/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.224 - (hide annotations) (download)
Sun May 11 10:58:14 2008 UTC (6 years, 4 months ago) by swegener
Branch: MAIN
Changes since 1.223: +4 -1 lines
Fix broken digest for linux-2.6.24.tar.bz2.
(Portage version: 2.1.5_rc10)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 swegener 1.224 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.223 2008/05/11 07:56:17 solar Exp $
4    
5     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
6     Fix broken digest for linux-2.6.24.tar.bz2.
7 solar 1.223
8     *hardened-sources-2.6.24-r2 (11 May 2008)
9     *hardened-sources-2.6.23-r12 (11 May 2008)
10    
11     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
12     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
13     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
14     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
15     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
16     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
17     security bugs 219901, 220691, 220975, 220979, 221123. New
18     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
19     should be removed as far as I'm concerned, everything else remove due to
20     vulnerable to numerous security bugs or brokeness.
21 nixnut 1.222
22     10 May 2008; nixnut <nixnut@gentoo.org>
23     hardened-sources-2.6.23-r11.ebuild:
24     Stable on ppc
25 solar 1.221
26     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
27     - -r11 stable on x86/amd64
28 solar 1.220
29     *hardened-sources-2.6.23-r11 (01 May 2008)
30    
31     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
32     - version bump to fix ulgy linux bugs
33 phreak 1.219
34     *hardened-sources-2.6.24-r1 (30 Apr 2008)
35    
36     30 Apr 2008; Christian Heim <phreak@gentoo.org>
37     +hardened-sources-2.6.24-r1.ebuild:
38     Revision bump (thanks to Kerin and Gordon, again), pulling
39     genpatches-2.6.24-7, solving #219089. Additionally contains further security
40     fixes plus some minor updates.
41 phreak 1.218
42     *hardened-sources-2.6.23-r10 (30 Apr 2008)
43    
44     30 Apr 2008; Christian Heim <phreak@gentoo.org>
45     +hardened-sources-2.6.23-r10.ebuild:
46     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
47     Additional contains "various other fixes".
48 phreak 1.217
49     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
50     Update the longdescription in metadata, thanks to Gordon Malm.
51 nixnut 1.216
52     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
53     Stable on ppc wrt bug #213255
54 solar 1.215
55     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
56     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
57     - stable on x86/amd64 per request. Removed obsolete ebuilds
58 phreak 1.214
59     *hardened-sources-2.6.24 (07 Apr 2008)
60    
61     07 Apr 2008; Christian Heim <phreak@gentoo.org>
62     +hardened-sources-2.6.24.ebuild:
63     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
64     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
65     for the many contributions and their continued effort in #216612) based on
66     2.6.24 and genpatches-2.6.24-5.
67    
68     The current ebuild/patchset contains these things:
69     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
70     * Introduces bespoke server and workstation oriented security levels
71     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
72 phreak 1.213
73     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
74     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
75     maintaining it).
76 phreak 1.212
77     24 Mar 2008; Christian Heim <phreak@gentoo.org>
78     hardened-sources-2.4.35-r2.ebuild:
79     Fixing SRC_URI for 2.4.35-r2.
80 phreak 1.211
81     *hardened-sources-2.6.23-r9 (22 Mar 2008)
82    
83     22 Mar 2008; Christian Heim <phreak@gentoo.org>
84     +hardened-sources-2.6.23-r9.ebuild:
85     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
86     * Change the default GIDs for some grsecurity options
87     * Revamp the Hardened [Gentoo] security level and make it the default level
88     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
89     * Fix a recursive lock -- call to capable() within ptrace_attach()
90     * Fix bug that allows audit and iscsi operations to be controlled via netlink
91 solar 1.210
92     *hardened-sources-2.6.23-r8 (27 Feb 2008)
93    
94     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
95     - version bump from Kerin Millar bug 210026
96 solar 1.209
97     17 Feb 2008; <solar@gentoo.org> metadata.xml,
98     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
99     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
100     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
101     - stable on x86 and remove old ebuilds
102 solar 1.207
103     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
104 solar 1.208 - stable on amd64 per request of amd64 lead
105 solar 1.206
106     *hardened-sources-2.6.23-r7 (11 Feb 2008)
107    
108     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
109     - version bump from kerin.millar
110     Changes:
111    
112     * Bump to genpatches-base-2.6.23-9
113     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
114     * Disables COMPAT_VDSO in x86/defconfig
115     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
116 phreak 1.205
117     25 Jan 2008; Christian Heim <phreak@gentoo.org>
118     -hardened-sources-2.6.22-r8.ebuild:
119     Cleaning up old versions.
120 phreak 1.204
121     *hardened-sources-2.6.23-r6 (25 Jan 2008)
122    
123     25 Jan 2008; Christian Heim <phreak@gentoo.org>
124     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
125     Revision bump, pulling in the latest genpatches.
126 phreak 1.203
127     *hardened-sources-2.6.23-r5 (24 Dec 2007)
128    
129     24 Dec 2007; Christian Heim <phreak@gentoo.org>
130     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
131     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
132     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
133     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
134 phreak 1.202
135     24 Dec 2007; Christian Heim <phreak@gentoo.org>
136     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
137     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
138     -hardened-sources-2.6.23-r3.ebuild:
139     Cleaning out some unused, old versions.
140 phreak 1.201
141     24 Dec 2007; Christian Heim <phreak@gentoo.org>
142     hardened-sources-2.6.23-r4.ebuild:
143     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
144     in the tree for long, but there isn't much of a difference between this and
145     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
146 phreak 1.200
147     *hardened-sources-2.6.23-r4 (23 Dec 2007)
148    
149     23 Dec 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.23-r4.ebuild:
151     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
152 phreak 1.199
153     *hardened-sources-2.6.23-r3 (04 Dec 2007)
154    
155     04 Dec 2007; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.23-r3.ebuild:
157     Revision bump, pulling in 2.6.23.9.
158 phreak 1.198
159     *hardened-sources-2.6.23-r2 (25 Nov 2007)
160    
161     25 Nov 2007; Christian Heim <phreak@gentoo.org>
162     +hardened-sources-2.6.23-r2.ebuild:
163     Updated patchset, thanks to solar.
164 phreak 1.197
165     *hardened-sources-2.6.23-r1 (31 Oct 2007)
166    
167     31 Oct 2007; Christian Heim <phreak@gentoo.org>
168     +hardened-sources-2.6.23-r1.ebuild:
169     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
170 solar 1.196
171     29 Oct 2007; <solar@gentoo.org> metadata.xml:
172     - update metadata.xml
173 phreak 1.195
174     25 Oct 2007; Christian Heim <phreak@gentoo.org>
175     hardened-sources-2.6.22-r8.ebuild:
176     Marking 2.6.22-r8 stable on amd64 and x86.
177 phreak 1.194
178     21 Oct 2007; Christian Heim <phreak@gentoo.org>
179     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
180     -hardened-sources-2.6.21-r4.ebuild:
181     Removing old ebuilds.
182 phreak 1.193
183     *hardened-sources-2.4.35-r2 (21 Oct 2007)
184    
185     21 Oct 2007; Christian Heim <phreak@gentoo.org>
186     +hardened-sources-2.4.35-r2.ebuild:
187     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
188     patches.
189 phreak 1.192
190     *hardened-sources-2.6.22-r8 (21 Oct 2007)
191    
192     21 Oct 2007; Christian Heim <phreak@gentoo.org>
193     +hardened-sources-2.6.22-r8.ebuild:
194     Yet another new patch, hopefully fixing the remaining issues we had w/
195     2.6.22. Candidate for stabling.
196 phreak 1.191
197     *hardened-sources-2.6.23 (13 Oct 2007)
198    
199     13 Oct 2007; Christian Heim <phreak@gentoo.org>
200     +hardened-sources-2.6.23.ebuild:
201     Initial hardened-sources-2.6.23. If people still have problems w/ bug
202     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
203 phreak 1.190
204     11 Oct 2007; Christian Heim <phreak@gentoo.org>
205     hardened-sources-2.6.20-r10.ebuild:
206     Pulling in yet another new genpatches version, fixing the PWC bug for real.
207 phreak 1.189
208     04 Oct 2007; Christian Heim <phreak@gentoo.org>
209     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
210     Removing old versions.
211 phreak 1.188
212     *hardened-sources-2.6.22-r7 (01 Oct 2007)
213    
214     01 Oct 2007; Christian Heim <phreak@gentoo.org>
215     +hardened-sources-2.6.22-r7.ebuild:
216     Revision bump, pulling in a newer patch. Should fix #194276.
217 phreak 1.187
218     30 Sep 2007; Christian Heim <phreak@gentoo.org>
219     hardened-sources-2.6.20-r10.ebuild:
220     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
221     Mike Doty).
222 phreak 1.186
223     *hardened-sources-2.6.22-r6 (26 Sep 2007)
224    
225     26 Sep 2007; Christian Heim <phreak@gentoo.org>
226     +hardened-sources-2.6.22-r6.ebuild:
227     Revision bump, grabbing up till Linux 2.6.22.9.
228 phreak 1.185
229     24 Sep 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
231     Cleaning up further.
232 phreak 1.184
233     *hardened-sources-2.6.20-r10 (24 Sep 2007)
234    
235     24 Sep 2007; Christian Heim <phreak@gentoo.org>
236     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
237     +hardened-sources-2.6.20-r10.ebuild:
238     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
239     revisions.
240 phreak 1.183
241     *hardened-sources-2.6.22-r5 (22 Sep 2007)
242    
243     22 Sep 2007; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.6.22-r5.ebuild:
245     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
246 phreak 1.182
247     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
248     Removing johnm from metadata.xml (see #186467 for reference).
249 phreak 1.181
250     *hardened-sources-2.6.22-r4 (17 Sep 2007)
251    
252     17 Sep 2007; Christian Heim <phreak@gentoo.org>
253     +hardened-sources-2.6.22-r4.ebuild:
254     Revision bump, hopefully fixing all those weird PAX failures.
255 phreak 1.180
256     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
257     Updating the metadata.xml.
258 phreak 1.179
259     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
260     Removing tocharian from metadata due to his retirement (see #71718 for
261     reference).
262 phreak 1.178
263     *hardened-sources-2.6.20-r9 (30 Aug 2007)
264    
265     30 Aug 2007; Christian Heim <phreak@gentoo.org>
266     +hardened-sources-2.6.20-r9.ebuild:
267     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
268 phreak 1.177
269     29 Aug 2007; Christian Heim <phreak@gentoo.org>
270     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
271     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
272     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
273     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
274     -hardened-sources-2.6.22-r2.ebuild:
275     Removing some redundant versions.
276 phreak 1.176
277     *hardened-sources-2.4.35-r1 (29 Aug 2007)
278    
279     29 Aug 2007; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.4.35-r1.ebuild:
281     Revision bump, new grsecurity patch.
282 phreak 1.175
283     *hardened-sources-2.6.20-r8 (26 Aug 2007)
284    
285     26 Aug 2007; Christian Heim <phreak@gentoo.org>
286     +hardened-sources-2.6.20-r8.ebuild:
287     Revision bump for Linux 2.6.20.17.
288 phreak 1.174
289     *hardened-sources-2.6.22-r3 (22 Aug 2007)
290    
291     22 Aug 2007; Christian Heim <phreak@gentoo.org>
292     +hardened-sources-2.6.22-r3.ebuild:
293     Revision bump for Linux 2.6.22.4.
294 phreak 1.173
295     16 Aug 2007; Christian Heim <phreak@gentoo.org>
296     hardened-sources-2.6.22-r2.ebuild:
297     Updated patchset, to fix the alignment against 2.6.22.3.
298 phreak 1.172
299     *hardened-sources-2.6.22-r2 (16 Aug 2007)
300    
301     16 Aug 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.22-r2.ebuild:
303     Revision bump for Linux 2.6.22.3.
304 phreak 1.171
305     *hardened-sources-2.4.35 (16 Aug 2007)
306    
307     16 Aug 2007; Christian Heim <phreak@gentoo.org>
308     +hardened-sources-2.4.35.ebuild:
309     Version bump, initial version for Linux 2.4.35.
310 phreak 1.170
311     *hardened-sources-2.6.21-r4 (16 Aug 2007)
312    
313     16 Aug 2007; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.21-r4.ebuild:
315     Revision bump for Linux 2.6.21.6.
316 phreak 1.169
317     *hardened-sources-2.6.20-r7 (16 Aug 2007)
318    
319     16 Aug 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.20-r7.ebuild:
321     Revision bump for Linux 2.6.20.16.
322 phreak 1.168
323     *hardened-sources-2.6.22-r1 (13 Aug 2007)
324    
325     13 Aug 2007; Christian Heim <phreak@gentoo.org>
326     +hardened-sources-2.6.22-r1.ebuild:
327     Yet another revision bump.
328 phreak 1.167
329     *hardened-sources-2.6.22 (10 Aug 2007)
330    
331     10 Aug 2007; Christian Heim <phreak@gentoo.org>
332     +hardened-sources-2.6.22.ebuild:
333     Initial release for 2.6.22. If you are using hardened-sources on a desktop
334     machine (P4 or newer), be aware you might need to disable
335     CONFIG_PAX_PAGEEXEC.
336 phreak 1.166
337     04 Aug 2007; Christian Heim <phreak@gentoo.org>
338     hardened-sources-2.6.20-r6.ebuild:
339     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
340     2.6.20.15.
341 phreak 1.165
342     10 Jul 2007; Christian Heim <phreak@gentoo.org>
343     hardened-sources-2.6.20-r5.ebuild:
344     Marking hardened-sources-2.6.20-r5 stable on ppc.
345 phreak 1.164
346     10 Jul 2007; Christian Heim <phreak@gentoo.org>
347     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
348     Cleanup.
349 phreak 1.163
350     *hardened-sources-2.6.20-r6 (08 Jul 2007)
351    
352     08 Jul 2007; Christian Heim <phreak@gentoo.org>
353     +hardened-sources-2.6.20-r6.ebuild:
354     Revision bump, grabbing yet another stable release.
355 phreak 1.162
356     17 Jun 2007; Christian Heim <phreak@gentoo.org>
357     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
358     -hardened-sources-2.6.21-r2.ebuild:
359     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
360     alpha stable KEYWORD by mistake.
361 phreak 1.161
362     17 Jun 2007; Christian Heim <phreak@gentoo.org>
363     hardened-sources-2.6.20-r5.ebuild:
364     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
365     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
366 phreak 1.160
367     *hardened-sources-2.6.21-r3 (12 Jun 2007)
368    
369     12 Jun 2007; Christian Heim <phreak@gentoo.org>
370     +hardened-sources-2.6.21-r3.ebuild:
371     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
372     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
373     love.
374 phreak 1.159
375     *hardened-sources-2.6.20-r5 (11 Jun 2007)
376    
377     11 Jun 2007; Christian Heim <phreak@gentoo.org>
378     +hardened-sources-2.6.20-r5.ebuild:
379     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
380     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
381     love.
382 pappy 1.158
383     *hardened-sources-2.4.34.5 (11 Jun 2007)
384    
385     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
386     +hardened-sources-2.4.34.5.ebuild:
387     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
388 phreak 1.157
389     30 May 2007; Christian Heim <phreak@gentoo.org>
390     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
391     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
392     stale ebuild(s).
393 phreak 1.156
394     30 May 2007; Christian Heim <phreak@gentoo.org>
395     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
396     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
397     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
398     Doing some cleanups, remove stale ebuilds.
399 phreak 1.155
400     26 May 2007; Christian Heim <phreak@gentoo.org>
401     hardened-sources-2.6.21-r2.ebuild:
402     Fixing the grsecurity patch, had one '};' too much.
403 phreak 1.154
404     *hardened-sources-2.6.21-r2 (26 May 2007)
405    
406     26 May 2007; Christian Heim <phreak@gentoo.org>
407     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
408     +hardened-sources-2.6.21-r2.ebuild:
409     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
410     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
411 phreak 1.153
412     *hardened-sources-2.6.20-r4 (26 May 2007)
413    
414     26 May 2007; Christian Heim <phreak@gentoo.org>
415     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
416     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
417 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
418 phreak 1.152
419     15 May 2007; Christian Heim <phreak@gentoo.org>
420     hardened-sources-2.6.20-r3.ebuild:
421     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
422     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
423     grsecurity patch fail in that exact same hunk.
424 phreak 1.151
425     *hardened-sources-2.6.20-r3 (15 May 2007)
426    
427     15 May 2007; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
429     Revision bump, incorporating Linux 2.6.20.11.
430    
431     *hardened-sources-2.6.21-r1 (11 May 2007)
432    
433     11 May 2007; Christian Heim <phreak@gentoo.org>
434     +hardened-sources-2.6.21-r1.ebuild:
435     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
436     mentioned in #177234.
437 kevquinn 1.150
438     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
439     files/digest-hardened-sources-2.6.21, Manifest:
440     Fix Manifest/digest for linux-2.6.21.tar.bz2
441 phreak 1.149
442     06 May 2007; Christian Heim <phreak@gentoo.org>
443     hardened-sources-2.6.21.ebuild:
444     Bumping the hardened-patches version, needed for the fix for #177234.
445 phreak 1.148
446     *hardened-sources-2.6.21 (02 May 2007)
447    
448     02 May 2007; Christian Heim <phreak@gentoo.org>
449     +hardened-sources-2.6.21.ebuild:
450     Version bump, Linux 2.6.21-hardened.
451 phreak 1.147
452     29 Apr 2007; Christian Heim <phreak@gentoo.org>
453     hardened-sources-2.6.20-r2.ebuild:
454     Adding ~ia64 on Ned's request.
455 phreak 1.146
456     29 Apr 2007; Christian Heim <phreak@gentoo.org>
457     hardened-sources-2.6.20-r2.ebuild:
458     Fixing the included grsecurity patch, wasn't alligning due to the Index:
459     header line(s).
