/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.201 - (hide annotations) (download)
Mon Dec 24 11:52:00 2007 UTC (6 years, 10 months ago) by phreak
Branch: MAIN
Changes since 1.200: +7 -1 lines
Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't in the tree for long, but there isn't much of a difference between this and -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
(Portage version: 2.1.3.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.201 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.200 2007/12/23 12:35:28 phreak Exp $
4    
5     24 Dec 2007; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.6.23-r4.ebuild:
7     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
8     in the tree for long, but there isn't much of a difference between this and
9     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
10 phreak 1.200
11     *hardened-sources-2.6.23-r4 (23 Dec 2007)
12    
13     23 Dec 2007; Christian Heim <phreak@gentoo.org>
14     +hardened-sources-2.6.23-r4.ebuild:
15     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
16 phreak 1.199
17     *hardened-sources-2.6.23-r3 (04 Dec 2007)
18    
19     04 Dec 2007; Christian Heim <phreak@gentoo.org>
20     +hardened-sources-2.6.23-r3.ebuild:
21     Revision bump, pulling in 2.6.23.9.
22 phreak 1.198
23     *hardened-sources-2.6.23-r2 (25 Nov 2007)
24    
25     25 Nov 2007; Christian Heim <phreak@gentoo.org>
26     +hardened-sources-2.6.23-r2.ebuild:
27     Updated patchset, thanks to solar.
28 phreak 1.197
29     *hardened-sources-2.6.23-r1 (31 Oct 2007)
30    
31     31 Oct 2007; Christian Heim <phreak@gentoo.org>
32     +hardened-sources-2.6.23-r1.ebuild:
33     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
34 solar 1.196
35     29 Oct 2007; <solar@gentoo.org> metadata.xml:
36     - update metadata.xml
37 phreak 1.195
38     25 Oct 2007; Christian Heim <phreak@gentoo.org>
39     hardened-sources-2.6.22-r8.ebuild:
40     Marking 2.6.22-r8 stable on amd64 and x86.
41 phreak 1.194
42     21 Oct 2007; Christian Heim <phreak@gentoo.org>
43     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
44     -hardened-sources-2.6.21-r4.ebuild:
45     Removing old ebuilds.
46 phreak 1.193
47     *hardened-sources-2.4.35-r2 (21 Oct 2007)
48    
49     21 Oct 2007; Christian Heim <phreak@gentoo.org>
50     +hardened-sources-2.4.35-r2.ebuild:
51     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
52     patches.
53 phreak 1.192
54     *hardened-sources-2.6.22-r8 (21 Oct 2007)
55    
56     21 Oct 2007; Christian Heim <phreak@gentoo.org>
57     +hardened-sources-2.6.22-r8.ebuild:
58     Yet another new patch, hopefully fixing the remaining issues we had w/
59     2.6.22. Candidate for stabling.
60 phreak 1.191
61     *hardened-sources-2.6.23 (13 Oct 2007)
62    
63     13 Oct 2007; Christian Heim <phreak@gentoo.org>
64     +hardened-sources-2.6.23.ebuild:
65     Initial hardened-sources-2.6.23. If people still have problems w/ bug
66     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
67 phreak 1.190
68     11 Oct 2007; Christian Heim <phreak@gentoo.org>
69     hardened-sources-2.6.20-r10.ebuild:
70     Pulling in yet another new genpatches version, fixing the PWC bug for real.
71 phreak 1.189
72     04 Oct 2007; Christian Heim <phreak@gentoo.org>
73     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
74     Removing old versions.
75 phreak 1.188
76     *hardened-sources-2.6.22-r7 (01 Oct 2007)
77    
78     01 Oct 2007; Christian Heim <phreak@gentoo.org>
79     +hardened-sources-2.6.22-r7.ebuild:
80     Revision bump, pulling in a newer patch. Should fix #194276.
81 phreak 1.187
82     30 Sep 2007; Christian Heim <phreak@gentoo.org>
83     hardened-sources-2.6.20-r10.ebuild:
84     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
85     Mike Doty).
86 phreak 1.186
87     *hardened-sources-2.6.22-r6 (26 Sep 2007)
88    
89     26 Sep 2007; Christian Heim <phreak@gentoo.org>
90     +hardened-sources-2.6.22-r6.ebuild:
91     Revision bump, grabbing up till Linux 2.6.22.9.
92 phreak 1.185
93     24 Sep 2007; Christian Heim <phreak@gentoo.org>
94     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
95     Cleaning up further.
96 phreak 1.184
97     *hardened-sources-2.6.20-r10 (24 Sep 2007)
98    
99     24 Sep 2007; Christian Heim <phreak@gentoo.org>
100     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
101     +hardened-sources-2.6.20-r10.ebuild:
102     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
103     revisions.
104 phreak 1.183
105     *hardened-sources-2.6.22-r5 (22 Sep 2007)
106    
107     22 Sep 2007; Christian Heim <phreak@gentoo.org>
108     +hardened-sources-2.6.22-r5.ebuild:
109     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
110 phreak 1.182
111     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
112     Removing johnm from metadata.xml (see #186467 for reference).
113 phreak 1.181
114     *hardened-sources-2.6.22-r4 (17 Sep 2007)
115    
116     17 Sep 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.22-r4.ebuild:
118     Revision bump, hopefully fixing all those weird PAX failures.
119 phreak 1.180
120     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
121     Updating the metadata.xml.
122 phreak 1.179
123     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
124     Removing tocharian from metadata due to his retirement (see #71718 for
125     reference).
