/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.221 - (hide annotations) (download)
Mon May 5 17:39:56 2008 UTC (6 years, 2 months ago) by solar
Branch: MAIN
Changes since 1.220: +4 -1 lines
- -r11 stable on x86/amd64
(Portage version: 2.1.3.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.221 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.220 2008/05/01 22:16:54 solar Exp $
4    
5     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
6     - -r11 stable on x86/amd64
7 solar 1.220
8     *hardened-sources-2.6.23-r11 (01 May 2008)
9    
10     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
11     - version bump to fix ulgy linux bugs
12 phreak 1.219
13     *hardened-sources-2.6.24-r1 (30 Apr 2008)
14    
15     30 Apr 2008; Christian Heim <phreak@gentoo.org>
16     +hardened-sources-2.6.24-r1.ebuild:
17     Revision bump (thanks to Kerin and Gordon, again), pulling
18     genpatches-2.6.24-7, solving #219089. Additionally contains further security
19     fixes plus some minor updates.
20 phreak 1.218
21     *hardened-sources-2.6.23-r10 (30 Apr 2008)
22    
23     30 Apr 2008; Christian Heim <phreak@gentoo.org>
24     +hardened-sources-2.6.23-r10.ebuild:
25     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
26     Additional contains "various other fixes".
27 phreak 1.217
28     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
29     Update the longdescription in metadata, thanks to Gordon Malm.
30 nixnut 1.216
31     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
32     Stable on ppc wrt bug #213255
33 solar 1.215
34     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
35     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
36     - stable on x86/amd64 per request. Removed obsolete ebuilds
37 phreak 1.214
38     *hardened-sources-2.6.24 (07 Apr 2008)
39    
40     07 Apr 2008; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.24.ebuild:
42     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
43     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
44     for the many contributions and their continued effort in #216612) based on
45     2.6.24 and genpatches-2.6.24-5.
46    
47     The current ebuild/patchset contains these things:
48     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
49     * Introduces bespoke server and workstation oriented security levels
50     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
51 phreak 1.213
52     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
53     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
54     maintaining it).
55 phreak 1.212
56     24 Mar 2008; Christian Heim <phreak@gentoo.org>
57     hardened-sources-2.4.35-r2.ebuild:
58     Fixing SRC_URI for 2.4.35-r2.
59 phreak 1.211
60     *hardened-sources-2.6.23-r9 (22 Mar 2008)
61    
62     22 Mar 2008; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.6.23-r9.ebuild:
64     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
65     * Change the default GIDs for some grsecurity options
66     * Revamp the Hardened [Gentoo] security level and make it the default level
67     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
68     * Fix a recursive lock -- call to capable() within ptrace_attach()
69     * Fix bug that allows audit and iscsi operations to be controlled via netlink
70 solar 1.210
71     *hardened-sources-2.6.23-r8 (27 Feb 2008)
72    
73     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
74     - version bump from Kerin Millar bug 210026
75 solar 1.209
76     17 Feb 2008; <solar@gentoo.org> metadata.xml,
77     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
78     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
79     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
80     - stable on x86 and remove old ebuilds
81 solar 1.207
82     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
83 solar 1.208 - stable on amd64 per request of amd64 lead
84 solar 1.206
85     *hardened-sources-2.6.23-r7 (11 Feb 2008)
86    
87     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
88     - version bump from kerin.millar
89     Changes:
90    
91     * Bump to genpatches-base-2.6.23-9
92     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
93     * Disables COMPAT_VDSO in x86/defconfig
94     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
95 phreak 1.205
96     25 Jan 2008; Christian Heim <phreak@gentoo.org>
97     -hardened-sources-2.6.22-r8.ebuild:
98     Cleaning up old versions.
99 phreak 1.204
100     *hardened-sources-2.6.23-r6 (25 Jan 2008)
101    
102     25 Jan 2008; Christian Heim <phreak@gentoo.org>
103     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
104     Revision bump, pulling in the latest genpatches.
105 phreak 1.203
106     *hardened-sources-2.6.23-r5 (24 Dec 2007)
107    
108     24 Dec 2007; Christian Heim <phreak@gentoo.org>
109     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
110     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
111     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
112     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
113 phreak 1.202
114     24 Dec 2007; Christian Heim <phreak@gentoo.org>
115     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
116     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
117     -hardened-sources-2.6.23-r3.ebuild:
118     Cleaning out some unused, old versions.
119 phreak 1.201
120     24 Dec 2007; Christian Heim <phreak@gentoo.org>
121     hardened-sources-2.6.23-r4.ebuild:
122     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
123     in the tree for long, but there isn't much of a difference between this and
124     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
125 phreak 1.200
126     *hardened-sources-2.6.23-r4 (23 Dec 2007)
127    
128     23 Dec 2007; Christian Heim <phreak@gentoo.org>
129     +hardened-sources-2.6.23-r4.ebuild:
130     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
131 phreak 1.199
132     *hardened-sources-2.6.23-r3 (04 Dec 2007)
133    
134     04 Dec 2007; Christian Heim <phreak@gentoo.org>
135     +hardened-sources-2.6.23-r3.ebuild:
136     Revision bump, pulling in 2.6.23.9.
137 phreak 1.198
138     *hardened-sources-2.6.23-r2 (25 Nov 2007)
139    
140     25 Nov 2007; Christian Heim <phreak@gentoo.org>
141     +hardened-sources-2.6.23-r2.ebuild:
142     Updated patchset, thanks to solar.
143 phreak 1.197
144     *hardened-sources-2.6.23-r1 (31 Oct 2007)
145    
146     31 Oct 2007; Christian Heim <phreak@gentoo.org>
147     +hardened-sources-2.6.23-r1.ebuild:
148     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
149 solar 1.196
150     29 Oct 2007; <solar@gentoo.org> metadata.xml:
151     - update metadata.xml
152 phreak 1.195
153     25 Oct 2007; Christian Heim <phreak@gentoo.org>
154     hardened-sources-2.6.22-r8.ebuild:
155     Marking 2.6.22-r8 stable on amd64 and x86.
156 phreak 1.194
157     21 Oct 2007; Christian Heim <phreak@gentoo.org>
158     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
159     -hardened-sources-2.6.21-r4.ebuild:
160     Removing old ebuilds.
161 phreak 1.193
162     *hardened-sources-2.4.35-r2 (21 Oct 2007)
163    
164     21 Oct 2007; Christian Heim <phreak@gentoo.org>
165     +hardened-sources-2.4.35-r2.ebuild:
166     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
167     patches.
