/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.211 - (hide annotations) (download)
Sat Mar 22 20:34:58 2008 UTC (6 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.210: +12 -1 lines
Revision bump, thanks to Kerin Miller.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.211 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.210 2008/02/27 16:04:18 solar Exp $
4    
5     *hardened-sources-2.6.23-r9 (22 Mar 2008)
6    
7     22 Mar 2008; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.23-r9.ebuild:
9     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
10     * Change the default GIDs for some grsecurity options
11     * Revamp the Hardened [Gentoo] security level and make it the default level
12     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
13     * Fix a recursive lock -- call to capable() within ptrace_attach()
14     * Fix bug that allows audit and iscsi operations to be controlled via netlink
15 solar 1.210
16     *hardened-sources-2.6.23-r8 (27 Feb 2008)
17    
18     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
19     - version bump from Kerin Millar bug 210026
20 solar 1.209
21     17 Feb 2008; <solar@gentoo.org> metadata.xml,
22     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
23     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
24     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
25     - stable on x86 and remove old ebuilds
26 solar 1.207
27     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
28 solar 1.208 - stable on amd64 per request of amd64 lead
29 solar 1.206
30     *hardened-sources-2.6.23-r7 (11 Feb 2008)
31    
32     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
33     - version bump from kerin.millar
34     Changes:
35    
36     * Bump to genpatches-base-2.6.23-9
37     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
38     * Disables COMPAT_VDSO in x86/defconfig
39     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
40 phreak 1.205
41     25 Jan 2008; Christian Heim <phreak@gentoo.org>
42     -hardened-sources-2.6.22-r8.ebuild:
43     Cleaning up old versions.
44 phreak 1.204
45     *hardened-sources-2.6.23-r6 (25 Jan 2008)
46    
47     25 Jan 2008; Christian Heim <phreak@gentoo.org>
48     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
49     Revision bump, pulling in the latest genpatches.
50 phreak 1.203
51     *hardened-sources-2.6.23-r5 (24 Dec 2007)
52    
53     24 Dec 2007; Christian Heim <phreak@gentoo.org>
54     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
55     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
56     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
57     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
58 phreak 1.202
59     24 Dec 2007; Christian Heim <phreak@gentoo.org>
60     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
61     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
62     -hardened-sources-2.6.23-r3.ebuild:
63     Cleaning out some unused, old versions.
64 phreak 1.201
65     24 Dec 2007; Christian Heim <phreak@gentoo.org>
66     hardened-sources-2.6.23-r4.ebuild:
67     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
68     in the tree for long, but there isn't much of a difference between this and
69     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
70 phreak 1.200
71     *hardened-sources-2.6.23-r4 (23 Dec 2007)
72    
73     23 Dec 2007; Christian Heim <phreak@gentoo.org>
74     +hardened-sources-2.6.23-r4.ebuild:
75     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
76 phreak 1.199
77     *hardened-sources-2.6.23-r3 (04 Dec 2007)
78    
79     04 Dec 2007; Christian Heim <phreak@gentoo.org>
80     +hardened-sources-2.6.23-r3.ebuild:
81     Revision bump, pulling in 2.6.23.9.
82 phreak 1.198
83     *hardened-sources-2.6.23-r2 (25 Nov 2007)
84    
85     25 Nov 2007; Christian Heim <phreak@gentoo.org>
86     +hardened-sources-2.6.23-r2.ebuild:
87     Updated patchset, thanks to solar.
88 phreak 1.197
89     *hardened-sources-2.6.23-r1 (31 Oct 2007)
90    
91     31 Oct 2007; Christian Heim <phreak@gentoo.org>
92     +hardened-sources-2.6.23-r1.ebuild:
93     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
94 solar 1.196
95     29 Oct 2007; <solar@gentoo.org> metadata.xml:
96     - update metadata.xml
97 phreak 1.195
98     25 Oct 2007; Christian Heim <phreak@gentoo.org>
99     hardened-sources-2.6.22-r8.ebuild:
100     Marking 2.6.22-r8 stable on amd64 and x86.
101 phreak 1.194
102     21 Oct 2007; Christian Heim <phreak@gentoo.org>
103     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
104     -hardened-sources-2.6.21-r4.ebuild:
105     Removing old ebuilds.
106 phreak 1.193
107     *hardened-sources-2.4.35-r2 (21 Oct 2007)
108    
109     21 Oct 2007; Christian Heim <phreak@gentoo.org>
110     +hardened-sources-2.4.35-r2.ebuild:
111     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
112     patches.
113 phreak 1.192
114     *hardened-sources-2.6.22-r8 (21 Oct 2007)
115    
116     21 Oct 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.22-r8.ebuild:
118     Yet another new patch, hopefully fixing the remaining issues we had w/
119     2.6.22. Candidate for stabling.
120 phreak 1.191
121     *hardened-sources-2.6.23 (13 Oct 2007)
122    
123     13 Oct 2007; Christian Heim <phreak@gentoo.org>
124     +hardened-sources-2.6.23.ebuild:
125     Initial hardened-sources-2.6.23. If people still have problems w/ bug
126     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
127 phreak 1.190
128     11 Oct 2007; Christian Heim <phreak@gentoo.org>
129     hardened-sources-2.6.20-r10.ebuild:
130     Pulling in yet another new genpatches version, fixing the PWC bug for real.
131 phreak 1.189
132     04 Oct 2007; Christian Heim <phreak@gentoo.org>
133     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
134     Removing old versions.
135 phreak 1.188
136     *hardened-sources-2.6.22-r7 (01 Oct 2007)
137    
138     01 Oct 2007; Christian Heim <phreak@gentoo.org>
139     +hardened-sources-2.6.22-r7.ebuild:
