/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.220 - (hide annotations) (download)
Thu May 1 22:16:54 2008 UTC (6 years, 7 months ago) by solar
Branch: MAIN
Changes since 1.219: +6 -1 lines
- version bump to fix ulgy linux bugs
(Portage version: 2.1.3.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.220 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.219 2008/04/30 11:45:44 phreak Exp $
4    
5     *hardened-sources-2.6.23-r11 (01 May 2008)
6    
7     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
8     - version bump to fix ulgy linux bugs
9 phreak 1.219
10     *hardened-sources-2.6.24-r1 (30 Apr 2008)
11    
12     30 Apr 2008; Christian Heim <phreak@gentoo.org>
13     +hardened-sources-2.6.24-r1.ebuild:
14     Revision bump (thanks to Kerin and Gordon, again), pulling
15     genpatches-2.6.24-7, solving #219089. Additionally contains further security
16     fixes plus some minor updates.
17 phreak 1.218
18     *hardened-sources-2.6.23-r10 (30 Apr 2008)
19    
20     30 Apr 2008; Christian Heim <phreak@gentoo.org>
21     +hardened-sources-2.6.23-r10.ebuild:
22     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
23     Additional contains "various other fixes".
24 phreak 1.217
25     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
26     Update the longdescription in metadata, thanks to Gordon Malm.
27 nixnut 1.216
28     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
29     Stable on ppc wrt bug #213255
30 solar 1.215
31     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
32     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
33     - stable on x86/amd64 per request. Removed obsolete ebuilds
34 phreak 1.214
35     *hardened-sources-2.6.24 (07 Apr 2008)
36    
37     07 Apr 2008; Christian Heim <phreak@gentoo.org>
38     +hardened-sources-2.6.24.ebuild:
39     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
40     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
41     for the many contributions and their continued effort in #216612) based on
42     2.6.24 and genpatches-2.6.24-5.
43    
44     The current ebuild/patchset contains these things:
45     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
46     * Introduces bespoke server and workstation oriented security levels
47     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
48 phreak 1.213
49     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
50     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
51     maintaining it).
52 phreak 1.212
53     24 Mar 2008; Christian Heim <phreak@gentoo.org>
54     hardened-sources-2.4.35-r2.ebuild:
55     Fixing SRC_URI for 2.4.35-r2.
56 phreak 1.211
57     *hardened-sources-2.6.23-r9 (22 Mar 2008)
58    
59     22 Mar 2008; Christian Heim <phreak@gentoo.org>
60     +hardened-sources-2.6.23-r9.ebuild:
61     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
62     * Change the default GIDs for some grsecurity options
63     * Revamp the Hardened [Gentoo] security level and make it the default level
64     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
65     * Fix a recursive lock -- call to capable() within ptrace_attach()
66     * Fix bug that allows audit and iscsi operations to be controlled via netlink
67 solar 1.210
68     *hardened-sources-2.6.23-r8 (27 Feb 2008)
69    
70     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
71     - version bump from Kerin Millar bug 210026
72 solar 1.209
73     17 Feb 2008; <solar@gentoo.org> metadata.xml,
74     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
75     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
76     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
77     - stable on x86 and remove old ebuilds
78 solar 1.207
79     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
80 solar 1.208 - stable on amd64 per request of amd64 lead
81 solar 1.206
82     *hardened-sources-2.6.23-r7 (11 Feb 2008)
83    
84     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
85     - version bump from kerin.millar
86     Changes:
87    
88     * Bump to genpatches-base-2.6.23-9
89     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
90     * Disables COMPAT_VDSO in x86/defconfig
91     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
92 phreak 1.205
93     25 Jan 2008; Christian Heim <phreak@gentoo.org>
94     -hardened-sources-2.6.22-r8.ebuild:
95     Cleaning up old versions.
96 phreak 1.204
97     *hardened-sources-2.6.23-r6 (25 Jan 2008)
98    
99     25 Jan 2008; Christian Heim <phreak@gentoo.org>
100     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
101     Revision bump, pulling in the latest genpatches.
102 phreak 1.203
103     *hardened-sources-2.6.23-r5 (24 Dec 2007)
104    
105     24 Dec 2007; Christian Heim <phreak@gentoo.org>
106     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
107     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
108     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
109     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
110 phreak 1.202
111     24 Dec 2007; Christian Heim <phreak@gentoo.org>
112     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
113     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
114     -hardened-sources-2.6.23-r3.ebuild:
115     Cleaning out some unused, old versions.
116 phreak 1.201
117     24 Dec 2007; Christian Heim <phreak@gentoo.org>
118     hardened-sources-2.6.23-r4.ebuild:
119     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
120     in the tree for long, but there isn't much of a difference between this and
121     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
122 phreak 1.200
123     *hardened-sources-2.6.23-r4 (23 Dec 2007)
124    
125     23 Dec 2007; Christian Heim <phreak@gentoo.org>
126     +hardened-sources-2.6.23-r4.ebuild:
127     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
128 phreak 1.199
129     *hardened-sources-2.6.23-r3 (04 Dec 2007)
130    
131     04 Dec 2007; Christian Heim <phreak@gentoo.org>
132     +hardened-sources-2.6.23-r3.ebuild:
133     Revision bump, pulling in 2.6.23.9.
134 phreak 1.198
135     *hardened-sources-2.6.23-r2 (25 Nov 2007)
136    
137     25 Nov 2007; Christian Heim <phreak@gentoo.org>
138     +hardened-sources-2.6.23-r2.ebuild:
139     Updated patchset, thanks to solar.
140 phreak 1.197
141     *hardened-sources-2.6.23-r1 (31 Oct 2007)
142    
143     31 Oct 2007; Christian Heim <phreak@gentoo.org>
144     +hardened-sources-2.6.23-r1.ebuild:
145     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
146 solar 1.196
147     29 Oct 2007; <solar@gentoo.org> metadata.xml:
148     - update metadata.xml
149 phreak 1.195
150     25 Oct 2007; Christian Heim <phreak@gentoo.org>
151     hardened-sources-2.6.22-r8.ebuild:
152     Marking 2.6.22-r8 stable on amd64 and x86.
153 phreak 1.194
154     21 Oct 2007; Christian Heim <phreak@gentoo.org>
155     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
156     -hardened-sources-2.6.21-r4.ebuild:
157     Removing old ebuilds.
158 phreak 1.193
159     *hardened-sources-2.4.35-r2 (21 Oct 2007)
160    
161     21 Oct 2007; Christian Heim <phreak@gentoo.org>
162     +hardened-sources-2.4.35-r2.ebuild:
163     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
164     patches.