168 phreak 1.192
169     *hardened-sources-2.6.22-r8 (21 Oct 2007)
170    
171     21 Oct 2007; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.22-r8.ebuild:
173     Yet another new patch, hopefully fixing the remaining issues we had w/
174     2.6.22. Candidate for stabling.
175 phreak 1.191
176     *hardened-sources-2.6.23 (13 Oct 2007)
177    
178     13 Oct 2007; Christian Heim <phreak@gentoo.org>
179     +hardened-sources-2.6.23.ebuild:
180     Initial hardened-sources-2.6.23. If people still have problems w/ bug
181     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
182 phreak 1.190
183     11 Oct 2007; Christian Heim <phreak@gentoo.org>
184     hardened-sources-2.6.20-r10.ebuild:
185     Pulling in yet another new genpatches version, fixing the PWC bug for real.
186 phreak 1.189
187     04 Oct 2007; Christian Heim <phreak@gentoo.org>
188     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
189     Removing old versions.
190 phreak 1.188
191     *hardened-sources-2.6.22-r7 (01 Oct 2007)
192    
193     01 Oct 2007; Christian Heim <phreak@gentoo.org>
194     +hardened-sources-2.6.22-r7.ebuild:
195     Revision bump, pulling in a newer patch. Should fix #194276.
196 phreak 1.187
197     30 Sep 2007; Christian Heim <phreak@gentoo.org>
198     hardened-sources-2.6.20-r10.ebuild:
199     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
200     Mike Doty).
201 phreak 1.186
202     *hardened-sources-2.6.22-r6 (26 Sep 2007)
203    
204     26 Sep 2007; Christian Heim <phreak@gentoo.org>
205     +hardened-sources-2.6.22-r6.ebuild:
206     Revision bump, grabbing up till Linux 2.6.22.9.
207 phreak 1.185
208     24 Sep 2007; Christian Heim <phreak@gentoo.org>
209     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
210     Cleaning up further.
211 phreak 1.184
212     *hardened-sources-2.6.20-r10 (24 Sep 2007)
213    
214     24 Sep 2007; Christian Heim <phreak@gentoo.org>
215     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
216     +hardened-sources-2.6.20-r10.ebuild:
217     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
218     revisions.
219 phreak 1.183
220     *hardened-sources-2.6.22-r5 (22 Sep 2007)
221    
222     22 Sep 2007; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.22-r5.ebuild:
224     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
225 phreak 1.182
226     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
227     Removing johnm from metadata.xml (see #186467 for reference).
228 phreak 1.181
229     *hardened-sources-2.6.22-r4 (17 Sep 2007)
230    
231     17 Sep 2007; Christian Heim <phreak@gentoo.org>
232     +hardened-sources-2.6.22-r4.ebuild:
233     Revision bump, hopefully fixing all those weird PAX failures.
234 phreak 1.180
235     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
236     Updating the metadata.xml.
237 phreak 1.179
238     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
239     Removing tocharian from metadata due to his retirement (see #71718 for
240     reference).
241 phreak 1.178
242     *hardened-sources-2.6.20-r9 (30 Aug 2007)
243    
244     30 Aug 2007; Christian Heim <phreak@gentoo.org>
245     +hardened-sources-2.6.20-r9.ebuild:
246     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
247 phreak 1.177
248     29 Aug 2007; Christian Heim <phreak@gentoo.org>
249     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
250     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
251     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
252     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
253     -hardened-sources-2.6.22-r2.ebuild:
254     Removing some redundant versions.
255 phreak 1.176
256     *hardened-sources-2.4.35-r1 (29 Aug 2007)
257    
258     29 Aug 2007; Christian Heim <phreak@gentoo.org>
259     +hardened-sources-2.4.35-r1.ebuild:
260     Revision bump, new grsecurity patch.
261 phreak 1.175
262     *hardened-sources-2.6.20-r8 (26 Aug 2007)
263    
264     26 Aug 2007; Christian Heim <phreak@gentoo.org>
265     +hardened-sources-2.6.20-r8.ebuild:
266     Revision bump for Linux 2.6.20.17.
267 phreak 1.174
268     *hardened-sources-2.6.22-r3 (22 Aug 2007)
269    
270     22 Aug 2007; Christian Heim <phreak@gentoo.org>
271     +hardened-sources-2.6.22-r3.ebuild:
272     Revision bump for Linux 2.6.22.4.
273 phreak 1.173
274     16 Aug 2007; Christian Heim <phreak@gentoo.org>
275     hardened-sources-2.6.22-r2.ebuild:
276     Updated patchset, to fix the alignment against 2.6.22.3.
277 phreak 1.172
278     *hardened-sources-2.6.22-r2 (16 Aug 2007)
279    
280     16 Aug 2007; Christian Heim <phreak@gentoo.org>
281     +hardened-sources-2.6.22-r2.ebuild:
282     Revision bump for Linux 2.6.22.3.
283 phreak 1.171
284     *hardened-sources-2.4.35 (16 Aug 2007)
285    
286     16 Aug 2007; Christian Heim <phreak@gentoo.org>
287     +hardened-sources-2.4.35.ebuild:
288     Version bump, initial version for Linux 2.4.35.
289 phreak 1.170
290     *hardened-sources-2.6.21-r4 (16 Aug 2007)
291    
292     16 Aug 2007; Christian Heim <phreak@gentoo.org>
293     +hardened-sources-2.6.21-r4.ebuild:
294     Revision bump for Linux 2.6.21.6.
295 phreak 1.169
296     *hardened-sources-2.6.20-r7 (16 Aug 2007)
297    
298     16 Aug 2007; Christian Heim <phreak@gentoo.org>
299     +hardened-sources-2.6.20-r7.ebuild:
300     Revision bump for Linux 2.6.20.16.
301 phreak 1.168
302     *hardened-sources-2.6.22-r1 (13 Aug 2007)
303    
304     13 Aug 2007; Christian Heim <phreak@gentoo.org>
305     +hardened-sources-2.6.22-r1.ebuild:
306     Yet another revision bump.
307 phreak 1.167
308     *hardened-sources-2.6.22 (10 Aug 2007)
309    
310     10 Aug 2007; Christian Heim <phreak@gentoo.org>
311     +hardened-sources-2.6.22.ebuild:
312     Initial release for 2.6.22. If you are using hardened-sources on a desktop
313     machine (P4 or newer), be aware you might need to disable
314     CONFIG_PAX_PAGEEXEC.
315 phreak 1.166
316     04 Aug 2007; Christian Heim <phreak@gentoo.org>
317     hardened-sources-2.6.20-r6.ebuild:
318     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
319     2.6.20.15.
320 phreak 1.165
321     10 Jul 2007; Christian Heim <phreak@gentoo.org>
322     hardened-sources-2.6.20-r5.ebuild:
323     Marking hardened-sources-2.6.20-r5 stable on ppc.
324 phreak 1.164
325     10 Jul 2007; Christian Heim <phreak@gentoo.org>
326     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
327     Cleanup.
328 phreak 1.163
329     *hardened-sources-2.6.20-r6 (08 Jul 2007)
330    
331     08 Jul 2007; Christian Heim <phreak@gentoo.org>
332     +hardened-sources-2.6.20-r6.ebuild:
333     Revision bump, grabbing yet another stable release.
334 phreak 1.162
335     17 Jun 2007; Christian Heim <phreak@gentoo.org>
336     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
337     -hardened-sources-2.6.21-r2.ebuild:
338     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
339     alpha stable KEYWORD by mistake.
340 phreak 1.161
341     17 Jun 2007; Christian Heim <phreak@gentoo.org>
342     hardened-sources-2.6.20-r5.ebuild:
343     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
344     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
345 phreak 1.160
346     *hardened-sources-2.6.21-r3 (12 Jun 2007)
347    
348     12 Jun 2007; Christian Heim <phreak@gentoo.org>
349     +hardened-sources-2.6.21-r3.ebuild:
350     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
351     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
352     love.
353 phreak 1.159
354     *hardened-sources-2.6.20-r5 (11 Jun 2007)
355    
356     11 Jun 2007; Christian Heim <phreak@gentoo.org>
357     +hardened-sources-2.6.20-r5.ebuild:
358     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
359     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
360     love.
361 pappy 1.158
362     *hardened-sources-2.4.34.5 (11 Jun 2007)
363    
364     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
365     +hardened-sources-2.4.34.5.ebuild:
366     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
367 phreak 1.157
368     30 May 2007; Christian Heim <phreak@gentoo.org>
369     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
370     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
371     stale ebuild(s).
372 phreak 1.156
373     30 May 2007; Christian Heim <phreak@gentoo.org>
374     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
375     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
376     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
377     Doing some cleanups, remove stale ebuilds.
378 phreak 1.155
379     26 May 2007; Christian Heim <phreak@gentoo.org>
380     hardened-sources-2.6.21-r2.ebuild:
381     Fixing the grsecurity patch, had one '};' too much.
382 phreak 1.154
383     *hardened-sources-2.6.21-r2 (26 May 2007)
384    
385     26 May 2007; Christian Heim <phreak@gentoo.org>
386     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
387     +hardened-sources-2.6.21-r2.ebuild:
388     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
389     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
390 phreak 1.153
391     *hardened-sources-2.6.20-r4 (26 May 2007)
392    
393     26 May 2007; Christian Heim <phreak@gentoo.org>
394     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
395     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
396 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
397 phreak 1.152
398     15 May 2007; Christian Heim <phreak@gentoo.org>
399     hardened-sources-2.6.20-r3.ebuild:
400     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
401     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
402     grsecurity patch fail in that exact same hunk.
403 phreak 1.151
404     *hardened-sources-2.6.20-r3 (15 May 2007)
405    
406     15 May 2007; Christian Heim <phreak@gentoo.org>
407     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
408     Revision bump, incorporating Linux 2.6.20.11.
409    
410     *hardened-sources-2.6.21-r1 (11 May 2007)
411    
412     11 May 2007; Christian Heim <phreak@gentoo.org>
413     +hardened-sources-2.6.21-r1.ebuild:
414     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
415     mentioned in #177234.
416 kevquinn 1.150
417     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
418     files/digest-hardened-sources-2.6.21, Manifest:
419     Fix Manifest/digest for linux-2.6.21.tar.bz2
420 phreak 1.149
421     06 May 2007; Christian Heim <phreak@gentoo.org>
422     hardened-sources-2.6.21.ebuild:
423     Bumping the hardened-patches version, needed for the fix for #177234.
424 phreak 1.148
425     *hardened-sources-2.6.21 (02 May 2007)
426    
427     02 May 2007; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.21.ebuild:
429     Version bump, Linux 2.6.21-hardened.
430 phreak 1.147
431     29 Apr 2007; Christian Heim <phreak@gentoo.org>
432     hardened-sources-2.6.20-r2.ebuild:
433     Adding ~ia64 on Ned's request.
434 phreak 1.146
435     29 Apr 2007; Christian Heim <phreak@gentoo.org>
436     hardened-sources-2.6.20-r2.ebuild:
437     Fixing the included grsecurity patch, wasn't alligning due to the Index:
438     header line(s).
