/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.223 - (hide annotations) (download)
Sun May 11 07:56:17 2008 UTC (5 years, 11 months ago) by solar
Branch: MAIN
Changes since 1.222: +15 -1 lines
- proxy commit for gengor
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.223 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.222 2008/05/10 07:26:16 nixnut Exp $
4    
5     *hardened-sources-2.6.24-r2 (11 May 2008)
6     *hardened-sources-2.6.23-r12 (11 May 2008)
7    
8     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
9     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
10     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
11     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
12     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
13     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
14     security bugs 219901, 220691, 220975, 220979, 221123. New
15     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
16     should be removed as far as I'm concerned, everything else remove due to
17     vulnerable to numerous security bugs or brokeness.
18 nixnut 1.222
19     10 May 2008; nixnut <nixnut@gentoo.org>
20     hardened-sources-2.6.23-r11.ebuild:
21     Stable on ppc
22 solar 1.221
23     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
24     - -r11 stable on x86/amd64
25 solar 1.220
26     *hardened-sources-2.6.23-r11 (01 May 2008)
27    
28     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
29     - version bump to fix ulgy linux bugs
30 phreak 1.219
31     *hardened-sources-2.6.24-r1 (30 Apr 2008)
32    
33     30 Apr 2008; Christian Heim <phreak@gentoo.org>
34     +hardened-sources-2.6.24-r1.ebuild:
35     Revision bump (thanks to Kerin and Gordon, again), pulling
36     genpatches-2.6.24-7, solving #219089. Additionally contains further security
37     fixes plus some minor updates.
38 phreak 1.218
39     *hardened-sources-2.6.23-r10 (30 Apr 2008)
40    
41     30 Apr 2008; Christian Heim <phreak@gentoo.org>
42     +hardened-sources-2.6.23-r10.ebuild:
43     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
44     Additional contains "various other fixes".
45 phreak 1.217
46     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
47     Update the longdescription in metadata, thanks to Gordon Malm.
48 nixnut 1.216
49     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
50     Stable on ppc wrt bug #213255
51 solar 1.215
52     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
53     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
54     - stable on x86/amd64 per request. Removed obsolete ebuilds
55 phreak 1.214
56     *hardened-sources-2.6.24 (07 Apr 2008)
57    
58     07 Apr 2008; Christian Heim <phreak@gentoo.org>
59     +hardened-sources-2.6.24.ebuild:
60     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
61     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
62     for the many contributions and their continued effort in #216612) based on
63     2.6.24 and genpatches-2.6.24-5.
64    
65     The current ebuild/patchset contains these things:
66     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
67     * Introduces bespoke server and workstation oriented security levels
68     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
69 phreak 1.213
70     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
71     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
72     maintaining it).
73 phreak 1.212
74     24 Mar 2008; Christian Heim <phreak@gentoo.org>
75     hardened-sources-2.4.35-r2.ebuild:
76     Fixing SRC_URI for 2.4.35-r2.
77 phreak 1.211
78     *hardened-sources-2.6.23-r9 (22 Mar 2008)
79    
80     22 Mar 2008; Christian Heim <phreak@gentoo.org>
81     +hardened-sources-2.6.23-r9.ebuild:
82     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
83     * Change the default GIDs for some grsecurity options
84     * Revamp the Hardened [Gentoo] security level and make it the default level
85     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
86     * Fix a recursive lock -- call to capable() within ptrace_attach()
87     * Fix bug that allows audit and iscsi operations to be controlled via netlink
88 solar 1.210
89     *hardened-sources-2.6.23-r8 (27 Feb 2008)
90    
91     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
92     - version bump from Kerin Millar bug 210026
93 solar 1.209
94     17 Feb 2008; <solar@gentoo.org> metadata.xml,
95     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
96     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
97     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
98     - stable on x86 and remove old ebuilds
99 solar 1.207
100     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
101 solar 1.208 - stable on amd64 per request of amd64 lead
102 solar 1.206
103     *hardened-sources-2.6.23-r7 (11 Feb 2008)
104    
105     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
106     - version bump from kerin.millar
107     Changes:
108    
109     * Bump to genpatches-base-2.6.23-9
110     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
111     * Disables COMPAT_VDSO in x86/defconfig
112     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
113 phreak 1.205
114     25 Jan 2008; Christian Heim <phreak@gentoo.org>
115     -hardened-sources-2.6.22-r8.ebuild:
116     Cleaning up old versions.
117 phreak 1.204
118     *hardened-sources-2.6.23-r6 (25 Jan 2008)
119    
120     25 Jan 2008; Christian Heim <phreak@gentoo.org>
121     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
122     Revision bump, pulling in the latest genpatches.
123 phreak 1.203
124     *hardened-sources-2.6.23-r5 (24 Dec 2007)
125    
126     24 Dec 2007; Christian Heim <phreak@gentoo.org>
127     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
128     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
129     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
130     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
131 phreak 1.202
132     24 Dec 2007; Christian Heim <phreak@gentoo.org>
133     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
134     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
135     -hardened-sources-2.6.23-r3.ebuild:
136     Cleaning out some unused, old versions.
137 phreak 1.201
138     24 Dec 2007; Christian Heim <phreak@gentoo.org>
139     hardened-sources-2.6.23-r4.ebuild:
140     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
141     in the tree for long, but there isn't much of a difference between this and
142     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
143 phreak 1.200
144     *hardened-sources-2.6.23-r4 (23 Dec 2007)
145    
146     23 Dec 2007; Christian Heim <phreak@gentoo.org>
147     +hardened-sources-2.6.23-r4.ebuild:
148     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
149 phreak 1.199
150     *hardened-sources-2.6.23-r3 (04 Dec 2007)
151    
152     04 Dec 2007; Christian Heim <phreak@gentoo.org>
153     +hardened-sources-2.6.23-r3.ebuild:
154     Revision bump, pulling in 2.6.23.9.
155 phreak 1.198
156     *hardened-sources-2.6.23-r2 (25 Nov 2007)
157    
158     25 Nov 2007; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.23-r2.ebuild:
160     Updated patchset, thanks to solar.
161 phreak 1.197
162     *hardened-sources-2.6.23-r1 (31 Oct 2007)
163    
164     31 Oct 2007; Christian Heim <phreak@gentoo.org>
165     +hardened-sources-2.6.23-r1.ebuild:
166     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
167 solar 1.196
168     29 Oct 2007; <solar@gentoo.org> metadata.xml:
169     - update metadata.xml
170 phreak 1.195
171     25 Oct 2007; Christian Heim <phreak@gentoo.org>
172     hardened-sources-2.6.22-r8.ebuild:
173     Marking 2.6.22-r8 stable on amd64 and x86.
174 phreak 1.194
175     21 Oct 2007; Christian Heim <phreak@gentoo.org>
176     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
177     -hardened-sources-2.6.21-r4.ebuild:
178     Removing old ebuilds.
179 phreak 1.193
180     *hardened-sources-2.4.35-r2 (21 Oct 2007)
181    
182     21 Oct 2007; Christian Heim <phreak@gentoo.org>
183     +hardened-sources-2.4.35-r2.ebuild:
184     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
185     patches.
186 phreak 1.192
187     *hardened-sources-2.6.22-r8 (21 Oct 2007)
188    
189     21 Oct 2007; Christian Heim <phreak@gentoo.org>
190     +hardened-sources-2.6.22-r8.ebuild:
191     Yet another new patch, hopefully fixing the remaining issues we had w/
192     2.6.22. Candidate for stabling.
193 phreak 1.191
194     *hardened-sources-2.6.23 (13 Oct 2007)
195    
196     13 Oct 2007; Christian Heim <phreak@gentoo.org>
197     +hardened-sources-2.6.23.ebuild:
198     Initial hardened-sources-2.6.23. If people still have problems w/ bug
199     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
200 phreak 1.190
201     11 Oct 2007; Christian Heim <phreak@gentoo.org>
202     hardened-sources-2.6.20-r10.ebuild:
203     Pulling in yet another new genpatches version, fixing the PWC bug for real.
204 phreak 1.189
205     04 Oct 2007; Christian Heim <phreak@gentoo.org>
206     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
207     Removing old versions.
208 phreak 1.188
209     *hardened-sources-2.6.22-r7 (01 Oct 2007)
210    
211     01 Oct 2007; Christian Heim <phreak@gentoo.org>
212     +hardened-sources-2.6.22-r7.ebuild:
213     Revision bump, pulling in a newer patch. Should fix #194276.
214 phreak 1.187
215     30 Sep 2007; Christian Heim <phreak@gentoo.org>
216     hardened-sources-2.6.20-r10.ebuild:
217     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
218     Mike Doty).
219 phreak 1.186
220     *hardened-sources-2.6.22-r6 (26 Sep 2007)
221    
222     26 Sep 2007; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.22-r6.ebuild:
224     Revision bump, grabbing up till Linux 2.6.22.9.
225 phreak 1.185
226     24 Sep 2007; Christian Heim <phreak@gentoo.org>
227     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
228     Cleaning up further.
229 phreak 1.184
230     *hardened-sources-2.6.20-r10 (24 Sep 2007)
231    
232     24 Sep 2007; Christian Heim <phreak@gentoo.org>
233     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
234     +hardened-sources-2.6.20-r10.ebuild:
235     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
236     revisions.
237 phreak 1.183
238     *hardened-sources-2.6.22-r5 (22 Sep 2007)
239    
240     22 Sep 2007; Christian Heim <phreak@gentoo.org>
241     +hardened-sources-2.6.22-r5.ebuild:
242     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
243 phreak 1.182
244     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
245     Removing johnm from metadata.xml (see #186467 for reference).
246 phreak 1.181
247     *hardened-sources-2.6.22-r4 (17 Sep 2007)
248    
249     17 Sep 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.22-r4.ebuild:
251     Revision bump, hopefully fixing all those weird PAX failures.
252 phreak 1.180
253     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
254     Updating the metadata.xml.
255 phreak 1.179
256     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
257     Removing tocharian from metadata due to his retirement (see #71718 for
258     reference).
259 phreak 1.178
260     *hardened-sources-2.6.20-r9 (30 Aug 2007)
261    
262     30 Aug 2007; Christian Heim <phreak@gentoo.org>
263     +hardened-sources-2.6.20-r9.ebuild:
264     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
265 phreak 1.177
266     29 Aug 2007; Christian Heim <phreak@gentoo.org>
267     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
268     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
269     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
270     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
271     -hardened-sources-2.6.22-r2.ebuild:
272     Removing some redundant versions.
273 phreak 1.176
274     *hardened-sources-2.4.35-r1 (29 Aug 2007)
275    
276     29 Aug 2007; Christian Heim <phreak@gentoo.org>
277     +hardened-sources-2.4.35-r1.ebuild:
278     Revision bump, new grsecurity patch.
279 phreak 1.175
280     *hardened-sources-2.6.20-r8 (26 Aug 2007)
281    
282     26 Aug 2007; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.6.20-r8.ebuild:
284     Revision bump for Linux 2.6.20.17.
285 phreak 1.174
286     *hardened-sources-2.6.22-r3 (22 Aug 2007)
287    
288     22 Aug 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.22-r3.ebuild:
290     Revision bump for Linux 2.6.22.4.
291 phreak 1.173
292     16 Aug 2007; Christian Heim <phreak@gentoo.org>
293     hardened-sources-2.6.22-r2.ebuild:
294     Updated patchset, to fix the alignment against 2.6.22.3.
295 phreak 1.172
296     *hardened-sources-2.6.22-r2 (16 Aug 2007)
297    
298     16 Aug 2007; Christian Heim <phreak@gentoo.org>
299     +hardened-sources-2.6.22-r2.ebuild:
300     Revision bump for Linux 2.6.22.3.
301 phreak 1.171
302     *hardened-sources-2.4.35 (16 Aug 2007)
303    
304     16 Aug 2007; Christian Heim <phreak@gentoo.org>
305     +hardened-sources-2.4.35.ebuild:
306     Version bump, initial version for Linux 2.4.35.
307 phreak 1.170
308     *hardened-sources-2.6.21-r4 (16 Aug 2007)
309    
310     16 Aug 2007; Christian Heim <phreak@gentoo.org>
311     +hardened-sources-2.6.21-r4.ebuild:
312     Revision bump for Linux 2.6.21.6.
313 phreak 1.169
314     *hardened-sources-2.6.20-r7 (16 Aug 2007)
315    
316     16 Aug 2007; Christian Heim <phreak@gentoo.org>
317     +hardened-sources-2.6.20-r7.ebuild:
318     Revision bump for Linux 2.6.20.16.
319 phreak 1.168
320     *hardened-sources-2.6.22-r1 (13 Aug 2007)
321    
322     13 Aug 2007; Christian Heim <phreak@gentoo.org>
323     +hardened-sources-2.6.22-r1.ebuild:
324     Yet another revision bump.
325 phreak 1.167
326     *hardened-sources-2.6.22 (10 Aug 2007)
327    
328     10 Aug 2007; Christian Heim <phreak@gentoo.org>
329     +hardened-sources-2.6.22.ebuild:
330     Initial release for 2.6.22. If you are using hardened-sources on a desktop
331     machine (P4 or newer), be aware you might need to disable
332     CONFIG_PAX_PAGEEXEC.
333 phreak 1.166
334     04 Aug 2007; Christian Heim <phreak@gentoo.org>
335     hardened-sources-2.6.20-r6.ebuild:
336     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
337     2.6.20.15.
338 phreak 1.165
339     10 Jul 2007; Christian Heim <phreak@gentoo.org>
340     hardened-sources-2.6.20-r5.ebuild:
341     Marking hardened-sources-2.6.20-r5 stable on ppc.
342 phreak 1.164
343     10 Jul 2007; Christian Heim <phreak@gentoo.org>
344     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
345     Cleanup.
346 phreak 1.163
347     *hardened-sources-2.6.20-r6 (08 Jul 2007)
348    
349     08 Jul 2007; Christian Heim <phreak@gentoo.org>
350     +hardened-sources-2.6.20-r6.ebuild:
351     Revision bump, grabbing yet another stable release.
352 phreak 1.162
353     17 Jun 2007; Christian Heim <phreak@gentoo.org>
354     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
355     -hardened-sources-2.6.21-r2.ebuild:
356     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
357     alpha stable KEYWORD by mistake.
358 phreak 1.161
359     17 Jun 2007; Christian Heim <phreak@gentoo.org>
360     hardened-sources-2.6.20-r5.ebuild:
361     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
362     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
363 phreak 1.160
364     *hardened-sources-2.6.21-r3 (12 Jun 2007)
365    
366     12 Jun 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.21-r3.ebuild:
368     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
369     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
370     love.
371 phreak 1.159
372     *hardened-sources-2.6.20-r5 (11 Jun 2007)
373    
374     11 Jun 2007; Christian Heim <phreak@gentoo.org>
375     +hardened-sources-2.6.20-r5.ebuild:
376     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
377     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
378     love.
379 pappy 1.158
380     *hardened-sources-2.4.34.5 (11 Jun 2007)
381    
382     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
383     +hardened-sources-2.4.34.5.ebuild:
384     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
385 phreak 1.157
386     30 May 2007; Christian Heim <phreak@gentoo.org>
387     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
388     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
389     stale ebuild(s).
390 phreak 1.156
391     30 May 2007; Christian Heim <phreak@gentoo.org>
392     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
393     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
394     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
395     Doing some cleanups, remove stale ebuilds.
396 phreak 1.155
397     26 May 2007; Christian Heim <phreak@gentoo.org>
398     hardened-sources-2.6.21-r2.ebuild:
399     Fixing the grsecurity patch, had one '};' too much.
400 phreak 1.154
401     *hardened-sources-2.6.21-r2 (26 May 2007)
402    
403     26 May 2007; Christian Heim <phreak@gentoo.org>
404     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
405     +hardened-sources-2.6.21-r2.ebuild:
406     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
407     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
408 phreak 1.153
409     *hardened-sources-2.6.20-r4 (26 May 2007)
410    
411     26 May 2007; Christian Heim <phreak@gentoo.org>
412     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
413     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
414 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
415 phreak 1.152
416     15 May 2007; Christian Heim <phreak@gentoo.org>
417     hardened-sources-2.6.20-r3.ebuild:
418     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
419     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
420     grsecurity patch fail in that exact same hunk.
421 phreak 1.151
422     *hardened-sources-2.6.20-r3 (15 May 2007)
423    
424     15 May 2007; Christian Heim <phreak@gentoo.org>
425     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
426     Revision bump, incorporating Linux 2.6.20.11.
427    
428     *hardened-sources-2.6.21-r1 (11 May 2007)
429    
430     11 May 2007; Christian Heim <phreak@gentoo.org>
431     +hardened-sources-2.6.21-r1.ebuild:
432     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
433     mentioned in #177234.
434 kevquinn 1.150
435     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
436     files/digest-hardened-sources-2.6.21, Manifest:
437     Fix Manifest/digest for linux-2.6.21.tar.bz2
438 phreak 1.149
439     06 May 2007; Christian Heim <phreak@gentoo.org>
440     hardened-sources-2.6.21.ebuild:
441     Bumping the hardened-patches version, needed for the fix for #177234.
442 phreak 1.148
443     *hardened-sources-2.6.21 (02 May 2007)
444    
445     02 May 2007; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.6.21.ebuild:
447     Version bump, Linux 2.6.21-hardened.
448 phreak 1.147
449     29 Apr 2007; Christian Heim <phreak@gentoo.org>
450     hardened-sources-2.6.20-r2.ebuild:
451     Adding ~ia64 on Ned's request.
452 phreak 1.146
453     29 Apr 2007; Christian Heim <phreak@gentoo.org>
454     hardened-sources-2.6.20-r2.ebuild:
455     Fixing the included grsecurity patch, wasn't alligning due to the Index:
456     header line(s).