140     Revision bump, pulling in a newer patch. Should fix #194276.
141 phreak 1.187
142     30 Sep 2007; Christian Heim <phreak@gentoo.org>
143     hardened-sources-2.6.20-r10.ebuild:
144     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
145     Mike Doty).
146 phreak 1.186
147     *hardened-sources-2.6.22-r6 (26 Sep 2007)
148    
149     26 Sep 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.22-r6.ebuild:
151     Revision bump, grabbing up till Linux 2.6.22.9.
152 phreak 1.185
153     24 Sep 2007; Christian Heim <phreak@gentoo.org>
154     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
155     Cleaning up further.
156 phreak 1.184
157     *hardened-sources-2.6.20-r10 (24 Sep 2007)
158    
159     24 Sep 2007; Christian Heim <phreak@gentoo.org>
160     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
161     +hardened-sources-2.6.20-r10.ebuild:
162     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
163     revisions.
164 phreak 1.183
165     *hardened-sources-2.6.22-r5 (22 Sep 2007)
166    
167     22 Sep 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.6.22-r5.ebuild:
169     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
170 phreak 1.182
171     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
172     Removing johnm from metadata.xml (see #186467 for reference).
173 phreak 1.181
174     *hardened-sources-2.6.22-r4 (17 Sep 2007)
175    
176     17 Sep 2007; Christian Heim <phreak@gentoo.org>
177     +hardened-sources-2.6.22-r4.ebuild:
178     Revision bump, hopefully fixing all those weird PAX failures.
179 phreak 1.180
180     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
181     Updating the metadata.xml.
182 phreak 1.179
183     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
184     Removing tocharian from metadata due to his retirement (see #71718 for
185     reference).
186 phreak 1.178
187     *hardened-sources-2.6.20-r9 (30 Aug 2007)
188    
189     30 Aug 2007; Christian Heim <phreak@gentoo.org>
190     +hardened-sources-2.6.20-r9.ebuild:
191     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
192 phreak 1.177
193     29 Aug 2007; Christian Heim <phreak@gentoo.org>
194     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
195     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
196     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
197     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
198     -hardened-sources-2.6.22-r2.ebuild:
199     Removing some redundant versions.
200 phreak 1.176
201     *hardened-sources-2.4.35-r1 (29 Aug 2007)
202    
203     29 Aug 2007; Christian Heim <phreak@gentoo.org>
204     +hardened-sources-2.4.35-r1.ebuild:
205     Revision bump, new grsecurity patch.
206 phreak 1.175
207     *hardened-sources-2.6.20-r8 (26 Aug 2007)
208    
209     26 Aug 2007; Christian Heim <phreak@gentoo.org>
210     +hardened-sources-2.6.20-r8.ebuild:
211     Revision bump for Linux 2.6.20.17.
212 phreak 1.174
213     *hardened-sources-2.6.22-r3 (22 Aug 2007)
214    
215     22 Aug 2007; Christian Heim <phreak@gentoo.org>
216     +hardened-sources-2.6.22-r3.ebuild:
217     Revision bump for Linux 2.6.22.4.
218 phreak 1.173
219     16 Aug 2007; Christian Heim <phreak@gentoo.org>
220     hardened-sources-2.6.22-r2.ebuild:
221     Updated patchset, to fix the alignment against 2.6.22.3.
222 phreak 1.172
223     *hardened-sources-2.6.22-r2 (16 Aug 2007)
224    
225     16 Aug 2007; Christian Heim <phreak@gentoo.org>
226     +hardened-sources-2.6.22-r2.ebuild:
227     Revision bump for Linux 2.6.22.3.
228 phreak 1.171
229     *hardened-sources-2.4.35 (16 Aug 2007)
230    
231     16 Aug 2007; Christian Heim <phreak@gentoo.org>
232     +hardened-sources-2.4.35.ebuild:
233     Version bump, initial version for Linux 2.4.35.
234 phreak 1.170
235     *hardened-sources-2.6.21-r4 (16 Aug 2007)
236    
237     16 Aug 2007; Christian Heim <phreak@gentoo.org>
238     +hardened-sources-2.6.21-r4.ebuild:
239     Revision bump for Linux 2.6.21.6.
240 phreak 1.169
241     *hardened-sources-2.6.20-r7 (16 Aug 2007)
242    
243     16 Aug 2007; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.6.20-r7.ebuild:
245     Revision bump for Linux 2.6.20.16.
246 phreak 1.168
247     *hardened-sources-2.6.22-r1 (13 Aug 2007)
248    
249     13 Aug 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.22-r1.ebuild:
251     Yet another revision bump.
252 phreak 1.167
253     *hardened-sources-2.6.22 (10 Aug 2007)
254    
255     10 Aug 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.22.ebuild:
257     Initial release for 2.6.22. If you are using hardened-sources on a desktop
258     machine (P4 or newer), be aware you might need to disable
259     CONFIG_PAX_PAGEEXEC.
260 phreak 1.166
261     04 Aug 2007; Christian Heim <phreak@gentoo.org>
262     hardened-sources-2.6.20-r6.ebuild:
263     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
264     2.6.20.15.
265 phreak 1.165
266     10 Jul 2007; Christian Heim <phreak@gentoo.org>
267     hardened-sources-2.6.20-r5.ebuild:
268     Marking hardened-sources-2.6.20-r5 stable on ppc.
269 phreak 1.164
270     10 Jul 2007; Christian Heim <phreak@gentoo.org>
271     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
272     Cleanup.
273 phreak 1.163
274     *hardened-sources-2.6.20-r6 (08 Jul 2007)
275    
276     08 Jul 2007; Christian Heim <phreak@gentoo.org>
277     +hardened-sources-2.6.20-r6.ebuild:
278     Revision bump, grabbing yet another stable release.
279 phreak 1.162
280     17 Jun 2007; Christian Heim <phreak@gentoo.org>
281     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
282     -hardened-sources-2.6.21-r2.ebuild:
283     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
284     alpha stable KEYWORD by mistake.