460 phreak 1.145
461     29 Apr 2007; Christian Heim <phreak@gentoo.org>
462     hardened-sources-2.6.20-r2.ebuild:
463     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
464 armin76 1.144
465     *hardened-sources-2.6.20-r2 (10 Apr 2007)
466    
467     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
468     +hardened-sources-2.6.20-r2.ebuild:
469     Version bump, on behalf of phreak
470 phreak 1.143
471     *hardened-sources-2.6.20-r1 (04 Apr 2007)
472    
473     04 Apr 2007; Christian Heim <phreak@gentoo.org>
474     +hardened-sources-2.6.20-r1.ebuild:
475     Revision bump, grabbing a newer grsecurity snapshot.
476 phreak 1.142
477     *hardened-sources-2.6.20 (25 Mar 2007)
478    
479     25 Mar 2007; Christian Heim <phreak@gentoo.org>
480     +hardened-sources-2.6.20.ebuild:
481     Finally a hardened-sources version for 2.6.20; many people have been waiting
482     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
483     testbox.
484 chainsaw 1.141
485     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
486     hardened-sources-2.6.18-r6.ebuild:
487     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
488 phreak 1.140
489     *hardened-sources-2.6.18-r6 (16 Mar 2007)
490    
491     16 Mar 2007; Christian Heim <phreak@gentoo.org>
492     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
493     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
494     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
495     supposed to be.
496 phreak 1.139
497     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
498     Fixing the Manifest, the previous one was broken (as in still had the
499     deleted ebuild in it).
500 phreak 1.138
501     06 Mar 2007; Christian Heim <phreak@gentoo.org>
502     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
503     +hardened-sources-2.6.18-r5.ebuild:
504     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
505     Linux 2.6.18.8. Also cleaning up the older version.
506    
507     *hardened-sources-2.6.18-r5 (06 Mar 2007)
508    
509     06 Mar 2007; Christian Heim <phreak@gentoo.org>
510     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
511     +hardened-sources-2.6.18-r5.ebuild:
512     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
513     Linux 2.6.18.8. Also cleaning up the older version.
514 phreak 1.137
515     24 Feb 2007; Christian Heim <phreak@gentoo.org>
516     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
517     -hardened-sources-2.6.19-r5.ebuild:
518     Removing some of the old version, that didn't work.
519 phreak 1.136
520     *hardened-sources-2.6.19-r6 (12 Feb 2007)
521    
522     12 Feb 2007; Christian Heim <phreak@gentoo.org>
523     +hardened-sources-2.6.19-r6.ebuild:
524     Revision bump, including a new grsec version fixing #166235.
525 pappy 1.134
526     *hardened-sources-2.4.34 (24 Jan 2007)
527    
528     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
529 pappy 1.135 Manifest:
530     updating Manifest with checksums of new tarball and ebuild
531    
532     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
533 pappy 1.134 +hardened-sources-2.4.34.ebuild:
534     I added new hardened sources 2.4 update, this is a critical path
535     security bugfix - all users of h-s are strongly advised
536     to update their existing hardened sources to this version.
537     It contains a fix for a kernel vulnerability that is pertaining
538     to the PaX changes to virtual memory management, possibly leading
539     to a local kernel exploit ... see grsecurity.net forums and homepage
540 phreak 1.133
541     23 Jan 2007; Christian Heim <phreak@gentoo.org>
542     files/digest-hardened-sources-2.6.19-r5, Manifest:
543     Fixing the patch-tarball digest.
544 phreak 1.132
545     *hardened-sources-2.6.19-r5 (23 Jan 2007)
546    
547     23 Jan 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.19-r5.ebuild:
549     Revision bump, closing the recently discovered PaX expand_stack()
550     vulnerability.
551 phreak 1.131
552     *hardened-sources-2.6.19-r4 (14 Jan 2007)
553    
554     14 Jan 2007; Christian Heim <phreak@gentoo.org>
555     +hardened-sources-2.6.19-r4.ebuild:
556     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
557     dropping the randomized PID feature.
558 opfer 1.130
559     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
560     hardened-sources-2.4.33.4.ebuild:
561     stable x86, bug #161171
562 phreak 1.129
563     *hardened-sources-2.6.19-r3 (27 Dec 2006)
564    
565     27 Dec 2006; Christian Heim <phreak@gentoo.org>
566     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
567     Revision bump for bug #157186 and #158786.
568 phreak 1.128
569     *hardened-sources-2.6.18-r4 (27 Dec 2006)
570    
571     27 Dec 2006; Christian Heim <phreak@gentoo.org>
572     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
573     Revision bump for bug #157186.
574 phreak 1.127
575     *hardened-sources-2.6.19-r2 (23 Dec 2006)
576    
577     23 Dec 2006; Christian Heim <phreak@gentoo.org>
578     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
579     Revision bump to pull in genpatches-2.6.19-3 for #157186.
580 phreak 1.126
581     17 Dec 2006; Christian Heim <phreak@gentoo.org>
582     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
583     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
584     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
585     hardened-sources-2.6.19-r1.ebuild:
586     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
587     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
588 pappy 1.125
589     *hardened-sources-2.4.33.4 (17 Dec 2006)
590    
591     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
592     +hardened-sources-2.4.33.4.ebuild:
593     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
594     and quilting
595 phreak 1.124
596     *hardened-sources-2.6.19-r1 (14 Dec 2006)
597    
598     14 Dec 2006; Christian Heim <phreak@gentoo.org>
599     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
600     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
601     for reporting).