126 phreak 1.178
127     *hardened-sources-2.6.20-r9 (30 Aug 2007)
128    
129     30 Aug 2007; Christian Heim <phreak@gentoo.org>
130     +hardened-sources-2.6.20-r9.ebuild:
131     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
132 phreak 1.177
133     29 Aug 2007; Christian Heim <phreak@gentoo.org>
134     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
135     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
136     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
137     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
138     -hardened-sources-2.6.22-r2.ebuild:
139     Removing some redundant versions.
140 phreak 1.176
141     *hardened-sources-2.4.35-r1 (29 Aug 2007)
142    
143     29 Aug 2007; Christian Heim <phreak@gentoo.org>
144     +hardened-sources-2.4.35-r1.ebuild:
145     Revision bump, new grsecurity patch.
146 phreak 1.175
147     *hardened-sources-2.6.20-r8 (26 Aug 2007)
148    
149     26 Aug 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.20-r8.ebuild:
151     Revision bump for Linux 2.6.20.17.
152 phreak 1.174
153     *hardened-sources-2.6.22-r3 (22 Aug 2007)
154    
155     22 Aug 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.22-r3.ebuild:
157     Revision bump for Linux 2.6.22.4.
158 phreak 1.173
159     16 Aug 2007; Christian Heim <phreak@gentoo.org>
160     hardened-sources-2.6.22-r2.ebuild:
161     Updated patchset, to fix the alignment against 2.6.22.3.
162 phreak 1.172
163     *hardened-sources-2.6.22-r2 (16 Aug 2007)
164    
165     16 Aug 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.22-r2.ebuild:
167     Revision bump for Linux 2.6.22.3.
168 phreak 1.171
169     *hardened-sources-2.4.35 (16 Aug 2007)
170    
171     16 Aug 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.4.35.ebuild:
173     Version bump, initial version for Linux 2.4.35.
174 phreak 1.170
175     *hardened-sources-2.6.21-r4 (16 Aug 2007)
176    
177     16 Aug 2007; Christian Heim <phreak@gentoo.org>
178     +hardened-sources-2.6.21-r4.ebuild:
179     Revision bump for Linux 2.6.21.6.
180 phreak 1.169
181     *hardened-sources-2.6.20-r7 (16 Aug 2007)
182    
183     16 Aug 2007; Christian Heim <phreak@gentoo.org>
184     +hardened-sources-2.6.20-r7.ebuild:
185     Revision bump for Linux 2.6.20.16.
186 phreak 1.168
187     *hardened-sources-2.6.22-r1 (13 Aug 2007)
188    
189     13 Aug 2007; Christian Heim <phreak@gentoo.org>
190     +hardened-sources-2.6.22-r1.ebuild:
191     Yet another revision bump.
192 phreak 1.167
193     *hardened-sources-2.6.22 (10 Aug 2007)
194    
195     10 Aug 2007; Christian Heim <phreak@gentoo.org>
196     +hardened-sources-2.6.22.ebuild:
197     Initial release for 2.6.22. If you are using hardened-sources on a desktop
198     machine (P4 or newer), be aware you might need to disable
199     CONFIG_PAX_PAGEEXEC.
200 phreak 1.166
201     04 Aug 2007; Christian Heim <phreak@gentoo.org>
202     hardened-sources-2.6.20-r6.ebuild:
203     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
204     2.6.20.15.
205 phreak 1.165
206     10 Jul 2007; Christian Heim <phreak@gentoo.org>
207     hardened-sources-2.6.20-r5.ebuild:
208     Marking hardened-sources-2.6.20-r5 stable on ppc.
209 phreak 1.164
210     10 Jul 2007; Christian Heim <phreak@gentoo.org>
211     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
212     Cleanup.
213 phreak 1.163
214     *hardened-sources-2.6.20-r6 (08 Jul 2007)
215    
216     08 Jul 2007; Christian Heim <phreak@gentoo.org>
217     +hardened-sources-2.6.20-r6.ebuild:
218     Revision bump, grabbing yet another stable release.
219 phreak 1.162
220     17 Jun 2007; Christian Heim <phreak@gentoo.org>
221     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
222     -hardened-sources-2.6.21-r2.ebuild:
223     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
224     alpha stable KEYWORD by mistake.
225 phreak 1.161
226     17 Jun 2007; Christian Heim <phreak@gentoo.org>
227     hardened-sources-2.6.20-r5.ebuild:
228     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
229     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
230 phreak 1.160
231     *hardened-sources-2.6.21-r3 (12 Jun 2007)
232    
233     12 Jun 2007; Christian Heim <phreak@gentoo.org>
234     +hardened-sources-2.6.21-r3.ebuild:
235     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
236     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
237     love.
238 phreak 1.159
239     *hardened-sources-2.6.20-r5 (11 Jun 2007)
240    
241     11 Jun 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.20-r5.ebuild:
243     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
244     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
245     love.
246 pappy 1.158
247     *hardened-sources-2.4.34.5 (11 Jun 2007)
248    
249     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
250     +hardened-sources-2.4.34.5.ebuild:
251     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
252 phreak 1.157
253     30 May 2007; Christian Heim <phreak@gentoo.org>
254     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
255     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
256     stale ebuild(s).