285 phreak 1.161
286     17 Jun 2007; Christian Heim <phreak@gentoo.org>
287     hardened-sources-2.6.20-r5.ebuild:
288     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
289     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
290 phreak 1.160
291     *hardened-sources-2.6.21-r3 (12 Jun 2007)
292    
293     12 Jun 2007; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.21-r3.ebuild:
295     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
296     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
297     love.
298 phreak 1.159
299     *hardened-sources-2.6.20-r5 (11 Jun 2007)
300    
301     11 Jun 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.20-r5.ebuild:
303     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
304     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
305     love.
306 pappy 1.158
307     *hardened-sources-2.4.34.5 (11 Jun 2007)
308    
309     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
310     +hardened-sources-2.4.34.5.ebuild:
311     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
312 phreak 1.157
313     30 May 2007; Christian Heim <phreak@gentoo.org>
314     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
315     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
316     stale ebuild(s).
317 phreak 1.156
318     30 May 2007; Christian Heim <phreak@gentoo.org>
319     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
320     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
321     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
322     Doing some cleanups, remove stale ebuilds.
323 phreak 1.155
324     26 May 2007; Christian Heim <phreak@gentoo.org>
325     hardened-sources-2.6.21-r2.ebuild:
326     Fixing the grsecurity patch, had one '};' too much.
327 phreak 1.154
328     *hardened-sources-2.6.21-r2 (26 May 2007)
329    
330     26 May 2007; Christian Heim <phreak@gentoo.org>
331     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
332     +hardened-sources-2.6.21-r2.ebuild:
333     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
334     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
335 phreak 1.153
336     *hardened-sources-2.6.20-r4 (26 May 2007)
337    
338     26 May 2007; Christian Heim <phreak@gentoo.org>
339     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
340     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
341 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
342 phreak 1.152
343     15 May 2007; Christian Heim <phreak@gentoo.org>
344     hardened-sources-2.6.20-r3.ebuild:
345     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
346     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
347     grsecurity patch fail in that exact same hunk.
348 phreak 1.151
349     *hardened-sources-2.6.20-r3 (15 May 2007)
350    
351     15 May 2007; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
353     Revision bump, incorporating Linux 2.6.20.11.
354    
355     *hardened-sources-2.6.21-r1 (11 May 2007)
356    
357     11 May 2007; Christian Heim <phreak@gentoo.org>
358     +hardened-sources-2.6.21-r1.ebuild:
359     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
360     mentioned in #177234.
361 kevquinn 1.150
362     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
363     files/digest-hardened-sources-2.6.21, Manifest:
364     Fix Manifest/digest for linux-2.6.21.tar.bz2
365 phreak 1.149
366     06 May 2007; Christian Heim <phreak@gentoo.org>
367     hardened-sources-2.6.21.ebuild:
368     Bumping the hardened-patches version, needed for the fix for #177234.
369 phreak 1.148
370     *hardened-sources-2.6.21 (02 May 2007)
371    
372     02 May 2007; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.21.ebuild:
374     Version bump, Linux 2.6.21-hardened.
375 phreak 1.147
376     29 Apr 2007; Christian Heim <phreak@gentoo.org>
377     hardened-sources-2.6.20-r2.ebuild:
378     Adding ~ia64 on Ned's request.
379 phreak 1.146
380     29 Apr 2007; Christian Heim <phreak@gentoo.org>
381     hardened-sources-2.6.20-r2.ebuild:
382     Fixing the included grsecurity patch, wasn't alligning due to the Index:
383     header line(s).
384 phreak 1.145
385     29 Apr 2007; Christian Heim <phreak@gentoo.org>
386     hardened-sources-2.6.20-r2.ebuild:
387     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
388 armin76 1.144
389     *hardened-sources-2.6.20-r2 (10 Apr 2007)
390    
391     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
392     +hardened-sources-2.6.20-r2.ebuild:
393     Version bump, on behalf of phreak
394 phreak 1.143
395     *hardened-sources-2.6.20-r1 (04 Apr 2007)
396    
397     04 Apr 2007; Christian Heim <phreak@gentoo.org>
398     +hardened-sources-2.6.20-r1.ebuild:
399     Revision bump, grabbing a newer grsecurity snapshot.
400 phreak 1.142
401     *hardened-sources-2.6.20 (25 Mar 2007)
402    
403     25 Mar 2007; Christian Heim <phreak@gentoo.org>
404     +hardened-sources-2.6.20.ebuild:
405     Finally a hardened-sources version for 2.6.20; many people have been waiting
406     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
407     testbox.
408 chainsaw 1.141
409     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
410     hardened-sources-2.6.18-r6.ebuild:
411     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
412 phreak 1.140
413     *hardened-sources-2.6.18-r6 (16 Mar 2007)
414    
415     16 Mar 2007; Christian Heim <phreak@gentoo.org>
416     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
417     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
418     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
419     supposed to be.
420 phreak 1.139
421     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
422     Fixing the Manifest, the previous one was broken (as in still had the
423     deleted ebuild in it).
