/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.212 - (hide annotations) (download)
Mon Mar 24 15:05:49 2008 UTC (6 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.211: +5 -1 lines
Fixing SRC_URI for 2.4.35-r2.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.212 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.211 2008/03/22 20:34:58 phreak Exp $
4    
5     24 Mar 2008; Christian Heim <phreak@gentoo.org>
6     hardened-sources-2.4.35-r2.ebuild:
7     Fixing SRC_URI for 2.4.35-r2.
8 phreak 1.211
9     *hardened-sources-2.6.23-r9 (22 Mar 2008)
10    
11     22 Mar 2008; Christian Heim <phreak@gentoo.org>
12     +hardened-sources-2.6.23-r9.ebuild:
13     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
14     * Change the default GIDs for some grsecurity options
15     * Revamp the Hardened [Gentoo] security level and make it the default level
16     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
17     * Fix a recursive lock -- call to capable() within ptrace_attach()
18     * Fix bug that allows audit and iscsi operations to be controlled via netlink
19 solar 1.210
20     *hardened-sources-2.6.23-r8 (27 Feb 2008)
21    
22     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
23     - version bump from Kerin Millar bug 210026
24 solar 1.209
25     17 Feb 2008; <solar@gentoo.org> metadata.xml,
26     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
27     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
28     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
29     - stable on x86 and remove old ebuilds
30 solar 1.207
31     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
32 solar 1.208 - stable on amd64 per request of amd64 lead
33 solar 1.206
34     *hardened-sources-2.6.23-r7 (11 Feb 2008)
35    
36     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
37     - version bump from kerin.millar
38     Changes:
39    
40     * Bump to genpatches-base-2.6.23-9
41     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
42     * Disables COMPAT_VDSO in x86/defconfig
43     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
44 phreak 1.205
45     25 Jan 2008; Christian Heim <phreak@gentoo.org>
46     -hardened-sources-2.6.22-r8.ebuild:
47     Cleaning up old versions.
48 phreak 1.204
49     *hardened-sources-2.6.23-r6 (25 Jan 2008)
50    
51     25 Jan 2008; Christian Heim <phreak@gentoo.org>
52     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
53     Revision bump, pulling in the latest genpatches.
54 phreak 1.203
55     *hardened-sources-2.6.23-r5 (24 Dec 2007)
56    
57     24 Dec 2007; Christian Heim <phreak@gentoo.org>
58     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
59     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
60     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
61     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
62 phreak 1.202
63     24 Dec 2007; Christian Heim <phreak@gentoo.org>
64     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
65     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
66     -hardened-sources-2.6.23-r3.ebuild:
67     Cleaning out some unused, old versions.
68 phreak 1.201
69     24 Dec 2007; Christian Heim <phreak@gentoo.org>
70     hardened-sources-2.6.23-r4.ebuild:
71     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
72     in the tree for long, but there isn't much of a difference between this and
73     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
74 phreak 1.200
75     *hardened-sources-2.6.23-r4 (23 Dec 2007)
76    
77     23 Dec 2007; Christian Heim <phreak@gentoo.org>
78     +hardened-sources-2.6.23-r4.ebuild:
79     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
80 phreak 1.199
81     *hardened-sources-2.6.23-r3 (04 Dec 2007)
82    
83     04 Dec 2007; Christian Heim <phreak@gentoo.org>
84     +hardened-sources-2.6.23-r3.ebuild:
85     Revision bump, pulling in 2.6.23.9.
86 phreak 1.198
87     *hardened-sources-2.6.23-r2 (25 Nov 2007)
88    
89     25 Nov 2007; Christian Heim <phreak@gentoo.org>
90     +hardened-sources-2.6.23-r2.ebuild:
91     Updated patchset, thanks to solar.
92 phreak 1.197
93     *hardened-sources-2.6.23-r1 (31 Oct 2007)
94    
95     31 Oct 2007; Christian Heim <phreak@gentoo.org>
96     +hardened-sources-2.6.23-r1.ebuild:
97     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
98 solar 1.196
99     29 Oct 2007; <solar@gentoo.org> metadata.xml:
100     - update metadata.xml
101 phreak 1.195
102     25 Oct 2007; Christian Heim <phreak@gentoo.org>
103     hardened-sources-2.6.22-r8.ebuild:
104     Marking 2.6.22-r8 stable on amd64 and x86.
105 phreak 1.194
106     21 Oct 2007; Christian Heim <phreak@gentoo.org>
107     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
108     -hardened-sources-2.6.21-r4.ebuild:
109     Removing old ebuilds.
110 phreak 1.193
111     *hardened-sources-2.4.35-r2 (21 Oct 2007)
112    
113     21 Oct 2007; Christian Heim <phreak@gentoo.org>
114     +hardened-sources-2.4.35-r2.ebuild:
115     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
116     patches.
117 phreak 1.192
118     *hardened-sources-2.6.22-r8 (21 Oct 2007)
119    
120     21 Oct 2007; Christian Heim <phreak@gentoo.org>
121     +hardened-sources-2.6.22-r8.ebuild:
122     Yet another new patch, hopefully fixing the remaining issues we had w/
123     2.6.22. Candidate for stabling.
