/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.210 - (hide annotations) (download)
Wed Feb 27 16:04:18 2008 UTC (6 years, 4 months ago) by solar
Branch: MAIN
Changes since 1.209: +6 -1 lines
- version bump from Kerin Millar bug 210026
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.210 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.209 2008/02/17 23:47:07 solar Exp $
4    
5     *hardened-sources-2.6.23-r8 (27 Feb 2008)
6    
7     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
8     - version bump from Kerin Millar bug 210026
9 solar 1.209
10     17 Feb 2008; <solar@gentoo.org> metadata.xml,
11     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
12     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
13     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
14     - stable on x86 and remove old ebuilds
15 solar 1.207
16     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
17 solar 1.208 - stable on amd64 per request of amd64 lead
18 solar 1.206
19     *hardened-sources-2.6.23-r7 (11 Feb 2008)
20    
21     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
22     - version bump from kerin.millar
23     Changes:
24    
25     * Bump to genpatches-base-2.6.23-9
26     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
27     * Disables COMPAT_VDSO in x86/defconfig
28     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
29 phreak 1.205
30     25 Jan 2008; Christian Heim <phreak@gentoo.org>
31     -hardened-sources-2.6.22-r8.ebuild:
32     Cleaning up old versions.
33 phreak 1.204
34     *hardened-sources-2.6.23-r6 (25 Jan 2008)
35    
36     25 Jan 2008; Christian Heim <phreak@gentoo.org>
37     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
38     Revision bump, pulling in the latest genpatches.
39 phreak 1.203
40     *hardened-sources-2.6.23-r5 (24 Dec 2007)
41    
42     24 Dec 2007; Christian Heim <phreak@gentoo.org>
43     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
44     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
45     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
46     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
47 phreak 1.202
48     24 Dec 2007; Christian Heim <phreak@gentoo.org>
49     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
50     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
51     -hardened-sources-2.6.23-r3.ebuild:
52     Cleaning out some unused, old versions.
53 phreak 1.201
54     24 Dec 2007; Christian Heim <phreak@gentoo.org>
55     hardened-sources-2.6.23-r4.ebuild:
56     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
57     in the tree for long, but there isn't much of a difference between this and
58     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
59 phreak 1.200
60     *hardened-sources-2.6.23-r4 (23 Dec 2007)
61    
62     23 Dec 2007; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.6.23-r4.ebuild:
64     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
65 phreak 1.199
66     *hardened-sources-2.6.23-r3 (04 Dec 2007)
67    
68     04 Dec 2007; Christian Heim <phreak@gentoo.org>
69     +hardened-sources-2.6.23-r3.ebuild:
70     Revision bump, pulling in 2.6.23.9.
71 phreak 1.198
72     *hardened-sources-2.6.23-r2 (25 Nov 2007)
73    
74     25 Nov 2007; Christian Heim <phreak@gentoo.org>
75     +hardened-sources-2.6.23-r2.ebuild:
76     Updated patchset, thanks to solar.
77 phreak 1.197
78     *hardened-sources-2.6.23-r1 (31 Oct 2007)
79    
80     31 Oct 2007; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.23-r1.ebuild:
82     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
83 solar 1.196
84     29 Oct 2007; <solar@gentoo.org> metadata.xml:
85     - update metadata.xml
86 phreak 1.195
87     25 Oct 2007; Christian Heim <phreak@gentoo.org>
88     hardened-sources-2.6.22-r8.ebuild:
89     Marking 2.6.22-r8 stable on amd64 and x86.
90 phreak 1.194
91     21 Oct 2007; Christian Heim <phreak@gentoo.org>
92     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
93     -hardened-sources-2.6.21-r4.ebuild:
94     Removing old ebuilds.
95 phreak 1.193
96     *hardened-sources-2.4.35-r2 (21 Oct 2007)
97    
98     21 Oct 2007; Christian Heim <phreak@gentoo.org>
99     +hardened-sources-2.4.35-r2.ebuild:
100     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
101     patches.
102 phreak 1.192
103     *hardened-sources-2.6.22-r8 (21 Oct 2007)
104    
105     21 Oct 2007; Christian Heim <phreak@gentoo.org>
106     +hardened-sources-2.6.22-r8.ebuild:
107     Yet another new patch, hopefully fixing the remaining issues we had w/
108     2.6.22. Candidate for stabling.
109 phreak 1.191
110     *hardened-sources-2.6.23 (13 Oct 2007)
111    
112     13 Oct 2007; Christian Heim <phreak@gentoo.org>
113     +hardened-sources-2.6.23.ebuild:
114     Initial hardened-sources-2.6.23. If people still have problems w/ bug
115     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
116 phreak 1.190
117     11 Oct 2007; Christian Heim <phreak@gentoo.org>
118     hardened-sources-2.6.20-r10.ebuild:
119     Pulling in yet another new genpatches version, fixing the PWC bug for real.
120 phreak 1.189
121     04 Oct 2007; Christian Heim <phreak@gentoo.org>
122     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
123     Removing old versions.
124 phreak 1.188
125     *hardened-sources-2.6.22-r7 (01 Oct 2007)
126    
127     01 Oct 2007; Christian Heim <phreak@gentoo.org>
128     +hardened-sources-2.6.22-r7.ebuild:
129     Revision bump, pulling in a newer patch. Should fix #194276.
130 phreak 1.187
131     30 Sep 2007; Christian Heim <phreak@gentoo.org>
132     hardened-sources-2.6.20-r10.ebuild:
133     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
134     Mike Doty).
135 phreak 1.186
136     *hardened-sources-2.6.22-r6 (26 Sep 2007)
137    
138     26 Sep 2007; Christian Heim <phreak@gentoo.org>
139     +hardened-sources-2.6.22-r6.ebuild:
140     Revision bump, grabbing up till Linux 2.6.22.9.
141 phreak 1.185
142     24 Sep 2007; Christian Heim <phreak@gentoo.org>
143     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
144     Cleaning up further.
145 phreak 1.184
146     *hardened-sources-2.6.20-r10 (24 Sep 2007)
147    
148     24 Sep 2007; Christian Heim <phreak@gentoo.org>
149     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
150     +hardened-sources-2.6.20-r10.ebuild:
151     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
152     revisions.
