/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.205 - (hide annotations) (download)
Fri Jan 25 22:36:01 2008 UTC (6 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.204: +5 -1 lines
Cleaning up old versions.
(Portage version: 2.1.3.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.205 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.204 2008/01/25 22:32:16 phreak Exp $
4    
5     25 Jan 2008; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.6.22-r8.ebuild:
7     Cleaning up old versions.
8 phreak 1.204
9     *hardened-sources-2.6.23-r6 (25 Jan 2008)
10    
11     25 Jan 2008; Christian Heim <phreak@gentoo.org>
12     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
13     Revision bump, pulling in the latest genpatches.
14 phreak 1.203
15     *hardened-sources-2.6.23-r5 (24 Dec 2007)
16    
17     24 Dec 2007; Christian Heim <phreak@gentoo.org>
18     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
19     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
20     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
21     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
22 phreak 1.202
23     24 Dec 2007; Christian Heim <phreak@gentoo.org>
24     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
25     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
26     -hardened-sources-2.6.23-r3.ebuild:
27     Cleaning out some unused, old versions.
28 phreak 1.201
29     24 Dec 2007; Christian Heim <phreak@gentoo.org>
30     hardened-sources-2.6.23-r4.ebuild:
31     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
32     in the tree for long, but there isn't much of a difference between this and
33     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
34 phreak 1.200
35     *hardened-sources-2.6.23-r4 (23 Dec 2007)
36    
37     23 Dec 2007; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.23-r4.ebuild:
39     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
40 phreak 1.199
41     *hardened-sources-2.6.23-r3 (04 Dec 2007)
42    
43     04 Dec 2007; Christian Heim <phreak@gentoo.org>
44     +hardened-sources-2.6.23-r3.ebuild:
45     Revision bump, pulling in 2.6.23.9.
46 phreak 1.198
47     *hardened-sources-2.6.23-r2 (25 Nov 2007)
48    
49     25 Nov 2007; Christian Heim <phreak@gentoo.org>
50     +hardened-sources-2.6.23-r2.ebuild:
51     Updated patchset, thanks to solar.
52 phreak 1.197
53     *hardened-sources-2.6.23-r1 (31 Oct 2007)
54    
55     31 Oct 2007; Christian Heim <phreak@gentoo.org>
56     +hardened-sources-2.6.23-r1.ebuild:
57     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
58 solar 1.196
59     29 Oct 2007; <solar@gentoo.org> metadata.xml:
60     - update metadata.xml
61 phreak 1.195
62     25 Oct 2007; Christian Heim <phreak@gentoo.org>
63     hardened-sources-2.6.22-r8.ebuild:
64     Marking 2.6.22-r8 stable on amd64 and x86.
65 phreak 1.194
66     21 Oct 2007; Christian Heim <phreak@gentoo.org>
67     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
68     -hardened-sources-2.6.21-r4.ebuild:
69     Removing old ebuilds.
70 phreak 1.193
71     *hardened-sources-2.4.35-r2 (21 Oct 2007)
72    
73     21 Oct 2007; Christian Heim <phreak@gentoo.org>
74     +hardened-sources-2.4.35-r2.ebuild:
75     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
76     patches.
77 phreak 1.192
78     *hardened-sources-2.6.22-r8 (21 Oct 2007)
79    
80     21 Oct 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.22-r8.ebuild:
82     Yet another new patch, hopefully fixing the remaining issues we had w/
83     2.6.22. Candidate for stabling.
84 phreak 1.191
85     *hardened-sources-2.6.23 (13 Oct 2007)
86    
87     13 Oct 2007; Christian Heim <phreak@gentoo.org>
88     +hardened-sources-2.6.23.ebuild:
89     Initial hardened-sources-2.6.23. If people still have problems w/ bug
90     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
91 phreak 1.190
92     11 Oct 2007; Christian Heim <phreak@gentoo.org>
93     hardened-sources-2.6.20-r10.ebuild:
94     Pulling in yet another new genpatches version, fixing the PWC bug for real.
95 phreak 1.189
96     04 Oct 2007; Christian Heim <phreak@gentoo.org>
97     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
98     Removing old versions.
99 phreak 1.188
100     *hardened-sources-2.6.22-r7 (01 Oct 2007)
101    
102     01 Oct 2007; Christian Heim <phreak@gentoo.org>
103     +hardened-sources-2.6.22-r7.ebuild:
104     Revision bump, pulling in a newer patch. Should fix #194276.
105 phreak 1.187
106     30 Sep 2007; Christian Heim <phreak@gentoo.org>
107     hardened-sources-2.6.20-r10.ebuild:
108     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
109     Mike Doty).
110 phreak 1.186
111     *hardened-sources-2.6.22-r6 (26 Sep 2007)
112    
113     26 Sep 2007; Christian Heim <phreak@gentoo.org>
114     +hardened-sources-2.6.22-r6.ebuild:
115     Revision bump, grabbing up till Linux 2.6.22.9.
116 phreak 1.185
117     24 Sep 2007; Christian Heim <phreak@gentoo.org>
118     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
119     Cleaning up further.
120 phreak 1.184
121     *hardened-sources-2.6.20-r10 (24 Sep 2007)
122    
123     24 Sep 2007; Christian Heim <phreak@gentoo.org>
124     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
125     +hardened-sources-2.6.20-r10.ebuild:
126     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
127     revisions.