257 phreak 1.156
258     30 May 2007; Christian Heim <phreak@gentoo.org>
259     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
260     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
261     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
262     Doing some cleanups, remove stale ebuilds.
263 phreak 1.155
264     26 May 2007; Christian Heim <phreak@gentoo.org>
265     hardened-sources-2.6.21-r2.ebuild:
266     Fixing the grsecurity patch, had one '};' too much.
267 phreak 1.154
268     *hardened-sources-2.6.21-r2 (26 May 2007)
269    
270     26 May 2007; Christian Heim <phreak@gentoo.org>
271     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
272     +hardened-sources-2.6.21-r2.ebuild:
273     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
274     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
275 phreak 1.153
276     *hardened-sources-2.6.20-r4 (26 May 2007)
277    
278     26 May 2007; Christian Heim <phreak@gentoo.org>
279     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
280     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
281 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
282 phreak 1.152
283     15 May 2007; Christian Heim <phreak@gentoo.org>
284     hardened-sources-2.6.20-r3.ebuild:
285     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
286     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
287     grsecurity patch fail in that exact same hunk.
288 phreak 1.151
289     *hardened-sources-2.6.20-r3 (15 May 2007)
290    
291     15 May 2007; Christian Heim <phreak@gentoo.org>
292     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
293     Revision bump, incorporating Linux 2.6.20.11.
294    
295     *hardened-sources-2.6.21-r1 (11 May 2007)
296    
297     11 May 2007; Christian Heim <phreak@gentoo.org>
298     +hardened-sources-2.6.21-r1.ebuild:
299     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
300     mentioned in #177234.
301 kevquinn 1.150
302     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
303     files/digest-hardened-sources-2.6.21, Manifest:
304     Fix Manifest/digest for linux-2.6.21.tar.bz2
305 phreak 1.149
306     06 May 2007; Christian Heim <phreak@gentoo.org>
307     hardened-sources-2.6.21.ebuild:
308     Bumping the hardened-patches version, needed for the fix for #177234.
309 phreak 1.148
310     *hardened-sources-2.6.21 (02 May 2007)
311    
312     02 May 2007; Christian Heim <phreak@gentoo.org>
313     +hardened-sources-2.6.21.ebuild:
314     Version bump, Linux 2.6.21-hardened.
315 phreak 1.147
316     29 Apr 2007; Christian Heim <phreak@gentoo.org>
317     hardened-sources-2.6.20-r2.ebuild:
318     Adding ~ia64 on Ned's request.
319 phreak 1.146
320     29 Apr 2007; Christian Heim <phreak@gentoo.org>
321     hardened-sources-2.6.20-r2.ebuild:
322     Fixing the included grsecurity patch, wasn't alligning due to the Index:
323     header line(s).
324 phreak 1.145
325     29 Apr 2007; Christian Heim <phreak@gentoo.org>
326     hardened-sources-2.6.20-r2.ebuild:
327     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
328 armin76 1.144
329     *hardened-sources-2.6.20-r2 (10 Apr 2007)
330    
331     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
332     +hardened-sources-2.6.20-r2.ebuild:
333     Version bump, on behalf of phreak
334 phreak 1.143
335     *hardened-sources-2.6.20-r1 (04 Apr 2007)
336    
337     04 Apr 2007; Christian Heim <phreak@gentoo.org>
338     +hardened-sources-2.6.20-r1.ebuild:
339     Revision bump, grabbing a newer grsecurity snapshot.
340 phreak 1.142
341     *hardened-sources-2.6.20 (25 Mar 2007)
342    
343     25 Mar 2007; Christian Heim <phreak@gentoo.org>
344     +hardened-sources-2.6.20.ebuild:
345     Finally a hardened-sources version for 2.6.20; many people have been waiting
346     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
347     testbox.
348 chainsaw 1.141
349     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
350     hardened-sources-2.6.18-r6.ebuild:
351     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
352 phreak 1.140
353     *hardened-sources-2.6.18-r6 (16 Mar 2007)
354    
355     16 Mar 2007; Christian Heim <phreak@gentoo.org>
356     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
357     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
358     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
359     supposed to be.
360 phreak 1.139
361     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
362     Fixing the Manifest, the previous one was broken (as in still had the
363     deleted ebuild in it).
364 phreak 1.138
365     06 Mar 2007; Christian Heim <phreak@gentoo.org>
366     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
367     +hardened-sources-2.6.18-r5.ebuild:
368     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
369     Linux 2.6.18.8. Also cleaning up the older version.
370    
371     *hardened-sources-2.6.18-r5 (06 Mar 2007)
372    
373     06 Mar 2007; Christian Heim <phreak@gentoo.org>
374     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
375     +hardened-sources-2.6.18-r5.ebuild:
376     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
377     Linux 2.6.18.8. Also cleaning up the older version.
378 phreak 1.137
379     24 Feb 2007; Christian Heim <phreak@gentoo.org>
380     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
381     -hardened-sources-2.6.19-r5.ebuild:
382     Removing some of the old version, that didn't work.
383 phreak 1.136
384     *hardened-sources-2.6.19-r6 (12 Feb 2007)
385    
386     12 Feb 2007; Christian Heim <phreak@gentoo.org>
387     +hardened-sources-2.6.19-r6.ebuild:
388     Revision bump, including a new grsec version fixing #166235.
389 pappy 1.134
390     *hardened-sources-2.4.34 (24 Jan 2007)
391    
392     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
393 pappy 1.135 Manifest:
394     updating Manifest with checksums of new tarball and ebuild
395    
396     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
397 pappy 1.134 +hardened-sources-2.4.34.ebuild:
398     I added new hardened sources 2.4 update, this is a critical path
399     security bugfix - all users of h-s are strongly advised
400     to update their existing hardened sources to this version.