457 phreak 1.145
458     29 Apr 2007; Christian Heim <phreak@gentoo.org>
459     hardened-sources-2.6.20-r2.ebuild:
460     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
461 armin76 1.144
462     *hardened-sources-2.6.20-r2 (10 Apr 2007)
463    
464     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
465     +hardened-sources-2.6.20-r2.ebuild:
466     Version bump, on behalf of phreak
467 phreak 1.143
468     *hardened-sources-2.6.20-r1 (04 Apr 2007)
469    
470     04 Apr 2007; Christian Heim <phreak@gentoo.org>
471     +hardened-sources-2.6.20-r1.ebuild:
472     Revision bump, grabbing a newer grsecurity snapshot.
473 phreak 1.142
474     *hardened-sources-2.6.20 (25 Mar 2007)
475    
476     25 Mar 2007; Christian Heim <phreak@gentoo.org>
477     +hardened-sources-2.6.20.ebuild:
478     Finally a hardened-sources version for 2.6.20; many people have been waiting
479     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
480     testbox.
481 chainsaw 1.141
482     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
483     hardened-sources-2.6.18-r6.ebuild:
484     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
485 phreak 1.140
486     *hardened-sources-2.6.18-r6 (16 Mar 2007)
487    
488     16 Mar 2007; Christian Heim <phreak@gentoo.org>
489     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
490     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
491     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
492     supposed to be.
493 phreak 1.139
494     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
495     Fixing the Manifest, the previous one was broken (as in still had the
496     deleted ebuild in it).
497 phreak 1.138
498     06 Mar 2007; Christian Heim <phreak@gentoo.org>
499     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
500     +hardened-sources-2.6.18-r5.ebuild:
501     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
502     Linux 2.6.18.8. Also cleaning up the older version.
503    
504     *hardened-sources-2.6.18-r5 (06 Mar 2007)
505    
506     06 Mar 2007; Christian Heim <phreak@gentoo.org>
507     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
508     +hardened-sources-2.6.18-r5.ebuild:
509     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
510     Linux 2.6.18.8. Also cleaning up the older version.
511 phreak 1.137
512     24 Feb 2007; Christian Heim <phreak@gentoo.org>
513     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
514     -hardened-sources-2.6.19-r5.ebuild:
515     Removing some of the old version, that didn't work.
516 phreak 1.136
517     *hardened-sources-2.6.19-r6 (12 Feb 2007)
518    
519     12 Feb 2007; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.19-r6.ebuild:
521     Revision bump, including a new grsec version fixing #166235.
522 pappy 1.134
523     *hardened-sources-2.4.34 (24 Jan 2007)
524    
525     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
526 pappy 1.135 Manifest:
527     updating Manifest with checksums of new tarball and ebuild
528    
529     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
530 pappy 1.134 +hardened-sources-2.4.34.ebuild:
531     I added new hardened sources 2.4 update, this is a critical path
532     security bugfix - all users of h-s are strongly advised
533     to update their existing hardened sources to this version.
534     It contains a fix for a kernel vulnerability that is pertaining
535     to the PaX changes to virtual memory management, possibly leading
536     to a local kernel exploit ... see grsecurity.net forums and homepage
537 phreak 1.133
538     23 Jan 2007; Christian Heim <phreak@gentoo.org>
539     files/digest-hardened-sources-2.6.19-r5, Manifest:
540     Fixing the patch-tarball digest.
541 phreak 1.132
542     *hardened-sources-2.6.19-r5 (23 Jan 2007)
543    
544     23 Jan 2007; Christian Heim <phreak@gentoo.org>
545     +hardened-sources-2.6.19-r5.ebuild:
546     Revision bump, closing the recently discovered PaX expand_stack()
547     vulnerability.
548 phreak 1.131
549     *hardened-sources-2.6.19-r4 (14 Jan 2007)
550    
551     14 Jan 2007; Christian Heim <phreak@gentoo.org>
552     +hardened-sources-2.6.19-r4.ebuild:
553     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
554     dropping the randomized PID feature.
555 opfer 1.130
556     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
557     hardened-sources-2.4.33.4.ebuild:
558     stable x86, bug #161171
559 phreak 1.129
560     *hardened-sources-2.6.19-r3 (27 Dec 2006)
561    
562     27 Dec 2006; Christian Heim <phreak@gentoo.org>
563     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
564     Revision bump for bug #157186 and #158786.
565 phreak 1.128
566     *hardened-sources-2.6.18-r4 (27 Dec 2006)
567    
568     27 Dec 2006; Christian Heim <phreak@gentoo.org>
569     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
570     Revision bump for bug #157186.
571 phreak 1.127
572     *hardened-sources-2.6.19-r2 (23 Dec 2006)
573    
574     23 Dec 2006; Christian Heim <phreak@gentoo.org>
575     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
576     Revision bump to pull in genpatches-2.6.19-3 for #157186.
577 phreak 1.126
578     17 Dec 2006; Christian Heim <phreak@gentoo.org>
579     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
580     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
581     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
582     hardened-sources-2.6.19-r1.ebuild:
583     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
584     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
585 pappy 1.125
586     *hardened-sources-2.4.33.4 (17 Dec 2006)
587    
588     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
589     +hardened-sources-2.4.33.4.ebuild:
590     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
591     and quilting
592 phreak 1.124
593     *hardened-sources-2.6.19-r1 (14 Dec 2006)
594    
595     14 Dec 2006; Christian Heim <phreak@gentoo.org>
596     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
597     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
598     for reporting).
599 phreak 1.123
600     *hardened-sources-2.6.19 (13 Dec 2006)
601    
602     13 Dec 2006; Christian Heim <phreak@gentoo.org>
603     +hardened-sources-2.6.19.ebuild:
604     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
605     Brad for providing that prompt update.
606 phreak 1.122
607     *hardened-sources-2.6.18-r3 (13 Dec 2006)
608    
609     13 Dec 2006; Christian Heim <phreak@gentoo.org>
610     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
611     +hardened-sources-2.6.18-r3.ebuild:
612     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
613     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
614 phreak 1.121
615     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
616     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
617 nixnut 1.120
618     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
619     Stable on ppc wrt bug 157356
620 opfer 1.119
621     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
622     hardened-sources-2.6.18.ebuild:
623     stable x86, bug #157356
624 phreak 1.118
625     *hardened-sources-2.6.18-r2 (06 Dec 2006)
626    
627     06 Dec 2006; Christian Heim <phreak@gentoo.org>
628     +hardened-sources-2.6.18-r2.ebuild:
629     Revision bump, including 2.6.18.5 (via genpatches) and
630     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
631     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
632     redesign.