165 phreak 1.192
166     *hardened-sources-2.6.22-r8 (21 Oct 2007)
167    
168     21 Oct 2007; Christian Heim <phreak@gentoo.org>
169     +hardened-sources-2.6.22-r8.ebuild:
170     Yet another new patch, hopefully fixing the remaining issues we had w/
171     2.6.22. Candidate for stabling.
172 phreak 1.191
173     *hardened-sources-2.6.23 (13 Oct 2007)
174    
175     13 Oct 2007; Christian Heim <phreak@gentoo.org>
176     +hardened-sources-2.6.23.ebuild:
177     Initial hardened-sources-2.6.23. If people still have problems w/ bug
178     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
179 phreak 1.190
180     11 Oct 2007; Christian Heim <phreak@gentoo.org>
181     hardened-sources-2.6.20-r10.ebuild:
182     Pulling in yet another new genpatches version, fixing the PWC bug for real.
183 phreak 1.189
184     04 Oct 2007; Christian Heim <phreak@gentoo.org>
185     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
186     Removing old versions.
187 phreak 1.188
188     *hardened-sources-2.6.22-r7 (01 Oct 2007)
189    
190     01 Oct 2007; Christian Heim <phreak@gentoo.org>
191     +hardened-sources-2.6.22-r7.ebuild:
192     Revision bump, pulling in a newer patch. Should fix #194276.
193 phreak 1.187
194     30 Sep 2007; Christian Heim <phreak@gentoo.org>
195     hardened-sources-2.6.20-r10.ebuild:
196     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
197     Mike Doty).
198 phreak 1.186
199     *hardened-sources-2.6.22-r6 (26 Sep 2007)
200    
201     26 Sep 2007; Christian Heim <phreak@gentoo.org>
202     +hardened-sources-2.6.22-r6.ebuild:
203     Revision bump, grabbing up till Linux 2.6.22.9.
204 phreak 1.185
205     24 Sep 2007; Christian Heim <phreak@gentoo.org>
206     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
207     Cleaning up further.
208 phreak 1.184
209     *hardened-sources-2.6.20-r10 (24 Sep 2007)
210    
211     24 Sep 2007; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
213     +hardened-sources-2.6.20-r10.ebuild:
214     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
215     revisions.
216 phreak 1.183
217     *hardened-sources-2.6.22-r5 (22 Sep 2007)
218    
219     22 Sep 2007; Christian Heim <phreak@gentoo.org>
220     +hardened-sources-2.6.22-r5.ebuild:
221     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
222 phreak 1.182
223     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
224     Removing johnm from metadata.xml (see #186467 for reference).
225 phreak 1.181
226     *hardened-sources-2.6.22-r4 (17 Sep 2007)
227    
228     17 Sep 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.22-r4.ebuild:
230     Revision bump, hopefully fixing all those weird PAX failures.
231 phreak 1.180
232     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
233     Updating the metadata.xml.
234 phreak 1.179
235     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
236     Removing tocharian from metadata due to his retirement (see #71718 for
237     reference).
238 phreak 1.178
239     *hardened-sources-2.6.20-r9 (30 Aug 2007)
240    
241     30 Aug 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.20-r9.ebuild:
243     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
244 phreak 1.177
245     29 Aug 2007; Christian Heim <phreak@gentoo.org>
246     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
247     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
248     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
249     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
250     -hardened-sources-2.6.22-r2.ebuild:
251     Removing some redundant versions.
252 phreak 1.176
253     *hardened-sources-2.4.35-r1 (29 Aug 2007)
254    
255     29 Aug 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.4.35-r1.ebuild:
257     Revision bump, new grsecurity patch.
258 phreak 1.175
259     *hardened-sources-2.6.20-r8 (26 Aug 2007)
260    
261     26 Aug 2007; Christian Heim <phreak@gentoo.org>
262     +hardened-sources-2.6.20-r8.ebuild:
263     Revision bump for Linux 2.6.20.17.
264 phreak 1.174
265     *hardened-sources-2.6.22-r3 (22 Aug 2007)
266    
267     22 Aug 2007; Christian Heim <phreak@gentoo.org>
268     +hardened-sources-2.6.22-r3.ebuild:
269     Revision bump for Linux 2.6.22.4.
270 phreak 1.173
271     16 Aug 2007; Christian Heim <phreak@gentoo.org>
272     hardened-sources-2.6.22-r2.ebuild:
273     Updated patchset, to fix the alignment against 2.6.22.3.
274 phreak 1.172
275     *hardened-sources-2.6.22-r2 (16 Aug 2007)
276    
277     16 Aug 2007; Christian Heim <phreak@gentoo.org>
278     +hardened-sources-2.6.22-r2.ebuild:
279     Revision bump for Linux 2.6.22.3.
280 phreak 1.171
281     *hardened-sources-2.4.35 (16 Aug 2007)
282    
283     16 Aug 2007; Christian Heim <phreak@gentoo.org>
284     +hardened-sources-2.4.35.ebuild:
285     Version bump, initial version for Linux 2.4.35.
286 phreak 1.170
287     *hardened-sources-2.6.21-r4 (16 Aug 2007)
288    
289     16 Aug 2007; Christian Heim <phreak@gentoo.org>
290     +hardened-sources-2.6.21-r4.ebuild:
291     Revision bump for Linux 2.6.21.6.
292 phreak 1.169
293     *hardened-sources-2.6.20-r7 (16 Aug 2007)
294    
295     16 Aug 2007; Christian Heim <phreak@gentoo.org>
296     +hardened-sources-2.6.20-r7.ebuild:
297     Revision bump for Linux 2.6.20.16.
298 phreak 1.168
299     *hardened-sources-2.6.22-r1 (13 Aug 2007)
300    
301     13 Aug 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.22-r1.ebuild:
303     Yet another revision bump.
304 phreak 1.167
305     *hardened-sources-2.6.22 (10 Aug 2007)
306    
307     10 Aug 2007; Christian Heim <phreak@gentoo.org>
308     +hardened-sources-2.6.22.ebuild:
309     Initial release for 2.6.22. If you are using hardened-sources on a desktop
310     machine (P4 or newer), be aware you might need to disable
311     CONFIG_PAX_PAGEEXEC.
312 phreak 1.166
313     04 Aug 2007; Christian Heim <phreak@gentoo.org>
314     hardened-sources-2.6.20-r6.ebuild:
315     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
316     2.6.20.15.
317 phreak 1.165
318     10 Jul 2007; Christian Heim <phreak@gentoo.org>
319     hardened-sources-2.6.20-r5.ebuild:
320     Marking hardened-sources-2.6.20-r5 stable on ppc.
321 phreak 1.164
322     10 Jul 2007; Christian Heim <phreak@gentoo.org>
323     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
324     Cleanup.
325 phreak 1.163
326     *hardened-sources-2.6.20-r6 (08 Jul 2007)
327    
328     08 Jul 2007; Christian Heim <phreak@gentoo.org>
329     +hardened-sources-2.6.20-r6.ebuild:
330     Revision bump, grabbing yet another stable release.
331 phreak 1.162
332     17 Jun 2007; Christian Heim <phreak@gentoo.org>
333     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
334     -hardened-sources-2.6.21-r2.ebuild:
335     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
336     alpha stable KEYWORD by mistake.
337 phreak 1.161
338     17 Jun 2007; Christian Heim <phreak@gentoo.org>
339     hardened-sources-2.6.20-r5.ebuild:
340     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
341     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
342 phreak 1.160
343     *hardened-sources-2.6.21-r3 (12 Jun 2007)
344    
345     12 Jun 2007; Christian Heim <phreak@gentoo.org>
346     +hardened-sources-2.6.21-r3.ebuild:
347     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
348     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
349     love.
350 phreak 1.159
351     *hardened-sources-2.6.20-r5 (11 Jun 2007)
352    
353     11 Jun 2007; Christian Heim <phreak@gentoo.org>
354     +hardened-sources-2.6.20-r5.ebuild:
355     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
356     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
357     love.
358 pappy 1.158
359     *hardened-sources-2.4.34.5 (11 Jun 2007)
360    
361     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
362     +hardened-sources-2.4.34.5.ebuild:
363     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
364 phreak 1.157
365     30 May 2007; Christian Heim <phreak@gentoo.org>
366     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
367     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
368     stale ebuild(s).
369 phreak 1.156
370     30 May 2007; Christian Heim <phreak@gentoo.org>
371     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
372     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
373     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
374     Doing some cleanups, remove stale ebuilds.
375 phreak 1.155
376     26 May 2007; Christian Heim <phreak@gentoo.org>
377     hardened-sources-2.6.21-r2.ebuild:
378     Fixing the grsecurity patch, had one '};' too much.
379 phreak 1.154
380     *hardened-sources-2.6.21-r2 (26 May 2007)
381    
382     26 May 2007; Christian Heim <phreak@gentoo.org>
383     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
384     +hardened-sources-2.6.21-r2.ebuild:
385     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
386     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
387 phreak 1.153
388     *hardened-sources-2.6.20-r4 (26 May 2007)
389    
390     26 May 2007; Christian Heim <phreak@gentoo.org>
391     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
392     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
393 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
394 phreak 1.152
395     15 May 2007; Christian Heim <phreak@gentoo.org>
396     hardened-sources-2.6.20-r3.ebuild:
397     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
398     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
399     grsecurity patch fail in that exact same hunk.
400 phreak 1.151
401     *hardened-sources-2.6.20-r3 (15 May 2007)
402    
403     15 May 2007; Christian Heim <phreak@gentoo.org>
404     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
405     Revision bump, incorporating Linux 2.6.20.11.
406    
407     *hardened-sources-2.6.21-r1 (11 May 2007)
408    
409     11 May 2007; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.6.21-r1.ebuild:
411     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
412     mentioned in #177234.
413 kevquinn 1.150
414     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
415     files/digest-hardened-sources-2.6.21, Manifest:
416     Fix Manifest/digest for linux-2.6.21.tar.bz2
417 phreak 1.149
418     06 May 2007; Christian Heim <phreak@gentoo.org>
419     hardened-sources-2.6.21.ebuild:
420     Bumping the hardened-patches version, needed for the fix for #177234.
421 phreak 1.148
422     *hardened-sources-2.6.21 (02 May 2007)
423    
424     02 May 2007; Christian Heim <phreak@gentoo.org>
425     +hardened-sources-2.6.21.ebuild:
426     Version bump, Linux 2.6.21-hardened.
427 phreak 1.147
428     29 Apr 2007; Christian Heim <phreak@gentoo.org>
429     hardened-sources-2.6.20-r2.ebuild:
430     Adding ~ia64 on Ned's request.
431 phreak 1.146
432     29 Apr 2007; Christian Heim <phreak@gentoo.org>
433     hardened-sources-2.6.20-r2.ebuild:
434     Fixing the included grsecurity patch, wasn't alligning due to the Index:
435     header line(s).