128 phreak 1.183
129     *hardened-sources-2.6.22-r5 (22 Sep 2007)
130    
131     22 Sep 2007; Christian Heim <phreak@gentoo.org>
132     +hardened-sources-2.6.22-r5.ebuild:
133     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
134 phreak 1.182
135     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
136     Removing johnm from metadata.xml (see #186467 for reference).
137 phreak 1.181
138     *hardened-sources-2.6.22-r4 (17 Sep 2007)
139    
140     17 Sep 2007; Christian Heim <phreak@gentoo.org>
141     +hardened-sources-2.6.22-r4.ebuild:
142     Revision bump, hopefully fixing all those weird PAX failures.
143 phreak 1.180
144     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
145     Updating the metadata.xml.
146 phreak 1.179
147     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
148     Removing tocharian from metadata due to his retirement (see #71718 for
149     reference).
150 phreak 1.178
151     *hardened-sources-2.6.20-r9 (30 Aug 2007)
152    
153     30 Aug 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.6.20-r9.ebuild:
155     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
156 phreak 1.177
157     29 Aug 2007; Christian Heim <phreak@gentoo.org>
158     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
159     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
160     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
161     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
162     -hardened-sources-2.6.22-r2.ebuild:
163     Removing some redundant versions.
164 phreak 1.176
165     *hardened-sources-2.4.35-r1 (29 Aug 2007)
166    
167     29 Aug 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.4.35-r1.ebuild:
169     Revision bump, new grsecurity patch.
170 phreak 1.175
171     *hardened-sources-2.6.20-r8 (26 Aug 2007)
172    
173     26 Aug 2007; Christian Heim <phreak@gentoo.org>
174     +hardened-sources-2.6.20-r8.ebuild:
175     Revision bump for Linux 2.6.20.17.
176 phreak 1.174
177     *hardened-sources-2.6.22-r3 (22 Aug 2007)
178    
179     22 Aug 2007; Christian Heim <phreak@gentoo.org>
180     +hardened-sources-2.6.22-r3.ebuild:
181     Revision bump for Linux 2.6.22.4.
182 phreak 1.173
183     16 Aug 2007; Christian Heim <phreak@gentoo.org>
184     hardened-sources-2.6.22-r2.ebuild:
185     Updated patchset, to fix the alignment against 2.6.22.3.
186 phreak 1.172
187     *hardened-sources-2.6.22-r2 (16 Aug 2007)
188    
189     16 Aug 2007; Christian Heim <phreak@gentoo.org>
190     +hardened-sources-2.6.22-r2.ebuild:
191     Revision bump for Linux 2.6.22.3.
192 phreak 1.171
193     *hardened-sources-2.4.35 (16 Aug 2007)
194    
195     16 Aug 2007; Christian Heim <phreak@gentoo.org>
196     +hardened-sources-2.4.35.ebuild:
197     Version bump, initial version for Linux 2.4.35.
198 phreak 1.170
199     *hardened-sources-2.6.21-r4 (16 Aug 2007)
200    
201     16 Aug 2007; Christian Heim <phreak@gentoo.org>
202     +hardened-sources-2.6.21-r4.ebuild:
203     Revision bump for Linux 2.6.21.6.
204 phreak 1.169
205     *hardened-sources-2.6.20-r7 (16 Aug 2007)
206    
207     16 Aug 2007; Christian Heim <phreak@gentoo.org>
208     +hardened-sources-2.6.20-r7.ebuild:
209     Revision bump for Linux 2.6.20.16.
210 phreak 1.168
211     *hardened-sources-2.6.22-r1 (13 Aug 2007)
212    
213     13 Aug 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.22-r1.ebuild:
215     Yet another revision bump.
216 phreak 1.167
217     *hardened-sources-2.6.22 (10 Aug 2007)
218    
219     10 Aug 2007; Christian Heim <phreak@gentoo.org>
220     +hardened-sources-2.6.22.ebuild:
221     Initial release for 2.6.22. If you are using hardened-sources on a desktop
222     machine (P4 or newer), be aware you might need to disable
223     CONFIG_PAX_PAGEEXEC.
224 phreak 1.166
225     04 Aug 2007; Christian Heim <phreak@gentoo.org>
226     hardened-sources-2.6.20-r6.ebuild:
227     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
228     2.6.20.15.
229 phreak 1.165
230     10 Jul 2007; Christian Heim <phreak@gentoo.org>
231     hardened-sources-2.6.20-r5.ebuild:
232     Marking hardened-sources-2.6.20-r5 stable on ppc.
233 phreak 1.164
234     10 Jul 2007; Christian Heim <phreak@gentoo.org>
235     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
236     Cleanup.
237 phreak 1.163
238     *hardened-sources-2.6.20-r6 (08 Jul 2007)
239    
240     08 Jul 2007; Christian Heim <phreak@gentoo.org>
241     +hardened-sources-2.6.20-r6.ebuild:
242     Revision bump, grabbing yet another stable release.
243 phreak 1.162
244     17 Jun 2007; Christian Heim <phreak@gentoo.org>
245     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
246     -hardened-sources-2.6.21-r2.ebuild:
247     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
248     alpha stable KEYWORD by mistake.
249 phreak 1.161
250     17 Jun 2007; Christian Heim <phreak@gentoo.org>
251     hardened-sources-2.6.20-r5.ebuild:
252     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
253     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
254 phreak 1.160
255     *hardened-sources-2.6.21-r3 (12 Jun 2007)
256    
257     12 Jun 2007; Christian Heim <phreak@gentoo.org>
258     +hardened-sources-2.6.21-r3.ebuild:
259     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
260     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
261     love.
262 phreak 1.159
263     *hardened-sources-2.6.20-r5 (11 Jun 2007)
264    
265     11 Jun 2007; Christian Heim <phreak@gentoo.org>
266     +hardened-sources-2.6.20-r5.ebuild:
267     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
268     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
269     love.