153 phreak 1.183
154     *hardened-sources-2.6.22-r5 (22 Sep 2007)
155    
156     22 Sep 2007; Christian Heim <phreak@gentoo.org>
157     +hardened-sources-2.6.22-r5.ebuild:
158     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
159 phreak 1.182
160     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
161     Removing johnm from metadata.xml (see #186467 for reference).
162 phreak 1.181
163     *hardened-sources-2.6.22-r4 (17 Sep 2007)
164    
165     17 Sep 2007; Christian Heim <phreak@gentoo.org>
166     +hardened-sources-2.6.22-r4.ebuild:
167     Revision bump, hopefully fixing all those weird PAX failures.
168 phreak 1.180
169     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
170     Updating the metadata.xml.
171 phreak 1.179
172     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
173     Removing tocharian from metadata due to his retirement (see #71718 for
174     reference).
175 phreak 1.178
176     *hardened-sources-2.6.20-r9 (30 Aug 2007)
177    
178     30 Aug 2007; Christian Heim <phreak@gentoo.org>
179     +hardened-sources-2.6.20-r9.ebuild:
180     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
181 phreak 1.177
182     29 Aug 2007; Christian Heim <phreak@gentoo.org>
183     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
184     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
185     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
186     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
187     -hardened-sources-2.6.22-r2.ebuild:
188     Removing some redundant versions.
189 phreak 1.176
190     *hardened-sources-2.4.35-r1 (29 Aug 2007)
191    
192     29 Aug 2007; Christian Heim <phreak@gentoo.org>
193     +hardened-sources-2.4.35-r1.ebuild:
194     Revision bump, new grsecurity patch.
195 phreak 1.175
196     *hardened-sources-2.6.20-r8 (26 Aug 2007)
197    
198     26 Aug 2007; Christian Heim <phreak@gentoo.org>
199     +hardened-sources-2.6.20-r8.ebuild:
200     Revision bump for Linux 2.6.20.17.
201 phreak 1.174
202     *hardened-sources-2.6.22-r3 (22 Aug 2007)
203    
204     22 Aug 2007; Christian Heim <phreak@gentoo.org>
205     +hardened-sources-2.6.22-r3.ebuild:
206     Revision bump for Linux 2.6.22.4.
207 phreak 1.173
208     16 Aug 2007; Christian Heim <phreak@gentoo.org>
209     hardened-sources-2.6.22-r2.ebuild:
210     Updated patchset, to fix the alignment against 2.6.22.3.
211 phreak 1.172
212     *hardened-sources-2.6.22-r2 (16 Aug 2007)
213    
214     16 Aug 2007; Christian Heim <phreak@gentoo.org>
215     +hardened-sources-2.6.22-r2.ebuild:
216     Revision bump for Linux 2.6.22.3.
217 phreak 1.171
218     *hardened-sources-2.4.35 (16 Aug 2007)
219    
220     16 Aug 2007; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.4.35.ebuild:
222     Version bump, initial version for Linux 2.4.35.
223 phreak 1.170
224     *hardened-sources-2.6.21-r4 (16 Aug 2007)
225    
226     16 Aug 2007; Christian Heim <phreak@gentoo.org>
227     +hardened-sources-2.6.21-r4.ebuild:
228     Revision bump for Linux 2.6.21.6.
229 phreak 1.169
230     *hardened-sources-2.6.20-r7 (16 Aug 2007)
231    
232     16 Aug 2007; Christian Heim <phreak@gentoo.org>
233     +hardened-sources-2.6.20-r7.ebuild:
234     Revision bump for Linux 2.6.20.16.
235 phreak 1.168
236     *hardened-sources-2.6.22-r1 (13 Aug 2007)
237    
238     13 Aug 2007; Christian Heim <phreak@gentoo.org>
239     +hardened-sources-2.6.22-r1.ebuild:
240     Yet another revision bump.
241 phreak 1.167
242     *hardened-sources-2.6.22 (10 Aug 2007)
243    
244     10 Aug 2007; Christian Heim <phreak@gentoo.org>
245     +hardened-sources-2.6.22.ebuild:
246     Initial release for 2.6.22. If you are using hardened-sources on a desktop
247     machine (P4 or newer), be aware you might need to disable
248     CONFIG_PAX_PAGEEXEC.
249 phreak 1.166
250     04 Aug 2007; Christian Heim <phreak@gentoo.org>
251     hardened-sources-2.6.20-r6.ebuild:
252     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
253     2.6.20.15.
254 phreak 1.165
255     10 Jul 2007; Christian Heim <phreak@gentoo.org>
256     hardened-sources-2.6.20-r5.ebuild:
257     Marking hardened-sources-2.6.20-r5 stable on ppc.
258 phreak 1.164
259     10 Jul 2007; Christian Heim <phreak@gentoo.org>
260     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
261     Cleanup.
262 phreak 1.163
263     *hardened-sources-2.6.20-r6 (08 Jul 2007)
264    
265     08 Jul 2007; Christian Heim <phreak@gentoo.org>
266     +hardened-sources-2.6.20-r6.ebuild:
267     Revision bump, grabbing yet another stable release.
268 phreak 1.162
269     17 Jun 2007; Christian Heim <phreak@gentoo.org>
270     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
271     -hardened-sources-2.6.21-r2.ebuild:
272     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
273     alpha stable KEYWORD by mistake.