439 phreak 1.145
440     29 Apr 2007; Christian Heim <phreak@gentoo.org>
441     hardened-sources-2.6.20-r2.ebuild:
442     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
443 armin76 1.144
444     *hardened-sources-2.6.20-r2 (10 Apr 2007)
445    
446     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
447     +hardened-sources-2.6.20-r2.ebuild:
448     Version bump, on behalf of phreak
449 phreak 1.143
450     *hardened-sources-2.6.20-r1 (04 Apr 2007)
451    
452     04 Apr 2007; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.20-r1.ebuild:
454     Revision bump, grabbing a newer grsecurity snapshot.
455 phreak 1.142
456     *hardened-sources-2.6.20 (25 Mar 2007)
457    
458     25 Mar 2007; Christian Heim <phreak@gentoo.org>
459     +hardened-sources-2.6.20.ebuild:
460     Finally a hardened-sources version for 2.6.20; many people have been waiting
461     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
462     testbox.
463 chainsaw 1.141
464     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
465     hardened-sources-2.6.18-r6.ebuild:
466     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
467 phreak 1.140
468     *hardened-sources-2.6.18-r6 (16 Mar 2007)
469    
470     16 Mar 2007; Christian Heim <phreak@gentoo.org>
471     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
472     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
473     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
474     supposed to be.
475 phreak 1.139
476     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
477     Fixing the Manifest, the previous one was broken (as in still had the
478     deleted ebuild in it).
479 phreak 1.138
480     06 Mar 2007; Christian Heim <phreak@gentoo.org>
481     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
482     +hardened-sources-2.6.18-r5.ebuild:
483     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
484     Linux 2.6.18.8. Also cleaning up the older version.
485    
486     *hardened-sources-2.6.18-r5 (06 Mar 2007)
487    
488     06 Mar 2007; Christian Heim <phreak@gentoo.org>
489     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
490     +hardened-sources-2.6.18-r5.ebuild:
491     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
492     Linux 2.6.18.8. Also cleaning up the older version.
493 phreak 1.137
494     24 Feb 2007; Christian Heim <phreak@gentoo.org>
495     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
496     -hardened-sources-2.6.19-r5.ebuild:
497     Removing some of the old version, that didn't work.
498 phreak 1.136
499     *hardened-sources-2.6.19-r6 (12 Feb 2007)
500    
501     12 Feb 2007; Christian Heim <phreak@gentoo.org>
502     +hardened-sources-2.6.19-r6.ebuild:
503     Revision bump, including a new grsec version fixing #166235.
504 pappy 1.134
505     *hardened-sources-2.4.34 (24 Jan 2007)
506    
507     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
508 pappy 1.135 Manifest:
509     updating Manifest with checksums of new tarball and ebuild
510    
511     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
512 pappy 1.134 +hardened-sources-2.4.34.ebuild:
513     I added new hardened sources 2.4 update, this is a critical path
514     security bugfix - all users of h-s are strongly advised
515     to update their existing hardened sources to this version.
516     It contains a fix for a kernel vulnerability that is pertaining
517     to the PaX changes to virtual memory management, possibly leading
518     to a local kernel exploit ... see grsecurity.net forums and homepage
519 phreak 1.133
520     23 Jan 2007; Christian Heim <phreak@gentoo.org>
521     files/digest-hardened-sources-2.6.19-r5, Manifest:
522     Fixing the patch-tarball digest.
523 phreak 1.132
524     *hardened-sources-2.6.19-r5 (23 Jan 2007)
525    
526     23 Jan 2007; Christian Heim <phreak@gentoo.org>
527     +hardened-sources-2.6.19-r5.ebuild:
528     Revision bump, closing the recently discovered PaX expand_stack()
529     vulnerability.
530 phreak 1.131
531     *hardened-sources-2.6.19-r4 (14 Jan 2007)
532    
533     14 Jan 2007; Christian Heim <phreak@gentoo.org>
534     +hardened-sources-2.6.19-r4.ebuild:
535     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
536     dropping the randomized PID feature.
537 opfer 1.130
538     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
539     hardened-sources-2.4.33.4.ebuild:
540     stable x86, bug #161171
541 phreak 1.129
542     *hardened-sources-2.6.19-r3 (27 Dec 2006)
543    
544     27 Dec 2006; Christian Heim <phreak@gentoo.org>
545     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
546     Revision bump for bug #157186 and #158786.
547 phreak 1.128
548     *hardened-sources-2.6.18-r4 (27 Dec 2006)
549    
550     27 Dec 2006; Christian Heim <phreak@gentoo.org>
551     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
552     Revision bump for bug #157186.
553 phreak 1.127
554     *hardened-sources-2.6.19-r2 (23 Dec 2006)
555    
556     23 Dec 2006; Christian Heim <phreak@gentoo.org>
557     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
558     Revision bump to pull in genpatches-2.6.19-3 for #157186.
559 phreak 1.126
560     17 Dec 2006; Christian Heim <phreak@gentoo.org>
561     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
562     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
563     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
564     hardened-sources-2.6.19-r1.ebuild:
565     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
566     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
567 pappy 1.125
568     *hardened-sources-2.4.33.4 (17 Dec 2006)
569    
570     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
571     +hardened-sources-2.4.33.4.ebuild:
572     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
573     and quilting
574 phreak 1.124
575     *hardened-sources-2.6.19-r1 (14 Dec 2006)
576    
577     14 Dec 2006; Christian Heim <phreak@gentoo.org>
578     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
579     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
580     for reporting).
581 phreak 1.123
582     *hardened-sources-2.6.19 (13 Dec 2006)
583    
584     13 Dec 2006; Christian Heim <phreak@gentoo.org>
585     +hardened-sources-2.6.19.ebuild:
586     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
587     Brad for providing that prompt update.
588 phreak 1.122
589     *hardened-sources-2.6.18-r3 (13 Dec 2006)
590    
591     13 Dec 2006; Christian Heim <phreak@gentoo.org>
592     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
593     +hardened-sources-2.6.18-r3.ebuild:
594     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
595     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
596 phreak 1.121
597     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
598     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
599 nixnut 1.120
600     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
601     Stable on ppc wrt bug 157356
602 opfer 1.119
603     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
604     hardened-sources-2.6.18.ebuild:
605     stable x86, bug #157356
606 phreak 1.118
607     *hardened-sources-2.6.18-r2 (06 Dec 2006)
608    
609     06 Dec 2006; Christian Heim <phreak@gentoo.org>
610     +hardened-sources-2.6.18-r2.ebuild:
611     Revision bump, including 2.6.18.5 (via genpatches) and
612     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
613     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
614     redesign.