436 phreak 1.145
437     29 Apr 2007; Christian Heim <phreak@gentoo.org>
438     hardened-sources-2.6.20-r2.ebuild:
439     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
440 armin76 1.144
441     *hardened-sources-2.6.20-r2 (10 Apr 2007)
442    
443     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
444     +hardened-sources-2.6.20-r2.ebuild:
445     Version bump, on behalf of phreak
446 phreak 1.143
447     *hardened-sources-2.6.20-r1 (04 Apr 2007)
448    
449     04 Apr 2007; Christian Heim <phreak@gentoo.org>
450     +hardened-sources-2.6.20-r1.ebuild:
451     Revision bump, grabbing a newer grsecurity snapshot.
452 phreak 1.142
453     *hardened-sources-2.6.20 (25 Mar 2007)
454    
455     25 Mar 2007; Christian Heim <phreak@gentoo.org>
456     +hardened-sources-2.6.20.ebuild:
457     Finally a hardened-sources version for 2.6.20; many people have been waiting
458     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
459     testbox.
460 chainsaw 1.141
461     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
462     hardened-sources-2.6.18-r6.ebuild:
463     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
464 phreak 1.140
465     *hardened-sources-2.6.18-r6 (16 Mar 2007)
466    
467     16 Mar 2007; Christian Heim <phreak@gentoo.org>
468     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
469     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
470     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
471     supposed to be.
472 phreak 1.139
473     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
474     Fixing the Manifest, the previous one was broken (as in still had the
475     deleted ebuild in it).
476 phreak 1.138
477     06 Mar 2007; Christian Heim <phreak@gentoo.org>
478     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
479     +hardened-sources-2.6.18-r5.ebuild:
480     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
481     Linux 2.6.18.8. Also cleaning up the older version.
482    
483     *hardened-sources-2.6.18-r5 (06 Mar 2007)
484    
485     06 Mar 2007; Christian Heim <phreak@gentoo.org>
486     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
487     +hardened-sources-2.6.18-r5.ebuild:
488     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
489     Linux 2.6.18.8. Also cleaning up the older version.
490 phreak 1.137
491     24 Feb 2007; Christian Heim <phreak@gentoo.org>
492     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
493     -hardened-sources-2.6.19-r5.ebuild:
494     Removing some of the old version, that didn't work.
495 phreak 1.136
496     *hardened-sources-2.6.19-r6 (12 Feb 2007)
497    
498     12 Feb 2007; Christian Heim <phreak@gentoo.org>
499     +hardened-sources-2.6.19-r6.ebuild:
500     Revision bump, including a new grsec version fixing #166235.
501 pappy 1.134
502     *hardened-sources-2.4.34 (24 Jan 2007)
503    
504     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
505 pappy 1.135 Manifest:
506     updating Manifest with checksums of new tarball and ebuild
507    
508     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
509 pappy 1.134 +hardened-sources-2.4.34.ebuild:
510     I added new hardened sources 2.4 update, this is a critical path
511     security bugfix - all users of h-s are strongly advised
512     to update their existing hardened sources to this version.
513     It contains a fix for a kernel vulnerability that is pertaining
514     to the PaX changes to virtual memory management, possibly leading
515     to a local kernel exploit ... see grsecurity.net forums and homepage
516 phreak 1.133
517     23 Jan 2007; Christian Heim <phreak@gentoo.org>
518     files/digest-hardened-sources-2.6.19-r5, Manifest:
519     Fixing the patch-tarball digest.
520 phreak 1.132
521     *hardened-sources-2.6.19-r5 (23 Jan 2007)
522    
523     23 Jan 2007; Christian Heim <phreak@gentoo.org>
524     +hardened-sources-2.6.19-r5.ebuild:
525     Revision bump, closing the recently discovered PaX expand_stack()
526     vulnerability.
527 phreak 1.131
528     *hardened-sources-2.6.19-r4 (14 Jan 2007)
529    
530     14 Jan 2007; Christian Heim <phreak@gentoo.org>
531     +hardened-sources-2.6.19-r4.ebuild:
532     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
533     dropping the randomized PID feature.
534 opfer 1.130
535     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
536     hardened-sources-2.4.33.4.ebuild:
537     stable x86, bug #161171
538 phreak 1.129
539     *hardened-sources-2.6.19-r3 (27 Dec 2006)
540    
541     27 Dec 2006; Christian Heim <phreak@gentoo.org>
542     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
543     Revision bump for bug #157186 and #158786.
544 phreak 1.128
545     *hardened-sources-2.6.18-r4 (27 Dec 2006)
546    
547     27 Dec 2006; Christian Heim <phreak@gentoo.org>
548     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
549     Revision bump for bug #157186.
550 phreak 1.127
551     *hardened-sources-2.6.19-r2 (23 Dec 2006)
552    
553     23 Dec 2006; Christian Heim <phreak@gentoo.org>
554     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
555     Revision bump to pull in genpatches-2.6.19-3 for #157186.
556 phreak 1.126
557     17 Dec 2006; Christian Heim <phreak@gentoo.org>
558     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
559     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
560     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
561     hardened-sources-2.6.19-r1.ebuild:
562     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
563     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
564 pappy 1.125
565     *hardened-sources-2.4.33.4 (17 Dec 2006)
566    
567     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
568     +hardened-sources-2.4.33.4.ebuild:
569     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
570     and quilting
571 phreak 1.124
572     *hardened-sources-2.6.19-r1 (14 Dec 2006)
573    
574     14 Dec 2006; Christian Heim <phreak@gentoo.org>
575     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
576     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
577     for reporting).
578 phreak 1.123
579     *hardened-sources-2.6.19 (13 Dec 2006)
580    
581     13 Dec 2006; Christian Heim <phreak@gentoo.org>
582     +hardened-sources-2.6.19.ebuild:
583     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
584     Brad for providing that prompt update.
585 phreak 1.122
586     *hardened-sources-2.6.18-r3 (13 Dec 2006)
587    
588     13 Dec 2006; Christian Heim <phreak@gentoo.org>
589     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
590     +hardened-sources-2.6.18-r3.ebuild:
591     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
592     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
593 phreak 1.121
594     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
595     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
596 nixnut 1.120
597     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
598     Stable on ppc wrt bug 157356
599 opfer 1.119
600     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
601     hardened-sources-2.6.18.ebuild:
602     stable x86, bug #157356
603 phreak 1.118
604     *hardened-sources-2.6.18-r2 (06 Dec 2006)
605    
606     06 Dec 2006; Christian Heim <phreak@gentoo.org>
607     +hardened-sources-2.6.18-r2.ebuild:
608     Revision bump, including 2.6.18.5 (via genpatches) and
609     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
610     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
611     redesign.