274 phreak 1.161
275     17 Jun 2007; Christian Heim <phreak@gentoo.org>
276     hardened-sources-2.6.20-r5.ebuild:
277     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
278     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
279 phreak 1.160
280     *hardened-sources-2.6.21-r3 (12 Jun 2007)
281    
282     12 Jun 2007; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.6.21-r3.ebuild:
284     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
285     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
286     love.
287 phreak 1.159
288     *hardened-sources-2.6.20-r5 (11 Jun 2007)
289    
290     11 Jun 2007; Christian Heim <phreak@gentoo.org>
291     +hardened-sources-2.6.20-r5.ebuild:
292     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
293     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
294     love.
295 pappy 1.158
296     *hardened-sources-2.4.34.5 (11 Jun 2007)
297    
298     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
299     +hardened-sources-2.4.34.5.ebuild:
300     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
301 phreak 1.157
302     30 May 2007; Christian Heim <phreak@gentoo.org>
303     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
304     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
305     stale ebuild(s).
306 phreak 1.156
307     30 May 2007; Christian Heim <phreak@gentoo.org>
308     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
309     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
310     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
311     Doing some cleanups, remove stale ebuilds.
312 phreak 1.155
313     26 May 2007; Christian Heim <phreak@gentoo.org>
314     hardened-sources-2.6.21-r2.ebuild:
315     Fixing the grsecurity patch, had one '};' too much.
316 phreak 1.154
317     *hardened-sources-2.6.21-r2 (26 May 2007)
318    
319     26 May 2007; Christian Heim <phreak@gentoo.org>
320     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
321     +hardened-sources-2.6.21-r2.ebuild:
322     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
323     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
324 phreak 1.153
325     *hardened-sources-2.6.20-r4 (26 May 2007)
326    
327     26 May 2007; Christian Heim <phreak@gentoo.org>
328     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
329     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
330 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
331 phreak 1.152
332     15 May 2007; Christian Heim <phreak@gentoo.org>
333     hardened-sources-2.6.20-r3.ebuild:
334     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
335     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
336     grsecurity patch fail in that exact same hunk.
337 phreak 1.151
338     *hardened-sources-2.6.20-r3 (15 May 2007)
339    
340     15 May 2007; Christian Heim <phreak@gentoo.org>
341     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
342     Revision bump, incorporating Linux 2.6.20.11.
343    
344     *hardened-sources-2.6.21-r1 (11 May 2007)
345    
346     11 May 2007; Christian Heim <phreak@gentoo.org>
347     +hardened-sources-2.6.21-r1.ebuild:
348     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
349     mentioned in #177234.
350 kevquinn 1.150
351     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
352     files/digest-hardened-sources-2.6.21, Manifest:
353     Fix Manifest/digest for linux-2.6.21.tar.bz2
354 phreak 1.149
355     06 May 2007; Christian Heim <phreak@gentoo.org>
356     hardened-sources-2.6.21.ebuild:
357     Bumping the hardened-patches version, needed for the fix for #177234.
358 phreak 1.148
359     *hardened-sources-2.6.21 (02 May 2007)
360    
361     02 May 2007; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.21.ebuild:
363     Version bump, Linux 2.6.21-hardened.
364 phreak 1.147
365     29 Apr 2007; Christian Heim <phreak@gentoo.org>
366     hardened-sources-2.6.20-r2.ebuild:
367     Adding ~ia64 on Ned's request.
368 phreak 1.146
369     29 Apr 2007; Christian Heim <phreak@gentoo.org>
370     hardened-sources-2.6.20-r2.ebuild:
371     Fixing the included grsecurity patch, wasn't alligning due to the Index:
372     header line(s).
373 phreak 1.145
374     29 Apr 2007; Christian Heim <phreak@gentoo.org>
375     hardened-sources-2.6.20-r2.ebuild:
376     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
377 armin76 1.144
378     *hardened-sources-2.6.20-r2 (10 Apr 2007)
379    
380     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
381     +hardened-sources-2.6.20-r2.ebuild:
382     Version bump, on behalf of phreak
383 phreak 1.143
384     *hardened-sources-2.6.20-r1 (04 Apr 2007)
385    
386     04 Apr 2007; Christian Heim <phreak@gentoo.org>
387     +hardened-sources-2.6.20-r1.ebuild:
388     Revision bump, grabbing a newer grsecurity snapshot.
389 phreak 1.142
390     *hardened-sources-2.6.20 (25 Mar 2007)
391    
392     25 Mar 2007; Christian Heim <phreak@gentoo.org>
393     +hardened-sources-2.6.20.ebuild:
394     Finally a hardened-sources version for 2.6.20; many people have been waiting
395     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
396     testbox.
397 chainsaw 1.141
398     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
399     hardened-sources-2.6.18-r6.ebuild:
400     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
401 phreak 1.140
402     *hardened-sources-2.6.18-r6 (16 Mar 2007)
403    
404     16 Mar 2007; Christian Heim <phreak@gentoo.org>
405     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
406     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
407     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
408     supposed to be.
409 phreak 1.139
410     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
411     Fixing the Manifest, the previous one was broken (as in still had the
412     deleted ebuild in it).