401     It contains a fix for a kernel vulnerability that is pertaining
402     to the PaX changes to virtual memory management, possibly leading
403     to a local kernel exploit ... see grsecurity.net forums and homepage
404 phreak 1.133
405     23 Jan 2007; Christian Heim <phreak@gentoo.org>
406     files/digest-hardened-sources-2.6.19-r5, Manifest:
407     Fixing the patch-tarball digest.
408 phreak 1.132
409     *hardened-sources-2.6.19-r5 (23 Jan 2007)
410    
411     23 Jan 2007; Christian Heim <phreak@gentoo.org>
412     +hardened-sources-2.6.19-r5.ebuild:
413     Revision bump, closing the recently discovered PaX expand_stack()
414     vulnerability.
415 phreak 1.131
416     *hardened-sources-2.6.19-r4 (14 Jan 2007)
417    
418     14 Jan 2007; Christian Heim <phreak@gentoo.org>
419     +hardened-sources-2.6.19-r4.ebuild:
420     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
421     dropping the randomized PID feature.
422 opfer 1.130
423     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
424     hardened-sources-2.4.33.4.ebuild:
425     stable x86, bug #161171
426 phreak 1.129
427     *hardened-sources-2.6.19-r3 (27 Dec 2006)
428    
429     27 Dec 2006; Christian Heim <phreak@gentoo.org>
430     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
431     Revision bump for bug #157186 and #158786.
432 phreak 1.128
433     *hardened-sources-2.6.18-r4 (27 Dec 2006)
434    
435     27 Dec 2006; Christian Heim <phreak@gentoo.org>
436     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
437     Revision bump for bug #157186.
438 phreak 1.127
439     *hardened-sources-2.6.19-r2 (23 Dec 2006)
440    
441     23 Dec 2006; Christian Heim <phreak@gentoo.org>
442     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
443     Revision bump to pull in genpatches-2.6.19-3 for #157186.
444 phreak 1.126
445     17 Dec 2006; Christian Heim <phreak@gentoo.org>
446     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
447     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
448     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
449     hardened-sources-2.6.19-r1.ebuild:
450     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
451     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
452 pappy 1.125
453     *hardened-sources-2.4.33.4 (17 Dec 2006)
454    
455     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
456     +hardened-sources-2.4.33.4.ebuild:
457     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
458     and quilting
459 phreak 1.124
460     *hardened-sources-2.6.19-r1 (14 Dec 2006)
461    
462     14 Dec 2006; Christian Heim <phreak@gentoo.org>
463     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
464     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
465     for reporting).
466 phreak 1.123
467     *hardened-sources-2.6.19 (13 Dec 2006)
468    
469     13 Dec 2006; Christian Heim <phreak@gentoo.org>
470     +hardened-sources-2.6.19.ebuild:
471     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
472     Brad for providing that prompt update.
473 phreak 1.122
474     *hardened-sources-2.6.18-r3 (13 Dec 2006)
475    
476     13 Dec 2006; Christian Heim <phreak@gentoo.org>
477     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
478     +hardened-sources-2.6.18-r3.ebuild:
479     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
480     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
481 phreak 1.121
482     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
483     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
484 nixnut 1.120
485     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
486     Stable on ppc wrt bug 157356
487 opfer 1.119
488     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
489     hardened-sources-2.6.18.ebuild:
490     stable x86, bug #157356
491 phreak 1.118
492     *hardened-sources-2.6.18-r2 (06 Dec 2006)
493    
494     06 Dec 2006; Christian Heim <phreak@gentoo.org>
495     +hardened-sources-2.6.18-r2.ebuild:
496     Revision bump, including 2.6.18.5 (via genpatches) and
497     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
498     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
499     redesign.
500 phreak 1.117
501     06 Dec 2006; Christian Heim <phreak@gentoo.org>
502     hardened-sources-2.6.18.ebuild:
503     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
504     of Mike Doty).
505 phreak 1.116
506     *hardened-sources-2.6.18-r1 (23 Nov 2006)
507    
508     23 Nov 2006; Christian Heim <phreak@gentoo.org>
509     +hardened-sources-2.6.18-r1.ebuild:
510     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
511 phreak 1.115
512     *hardened-sources-2.6.18 (11 Nov 2006)
513    
514     11 Nov 2006; Christian Heim <phreak@gentoo.org>
515     +hardened-sources-2.6.18.ebuild:
516     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
517 solar 1.114
518     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
519     - mark amd64 stable also. bug #151877
520 solar 1.113
521     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
522     - mark 2.6.17-r1 stable
523 phreak 1.112
524     27 Aug 2006; Christian Heim <phreak@gentoo.org>
525     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
526     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
527 phreak 1.111
528     *hardened-sources-2.6.17-r1 (26 Aug 2006)
529    
530     26 Aug 2006; Christian Heim <phreak@gentoo.org>
531     +hardened-sources-2.6.17-r1.ebuild:
532     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
533     grsecurity patch.
534 phreak 1.110
535     *hardened-sources-2.6.17 (17 Aug 2006)
536    
537     17 Aug 2006; Christian Heim <phreak@gentoo.org>
538     +hardened-sources-2.6.17.ebuild:
539     Bumping the hardened-sources-2.6 series to 2.6.17, using
540     genpatches-2.6.17-6.base.