124 phreak 1.191
125     *hardened-sources-2.6.23 (13 Oct 2007)
126    
127     13 Oct 2007; Christian Heim <phreak@gentoo.org>
128     +hardened-sources-2.6.23.ebuild:
129     Initial hardened-sources-2.6.23. If people still have problems w/ bug
130     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
131 phreak 1.190
132     11 Oct 2007; Christian Heim <phreak@gentoo.org>
133     hardened-sources-2.6.20-r10.ebuild:
134     Pulling in yet another new genpatches version, fixing the PWC bug for real.
135 phreak 1.189
136     04 Oct 2007; Christian Heim <phreak@gentoo.org>
137     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
138     Removing old versions.
139 phreak 1.188
140     *hardened-sources-2.6.22-r7 (01 Oct 2007)
141    
142     01 Oct 2007; Christian Heim <phreak@gentoo.org>
143     +hardened-sources-2.6.22-r7.ebuild:
144     Revision bump, pulling in a newer patch. Should fix #194276.
145 phreak 1.187
146     30 Sep 2007; Christian Heim <phreak@gentoo.org>
147     hardened-sources-2.6.20-r10.ebuild:
148     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
149     Mike Doty).
150 phreak 1.186
151     *hardened-sources-2.6.22-r6 (26 Sep 2007)
152    
153     26 Sep 2007; Christian Heim <phreak@gentoo.org>
154     +hardened-sources-2.6.22-r6.ebuild:
155     Revision bump, grabbing up till Linux 2.6.22.9.
156 phreak 1.185
157     24 Sep 2007; Christian Heim <phreak@gentoo.org>
158     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
159     Cleaning up further.
160 phreak 1.184
161     *hardened-sources-2.6.20-r10 (24 Sep 2007)
162    
163     24 Sep 2007; Christian Heim <phreak@gentoo.org>
164     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
165     +hardened-sources-2.6.20-r10.ebuild:
166     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
167     revisions.
168 phreak 1.183
169     *hardened-sources-2.6.22-r5 (22 Sep 2007)
170    
171     22 Sep 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.22-r5.ebuild:
173     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
174 phreak 1.182
175     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
176     Removing johnm from metadata.xml (see #186467 for reference).
177 phreak 1.181
178     *hardened-sources-2.6.22-r4 (17 Sep 2007)
179    
180     17 Sep 2007; Christian Heim <phreak@gentoo.org>
181     +hardened-sources-2.6.22-r4.ebuild:
182     Revision bump, hopefully fixing all those weird PAX failures.
183 phreak 1.180
184     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
185     Updating the metadata.xml.
186 phreak 1.179
187     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
188     Removing tocharian from metadata due to his retirement (see #71718 for
189     reference).
190 phreak 1.178
191     *hardened-sources-2.6.20-r9 (30 Aug 2007)
192    
193     30 Aug 2007; Christian Heim <phreak@gentoo.org>
194     +hardened-sources-2.6.20-r9.ebuild:
195     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
196 phreak 1.177
197     29 Aug 2007; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
199     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
200     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
201     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
202     -hardened-sources-2.6.22-r2.ebuild:
203     Removing some redundant versions.
204 phreak 1.176
205     *hardened-sources-2.4.35-r1 (29 Aug 2007)
206    
207     29 Aug 2007; Christian Heim <phreak@gentoo.org>
208     +hardened-sources-2.4.35-r1.ebuild:
209     Revision bump, new grsecurity patch.
210 phreak 1.175
211     *hardened-sources-2.6.20-r8 (26 Aug 2007)
212    
213     26 Aug 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.20-r8.ebuild:
215     Revision bump for Linux 2.6.20.17.
216 phreak 1.174
217     *hardened-sources-2.6.22-r3 (22 Aug 2007)
218    
219     22 Aug 2007; Christian Heim <phreak@gentoo.org>
220     +hardened-sources-2.6.22-r3.ebuild:
221     Revision bump for Linux 2.6.22.4.
222 phreak 1.173
223     16 Aug 2007; Christian Heim <phreak@gentoo.org>
224     hardened-sources-2.6.22-r2.ebuild:
225     Updated patchset, to fix the alignment against 2.6.22.3.
226 phreak 1.172
227     *hardened-sources-2.6.22-r2 (16 Aug 2007)
228    
229     16 Aug 2007; Christian Heim <phreak@gentoo.org>
230     +hardened-sources-2.6.22-r2.ebuild:
231     Revision bump for Linux 2.6.22.3.
232 phreak 1.171
233     *hardened-sources-2.4.35 (16 Aug 2007)
234    
235     16 Aug 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.4.35.ebuild:
237     Version bump, initial version for Linux 2.4.35.
238 phreak 1.170
239     *hardened-sources-2.6.21-r4 (16 Aug 2007)
240    
241     16 Aug 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.21-r4.ebuild:
243     Revision bump for Linux 2.6.21.6.
244 phreak 1.169
245     *hardened-sources-2.6.20-r7 (16 Aug 2007)
246    
247     16 Aug 2007; Christian Heim <phreak@gentoo.org>
248     +hardened-sources-2.6.20-r7.ebuild:
249     Revision bump for Linux 2.6.20.16.
250 phreak 1.168
251     *hardened-sources-2.6.22-r1 (13 Aug 2007)
252    
253     13 Aug 2007; Christian Heim <phreak@gentoo.org>
254     +hardened-sources-2.6.22-r1.ebuild:
255     Yet another revision bump.
256 phreak 1.167
257     *hardened-sources-2.6.22 (10 Aug 2007)
258    
259     10 Aug 2007; Christian Heim <phreak@gentoo.org>
260     +hardened-sources-2.6.22.ebuild:
261     Initial release for 2.6.22. If you are using hardened-sources on a desktop
262     machine (P4 or newer), be aware you might need to disable
263     CONFIG_PAX_PAGEEXEC.
264 phreak 1.166
265     04 Aug 2007; Christian Heim <phreak@gentoo.org>
266     hardened-sources-2.6.20-r6.ebuild:
267     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
268     2.6.20.15.