413 phreak 1.138
414     06 Mar 2007; Christian Heim <phreak@gentoo.org>
415     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
416     +hardened-sources-2.6.18-r5.ebuild:
417     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
418     Linux 2.6.18.8. Also cleaning up the older version.
419    
420     *hardened-sources-2.6.18-r5 (06 Mar 2007)
421    
422     06 Mar 2007; Christian Heim <phreak@gentoo.org>
423     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
424     +hardened-sources-2.6.18-r5.ebuild:
425     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
426     Linux 2.6.18.8. Also cleaning up the older version.
427 phreak 1.137
428     24 Feb 2007; Christian Heim <phreak@gentoo.org>
429     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
430     -hardened-sources-2.6.19-r5.ebuild:
431     Removing some of the old version, that didn't work.
432 phreak 1.136
433     *hardened-sources-2.6.19-r6 (12 Feb 2007)
434    
435     12 Feb 2007; Christian Heim <phreak@gentoo.org>
436     +hardened-sources-2.6.19-r6.ebuild:
437     Revision bump, including a new grsec version fixing #166235.
438 pappy 1.134
439     *hardened-sources-2.4.34 (24 Jan 2007)
440    
441     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
442 pappy 1.135 Manifest:
443     updating Manifest with checksums of new tarball and ebuild
444    
445     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
446 pappy 1.134 +hardened-sources-2.4.34.ebuild:
447     I added new hardened sources 2.4 update, this is a critical path
448     security bugfix - all users of h-s are strongly advised
449     to update their existing hardened sources to this version.
450     It contains a fix for a kernel vulnerability that is pertaining
451     to the PaX changes to virtual memory management, possibly leading
452     to a local kernel exploit ... see grsecurity.net forums and homepage
453 phreak 1.133
454     23 Jan 2007; Christian Heim <phreak@gentoo.org>
455     files/digest-hardened-sources-2.6.19-r5, Manifest:
456     Fixing the patch-tarball digest.
457 phreak 1.132
458     *hardened-sources-2.6.19-r5 (23 Jan 2007)
459    
460     23 Jan 2007; Christian Heim <phreak@gentoo.org>
461     +hardened-sources-2.6.19-r5.ebuild:
462     Revision bump, closing the recently discovered PaX expand_stack()
463     vulnerability.
464 phreak 1.131
465     *hardened-sources-2.6.19-r4 (14 Jan 2007)
466    
467     14 Jan 2007; Christian Heim <phreak@gentoo.org>
468     +hardened-sources-2.6.19-r4.ebuild:
469     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
470     dropping the randomized PID feature.
471 opfer 1.130
472     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
473     hardened-sources-2.4.33.4.ebuild:
474     stable x86, bug #161171
475 phreak 1.129
476     *hardened-sources-2.6.19-r3 (27 Dec 2006)
477    
478     27 Dec 2006; Christian Heim <phreak@gentoo.org>
479     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
480     Revision bump for bug #157186 and #158786.
481 phreak 1.128
482     *hardened-sources-2.6.18-r4 (27 Dec 2006)
483    
484     27 Dec 2006; Christian Heim <phreak@gentoo.org>
485     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
486     Revision bump for bug #157186.
487 phreak 1.127
488     *hardened-sources-2.6.19-r2 (23 Dec 2006)
489    
490     23 Dec 2006; Christian Heim <phreak@gentoo.org>
491     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
492     Revision bump to pull in genpatches-2.6.19-3 for #157186.
493 phreak 1.126
494     17 Dec 2006; Christian Heim <phreak@gentoo.org>
495     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
496     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
497     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
498     hardened-sources-2.6.19-r1.ebuild:
499     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
500     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
501 pappy 1.125
502     *hardened-sources-2.4.33.4 (17 Dec 2006)
503    
504     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
505     +hardened-sources-2.4.33.4.ebuild:
506     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
507     and quilting
508 phreak 1.124
509     *hardened-sources-2.6.19-r1 (14 Dec 2006)
510    
511     14 Dec 2006; Christian Heim <phreak@gentoo.org>
512     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
513     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
514     for reporting).
515 phreak 1.123
516     *hardened-sources-2.6.19 (13 Dec 2006)
517    
518     13 Dec 2006; Christian Heim <phreak@gentoo.org>
519     +hardened-sources-2.6.19.ebuild:
520     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
521     Brad for providing that prompt update.
522 phreak 1.122
523     *hardened-sources-2.6.18-r3 (13 Dec 2006)
524    
525     13 Dec 2006; Christian Heim <phreak@gentoo.org>
526     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
527     +hardened-sources-2.6.18-r3.ebuild:
528     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
529     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
530 phreak 1.121
531     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
532     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
533 nixnut 1.120
534     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
535     Stable on ppc wrt bug 157356
536 opfer 1.119
537     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
538     hardened-sources-2.6.18.ebuild:
539     stable x86, bug #157356
540 phreak 1.118
541     *hardened-sources-2.6.18-r2 (06 Dec 2006)
542    
543     06 Dec 2006; Christian Heim <phreak@gentoo.org>
544     +hardened-sources-2.6.18-r2.ebuild:
545     Revision bump, including 2.6.18.5 (via genpatches) and
546     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
547     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
548     redesign.
549 phreak 1.117
550     06 Dec 2006; Christian Heim <phreak@gentoo.org>
551     hardened-sources-2.6.18.ebuild:
552     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
553     of Mike Doty).
554 phreak 1.116
555     *hardened-sources-2.6.18-r1 (23 Nov 2006)
556    
557     23 Nov 2006; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.18-r1.ebuild:
559     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
560 phreak 1.115
561     *hardened-sources-2.6.18 (11 Nov 2006)
562    
563     11 Nov 2006; Christian Heim <phreak@gentoo.org>
564     +hardened-sources-2.6.18.ebuild:
565     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
566 solar 1.114
567     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
568     - mark amd64 stable also. bug #151877
569 solar 1.113
570     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
571     - mark 2.6.17-r1 stable
572 phreak 1.112
573     27 Aug 2006; Christian Heim <phreak@gentoo.org>
574     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
575     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
576 phreak 1.111
577     *hardened-sources-2.6.17-r1 (26 Aug 2006)
578    
579     26 Aug 2006; Christian Heim <phreak@gentoo.org>
580     +hardened-sources-2.6.17-r1.ebuild:
581     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
582     grsecurity patch.