424 phreak 1.138
425     06 Mar 2007; Christian Heim <phreak@gentoo.org>
426     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
427     +hardened-sources-2.6.18-r5.ebuild:
428     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
429     Linux 2.6.18.8. Also cleaning up the older version.
430    
431     *hardened-sources-2.6.18-r5 (06 Mar 2007)
432    
433     06 Mar 2007; Christian Heim <phreak@gentoo.org>
434     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
435     +hardened-sources-2.6.18-r5.ebuild:
436     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
437     Linux 2.6.18.8. Also cleaning up the older version.
438 phreak 1.137
439     24 Feb 2007; Christian Heim <phreak@gentoo.org>
440     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
441     -hardened-sources-2.6.19-r5.ebuild:
442     Removing some of the old version, that didn't work.
443 phreak 1.136
444     *hardened-sources-2.6.19-r6 (12 Feb 2007)
445    
446     12 Feb 2007; Christian Heim <phreak@gentoo.org>
447     +hardened-sources-2.6.19-r6.ebuild:
448     Revision bump, including a new grsec version fixing #166235.
449 pappy 1.134
450     *hardened-sources-2.4.34 (24 Jan 2007)
451    
452     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
453 pappy 1.135 Manifest:
454     updating Manifest with checksums of new tarball and ebuild
455    
456     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
457 pappy 1.134 +hardened-sources-2.4.34.ebuild:
458     I added new hardened sources 2.4 update, this is a critical path
459     security bugfix - all users of h-s are strongly advised
460     to update their existing hardened sources to this version.
461     It contains a fix for a kernel vulnerability that is pertaining
462     to the PaX changes to virtual memory management, possibly leading
463     to a local kernel exploit ... see grsecurity.net forums and homepage
464 phreak 1.133
465     23 Jan 2007; Christian Heim <phreak@gentoo.org>
466     files/digest-hardened-sources-2.6.19-r5, Manifest:
467     Fixing the patch-tarball digest.
468 phreak 1.132
469     *hardened-sources-2.6.19-r5 (23 Jan 2007)
470    
471     23 Jan 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.19-r5.ebuild:
473     Revision bump, closing the recently discovered PaX expand_stack()
474     vulnerability.
475 phreak 1.131
476     *hardened-sources-2.6.19-r4 (14 Jan 2007)
477    
478     14 Jan 2007; Christian Heim <phreak@gentoo.org>
479     +hardened-sources-2.6.19-r4.ebuild:
480     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
481     dropping the randomized PID feature.
482 opfer 1.130
483     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
484     hardened-sources-2.4.33.4.ebuild:
485     stable x86, bug #161171
486 phreak 1.129
487     *hardened-sources-2.6.19-r3 (27 Dec 2006)
488    
489     27 Dec 2006; Christian Heim <phreak@gentoo.org>
490     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
491     Revision bump for bug #157186 and #158786.
492 phreak 1.128
493     *hardened-sources-2.6.18-r4 (27 Dec 2006)
494    
495     27 Dec 2006; Christian Heim <phreak@gentoo.org>
496     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
497     Revision bump for bug #157186.
498 phreak 1.127
499     *hardened-sources-2.6.19-r2 (23 Dec 2006)
500    
501     23 Dec 2006; Christian Heim <phreak@gentoo.org>
502     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
503     Revision bump to pull in genpatches-2.6.19-3 for #157186.
504 phreak 1.126
505     17 Dec 2006; Christian Heim <phreak@gentoo.org>
506     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
507     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
508     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
509     hardened-sources-2.6.19-r1.ebuild:
510     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
511     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
512 pappy 1.125
513     *hardened-sources-2.4.33.4 (17 Dec 2006)
514    
515     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
516     +hardened-sources-2.4.33.4.ebuild:
517     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
518     and quilting
519 phreak 1.124
520     *hardened-sources-2.6.19-r1 (14 Dec 2006)
521    
522     14 Dec 2006; Christian Heim <phreak@gentoo.org>
523     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
524     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
525     for reporting).
526 phreak 1.123
527     *hardened-sources-2.6.19 (13 Dec 2006)
528    
529     13 Dec 2006; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.6.19.ebuild:
531     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
532     Brad for providing that prompt update.
533 phreak 1.122
534     *hardened-sources-2.6.18-r3 (13 Dec 2006)
535    
536     13 Dec 2006; Christian Heim <phreak@gentoo.org>
537     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
538     +hardened-sources-2.6.18-r3.ebuild:
539     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
540     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
541 phreak 1.121
542     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
543     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
544 nixnut 1.120
545     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
546     Stable on ppc wrt bug 157356
547 opfer 1.119
548     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
549     hardened-sources-2.6.18.ebuild:
550     stable x86, bug #157356
551 phreak 1.118
552     *hardened-sources-2.6.18-r2 (06 Dec 2006)
553    
554     06 Dec 2006; Christian Heim <phreak@gentoo.org>
555     +hardened-sources-2.6.18-r2.ebuild:
556     Revision bump, including 2.6.18.5 (via genpatches) and
557     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
558     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
559     redesign.
560 phreak 1.117
561     06 Dec 2006; Christian Heim <phreak@gentoo.org>
562     hardened-sources-2.6.18.ebuild:
563     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
564     of Mike Doty).
565 phreak 1.116
566     *hardened-sources-2.6.18-r1 (23 Nov 2006)
567    
568     23 Nov 2006; Christian Heim <phreak@gentoo.org>
569     +hardened-sources-2.6.18-r1.ebuild:
570     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
571 phreak 1.115
572     *hardened-sources-2.6.18 (11 Nov 2006)
573    
574     11 Nov 2006; Christian Heim <phreak@gentoo.org>
575     +hardened-sources-2.6.18.ebuild:
576     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
577 solar 1.114
578     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
579     - mark amd64 stable also. bug #151877
580 solar 1.113
581     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
582     - mark 2.6.17-r1 stable
583 phreak 1.112
584     27 Aug 2006; Christian Heim <phreak@gentoo.org>
585     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
586     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
587 phreak 1.111
588     *hardened-sources-2.6.17-r1 (26 Aug 2006)
589    
590     26 Aug 2006; Christian Heim <phreak@gentoo.org>
591     +hardened-sources-2.6.17-r1.ebuild:
592     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
593     grsecurity patch.