269 phreak 1.165
270     10 Jul 2007; Christian Heim <phreak@gentoo.org>
271     hardened-sources-2.6.20-r5.ebuild:
272     Marking hardened-sources-2.6.20-r5 stable on ppc.
273 phreak 1.164
274     10 Jul 2007; Christian Heim <phreak@gentoo.org>
275     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
276     Cleanup.
277 phreak 1.163
278     *hardened-sources-2.6.20-r6 (08 Jul 2007)
279    
280     08 Jul 2007; Christian Heim <phreak@gentoo.org>
281     +hardened-sources-2.6.20-r6.ebuild:
282     Revision bump, grabbing yet another stable release.
283 phreak 1.162
284     17 Jun 2007; Christian Heim <phreak@gentoo.org>
285     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
286     -hardened-sources-2.6.21-r2.ebuild:
287     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
288     alpha stable KEYWORD by mistake.
289 phreak 1.161
290     17 Jun 2007; Christian Heim <phreak@gentoo.org>
291     hardened-sources-2.6.20-r5.ebuild:
292     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
293     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
294 phreak 1.160
295     *hardened-sources-2.6.21-r3 (12 Jun 2007)
296    
297     12 Jun 2007; Christian Heim <phreak@gentoo.org>
298     +hardened-sources-2.6.21-r3.ebuild:
299     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
300     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
301     love.
302 phreak 1.159
303     *hardened-sources-2.6.20-r5 (11 Jun 2007)
304    
305     11 Jun 2007; Christian Heim <phreak@gentoo.org>
306     +hardened-sources-2.6.20-r5.ebuild:
307     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
308     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
309     love.
310 pappy 1.158
311     *hardened-sources-2.4.34.5 (11 Jun 2007)
312    
313     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
314     +hardened-sources-2.4.34.5.ebuild:
315     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
316 phreak 1.157
317     30 May 2007; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
319     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
320     stale ebuild(s).
321 phreak 1.156
322     30 May 2007; Christian Heim <phreak@gentoo.org>
323     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
324     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
325     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
326     Doing some cleanups, remove stale ebuilds.
327 phreak 1.155
328     26 May 2007; Christian Heim <phreak@gentoo.org>
329     hardened-sources-2.6.21-r2.ebuild:
330     Fixing the grsecurity patch, had one '};' too much.
331 phreak 1.154
332     *hardened-sources-2.6.21-r2 (26 May 2007)
333    
334     26 May 2007; Christian Heim <phreak@gentoo.org>
335     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
336     +hardened-sources-2.6.21-r2.ebuild:
337     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
338     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
339 phreak 1.153
340     *hardened-sources-2.6.20-r4 (26 May 2007)
341    
342     26 May 2007; Christian Heim <phreak@gentoo.org>
343     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
344     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
345 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
346 phreak 1.152
347     15 May 2007; Christian Heim <phreak@gentoo.org>
348     hardened-sources-2.6.20-r3.ebuild:
349     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
350     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
351     grsecurity patch fail in that exact same hunk.
352 phreak 1.151
353     *hardened-sources-2.6.20-r3 (15 May 2007)
354    
355     15 May 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
357     Revision bump, incorporating Linux 2.6.20.11.
358    
359     *hardened-sources-2.6.21-r1 (11 May 2007)
360    
361     11 May 2007; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.21-r1.ebuild:
363     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
364     mentioned in #177234.
365 kevquinn 1.150
366     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
367     files/digest-hardened-sources-2.6.21, Manifest:
368     Fix Manifest/digest for linux-2.6.21.tar.bz2
369 phreak 1.149
370     06 May 2007; Christian Heim <phreak@gentoo.org>
371     hardened-sources-2.6.21.ebuild:
372     Bumping the hardened-patches version, needed for the fix for #177234.
373 phreak 1.148
374     *hardened-sources-2.6.21 (02 May 2007)
375    
376     02 May 2007; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.21.ebuild:
378     Version bump, Linux 2.6.21-hardened.
379 phreak 1.147
380     29 Apr 2007; Christian Heim <phreak@gentoo.org>
381     hardened-sources-2.6.20-r2.ebuild:
382     Adding ~ia64 on Ned's request.
383 phreak 1.146
384     29 Apr 2007; Christian Heim <phreak@gentoo.org>
385     hardened-sources-2.6.20-r2.ebuild:
386     Fixing the included grsecurity patch, wasn't alligning due to the Index:
387     header line(s).
388 phreak 1.145
389     29 Apr 2007; Christian Heim <phreak@gentoo.org>
390     hardened-sources-2.6.20-r2.ebuild:
391     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
392 armin76 1.144
393     *hardened-sources-2.6.20-r2 (10 Apr 2007)
394    
395     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
396     +hardened-sources-2.6.20-r2.ebuild:
397     Version bump, on behalf of phreak
398 phreak 1.143
399     *hardened-sources-2.6.20-r1 (04 Apr 2007)
400    
401     04 Apr 2007; Christian Heim <phreak@gentoo.org>
402     +hardened-sources-2.6.20-r1.ebuild:
403     Revision bump, grabbing a newer grsecurity snapshot.
404 phreak 1.142
405     *hardened-sources-2.6.20 (25 Mar 2007)
406    
407     25 Mar 2007; Christian Heim <phreak@gentoo.org>
408     +hardened-sources-2.6.20.ebuild:
409     Finally a hardened-sources version for 2.6.20; many people have been waiting
410     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
411     testbox.
412 chainsaw 1.141
413     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
414     hardened-sources-2.6.18-r6.ebuild:
415     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
416 phreak 1.140
417     *hardened-sources-2.6.18-r6 (16 Mar 2007)
418    
419     16 Mar 2007; Christian Heim <phreak@gentoo.org>
420     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
421     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
422     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
423     supposed to be.
424 phreak 1.139
425     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
426     Fixing the Manifest, the previous one was broken (as in still had the
427     deleted ebuild in it).