583 phreak 1.110
584     *hardened-sources-2.6.17 (17 Aug 2006)
585    
586     17 Aug 2006; Christian Heim <phreak@gentoo.org>
587     +hardened-sources-2.6.17.ebuild:
588     Bumping the hardened-sources-2.6 series to 2.6.17, using
589     genpatches-2.6.17-6.base.
590 solar 1.109
591     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
592     - stable on x86 and amd64
593 solar 1.108
594     *hardened-sources-2.6.16-r11 (15 Jul 2006)
595    
596     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
597     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
598     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
599     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
600     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
601     crusty ebuilds
602 johnm 1.107
603     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
604     hardened-sources-2.6.16-r10.ebuild:
605     marking stable on x86 and amd64
606 solar 1.106
607     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
608     - 2.4.32-r6 stable on x86. RSBAC state unknown
609 kang 1.105
610     *hardened-sources-2.4.32-r7 (10 Jul 2006)
611    
612     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
613     +hardened-sources-2.4.32-r7.ebuild:
614     Bump PaX for RSBAC to test-17
615 johnm 1.104
616     *hardened-sources-2.6.16-r9 (03 Jul 2006)
617    
618     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
619     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
620     hardened-sources-2.6.16 bump to latest -base.
621 solar 1.103
622     *hardened-sources-2.4.32-r6 (30 Jun 2006)
623    
624     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
625     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
626     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
627     sysctl controlable resource logging
628 johnm 1.102
629     *hardened-sources-2.6.16-r7 (05 Jun 2006)
630    
631     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
632     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
633     push new 2.6.16 release in preparation for stable
634 solar 1.101
635     22 May 2006; <solar@gentoo.org> :
636     - redigest bug 134002
637 kang 1.100
638     *hardened-sources-2.4.32-r5 (16 May 2006)
639    
640     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
641     +hardened-sources-2.4.32-r5.ebuild:
642     Fixes rsbac common patching (new patch in new -r5 patchset)
643 solar 1.99
644     *hardened-sources-2.4.32-r4 (13 May 2006)
645    
646     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
647     +hardened-sources-2.4.32-r4.ebuild:
648     - security bumps
649 johnm 1.98
650     *hardened-sources-2.6.16-r6 (03 May 2006)
651    
652     03 May 2006; John Mylchreest <johnm@gentoo.org>
653     +hardened-sources-2.6.16-r6.ebuild:
654     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
655 johnm 1.97
656     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
657     hardened-sources-2.6.14-r8.ebuild:
658     fix x86_64 build problem, this will delay the digest issue again for a short
659     while but it will sort itself out
660 johnm 1.96
661     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
662     hardened-sources-2.6.14-r8.ebuild:
663     bump hardened patchset
664 antarus 1.94
665     27 Apr 2006; Alec Warner <antarus@gentoo.org>
666     files/digest-hardened-sources-2.4.32-r2,
667     files/digest-hardened-sources-2.4.32-r3,
668     files/digest-hardened-sources-2.6.14-r8, Manifest:
669     Fixing duff SHA256 digests: Bug # 131293
670 johnm 1.93
671 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
672    
673     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
674     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
675     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
676     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
677     cleanup of old uneccessary sources
678    
679 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
680     fix digest
681 johnm 1.92
682     *hardened-sources-2.6.14-r8 (20 Apr 2006)
683    
684     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
685     +hardened-sources-2.6.14-r8.ebuild:
686     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
687 johnm 1.91
688     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
689     Turning on gpg-signing again, and recomitting
690 johnm 1.90
691     *hardened-sources-2.6.16-r4 (20 Apr 2006)
692    
693     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
694     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
695     +hardened-sources-2.6.16-r4.ebuild:
696     Fix numerous security vulns
697 solar 1.89
698     *hardened-sources-2.4.32-r3 (16 Apr 2006)
699    
700     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
701     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
702     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
703     - security bump for bug #112791. Removed old ebuilds
704 johnm 1.88
705     *hardened-sources-2.6.16-r3 (15 Apr 2006)
706    
707     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
708     +hardened-sources-2.6.16-r3.ebuild:
709     Removing silly localversion which I missed
710 johnm 1.87
711     *hardened-sources-2.6.14-r7 (14 Apr 2006)
712    
713     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
714     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
715     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
716 johnm 1.86
717     *hardened-sources-2.6.16-r2 (13 Apr 2006)
718    
719     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
720     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
721     +hardened-sources-2.6.16-r2.ebuild:
722     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
723     labels, dropping USERGROUP define fixes, since these were merged mainstream.
724 johnm 1.85
725     *hardened-sources-2.6.16-r1 (11 Apr 2006)
726    
727     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
728     +hardened-sources-2.6.16-r1.ebuild:
729     Bumping to include ppc build fix and 2.6.16.3
730 tsunam 1.84
731     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
732     hardened-sources-2.6.14-r6.ebuild:
733     Stable on x86; bug #127718
734 johnm 1.83
735     *hardened-sources-2.6.16 (31 Mar 2006)
736    
737     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
738     +hardened-sources-2.6.16.ebuild:
739     Bumping to new version of grsec, and kernel base. New squashfs. Based on
740     2.6.16.1
741 cryos 1.82
742     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
743     hardened-sources-2.6.14-r6.ebuild:
744     Stable on amd64, bug 127718.
745 nixnut 1.81
746     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
747     Stable on ppc. Bug #127718
748 johnm 1.80
749     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
750     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
751     -hardened-sources-2.6.14-r4.ebuild:
752     Cleanup.
753 johnm 1.79
754     *hardened-sources-2.6.14-r6 (15 Mar 2006)
755    
756     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
757     +hardened-sources-2.6.14-r6.ebuild:
758     Fixes grsec policy recreation bug and adds a
759     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
760 solar 1.78
761     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
762     - stable on x86
763 hansmi 1.77
764     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
765     hardened-sources-2.6.14-r5.ebuild:
766     Stable on ppc.
767 johnm 1.76
768     *hardened-sources-2.6.14-r5 (01 Feb 2006)
769    
770     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
771     +hardened-sources-2.6.14-r5.ebuild:
772     fixing every known exploit
773 solar 1.75
774     *hardened-sources-2.4.32-r2 (26 Jan 2006)
775    
776     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
777     +hardened-sources-2.4.32-r2.ebuild:
778     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
779 solar 1.74
780     *hardened-sources-2.6.14-r4 (12 Jan 2006)
781    
782     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
783     - version bump for new genpatches which fix up a few sec holes
784 solar 1.73
785     *hardened-sources-2.4.32-r1 (05 Jan 2006)
786    
787     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
788     - revision bump to add misc vital linux kernel security patches.
789 johnm 1.72
790     *hardened-sources-2.6.14-r3 (30 Dec 2005)
791    
792     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
793     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
794     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
795 johnm 1.71
796     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
797     hardened-sources-2.6.14-r2.ebuild:
798     making x86 & amd64 stable following testing.
799 johnm 1.70
800     *hardened-sources-2.6.14-r2 (27 Dec 2005)
801    
802     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
803     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
804     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
805     network hooks.
806 johnm 1.69
807     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
808     hardened-sources-2.6.14-r1.ebuild:
809     bumping to stable early for sec fix on x86 & amd64
810 johnm 1.68
811     *hardened-sources-2.6.14-r1 (05 Dec 2005)
812    
813     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
814     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
815     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
816 solar 1.67
817     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
818     - stable on x86 security bug #114227 CAN-2005-3257
819 kang 1.66
820     *hardened-sources-2.4.32 (19 Nov 2005)
821    
822     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
823     +hardened-sources-2.4.32.ebuild:
824     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
825     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
826     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
827     rsbac >> /etc/portage/package.use)
828 johnm 1.65
829     *hardened-sources-2.6.14 (14 Nov 2005)
830    
831     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
832     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
833     Bumping 2.6 series to 2.6.14.2
834 johnm 1.64
835     *hardened-sources-2.6.13-r2 (20 Oct 2005)
836    
837     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
838     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
839     +hardened-sources-2.6.13-r2.ebuild:
840     Fixes minor build error in ppc.
841 johnm 1.63
842     *hardened-sources-2.6.13-r1 (17 Oct 2005)
843    
844     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
845     +hardened-sources-2.6.13-r1.ebuild:
846     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
847     2.6.13.4, fixes some major amd64 stability problems.
848 johnm 1.62
849     *hardened-sources-2.6.13 (16 Sep 2005)
850    
851     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
852     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
853     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
854     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
855     users should test this thoroughly.
856 solar 1.61
857     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
858     - stable on x86
859 johnm 1.60
860     *hardened-sources-2.6.11-r15 (27 Jun 2005)
861    
862     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
863     +hardened-sources-2.6.11-r15.ebuild:
864     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
865     grsec redefining curr_ip struct.
866 solar 1.59
867     *hardened-sources-2.4.31 (20 Jun 2005)
868    
869     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
870     initial import of 2.4.31 tree
871 johnm 1.58
872     *hardened-sources-2.6.11-r14 (14 Jun 2005)
873    
874     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
875     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
876     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
877     naming scheme to abide by genpatches
878 johnm 1.57
879     *hardened-sources-2.6.11-r13 (18 May 2005)
880    
881     18 May 2005; John Mylchreest <johnm@gentoo.org>
882     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
883     Managed to mangle the Makefile patch from grsec, to miss out the grsec
884     target. sorry about that. Fixes bug #93022
885 johnm 1.56
886     *hardened-sources-2.6.11-r12 (17 May 2005)
887    
888     17 May 2005; John Mylchreest <johnm@gentoo.org>
889     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
890     +hardened-sources-2.6.11-r12.ebuild:
891     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
892     merges in genpatches-base
893 johnm 1.55
894     *hardened-sources-2.6.11-r12 (17 May 2005)
895    
896     17 May 2005; John Mylchreest <johnm@gentoo.org>
897     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
898     +hardened-sources-2.6.11-r12.ebuild:
899     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
900     merges in genpatches-base
901 solar 1.54
902     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
903     -files/2.4.27-cmdline-race.patch,
904     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
905     -files/2.4.28-grsec-binfmt_a.out.patch,
906     -files/2.4.28-grsec-cmdline-race.patch,
907     -files/2.4.28-selinux-binfmt_a.out.patch,
908     -files/2.4.28-selinux-cmdline-race.patch,
909     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
910     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
911     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
912     cleanup..
913 solar 1.53
914     *hardened-sources-2.4.30-r1 (21 Apr 2005)
915    
916     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
917     - disable aout by default
918 solar 1.52
919     *hardened-sources-2.4.30 (18 Apr 2005)
920    
921     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
922     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
923     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
924     use
925 tocharian 1.50
926 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
927    
928     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
929     +hardened-sources-2.4.29.ebuild:
930     New hardened-patches-2.4-29.0 patchball.
931     Removed SELinux support, upgraded GRSecurity to 2.1.4.
932    
933     *hardened-sources-2.4.28-r5 (06 Mar 2005)
934    
935     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
936     +hardened-sources-2.4.28-r5.ebuild:
937     Added a fix for a PaX vulnerability.
938    
939     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
940 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
941     Stable on x86
942 solar 1.49
943     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
944     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
945     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
946     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
947     - fixed/added RDEPEND= in all kernel-2 ebuilds
948 tocharian 1.48
949     *hardened-sources-2.4.28-r4 (21 Jan 2005)
950    
951     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
952     +hardened-sources-2.4.28-r4.ebuild:
953     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
954     backport of neighbour hash updates.