541 solar 1.109
542     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
543     - stable on x86 and amd64
544 solar 1.108
545     *hardened-sources-2.6.16-r11 (15 Jul 2006)
546    
547     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
548     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
549     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
550     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
551     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
552     crusty ebuilds
553 johnm 1.107
554     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
555     hardened-sources-2.6.16-r10.ebuild:
556     marking stable on x86 and amd64
557 solar 1.106
558     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
559     - 2.4.32-r6 stable on x86. RSBAC state unknown
560 kang 1.105
561     *hardened-sources-2.4.32-r7 (10 Jul 2006)
562    
563     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
564     +hardened-sources-2.4.32-r7.ebuild:
565     Bump PaX for RSBAC to test-17
566 johnm 1.104
567     *hardened-sources-2.6.16-r9 (03 Jul 2006)
568    
569     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
570     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
571     hardened-sources-2.6.16 bump to latest -base.
572 solar 1.103
573     *hardened-sources-2.4.32-r6 (30 Jun 2006)
574    
575     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
576     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
577     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
578     sysctl controlable resource logging
579 johnm 1.102
580     *hardened-sources-2.6.16-r7 (05 Jun 2006)
581    
582     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
583     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
584     push new 2.6.16 release in preparation for stable
585 solar 1.101
586     22 May 2006; <solar@gentoo.org> :
587     - redigest bug 134002
588 kang 1.100
589     *hardened-sources-2.4.32-r5 (16 May 2006)
590    
591     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
592     +hardened-sources-2.4.32-r5.ebuild:
593     Fixes rsbac common patching (new patch in new -r5 patchset)
594 solar 1.99
595     *hardened-sources-2.4.32-r4 (13 May 2006)
596    
597     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
598     +hardened-sources-2.4.32-r4.ebuild:
599     - security bumps
600 johnm 1.98
601     *hardened-sources-2.6.16-r6 (03 May 2006)
602    
603     03 May 2006; John Mylchreest <johnm@gentoo.org>
604     +hardened-sources-2.6.16-r6.ebuild:
605     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
606 johnm 1.97
607     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
608     hardened-sources-2.6.14-r8.ebuild:
609     fix x86_64 build problem, this will delay the digest issue again for a short
610     while but it will sort itself out
611 johnm 1.96
612     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
613     hardened-sources-2.6.14-r8.ebuild:
614     bump hardened patchset
615 antarus 1.94
616     27 Apr 2006; Alec Warner <antarus@gentoo.org>
617     files/digest-hardened-sources-2.4.32-r2,
618     files/digest-hardened-sources-2.4.32-r3,
619     files/digest-hardened-sources-2.6.14-r8, Manifest:
620     Fixing duff SHA256 digests: Bug # 131293
621 johnm 1.93
622 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
623    
624     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
625     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
626     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
627     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
628     cleanup of old uneccessary sources
629    
630 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
631     fix digest
632 johnm 1.92
633     *hardened-sources-2.6.14-r8 (20 Apr 2006)
634    
635     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
636     +hardened-sources-2.6.14-r8.ebuild:
637     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
638 johnm 1.91
639     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
640     Turning on gpg-signing again, and recomitting
641 johnm 1.90
642     *hardened-sources-2.6.16-r4 (20 Apr 2006)
643    
644     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
645     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
646     +hardened-sources-2.6.16-r4.ebuild:
647     Fix numerous security vulns
648 solar 1.89
649     *hardened-sources-2.4.32-r3 (16 Apr 2006)
650    
651     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
652     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
653     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
654     - security bump for bug #112791. Removed old ebuilds
655 johnm 1.88
656     *hardened-sources-2.6.16-r3 (15 Apr 2006)
657    
658     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
659     +hardened-sources-2.6.16-r3.ebuild:
660     Removing silly localversion which I missed
661 johnm 1.87
662     *hardened-sources-2.6.14-r7 (14 Apr 2006)
663    
664     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
665     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
666     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
667 johnm 1.86
668     *hardened-sources-2.6.16-r2 (13 Apr 2006)
669    
670     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
671     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
672     +hardened-sources-2.6.16-r2.ebuild:
673     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
674     labels, dropping USERGROUP define fixes, since these were merged mainstream.
675 johnm 1.85
676     *hardened-sources-2.6.16-r1 (11 Apr 2006)
677    
678     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
679     +hardened-sources-2.6.16-r1.ebuild:
680     Bumping to include ppc build fix and 2.6.16.3
681 tsunam 1.84
682     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
683     hardened-sources-2.6.14-r6.ebuild:
684     Stable on x86; bug #127718
685 johnm 1.83
686     *hardened-sources-2.6.16 (31 Mar 2006)
687    
688     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
689     +hardened-sources-2.6.16.ebuild:
690     Bumping to new version of grsec, and kernel base. New squashfs. Based on
691     2.6.16.1
692 cryos 1.82
693     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
694     hardened-sources-2.6.14-r6.ebuild:
695     Stable on amd64, bug 127718.
696 nixnut 1.81
697     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
698     Stable on ppc. Bug #127718
699 johnm 1.80
700     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
701     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
702     -hardened-sources-2.6.14-r4.ebuild:
703     Cleanup.
704 johnm 1.79
705     *hardened-sources-2.6.14-r6 (15 Mar 2006)
706    
707     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
708     +hardened-sources-2.6.14-r6.ebuild:
709     Fixes grsec policy recreation bug and adds a
710     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
711 solar 1.78
712     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
713     - stable on x86
714 hansmi 1.77
715     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
716     hardened-sources-2.6.14-r5.ebuild:
717     Stable on ppc.
718 johnm 1.76
719     *hardened-sources-2.6.14-r5 (01 Feb 2006)
720    
721     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
722     +hardened-sources-2.6.14-r5.ebuild:
723     fixing every known exploit
724 solar 1.75
725     *hardened-sources-2.4.32-r2 (26 Jan 2006)
726    
727     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
728     +hardened-sources-2.4.32-r2.ebuild:
729     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
730 solar 1.74
731     *hardened-sources-2.6.14-r4 (12 Jan 2006)
732    
733     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
734     - version bump for new genpatches which fix up a few sec holes
735 solar 1.73
736     *hardened-sources-2.4.32-r1 (05 Jan 2006)
737    
738     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
739     - revision bump to add misc vital linux kernel security patches.