633 phreak 1.117
634     06 Dec 2006; Christian Heim <phreak@gentoo.org>
635     hardened-sources-2.6.18.ebuild:
636     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
637     of Mike Doty).
638 phreak 1.116
639     *hardened-sources-2.6.18-r1 (23 Nov 2006)
640    
641     23 Nov 2006; Christian Heim <phreak@gentoo.org>
642     +hardened-sources-2.6.18-r1.ebuild:
643     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
644 phreak 1.115
645     *hardened-sources-2.6.18 (11 Nov 2006)
646    
647     11 Nov 2006; Christian Heim <phreak@gentoo.org>
648     +hardened-sources-2.6.18.ebuild:
649     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
650 solar 1.114
651     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
652     - mark amd64 stable also. bug #151877
653 solar 1.113
654     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
655     - mark 2.6.17-r1 stable
656 phreak 1.112
657     27 Aug 2006; Christian Heim <phreak@gentoo.org>
658     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
659     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
660 phreak 1.111
661     *hardened-sources-2.6.17-r1 (26 Aug 2006)
662    
663     26 Aug 2006; Christian Heim <phreak@gentoo.org>
664     +hardened-sources-2.6.17-r1.ebuild:
665     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
666     grsecurity patch.
667 phreak 1.110
668     *hardened-sources-2.6.17 (17 Aug 2006)
669    
670     17 Aug 2006; Christian Heim <phreak@gentoo.org>
671     +hardened-sources-2.6.17.ebuild:
672     Bumping the hardened-sources-2.6 series to 2.6.17, using
673     genpatches-2.6.17-6.base.
674 solar 1.109
675     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
676     - stable on x86 and amd64
677 solar 1.108
678     *hardened-sources-2.6.16-r11 (15 Jul 2006)
679    
680     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
681     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
682     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
683     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
684     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
685     crusty ebuilds
686 johnm 1.107
687     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
688     hardened-sources-2.6.16-r10.ebuild:
689     marking stable on x86 and amd64
690 solar 1.106
691     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
692     - 2.4.32-r6 stable on x86. RSBAC state unknown
693 kang 1.105
694     *hardened-sources-2.4.32-r7 (10 Jul 2006)
695    
696     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
697     +hardened-sources-2.4.32-r7.ebuild:
698     Bump PaX for RSBAC to test-17
699 johnm 1.104
700     *hardened-sources-2.6.16-r9 (03 Jul 2006)
701    
702     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
703     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
704     hardened-sources-2.6.16 bump to latest -base.
705 solar 1.103
706     *hardened-sources-2.4.32-r6 (30 Jun 2006)
707    
708     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
709     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
710     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
711     sysctl controlable resource logging
712 johnm 1.102
713     *hardened-sources-2.6.16-r7 (05 Jun 2006)
714    
715     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
716     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
717     push new 2.6.16 release in preparation for stable
718 solar 1.101
719     22 May 2006; <solar@gentoo.org> :
720     - redigest bug 134002
721 kang 1.100
722     *hardened-sources-2.4.32-r5 (16 May 2006)
723    
724     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
725     +hardened-sources-2.4.32-r5.ebuild:
726     Fixes rsbac common patching (new patch in new -r5 patchset)
727 solar 1.99
728     *hardened-sources-2.4.32-r4 (13 May 2006)
729    
730     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
731     +hardened-sources-2.4.32-r4.ebuild:
732     - security bumps
733 johnm 1.98
734     *hardened-sources-2.6.16-r6 (03 May 2006)
735    
736     03 May 2006; John Mylchreest <johnm@gentoo.org>
737     +hardened-sources-2.6.16-r6.ebuild:
738     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
739 johnm 1.97
740     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
741     hardened-sources-2.6.14-r8.ebuild:
742     fix x86_64 build problem, this will delay the digest issue again for a short
743     while but it will sort itself out
744 johnm 1.96
745     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
746     hardened-sources-2.6.14-r8.ebuild:
747     bump hardened patchset
748 antarus 1.94
749     27 Apr 2006; Alec Warner <antarus@gentoo.org>
750     files/digest-hardened-sources-2.4.32-r2,
751     files/digest-hardened-sources-2.4.32-r3,
752     files/digest-hardened-sources-2.6.14-r8, Manifest:
753     Fixing duff SHA256 digests: Bug # 131293
754 johnm 1.93
755 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
756    
757     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
758     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
759     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
760     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
761     cleanup of old uneccessary sources
762    
763 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
764     fix digest
765 johnm 1.92
766     *hardened-sources-2.6.14-r8 (20 Apr 2006)
767    
768     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
769     +hardened-sources-2.6.14-r8.ebuild:
770     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
771 johnm 1.91
772     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
773     Turning on gpg-signing again, and recomitting
774 johnm 1.90
775     *hardened-sources-2.6.16-r4 (20 Apr 2006)
776    
777     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
778     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
779     +hardened-sources-2.6.16-r4.ebuild:
780     Fix numerous security vulns
781 solar 1.89
782     *hardened-sources-2.4.32-r3 (16 Apr 2006)
783    
784     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
785     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
786     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
787     - security bump for bug #112791. Removed old ebuilds
788 johnm 1.88
789     *hardened-sources-2.6.16-r3 (15 Apr 2006)
790    
791     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
792     +hardened-sources-2.6.16-r3.ebuild:
793     Removing silly localversion which I missed
794 johnm 1.87
795     *hardened-sources-2.6.14-r7 (14 Apr 2006)
796    
797     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
798     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
799     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
800 johnm 1.86
801     *hardened-sources-2.6.16-r2 (13 Apr 2006)
802    
803     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
804     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
805     +hardened-sources-2.6.16-r2.ebuild:
806     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
807     labels, dropping USERGROUP define fixes, since these were merged mainstream.