270 pappy 1.158
271     *hardened-sources-2.4.34.5 (11 Jun 2007)
272    
273     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
274     +hardened-sources-2.4.34.5.ebuild:
275     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
276 phreak 1.157
277     30 May 2007; Christian Heim <phreak@gentoo.org>
278     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
279     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
280     stale ebuild(s).
281 phreak 1.156
282     30 May 2007; Christian Heim <phreak@gentoo.org>
283     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
284     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
285     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
286     Doing some cleanups, remove stale ebuilds.
287 phreak 1.155
288     26 May 2007; Christian Heim <phreak@gentoo.org>
289     hardened-sources-2.6.21-r2.ebuild:
290     Fixing the grsecurity patch, had one '};' too much.
291 phreak 1.154
292     *hardened-sources-2.6.21-r2 (26 May 2007)
293    
294     26 May 2007; Christian Heim <phreak@gentoo.org>
295     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
296     +hardened-sources-2.6.21-r2.ebuild:
297     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
298     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
299 phreak 1.153
300     *hardened-sources-2.6.20-r4 (26 May 2007)
301    
302     26 May 2007; Christian Heim <phreak@gentoo.org>
303     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
304     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
305 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
306 phreak 1.152
307     15 May 2007; Christian Heim <phreak@gentoo.org>
308     hardened-sources-2.6.20-r3.ebuild:
309     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
310     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
311     grsecurity patch fail in that exact same hunk.
312 phreak 1.151
313     *hardened-sources-2.6.20-r3 (15 May 2007)
314    
315     15 May 2007; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
317     Revision bump, incorporating Linux 2.6.20.11.
318    
319     *hardened-sources-2.6.21-r1 (11 May 2007)
320    
321     11 May 2007; Christian Heim <phreak@gentoo.org>
322     +hardened-sources-2.6.21-r1.ebuild:
323     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
324     mentioned in #177234.
325 kevquinn 1.150
326     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
327     files/digest-hardened-sources-2.6.21, Manifest:
328     Fix Manifest/digest for linux-2.6.21.tar.bz2
329 phreak 1.149
330     06 May 2007; Christian Heim <phreak@gentoo.org>
331     hardened-sources-2.6.21.ebuild:
332     Bumping the hardened-patches version, needed for the fix for #177234.
333 phreak 1.148
334     *hardened-sources-2.6.21 (02 May 2007)
335    
336     02 May 2007; Christian Heim <phreak@gentoo.org>
337     +hardened-sources-2.6.21.ebuild:
338     Version bump, Linux 2.6.21-hardened.
339 phreak 1.147
340     29 Apr 2007; Christian Heim <phreak@gentoo.org>
341     hardened-sources-2.6.20-r2.ebuild:
342     Adding ~ia64 on Ned's request.
343 phreak 1.146
344     29 Apr 2007; Christian Heim <phreak@gentoo.org>
345     hardened-sources-2.6.20-r2.ebuild:
346     Fixing the included grsecurity patch, wasn't alligning due to the Index:
347     header line(s).
348 phreak 1.145
349     29 Apr 2007; Christian Heim <phreak@gentoo.org>
350     hardened-sources-2.6.20-r2.ebuild:
351     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
352 armin76 1.144
353     *hardened-sources-2.6.20-r2 (10 Apr 2007)
354    
355     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
356     +hardened-sources-2.6.20-r2.ebuild:
357     Version bump, on behalf of phreak
358 phreak 1.143
359     *hardened-sources-2.6.20-r1 (04 Apr 2007)
360    
361     04 Apr 2007; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.20-r1.ebuild:
363     Revision bump, grabbing a newer grsecurity snapshot.
364 phreak 1.142
365     *hardened-sources-2.6.20 (25 Mar 2007)
366    
367     25 Mar 2007; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.6.20.ebuild:
369     Finally a hardened-sources version for 2.6.20; many people have been waiting
370     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
371     testbox.
372 chainsaw 1.141
373     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
374     hardened-sources-2.6.18-r6.ebuild:
375     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
376 phreak 1.140
377     *hardened-sources-2.6.18-r6 (16 Mar 2007)
378    
379     16 Mar 2007; Christian Heim <phreak@gentoo.org>
380     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
381     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
382     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
383     supposed to be.
384 phreak 1.139
385     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
386     Fixing the Manifest, the previous one was broken (as in still had the
387     deleted ebuild in it).
388 phreak 1.138
389     06 Mar 2007; Christian Heim <phreak@gentoo.org>
390     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
391     +hardened-sources-2.6.18-r5.ebuild:
392     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
393     Linux 2.6.18.8. Also cleaning up the older version.
394    
395     *hardened-sources-2.6.18-r5 (06 Mar 2007)
396    
397     06 Mar 2007; Christian Heim <phreak@gentoo.org>
398     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
399     +hardened-sources-2.6.18-r5.ebuild:
400     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
401     Linux 2.6.18.8. Also cleaning up the older version.
402 phreak 1.137
403     24 Feb 2007; Christian Heim <phreak@gentoo.org>
404     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
405     -hardened-sources-2.6.19-r5.ebuild:
406     Removing some of the old version, that didn't work.
407 phreak 1.136
408     *hardened-sources-2.6.19-r6 (12 Feb 2007)
409    
410     12 Feb 2007; Christian Heim <phreak@gentoo.org>
411     +hardened-sources-2.6.19-r6.ebuild:
412     Revision bump, including a new grsec version fixing #166235.
413 pappy 1.134
414     *hardened-sources-2.4.34 (24 Jan 2007)
415    
416     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
417 pappy 1.135 Manifest:
418     updating Manifest with checksums of new tarball and ebuild
419    
420     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
421 pappy 1.134 +hardened-sources-2.4.34.ebuild:
422     I added new hardened sources 2.4 update, this is a critical path
423     security bugfix - all users of h-s are strongly advised
424     to update their existing hardened sources to this version.