428 phreak 1.138
429     06 Mar 2007; Christian Heim <phreak@gentoo.org>
430     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
431     +hardened-sources-2.6.18-r5.ebuild:
432     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
433     Linux 2.6.18.8. Also cleaning up the older version.
434    
435     *hardened-sources-2.6.18-r5 (06 Mar 2007)
436    
437     06 Mar 2007; Christian Heim <phreak@gentoo.org>
438     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
439     +hardened-sources-2.6.18-r5.ebuild:
440     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
441     Linux 2.6.18.8. Also cleaning up the older version.
442 phreak 1.137
443     24 Feb 2007; Christian Heim <phreak@gentoo.org>
444     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
445     -hardened-sources-2.6.19-r5.ebuild:
446     Removing some of the old version, that didn't work.
447 phreak 1.136
448     *hardened-sources-2.6.19-r6 (12 Feb 2007)
449    
450     12 Feb 2007; Christian Heim <phreak@gentoo.org>
451     +hardened-sources-2.6.19-r6.ebuild:
452     Revision bump, including a new grsec version fixing #166235.
453 pappy 1.134
454     *hardened-sources-2.4.34 (24 Jan 2007)
455    
456     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
457 pappy 1.135 Manifest:
458     updating Manifest with checksums of new tarball and ebuild
459    
460     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
461 pappy 1.134 +hardened-sources-2.4.34.ebuild:
462     I added new hardened sources 2.4 update, this is a critical path
463     security bugfix - all users of h-s are strongly advised
464     to update their existing hardened sources to this version.
465     It contains a fix for a kernel vulnerability that is pertaining
466     to the PaX changes to virtual memory management, possibly leading
467     to a local kernel exploit ... see grsecurity.net forums and homepage
468 phreak 1.133
469     23 Jan 2007; Christian Heim <phreak@gentoo.org>
470     files/digest-hardened-sources-2.6.19-r5, Manifest:
471     Fixing the patch-tarball digest.
472 phreak 1.132
473     *hardened-sources-2.6.19-r5 (23 Jan 2007)
474    
475     23 Jan 2007; Christian Heim <phreak@gentoo.org>
476     +hardened-sources-2.6.19-r5.ebuild:
477     Revision bump, closing the recently discovered PaX expand_stack()
478     vulnerability.
479 phreak 1.131
480     *hardened-sources-2.6.19-r4 (14 Jan 2007)
481    
482     14 Jan 2007; Christian Heim <phreak@gentoo.org>
483     +hardened-sources-2.6.19-r4.ebuild:
484     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
485     dropping the randomized PID feature.
486 opfer 1.130
487     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
488     hardened-sources-2.4.33.4.ebuild:
489     stable x86, bug #161171
490 phreak 1.129
491     *hardened-sources-2.6.19-r3 (27 Dec 2006)
492    
493     27 Dec 2006; Christian Heim <phreak@gentoo.org>
494     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
495     Revision bump for bug #157186 and #158786.
496 phreak 1.128
497     *hardened-sources-2.6.18-r4 (27 Dec 2006)
498    
499     27 Dec 2006; Christian Heim <phreak@gentoo.org>
500     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
501     Revision bump for bug #157186.
502 phreak 1.127
503     *hardened-sources-2.6.19-r2 (23 Dec 2006)
504    
505     23 Dec 2006; Christian Heim <phreak@gentoo.org>
506     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
507     Revision bump to pull in genpatches-2.6.19-3 for #157186.
508 phreak 1.126
509     17 Dec 2006; Christian Heim <phreak@gentoo.org>
510     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
511     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
512     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
513     hardened-sources-2.6.19-r1.ebuild:
514     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
515     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
516 pappy 1.125
517     *hardened-sources-2.4.33.4 (17 Dec 2006)
518    
519     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
520     +hardened-sources-2.4.33.4.ebuild:
521     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
522     and quilting
523 phreak 1.124
524     *hardened-sources-2.6.19-r1 (14 Dec 2006)
525    
526     14 Dec 2006; Christian Heim <phreak@gentoo.org>
527     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
528     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
529     for reporting).
530 phreak 1.123
531     *hardened-sources-2.6.19 (13 Dec 2006)
532    
533     13 Dec 2006; Christian Heim <phreak@gentoo.org>
534     +hardened-sources-2.6.19.ebuild:
535     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
536     Brad for providing that prompt update.
537 phreak 1.122
538     *hardened-sources-2.6.18-r3 (13 Dec 2006)
539    
540     13 Dec 2006; Christian Heim <phreak@gentoo.org>
541     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
542     +hardened-sources-2.6.18-r3.ebuild:
543     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
544     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
545 phreak 1.121
546     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
547     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
548 nixnut 1.120
549     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
550     Stable on ppc wrt bug 157356
551 opfer 1.119
552     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
553     hardened-sources-2.6.18.ebuild:
554     stable x86, bug #157356
555 phreak 1.118
556     *hardened-sources-2.6.18-r2 (06 Dec 2006)
557    
558     06 Dec 2006; Christian Heim <phreak@gentoo.org>
559     +hardened-sources-2.6.18-r2.ebuild:
560     Revision bump, including 2.6.18.5 (via genpatches) and
561     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
562     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
563     redesign.
564 phreak 1.117
565     06 Dec 2006; Christian Heim <phreak@gentoo.org>
566     hardened-sources-2.6.18.ebuild:
567     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
568     of Mike Doty).
569 phreak 1.116
570     *hardened-sources-2.6.18-r1 (23 Nov 2006)
571    
572     23 Nov 2006; Christian Heim <phreak@gentoo.org>
573     +hardened-sources-2.6.18-r1.ebuild:
574     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
575 phreak 1.115
576     *hardened-sources-2.6.18 (11 Nov 2006)
577    
578     11 Nov 2006; Christian Heim <phreak@gentoo.org>
579     +hardened-sources-2.6.18.ebuild:
580     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
581 solar 1.114
582     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
583     - mark amd64 stable also. bug #151877
584 solar 1.113
585     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
586     - mark 2.6.17-r1 stable
587 phreak 1.112
588     27 Aug 2006; Christian Heim <phreak@gentoo.org>
589     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
590     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
591 phreak 1.111
592     *hardened-sources-2.6.17-r1 (26 Aug 2006)
593    
594     26 Aug 2006; Christian Heim <phreak@gentoo.org>
595     +hardened-sources-2.6.17-r1.ebuild:
596     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
597     grsecurity patch.
