/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.225 - (hide annotations) (download)
Thu May 15 15:35:54 2008 UTC (6 years, 7 months ago) by solar
Branch: MAIN
Changes since 1.224: +4 -1 lines
- fasttrack to stable x86/amd64
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.225 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.224 2008/05/11 10:58:14 swegener Exp $
4    
5     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
6     - fasttrack to stable x86/amd64
7 swegener 1.224
8     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
9     Fix broken digest for linux-2.6.24.tar.bz2.
10 solar 1.223
11     *hardened-sources-2.6.24-r2 (11 May 2008)
12     *hardened-sources-2.6.23-r12 (11 May 2008)
13    
14     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
15     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
16     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
17     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
18     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
19     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
20     security bugs 219901, 220691, 220975, 220979, 221123. New
21     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
22     should be removed as far as I'm concerned, everything else remove due to
23     vulnerable to numerous security bugs or brokeness.
24 nixnut 1.222
25     10 May 2008; nixnut <nixnut@gentoo.org>
26     hardened-sources-2.6.23-r11.ebuild:
27     Stable on ppc
28 solar 1.221
29     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
30     - -r11 stable on x86/amd64
31 solar 1.220
32     *hardened-sources-2.6.23-r11 (01 May 2008)
33    
34     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
35     - version bump to fix ulgy linux bugs
36 phreak 1.219
37     *hardened-sources-2.6.24-r1 (30 Apr 2008)
38    
39     30 Apr 2008; Christian Heim <phreak@gentoo.org>
40     +hardened-sources-2.6.24-r1.ebuild:
41     Revision bump (thanks to Kerin and Gordon, again), pulling
42     genpatches-2.6.24-7, solving #219089. Additionally contains further security
43     fixes plus some minor updates.
44 phreak 1.218
45     *hardened-sources-2.6.23-r10 (30 Apr 2008)
46    
47     30 Apr 2008; Christian Heim <phreak@gentoo.org>
48     +hardened-sources-2.6.23-r10.ebuild:
49     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
50     Additional contains "various other fixes".
51 phreak 1.217
52     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
53     Update the longdescription in metadata, thanks to Gordon Malm.
54 nixnut 1.216
55     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
56     Stable on ppc wrt bug #213255
57 solar 1.215
58     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
59     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
60     - stable on x86/amd64 per request. Removed obsolete ebuilds
61 phreak 1.214
62     *hardened-sources-2.6.24 (07 Apr 2008)
63    
64     07 Apr 2008; Christian Heim <phreak@gentoo.org>
65     +hardened-sources-2.6.24.ebuild:
66     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
67     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
68     for the many contributions and their continued effort in #216612) based on
69     2.6.24 and genpatches-2.6.24-5.
70    
71     The current ebuild/patchset contains these things:
72     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
73     * Introduces bespoke server and workstation oriented security levels
74     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
75 phreak 1.213
76     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
77     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
78     maintaining it).
79 phreak 1.212
80     24 Mar 2008; Christian Heim <phreak@gentoo.org>
81     hardened-sources-2.4.35-r2.ebuild:
82     Fixing SRC_URI for 2.4.35-r2.
83 phreak 1.211
84     *hardened-sources-2.6.23-r9 (22 Mar 2008)
85    
86     22 Mar 2008; Christian Heim <phreak@gentoo.org>
87     +hardened-sources-2.6.23-r9.ebuild:
88     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
89     * Change the default GIDs for some grsecurity options
90     * Revamp the Hardened [Gentoo] security level and make it the default level
91     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
92     * Fix a recursive lock -- call to capable() within ptrace_attach()
93     * Fix bug that allows audit and iscsi operations to be controlled via netlink
94 solar 1.210
95     *hardened-sources-2.6.23-r8 (27 Feb 2008)
96    
97     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
98     - version bump from Kerin Millar bug 210026
99 solar 1.209
100     17 Feb 2008; <solar@gentoo.org> metadata.xml,
101     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
102     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
103     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
104     - stable on x86 and remove old ebuilds
105 solar 1.207
106     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
107 solar 1.208 - stable on amd64 per request of amd64 lead
108 solar 1.206
109     *hardened-sources-2.6.23-r7 (11 Feb 2008)
110    
111     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
112     - version bump from kerin.millar
113     Changes:
114    
115     * Bump to genpatches-base-2.6.23-9
116     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
117     * Disables COMPAT_VDSO in x86/defconfig
118     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
119 phreak 1.205
120     25 Jan 2008; Christian Heim <phreak@gentoo.org>
121     -hardened-sources-2.6.22-r8.ebuild:
