)
923    
924     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
925     Security bump. Thank tocharian for rolling a new patchset...
926 solar 1.40
927     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
928     +files/2.4.28-grsec-cmdline-race.patch,
929     +files/2.4.28-selinux-binfmt_a.out.patch,
930     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
931     - Round up remaining security patches that appear to be missing in 2.4.28. -
932     PaX standalone updated to current. hgpv=28.1
933 solar 1.39
934     *hardened-sources-2.4.28 (28 Nov 2004)
935    
936     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
937     security bump. Thank tocharian for rolling a new patchset
938 scox 1.31
939 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
940    
941     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
942     +hardened-sources-2.4.27-r3.ebuild:
943     Applies the new 2.4-27.2 patchball which updates
944     GRSecurity to the 2.0.1 version.
945    
946 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
947    
948     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
949     +hardened-sources-2.4.27-r2.ebuild:
950     Version bump.
951     This version uses the new 2.4-27.1 patchball which updates
952     both the SELinux PaX hooks patch and the SELinux headers.
953    
954 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
955    
956     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
957     +hardened-sources-2.4.27-r1.ebuild,
958     -hardened-sources-2.4.27.ebuild,
959     +files/2.4.27-cmdline-race.patch:
960     Version bump, fix for cmdline race. See bug #59905.
961    
962     *hardened-sources-2.4.26-r6 (09 Aug 2004)
963    
964     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
965     +hardened-sources-2.4.26-r6.ebuild,
966     -hardened-sources-2.4.26-r5.ebuild,
967     -hardened-sources-2.4.26-r4.ebuild,
968     +files/2.4.26-cmdline-race.patch:
969     Version bump, fix for cmdline race. See bug #59905.
970    
971 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
972    
973     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
974     +hardened-sources-2.4.27.ebuild,
975     +files/2.4.27-CAN-2004-0394.patch:
976     Ported the patchball to the 2.4.27 kernel version.
977    
978 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
979    
980     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
981     +hardened-sources-2.4.26-r5.ebuild:
982 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
983 scox 1.34 It adds the following features:
984     - Squashfs
985     - Ebtables
986     - Netdev random (core+drivers)
987     - Watchdog Timer (WDT) fix.
988    
989 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
990    
991     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
992     +hardened-sources-2.4.26-r4.ebuild,
993     +files/2.4.26-CAN-2004-0415.patch,
994     -hardened-sources-2.4.26-3:
995     Version bump, fix for CAN 0415, see bug #59378.
996    
997 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
998    
999     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1000     +hardened-sources-2.4.26-r3.ebuild,
1001     +files/2.4.26-CAN-2004-0497.patch,
1002     -hardened-sources-2.4.26-r2.ebuild:
1003     Version bump, fixed CAN 0497, see bug #56171.
1004    
1005 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1006    
1007     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1008 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1009 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1010     +files/2.4.26-CAN-2004-0535.patch,
1011     -hardened-sources-2.4.26-r1.ebuild:
1012     Fixes for both CAN 0495 and 0535, see bug #54976
1013 pvdabeel 1.27
1014 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1015     hardened-sources-2.4.26-r1.ebuild:
1016     QA - fix use invocation
1017 scox 1.28
1018     *hardened-sources-2.4.26-r1 (22 June 2004)
1019    
1020     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1021     +hardened-sources-2.4.26-r1.ebuild,
1022     +files/2.4.26-CAN-2004-0394.patch,
1023     +files/2.4.26-signal-race.patch,
1024     -hardened-sources-2.4.26.ebuild,
1025     -hardened-sources-2.4.24-r3.ebuild:
1026     Version bump for the CAN-2004-0394 issue and bug #53804
1027     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1028    
1029    
1030 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1031     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1032     Masked hardened-sources-2.4.26.ebuild broken for ppc
1033    
1034     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1035     hardened-sources-2.4.24-r3.ebuild:
1036     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1037 plasmaroo 1.25
1038 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1039    
1040     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1041     +hardened-sources-2.4.26.ebuild:
1042     Updated hardened-sources for the 2.4.26 kernel
1043     Removed broken components, updated almost everything.
1044    
1045 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1046    
1047     17 Apr 2004; <plasmaroo@gentoo.org>
1048     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1049     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1050     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1051     +hardened-sources-2.4.24-r3.ebuild:
1052     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1053     vulnerabilities. Old revisions removed.
1054 plasmaroo 1.24
1055     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1056    
1057     15 Apr 2004; <plasmaroo@gentoo.org>
1058     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1059     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1060     Version bump for the CAN-2004-0109 issue; bug #47881.
1061 aliz 1.23
1062     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1063     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1064     Add eutils to inherit.