615 phreak 1.117
616     06 Dec 2006; Christian Heim <phreak@gentoo.org>
617     hardened-sources-2.6.18.ebuild:
618     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
619     of Mike Doty).
620 phreak 1.116
621     *hardened-sources-2.6.18-r1 (23 Nov 2006)
622    
623     23 Nov 2006; Christian Heim <phreak@gentoo.org>
624     +hardened-sources-2.6.18-r1.ebuild:
625     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
626 phreak 1.115
627     *hardened-sources-2.6.18 (11 Nov 2006)
628    
629     11 Nov 2006; Christian Heim <phreak@gentoo.org>
630     +hardened-sources-2.6.18.ebuild:
631     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
632 solar 1.114
633     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
634     - mark amd64 stable also. bug #151877
635 solar 1.113
636     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
637     - mark 2.6.17-r1 stable
638 phreak 1.112
639     27 Aug 2006; Christian Heim <phreak@gentoo.org>
640     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
641     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
642 phreak 1.111
643     *hardened-sources-2.6.17-r1 (26 Aug 2006)
644    
645     26 Aug 2006; Christian Heim <phreak@gentoo.org>
646     +hardened-sources-2.6.17-r1.ebuild:
647     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
648     grsecurity patch.
649 phreak 1.110
650     *hardened-sources-2.6.17 (17 Aug 2006)
651    
652     17 Aug 2006; Christian Heim <phreak@gentoo.org>
653     +hardened-sources-2.6.17.ebuild:
654     Bumping the hardened-sources-2.6 series to 2.6.17, using
655     genpatches-2.6.17-6.base.
656 solar 1.109
657     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
658     - stable on x86 and amd64
659 solar 1.108
660     *hardened-sources-2.6.16-r11 (15 Jul 2006)
661    
662     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
663     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
664     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
665     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
666     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
667     crusty ebuilds
668 johnm 1.107
669     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
670     hardened-sources-2.6.16-r10.ebuild:
671     marking stable on x86 and amd64
672 solar 1.106
673     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
674     - 2.4.32-r6 stable on x86. RSBAC state unknown
675 kang 1.105
676     *hardened-sources-2.4.32-r7 (10 Jul 2006)
677    
678     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
679     +hardened-sources-2.4.32-r7.ebuild:
680     Bump PaX for RSBAC to test-17
681 johnm 1.104
682     *hardened-sources-2.6.16-r9 (03 Jul 2006)
683    
684     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
685     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
686     hardened-sources-2.6.16 bump to latest -base.
687 solar 1.103
688     *hardened-sources-2.4.32-r6 (30 Jun 2006)
689    
690     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
691     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
692     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
693     sysctl controlable resource logging
694 johnm 1.102
695     *hardened-sources-2.6.16-r7 (05 Jun 2006)
696    
697     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
698     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
699     push new 2.6.16 release in preparation for stable
700 solar 1.101
701     22 May 2006; <solar@gentoo.org> :
702     - redigest bug 134002
703 kang 1.100
704     *hardened-sources-2.4.32-r5 (16 May 2006)
705    
706     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
707     +hardened-sources-2.4.32-r5.ebuild:
708     Fixes rsbac common patching (new patch in new -r5 patchset)
709 solar 1.99
710     *hardened-sources-2.4.32-r4 (13 May 2006)
711    
712     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
713     +hardened-sources-2.4.32-r4.ebuild:
714     - security bumps
715 johnm 1.98
716     *hardened-sources-2.6.16-r6 (03 May 2006)
717    
718     03 May 2006; John Mylchreest <johnm@gentoo.org>
719     +hardened-sources-2.6.16-r6.ebuild:
720     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
721 johnm 1.97
722     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
723     hardened-sources-2.6.14-r8.ebuild:
724     fix x86_64 build problem, this will delay the digest issue again for a short
725     while but it will sort itself out
726 johnm 1.96
727     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
728     hardened-sources-2.6.14-r8.ebuild:
729     bump hardened patchset
730 antarus 1.94
731     27 Apr 2006; Alec Warner <antarus@gentoo.org>
732     files/digest-hardened-sources-2.4.32-r2,
733     files/digest-hardened-sources-2.4.32-r3,
734     files/digest-hardened-sources-2.6.14-r8, Manifest:
735     Fixing duff SHA256 digests: Bug # 131293
736 johnm 1.93
737 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
738    
739     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
740     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
741     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
742     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
743     cleanup of old uneccessary sources
744    
745 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
746     fix digest
747 johnm 1.92
748     *hardened-sources-2.6.14-r8 (20 Apr 2006)
749    
750     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
751     +hardened-sources-2.6.14-r8.ebuild:
752     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
753 johnm 1.91
754     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
755     Turning on gpg-signing again, and recomitting
756 johnm 1.90
757     *hardened-sources-2.6.16-r4 (20 Apr 2006)
758    
759     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
760     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
761     +hardened-sources-2.6.16-r4.ebuild:
762     Fix numerous security vulns
763 solar 1.89
764     *hardened-sources-2.4.32-r3 (16 Apr 2006)
765    
766     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
767     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
768     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
769     - security bump for bug #112791. Removed old ebuilds
770 johnm 1.88
771     *hardened-sources-2.6.16-r3 (15 Apr 2006)
772    
773     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
774     +hardened-sources-2.6.16-r3.ebuild:
775     Removing silly localversion which I missed
776 johnm 1.87
777     *hardened-sources-2.6.14-r7 (14 Apr 2006)
778    
779     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
780     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
781     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
782 johnm 1.86
783     *hardened-sources-2.6.16-r2 (13 Apr 2006)
784    
785     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
786     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
787     +hardened-sources-2.6.16-r2.ebuild:
788     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
789     labels, dropping USERGROUP define fixes, since these were merged mainstream.