425     It contains a fix for a kernel vulnerability that is pertaining
426     to the PaX changes to virtual memory management, possibly leading
427     to a local kernel exploit ... see grsecurity.net forums and homepage
428 phreak 1.133
429     23 Jan 2007; Christian Heim <phreak@gentoo.org>
430     files/digest-hardened-sources-2.6.19-r5, Manifest:
431     Fixing the patch-tarball digest.
432 phreak 1.132
433     *hardened-sources-2.6.19-r5 (23 Jan 2007)
434    
435     23 Jan 2007; Christian Heim <phreak@gentoo.org>
436     +hardened-sources-2.6.19-r5.ebuild:
437     Revision bump, closing the recently discovered PaX expand_stack()
438     vulnerability.
439 phreak 1.131
440     *hardened-sources-2.6.19-r4 (14 Jan 2007)
441    
442     14 Jan 2007; Christian Heim <phreak@gentoo.org>
443     +hardened-sources-2.6.19-r4.ebuild:
444     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
445     dropping the randomized PID feature.
446 opfer 1.130
447     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
448     hardened-sources-2.4.33.4.ebuild:
449     stable x86, bug #161171
450 phreak 1.129
451     *hardened-sources-2.6.19-r3 (27 Dec 2006)
452    
453     27 Dec 2006; Christian Heim <phreak@gentoo.org>
454     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
455     Revision bump for bug #157186 and #158786.
456 phreak 1.128
457     *hardened-sources-2.6.18-r4 (27 Dec 2006)
458    
459     27 Dec 2006; Christian Heim <phreak@gentoo.org>
460     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
461     Revision bump for bug #157186.
462 phreak 1.127
463     *hardened-sources-2.6.19-r2 (23 Dec 2006)
464    
465     23 Dec 2006; Christian Heim <phreak@gentoo.org>
466     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
467     Revision bump to pull in genpatches-2.6.19-3 for #157186.
468 phreak 1.126
469     17 Dec 2006; Christian Heim <phreak@gentoo.org>
470     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
471     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
472     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
473     hardened-sources-2.6.19-r1.ebuild:
474     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
475     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
476 pappy 1.125
477     *hardened-sources-2.4.33.4 (17 Dec 2006)
478    
479     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
480     +hardened-sources-2.4.33.4.ebuild:
481     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
482     and quilting
483 phreak 1.124
484     *hardened-sources-2.6.19-r1 (14 Dec 2006)
485    
486     14 Dec 2006; Christian Heim <phreak@gentoo.org>
487     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
488     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
489     for reporting).
490 phreak 1.123
491     *hardened-sources-2.6.19 (13 Dec 2006)
492    
493     13 Dec 2006; Christian Heim <phreak@gentoo.org>
494     +hardened-sources-2.6.19.ebuild:
495     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
496     Brad for providing that prompt update.
497 phreak 1.122
498     *hardened-sources-2.6.18-r3 (13 Dec 2006)
499    
500     13 Dec 2006; Christian Heim <phreak@gentoo.org>
501     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
502     +hardened-sources-2.6.18-r3.ebuild:
503     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
504     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
505 phreak 1.121
506     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
507     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
508 nixnut 1.120
509     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
510     Stable on ppc wrt bug 157356
511 opfer 1.119
512     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
513     hardened-sources-2.6.18.ebuild:
514     stable x86, bug #157356
515 phreak 1.118
516     *hardened-sources-2.6.18-r2 (06 Dec 2006)
517    
518     06 Dec 2006; Christian Heim <phreak@gentoo.org>
519     +hardened-sources-2.6.18-r2.ebuild:
520     Revision bump, including 2.6.18.5 (via genpatches) and
521     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
522     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
523     redesign.
524 phreak 1.117
525     06 Dec 2006; Christian Heim <phreak@gentoo.org>
526     hardened-sources-2.6.18.ebuild:
527     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
528     of Mike Doty).
529 phreak 1.116
530     *hardened-sources-2.6.18-r1 (23 Nov 2006)
531    
532     23 Nov 2006; Christian Heim <phreak@gentoo.org>
533     +hardened-sources-2.6.18-r1.ebuild:
534     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
535 phreak 1.115
536     *hardened-sources-2.6.18 (11 Nov 2006)
537    
538     11 Nov 2006; Christian Heim <phreak@gentoo.org>
539     +hardened-sources-2.6.18.ebuild:
540     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
541 solar 1.114
542     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
543     - mark amd64 stable also. bug #151877
544 solar 1.113
545     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
546     - mark 2.6.17-r1 stable
547 phreak 1.112
548     27 Aug 2006; Christian Heim <phreak@gentoo.org>
549     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
550     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
551 phreak 1.111
552     *hardened-sources-2.6.17-r1 (26 Aug 2006)
553    
554     26 Aug 2006; Christian Heim <phreak@gentoo.org>
555     +hardened-sources-2.6.17-r1.ebuild:
556     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
557     grsecurity patch.
558 phreak 1.110
559     *hardened-sources-2.6.17 (17 Aug 2006)
560    
561     17 Aug 2006; Christian Heim <phreak@gentoo.org>
562     +hardened-sources-2.6.17.ebuild:
563     Bumping the hardened-sources-2.6 series to 2.6.17, using
564     genpatches-2.6.17-6.base.