602 phreak 1.123
603     *hardened-sources-2.6.19 (13 Dec 2006)
604    
605     13 Dec 2006; Christian Heim <phreak@gentoo.org>
606     +hardened-sources-2.6.19.ebuild:
607     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
608     Brad for providing that prompt update.
609 phreak 1.122
610     *hardened-sources-2.6.18-r3 (13 Dec 2006)
611    
612     13 Dec 2006; Christian Heim <phreak@gentoo.org>
613     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
614     +hardened-sources-2.6.18-r3.ebuild:
615     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
616     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
617 phreak 1.121
618     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
619     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
620 nixnut 1.120
621     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
622     Stable on ppc wrt bug 157356
623 opfer 1.119
624     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
625     hardened-sources-2.6.18.ebuild:
626     stable x86, bug #157356
627 phreak 1.118
628     *hardened-sources-2.6.18-r2 (06 Dec 2006)
629    
630     06 Dec 2006; Christian Heim <phreak@gentoo.org>
631     +hardened-sources-2.6.18-r2.ebuild:
632     Revision bump, including 2.6.18.5 (via genpatches) and
633     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
634     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
635     redesign.
636 phreak 1.117
637     06 Dec 2006; Christian Heim <phreak@gentoo.org>
638     hardened-sources-2.6.18.ebuild:
639     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
640     of Mike Doty).
641 phreak 1.116
642     *hardened-sources-2.6.18-r1 (23 Nov 2006)
643    
644     23 Nov 2006; Christian Heim <phreak@gentoo.org>
645     +hardened-sources-2.6.18-r1.ebuild:
646     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
647 phreak 1.115
648     *hardened-sources-2.6.18 (11 Nov 2006)
649    
650     11 Nov 2006; Christian Heim <phreak@gentoo.org>
651     +hardened-sources-2.6.18.ebuild:
652     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
653 solar 1.114
654     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
655     - mark amd64 stable also. bug #151877
656 solar 1.113
657     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
658     - mark 2.6.17-r1 stable
659 phreak 1.112
660     27 Aug 2006; Christian Heim <phreak@gentoo.org>
661     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
662     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
663 phreak 1.111
664     *hardened-sources-2.6.17-r1 (26 Aug 2006)
665    
666     26 Aug 2006; Christian Heim <phreak@gentoo.org>
667     +hardened-sources-2.6.17-r1.ebuild:
668     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
669     grsecurity patch.
670 phreak 1.110
671     *hardened-sources-2.6.17 (17 Aug 2006)
672    
673     17 Aug 2006; Christian Heim <phreak@gentoo.org>
674     +hardened-sources-2.6.17.ebuild:
675     Bumping the hardened-sources-2.6 series to 2.6.17, using
676     genpatches-2.6.17-6.base.
677 solar 1.109
678     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
679     - stable on x86 and amd64
680 solar 1.108
681     *hardened-sources-2.6.16-r11 (15 Jul 2006)
682    
683     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
684     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
685     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
686     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
687     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
688     crusty ebuilds
689 johnm 1.107
690     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
691     hardened-sources-2.6.16-r10.ebuild:
692     marking stable on x86 and amd64
693 solar 1.106
694     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
695     - 2.4.32-r6 stable on x86. RSBAC state unknown
696 kang 1.105
697     *hardened-sources-2.4.32-r7 (10 Jul 2006)
698    
699     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
700     +hardened-sources-2.4.32-r7.ebuild:
701     Bump PaX for RSBAC to test-17
702 johnm 1.104
703     *hardened-sources-2.6.16-r9 (03 Jul 2006)
704    
705     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
706     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
707     hardened-sources-2.6.16 bump to latest -base.
708 solar 1.103
709     *hardened-sources-2.4.32-r6 (30 Jun 2006)
710    
711     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
712     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
713     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
714     sysctl controlable resource logging
715 johnm 1.102
716     *hardened-sources-2.6.16-r7 (05 Jun 2006)
717    
718     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
719     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
720     push new 2.6.16 release in preparation for stable
721 solar 1.101
722     22 May 2006; <solar@gentoo.org> :
723     - redigest bug 134002
724 kang 1.100
725     *hardened-sources-2.4.32-r5 (16 May 2006)
726    
727     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
728     +hardened-sources-2.4.32-r5.ebuild:
729     Fixes rsbac common patching (new patch in new -r5 patchset)
730 solar 1.99
731     *hardened-sources-2.4.32-r4 (13 May 2006)
732    
733     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
734     +hardened-sources-2.4.32-r4.ebuild:
735     - security bumps
736 johnm 1.98
737     *hardened-sources-2.6.16-r6 (03 May 2006)
738    
739     03 May 2006; John Mylchreest <johnm@gentoo.org>
740     +hardened-sources-2.6.16-r6.ebuild:
741     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
742 johnm 1.97
743     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
744     hardened-sources-2.6.14-r8.ebuild:
745     fix x86_64 build problem, this will delay the digest issue again for a short
746     while but it will sort itself out
747 johnm 1.96
748     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
749     hardened-sources-2.6.14-r8.ebuild:
750     bump hardened patchset
751 antarus 1.94
752     27 Apr 2006; Alec Warner <antarus@gentoo.org>
753     files/digest-hardened-sources-2.4.32-r2,
754     files/digest-hardened-sources-2.4.32-r3,
755     files/digest-hardened-sources-2.6.14-r8, Manifest:
756     Fixing duff SHA256 digests: Bug # 131293
757 johnm 1.93
758 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
759    
760     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
761     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
762     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
763     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
764     cleanup of old uneccessary sources
765    
766 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
767     fix digest
768 johnm 1.92
769     *hardened-sources-2.6.14-r8 (20 Apr 2006)
770    
771     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
772     +hardened-sources-2.6.14-r8.ebuild:
773     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
774 johnm 1.91
775     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
776     Turning on gpg-signing again, and recomitting
777 johnm 1.90
778     *hardened-sources-2.6.16-r4 (20 Apr 2006)
779    
780     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
781     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
782     +hardened-sources-2.6.16-r4.ebuild:
783     Fix numerous security vulns
784 solar 1.89
785     *hardened-sources-2.4.32-r3 (16 Apr 2006)
786    
787     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
788     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
789     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
790     - security bump for bug #112791. Removed old ebuilds
791 johnm 1.88
792     *hardened-sources-2.6.16-r3 (15 Apr 2006)
793    
794     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
795     +hardened-sources-2.6.16-r3.ebuild:
796     Removing silly localversion which I missed
797 johnm 1.87
798     *hardened-sources-2.6.14-r7 (14 Apr 2006)
799    
800     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
801     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
802     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
803 johnm 1.86
804     *hardened-sources-2.6.16-r2 (13 Apr 2006)
805    
806     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
807     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
808     +hardened-sources-2.6.16-r2.ebuild:
809     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
810     labels, dropping USERGROUP define fixes, since these were merged mainstream.