612 phreak 1.117
613     06 Dec 2006; Christian Heim <phreak@gentoo.org>
614     hardened-sources-2.6.18.ebuild:
615     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
616     of Mike Doty).
617 phreak 1.116
618     *hardened-sources-2.6.18-r1 (23 Nov 2006)
619    
620     23 Nov 2006; Christian Heim <phreak@gentoo.org>
621     +hardened-sources-2.6.18-r1.ebuild:
622     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
623 phreak 1.115
624     *hardened-sources-2.6.18 (11 Nov 2006)
625    
626     11 Nov 2006; Christian Heim <phreak@gentoo.org>
627     +hardened-sources-2.6.18.ebuild:
628     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
629 solar 1.114
630     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
631     - mark amd64 stable also. bug #151877
632 solar 1.113
633     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
634     - mark 2.6.17-r1 stable
635 phreak 1.112
636     27 Aug 2006; Christian Heim <phreak@gentoo.org>
637     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
638     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
639 phreak 1.111
640     *hardened-sources-2.6.17-r1 (26 Aug 2006)
641    
642     26 Aug 2006; Christian Heim <phreak@gentoo.org>
643     +hardened-sources-2.6.17-r1.ebuild:
644     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
645     grsecurity patch.
646 phreak 1.110
647     *hardened-sources-2.6.17 (17 Aug 2006)
648    
649     17 Aug 2006; Christian Heim <phreak@gentoo.org>
650     +hardened-sources-2.6.17.ebuild:
651     Bumping the hardened-sources-2.6 series to 2.6.17, using
652     genpatches-2.6.17-6.base.
653 solar 1.109
654     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
655     - stable on x86 and amd64
656 solar 1.108
657     *hardened-sources-2.6.16-r11 (15 Jul 2006)
658    
659     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
660     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
661     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
662     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
663     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
664     crusty ebuilds
665 johnm 1.107
666     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
667     hardened-sources-2.6.16-r10.ebuild:
668     marking stable on x86 and amd64
669 solar 1.106
670     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
671     - 2.4.32-r6 stable on x86. RSBAC state unknown
672 kang 1.105
673     *hardened-sources-2.4.32-r7 (10 Jul 2006)
674    
675     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
676     +hardened-sources-2.4.32-r7.ebuild:
677     Bump PaX for RSBAC to test-17
678 johnm 1.104
679     *hardened-sources-2.6.16-r9 (03 Jul 2006)
680    
681     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
682     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
683     hardened-sources-2.6.16 bump to latest -base.
684 solar 1.103
685     *hardened-sources-2.4.32-r6 (30 Jun 2006)
686    
687     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
688     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
689     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
690     sysctl controlable resource logging
691 johnm 1.102
692     *hardened-sources-2.6.16-r7 (05 Jun 2006)
693    
694     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
695     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
696     push new 2.6.16 release in preparation for stable
697 solar 1.101
698     22 May 2006; <solar@gentoo.org> :
699     - redigest bug 134002
700 kang 1.100
701     *hardened-sources-2.4.32-r5 (16 May 2006)
702    
703     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
704     +hardened-sources-2.4.32-r5.ebuild:
705     Fixes rsbac common patching (new patch in new -r5 patchset)
706 solar 1.99
707     *hardened-sources-2.4.32-r4 (13 May 2006)
708    
709     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
710     +hardened-sources-2.4.32-r4.ebuild:
711     - security bumps
712 johnm 1.98
713     *hardened-sources-2.6.16-r6 (03 May 2006)
714    
715     03 May 2006; John Mylchreest <johnm@gentoo.org>
716     +hardened-sources-2.6.16-r6.ebuild:
717     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
718 johnm 1.97
719     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
720     hardened-sources-2.6.14-r8.ebuild:
721     fix x86_64 build problem, this will delay the digest issue again for a short
722     while but it will sort itself out
723 johnm 1.96
724     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
725     hardened-sources-2.6.14-r8.ebuild:
726     bump hardened patchset
727 antarus 1.94
728     27 Apr 2006; Alec Warner <antarus@gentoo.org>
729     files/digest-hardened-sources-2.4.32-r2,
730     files/digest-hardened-sources-2.4.32-r3,
731     files/digest-hardened-sources-2.6.14-r8, Manifest:
732     Fixing duff SHA256 digests: Bug # 131293
733 johnm 1.93
734 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
735    
736     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
737     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
738     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
739     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
740     cleanup of old uneccessary sources
741    
742 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
743     fix digest
744 johnm 1.92
745     *hardened-sources-2.6.14-r8 (20 Apr 2006)
746    
747     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
748     +hardened-sources-2.6.14-r8.ebuild:
749     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
750 johnm 1.91
751     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
752     Turning on gpg-signing again, and recomitting
753 johnm 1.90
754     *hardened-sources-2.6.16-r4 (20 Apr 2006)
755    
756     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
757     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
758     +hardened-sources-2.6.16-r4.ebuild:
759     Fix numerous security vulns
760 solar 1.89
761     *hardened-sources-2.4.32-r3 (16 Apr 2006)
762    
763     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
764     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
765     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
766     - security bump for bug #112791. Removed old ebuilds
767 johnm 1.88
768     *hardened-sources-2.6.16-r3 (15 Apr 2006)
769    
770     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
771     +hardened-sources-2.6.16-r3.ebuild:
772     Removing silly localversion which I missed
773 johnm 1.87
774     *hardened-sources-2.6.14-r7 (14 Apr 2006)
775    
776     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
778     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
779 johnm 1.86
780     *hardened-sources-2.6.16-r2 (13 Apr 2006)
781    
782     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
783     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
784     +hardened-sources-2.6.16-r2.ebuild:
785     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
786     labels, dropping USERGROUP define fixes, since these were merged mainstream.