565 solar 1.109
566     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
567     - stable on x86 and amd64
568 solar 1.108
569     *hardened-sources-2.6.16-r11 (15 Jul 2006)
570    
571     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
572     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
573     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
574     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
575     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
576     crusty ebuilds
577 johnm 1.107
578     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
579     hardened-sources-2.6.16-r10.ebuild:
580     marking stable on x86 and amd64
581 solar 1.106
582     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
583     - 2.4.32-r6 stable on x86. RSBAC state unknown
584 kang 1.105
585     *hardened-sources-2.4.32-r7 (10 Jul 2006)
586    
587     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
588     +hardened-sources-2.4.32-r7.ebuild:
589     Bump PaX for RSBAC to test-17
590 johnm 1.104
591     *hardened-sources-2.6.16-r9 (03 Jul 2006)
592    
593     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
594     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
595     hardened-sources-2.6.16 bump to latest -base.
596 solar 1.103
597     *hardened-sources-2.4.32-r6 (30 Jun 2006)
598    
599     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
600     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
601     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
602     sysctl controlable resource logging
603 johnm 1.102
604     *hardened-sources-2.6.16-r7 (05 Jun 2006)
605    
606     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
607     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
608     push new 2.6.16 release in preparation for stable
609 solar 1.101
610     22 May 2006; <solar@gentoo.org> :
611     - redigest bug 134002
612 kang 1.100
613     *hardened-sources-2.4.32-r5 (16 May 2006)
614    
615     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
616     +hardened-sources-2.4.32-r5.ebuild:
617     Fixes rsbac common patching (new patch in new -r5 patchset)
618 solar 1.99
619     *hardened-sources-2.4.32-r4 (13 May 2006)
620    
621     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
622     +hardened-sources-2.4.32-r4.ebuild:
623     - security bumps
624 johnm 1.98
625     *hardened-sources-2.6.16-r6 (03 May 2006)
626    
627     03 May 2006; John Mylchreest <johnm@gentoo.org>
628     +hardened-sources-2.6.16-r6.ebuild:
629     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
630 johnm 1.97
631     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
632     hardened-sources-2.6.14-r8.ebuild:
633     fix x86_64 build problem, this will delay the digest issue again for a short
634     while but it will sort itself out
635 johnm 1.96
636     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
637     hardened-sources-2.6.14-r8.ebuild:
638     bump hardened patchset
639 antarus 1.94
640     27 Apr 2006; Alec Warner <antarus@gentoo.org>
641     files/digest-hardened-sources-2.4.32-r2,
642     files/digest-hardened-sources-2.4.32-r3,
643     files/digest-hardened-sources-2.6.14-r8, Manifest:
644     Fixing duff SHA256 digests: Bug # 131293
645 johnm 1.93
646 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
647    
648     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
649     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
650     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
651     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
652     cleanup of old uneccessary sources
653    
654 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
655     fix digest
656 johnm 1.92
657     *hardened-sources-2.6.14-r8 (20 Apr 2006)
658    
659     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
660     +hardened-sources-2.6.14-r8.ebuild:
661     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
662 johnm 1.91
663     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
664     Turning on gpg-signing again, and recomitting
665 johnm 1.90
666     *hardened-sources-2.6.16-r4 (20 Apr 2006)
667    
668     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
669     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
670     +hardened-sources-2.6.16-r4.ebuild:
671     Fix numerous security vulns
672 solar 1.89
673     *hardened-sources-2.4.32-r3 (16 Apr 2006)
674    
675     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
676     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
677     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
678     - security bump for bug #112791. Removed old ebuilds
679 johnm 1.88
680     *hardened-sources-2.6.16-r3 (15 Apr 2006)
681    
682     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
683     +hardened-sources-2.6.16-r3.ebuild:
684     Removing silly localversion which I missed
685 johnm 1.87
686     *hardened-sources-2.6.14-r7 (14 Apr 2006)
687    
688     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
689     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
690     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
691 johnm 1.86
692     *hardened-sources-2.6.16-r2 (13 Apr 2006)
693    
694     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
695     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
696     +hardened-sources-2.6.16-r2.ebuild:
697     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
698     labels, dropping USERGROUP define fixes, since these were merged mainstream.
699 johnm 1.85
700     *hardened-sources-2.6.16-r1 (11 Apr 2006)
701    
702     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
703     +hardened-sources-2.6.16-r1.ebuild:
704     Bumping to include ppc build fix and 2.6.16.3
705 tsunam 1.84
706     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
707     hardened-sources-2.6.14-r6.ebuild:
708     Stable on x86; bug #127718
709 johnm 1.83
710     *hardened-sources-2.6.16 (31 Mar 2006)
711    
712     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
713     +hardened-sources-2.6.16.ebuild:
714     Bumping to new version of grsec, and kernel base. New squashfs. Based on
715     2.6.16.1
716 cryos 1.82
717     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
718     hardened-sources-2.6.14-r6.ebuild:
719     Stable on amd64, bug 127718.
720 nixnut 1.81
721     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
722     Stable on ppc. Bug #127718
723 johnm 1.80
724     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
725     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
726     -hardened-sources-2.6.14-r4.ebuild:
727     Cleanup.
728 johnm 1.79
729     *hardened-sources-2.6.14-r6 (15 Mar 2006)
730    
731     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
732     +hardened-sources-2.6.14-r6.ebuild:
733     Fixes grsec policy recreation bug and adds a
734     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
735 solar 1.78
736     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
737     - stable on x86
738 hansmi 1.77
739     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
740     hardened-sources-2.6.14-r5.ebuild:
741     Stable on ppc.
742 johnm 1.76
743     *hardened-sources-2.6.14-r5 (01 Feb 2006)
744    
745     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
746     +hardened-sources-2.6.14-r5.ebuild:
747     fixing every known exploit
748 solar 1.75
749     *hardened-sources-2.4.32-r2 (26 Jan 2006)
750    
751     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
752     +hardened-sources-2.4.32-r2.ebuild:
753     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
754 solar 1.74
755     *hardened-sources-2.6.14-r4 (12 Jan 2006)
756    
757     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
758     - version bump for new genpatches which fix up a few sec holes
759 solar 1.73
760     *hardened-sources-2.4.32-r1 (05 Jan 2006)
761    
762     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
763     - revision bump to add misc vital linux kernel security patches.