811 johnm 1.85
812     *hardened-sources-2.6.16-r1 (11 Apr 2006)
813    
814     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
815     +hardened-sources-2.6.16-r1.ebuild:
816     Bumping to include ppc build fix and 2.6.16.3
817 tsunam 1.84
818     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
819     hardened-sources-2.6.14-r6.ebuild:
820     Stable on x86; bug #127718
821 johnm 1.83
822     *hardened-sources-2.6.16 (31 Mar 2006)
823    
824     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
825     +hardened-sources-2.6.16.ebuild:
826     Bumping to new version of grsec, and kernel base. New squashfs. Based on
827     2.6.16.1
828 cryos 1.82
829     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
830     hardened-sources-2.6.14-r6.ebuild:
831     Stable on amd64, bug 127718.
832 nixnut 1.81
833     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
834     Stable on ppc. Bug #127718
835 johnm 1.80
836     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
837     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
838     -hardened-sources-2.6.14-r4.ebuild:
839     Cleanup.
840 johnm 1.79
841     *hardened-sources-2.6.14-r6 (15 Mar 2006)
842    
843     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
844     +hardened-sources-2.6.14-r6.ebuild:
845     Fixes grsec policy recreation bug and adds a
846     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
847 solar 1.78
848     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
849     - stable on x86
850 hansmi 1.77
851     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
852     hardened-sources-2.6.14-r5.ebuild:
853     Stable on ppc.
854 johnm 1.76
855     *hardened-sources-2.6.14-r5 (01 Feb 2006)
856    
857     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
858     +hardened-sources-2.6.14-r5.ebuild:
859     fixing every known exploit
860 solar 1.75
861     *hardened-sources-2.4.32-r2 (26 Jan 2006)
862    
863     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
864     +hardened-sources-2.4.32-r2.ebuild:
865     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
866 solar 1.74
867     *hardened-sources-2.6.14-r4 (12 Jan 2006)
868    
869     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
870     - version bump for new genpatches which fix up a few sec holes
871 solar 1.73
872     *hardened-sources-2.4.32-r1 (05 Jan 2006)
873    
874     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
875     - revision bump to add misc vital linux kernel security patches.
876 johnm 1.72
877     *hardened-sources-2.6.14-r3 (30 Dec 2005)
878    
879     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
880     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
881     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
882 johnm 1.71
883     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
884     hardened-sources-2.6.14-r2.ebuild:
885     making x86 & amd64 stable following testing.
886 johnm 1.70
887     *hardened-sources-2.6.14-r2 (27 Dec 2005)
888    
889     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
890     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
891     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
892     network hooks.
893 johnm 1.69
894     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
895     hardened-sources-2.6.14-r1.ebuild:
896     bumping to stable early for sec fix on x86 & amd64
897 johnm 1.68
898     *hardened-sources-2.6.14-r1 (05 Dec 2005)
899    
900     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
901     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
902     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
903 solar 1.67
904     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
905     - stable on x86 security bug #114227 CAN-2005-3257
906 kang 1.66
907     *hardened-sources-2.4.32 (19 Nov 2005)
908    
909     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
910     +hardened-sources-2.4.32.ebuild:
911     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
912     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
913     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
914     rsbac >> /etc/portage/package.use)
915 johnm 1.65
916     *hardened-sources-2.6.14 (14 Nov 2005)
917    
918     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
919     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
920     Bumping 2.6 series to 2.6.14.2
921 johnm 1.64
922     *hardened-sources-2.6.13-r2 (20 Oct 2005)
923    
924     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
925     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
926     +hardened-sources-2.6.13-r2.ebuild:
927     Fixes minor build error in ppc.
928 johnm 1.63
929     *hardened-sources-2.6.13-r1 (17 Oct 2005)
930    
931     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
932     +hardened-sources-2.6.13-r1.ebuild:
933     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
934     2.6.13.4, fixes some major amd64 stability problems.
935 johnm 1.62
936     *hardened-sources-2.6.13 (16 Sep 2005)
937    
938     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
939     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
940     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
941     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
942     users should test this thoroughly.
943 solar 1.61
944     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
945     - stable on x86
946 johnm 1.60
947     *hardened-sources-2.6.11-r15 (27 Jun 2005)
948    
949     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
950     +hardened-sources-2.6.11-r15.ebuild:
951     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
952     grsec redefining curr_ip struct.
953 solar 1.59
954     *hardened-sources-2.4.31 (20 Jun 2005)
955    
956     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
957     initial import of 2.4.31 tree
958 johnm 1.58
959     *hardened-sources-2.6.11-r14 (14 Jun 2005)
960    
961     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
962     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
963     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
964     naming scheme to abide by genpatches
965 johnm 1.57
966     *hardened-sources-2.6.11-r13 (18 May 2005)
967    
968     18 May 2005; John Mylchreest <johnm@gentoo.org>
969     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
970     Managed to mangle the Makefile patch from grsec, to miss out the grsec
971     target. sorry about that. Fixes bug #93022
972 johnm 1.56
973     *hardened-sources-2.6.11-r12 (17 May 2005)
974    
975     17 May 2005; John Mylchreest <johnm@gentoo.org>
976     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
977     +hardened-sources-2.6.11-r12.ebuild:
978     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
979     merges in genpatches-base
980 johnm 1.55
981     *hardened-sources-2.6.11-r12 (17 May 2005)
982    
983     17 May 2005; John Mylchreest <johnm@gentoo.org>
984     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
985     +hardened-sources-2.6.11-r12.ebuild:
986     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
987     merges in genpatches-base
988 solar 1.54
989     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
990     -files/2.4.27-cmdline-race.patch,
991     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
992     -files/2.4.28-grsec-binfmt_a.out.patch,
993     -files/2.4.28-grsec-cmdline-race.patch,
994     -files/2.4.28-selinux-binfmt_a.out.patch,
995     -files/2.4.28-selinux-cmdline-race.patch,
996     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
997     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
998     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
999     cleanup..