598 phreak 1.110
599     *hardened-sources-2.6.17 (17 Aug 2006)
600    
601     17 Aug 2006; Christian Heim <phreak@gentoo.org>
602     +hardened-sources-2.6.17.ebuild:
603     Bumping the hardened-sources-2.6 series to 2.6.17, using
604     genpatches-2.6.17-6.base.
605 solar 1.109
606     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
607     - stable on x86 and amd64
608 solar 1.108
609     *hardened-sources-2.6.16-r11 (15 Jul 2006)
610    
611     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
612     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
613     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
614     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
615     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
616     crusty ebuilds
617 johnm 1.107
618     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
619     hardened-sources-2.6.16-r10.ebuild:
620     marking stable on x86 and amd64
621 solar 1.106
622     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
623     - 2.4.32-r6 stable on x86. RSBAC state unknown
624 kang 1.105
625     *hardened-sources-2.4.32-r7 (10 Jul 2006)
626    
627     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
628     +hardened-sources-2.4.32-r7.ebuild:
629     Bump PaX for RSBAC to test-17
630 johnm 1.104
631     *hardened-sources-2.6.16-r9 (03 Jul 2006)
632    
633     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
634     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
635     hardened-sources-2.6.16 bump to latest -base.
636 solar 1.103
637     *hardened-sources-2.4.32-r6 (30 Jun 2006)
638    
639     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
640     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
641     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
642     sysctl controlable resource logging
643 johnm 1.102
644     *hardened-sources-2.6.16-r7 (05 Jun 2006)
645    
646     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
647     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
648     push new 2.6.16 release in preparation for stable
649 solar 1.101
650     22 May 2006; <solar@gentoo.org> :
651     - redigest bug 134002
652 kang 1.100
653     *hardened-sources-2.4.32-r5 (16 May 2006)
654    
655     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
656     +hardened-sources-2.4.32-r5.ebuild:
657     Fixes rsbac common patching (new patch in new -r5 patchset)
658 solar 1.99
659     *hardened-sources-2.4.32-r4 (13 May 2006)
660    
661     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
662     +hardened-sources-2.4.32-r4.ebuild:
663     - security bumps
664 johnm 1.98
665     *hardened-sources-2.6.16-r6 (03 May 2006)
666    
667     03 May 2006; John Mylchreest <johnm@gentoo.org>
668     +hardened-sources-2.6.16-r6.ebuild:
669     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
670 johnm 1.97
671     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
672     hardened-sources-2.6.14-r8.ebuild:
673     fix x86_64 build problem, this will delay the digest issue again for a short
674     while but it will sort itself out
675 johnm 1.96
676     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
677     hardened-sources-2.6.14-r8.ebuild:
678     bump hardened patchset
679 antarus 1.94
680     27 Apr 2006; Alec Warner <antarus@gentoo.org>
681     files/digest-hardened-sources-2.4.32-r2,
682     files/digest-hardened-sources-2.4.32-r3,
683     files/digest-hardened-sources-2.6.14-r8, Manifest:
684     Fixing duff SHA256 digests: Bug # 131293
685 johnm 1.93
686 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
687    
688     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
689     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
690     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
691     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
692     cleanup of old uneccessary sources
693    
694 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
695     fix digest
696 johnm 1.92
697     *hardened-sources-2.6.14-r8 (20 Apr 2006)
698    
699     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
700     +hardened-sources-2.6.14-r8.ebuild:
701     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
702 johnm 1.91
703     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
704     Turning on gpg-signing again, and recomitting
705 johnm 1.90
706     *hardened-sources-2.6.16-r4 (20 Apr 2006)
707    
708     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
709     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
710     +hardened-sources-2.6.16-r4.ebuild:
711     Fix numerous security vulns
712 solar 1.89
713     *hardened-sources-2.4.32-r3 (16 Apr 2006)
714    
715     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
716     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
717     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
718     - security bump for bug #112791. Removed old ebuilds
719 johnm 1.88
720     *hardened-sources-2.6.16-r3 (15 Apr 2006)
721    
722     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
723     +hardened-sources-2.6.16-r3.ebuild:
724     Removing silly localversion which I missed
725 johnm 1.87
726     *hardened-sources-2.6.14-r7 (14 Apr 2006)
727    
728     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
729     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
730     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
731 johnm 1.86
732     *hardened-sources-2.6.16-r2 (13 Apr 2006)
733    
734     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
735     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
736     +hardened-sources-2.6.16-r2.ebuild:
737     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
738     labels, dropping USERGROUP define fixes, since these were merged mainstream.