122     Cleaning up old versions.
123 phreak 1.204
124     *hardened-sources-2.6.23-r6 (25 Jan 2008)
125    
126     25 Jan 2008; Christian Heim <phreak@gentoo.org>
127     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
128     Revision bump, pulling in the latest genpatches.
129 phreak 1.203
130     *hardened-sources-2.6.23-r5 (24 Dec 2007)
131    
132     24 Dec 2007; Christian Heim <phreak@gentoo.org>
133     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
134     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
135     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
136     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
137 phreak 1.202
138     24 Dec 2007; Christian Heim <phreak@gentoo.org>
139     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
140     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
141     -hardened-sources-2.6.23-r3.ebuild:
142     Cleaning out some unused, old versions.
143 phreak 1.201
144     24 Dec 2007; Christian Heim <phreak@gentoo.org>
145     hardened-sources-2.6.23-r4.ebuild:
146     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
147     in the tree for long, but there isn't much of a difference between this and
148     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
149 phreak 1.200
150     *hardened-sources-2.6.23-r4 (23 Dec 2007)
151    
152     23 Dec 2007; Christian Heim <phreak@gentoo.org>
153     +hardened-sources-2.6.23-r4.ebuild:
154     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
155 phreak 1.199
156     *hardened-sources-2.6.23-r3 (04 Dec 2007)
157    
158     04 Dec 2007; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.23-r3.ebuild:
160     Revision bump, pulling in 2.6.23.9.
161 phreak 1.198
162     *hardened-sources-2.6.23-r2 (25 Nov 2007)
163    
164     25 Nov 2007; Christian Heim <phreak@gentoo.org>
165     +hardened-sources-2.6.23-r2.ebuild:
166     Updated patchset, thanks to solar.
167 phreak 1.197
168     *hardened-sources-2.6.23-r1 (31 Oct 2007)
169    
170     31 Oct 2007; Christian Heim <phreak@gentoo.org>
171     +hardened-sources-2.6.23-r1.ebuild:
172     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
173 solar 1.196
174     29 Oct 2007; <solar@gentoo.org> metadata.xml:
175     - update metadata.xml
176 phreak 1.195
177     25 Oct 2007; Christian Heim <phreak@gentoo.org>
178     hardened-sources-2.6.22-r8.ebuild:
179     Marking 2.6.22-r8 stable on amd64 and x86.
180 phreak 1.194
181     21 Oct 2007; Christian Heim <phreak@gentoo.org>
182     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
183     -hardened-sources-2.6.21-r4.ebuild:
184     Removing old ebuilds.
185 phreak 1.193
186     *hardened-sources-2.4.35-r2 (21 Oct 2007)
187    
188     21 Oct 2007; Christian Heim <phreak@gentoo.org>
189     +hardened-sources-2.4.35-r2.ebuild:
190     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
191     patches.
192 phreak 1.192
193     *hardened-sources-2.6.22-r8 (21 Oct 2007)
194    
195     21 Oct 2007; Christian Heim <phreak@gentoo.org>
196     +hardened-sources-2.6.22-r8.ebuild:
197     Yet another new patch, hopefully fixing the remaining issues we had w/
198     2.6.22. Candidate for stabling.
199 phreak 1.191
200     *hardened-sources-2.6.23 (13 Oct 2007)
201    
202     13 Oct 2007; Christian Heim <phreak@gentoo.org>
203     +hardened-sources-2.6.23.ebuild:
204     Initial hardened-sources-2.6.23. If people still have problems w/ bug
205     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
206 phreak 1.190
207     11 Oct 2007; Christian Heim <phreak@gentoo.org>
208     hardened-sources-2.6.20-r10.ebuild:
209     Pulling in yet another new genpatches version, fixing the PWC bug for real.
210 phreak 1.189
211     04 Oct 2007; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
213     Removing old versions.
214 phreak 1.188
215     *hardened-sources-2.6.22-r7 (01 Oct 2007)
216    
217     01 Oct 2007; Christian Heim <phreak@gentoo.org>
218     +hardened-sources-2.6.22-r7.ebuild:
219     Revision bump, pulling in a newer patch. Should fix #194276.
220 phreak 1.187
221     30 Sep 2007; Christian Heim <phreak@gentoo.org>
222     hardened-sources-2.6.20-r10.ebuild:
223     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
224     Mike Doty).
225 phreak 1.186
226     *hardened-sources-2.6.22-r6 (26 Sep 2007)
227    
228     26 Sep 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.22-r6.ebuild:
230     Revision bump, grabbing up till Linux 2.6.22.9.
231 phreak 1.185
232     24 Sep 2007; Christian Heim <phreak@gentoo.org>
233     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
234     Cleaning up further.
235 phreak 1.184
236     *hardened-sources-2.6.20-r10 (24 Sep 2007)
237    
238     24 Sep 2007; Christian Heim <phreak@gentoo.org>
239     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
240     +hardened-sources-2.6.20-r10.ebuild:
241     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
242     revisions.