955 tocharian 1.47
956     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
957     hardened-sources-2.4.28-r3.ebuild:
958     Stable on x86
959 tseng 1.46
960     *hardened-sources-2.6.10-r3 (20 Jan 2005)
961    
962     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
963     +hardened-sources-2.6.10-r3.ebuild:
964     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
965     in 2005.0
966 tocharian 1.45
967     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
968     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
969     hardened-sources-2.4.28-r2.ebuild:
970     Mark stable on x86
971 tocharian 1.44
972     *hardened-sources-2.4.28-r3 (17 Jan 2005)
973    
974     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
975     +hardened-sources-2.4.28-r3.ebuild:
976     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
977 tocharian 1.43
978     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
979     hardened-sources-2.4.28.ebuild:
980     Mark stable on x86.
981 tocharian 1.42
982     *hardened-sources-2.4.28-r2 (13 Jan 2005)
983    
984     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
985     +hardened-sources-2.4.28-r2.ebuild:
986     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
987     Mazinger for grsecurity patches as well.
988 plasmaroo 1.41
989     *hardened-sources-2.4.28-r1 (23 Dec 2004)
990    
991     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
992     Security bump. Thank tocharian for rolling a new patchset...
993 solar 1.40
994     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
995     +files/2.4.28-grsec-cmdline-race.patch,
996     +files/2.4.28-selinux-binfmt_a.out.patch,
997     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
998     - Round up remaining security patches that appear to be missing in 2.4.28. -
999     PaX standalone updated to current. hgpv=28.1
1000 solar 1.39
1001     *hardened-sources-2.4.28 (28 Nov 2004)
1002    
1003     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1004     security bump. Thank tocharian for rolling a new patchset
1005 scox 1.31
1006 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1007    
1008     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1009     +hardened-sources-2.4.27-r3.ebuild:
1010     Applies the new 2.4-27.2 patchball which updates
1011     GRSecurity to the 2.0.1 version.
1012    
1013 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1014    
1015     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1016     +hardened-sources-2.4.27-r2.ebuild:
1017     Version bump.
1018     This version uses the new 2.4-27.1 patchball which updates
1019     both the SELinux PaX hooks patch and the SELinux headers.
1020    
1021 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1022    
1023     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1024     +hardened-sources-2.4.27-r1.ebuild,
1025     -hardened-sources-2.4.27.ebuild,
1026     +files/2.4.27-cmdline-race.patch:
1027     Version bump, fix for cmdline race. See bug #59905.
1028    
1029     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1030    
1031     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1032     +hardened-sources-2.4.26-r6.ebuild,
1033     -hardened-sources-2.4.26-r5.ebuild,
1034     -hardened-sources-2.4.26-r4.ebuild,
1035     +files/2.4.26-cmdline-race.patch:
1036     Version bump, fix for cmdline race. See bug #59905.
1037    
1038 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1039    
1040     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1041     +hardened-sources-2.4.27.ebuild,
1042     +files/2.4.27-CAN-2004-0394.patch:
1043     Ported the patchball to the 2.4.27 kernel version.
1044    
1045 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1046    
1047     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1048     +hardened-sources-2.4.26-r5.ebuild:
1049 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1050 scox 1.34 It adds the following features:
1051     - Squashfs
1052     - Ebtables
1053     - Netdev random (core+drivers)
1054     - Watchdog Timer (WDT) fix.
1055    
1056 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1057    
1058     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1059     +hardened-sources-2.4.26-r4.ebuild,
1060     +files/2.4.26-CAN-2004-0415.patch,
1061     -hardened-sources-2.4.26-3:
1062     Version bump, fix for CAN 0415, see bug #59378.
1063    
1064 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1065    
1066     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1067     +hardened-sources-2.4.26-r3.ebuild,
1068     +files/2.4.26-CAN-2004-0497.patch,
1069     -hardened-sources-2.4.26-r2.ebuild:
1070     Version bump, fixed CAN 0497, see bug #56171.
1071    
1072 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1073    
1074     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1075 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1076 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1077     +files/2.4.26-CAN-2004-0535.patch,
1078     -hardened-sources-2.4.26-r1.ebuild:
1079     Fixes for both CAN 0495 and 0535, see bug #54976
1080 pvdabeel 1.27
1081 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1082     hardened-sources-2.4.26-r1.ebuild:
1083     QA - fix use invocation
1084 scox 1.28
1085     *hardened-sources-2.4.26-r1 (22 June 2004)
1086    
1087     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1088     +hardened-sources-2.4.26-r1.ebuild,
1089     +files/2.4.26-CAN-2004-0394.patch,
1090     +files/2.4.26-signal-race.patch,
1091     -hardened-sources-2.4.26.ebuild,
1092     -hardened-sources-2.4.24-r3.ebuild:
1093     Version bump for the CAN-2004-0394 issue and bug #53804
1094     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1095    
1096    
1097 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1098     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1099     Masked hardened-sources-2.4.26.ebuild broken for ppc
1100    
1101     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1102     hardened-sources-2.4.24-r3.ebuild:
1103     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1104 plasmaroo 1.25
1105 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1106    
1107     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1108     +hardened-sources-2.4.26.ebuild:
1109     Updated hardened-sources for the 2.4.26 kernel
1110     Removed broken components, updated almost everything.
1111    
1112 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1113    
1114     17 Apr 2004; <plasmaroo@gentoo.org>
1115     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1116     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1117     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1118     +hardened-sources-2.4.24-r3.ebuild:
1119     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1120     vulnerabilities. Old revisions removed.