739 johnm 1.85
740     *hardened-sources-2.6.16-r1 (11 Apr 2006)
741    
742     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
743     +hardened-sources-2.6.16-r1.ebuild:
744     Bumping to include ppc build fix and 2.6.16.3
745 tsunam 1.84
746     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
747     hardened-sources-2.6.14-r6.ebuild:
748     Stable on x86; bug #127718
749 johnm 1.83
750     *hardened-sources-2.6.16 (31 Mar 2006)
751    
752     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
753     +hardened-sources-2.6.16.ebuild:
754     Bumping to new version of grsec, and kernel base. New squashfs. Based on
755     2.6.16.1
756 cryos 1.82
757     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
758     hardened-sources-2.6.14-r6.ebuild:
759     Stable on amd64, bug 127718.
760 nixnut 1.81
761     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
762     Stable on ppc. Bug #127718
763 johnm 1.80
764     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
765     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
766     -hardened-sources-2.6.14-r4.ebuild:
767     Cleanup.
768 johnm 1.79
769     *hardened-sources-2.6.14-r6 (15 Mar 2006)
770    
771     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
772     +hardened-sources-2.6.14-r6.ebuild:
773     Fixes grsec policy recreation bug and adds a
774     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
775 solar 1.78
776     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
777     - stable on x86
778 hansmi 1.77
779     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
780     hardened-sources-2.6.14-r5.ebuild:
781     Stable on ppc.
782 johnm 1.76
783     *hardened-sources-2.6.14-r5 (01 Feb 2006)
784    
785     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
786     +hardened-sources-2.6.14-r5.ebuild:
787     fixing every known exploit
788 solar 1.75
789     *hardened-sources-2.4.32-r2 (26 Jan 2006)
790    
791     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
792     +hardened-sources-2.4.32-r2.ebuild:
793     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
794 solar 1.74
795     *hardened-sources-2.6.14-r4 (12 Jan 2006)
796    
797     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
798     - version bump for new genpatches which fix up a few sec holes
799 solar 1.73
800     *hardened-sources-2.4.32-r1 (05 Jan 2006)
801    
802     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
803     - revision bump to add misc vital linux kernel security patches.
804 johnm 1.72
805     *hardened-sources-2.6.14-r3 (30 Dec 2005)
806    
807     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
808     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
809     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
810 johnm 1.71
811     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
812     hardened-sources-2.6.14-r2.ebuild:
813     making x86 & amd64 stable following testing.
814 johnm 1.70
815     *hardened-sources-2.6.14-r2 (27 Dec 2005)
816    
817     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
818     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
819     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
820     network hooks.
821 johnm 1.69
822     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
823     hardened-sources-2.6.14-r1.ebuild:
824     bumping to stable early for sec fix on x86 & amd64
825 johnm 1.68
826     *hardened-sources-2.6.14-r1 (05 Dec 2005)
827    
828     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
829     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
830     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
831 solar 1.67
832     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
833     - stable on x86 security bug #114227 CAN-2005-3257
834 kang 1.66
835     *hardened-sources-2.4.32 (19 Nov 2005)
836    
837     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
838     +hardened-sources-2.4.32.ebuild:
839     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
840     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
841     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
842     rsbac >> /etc/portage/package.use)
843 johnm 1.65
844     *hardened-sources-2.6.14 (14 Nov 2005)
845    
846     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
847     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
848     Bumping 2.6 series to 2.6.14.2
849 johnm 1.64
850     *hardened-sources-2.6.13-r2 (20 Oct 2005)
851    
852     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
853     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
854     +hardened-sources-2.6.13-r2.ebuild:
855     Fixes minor build error in ppc.
856 johnm 1.63
857     *hardened-sources-2.6.13-r1 (17 Oct 2005)
858    
859     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
860     +hardened-sources-2.6.13-r1.ebuild:
861     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
862     2.6.13.4, fixes some major amd64 stability problems.
863 johnm 1.62
864     *hardened-sources-2.6.13 (16 Sep 2005)
865    
866     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
867     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
868     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
869     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
870     users should test this thoroughly.
871 solar 1.61
872     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
873     - stable on x86
874 johnm 1.60
875     *hardened-sources-2.6.11-r15 (27 Jun 2005)
876    
877     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
878     +hardened-sources-2.6.11-r15.ebuild:
879     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
880     grsec redefining curr_ip struct.
881 solar 1.59
882     *hardened-sources-2.4.31 (20 Jun 2005)
883    
884     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
885     initial import of 2.4.31 tree
886 johnm 1.58
887     *hardened-sources-2.6.11-r14 (14 Jun 2005)
888    
889     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
890     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
891     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
892     naming scheme to abide by genpatches
893 johnm 1.57
894     *hardened-sources-2.6.11-r13 (18 May 2005)
895    
896     18 May 2005; John Mylchreest <johnm@gentoo.org>
897     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
898     Managed to mangle the Makefile patch from grsec, to miss out the grsec
899     target. sorry about that. Fixes bug #93022
900 johnm 1.56
901     *hardened-sources-2.6.11-r12 (17 May 2005)
902    
903     17 May 2005; John Mylchreest <johnm@gentoo.org>
904     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
905     +hardened-sources-2.6.11-r12.ebuild:
906     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
907     merges in genpatches-base
908 johnm 1.55
909     *hardened-sources-2.6.11-r12 (17 May 2005)
910    
911     17 May 2005; John Mylchreest <johnm@gentoo.org>
912     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
913     +hardened-sources-2.6.11-r12.ebuild:
914     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
915     merges in genpatches-base
916 solar 1.54
917     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
918     -files/2.4.27-cmdline-race.patch,
919     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
920     -files/2.4.28-grsec-binfmt_a.out.patch,
921     -files/2.4.28-grsec-cmdline-race.patch,
922     -files/2.4.28-selinux-binfmt_a.out.patch,
923     -files/2.4.28-selinux-cmdline-race.patch,
924     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
925     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
926     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
927     cleanup..
928 solar 1.53
929     *hardened-sources-2.4.30-r1 (21 Apr 2005)
930    
931     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
932     - disable aout by default
933 solar 1.52
934     *hardened-sources-2.4.30 (18 Apr 2005)
935    
936     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
937     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
938     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
939     use
940 tocharian 1.50
941 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
942    
943     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
944     +hardened-sources-2.4.29.ebuild:
945     New hardened-patches-2.4-29.0 patchball.
946     Removed SELinux support, upgraded GRSecurity to 2.1.4.
947    
948     *hardened-sources-2.4.28-r5 (06 Mar 2005)
949    
950     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
951     +hardened-sources-2.4.28-r5.ebuild:
952     Added a fix for a PaX vulnerability.
953    
954     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
955 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
956     Stable on x86
957 solar 1.49
958     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
959     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
960     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
961     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
962     - fixed/added RDEPEND= in all kernel-2 ebuilds
963 tocharian 1.48
964     *hardened-sources-2.4.28-r4 (21 Jan 2005)
965    
966     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
967     +hardened-sources-2.4.28-r4.ebuild:
968     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
969     backport of neighbour hash updates.