243 phreak 1.183
244     *hardened-sources-2.6.22-r5 (22 Sep 2007)
245    
246     22 Sep 2007; Christian Heim <phreak@gentoo.org>
247     +hardened-sources-2.6.22-r5.ebuild:
248     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
249 phreak 1.182
250     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
251     Removing johnm from metadata.xml (see #186467 for reference).
252 phreak 1.181
253     *hardened-sources-2.6.22-r4 (17 Sep 2007)
254    
255     17 Sep 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.22-r4.ebuild:
257     Revision bump, hopefully fixing all those weird PAX failures.
258 phreak 1.180
259     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
260     Updating the metadata.xml.
261 phreak 1.179
262     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
263     Removing tocharian from metadata due to his retirement (see #71718 for
264     reference).
265 phreak 1.178
266     *hardened-sources-2.6.20-r9 (30 Aug 2007)
267    
268     30 Aug 2007; Christian Heim <phreak@gentoo.org>
269     +hardened-sources-2.6.20-r9.ebuild:
270     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
271 phreak 1.177
272     29 Aug 2007; Christian Heim <phreak@gentoo.org>
273     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
274     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
275     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
276     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
277     -hardened-sources-2.6.22-r2.ebuild:
278     Removing some redundant versions.
279 phreak 1.176
280     *hardened-sources-2.4.35-r1 (29 Aug 2007)
281    
282     29 Aug 2007; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.4.35-r1.ebuild:
284     Revision bump, new grsecurity patch.
285 phreak 1.175
286     *hardened-sources-2.6.20-r8 (26 Aug 2007)
287    
288     26 Aug 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.20-r8.ebuild:
290     Revision bump for Linux 2.6.20.17.
291 phreak 1.174
292     *hardened-sources-2.6.22-r3 (22 Aug 2007)
293    
294     22 Aug 2007; Christian Heim <phreak@gentoo.org>
295     +hardened-sources-2.6.22-r3.ebuild:
296     Revision bump for Linux 2.6.22.4.
297 phreak 1.173
298     16 Aug 2007; Christian Heim <phreak@gentoo.org>
299     hardened-sources-2.6.22-r2.ebuild:
300     Updated patchset, to fix the alignment against 2.6.22.3.
301 phreak 1.172
302     *hardened-sources-2.6.22-r2 (16 Aug 2007)
303    
304     16 Aug 2007; Christian Heim <phreak@gentoo.org>
305     +hardened-sources-2.6.22-r2.ebuild:
306     Revision bump for Linux 2.6.22.3.
307 phreak 1.171
308     *hardened-sources-2.4.35 (16 Aug 2007)
309    
310     16 Aug 2007; Christian Heim <phreak@gentoo.org>
311     +hardened-sources-2.4.35.ebuild:
312     Version bump, initial version for Linux 2.4.35.
313 phreak 1.170
314     *hardened-sources-2.6.21-r4 (16 Aug 2007)
315    
316     16 Aug 2007; Christian Heim <phreak@gentoo.org>
317     +hardened-sources-2.6.21-r4.ebuild:
318     Revision bump for Linux 2.6.21.6.
319 phreak 1.169
320     *hardened-sources-2.6.20-r7 (16 Aug 2007)
321    
322     16 Aug 2007; Christian Heim <phreak@gentoo.org>
323     +hardened-sources-2.6.20-r7.ebuild:
324     Revision bump for Linux 2.6.20.16.
325 phreak 1.168
326     *hardened-sources-2.6.22-r1 (13 Aug 2007)
327    
328     13 Aug 2007; Christian Heim <phreak@gentoo.org>
329     +hardened-sources-2.6.22-r1.ebuild:
330     Yet another revision bump.
331 phreak 1.167
332     *hardened-sources-2.6.22 (10 Aug 2007)
333    
334     10 Aug 2007; Christian Heim <phreak@gentoo.org>
335     +hardened-sources-2.6.22.ebuild:
336     Initial release for 2.6.22. If you are using hardened-sources on a desktop
337     machine (P4 or newer), be aware you might need to disable
338     CONFIG_PAX_PAGEEXEC.
339 phreak 1.166
340     04 Aug 2007; Christian Heim <phreak@gentoo.org>
341     hardened-sources-2.6.20-r6.ebuild:
342     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
343     2.6.20.15.