787 johnm 1.85
788     *hardened-sources-2.6.16-r1 (11 Apr 2006)
789    
790     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
791     +hardened-sources-2.6.16-r1.ebuild:
792     Bumping to include ppc build fix and 2.6.16.3
793 tsunam 1.84
794     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
795     hardened-sources-2.6.14-r6.ebuild:
796     Stable on x86; bug #127718
797 johnm 1.83
798     *hardened-sources-2.6.16 (31 Mar 2006)
799    
800     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
801     +hardened-sources-2.6.16.ebuild:
802     Bumping to new version of grsec, and kernel base. New squashfs. Based on
803     2.6.16.1
804 cryos 1.82
805     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
806     hardened-sources-2.6.14-r6.ebuild:
807     Stable on amd64, bug 127718.
808 nixnut 1.81
809     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
810     Stable on ppc. Bug #127718
811 johnm 1.80
812     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
813     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
814     -hardened-sources-2.6.14-r4.ebuild:
815     Cleanup.
816 johnm 1.79
817     *hardened-sources-2.6.14-r6 (15 Mar 2006)
818    
819     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
820     +hardened-sources-2.6.14-r6.ebuild:
821     Fixes grsec policy recreation bug and adds a
822     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
823 solar 1.78
824     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
825     - stable on x86
826 hansmi 1.77
827     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
828     hardened-sources-2.6.14-r5.ebuild:
829     Stable on ppc.
830 johnm 1.76
831     *hardened-sources-2.6.14-r5 (01 Feb 2006)
832    
833     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
834     +hardened-sources-2.6.14-r5.ebuild:
835     fixing every known exploit
836 solar 1.75
837     *hardened-sources-2.4.32-r2 (26 Jan 2006)
838    
839     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
840     +hardened-sources-2.4.32-r2.ebuild:
841     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
842 solar 1.74
843     *hardened-sources-2.6.14-r4 (12 Jan 2006)
844    
845     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
846     - version bump for new genpatches which fix up a few sec holes
847 solar 1.73
848     *hardened-sources-2.4.32-r1 (05 Jan 2006)
849    
850     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
851     - revision bump to add misc vital linux kernel security patches.
852 johnm 1.72
853     *hardened-sources-2.6.14-r3 (30 Dec 2005)
854    
855     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
856     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
857     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
858 johnm 1.71
859     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
860     hardened-sources-2.6.14-r2.ebuild:
861     making x86 & amd64 stable following testing.
862 johnm 1.70
863     *hardened-sources-2.6.14-r2 (27 Dec 2005)
864    
865     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
866     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
867     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
868     network hooks.
869 johnm 1.69
870     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
871     hardened-sources-2.6.14-r1.ebuild:
872     bumping to stable early for sec fix on x86 & amd64
873 johnm 1.68
874     *hardened-sources-2.6.14-r1 (05 Dec 2005)
875    
876     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
877     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
878     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
879 solar 1.67
880     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
881     - stable on x86 security bug #114227 CAN-2005-3257
882 kang 1.66
883     *hardened-sources-2.4.32 (19 Nov 2005)
884    
885     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
886     +hardened-sources-2.4.32.ebuild:
887     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
888     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
889     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
890     rsbac >> /etc/portage/package.use)
891 johnm 1.65
892     *hardened-sources-2.6.14 (14 Nov 2005)
893    
894     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
895     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
896     Bumping 2.6 series to 2.6.14.2
897 johnm 1.64
898     *hardened-sources-2.6.13-r2 (20 Oct 2005)
899    
900     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
901     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
902     +hardened-sources-2.6.13-r2.ebuild:
903     Fixes minor build error in ppc.
904 johnm 1.63
905     *hardened-sources-2.6.13-r1 (17 Oct 2005)
906    
907     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
908     +hardened-sources-2.6.13-r1.ebuild:
909     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
910     2.6.13.4, fixes some major amd64 stability problems.
911 johnm 1.62
912     *hardened-sources-2.6.13 (16 Sep 2005)
913    
914     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
915     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
916     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
917     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
918     users should test this thoroughly.
919 solar 1.61
920     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
921     - stable on x86
922 johnm 1.60
923     *hardened-sources-2.6.11-r15 (27 Jun 2005)
924    
925     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
926     +hardened-sources-2.6.11-r15.ebuild:
927     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
928     grsec redefining curr_ip struct.
929 solar 1.59
930     *hardened-sources-2.4.31 (20 Jun 2005)
931    
932     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
933     initial import of 2.4.31 tree
934 johnm 1.58
935     *hardened-sources-2.6.11-r14 (14 Jun 2005)
936    
937     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
938     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
939     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
940     naming scheme to abide by genpatches
941 johnm 1.57
942     *hardened-sources-2.6.11-r13 (18 May 2005)
943    
944     18 May 2005; John Mylchreest <johnm@gentoo.org>
945     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
946     Managed to mangle the Makefile patch from grsec, to miss out the grsec
947     target. sorry about that. Fixes bug #93022
948 johnm 1.56
949     *hardened-sources-2.6.11-r12 (17 May 2005)
950    
951     17 May 2005; John Mylchreest <johnm@gentoo.org>
952     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
953     +hardened-sources-2.6.11-r12.ebuild:
954     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
955     merges in genpatches-base
956 johnm 1.55
957     *hardened-sources-2.6.11-r12 (17 May 2005)
958    
959     17 May 2005; John Mylchreest <johnm@gentoo.org>
960     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
961     +hardened-sources-2.6.11-r12.ebuild:
962     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
963     merges in genpatches-base
964 solar 1.54
965     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
966     -files/2.4.27-cmdline-race.patch,
967     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
968     -files/2.4.28-grsec-binfmt_a.out.patch,
969     -files/2.4.28-grsec-cmdline-race.patch,
970     -files/2.4.28-selinux-binfmt_a.out.patch,
971     -files/2.4.28-selinux-cmdline-race.patch,
972     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
973     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
974     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
975     cleanup..