764 johnm 1.72
765     *hardened-sources-2.6.14-r3 (30 Dec 2005)
766    
767     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
768     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
769     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
770 johnm 1.71
771     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
772     hardened-sources-2.6.14-r2.ebuild:
773     making x86 & amd64 stable following testing.
774 johnm 1.70
775     *hardened-sources-2.6.14-r2 (27 Dec 2005)
776    
777     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
778     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
779     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
780     network hooks.
781 johnm 1.69
782     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
783     hardened-sources-2.6.14-r1.ebuild:
784     bumping to stable early for sec fix on x86 & amd64
785 johnm 1.68
786     *hardened-sources-2.6.14-r1 (05 Dec 2005)
787    
788     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
789     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
790     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
791 solar 1.67
792     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
793     - stable on x86 security bug #114227 CAN-2005-3257
794 kang 1.66
795     *hardened-sources-2.4.32 (19 Nov 2005)
796    
797     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
798     +hardened-sources-2.4.32.ebuild:
799     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
800     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
801     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
802     rsbac >> /etc/portage/package.use)
803 johnm 1.65
804     *hardened-sources-2.6.14 (14 Nov 2005)
805    
806     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
807     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
808     Bumping 2.6 series to 2.6.14.2
809 johnm 1.64
810     *hardened-sources-2.6.13-r2 (20 Oct 2005)
811    
812     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
813     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
814     +hardened-sources-2.6.13-r2.ebuild:
815     Fixes minor build error in ppc.
816 johnm 1.63
817     *hardened-sources-2.6.13-r1 (17 Oct 2005)
818    
819     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
820     +hardened-sources-2.6.13-r1.ebuild:
821     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
822     2.6.13.4, fixes some major amd64 stability problems.
823 johnm 1.62
824     *hardened-sources-2.6.13 (16 Sep 2005)
825    
826     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
827     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
828     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
829     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
830     users should test this thoroughly.
831 solar 1.61
832     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
833     - stable on x86
834 johnm 1.60
835     *hardened-sources-2.6.11-r15 (27 Jun 2005)
836    
837     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
838     +hardened-sources-2.6.11-r15.ebuild:
839     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
840     grsec redefining curr_ip struct.
841 solar 1.59
842     *hardened-sources-2.4.31 (20 Jun 2005)
843    
844     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
845     initial import of 2.4.31 tree
846 johnm 1.58
847     *hardened-sources-2.6.11-r14 (14 Jun 2005)
848    
849     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
850     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
851     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
852     naming scheme to abide by genpatches
853 johnm 1.57
854     *hardened-sources-2.6.11-r13 (18 May 2005)
855    
856     18 May 2005; John Mylchreest <johnm@gentoo.org>
857     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
858     Managed to mangle the Makefile patch from grsec, to miss out the grsec
859     target. sorry about that. Fixes bug #93022
860 johnm 1.56
861     *hardened-sources-2.6.11-r12 (17 May 2005)
862    
863     17 May 2005; John Mylchreest <johnm@gentoo.org>
864     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
865     +hardened-sources-2.6.11-r12.ebuild:
866     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
867     merges in genpatches-base
868 johnm 1.55
869     *hardened-sources-2.6.11-r12 (17 May 2005)
870    
871     17 May 2005; John Mylchreest <johnm@gentoo.org>
872     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
873     +hardened-sources-2.6.11-r12.ebuild:
874     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
875     merges in genpatches-base
876 solar 1.54
877     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
878     -files/2.4.27-cmdline-race.patch,
879     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
880     -files/2.4.28-grsec-binfmt_a.out.patch,
881     -files/2.4.28-grsec-cmdline-race.patch,
882     -files/2.4.28-selinux-binfmt_a.out.patch,
883     -files/2.4.28-selinux-cmdline-race.patch,
884     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
885     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
886     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
887     cleanup..
888 solar 1.53
889     *hardened-sources-2.4.30-r1 (21 Apr 2005)
890    
891     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
892     - disable aout by default
893 solar 1.52
894     *hardened-sources-2.4.30 (18 Apr 2005)
895    
896     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
897     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
898     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
899     use
900 tocharian 1.50
901 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
902    
903     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
904     +hardened-sources-2.4.29.ebuild:
905     New hardened-patches-2.4-29.0 patchball.
906     Removed SELinux support, upgraded GRSecurity to 2.1.4.
907    
908     *hardened-sources-2.4.28-r5 (06 Mar 2005)
909    
910     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
911     +hardened-sources-2.4.28-r5.ebuild:
912     Added a fix for a PaX vulnerability.
913    
914     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
915 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
916     Stable on x86
917 solar 1.49
918     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
919     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
920     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
921     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
922     - fixed/added RDEPEND= in all kernel-2 ebuilds
923 tocharian 1.48
924     *hardened-sources-2.4.28-r4 (21 Jan 2005)
925    
926     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
927     +hardened-sources-2.4.28-r4.ebuild:
928     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
929     backport of neighbour hash updates.