594 phreak 1.110
595     *hardened-sources-2.6.17 (17 Aug 2006)
596    
597     17 Aug 2006; Christian Heim <phreak@gentoo.org>
598     +hardened-sources-2.6.17.ebuild:
599     Bumping the hardened-sources-2.6 series to 2.6.17, using
600     genpatches-2.6.17-6.base.
601 solar 1.109
602     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
603     - stable on x86 and amd64
604 solar 1.108
605     *hardened-sources-2.6.16-r11 (15 Jul 2006)
606    
607     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
608     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
609     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
610     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
611     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
612     crusty ebuilds
613 johnm 1.107
614     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
615     hardened-sources-2.6.16-r10.ebuild:
616     marking stable on x86 and amd64
617 solar 1.106
618     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
619     - 2.4.32-r6 stable on x86. RSBAC state unknown
620 kang 1.105
621     *hardened-sources-2.4.32-r7 (10 Jul 2006)
622    
623     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
624     +hardened-sources-2.4.32-r7.ebuild:
625     Bump PaX for RSBAC to test-17
626 johnm 1.104
627     *hardened-sources-2.6.16-r9 (03 Jul 2006)
628    
629     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
630     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
631     hardened-sources-2.6.16 bump to latest -base.
632 solar 1.103
633     *hardened-sources-2.4.32-r6 (30 Jun 2006)
634    
635     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
636     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
637     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
638     sysctl controlable resource logging
639 johnm 1.102
640     *hardened-sources-2.6.16-r7 (05 Jun 2006)
641    
642     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
643     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
644     push new 2.6.16 release in preparation for stable
645 solar 1.101
646     22 May 2006; <solar@gentoo.org> :
647     - redigest bug 134002
648 kang 1.100
649     *hardened-sources-2.4.32-r5 (16 May 2006)
650    
651     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
652     +hardened-sources-2.4.32-r5.ebuild:
653     Fixes rsbac common patching (new patch in new -r5 patchset)
654 solar 1.99
655     *hardened-sources-2.4.32-r4 (13 May 2006)
656    
657     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
658     +hardened-sources-2.4.32-r4.ebuild:
659     - security bumps
660 johnm 1.98
661     *hardened-sources-2.6.16-r6 (03 May 2006)
662    
663     03 May 2006; John Mylchreest <johnm@gentoo.org>
664     +hardened-sources-2.6.16-r6.ebuild:
665     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
666 johnm 1.97
667     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
668     hardened-sources-2.6.14-r8.ebuild:
669     fix x86_64 build problem, this will delay the digest issue again for a short
670     while but it will sort itself out
671 johnm 1.96
672     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
673     hardened-sources-2.6.14-r8.ebuild:
674     bump hardened patchset
675 antarus 1.94
676     27 Apr 2006; Alec Warner <antarus@gentoo.org>
677     files/digest-hardened-sources-2.4.32-r2,
678     files/digest-hardened-sources-2.4.32-r3,
679     files/digest-hardened-sources-2.6.14-r8, Manifest:
680     Fixing duff SHA256 digests: Bug # 131293
681 johnm 1.93
682 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
683    
684     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
685     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
686     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
687     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
688     cleanup of old uneccessary sources
689    
690 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
691     fix digest
692 johnm 1.92
693     *hardened-sources-2.6.14-r8 (20 Apr 2006)
694    
695     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
696     +hardened-sources-2.6.14-r8.ebuild:
697     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
698 johnm 1.91
699     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
700     Turning on gpg-signing again, and recomitting
701 johnm 1.90
702     *hardened-sources-2.6.16-r4 (20 Apr 2006)
703    
704     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
705     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
706     +hardened-sources-2.6.16-r4.ebuild:
707     Fix numerous security vulns
708 solar 1.89
709     *hardened-sources-2.4.32-r3 (16 Apr 2006)
710    
711     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
712     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
713     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
714     - security bump for bug #112791. Removed old ebuilds
715 johnm 1.88
716     *hardened-sources-2.6.16-r3 (15 Apr 2006)
717    
718     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
719     +hardened-sources-2.6.16-r3.ebuild:
720     Removing silly localversion which I missed
721 johnm 1.87
722     *hardened-sources-2.6.14-r7 (14 Apr 2006)
723    
724     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
725     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
726     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
727 johnm 1.86
728     *hardened-sources-2.6.16-r2 (13 Apr 2006)
729    
730     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
731     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
732     +hardened-sources-2.6.16-r2.ebuild:
733     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
734     labels, dropping USERGROUP define fixes, since these were merged mainstream.
735 johnm 1.85
736     *hardened-sources-2.6.16-r1 (11 Apr 2006)
737    
738     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
739     +hardened-sources-2.6.16-r1.ebuild:
740     Bumping to include ppc build fix and 2.6.16.3
741 tsunam 1.84
742     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
743     hardened-sources-2.6.14-r6.ebuild:
744     Stable on x86; bug #127718
745 johnm 1.83
746     *hardened-sources-2.6.16 (31 Mar 2006)
747    
748     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
749     +hardened-sources-2.6.16.ebuild:
750     Bumping to new version of grsec, and kernel base. New squashfs. Based on
751     2.6.16.1
752 cryos 1.82
753     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
754     hardened-sources-2.6.14-r6.ebuild:
755     Stable on amd64, bug 127718.
756 nixnut 1.81
757     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
758     Stable on ppc. Bug #127718
759 johnm 1.80
760     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
761     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
762     -hardened-sources-2.6.14-r4.ebuild:
763     Cleanup.
764 johnm 1.79
765     *hardened-sources-2.6.14-r6 (15 Mar 2006)
766    
767     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
768     +hardened-sources-2.6.14-r6.ebuild:
769     Fixes grsec policy recreation bug and adds a
770     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
771 solar 1.78
772     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
773     - stable on x86
774 hansmi 1.77
775     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
776     hardened-sources-2.6.14-r5.ebuild:
777     Stable on ppc.
778 johnm 1.76
779     *hardened-sources-2.6.14-r5 (01 Feb 2006)
780    
781     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
782     +hardened-sources-2.6.14-r5.ebuild:
783     fixing every known exploit
784 solar 1.75
785     *hardened-sources-2.4.32-r2 (26 Jan 2006)
786    
787     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
788     +hardened-sources-2.4.32-r2.ebuild:
789     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
790 solar 1.74
791     *hardened-sources-2.6.14-r4 (12 Jan 2006)
792    
793     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
794     - version bump for new genpatches which fix up a few sec holes
795 solar 1.73
796     *hardened-sources-2.4.32-r1 (05 Jan 2006)
797    
798     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
799     - revision bump to add misc vital linux kernel security patches.
800 johnm 1.72
801     *hardened-sources-2.6.14-r3 (30 Dec 2005)
802    
803     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
804     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
805     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
806 johnm 1.71
807     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
808     hardened-sources-2.6.14-r2.ebuild:
809     making x86 & amd64 stable following testing.
810 johnm 1.70
811     *hardened-sources-2.6.14-r2 (27 Dec 2005)
812    
813     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
814     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
815     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
816     network hooks.
817 johnm 1.69
818     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
819     hardened-sources-2.6.14-r1.ebuild:
820     bumping to stable early for sec fix on x86 & amd64
821 johnm 1.68
822     *hardened-sources-2.6.14-r1 (05 Dec 2005)
823    
824     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
825     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
826     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
827 solar 1.67
828     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
829     - stable on x86 security bug #114227 CAN-2005-3257
830 kang 1.66
831     *hardened-sources-2.4.32 (19 Nov 2005)
832    
833     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
834     +hardened-sources-2.4.32.ebuild:
835     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
836     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
837     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
838     rsbac >> /etc/portage/package.use)
839 johnm 1.65
840     *hardened-sources-2.6.14 (14 Nov 2005)
841    
842     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
843     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
844     Bumping 2.6 series to 2.6.14.2
845 johnm 1.64
846     *hardened-sources-2.6.13-r2 (20 Oct 2005)
847    
848     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
849     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
850     +hardened-sources-2.6.13-r2.ebuild:
851     Fixes minor build error in ppc.
852 johnm 1.63
853     *hardened-sources-2.6.13-r1 (17 Oct 2005)
854    
855     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
856     +hardened-sources-2.6.13-r1.ebuild:
857     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
858     2.6.13.4, fixes some major amd64 stability problems.
859 johnm 1.62
860     *hardened-sources-2.6.13 (16 Sep 2005)
861    
862     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
863     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
864     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
865     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
866     users should test this thoroughly.
867 solar 1.61
868     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
869     - stable on x86
870 johnm 1.60
871     *hardened-sources-2.6.11-r15 (27 Jun 2005)
872    
873     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
874     +hardened-sources-2.6.11-r15.ebuild:
875     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
876     grsec redefining curr_ip struct.
877 solar 1.59
878     *hardened-sources-2.4.31 (20 Jun 2005)
879    
880     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
881     initial import of 2.4.31 tree
882 johnm 1.58
883     *hardened-sources-2.6.11-r14 (14 Jun 2005)
884    
885     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
886     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
887     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
888     naming scheme to abide by genpatches
889 johnm 1.57
890     *hardened-sources-2.6.11-r13 (18 May 2005)
891    
892     18 May 2005; John Mylchreest <johnm@gentoo.org>
893     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
894     Managed to mangle the Makefile patch from grsec, to miss out the grsec
895     target. sorry about that. Fixes bug #93022
896 johnm 1.56
897     *hardened-sources-2.6.11-r12 (17 May 2005)
898    
899     17 May 2005; John Mylchreest <johnm@gentoo.org>
900     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
901     +hardened-sources-2.6.11-r12.ebuild:
902     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
903     merges in genpatches-base
904 johnm 1.55
905     *hardened-sources-2.6.11-r12 (17 May 2005)
906    
907     17 May 2005; John Mylchreest <johnm@gentoo.org>
908     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
909     +hardened-sources-2.6.11-r12.ebuild:
910     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
911     merges in genpatches-base
912 solar 1.54
913     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
914     -files/2.4.27-cmdline-race.patch,
915     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
916     -files/2.4.28-grsec-binfmt_a.out.patch,
917     -files/2.4.28-grsec-cmdline-race.patch,
918     -files/2.4.28-selinux-binfmt_a.out.patch,
919     -files/2.4.28-selinux-cmdline-race.patch,
920     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
921     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
922     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
923     cleanup..
924 solar 1.53
925     *hardened-sources-2.4.30-r1 (21 Apr 2005)
926    
927     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
928     - disable aout by default
929 solar 1.52
930     *hardened-sources-2.4.30 (18 Apr 2005)
931    
932     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
933     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
934     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
935     use
936 tocharian 1.50
937 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
938    
939     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
940     +hardened-sources-2.4.29.ebuild:
941     New hardened-patches-2.4-29.0 patchball.
942     Removed SELinux support, upgraded GRSecurity to 2.1.4.
943    
944     *hardened-sources-2.4.28-r5 (06 Mar 2005)
945    
946     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
947     +hardened-sources-2.4.28-r5.ebuild:
948     Added a fix for a PaX vulnerability.
949    
950     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
951 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
952     Stable on x86
953 solar 1.49
954     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
955     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
956     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
957     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
958     - fixed/added RDEPEND= in all kernel-2 ebuilds
959 tocharian 1.48
960     *hardened-sources-2.4.28-r4 (21 Jan 2005)
961    
962     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
963     +hardened-sources-2.4.28-r4.ebuild:
964     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
965     backport of neighbour hash updates.