790 johnm 1.85
791     *hardened-sources-2.6.16-r1 (11 Apr 2006)
792    
793     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
794     +hardened-sources-2.6.16-r1.ebuild:
795     Bumping to include ppc build fix and 2.6.16.3
796 tsunam 1.84
797     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
798     hardened-sources-2.6.14-r6.ebuild:
799     Stable on x86; bug #127718
800 johnm 1.83
801     *hardened-sources-2.6.16 (31 Mar 2006)
802    
803     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
804     +hardened-sources-2.6.16.ebuild:
805     Bumping to new version of grsec, and kernel base. New squashfs. Based on
806     2.6.16.1
807 cryos 1.82
808     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
809     hardened-sources-2.6.14-r6.ebuild:
810     Stable on amd64, bug 127718.
811 nixnut 1.81
812     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
813     Stable on ppc. Bug #127718
814 johnm 1.80
815     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
816     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
817     -hardened-sources-2.6.14-r4.ebuild:
818     Cleanup.
819 johnm 1.79
820     *hardened-sources-2.6.14-r6 (15 Mar 2006)
821    
822     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
823     +hardened-sources-2.6.14-r6.ebuild:
824     Fixes grsec policy recreation bug and adds a
825     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
826 solar 1.78
827     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
828     - stable on x86
829 hansmi 1.77
830     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
831     hardened-sources-2.6.14-r5.ebuild:
832     Stable on ppc.
833 johnm 1.76
834     *hardened-sources-2.6.14-r5 (01 Feb 2006)
835    
836     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
837     +hardened-sources-2.6.14-r5.ebuild:
838     fixing every known exploit
839 solar 1.75
840     *hardened-sources-2.4.32-r2 (26 Jan 2006)
841    
842     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
843     +hardened-sources-2.4.32-r2.ebuild:
844     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
845 solar 1.74
846     *hardened-sources-2.6.14-r4 (12 Jan 2006)
847    
848     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
849     - version bump for new genpatches which fix up a few sec holes
850 solar 1.73
851     *hardened-sources-2.4.32-r1 (05 Jan 2006)
852    
853     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
854     - revision bump to add misc vital linux kernel security patches.
855 johnm 1.72
856     *hardened-sources-2.6.14-r3 (30 Dec 2005)
857    
858     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
859     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
860     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
861 johnm 1.71
862     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
863     hardened-sources-2.6.14-r2.ebuild:
864     making x86 & amd64 stable following testing.
865 johnm 1.70
866     *hardened-sources-2.6.14-r2 (27 Dec 2005)
867    
868     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
869     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
870     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
871     network hooks.
872 johnm 1.69
873     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
874     hardened-sources-2.6.14-r1.ebuild:
875     bumping to stable early for sec fix on x86 & amd64
876 johnm 1.68
877     *hardened-sources-2.6.14-r1 (05 Dec 2005)
878    
879     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
880     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
881     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
882 solar 1.67
883     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
884     - stable on x86 security bug #114227 CAN-2005-3257
885 kang 1.66
886     *hardened-sources-2.4.32 (19 Nov 2005)
887    
888     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
889     +hardened-sources-2.4.32.ebuild:
890     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
891     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
892     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
893     rsbac >> /etc/portage/package.use)
894 johnm 1.65
895     *hardened-sources-2.6.14 (14 Nov 2005)
896    
897     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
898     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
899     Bumping 2.6 series to 2.6.14.2
900 johnm 1.64
901     *hardened-sources-2.6.13-r2 (20 Oct 2005)
902    
903     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
904     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
905     +hardened-sources-2.6.13-r2.ebuild:
906     Fixes minor build error in ppc.
907 johnm 1.63
908     *hardened-sources-2.6.13-r1 (17 Oct 2005)
909    
910     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
911     +hardened-sources-2.6.13-r1.ebuild:
912     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
913     2.6.13.4, fixes some major amd64 stability problems.
914 johnm 1.62
915     *hardened-sources-2.6.13 (16 Sep 2005)
916    
917     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
918     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
919     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
920     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
921     users should test this thoroughly.
922 solar 1.61
923     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
924     - stable on x86
925 johnm 1.60
926     *hardened-sources-2.6.11-r15 (27 Jun 2005)
927    
928     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
929     +hardened-sources-2.6.11-r15.ebuild:
930     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
931     grsec redefining curr_ip struct.
932 solar 1.59
933     *hardened-sources-2.4.31 (20 Jun 2005)
934    
935     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
936     initial import of 2.4.31 tree
937 johnm 1.58
938     *hardened-sources-2.6.11-r14 (14 Jun 2005)
939    
940     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
941     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
942     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
943     naming scheme to abide by genpatches
944 johnm 1.57
945     *hardened-sources-2.6.11-r13 (18 May 2005)
946    
947     18 May 2005; John Mylchreest <johnm@gentoo.org>
948     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
949     Managed to mangle the Makefile patch from grsec, to miss out the grsec
950     target. sorry about that. Fixes bug #93022
951 johnm 1.56
952     *hardened-sources-2.6.11-r12 (17 May 2005)
953    
954     17 May 2005; John Mylchreest <johnm@gentoo.org>
955     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
956     +hardened-sources-2.6.11-r12.ebuild:
957     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
958     merges in genpatches-base
959 johnm 1.55
960     *hardened-sources-2.6.11-r12 (17 May 2005)
961    
962     17 May 2005; John Mylchreest <johnm@gentoo.org>
963     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
964     +hardened-sources-2.6.11-r12.ebuild:
965     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
966     merges in genpatches-base
967 solar 1.54
968     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
969     -files/2.4.27-cmdline-race.patch,
970     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
971     -files/2.4.28-grsec-binfmt_a.out.patch,
972     -files/2.4.28-grsec-cmdline-race.patch,
973     -files/2.4.28-selinux-binfmt_a.out.patch,
974     -files/2.4.28-selinux-cmdline-race.patch,
975     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
976     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
977     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
978     cleanup..