1065 plasmaroo 1.22
1066     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1067    
1068     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1069     files/hardened-sources-2.4.24.munmap.patch:
1070     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1071 scox 1.19
1072 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1073 scox 1.26
1074 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1075     hardened-sources-2.4.24.ebuild:
1076     Version bump, updated most of the components.
1077     This release includes the following:
1078    
1079     - Hardened security
1080     - Netfilter patch-o-matic 20031219
1081     - FreeSWAN 2.04 & x509 1.4.8
1082     - EVMS 2.2.2
1083     - XFS 1.3.1
1084     - cryptoloop jari
1085     - grsecurity 2.0-rc4
1086     - SELinux
1087     - PaX 200402060000
1088     - PaX Obscurity 200308302223
1089     - Others...
1090    
1091     Neither -ck nor systrace are included anymore.
1092    
1093 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1094    
1095     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1096     hardened-sources-2.4.22-r2.ebuild:
1097 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1098 scox 1.19
1099     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1100 iggy 1.17
1101     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1102 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1103 iggy 1.16
1104     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1105 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1106     Version bump for the 'do_brk' vulnerability.
1107 iggy 1.15
1108     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1109     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1110     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1111     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1112 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1113 frogger 1.14
1114     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1115     hardened-sources-2.4.22.ebuild:
1116 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1117     components. These are no longer handled in the kernel
1118     so this code was not necessary.
1119 frogger 1.13
1120     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1121     New 2.4.22 based hardened-sources thanks to
1122     Phil West <p.west@computer.org>.
1123    
1124     These sources include:
1125 plasmaroo 1.18 - New SELinux API
1126     - Updated CK-base
1127     - Updated GRSec
1128     - Systrace
1129     - SuperFreeS/WAN 1.99.8
1130     - Propolice kernel build support
1131     - EVMS
1132     - Other various security related patches
1133 frogger 1.11
1134 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1135    
1136     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1137     Updated hardened-sources based on the 2.4.21 Linux kernel.
1138     This includes updates to most major components such as:
1139 plasmaroo 1.18 - ck-base-0306300059
1140     - selinux-2.4-2003071106
1141     - grsecurity-2.0-rc1
1142     - Updated IPTables patch-o-matic
1143     - Updated SuperFreeS/WAN
1144    
1145 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1146     updated patch set ready for the 2.4.21 based kernel.
1147    
1148 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1149     Initial import of hardened-sources-2.4.20-r4. This revision
1150     includes only a few changes, but one of these is an important
1151     security fix. It is recommended all users of hardened-sources
1152     upgrade to this release.
1153 plasmaroo 1.18
1154 frogger 1.11 - ioperm bug fix
1155     - fixed compilation failure when building without GRSec
1156 plasmaroo 1.18
1157 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1158     due to time constraints, but is planned for inclusion in the near
1159     future.
1160 msterret 1.10
1161     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1162    
1163     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1164     hardened-sources-2.4.20-r3.ebuild:
1165 plasmaroo 1.18 Add Header...
1166 frogger 1.9
1167     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1168     hardened-sources-2.4.20-r3.ebuild:
1169     Removed warnings from ebuild. This kernel should be safe to
1170     use at this point.
1171 frogger 1.8
1172     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1173    
1174     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1175     hardened-sources-2.4.20-r3.ebuild:
1176     New revision. Includes the following changes over -r2:
1177 plasmaroo 1.18
1178 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1179     - Super FreeS/WAN 1.99.7rc2
1180     - PaX for the LSM/SELinux branch
1181     - GRSecurity 2.0-pre4 (role based access control)
1182     - Systrace 1.3
1183     - EXT3 fixes
1184     - EVMS 2.0.1
1185     - GCC 3.1+ compile optimizations
1186     - ProPolice kernel build support
1187     - Hashing table security fixes
1188 frogger 1.3
1189     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1190 frogger 1.7
1191     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1192     Initial import of hardened-sources-r2. This new
1193     ebuild includes many new performance and security
1194     related patches. As in -r1, it will patch in
1195     LSM/SELinux if "selinux" is in USE, otherwise it
1196     will patch in GRSecurity. The following patches
1197     are included in this revision:
1198 plasmaroo 1.18
1199 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1200     (pulled from the base CK patch)
1201     - ptrace exploit patch for the LSM kernel
1202     (the GRSec patch already fixes this)
1203     - LSM 2.4-2003040709
1204     - SELinux 2.4-2003040709
1205     - Systrace v1.2
1206     - IPTables patch-o-matic base patches - 20030107
1207     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1208     - Super FreeS/WAN 1.99.6.1
1209     - GRSecurity 1.9.9g
1210     - MPPE
1211     - EXT3 data journal fix
1212     - CIPE 1.5.4
1213 frogger 1.6
1214     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1215     hardened-sources-2.4.20-r1.ebuild, manifest:
1216 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1217 frogger 1.5
1218     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1219     hardened-sources-2.4.20-r1.ebuild:
1220     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1221     is patched in instead. Ptrace patches for selinux have also been added. In
1222     either case, systrace support will be patched in as well.
1223 frogger 1.3
1224     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1225     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1226 plasmaroo 1.18 Revision bump for new sources.
1227 frogger 1.4
1228 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1229 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1230 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1231 method 1.1
1232 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1233    
1234 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1235     hardened-sources-2.4.20.ebuild:
1236 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20