1121 plasmaroo 1.24
1122     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1123    
1124     15 Apr 2004; <plasmaroo@gentoo.org>
1125     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1126     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1127     Version bump for the CAN-2004-0109 issue; bug #47881.
1128 aliz 1.23
1129     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1130     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1131     Add eutils to inherit.
1132 plasmaroo 1.22
1133     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1134    
1135     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1136     files/hardened-sources-2.4.24.munmap.patch:
1137     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1138 scox 1.19
1139 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1140 scox 1.26
1141 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1142     hardened-sources-2.4.24.ebuild:
1143     Version bump, updated most of the components.
1144     This release includes the following:
1145    
1146     - Hardened security
1147     - Netfilter patch-o-matic 20031219
1148     - FreeSWAN 2.04 & x509 1.4.8
1149     - EVMS 2.2.2
1150     - XFS 1.3.1
1151     - cryptoloop jari
1152     - grsecurity 2.0-rc4
1153     - SELinux
1154     - PaX 200402060000
1155     - PaX Obscurity 200308302223
1156     - Others...
1157    
1158     Neither -ck nor systrace are included anymore.
1159    
1160 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1161    
1162     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1163     hardened-sources-2.4.22-r2.ebuild:
1164 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1165 scox 1.19
1166     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1167 iggy 1.17
1168     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1169 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1170 iggy 1.16
1171     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1172 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1173     Version bump for the 'do_brk' vulnerability.
1174 iggy 1.15
1175     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1176     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1177     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1178     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1179 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1180 frogger 1.14
1181     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1182     hardened-sources-2.4.22.ebuild:
1183 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1184     components. These are no longer handled in the kernel
1185     so this code was not necessary.
1186 frogger 1.13
1187     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1188     New 2.4.22 based hardened-sources thanks to
1189     Phil West <p.west@computer.org>.
1190    
1191     These sources include:
1192 plasmaroo 1.18 - New SELinux API
1193     - Updated CK-base
1194     - Updated GRSec
1195     - Systrace
1196     - SuperFreeS/WAN 1.99.8
1197     - Propolice kernel build support
1198     - EVMS
1199     - Other various security related patches
1200 frogger 1.11
1201 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1202    
1203     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1204     Updated hardened-sources based on the 2.4.21 Linux kernel.
1205     This includes updates to most major components such as:
1206 plasmaroo 1.18 - ck-base-0306300059
1207     - selinux-2.4-2003071106
1208     - grsecurity-2.0-rc1
1209     - Updated IPTables patch-o-matic
1210     - Updated SuperFreeS/WAN
1211    
1212 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1213     updated patch set ready for the 2.4.21 based kernel.
1214    
1215 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1216     Initial import of hardened-sources-2.4.20-r4. This revision
1217     includes only a few changes, but one of these is an important
1218     security fix. It is recommended all users of hardened-sources
1219     upgrade to this release.
1220 plasmaroo 1.18
1221 frogger 1.11 - ioperm bug fix
1222     - fixed compilation failure when building without GRSec
1223 plasmaroo 1.18
1224 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1225     due to time constraints, but is planned for inclusion in the near
1226     future.
1227 msterret 1.10
1228     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1229    
1230     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1231     hardened-sources-2.4.20-r3.ebuild:
1232 plasmaroo 1.18 Add Header...
1233 frogger 1.9
1234     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1235     hardened-sources-2.4.20-r3.ebuild:
1236     Removed warnings from ebuild. This kernel should be safe to
1237     use at this point.
1238 frogger 1.8
1239     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1240    
1241     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1242     hardened-sources-2.4.20-r3.ebuild:
1243     New revision. Includes the following changes over -r2:
1244 plasmaroo 1.18
1245 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1246     - Super FreeS/WAN 1.99.7rc2
1247     - PaX for the LSM/SELinux branch
1248     - GRSecurity 2.0-pre4 (role based access control)
1249     - Systrace 1.3
1250     - EXT3 fixes
1251     - EVMS 2.0.1
1252     - GCC 3.1+ compile optimizations
1253     - ProPolice kernel build support
1254     - Hashing table security fixes
1255 frogger 1.3
1256     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1257 frogger 1.7
1258     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1259     Initial import of hardened-sources-r2. This new
1260     ebuild includes many new performance and security
1261     related patches. As in -r1, it will patch in
1262     LSM/SELinux if "selinux" is in USE, otherwise it
1263     will patch in GRSecurity. The following patches
1264     are included in this revision:
1265 plasmaroo 1.18
1266 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1267     (pulled from the base CK patch)
1268     - ptrace exploit patch for the LSM kernel
1269     (the GRSec patch already fixes this)
1270     - LSM 2.4-2003040709
1271     - SELinux 2.4-2003040709
1272     - Systrace v1.2
1273     - IPTables patch-o-matic base patches - 20030107
1274     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1275     - Super FreeS/WAN 1.99.6.1
1276     - GRSecurity 1.9.9g
1277     - MPPE
1278     - EXT3 data journal fix
1279     - CIPE 1.5.4
1280 frogger 1.6
1281     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1282     hardened-sources-2.4.20-r1.ebuild, manifest:
1283 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1284 frogger 1.5
1285     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1286     hardened-sources-2.4.20-r1.ebuild:
1287     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1288     is patched in instead. Ptrace patches for selinux have also been added. In
1289     either case, systrace support will be patched in as well.
1290 frogger 1.3
1291     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1292     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1293 plasmaroo 1.18 Revision bump for new sources.
1294 frogger 1.4
1295 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1296 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1297 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1298 method 1.1
1299 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1300    
1301 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1302     hardened-sources-2.4.20.ebuild:
1303 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20