979 solar 1.53
980     *hardened-sources-2.4.30-r1 (21 Apr 2005)
981    
982     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
983     - disable aout by default
984 solar 1.52
985     *hardened-sources-2.4.30 (18 Apr 2005)
986    
987     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
988     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
989     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
990     use
991 tocharian 1.50
992 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
993    
994     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
995     +hardened-sources-2.4.29.ebuild:
996     New hardened-patches-2.4-29.0 patchball.
997     Removed SELinux support, upgraded GRSecurity to 2.1.4.
998    
999     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1000    
1001     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1002     +hardened-sources-2.4.28-r5.ebuild:
1003     Added a fix for a PaX vulnerability.
1004    
1005     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1006 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1007     Stable on x86
1008 solar 1.49
1009     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1010     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1011     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1012     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1013     - fixed/added RDEPEND= in all kernel-2 ebuilds
1014 tocharian 1.48
1015     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1016    
1017     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1018     +hardened-sources-2.4.28-r4.ebuild:
1019     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1020     backport of neighbour hash updates.
1021 tocharian 1.47
1022     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1023     hardened-sources-2.4.28-r3.ebuild:
1024     Stable on x86
1025 tseng 1.46
1026     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1027    
1028     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1029     +hardened-sources-2.6.10-r3.ebuild:
1030     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1031     in 2005.0
1032 tocharian 1.45
1033     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1034     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1035     hardened-sources-2.4.28-r2.ebuild:
1036     Mark stable on x86
1037 tocharian 1.44
1038     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1039    
1040     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041     +hardened-sources-2.4.28-r3.ebuild:
1042     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1043 tocharian 1.43
1044     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1045     hardened-sources-2.4.28.ebuild:
1046     Mark stable on x86.
1047 tocharian 1.42
1048     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1049    
1050     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1051     +hardened-sources-2.4.28-r2.ebuild:
1052     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1053     Mazinger for grsecurity patches as well.
1054 plasmaroo 1.41
1055     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1056    
1057     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1058     Security bump. Thank tocharian for rolling a new patchset...
1059 solar 1.40
1060     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1061     +files/2.4.28-grsec-cmdline-race.patch,
1062     +files/2.4.28-selinux-binfmt_a.out.patch,
1063     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1064     - Round up remaining security patches that appear to be missing in 2.4.28. -
1065     PaX standalone updated to current. hgpv=28.1
1066 solar 1.39
1067     *hardened-sources-2.4.28 (28 Nov 2004)
1068    
1069     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1070     security bump. Thank tocharian for rolling a new patchset
1071 scox 1.31
1072 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1073    
1074     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1075     +hardened-sources-2.4.27-r3.ebuild:
1076     Applies the new 2.4-27.2 patchball which updates
1077     GRSecurity to the 2.0.1 version.
1078    
1079 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1080    
1081     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1082     +hardened-sources-2.4.27-r2.ebuild:
1083     Version bump.
1084     This version uses the new 2.4-27.1 patchball which updates
1085     both the SELinux PaX hooks patch and the SELinux headers.
1086    
1087 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1088    
1089     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1090     +hardened-sources-2.4.27-r1.ebuild,
1091     -hardened-sources-2.4.27.ebuild,
1092     +files/2.4.27-cmdline-race.patch:
1093     Version bump, fix for cmdline race. See bug #59905.
1094    
1095     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1096    
1097     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1098     +hardened-sources-2.4.26-r6.ebuild,
1099     -hardened-sources-2.4.26-r5.ebuild,
1100     -hardened-sources-2.4.26-r4.ebuild,
1101     +files/2.4.26-cmdline-race.patch:
1102     Version bump, fix for cmdline race. See bug #59905.
1103    
1104 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1105    
1106     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1107     +hardened-sources-2.4.27.ebuild,
1108     +files/2.4.27-CAN-2004-0394.patch:
1109     Ported the patchball to the 2.4.27 kernel version.
1110    
1111 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1112    
1113     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1114     +hardened-sources-2.4.26-r5.ebuild:
1115 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1116 scox 1.34 It adds the following features:
1117     - Squashfs
1118     - Ebtables
1119     - Netdev random (core+drivers)
1120     - Watchdog Timer (WDT) fix.
1121    
1122 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1123    
1124     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125     +hardened-sources-2.4.26-r4.ebuild,
1126     +files/2.4.26-CAN-2004-0415.patch,
1127     -hardened-sources-2.4.26-3:
1128     Version bump, fix for CAN 0415, see bug #59378.
1129    
1130 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1131    
1132     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1133     +hardened-sources-2.4.26-r3.ebuild,
1134     +files/2.4.26-CAN-2004-0497.patch,
1135     -hardened-sources-2.4.26-r2.ebuild:
1136     Version bump, fixed CAN 0497, see bug #56171.
1137    
1138 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1139    
1140     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1141 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1142 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1143     +files/2.4.26-CAN-2004-0535.patch,
1144     -hardened-sources-2.4.26-r1.ebuild:
1145     Fixes for both CAN 0495 and 0535, see bug #54976
1146 pvdabeel 1.27
1147 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1148     hardened-sources-2.4.26-r1.ebuild:
1149     QA - fix use invocation
1150 scox 1.28
1151     *hardened-sources-2.4.26-r1 (22 June 2004)
1152    
1153     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1154     +hardened-sources-2.4.26-r1.ebuild,
1155     +files/2.4.26-CAN-2004-0394.patch,
1156     +files/2.4.26-signal-race.patch,
1157     -hardened-sources-2.4.26.ebuild,
1158     -hardened-sources-2.4.24-r3.ebuild:
1159     Version bump for the CAN-2004-0394 issue and bug #53804
1160     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1161    
1162    
1163 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1164     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1165     Masked hardened-sources-2.4.26.ebuild broken for ppc
1166    
1167     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1168     hardened-sources-2.4.24-r3.ebuild:
1169     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1170 plasmaroo 1.25
1171 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1172    
1173     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1174     +hardened-sources-2.4.26.ebuild:
1175     Updated hardened-sources for the 2.4.26 kernel
1176     Removed broken components, updated almost everything.
1177    
1178 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1179    
1180     17 Apr 2004; <plasmaroo@gentoo.org>
1181     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1182     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1183     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1184     +hardened-sources-2.4.24-r3.ebuild:
1185     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1186     vulnerabilities. Old revisions removed.