970 tocharian 1.47
971     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
972     hardened-sources-2.4.28-r3.ebuild:
973     Stable on x86
974 tseng 1.46
975     *hardened-sources-2.6.10-r3 (20 Jan 2005)
976    
977     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
978     +hardened-sources-2.6.10-r3.ebuild:
979     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
980     in 2005.0
981 tocharian 1.45
982     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
983     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
984     hardened-sources-2.4.28-r2.ebuild:
985     Mark stable on x86
986 tocharian 1.44
987     *hardened-sources-2.4.28-r3 (17 Jan 2005)
988    
989     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
990     +hardened-sources-2.4.28-r3.ebuild:
991     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
992 tocharian 1.43
993     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
994     hardened-sources-2.4.28.ebuild:
995     Mark stable on x86.
996 tocharian 1.42
997     *hardened-sources-2.4.28-r2 (13 Jan 2005)
998    
999     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1000     +hardened-sources-2.4.28-r2.ebuild:
1001     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1002     Mazinger for grsecurity patches as well.
1003 plasmaroo 1.41
1004     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1005    
1006     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1007     Security bump. Thank tocharian for rolling a new patchset...
1008 solar 1.40
1009     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1010     +files/2.4.28-grsec-cmdline-race.patch,
1011     +files/2.4.28-selinux-binfmt_a.out.patch,
1012     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1013     - Round up remaining security patches that appear to be missing in 2.4.28. -
1014     PaX standalone updated to current. hgpv=28.1
1015 solar 1.39
1016     *hardened-sources-2.4.28 (28 Nov 2004)
1017    
1018     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1019     security bump. Thank tocharian for rolling a new patchset
1020 scox 1.31
1021 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1022    
1023     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1024     +hardened-sources-2.4.27-r3.ebuild:
1025     Applies the new 2.4-27.2 patchball which updates
1026     GRSecurity to the 2.0.1 version.
1027    
1028 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1029    
1030     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1031     +hardened-sources-2.4.27-r2.ebuild:
1032     Version bump.
1033     This version uses the new 2.4-27.1 patchball which updates
1034     both the SELinux PaX hooks patch and the SELinux headers.
1035    
1036 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1037    
1038     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1039     +hardened-sources-2.4.27-r1.ebuild,
1040     -hardened-sources-2.4.27.ebuild,
1041     +files/2.4.27-cmdline-race.patch:
1042     Version bump, fix for cmdline race. See bug #59905.
1043    
1044     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1045    
1046     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1047     +hardened-sources-2.4.26-r6.ebuild,
1048     -hardened-sources-2.4.26-r5.ebuild,
1049     -hardened-sources-2.4.26-r4.ebuild,
1050     +files/2.4.26-cmdline-race.patch:
1051     Version bump, fix for cmdline race. See bug #59905.
1052    
1053 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1054    
1055     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1056     +hardened-sources-2.4.27.ebuild,
1057     +files/2.4.27-CAN-2004-0394.patch:
1058     Ported the patchball to the 2.4.27 kernel version.
1059    
1060 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1061    
1062     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1063     +hardened-sources-2.4.26-r5.ebuild:
1064 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1065 scox 1.34 It adds the following features:
1066     - Squashfs
1067     - Ebtables
1068     - Netdev random (core+drivers)
1069     - Watchdog Timer (WDT) fix.
1070    
1071 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1072    
1073     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1074     +hardened-sources-2.4.26-r4.ebuild,
1075     +files/2.4.26-CAN-2004-0415.patch,
1076     -hardened-sources-2.4.26-3:
1077     Version bump, fix for CAN 0415, see bug #59378.
1078    
1079 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1080    
1081     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1082     +hardened-sources-2.4.26-r3.ebuild,
1083     +files/2.4.26-CAN-2004-0497.patch,
1084     -hardened-sources-2.4.26-r2.ebuild:
1085     Version bump, fixed CAN 0497, see bug #56171.
1086    
1087 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1088    
1089     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1090 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1091 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1092     +files/2.4.26-CAN-2004-0535.patch,
1093     -hardened-sources-2.4.26-r1.ebuild:
1094     Fixes for both CAN 0495 and 0535, see bug #54976
1095 pvdabeel 1.27
1096 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1097     hardened-sources-2.4.26-r1.ebuild:
1098     QA - fix use invocation
1099 scox 1.28
1100     *hardened-sources-2.4.26-r1 (22 June 2004)
1101    
1102     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1103     +hardened-sources-2.4.26-r1.ebuild,
1104     +files/2.4.26-CAN-2004-0394.patch,
1105     +files/2.4.26-signal-race.patch,
1106     -hardened-sources-2.4.26.ebuild,
1107     -hardened-sources-2.4.24-r3.ebuild:
1108     Version bump for the CAN-2004-0394 issue and bug #53804
1109     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1110    
1111    
1112 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1113     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1114     Masked hardened-sources-2.4.26.ebuild broken for ppc
1115    
1116     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1117     hardened-sources-2.4.24-r3.ebuild:
1118     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1119 plasmaroo 1.25
1120 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1121    
1122     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1123     +hardened-sources-2.4.26.ebuild:
1124     Updated hardened-sources for the 2.4.26 kernel
1125     Removed broken components, updated almost everything.
1126    
1127 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1128    
1129     17 Apr 2004; <plasmaroo@gentoo.org>
1130     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1131     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1132     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1133     +hardened-sources-2.4.24-r3.ebuild:
1134     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1135     vulnerabilities. Old revisions removed.