966 tocharian 1.47
967     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
968     hardened-sources-2.4.28-r3.ebuild:
969     Stable on x86
970 tseng 1.46
971     *hardened-sources-2.6.10-r3 (20 Jan 2005)
972    
973     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
974     +hardened-sources-2.6.10-r3.ebuild:
975     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
976     in 2005.0
977 tocharian 1.45
978     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
979     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
980     hardened-sources-2.4.28-r2.ebuild:
981     Mark stable on x86
982 tocharian 1.44
983     *hardened-sources-2.4.28-r3 (17 Jan 2005)
984    
985     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
986     +hardened-sources-2.4.28-r3.ebuild:
987     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
988 tocharian 1.43
989     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
990     hardened-sources-2.4.28.ebuild:
991     Mark stable on x86.
992 tocharian 1.42
993     *hardened-sources-2.4.28-r2 (13 Jan 2005)
994    
995     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
996     +hardened-sources-2.4.28-r2.ebuild:
997     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
998     Mazinger for grsecurity patches as well.
999 plasmaroo 1.41
1000     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1001    
1002     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1003     Security bump. Thank tocharian for rolling a new patchset...
1004 solar 1.40
1005     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1006     +files/2.4.28-grsec-cmdline-race.patch,
1007     +files/2.4.28-selinux-binfmt_a.out.patch,
1008     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1009     - Round up remaining security patches that appear to be missing in 2.4.28. -
1010     PaX standalone updated to current. hgpv=28.1
1011 solar 1.39
1012     *hardened-sources-2.4.28 (28 Nov 2004)
1013    
1014     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1015     security bump. Thank tocharian for rolling a new patchset
1016 scox 1.31
1017 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1018    
1019     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1020     +hardened-sources-2.4.27-r3.ebuild:
1021     Applies the new 2.4-27.2 patchball which updates
1022     GRSecurity to the 2.0.1 version.
1023    
1024 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1025    
1026     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1027     +hardened-sources-2.4.27-r2.ebuild:
1028     Version bump.
1029     This version uses the new 2.4-27.1 patchball which updates
1030     both the SELinux PaX hooks patch and the SELinux headers.
1031    
1032 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1033    
1034     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1035     +hardened-sources-2.4.27-r1.ebuild,
1036     -hardened-sources-2.4.27.ebuild,
1037     +files/2.4.27-cmdline-race.patch:
1038     Version bump, fix for cmdline race. See bug #59905.
1039    
1040     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1041    
1042     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1043     +hardened-sources-2.4.26-r6.ebuild,
1044     -hardened-sources-2.4.26-r5.ebuild,
1045     -hardened-sources-2.4.26-r4.ebuild,
1046     +files/2.4.26-cmdline-race.patch:
1047     Version bump, fix for cmdline race. See bug #59905.
1048    
1049 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1050    
1051     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1052     +hardened-sources-2.4.27.ebuild,
1053     +files/2.4.27-CAN-2004-0394.patch:
1054     Ported the patchball to the 2.4.27 kernel version.
1055    
1056 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1057    
1058     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1059     +hardened-sources-2.4.26-r5.ebuild:
1060 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1061 scox 1.34 It adds the following features:
1062     - Squashfs
1063     - Ebtables
1064     - Netdev random (core+drivers)
1065     - Watchdog Timer (WDT) fix.
1066    
1067 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1068    
1069     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1070     +hardened-sources-2.4.26-r4.ebuild,
1071     +files/2.4.26-CAN-2004-0415.patch,
1072     -hardened-sources-2.4.26-3:
1073     Version bump, fix for CAN 0415, see bug #59378.
1074    
1075 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1076    
1077     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1078     +hardened-sources-2.4.26-r3.ebuild,
1079     +files/2.4.26-CAN-2004-0497.patch,
1080     -hardened-sources-2.4.26-r2.ebuild:
1081     Version bump, fixed CAN 0497, see bug #56171.
1082    
1083 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1084    
1085     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1086 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1087 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1088     +files/2.4.26-CAN-2004-0535.patch,
1089     -hardened-sources-2.4.26-r1.ebuild:
1090     Fixes for both CAN 0495 and 0535, see bug #54976
1091 pvdabeel 1.27
1092 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1093     hardened-sources-2.4.26-r1.ebuild:
1094     QA - fix use invocation
1095 scox 1.28
1096     *hardened-sources-2.4.26-r1 (22 June 2004)
1097    
1098     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1099     +hardened-sources-2.4.26-r1.ebuild,
1100     +files/2.4.26-CAN-2004-0394.patch,
1101     +files/2.4.26-signal-race.patch,
1102     -hardened-sources-2.4.26.ebuild,
1103     -hardened-sources-2.4.24-r3.ebuild:
1104     Version bump for the CAN-2004-0394 issue and bug #53804
1105     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1106    
1107    
1108 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1109     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1110     Masked hardened-sources-2.4.26.ebuild broken for ppc
1111    
1112     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1113     hardened-sources-2.4.24-r3.ebuild:
1114     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1115 plasmaroo 1.25
1116 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1117    
1118     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1119     +hardened-sources-2.4.26.ebuild:
1120     Updated hardened-sources for the 2.4.26 kernel
1121     Removed broken components, updated almost everything.
1122    
1123 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1124    
1125     17 Apr 2004; <plasmaroo@gentoo.org>
1126     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1127     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1128     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1129     +hardened-sources-2.4.24-r3.ebuild:
1130     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1131     vulnerabilities. Old revisions removed.