1000 solar 1.53
1001     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1002    
1003     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1004     - disable aout by default
1005 solar 1.52
1006     *hardened-sources-2.4.30 (18 Apr 2005)
1007    
1008     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1009     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1010     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1011     use
1012 tocharian 1.50
1013 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1014    
1015     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1016     +hardened-sources-2.4.29.ebuild:
1017     New hardened-patches-2.4-29.0 patchball.
1018     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1019    
1020     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1021    
1022     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1023     +hardened-sources-2.4.28-r5.ebuild:
1024     Added a fix for a PaX vulnerability.
1025    
1026     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1027 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1028     Stable on x86
1029 solar 1.49
1030     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1031     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1032     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1033     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1034     - fixed/added RDEPEND= in all kernel-2 ebuilds
1035 tocharian 1.48
1036     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1037    
1038     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1039     +hardened-sources-2.4.28-r4.ebuild:
1040     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1041     backport of neighbour hash updates.
1042 tocharian 1.47
1043     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1044     hardened-sources-2.4.28-r3.ebuild:
1045     Stable on x86
1046 tseng 1.46
1047     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1048    
1049     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1050     +hardened-sources-2.6.10-r3.ebuild:
1051     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1052     in 2005.0
1053 tocharian 1.45
1054     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1055     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1056     hardened-sources-2.4.28-r2.ebuild:
1057     Mark stable on x86
1058 tocharian 1.44
1059     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1060    
1061     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1062     +hardened-sources-2.4.28-r3.ebuild:
1063     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1064 tocharian 1.43
1065     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1066     hardened-sources-2.4.28.ebuild:
1067     Mark stable on x86.
1068 tocharian 1.42
1069     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1070    
1071     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1072     +hardened-sources-2.4.28-r2.ebuild:
1073     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1074     Mazinger for grsecurity patches as well.
1075 plasmaroo 1.41
1076     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1077    
1078     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1079     Security bump. Thank tocharian for rolling a new patchset...
1080 solar 1.40
1081     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1082     +files/2.4.28-grsec-cmdline-race.patch,
1083     +files/2.4.28-selinux-binfmt_a.out.patch,
1084     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1085     - Round up remaining security patches that appear to be missing in 2.4.28. -
1086     PaX standalone updated to current. hgpv=28.1
1087 solar 1.39
1088     *hardened-sources-2.4.28 (28 Nov 2004)
1089    
1090     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1091     security bump. Thank tocharian for rolling a new patchset
1092 scox 1.31
1093 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1094    
1095     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1096     +hardened-sources-2.4.27-r3.ebuild:
1097     Applies the new 2.4-27.2 patchball which updates
1098     GRSecurity to the 2.0.1 version.
1099    
1100 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1101    
1102     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1103     +hardened-sources-2.4.27-r2.ebuild:
1104     Version bump.
1105     This version uses the new 2.4-27.1 patchball which updates
1106     both the SELinux PaX hooks patch and the SELinux headers.
1107    
1108 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1109    
1110     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1111     +hardened-sources-2.4.27-r1.ebuild,
1112     -hardened-sources-2.4.27.ebuild,
1113     +files/2.4.27-cmdline-race.patch:
1114     Version bump, fix for cmdline race. See bug #59905.
1115    
1116     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1117    
1118     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1119     +hardened-sources-2.4.26-r6.ebuild,
1120     -hardened-sources-2.4.26-r5.ebuild,
1121     -hardened-sources-2.4.26-r4.ebuild,
1122     +files/2.4.26-cmdline-race.patch:
1123     Version bump, fix for cmdline race. See bug #59905.
1124    
1125 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1126    
1127     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1128     +hardened-sources-2.4.27.ebuild,
1129     +files/2.4.27-CAN-2004-0394.patch:
1130     Ported the patchball to the 2.4.27 kernel version.
1131    
1132 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1133    
1134     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1135     +hardened-sources-2.4.26-r5.ebuild:
1136 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1137 scox 1.34 It adds the following features:
1138     - Squashfs
1139     - Ebtables
1140     - Netdev random (core+drivers)
1141     - Watchdog Timer (WDT) fix.
1142    
1143 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1144    
1145     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1146     +hardened-sources-2.4.26-r4.ebuild,
1147     +files/2.4.26-CAN-2004-0415.patch,
1148     -hardened-sources-2.4.26-3:
1149     Version bump, fix for CAN 0415, see bug #59378.
1150    
1151 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1152    
1153     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1154     +hardened-sources-2.4.26-r3.ebuild,
1155     +files/2.4.26-CAN-2004-0497.patch,
1156     -hardened-sources-2.4.26-r2.ebuild:
1157     Version bump, fixed CAN 0497, see bug #56171.
1158    
1159 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1160    
1161     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1162 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1163 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1164     +files/2.4.26-CAN-2004-0535.patch,
1165     -hardened-sources-2.4.26-r1.ebuild:
1166     Fixes for both CAN 0495 and 0535, see bug #54976
1167 pvdabeel 1.27
1168 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1169     hardened-sources-2.4.26-r1.ebuild:
1170     QA - fix use invocation
1171 scox 1.28
1172     *hardened-sources-2.4.26-r1 (22 June 2004)
1173    
1174     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1175     +hardened-sources-2.4.26-r1.ebuild,
1176     +files/2.4.26-CAN-2004-0394.patch,
1177     +files/2.4.26-signal-race.patch,
1178     -hardened-sources-2.4.26.ebuild,
1179     -hardened-sources-2.4.24-r3.ebuild:
1180     Version bump for the CAN-2004-0394 issue and bug #53804
1181     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1182    
1183    
1184 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1185     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1186     Masked hardened-sources-2.4.26.ebuild broken for ppc
1187    
1188     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1189     hardened-sources-2.4.24-r3.ebuild:
1190     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1191 plasmaroo 1.25
1192 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1193    
1194     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1195     +hardened-sources-2.4.26.ebuild:
1196     Updated hardened-sources for the 2.4.26 kernel
1197     Removed broken components, updated almost everything.
1198    
1199 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1200    
1201     17 Apr 2004; <plasmaroo@gentoo.org>
1202     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1203     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1204     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1205     +hardened-sources-2.4.24-r3.ebuild:
1206     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1207     vulnerabilities. Old revisions removed.