344 phreak 1.165
345     10 Jul 2007; Christian Heim <phreak@gentoo.org>
346     hardened-sources-2.6.20-r5.ebuild:
347     Marking hardened-sources-2.6.20-r5 stable on ppc.
348 phreak 1.164
349     10 Jul 2007; Christian Heim <phreak@gentoo.org>
350     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
351     Cleanup.
352 phreak 1.163
353     *hardened-sources-2.6.20-r6 (08 Jul 2007)
354    
355     08 Jul 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.20-r6.ebuild:
357     Revision bump, grabbing yet another stable release.
358 phreak 1.162
359     17 Jun 2007; Christian Heim <phreak@gentoo.org>
360     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
361     -hardened-sources-2.6.21-r2.ebuild:
362     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
363     alpha stable KEYWORD by mistake.
364 phreak 1.161
365     17 Jun 2007; Christian Heim <phreak@gentoo.org>
366     hardened-sources-2.6.20-r5.ebuild:
367     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
368     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
369 phreak 1.160
370     *hardened-sources-2.6.21-r3 (12 Jun 2007)
371    
372     12 Jun 2007; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.21-r3.ebuild:
374     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
375     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
376     love.
377 phreak 1.159
378     *hardened-sources-2.6.20-r5 (11 Jun 2007)
379    
380     11 Jun 2007; Christian Heim <phreak@gentoo.org>
381     +hardened-sources-2.6.20-r5.ebuild:
382     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
383     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
384     love.
385 pappy 1.158
386     *hardened-sources-2.4.34.5 (11 Jun 2007)
387    
388     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
389     +hardened-sources-2.4.34.5.ebuild:
390     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
391 phreak 1.157
392     30 May 2007; Christian Heim <phreak@gentoo.org>
393     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
394     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
395     stale ebuild(s).
396 phreak 1.156
397     30 May 2007; Christian Heim <phreak@gentoo.org>
398     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
399     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
400     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
401     Doing some cleanups, remove stale ebuilds.
402 phreak 1.155
403     26 May 2007; Christian Heim <phreak@gentoo.org>
404     hardened-sources-2.6.21-r2.ebuild:
405     Fixing the grsecurity patch, had one '};' too much.
406 phreak 1.154
407     *hardened-sources-2.6.21-r2 (26 May 2007)
408    
409     26 May 2007; Christian Heim <phreak@gentoo.org>
410     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
411     +hardened-sources-2.6.21-r2.ebuild:
412     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
413     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
414 phreak 1.153
415     *hardened-sources-2.6.20-r4 (26 May 2007)
416    
417     26 May 2007; Christian Heim <phreak@gentoo.org>
418     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
419     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
420 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
421 phreak 1.152
422     15 May 2007; Christian Heim <phreak@gentoo.org>
423     hardened-sources-2.6.20-r3.ebuild:
424     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
425     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
426     grsecurity patch fail in that exact same hunk.
427 phreak 1.151
428     *hardened-sources-2.6.20-r3 (15 May 2007)
429    
430     15 May 2007; Christian Heim <phreak@gentoo.org>
431     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
432     Revision bump, incorporating Linux 2.6.20.11.
433    
434     *hardened-sources-2.6.21-r1 (11 May 2007)
435    
436     11 May 2007; Christian Heim <phreak@gentoo.org>
437     +hardened-sources-2.6.21-r1.ebuild:
438     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
439     mentioned in #177234.
440 kevquinn 1.150
441     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
442     files/digest-hardened-sources-2.6.21, Manifest:
443     Fix Manifest/digest for linux-2.6.21.tar.bz2
444 phreak 1.149
445     06 May 2007; Christian Heim <phreak@gentoo.org>
446     hardened-sources-2.6.21.ebuild:
447     Bumping the hardened-patches version, needed for the fix for #177234.
448 phreak 1.148
449     *hardened-sources-2.6.21 (02 May 2007)
450    
451     02 May 2007; Christian Heim <phreak@gentoo.org>
452     +hardened-sources-2.6.21.ebuild:
453     Version bump, Linux 2.6.21-hardened.
454 phreak 1.147
455     29 Apr 2007; Christian Heim <phreak@gentoo.org>
456     hardened-sources-2.6.20-r2.ebuild:
457     Adding ~ia64 on Ned's request.
458 phreak 1.146
459     29 Apr 2007; Christian Heim <phreak@gentoo.org>
460     hardened-sources-2.6.20-r2.ebuild:
461     Fixing the included grsecurity patch, wasn't alligning due to the Index:
462     header line(s).