930 tocharian 1.47
931     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
932     hardened-sources-2.4.28-r3.ebuild:
933     Stable on x86
934 tseng 1.46
935     *hardened-sources-2.6.10-r3 (20 Jan 2005)
936    
937     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
938     +hardened-sources-2.6.10-r3.ebuild:
939     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
940     in 2005.0
941 tocharian 1.45
942     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
943     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
944     hardened-sources-2.4.28-r2.ebuild:
945     Mark stable on x86
946 tocharian 1.44
947     *hardened-sources-2.4.28-r3 (17 Jan 2005)
948    
949     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
950     +hardened-sources-2.4.28-r3.ebuild:
951     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
952 tocharian 1.43
953     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
954     hardened-sources-2.4.28.ebuild:
955     Mark stable on x86.
956 tocharian 1.42
957     *hardened-sources-2.4.28-r2 (13 Jan 2005)
958    
959     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
960     +hardened-sources-2.4.28-r2.ebuild:
961     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
962     Mazinger for grsecurity patches as well.
963 plasmaroo 1.41
964     *hardened-sources-2.4.28-r1 (23 Dec 2004)
965    
966     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
967     Security bump. Thank tocharian for rolling a new patchset...
968 solar 1.40
969     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
970     +files/2.4.28-grsec-cmdline-race.patch,
971     +files/2.4.28-selinux-binfmt_a.out.patch,
972     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
973     - Round up remaining security patches that appear to be missing in 2.4.28. -
974     PaX standalone updated to current. hgpv=28.1
975 solar 1.39
976     *hardened-sources-2.4.28 (28 Nov 2004)
977    
978     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
979     security bump. Thank tocharian for rolling a new patchset
980 scox 1.31
981 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
982    
983     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
984     +hardened-sources-2.4.27-r3.ebuild:
985     Applies the new 2.4-27.2 patchball which updates
986     GRSecurity to the 2.0.1 version.
987    
988 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
989    
990     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
991     +hardened-sources-2.4.27-r2.ebuild:
992     Version bump.
993     This version uses the new 2.4-27.1 patchball which updates
994     both the SELinux PaX hooks patch and the SELinux headers.
995    
996 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
997    
998     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
999     +hardened-sources-2.4.27-r1.ebuild,
1000     -hardened-sources-2.4.27.ebuild,
1001     +files/2.4.27-cmdline-race.patch:
1002     Version bump, fix for cmdline race. See bug #59905.
1003    
1004     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1005    
1006     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1007     +hardened-sources-2.4.26-r6.ebuild,
1008     -hardened-sources-2.4.26-r5.ebuild,
1009     -hardened-sources-2.4.26-r4.ebuild,
1010     +files/2.4.26-cmdline-race.patch:
1011     Version bump, fix for cmdline race. See bug #59905.
1012    
1013 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1014    
1015     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1016     +hardened-sources-2.4.27.ebuild,
1017     +files/2.4.27-CAN-2004-0394.patch:
1018     Ported the patchball to the 2.4.27 kernel version.
1019    
1020 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1021    
1022     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1023     +hardened-sources-2.4.26-r5.ebuild:
1024 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1025 scox 1.34 It adds the following features:
1026     - Squashfs
1027     - Ebtables
1028     - Netdev random (core+drivers)
1029     - Watchdog Timer (WDT) fix.
1030    
1031 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1032    
1033     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1034     +hardened-sources-2.4.26-r4.ebuild,
1035     +files/2.4.26-CAN-2004-0415.patch,
1036     -hardened-sources-2.4.26-3:
1037     Version bump, fix for CAN 0415, see bug #59378.
1038    
1039 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1040    
1041     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1042     +hardened-sources-2.4.26-r3.ebuild,
1043     +files/2.4.26-CAN-2004-0497.patch,
1044     -hardened-sources-2.4.26-r2.ebuild:
1045     Version bump, fixed CAN 0497, see bug #56171.
1046    
1047 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1048    
1049     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1050 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1051 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1052     +files/2.4.26-CAN-2004-0535.patch,
1053     -hardened-sources-2.4.26-r1.ebuild:
1054     Fixes for both CAN 0495 and 0535, see bug #54976
1055 pvdabeel 1.27
1056 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1057     hardened-sources-2.4.26-r1.ebuild:
1058     QA - fix use invocation
1059 scox 1.28
1060     *hardened-sources-2.4.26-r1 (22 June 2004)
1061    
1062     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1063     +hardened-sources-2.4.26-r1.ebuild,
1064     +files/2.4.26-CAN-2004-0394.patch,
1065     +files/2.4.26-signal-race.patch,
1066     -hardened-sources-2.4.26.ebuild,
1067     -hardened-sources-2.4.24-r3.ebuild:
1068     Version bump for the CAN-2004-0394 issue and bug #53804
1069     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1070    
1071    
1072 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1073     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1074     Masked hardened-sources-2.4.26.ebuild broken for ppc
1075    
1076     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1077     hardened-sources-2.4.24-r3.ebuild:
1078     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1079 plasmaroo 1.25
1080 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1081    
1082     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1083     +hardened-sources-2.4.26.ebuild:
1084     Updated hardened-sources for the 2.4.26 kernel
1085     Removed broken components, updated almost everything.
1086    
1087 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1088    
1089     17 Apr 2004; <plasmaroo@gentoo.org>
1090     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1091     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1092     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1093     +hardened-sources-2.4.24-r3.ebuild:
1094     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1095     vulnerabilities. Old revisions removed.