976 solar 1.53
977     *hardened-sources-2.4.30-r1 (21 Apr 2005)
978    
979     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
980     - disable aout by default
981 solar 1.52
982     *hardened-sources-2.4.30 (18 Apr 2005)
983    
984     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
985     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
986     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
987     use
988 tocharian 1.50
989 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
990    
991     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
992     +hardened-sources-2.4.29.ebuild:
993     New hardened-patches-2.4-29.0 patchball.
994     Removed SELinux support, upgraded GRSecurity to 2.1.4.
995    
996     *hardened-sources-2.4.28-r5 (06 Mar 2005)
997    
998     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
999     +hardened-sources-2.4.28-r5.ebuild:
1000     Added a fix for a PaX vulnerability.
1001    
1002     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1003 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1004     Stable on x86
1005 solar 1.49
1006     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1007     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1008     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1009     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1010     - fixed/added RDEPEND= in all kernel-2 ebuilds
1011 tocharian 1.48
1012     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1013    
1014     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1015     +hardened-sources-2.4.28-r4.ebuild:
1016     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1017     backport of neighbour hash updates.
1018 tocharian 1.47
1019     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1020     hardened-sources-2.4.28-r3.ebuild:
1021     Stable on x86
1022 tseng 1.46
1023     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1024    
1025     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1026     +hardened-sources-2.6.10-r3.ebuild:
1027     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1028     in 2005.0
1029 tocharian 1.45
1030     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1031     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1032     hardened-sources-2.4.28-r2.ebuild:
1033     Mark stable on x86
1034 tocharian 1.44
1035     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1036    
1037     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1038     +hardened-sources-2.4.28-r3.ebuild:
1039     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1040 tocharian 1.43
1041     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1042     hardened-sources-2.4.28.ebuild:
1043     Mark stable on x86.
1044 tocharian 1.42
1045     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1046    
1047     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1048     +hardened-sources-2.4.28-r2.ebuild:
1049     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1050     Mazinger for grsecurity patches as well.
1051 plasmaroo 1.41
1052     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1053    
1054     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1055     Security bump. Thank tocharian for rolling a new patchset...
1056 solar 1.40
1057     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1058     +files/2.4.28-grsec-cmdline-race.patch,
1059     +files/2.4.28-selinux-binfmt_a.out.patch,
1060     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1061     - Round up remaining security patches that appear to be missing in 2.4.28. -
1062     PaX standalone updated to current. hgpv=28.1
1063 solar 1.39
1064     *hardened-sources-2.4.28 (28 Nov 2004)
1065    
1066     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1067     security bump. Thank tocharian for rolling a new patchset
1068 scox 1.31
1069 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1070    
1071     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1072     +hardened-sources-2.4.27-r3.ebuild:
1073     Applies the new 2.4-27.2 patchball which updates
1074     GRSecurity to the 2.0.1 version.
1075    
1076 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1077    
1078     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1079     +hardened-sources-2.4.27-r2.ebuild:
1080     Version bump.
1081     This version uses the new 2.4-27.1 patchball which updates
1082     both the SELinux PaX hooks patch and the SELinux headers.
1083    
1084 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1085    
1086     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1087     +hardened-sources-2.4.27-r1.ebuild,
1088     -hardened-sources-2.4.27.ebuild,
1089     +files/2.4.27-cmdline-race.patch:
1090     Version bump, fix for cmdline race. See bug #59905.
1091    
1092     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1093    
1094     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1095     +hardened-sources-2.4.26-r6.ebuild,
1096     -hardened-sources-2.4.26-r5.ebuild,
1097     -hardened-sources-2.4.26-r4.ebuild,
1098     +files/2.4.26-cmdline-race.patch:
1099     Version bump, fix for cmdline race. See bug #59905.
1100    
1101 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1102    
1103     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1104     +hardened-sources-2.4.27.ebuild,
1105     +files/2.4.27-CAN-2004-0394.patch:
1106     Ported the patchball to the 2.4.27 kernel version.
1107    
1108 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1109    
1110     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1111     +hardened-sources-2.4.26-r5.ebuild:
1112 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1113 scox 1.34 It adds the following features:
1114     - Squashfs
1115     - Ebtables
1116     - Netdev random (core+drivers)
1117     - Watchdog Timer (WDT) fix.
1118    
1119 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1120    
1121     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1122     +hardened-sources-2.4.26-r4.ebuild,
1123     +files/2.4.26-CAN-2004-0415.patch,
1124     -hardened-sources-2.4.26-3:
1125     Version bump, fix for CAN 0415, see bug #59378.
1126    
1127 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1128    
1129     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1130     +hardened-sources-2.4.26-r3.ebuild,
1131     +files/2.4.26-CAN-2004-0497.patch,
1132     -hardened-sources-2.4.26-r2.ebuild:
1133     Version bump, fixed CAN 0497, see bug #56171.
1134    
1135 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1136    
1137     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1138 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1139 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1140     +files/2.4.26-CAN-2004-0535.patch,
1141     -hardened-sources-2.4.26-r1.ebuild:
1142     Fixes for both CAN 0495 and 0535, see bug #54976
1143 pvdabeel 1.27
1144 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1145     hardened-sources-2.4.26-r1.ebuild:
1146     QA - fix use invocation
1147 scox 1.28
1148     *hardened-sources-2.4.26-r1 (22 June 2004)
1149    
1150     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1151     +hardened-sources-2.4.26-r1.ebuild,
1152     +files/2.4.26-CAN-2004-0394.patch,
1153     +files/2.4.26-signal-race.patch,
1154     -hardened-sources-2.4.26.ebuild,
1155     -hardened-sources-2.4.24-r3.ebuild:
1156     Version bump for the CAN-2004-0394 issue and bug #53804
1157     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1158    
1159    
1160 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1161     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1162     Masked hardened-sources-2.4.26.ebuild broken for ppc
1163    
1164     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1165     hardened-sources-2.4.24-r3.ebuild:
1166     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1167 plasmaroo 1.25
1168 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1169    
1170     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1171     +hardened-sources-2.4.26.ebuild:
1172     Updated hardened-sources for the 2.4.26 kernel
1173     Removed broken components, updated almost everything.
1174    
1175 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1176    
1177     17 Apr 2004; <plasmaroo@gentoo.org>
1178     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1179     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1180     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1181     +hardened-sources-2.4.24-r3.ebuild:
1182     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1183     vulnerabilities. Old revisions removed.