808 johnm 1.85
809     *hardened-sources-2.6.16-r1 (11 Apr 2006)
810    
811     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
812     +hardened-sources-2.6.16-r1.ebuild:
813     Bumping to include ppc build fix and 2.6.16.3
814 tsunam 1.84
815     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
816     hardened-sources-2.6.14-r6.ebuild:
817     Stable on x86; bug #127718
818 johnm 1.83
819     *hardened-sources-2.6.16 (31 Mar 2006)
820    
821     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
822     +hardened-sources-2.6.16.ebuild:
823     Bumping to new version of grsec, and kernel base. New squashfs. Based on
824     2.6.16.1
825 cryos 1.82
826     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
827     hardened-sources-2.6.14-r6.ebuild:
828     Stable on amd64, bug 127718.
829 nixnut 1.81
830     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
831     Stable on ppc. Bug #127718
832 johnm 1.80
833     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
834     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
835     -hardened-sources-2.6.14-r4.ebuild:
836     Cleanup.
837 johnm 1.79
838     *hardened-sources-2.6.14-r6 (15 Mar 2006)
839    
840     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
841     +hardened-sources-2.6.14-r6.ebuild:
842     Fixes grsec policy recreation bug and adds a
843     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
844 solar 1.78
845     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
846     - stable on x86
847 hansmi 1.77
848     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
849     hardened-sources-2.6.14-r5.ebuild:
850     Stable on ppc.
851 johnm 1.76
852     *hardened-sources-2.6.14-r5 (01 Feb 2006)
853    
854     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
855     +hardened-sources-2.6.14-r5.ebuild:
856     fixing every known exploit
857 solar 1.75
858     *hardened-sources-2.4.32-r2 (26 Jan 2006)
859    
860     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
861     +hardened-sources-2.4.32-r2.ebuild:
862     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
863 solar 1.74
864     *hardened-sources-2.6.14-r4 (12 Jan 2006)
865    
866     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
867     - version bump for new genpatches which fix up a few sec holes
868 solar 1.73
869     *hardened-sources-2.4.32-r1 (05 Jan 2006)
870    
871     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
872     - revision bump to add misc vital linux kernel security patches.
873 johnm 1.72
874     *hardened-sources-2.6.14-r3 (30 Dec 2005)
875    
876     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
877     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
878     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
879 johnm 1.71
880     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
881     hardened-sources-2.6.14-r2.ebuild:
882     making x86 & amd64 stable following testing.
883 johnm 1.70
884     *hardened-sources-2.6.14-r2 (27 Dec 2005)
885    
886     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
887     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
888     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
889     network hooks.
890 johnm 1.69
891     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
892     hardened-sources-2.6.14-r1.ebuild:
893     bumping to stable early for sec fix on x86 & amd64
894 johnm 1.68
895     *hardened-sources-2.6.14-r1 (05 Dec 2005)
896    
897     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
898     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
899     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
900 solar 1.67
901     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
902     - stable on x86 security bug #114227 CAN-2005-3257
903 kang 1.66
904     *hardened-sources-2.4.32 (19 Nov 2005)
905    
906     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
907     +hardened-sources-2.4.32.ebuild:
908     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
909     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
910     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
911     rsbac >> /etc/portage/package.use)
912 johnm 1.65
913     *hardened-sources-2.6.14 (14 Nov 2005)
914    
915     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
916     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
917     Bumping 2.6 series to 2.6.14.2
918 johnm 1.64
919     *hardened-sources-2.6.13-r2 (20 Oct 2005)
920    
921     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
922     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
923     +hardened-sources-2.6.13-r2.ebuild:
924     Fixes minor build error in ppc.
925 johnm 1.63
926     *hardened-sources-2.6.13-r1 (17 Oct 2005)
927    
928     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
929     +hardened-sources-2.6.13-r1.ebuild:
930     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
931     2.6.13.4, fixes some major amd64 stability problems.
932 johnm 1.62
933     *hardened-sources-2.6.13 (16 Sep 2005)
934    
935     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
936     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
937     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
938     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
939     users should test this thoroughly.
940 solar 1.61
941     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
942     - stable on x86
943 johnm 1.60
944     *hardened-sources-2.6.11-r15 (27 Jun 2005)
945    
946     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
947     +hardened-sources-2.6.11-r15.ebuild:
948     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
949     grsec redefining curr_ip struct.
950 solar 1.59
951     *hardened-sources-2.4.31 (20 Jun 2005)
952    
953     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
954     initial import of 2.4.31 tree
955 johnm 1.58
956     *hardened-sources-2.6.11-r14 (14 Jun 2005)
957    
958     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
959     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
960     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
961     naming scheme to abide by genpatches
962 johnm 1.57
963     *hardened-sources-2.6.11-r13 (18 May 2005)
964    
965     18 May 2005; John Mylchreest <johnm@gentoo.org>
966     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
967     Managed to mangle the Makefile patch from grsec, to miss out the grsec
968     target. sorry about that. Fixes bug #93022
969 johnm 1.56
970     *hardened-sources-2.6.11-r12 (17 May 2005)
971    
972     17 May 2005; John Mylchreest <johnm@gentoo.org>
973     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
974     +hardened-sources-2.6.11-r12.ebuild:
975     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
976     merges in genpatches-base
977 johnm 1.55
978     *hardened-sources-2.6.11-r12 (17 May 2005)
979    
980     17 May 2005; John Mylchreest <johnm@gentoo.org>
981     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
982     +hardened-sources-2.6.11-r12.ebuild:
983     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
984     merges in genpatches-base
985 solar 1.54
986     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
987     -files/2.4.27-cmdline-race.patch,
988     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
989     -files/2.4.28-grsec-binfmt_a.out.patch,
990     -files/2.4.28-grsec-cmdline-race.patch,
991     -files/2.4.28-selinux-binfmt_a.out.patch,
992     -files/2.4.28-selinux-cmdline-race.patch,
993     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
994     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
995     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
996     cleanup..