1096 plasmaroo 1.24
1097     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1098    
1099     15 Apr 2004; <plasmaroo@gentoo.org>
1100     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1101     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1102     Version bump for the CAN-2004-0109 issue; bug #47881.
1103 aliz 1.23
1104     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1105     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1106     Add eutils to inherit.
1107 plasmaroo 1.22
1108     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1109    
1110     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1111     files/hardened-sources-2.4.24.munmap.patch:
1112     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1113 scox 1.19
1114 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1115 scox 1.26
1116 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1117     hardened-sources-2.4.24.ebuild:
1118     Version bump, updated most of the components.
1119     This release includes the following:
1120    
1121     - Hardened security
1122     - Netfilter patch-o-matic 20031219
1123     - FreeSWAN 2.04 & x509 1.4.8
1124     - EVMS 2.2.2
1125     - XFS 1.3.1
1126     - cryptoloop jari
1127     - grsecurity 2.0-rc4
1128     - SELinux
1129     - PaX 200402060000
1130     - PaX Obscurity 200308302223
1131     - Others...
1132    
1133     Neither -ck nor systrace are included anymore.
1134    
1135 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1136    
1137     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1138     hardened-sources-2.4.22-r2.ebuild:
1139 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1140 scox 1.19
1141     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1142 iggy 1.17
1143     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1144 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1145 iggy 1.16
1146     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1147 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1148     Version bump for the 'do_brk' vulnerability.
1149 iggy 1.15
1150     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1151     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1152     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1153     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1154 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1155 frogger 1.14
1156     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1157     hardened-sources-2.4.22.ebuild:
1158 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1159     components. These are no longer handled in the kernel
1160     so this code was not necessary.
1161 frogger 1.13
1162     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1163     New 2.4.22 based hardened-sources thanks to
1164     Phil West <p.west@computer.org>.
1165    
1166     These sources include:
1167 plasmaroo 1.18 - New SELinux API
1168     - Updated CK-base
1169     - Updated GRSec
1170     - Systrace
1171     - SuperFreeS/WAN 1.99.8
1172     - Propolice kernel build support
1173     - EVMS
1174     - Other various security related patches
1175 frogger 1.11
1176 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1177    
1178     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1179     Updated hardened-sources based on the 2.4.21 Linux kernel.
1180     This includes updates to most major components such as:
1181 plasmaroo 1.18 - ck-base-0306300059
1182     - selinux-2.4-2003071106
1183     - grsecurity-2.0-rc1
1184     - Updated IPTables patch-o-matic
1185     - Updated SuperFreeS/WAN
1186    
1187 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1188     updated patch set ready for the 2.4.21 based kernel.
1189    
1190 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1191     Initial import of hardened-sources-2.4.20-r4. This revision
1192     includes only a few changes, but one of these is an important
1193     security fix. It is recommended all users of hardened-sources
1194     upgrade to this release.
1195 plasmaroo 1.18
1196 frogger 1.11 - ioperm bug fix
1197     - fixed compilation failure when building without GRSec
1198 plasmaroo 1.18
1199 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1200     due to time constraints, but is planned for inclusion in the near
1201     future.
1202 msterret 1.10
1203     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1204    
1205     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1206     hardened-sources-2.4.20-r3.ebuild:
1207 plasmaroo 1.18 Add Header...
1208 frogger 1.9
1209     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1210     hardened-sources-2.4.20-r3.ebuild:
1211     Removed warnings from ebuild. This kernel should be safe to
1212     use at this point.
1213 frogger 1.8
1214     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1215    
1216     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1217     hardened-sources-2.4.20-r3.ebuild:
1218     New revision. Includes the following changes over -r2:
1219 plasmaroo 1.18
1220 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1221     - Super FreeS/WAN 1.99.7rc2
1222     - PaX for the LSM/SELinux branch
1223     - GRSecurity 2.0-pre4 (role based access control)
1224     - Systrace 1.3
1225     - EXT3 fixes
1226     - EVMS 2.0.1
1227     - GCC 3.1+ compile optimizations
1228     - ProPolice kernel build support
1229     - Hashing table security fixes
1230 frogger 1.3
1231     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1232 frogger 1.7
1233     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1234     Initial import of hardened-sources-r2. This new
1235     ebuild includes many new performance and security
1236     related patches. As in -r1, it will patch in
1237     LSM/SELinux if "selinux" is in USE, otherwise it
1238     will patch in GRSecurity. The following patches
1239     are included in this revision:
1240 plasmaroo 1.18
1241 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1242     (pulled from the base CK patch)
1243     - ptrace exploit patch for the LSM kernel
1244     (the GRSec patch already fixes this)
1245     - LSM 2.4-2003040709
1246     - SELinux 2.4-2003040709
1247     - Systrace v1.2
1248     - IPTables patch-o-matic base patches - 20030107
1249     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1250     - Super FreeS/WAN 1.99.6.1
1251     - GRSecurity 1.9.9g
1252     - MPPE
1253     - EXT3 data journal fix
1254     - CIPE 1.5.4
1255 frogger 1.6
1256     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1257     hardened-sources-2.4.20-r1.ebuild, manifest:
1258 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1259 frogger 1.5
1260     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1261     hardened-sources-2.4.20-r1.ebuild:
1262     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1263     is patched in instead. Ptrace patches for selinux have also been added. In
1264     either case, systrace support will be patched in as well.
1265 frogger 1.3
1266     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1267     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1268 plasmaroo 1.18 Revision bump for new sources.
1269 frogger 1.4
1270 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1271 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1272 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1273 method 1.1
1274 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1275    
1276 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1277     hardened-sources-2.4.20.ebuild:
1278 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20