740 johnm 1.72
741     *hardened-sources-2.6.14-r3 (30 Dec 2005)
742    
743     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
744     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
745     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
746 johnm 1.71
747     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
748     hardened-sources-2.6.14-r2.ebuild:
749     making x86 & amd64 stable following testing.
750 johnm 1.70
751     *hardened-sources-2.6.14-r2 (27 Dec 2005)
752    
753     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
754     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
755     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
756     network hooks.
757 johnm 1.69
758     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
759     hardened-sources-2.6.14-r1.ebuild:
760     bumping to stable early for sec fix on x86 & amd64
761 johnm 1.68
762     *hardened-sources-2.6.14-r1 (05 Dec 2005)
763    
764     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
765     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
766     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
767 solar 1.67
768     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
769     - stable on x86 security bug #114227 CAN-2005-3257
770 kang 1.66
771     *hardened-sources-2.4.32 (19 Nov 2005)
772    
773     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
774     +hardened-sources-2.4.32.ebuild:
775     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
776     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
777     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
778     rsbac >> /etc/portage/package.use)
779 johnm 1.65
780     *hardened-sources-2.6.14 (14 Nov 2005)
781    
782     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
783     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
784     Bumping 2.6 series to 2.6.14.2
785 johnm 1.64
786     *hardened-sources-2.6.13-r2 (20 Oct 2005)
787    
788     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
789     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
790     +hardened-sources-2.6.13-r2.ebuild:
791     Fixes minor build error in ppc.
792 johnm 1.63
793     *hardened-sources-2.6.13-r1 (17 Oct 2005)
794    
795     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
796     +hardened-sources-2.6.13-r1.ebuild:
797     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
798     2.6.13.4, fixes some major amd64 stability problems.
799 johnm 1.62
800     *hardened-sources-2.6.13 (16 Sep 2005)
801    
802     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
803     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
804     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
805     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
806     users should test this thoroughly.
807 solar 1.61
808     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
809     - stable on x86
810 johnm 1.60
811     *hardened-sources-2.6.11-r15 (27 Jun 2005)
812    
813     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
814     +hardened-sources-2.6.11-r15.ebuild:
815     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
816     grsec redefining curr_ip struct.
817 solar 1.59
818     *hardened-sources-2.4.31 (20 Jun 2005)
819    
820     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
821     initial import of 2.4.31 tree
822 johnm 1.58
823     *hardened-sources-2.6.11-r14 (14 Jun 2005)
824    
825     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
826     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
827     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
828     naming scheme to abide by genpatches
829 johnm 1.57
830     *hardened-sources-2.6.11-r13 (18 May 2005)
831    
832     18 May 2005; John Mylchreest <johnm@gentoo.org>
833     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
834     Managed to mangle the Makefile patch from grsec, to miss out the grsec
835     target. sorry about that. Fixes bug #93022
836 johnm 1.56
837     *hardened-sources-2.6.11-r12 (17 May 2005)
838    
839     17 May 2005; John Mylchreest <johnm@gentoo.org>
840     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
841     +hardened-sources-2.6.11-r12.ebuild:
842     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
843     merges in genpatches-base
844 johnm 1.55
845     *hardened-sources-2.6.11-r12 (17 May 2005)
846    
847     17 May 2005; John Mylchreest <johnm@gentoo.org>
848     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
849     +hardened-sources-2.6.11-r12.ebuild:
850     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
851     merges in genpatches-base
852 solar 1.54
853     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
854     -files/2.4.27-cmdline-race.patch,
855     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
856     -files/2.4.28-grsec-binfmt_a.out.patch,
857     -files/2.4.28-grsec-cmdline-race.patch,
858     -files/2.4.28-selinux-binfmt_a.out.patch,
859     -files/2.4.28-selinux-cmdline-race.patch,
860     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
861     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
862     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
863     cleanup..
864 solar 1.53
865     *hardened-sources-2.4.30-r1 (21 Apr 2005)
866    
867     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
868     - disable aout by default
869 solar 1.52
870     *hardened-sources-2.4.30 (18 Apr 2005)
871    
872     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
873     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
874     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
875     use
876 tocharian 1.50
877 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
878    
879     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
880     +hardened-sources-2.4.29.ebuild:
881     New hardened-patches-2.4-29.0 patchball.
882     Removed SELinux support, upgraded GRSecurity to 2.1.4.
883    
884     *hardened-sources-2.4.28-r5 (06 Mar 2005)
885    
886     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
887     +hardened-sources-2.4.28-r5.ebuild:
888     Added a fix for a PaX vulnerability.
889    
890     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
891 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
892     Stable on x86
893 solar 1.49
894     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
895     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
896     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
897     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
898     - fixed/added RDEPEND= in all kernel-2 ebuilds
899 tocharian 1.48
900     *hardened-sources-2.4.28-r4 (21 Jan 2005)
901    
902     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
903     +hardened-sources-2.4.28-r4.ebuild:
904     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
905     backport of neighbour hash updates.