997 solar 1.53
998     *hardened-sources-2.4.30-r1 (21 Apr 2005)
999    
1000     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1001     - disable aout by default
1002 solar 1.52
1003     *hardened-sources-2.4.30 (18 Apr 2005)
1004    
1005     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1006     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1007     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1008     use
1009 tocharian 1.50
1010 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1011    
1012     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1013     +hardened-sources-2.4.29.ebuild:
1014     New hardened-patches-2.4-29.0 patchball.
1015     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1016    
1017     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1018    
1019     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1020     +hardened-sources-2.4.28-r5.ebuild:
1021     Added a fix for a PaX vulnerability.
1022    
1023     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1024 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1025     Stable on x86
1026 solar 1.49
1027     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1028     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1029     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1030     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1031     - fixed/added RDEPEND= in all kernel-2 ebuilds
1032 tocharian 1.48
1033     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1034    
1035     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1036     +hardened-sources-2.4.28-r4.ebuild:
1037     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1038     backport of neighbour hash updates.
1039 tocharian 1.47
1040     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041     hardened-sources-2.4.28-r3.ebuild:
1042     Stable on x86
1043 tseng 1.46
1044     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1045    
1046     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1047     +hardened-sources-2.6.10-r3.ebuild:
1048     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1049     in 2005.0
1050 tocharian 1.45
1051     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1052     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1053     hardened-sources-2.4.28-r2.ebuild:
1054     Mark stable on x86
1055 tocharian 1.44
1056     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1057    
1058     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1059     +hardened-sources-2.4.28-r3.ebuild:
1060     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1061 tocharian 1.43
1062     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1063     hardened-sources-2.4.28.ebuild:
1064     Mark stable on x86.
1065 tocharian 1.42
1066     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1067    
1068     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069     +hardened-sources-2.4.28-r2.ebuild:
1070     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1071     Mazinger for grsecurity patches as well.
1072 plasmaroo 1.41
1073     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1074    
1075     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1076     Security bump. Thank tocharian for rolling a new patchset...
1077 solar 1.40
1078     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1079     +files/2.4.28-grsec-cmdline-race.patch,
1080     +files/2.4.28-selinux-binfmt_a.out.patch,
1081     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1082     - Round up remaining security patches that appear to be missing in 2.4.28. -
1083     PaX standalone updated to current. hgpv=28.1
1084 solar 1.39
1085     *hardened-sources-2.4.28 (28 Nov 2004)
1086    
1087     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1088     security bump. Thank tocharian for rolling a new patchset
1089 scox 1.31
1090 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1091    
1092     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1093     +hardened-sources-2.4.27-r3.ebuild:
1094     Applies the new 2.4-27.2 patchball which updates
1095     GRSecurity to the 2.0.1 version.
1096    
1097 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1098    
1099     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1100     +hardened-sources-2.4.27-r2.ebuild:
1101     Version bump.
1102     This version uses the new 2.4-27.1 patchball which updates
1103     both the SELinux PaX hooks patch and the SELinux headers.
1104    
1105 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1106    
1107     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1108     +hardened-sources-2.4.27-r1.ebuild,
1109     -hardened-sources-2.4.27.ebuild,
1110     +files/2.4.27-cmdline-race.patch:
1111     Version bump, fix for cmdline race. See bug #59905.
1112    
1113     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1114    
1115     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1116     +hardened-sources-2.4.26-r6.ebuild,
1117     -hardened-sources-2.4.26-r5.ebuild,
1118     -hardened-sources-2.4.26-r4.ebuild,
1119     +files/2.4.26-cmdline-race.patch:
1120     Version bump, fix for cmdline race. See bug #59905.
1121    
1122 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1123    
1124     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125     +hardened-sources-2.4.27.ebuild,
1126     +files/2.4.27-CAN-2004-0394.patch:
1127     Ported the patchball to the 2.4.27 kernel version.
1128    
1129 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1130    
1131     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1132     +hardened-sources-2.4.26-r5.ebuild:
1133 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1134 scox 1.34 It adds the following features:
1135     - Squashfs
1136     - Ebtables
1137     - Netdev random (core+drivers)
1138     - Watchdog Timer (WDT) fix.
1139    
1140 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1141    
1142     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1143     +hardened-sources-2.4.26-r4.ebuild,
1144     +files/2.4.26-CAN-2004-0415.patch,
1145     -hardened-sources-2.4.26-3:
1146     Version bump, fix for CAN 0415, see bug #59378.
1147    
1148 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1149    
1150     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1151     +hardened-sources-2.4.26-r3.ebuild,
1152     +files/2.4.26-CAN-2004-0497.patch,
1153     -hardened-sources-2.4.26-r2.ebuild:
1154     Version bump, fixed CAN 0497, see bug #56171.
1155    
1156 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1157    
1158     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1159 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1160 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1161     +files/2.4.26-CAN-2004-0535.patch,
1162     -hardened-sources-2.4.26-r1.ebuild:
1163     Fixes for both CAN 0495 and 0535, see bug #54976
1164 pvdabeel 1.27
1165 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1166     hardened-sources-2.4.26-r1.ebuild:
1167     QA - fix use invocation
1168 scox 1.28
1169     *hardened-sources-2.4.26-r1 (22 June 2004)
1170    
1171     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1172     +hardened-sources-2.4.26-r1.ebuild,
1173     +files/2.4.26-CAN-2004-0394.patch,
1174     +files/2.4.26-signal-race.patch,
1175     -hardened-sources-2.4.26.ebuild,
1176     -hardened-sources-2.4.24-r3.ebuild:
1177     Version bump for the CAN-2004-0394 issue and bug #53804
1178     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1179    
1180    
1181 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1182     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1183     Masked hardened-sources-2.4.26.ebuild broken for ppc
1184    
1185     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1186     hardened-sources-2.4.24-r3.ebuild:
1187     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1188 plasmaroo 1.25
1189 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1190    
1191     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1192     +hardened-sources-2.4.26.ebuild:
1193     Updated hardened-sources for the 2.4.26 kernel
1194     Removed broken components, updated almost everything.
1195    
1196 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1197    
1198     17 Apr 2004; <plasmaroo@gentoo.org>
1199     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1200     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1201     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1202     +hardened-sources-2.4.24-r3.ebuild:
1203     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1204     vulnerabilities. Old revisions removed.