1136 plasmaroo 1.24
1137     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1138    
1139     15 Apr 2004; <plasmaroo@gentoo.org>
1140     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1141     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1142     Version bump for the CAN-2004-0109 issue; bug #47881.
1143 aliz 1.23
1144     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1145     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1146     Add eutils to inherit.
1147 plasmaroo 1.22
1148     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1149    
1150     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1151     files/hardened-sources-2.4.24.munmap.patch:
1152     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1153 scox 1.19
1154 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1155 scox 1.26
1156 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1157     hardened-sources-2.4.24.ebuild:
1158     Version bump, updated most of the components.
1159     This release includes the following:
1160    
1161     - Hardened security
1162     - Netfilter patch-o-matic 20031219
1163     - FreeSWAN 2.04 & x509 1.4.8
1164     - EVMS 2.2.2
1165     - XFS 1.3.1
1166     - cryptoloop jari
1167     - grsecurity 2.0-rc4
1168     - SELinux
1169     - PaX 200402060000
1170     - PaX Obscurity 200308302223
1171     - Others...
1172    
1173     Neither -ck nor systrace are included anymore.
1174    
1175 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1176    
1177     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1178     hardened-sources-2.4.22-r2.ebuild:
1179 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1180 scox 1.19
1181     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1182 iggy 1.17
1183     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1184 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1185 iggy 1.16
1186     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1187 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1188     Version bump for the 'do_brk' vulnerability.
1189 iggy 1.15
1190     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1191     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1192     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1193     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1194 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1195 frogger 1.14
1196     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1197     hardened-sources-2.4.22.ebuild:
1198 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1199     components. These are no longer handled in the kernel
1200     so this code was not necessary.
1201 frogger 1.13
1202     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1203     New 2.4.22 based hardened-sources thanks to
1204     Phil West <p.west@computer.org>.
1205    
1206     These sources include:
1207 plasmaroo 1.18 - New SELinux API
1208     - Updated CK-base
1209     - Updated GRSec
1210     - Systrace
1211     - SuperFreeS/WAN 1.99.8
1212     - Propolice kernel build support
1213     - EVMS
1214     - Other various security related patches
1215 frogger 1.11
1216 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1217    
1218     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1219     Updated hardened-sources based on the 2.4.21 Linux kernel.
1220     This includes updates to most major components such as:
1221 plasmaroo 1.18 - ck-base-0306300059
1222     - selinux-2.4-2003071106
1223     - grsecurity-2.0-rc1
1224     - Updated IPTables patch-o-matic
1225     - Updated SuperFreeS/WAN
1226    
1227 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1228     updated patch set ready for the 2.4.21 based kernel.
1229    
1230 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1231     Initial import of hardened-sources-2.4.20-r4. This revision
1232     includes only a few changes, but one of these is an important
1233     security fix. It is recommended all users of hardened-sources
1234     upgrade to this release.
1235 plasmaroo 1.18
1236 frogger 1.11 - ioperm bug fix
1237     - fixed compilation failure when building without GRSec
1238 plasmaroo 1.18
1239 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1240     due to time constraints, but is planned for inclusion in the near
1241     future.
1242 msterret 1.10
1243     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1244    
1245     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1246     hardened-sources-2.4.20-r3.ebuild:
1247 plasmaroo 1.18 Add Header...
1248 frogger 1.9
1249     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1250     hardened-sources-2.4.20-r3.ebuild:
1251     Removed warnings from ebuild. This kernel should be safe to
1252     use at this point.
1253 frogger 1.8
1254     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1255    
1256     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1257     hardened-sources-2.4.20-r3.ebuild:
1258     New revision. Includes the following changes over -r2:
1259 plasmaroo 1.18
1260 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1261     - Super FreeS/WAN 1.99.7rc2
1262     - PaX for the LSM/SELinux branch
1263     - GRSecurity 2.0-pre4 (role based access control)
1264     - Systrace 1.3
1265     - EXT3 fixes
1266     - EVMS 2.0.1
1267     - GCC 3.1+ compile optimizations
1268     - ProPolice kernel build support
1269     - Hashing table security fixes
1270 frogger 1.3
1271     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1272 frogger 1.7
1273     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1274     Initial import of hardened-sources-r2. This new
1275     ebuild includes many new performance and security
1276     related patches. As in -r1, it will patch in
1277     LSM/SELinux if "selinux" is in USE, otherwise it
1278     will patch in GRSecurity. The following patches
1279     are included in this revision:
1280 plasmaroo 1.18
1281 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1282     (pulled from the base CK patch)
1283     - ptrace exploit patch for the LSM kernel
1284     (the GRSec patch already fixes this)
1285     - LSM 2.4-2003040709
1286     - SELinux 2.4-2003040709
1287     - Systrace v1.2
1288     - IPTables patch-o-matic base patches - 20030107
1289     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1290     - Super FreeS/WAN 1.99.6.1
1291     - GRSecurity 1.9.9g
1292     - MPPE
1293     - EXT3 data journal fix
1294     - CIPE 1.5.4
1295 frogger 1.6
1296     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1297     hardened-sources-2.4.20-r1.ebuild, manifest:
1298 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1299 frogger 1.5
1300     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1301     hardened-sources-2.4.20-r1.ebuild:
1302     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1303     is patched in instead. Ptrace patches for selinux have also been added. In
1304     either case, systrace support will be patched in as well.
1305 frogger 1.3
1306     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1307     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1308 plasmaroo 1.18 Revision bump for new sources.
1309 frogger 1.4
1310 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1311 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1312 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1313 method 1.1
1314 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1315    
1316 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1317     hardened-sources-2.4.20.ebuild:
1318 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20