1132 plasmaroo 1.24
1133     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1134    
1135     15 Apr 2004; <plasmaroo@gentoo.org>
1136     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1137     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1138     Version bump for the CAN-2004-0109 issue; bug #47881.
1139 aliz 1.23
1140     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1141     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1142     Add eutils to inherit.
1143 plasmaroo 1.22
1144     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1145    
1146     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1147     files/hardened-sources-2.4.24.munmap.patch:
1148     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1149 scox 1.19
1150 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1151 scox 1.26
1152 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1153     hardened-sources-2.4.24.ebuild:
1154     Version bump, updated most of the components.
1155     This release includes the following:
1156    
1157     - Hardened security
1158     - Netfilter patch-o-matic 20031219
1159     - FreeSWAN 2.04 & x509 1.4.8
1160     - EVMS 2.2.2
1161     - XFS 1.3.1
1162     - cryptoloop jari
1163     - grsecurity 2.0-rc4
1164     - SELinux
1165     - PaX 200402060000
1166     - PaX Obscurity 200308302223
1167     - Others...
1168    
1169     Neither -ck nor systrace are included anymore.
1170    
1171 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1172    
1173     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1174     hardened-sources-2.4.22-r2.ebuild:
1175 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1176 scox 1.19
1177     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1178 iggy 1.17
1179     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1180 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1181 iggy 1.16
1182     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1183 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1184     Version bump for the 'do_brk' vulnerability.
1185 iggy 1.15
1186     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1187     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1188     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1189     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1190 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1191 frogger 1.14
1192     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1193     hardened-sources-2.4.22.ebuild:
1194 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1195     components. These are no longer handled in the kernel
1196     so this code was not necessary.
1197 frogger 1.13
1198     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1199     New 2.4.22 based hardened-sources thanks to
1200     Phil West <p.west@computer.org>.
1201    
1202     These sources include:
1203 plasmaroo 1.18 - New SELinux API
1204     - Updated CK-base
1205     - Updated GRSec
1206     - Systrace
1207     - SuperFreeS/WAN 1.99.8
1208     - Propolice kernel build support
1209     - EVMS
1210     - Other various security related patches
1211 frogger 1.11
1212 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1213    
1214     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1215     Updated hardened-sources based on the 2.4.21 Linux kernel.
1216     This includes updates to most major components such as:
1217 plasmaroo 1.18 - ck-base-0306300059
1218     - selinux-2.4-2003071106
1219     - grsecurity-2.0-rc1
1220     - Updated IPTables patch-o-matic
1221     - Updated SuperFreeS/WAN
1222    
1223 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1224     updated patch set ready for the 2.4.21 based kernel.
1225    
1226 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1227     Initial import of hardened-sources-2.4.20-r4. This revision
1228     includes only a few changes, but one of these is an important
1229     security fix. It is recommended all users of hardened-sources
1230     upgrade to this release.
1231 plasmaroo 1.18
1232 frogger 1.11 - ioperm bug fix
1233     - fixed compilation failure when building without GRSec
1234 plasmaroo 1.18
1235 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1236     due to time constraints, but is planned for inclusion in the near
1237     future.
1238 msterret 1.10
1239     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1240    
1241     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1242     hardened-sources-2.4.20-r3.ebuild:
1243 plasmaroo 1.18 Add Header...
1244 frogger 1.9
1245     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1246     hardened-sources-2.4.20-r3.ebuild:
1247     Removed warnings from ebuild. This kernel should be safe to
1248     use at this point.
1249 frogger 1.8
1250     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1251    
1252     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1253     hardened-sources-2.4.20-r3.ebuild:
1254     New revision. Includes the following changes over -r2:
1255 plasmaroo 1.18
1256 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1257     - Super FreeS/WAN 1.99.7rc2
1258     - PaX for the LSM/SELinux branch
1259     - GRSecurity 2.0-pre4 (role based access control)
1260     - Systrace 1.3
1261     - EXT3 fixes
1262     - EVMS 2.0.1
1263     - GCC 3.1+ compile optimizations
1264     - ProPolice kernel build support
1265     - Hashing table security fixes
1266 frogger 1.3
1267     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1268 frogger 1.7
1269     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1270     Initial import of hardened-sources-r2. This new
1271     ebuild includes many new performance and security
1272     related patches. As in -r1, it will patch in
1273     LSM/SELinux if "selinux" is in USE, otherwise it
1274     will patch in GRSecurity. The following patches
1275     are included in this revision:
1276 plasmaroo 1.18
1277 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1278     (pulled from the base CK patch)
1279     - ptrace exploit patch for the LSM kernel
1280     (the GRSec patch already fixes this)
1281     - LSM 2.4-2003040709
1282     - SELinux 2.4-2003040709
1283     - Systrace v1.2
1284     - IPTables patch-o-matic base patches - 20030107
1285     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1286     - Super FreeS/WAN 1.99.6.1
1287     - GRSecurity 1.9.9g
1288     - MPPE
1289     - EXT3 data journal fix
1290     - CIPE 1.5.4
1291 frogger 1.6
1292     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1293     hardened-sources-2.4.20-r1.ebuild, manifest:
1294 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1295 frogger 1.5
1296     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1297     hardened-sources-2.4.20-r1.ebuild:
1298     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1299     is patched in instead. Ptrace patches for selinux have also been added. In
1300     either case, systrace support will be patched in as well.
1301 frogger 1.3
1302     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1303     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1304 plasmaroo 1.18 Revision bump for new sources.
1305 frogger 1.4
1306 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1307 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1308 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1309 method 1.1
1310 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1311    
1312 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1313     hardened-sources-2.4.20.ebuild:
1314 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20