1208 plasmaroo 1.24
1209     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1210    
1211     15 Apr 2004; <plasmaroo@gentoo.org>
1212     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1213     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1214     Version bump for the CAN-2004-0109 issue; bug #47881.
1215 aliz 1.23
1216     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1217     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1218     Add eutils to inherit.
1219 plasmaroo 1.22
1220     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1221    
1222     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1223     files/hardened-sources-2.4.24.munmap.patch:
1224     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1225 scox 1.19
1226 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1227 scox 1.26
1228 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1229     hardened-sources-2.4.24.ebuild:
1230     Version bump, updated most of the components.
1231     This release includes the following:
1232    
1233     - Hardened security
1234     - Netfilter patch-o-matic 20031219
1235     - FreeSWAN 2.04 & x509 1.4.8
1236     - EVMS 2.2.2
1237     - XFS 1.3.1
1238     - cryptoloop jari
1239     - grsecurity 2.0-rc4
1240     - SELinux
1241     - PaX 200402060000
1242     - PaX Obscurity 200308302223
1243     - Others...
1244    
1245     Neither -ck nor systrace are included anymore.
1246    
1247 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1248    
1249     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1250     hardened-sources-2.4.22-r2.ebuild:
1251 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1252 scox 1.19
1253     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1254 iggy 1.17
1255     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1256 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1257 iggy 1.16
1258     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1259 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1260     Version bump for the 'do_brk' vulnerability.
1261 iggy 1.15
1262     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1263     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1264     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1265     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1266 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1267 frogger 1.14
1268     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1269     hardened-sources-2.4.22.ebuild:
1270 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1271     components. These are no longer handled in the kernel
1272     so this code was not necessary.
1273 frogger 1.13
1274     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1275     New 2.4.22 based hardened-sources thanks to
1276     Phil West <p.west@computer.org>.
1277    
1278     These sources include:
1279 plasmaroo 1.18 - New SELinux API
1280     - Updated CK-base
1281     - Updated GRSec
1282     - Systrace
1283     - SuperFreeS/WAN 1.99.8
1284     - Propolice kernel build support
1285     - EVMS
1286     - Other various security related patches
1287 frogger 1.11
1288 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1289    
1290     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1291     Updated hardened-sources based on the 2.4.21 Linux kernel.
1292     This includes updates to most major components such as:
1293 plasmaroo 1.18 - ck-base-0306300059
1294     - selinux-2.4-2003071106
1295     - grsecurity-2.0-rc1
1296     - Updated IPTables patch-o-matic
1297     - Updated SuperFreeS/WAN
1298    
1299 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1300     updated patch set ready for the 2.4.21 based kernel.
1301    
1302 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1303     Initial import of hardened-sources-2.4.20-r4. This revision
1304     includes only a few changes, but one of these is an important
1305     security fix. It is recommended all users of hardened-sources
1306     upgrade to this release.
1307 plasmaroo 1.18
1308 frogger 1.11 - ioperm bug fix
1309     - fixed compilation failure when building without GRSec
1310 plasmaroo 1.18
1311 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1312     due to time constraints, but is planned for inclusion in the near
1313     future.
1314 msterret 1.10
1315     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1316    
1317     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1318     hardened-sources-2.4.20-r3.ebuild:
1319 plasmaroo 1.18 Add Header...
1320 frogger 1.9
1321     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1322     hardened-sources-2.4.20-r3.ebuild:
1323     Removed warnings from ebuild. This kernel should be safe to
1324     use at this point.
1325 frogger 1.8
1326     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1327    
1328     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1329     hardened-sources-2.4.20-r3.ebuild:
1330     New revision. Includes the following changes over -r2:
1331 plasmaroo 1.18
1332 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1333     - Super FreeS/WAN 1.99.7rc2
1334     - PaX for the LSM/SELinux branch
1335     - GRSecurity 2.0-pre4 (role based access control)
1336     - Systrace 1.3
1337     - EXT3 fixes
1338     - EVMS 2.0.1
1339     - GCC 3.1+ compile optimizations
1340     - ProPolice kernel build support
1341     - Hashing table security fixes
1342 frogger 1.3
1343     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1344 frogger 1.7
1345     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1346     Initial import of hardened-sources-r2. This new
1347     ebuild includes many new performance and security
1348     related patches. As in -r1, it will patch in
1349     LSM/SELinux if "selinux" is in USE, otherwise it
1350     will patch in GRSecurity. The following patches
1351     are included in this revision:
1352 plasmaroo 1.18
1353 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1354     (pulled from the base CK patch)
1355     - ptrace exploit patch for the LSM kernel
1356     (the GRSec patch already fixes this)
1357     - LSM 2.4-2003040709
1358     - SELinux 2.4-2003040709
1359     - Systrace v1.2
1360     - IPTables patch-o-matic base patches - 20030107
1361     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1362     - Super FreeS/WAN 1.99.6.1
1363     - GRSecurity 1.9.9g
1364     - MPPE
1365     - EXT3 data journal fix
1366     - CIPE 1.5.4
1367 frogger 1.6
1368     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1369     hardened-sources-2.4.20-r1.ebuild, manifest:
1370 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1371 frogger 1.5
1372     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1373     hardened-sources-2.4.20-r1.ebuild:
1374     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1375     is patched in instead. Ptrace patches for selinux have also been added. In
1376     either case, systrace support will be patched in as well.
1377 frogger 1.3
1378     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1379     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1380 plasmaroo 1.18 Revision bump for new sources.
1381 frogger 1.4
1382 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1383 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1384 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1385 method 1.1
1386 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1387    
1388 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1389     hardened-sources-2.4.20.ebuild:
1390 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20