1184 plasmaroo 1.24
1185     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1186    
1187     15 Apr 2004; <plasmaroo@gentoo.org>
1188     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1189     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1190     Version bump for the CAN-2004-0109 issue; bug #47881.
1191 aliz 1.23
1192     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1193     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1194     Add eutils to inherit.
1195 plasmaroo 1.22
1196     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1197    
1198     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1199     files/hardened-sources-2.4.24.munmap.patch:
1200     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1201 scox 1.19
1202 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1203 scox 1.26
1204 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1205     hardened-sources-2.4.24.ebuild:
1206     Version bump, updated most of the components.
1207     This release includes the following:
1208    
1209     - Hardened security
1210     - Netfilter patch-o-matic 20031219
1211     - FreeSWAN 2.04 & x509 1.4.8
1212     - EVMS 2.2.2
1213     - XFS 1.3.1
1214     - cryptoloop jari
1215     - grsecurity 2.0-rc4
1216     - SELinux
1217     - PaX 200402060000
1218     - PaX Obscurity 200308302223
1219     - Others...
1220    
1221     Neither -ck nor systrace are included anymore.
1222    
1223 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1224    
1225     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1226     hardened-sources-2.4.22-r2.ebuild:
1227 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1228 scox 1.19
1229     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1230 iggy 1.17
1231     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1232 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1233 iggy 1.16
1234     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1235 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1236     Version bump for the 'do_brk' vulnerability.
1237 iggy 1.15
1238     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1239     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1240     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1241     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1242 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1243 frogger 1.14
1244     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1245     hardened-sources-2.4.22.ebuild:
1246 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1247     components. These are no longer handled in the kernel
1248     so this code was not necessary.
1249 frogger 1.13
1250     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1251     New 2.4.22 based hardened-sources thanks to
1252     Phil West <p.west@computer.org>.
1253    
1254     These sources include:
1255 plasmaroo 1.18 - New SELinux API
1256     - Updated CK-base
1257     - Updated GRSec
1258     - Systrace
1259     - SuperFreeS/WAN 1.99.8
1260     - Propolice kernel build support
1261     - EVMS
1262     - Other various security related patches
1263 frogger 1.11
1264 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1265    
1266     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1267     Updated hardened-sources based on the 2.4.21 Linux kernel.
1268     This includes updates to most major components such as:
1269 plasmaroo 1.18 - ck-base-0306300059
1270     - selinux-2.4-2003071106
1271     - grsecurity-2.0-rc1
1272     - Updated IPTables patch-o-matic
1273     - Updated SuperFreeS/WAN
1274    
1275 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1276     updated patch set ready for the 2.4.21 based kernel.
1277    
1278 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1279     Initial import of hardened-sources-2.4.20-r4. This revision
1280     includes only a few changes, but one of these is an important
1281     security fix. It is recommended all users of hardened-sources
1282     upgrade to this release.
1283 plasmaroo 1.18
1284 frogger 1.11 - ioperm bug fix
1285     - fixed compilation failure when building without GRSec
1286 plasmaroo 1.18
1287 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1288     due to time constraints, but is planned for inclusion in the near
1289     future.
1290 msterret 1.10
1291     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1292    
1293     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1294     hardened-sources-2.4.20-r3.ebuild:
1295 plasmaroo 1.18 Add Header...
1296 frogger 1.9
1297     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1298     hardened-sources-2.4.20-r3.ebuild:
1299     Removed warnings from ebuild. This kernel should be safe to
1300     use at this point.
1301 frogger 1.8
1302     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1303    
1304     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1305     hardened-sources-2.4.20-r3.ebuild:
1306     New revision. Includes the following changes over -r2:
1307 plasmaroo 1.18
1308 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1309     - Super FreeS/WAN 1.99.7rc2
1310     - PaX for the LSM/SELinux branch
1311     - GRSecurity 2.0-pre4 (role based access control)
1312     - Systrace 1.3
1313     - EXT3 fixes
1314     - EVMS 2.0.1
1315     - GCC 3.1+ compile optimizations
1316     - ProPolice kernel build support
1317     - Hashing table security fixes
1318 frogger 1.3
1319     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1320 frogger 1.7
1321     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1322     Initial import of hardened-sources-r2. This new
1323     ebuild includes many new performance and security
1324     related patches. As in -r1, it will patch in
1325     LSM/SELinux if "selinux" is in USE, otherwise it
1326     will patch in GRSecurity. The following patches
1327     are included in this revision:
1328 plasmaroo 1.18
1329 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1330     (pulled from the base CK patch)
1331     - ptrace exploit patch for the LSM kernel
1332     (the GRSec patch already fixes this)
1333     - LSM 2.4-2003040709
1334     - SELinux 2.4-2003040709
1335     - Systrace v1.2
1336     - IPTables patch-o-matic base patches - 20030107
1337     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1338     - Super FreeS/WAN 1.99.6.1
1339     - GRSecurity 1.9.9g
1340     - MPPE
1341     - EXT3 data journal fix
1342     - CIPE 1.5.4
1343 frogger 1.6
1344     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1345     hardened-sources-2.4.20-r1.ebuild, manifest:
1346 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1347 frogger 1.5
1348     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1349     hardened-sources-2.4.20-r1.ebuild:
1350     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1351     is patched in instead. Ptrace patches for selinux have also been added. In
1352     either case, systrace support will be patched in as well.
1353 frogger 1.3
1354     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1355     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1356 plasmaroo 1.18 Revision bump for new sources.
1357 frogger 1.4
1358 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1359 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1360 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1361 method 1.1
1362 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1363    
1364 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1365     hardened-sources-2.4.20.ebuild:
1366 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20