1205 plasmaroo 1.24
1206     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1207    
1208     15 Apr 2004; <plasmaroo@gentoo.org>
1209     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1210     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1211     Version bump for the CAN-2004-0109 issue; bug #47881.
1212 aliz 1.23
1213     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1214     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1215     Add eutils to inherit.
1216 plasmaroo 1.22
1217     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1218    
1219     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1220     files/hardened-sources-2.4.24.munmap.patch:
1221     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1222 scox 1.19
1223 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1224 scox 1.26
1225 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1226     hardened-sources-2.4.24.ebuild:
1227     Version bump, updated most of the components.
1228     This release includes the following:
1229    
1230     - Hardened security
1231     - Netfilter patch-o-matic 20031219
1232     - FreeSWAN 2.04 & x509 1.4.8
1233     - EVMS 2.2.2
1234     - XFS 1.3.1
1235     - cryptoloop jari
1236     - grsecurity 2.0-rc4
1237     - SELinux
1238     - PaX 200402060000
1239     - PaX Obscurity 200308302223
1240     - Others...
1241    
1242     Neither -ck nor systrace are included anymore.
1243    
1244 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1245    
1246     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1247     hardened-sources-2.4.22-r2.ebuild:
1248 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1249 scox 1.19
1250     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1251 iggy 1.17
1252     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1253 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1254 iggy 1.16
1255     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1256 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1257     Version bump for the 'do_brk' vulnerability.
1258 iggy 1.15
1259     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1260     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1261     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1262     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1263 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1264 frogger 1.14
1265     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1266     hardened-sources-2.4.22.ebuild:
1267 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1268     components. These are no longer handled in the kernel
1269     so this code was not necessary.
1270 frogger 1.13
1271     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1272     New 2.4.22 based hardened-sources thanks to
1273     Phil West <p.west@computer.org>.
1274    
1275     These sources include:
1276 plasmaroo 1.18 - New SELinux API
1277     - Updated CK-base
1278     - Updated GRSec
1279     - Systrace
1280     - SuperFreeS/WAN 1.99.8
1281     - Propolice kernel build support
1282     - EVMS
1283     - Other various security related patches
1284 frogger 1.11
1285 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1286    
1287     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1288     Updated hardened-sources based on the 2.4.21 Linux kernel.
1289     This includes updates to most major components such as:
1290 plasmaroo 1.18 - ck-base-0306300059
1291     - selinux-2.4-2003071106
1292     - grsecurity-2.0-rc1
1293     - Updated IPTables patch-o-matic
1294     - Updated SuperFreeS/WAN
1295    
1296 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1297     updated patch set ready for the 2.4.21 based kernel.
1298    
1299 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1300     Initial import of hardened-sources-2.4.20-r4. This revision
1301     includes only a few changes, but one of these is an important
1302     security fix. It is recommended all users of hardened-sources
1303     upgrade to this release.
1304 plasmaroo 1.18
1305 frogger 1.11 - ioperm bug fix
1306     - fixed compilation failure when building without GRSec
1307 plasmaroo 1.18
1308 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1309     due to time constraints, but is planned for inclusion in the near
1310     future.
1311 msterret 1.10
1312     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1313    
1314     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1315     hardened-sources-2.4.20-r3.ebuild:
1316 plasmaroo 1.18 Add Header...
1317 frogger 1.9
1318     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1319     hardened-sources-2.4.20-r3.ebuild:
1320     Removed warnings from ebuild. This kernel should be safe to
1321     use at this point.
1322 frogger 1.8
1323     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1324    
1325     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1326     hardened-sources-2.4.20-r3.ebuild:
1327     New revision. Includes the following changes over -r2:
1328 plasmaroo 1.18
1329 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1330     - Super FreeS/WAN 1.99.7rc2
1331     - PaX for the LSM/SELinux branch
1332     - GRSecurity 2.0-pre4 (role based access control)
1333     - Systrace 1.3
1334     - EXT3 fixes
1335     - EVMS 2.0.1
1336     - GCC 3.1+ compile optimizations
1337     - ProPolice kernel build support
1338     - Hashing table security fixes
1339 frogger 1.3
1340     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1341 frogger 1.7
1342     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1343     Initial import of hardened-sources-r2. This new
1344     ebuild includes many new performance and security
1345     related patches. As in -r1, it will patch in
1346     LSM/SELinux if "selinux" is in USE, otherwise it
1347     will patch in GRSecurity. The following patches
1348     are included in this revision:
1349 plasmaroo 1.18
1350 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1351     (pulled from the base CK patch)
1352     - ptrace exploit patch for the LSM kernel
1353     (the GRSec patch already fixes this)
1354     - LSM 2.4-2003040709
1355     - SELinux 2.4-2003040709
1356     - Systrace v1.2
1357     - IPTables patch-o-matic base patches - 20030107
1358     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1359     - Super FreeS/WAN 1.99.6.1
1360     - GRSecurity 1.9.9g
1361     - MPPE
1362     - EXT3 data journal fix
1363     - CIPE 1.5.4
1364 frogger 1.6
1365     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1366     hardened-sources-2.4.20-r1.ebuild, manifest:
1367 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1368 frogger 1.5
1369     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1370     hardened-sources-2.4.20-r1.ebuild:
1371     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1372     is patched in instead. Ptrace patches for selinux have also been added. In
1373     either case, systrace support will be patched in as well.
1374 frogger 1.3
1375     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1376     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1377 plasmaroo 1.18 Revision bump for new sources.
1378 frogger 1.4
1379 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1380 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1381 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1382 method 1.1
1383 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1384    
1385 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1386     hardened-sources-2.4.20.ebuild:
1387 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20