1187 plasmaroo 1.24
1188     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1189    
1190     15 Apr 2004; <plasmaroo@gentoo.org>
1191     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1192     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1193     Version bump for the CAN-2004-0109 issue; bug #47881.
1194 aliz 1.23
1195     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1196     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1197     Add eutils to inherit.
1198 plasmaroo 1.22
1199     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1200    
1201     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1202     files/hardened-sources-2.4.24.munmap.patch:
1203     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1204 scox 1.19
1205 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1206 scox 1.26
1207 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1208     hardened-sources-2.4.24.ebuild:
1209     Version bump, updated most of the components.
1210     This release includes the following:
1211    
1212     - Hardened security
1213     - Netfilter patch-o-matic 20031219
1214     - FreeSWAN 2.04 & x509 1.4.8
1215     - EVMS 2.2.2
1216     - XFS 1.3.1
1217     - cryptoloop jari
1218     - grsecurity 2.0-rc4
1219     - SELinux
1220     - PaX 200402060000
1221     - PaX Obscurity 200308302223
1222     - Others...
1223    
1224     Neither -ck nor systrace are included anymore.
1225    
1226 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1227    
1228     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1229     hardened-sources-2.4.22-r2.ebuild:
1230 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1231 scox 1.19
1232     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1233 iggy 1.17
1234     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1235 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1236 iggy 1.16
1237     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1238 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1239     Version bump for the 'do_brk' vulnerability.
1240 iggy 1.15
1241     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1242     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1243     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1244     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1245 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1246 frogger 1.14
1247     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1248     hardened-sources-2.4.22.ebuild:
1249 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1250     components. These are no longer handled in the kernel
1251     so this code was not necessary.
1252 frogger 1.13
1253     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1254     New 2.4.22 based hardened-sources thanks to
1255     Phil West <p.west@computer.org>.
1256    
1257     These sources include:
1258 plasmaroo 1.18 - New SELinux API
1259     - Updated CK-base
1260     - Updated GRSec
1261     - Systrace
1262     - SuperFreeS/WAN 1.99.8
1263     - Propolice kernel build support
1264     - EVMS
1265     - Other various security related patches
1266 frogger 1.11
1267 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1268    
1269     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1270     Updated hardened-sources based on the 2.4.21 Linux kernel.
1271     This includes updates to most major components such as:
1272 plasmaroo 1.18 - ck-base-0306300059
1273     - selinux-2.4-2003071106
1274     - grsecurity-2.0-rc1
1275     - Updated IPTables patch-o-matic
1276     - Updated SuperFreeS/WAN
1277    
1278 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1279     updated patch set ready for the 2.4.21 based kernel.
1280    
1281 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1282     Initial import of hardened-sources-2.4.20-r4. This revision
1283     includes only a few changes, but one of these is an important
1284     security fix. It is recommended all users of hardened-sources
1285     upgrade to this release.
1286 plasmaroo 1.18
1287 frogger 1.11 - ioperm bug fix
1288     - fixed compilation failure when building without GRSec
1289 plasmaroo 1.18
1290 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1291     due to time constraints, but is planned for inclusion in the near
1292     future.
1293 msterret 1.10
1294     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1295    
1296     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1297     hardened-sources-2.4.20-r3.ebuild:
1298 plasmaroo 1.18 Add Header...
1299 frogger 1.9
1300     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1301     hardened-sources-2.4.20-r3.ebuild:
1302     Removed warnings from ebuild. This kernel should be safe to
1303     use at this point.
1304 frogger 1.8
1305     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1306    
1307     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1308     hardened-sources-2.4.20-r3.ebuild:
1309     New revision. Includes the following changes over -r2:
1310 plasmaroo 1.18
1311 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1312     - Super FreeS/WAN 1.99.7rc2
1313     - PaX for the LSM/SELinux branch
1314     - GRSecurity 2.0-pre4 (role based access control)
1315     - Systrace 1.3
1316     - EXT3 fixes
1317     - EVMS 2.0.1
1318     - GCC 3.1+ compile optimizations
1319     - ProPolice kernel build support
1320     - Hashing table security fixes
1321 frogger 1.3
1322     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1323 frogger 1.7
1324     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1325     Initial import of hardened-sources-r2. This new
1326     ebuild includes many new performance and security
1327     related patches. As in -r1, it will patch in
1328     LSM/SELinux if "selinux" is in USE, otherwise it
1329     will patch in GRSecurity. The following patches
1330     are included in this revision:
1331 plasmaroo 1.18
1332 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1333     (pulled from the base CK patch)
1334     - ptrace exploit patch for the LSM kernel
1335     (the GRSec patch already fixes this)
1336     - LSM 2.4-2003040709
1337     - SELinux 2.4-2003040709
1338     - Systrace v1.2
1339     - IPTables patch-o-matic base patches - 20030107
1340     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1341     - Super FreeS/WAN 1.99.6.1
1342     - GRSecurity 1.9.9g
1343     - MPPE
1344     - EXT3 data journal fix
1345     - CIPE 1.5.4
1346 frogger 1.6
1347     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1348     hardened-sources-2.4.20-r1.ebuild, manifest:
1349 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1350 frogger 1.5
1351     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1352     hardened-sources-2.4.20-r1.ebuild:
1353     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1354     is patched in instead. Ptrace patches for selinux have also been added. In
1355     either case, systrace support will be patched in as well.
1356 frogger 1.3
1357     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1358     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1359 plasmaroo 1.18 Revision bump for new sources.
1360 frogger 1.4
1361 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1362 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1363 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1364 method 1.1
1365 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1366    
1367 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1368     hardened-sources-2.4.20.ebuild:
1369 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20