906 tocharian 1.47
907     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
908     hardened-sources-2.4.28-r3.ebuild:
909     Stable on x86
910 tseng 1.46
911     *hardened-sources-2.6.10-r3 (20 Jan 2005)
912    
913     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
914     +hardened-sources-2.6.10-r3.ebuild:
915     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
916     in 2005.0
917 tocharian 1.45
918     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
919     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
920     hardened-sources-2.4.28-r2.ebuild:
921     Mark stable on x86
922 tocharian 1.44
923     *hardened-sources-2.4.28-r3 (17 Jan 2005)
924    
925     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
926     +hardened-sources-2.4.28-r3.ebuild:
927     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
928 tocharian 1.43
929     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
930     hardened-sources-2.4.28.ebuild:
931     Mark stable on x86.
932 tocharian 1.42
933     *hardened-sources-2.4.28-r2 (13 Jan 2005)
934    
935     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
936     +hardened-sources-2.4.28-r2.ebuild:
937     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
938     Mazinger for grsecurity patches as well.
939 plasmaroo 1.41
940     *hardened-sources-2.4.28-r1 (23 Dec 2004)
941    
942     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
943     Security bump. Thank tocharian for rolling a new patchset...
944 solar 1.40
945     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
946     +files/2.4.28-grsec-cmdline-race.patch,
947     +files/2.4.28-selinux-binfmt_a.out.patch,
948     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
949     - Round up remaining security patches that appear to be missing in 2.4.28. -
950     PaX standalone updated to current. hgpv=28.1
951 solar 1.39
952     *hardened-sources-2.4.28 (28 Nov 2004)
953    
954     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
955     security bump. Thank tocharian for rolling a new patchset
956 scox 1.31
957 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
958    
959     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
960     +hardened-sources-2.4.27-r3.ebuild:
961     Applies the new 2.4-27.2 patchball which updates
962     GRSecurity to the 2.0.1 version.
963    
964 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
965    
966     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
967     +hardened-sources-2.4.27-r2.ebuild:
968     Version bump.
969     This version uses the new 2.4-27.1 patchball which updates
970     both the SELinux PaX hooks patch and the SELinux headers.
971    
972 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
973    
974     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
975     +hardened-sources-2.4.27-r1.ebuild,
976     -hardened-sources-2.4.27.ebuild,
977     +files/2.4.27-cmdline-race.patch:
978     Version bump, fix for cmdline race. See bug #59905.
979    
980     *hardened-sources-2.4.26-r6 (09 Aug 2004)
981    
982     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
983     +hardened-sources-2.4.26-r6.ebuild,
984     -hardened-sources-2.4.26-r5.ebuild,
985     -hardened-sources-2.4.26-r4.ebuild,
986     +files/2.4.26-cmdline-race.patch:
987     Version bump, fix for cmdline race. See bug #59905.
988    
989 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
990    
991     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
992     +hardened-sources-2.4.27.ebuild,
993     +files/2.4.27-CAN-2004-0394.patch:
994     Ported the patchball to the 2.4.27 kernel version.
995    
996 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
997    
998     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
999     +hardened-sources-2.4.26-r5.ebuild:
1000 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1001 scox 1.34 It adds the following features:
1002     - Squashfs
1003     - Ebtables
1004     - Netdev random (core+drivers)
1005     - Watchdog Timer (WDT) fix.
1006    
1007 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1008    
1009     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1010     +hardened-sources-2.4.26-r4.ebuild,
1011     +files/2.4.26-CAN-2004-0415.patch,
1012     -hardened-sources-2.4.26-3:
1013     Version bump, fix for CAN 0415, see bug #59378.
1014    
1015 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1016    
1017     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1018     +hardened-sources-2.4.26-r3.ebuild,
1019     +files/2.4.26-CAN-2004-0497.patch,
1020     -hardened-sources-2.4.26-r2.ebuild:
1021     Version bump, fixed CAN 0497, see bug #56171.
1022    
1023 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1024    
1025     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1026 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1027 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1028     +files/2.4.26-CAN-2004-0535.patch,
1029     -hardened-sources-2.4.26-r1.ebuild:
1030     Fixes for both CAN 0495 and 0535, see bug #54976
1031 pvdabeel 1.27
1032 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1033     hardened-sources-2.4.26-r1.ebuild:
1034     QA - fix use invocation
1035 scox 1.28
1036     *hardened-sources-2.4.26-r1 (22 June 2004)
1037    
1038     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1039     +hardened-sources-2.4.26-r1.ebuild,
1040     +files/2.4.26-CAN-2004-0394.patch,
1041     +files/2.4.26-signal-race.patch,
1042     -hardened-sources-2.4.26.ebuild,
1043     -hardened-sources-2.4.24-r3.ebuild:
1044     Version bump for the CAN-2004-0394 issue and bug #53804
1045     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1046    
1047    
1048 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1049     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1050     Masked hardened-sources-2.4.26.ebuild broken for ppc
1051    
1052     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1053     hardened-sources-2.4.24-r3.ebuild:
1054     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1055 plasmaroo 1.25
1056 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1057    
1058     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1059     +hardened-sources-2.4.26.ebuild:
1060     Updated hardened-sources for the 2.4.26 kernel
1061     Removed broken components, updated almost everything.
1062    
1063 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1064    
1065     17 Apr 2004; <plasmaroo@gentoo.org>
1066     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1067     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1068     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1069     +hardened-sources-2.4.24-r3.ebuild:
1070     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1071     vulnerabilities. Old revisions removed.
1072 plasmaroo 1.24
1073     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1074    
1075     15 Apr 2004; <plasmaroo@gentoo.org>
1076     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1077     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1078     Version bump for the CAN-2004-0109 issue; bug #47881.
1079 aliz 1.23
1080     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1081     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1082     Add eutils to inherit.
1083 plasmaroo 1.22
1084     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1085    
1086     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1087     files/hardened-sources-2.4.24.munmap.patch:
1088     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1089 scox 1.19
1090 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1091 scox 1.26
1092 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1093     hardened-sources-2.4.24.ebuild:
1094     Version bump, updated most of the components.
1095     This release includes the following:
1096    
1097     - Hardened security
1098     - Netfilter patch-o-matic 20031219
1099     - FreeSWAN 2.04 & x509 1.4.8
1100     - EVMS 2.2.2
1101     - XFS 1.3.1
1102     - cryptoloop jari
1103     - grsecurity 2.0-rc4
1104     - SELinux
1105     - PaX 200402060000
1106     - PaX Obscurity 200308302223
1107     - Others...
1108    
1109     Neither -ck nor systrace are included anymore.
1110    
1111 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1112    
1113     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1114     hardened-sources-2.4.22-r2.ebuild:
1115 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1116 scox 1.19
1117     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1118 iggy 1.17
1119     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1120 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1121 iggy 1.16
1122     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1123 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1124     Version bump for the 'do_brk' vulnerability.
1125 iggy 1.15
1126     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1127     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1128     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1129     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1130 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1131 frogger 1.14
1132     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1133     hardened-sources-2.4.22.ebuild:
1134 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1135     components. These are no longer handled in the kernel
1136     so this code was not necessary.
1137 frogger 1.13
1138     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1139     New 2.4.22 based hardened-sources thanks to
1140     Phil West <p.west@computer.org>.
1141    
1142     These sources include:
1143 plasmaroo 1.18 - New SELinux API
1144     - Updated CK-base
1145     - Updated GRSec
1146     - Systrace
1147     - SuperFreeS/WAN 1.99.8
1148     - Propolice kernel build support
1149     - EVMS
1150     - Other various security related patches
1151 frogger 1.11
1152 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1153    
1154     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1155     Updated hardened-sources based on the 2.4.21 Linux kernel.
1156     This includes updates to most major components such as:
1157 plasmaroo 1.18 - ck-base-0306300059
1158     - selinux-2.4-2003071106
1159     - grsecurity-2.0-rc1
1160     - Updated IPTables patch-o-matic
1161     - Updated SuperFreeS/WAN
1162    
1163 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1164     updated patch set ready for the 2.4.21 based kernel.
1165    
1166 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1167     Initial import of hardened-sources-2.4.20-r4. This revision
1168     includes only a few changes, but one of these is an important
1169     security fix. It is recommended all users of hardened-sources
1170     upgrade to this release.
1171 plasmaroo 1.18
1172 frogger 1.11 - ioperm bug fix
1173     - fixed compilation failure when building without GRSec
1174 plasmaroo 1.18
1175 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1176     due to time constraints, but is planned for inclusion in the near
1177     future.
1178 msterret 1.10
1179     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1180    
1181     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1182     hardened-sources-2.4.20-r3.ebuild:
1183 plasmaroo 1.18 Add Header...
1184 frogger 1.9
1185     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1186     hardened-sources-2.4.20-r3.ebuild:
1187     Removed warnings from ebuild. This kernel should be safe to
1188     use at this point.
1189 frogger 1.8
1190     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1191    
1192     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1193     hardened-sources-2.4.20-r3.ebuild:
1194     New revision. Includes the following changes over -r2:
1195 plasmaroo 1.18
1196 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1197     - Super FreeS/WAN 1.99.7rc2
1198     - PaX for the LSM/SELinux branch
1199     - GRSecurity 2.0-pre4 (role based access control)
1200     - Systrace 1.3
1201     - EXT3 fixes
1202     - EVMS 2.0.1
1203     - GCC 3.1+ compile optimizations
1204     - ProPolice kernel build support
1205     - Hashing table security fixes
1206 frogger 1.3
1207     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1208 frogger 1.7
1209     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1210     Initial import of hardened-sources-r2. This new
1211     ebuild includes many new performance and security
1212     related patches. As in -r1, it will patch in
1213     LSM/SELinux if "selinux" is in USE, otherwise it
1214     will patch in GRSecurity. The following patches
1215     are included in this revision:
1216 plasmaroo 1.18
1217 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1218     (pulled from the base CK patch)
1219     - ptrace exploit patch for the LSM kernel
1220     (the GRSec patch already fixes this)
1221     - LSM 2.4-2003040709
1222     - SELinux 2.4-2003040709
1223     - Systrace v1.2
1224     - IPTables patch-o-matic base patches - 20030107
1225     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1226     - Super FreeS/WAN 1.99.6.1
1227     - GRSecurity 1.9.9g
1228     - MPPE
1229     - EXT3 data journal fix
1230     - CIPE 1.5.4
1231 frogger 1.6
1232     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1233     hardened-sources-2.4.20-r1.ebuild, manifest:
1234 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1235 frogger 1.5
1236     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1237     hardened-sources-2.4.20-r1.ebuild:
1238     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1239     is patched in instead. Ptrace patches for selinux have also been added. In
1240     either case, systrace support will be patched in as well.
1241 frogger 1.3
1242     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1243     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1244 plasmaroo 1.18 Revision bump for new sources.
1245 frogger 1.4
1246 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1247 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1248 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1249 method 1.1
1250 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1251    
1252 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1253     hardened-sources-2.4.20.ebuild:
1254 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20