463 phreak 1.145
464     29 Apr 2007; Christian Heim <phreak@gentoo.org>
465     hardened-sources-2.6.20-r2.ebuild:
466     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
467 armin76 1.144
468     *hardened-sources-2.6.20-r2 (10 Apr 2007)
469    
470     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
471     +hardened-sources-2.6.20-r2.ebuild:
472     Version bump, on behalf of phreak
473 phreak 1.143
474     *hardened-sources-2.6.20-r1 (04 Apr 2007)
475    
476     04 Apr 2007; Christian Heim <phreak@gentoo.org>
477     +hardened-sources-2.6.20-r1.ebuild:
478     Revision bump, grabbing a newer grsecurity snapshot.
479 phreak 1.142
480     *hardened-sources-2.6.20 (25 Mar 2007)
481    
482     25 Mar 2007; Christian Heim <phreak@gentoo.org>
483     +hardened-sources-2.6.20.ebuild:
484     Finally a hardened-sources version for 2.6.20; many people have been waiting
485     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
486     testbox.
487 chainsaw 1.141
488     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
489     hardened-sources-2.6.18-r6.ebuild:
490     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
491 phreak 1.140
492     *hardened-sources-2.6.18-r6 (16 Mar 2007)
493    
494     16 Mar 2007; Christian Heim <phreak@gentoo.org>
495     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
496     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
497     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
498     supposed to be.
499 phreak 1.139
500     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
501     Fixing the Manifest, the previous one was broken (as in still had the
502     deleted ebuild in it).
503 phreak 1.138
504     06 Mar 2007; Christian Heim <phreak@gentoo.org>
505     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
506     +hardened-sources-2.6.18-r5.ebuild:
507     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
508     Linux 2.6.18.8. Also cleaning up the older version.
509    
510     *hardened-sources-2.6.18-r5 (06 Mar 2007)
511    
512     06 Mar 2007; Christian Heim <phreak@gentoo.org>
513     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
514     +hardened-sources-2.6.18-r5.ebuild:
515     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
516     Linux 2.6.18.8. Also cleaning up the older version.
517 phreak 1.137
518     24 Feb 2007; Christian Heim <phreak@gentoo.org>
519     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
520     -hardened-sources-2.6.19-r5.ebuild:
521     Removing some of the old version, that didn't work.
522 phreak 1.136
523     *hardened-sources-2.6.19-r6 (12 Feb 2007)
524    
525     12 Feb 2007; Christian Heim <phreak@gentoo.org>
526     +hardened-sources-2.6.19-r6.ebuild:
527     Revision bump, including a new grsec version fixing #166235.
528 pappy 1.134
529     *hardened-sources-2.4.34 (24 Jan 2007)
530    
531     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
532 pappy 1.135 Manifest:
533     updating Manifest with checksums of new tarball and ebuild
534    
535     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
536 pappy 1.134 +hardened-sources-2.4.34.ebuild:
537     I added new hardened sources 2.4 update, this is a critical path
538     security bugfix - all users of h-s are strongly advised
539     to update their existing hardened sources to this version.
540     It contains a fix for a kernel vulnerability that is pertaining
541     to the PaX changes to virtual memory management, possibly leading
542     to a local kernel exploit ... see grsecurity.net forums and homepage
543 phreak 1.133
544     23 Jan 2007; Christian Heim <phreak@gentoo.org>
545     files/digest-hardened-sources-2.6.19-r5, Manifest:
546     Fixing the patch-tarball digest.
547 phreak 1.132
548     *hardened-sources-2.6.19-r5 (23 Jan 2007)
549    
550     23 Jan 2007; Christian Heim <phreak@gentoo.org>
551     +hardened-sources-2.6.19-r5.ebuild:
552     Revision bump, closing the recently discovered PaX expand_stack()
553     vulnerability.
554 phreak 1.131
555     *hardened-sources-2.6.19-r4 (14 Jan 2007)
556    
557     14 Jan 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.19-r4.ebuild:
559     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
560     dropping the randomized PID feature.
561 opfer 1.130
562     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
563     hardened-sources-2.4.33.4.ebuild:
564     stable x86, bug #161171
565 phreak 1.129
566     *hardened-sources-2.6.19-r3 (27 Dec 2006)
567    
568     27 Dec 2006; Christian Heim <phreak@gentoo.org>
569     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
570     Revision bump for bug #157186 and #158786.
571 phreak 1.128
572     *hardened-sources-2.6.18-r4 (27 Dec 2006)
573    
574     27 Dec 2006; Christian Heim <phreak@gentoo.org>
575     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
576     Revision bump for bug #157186.
577 phreak 1.127
578     *hardened-sources-2.6.19-r2 (23 Dec 2006)
579    
580     23 Dec 2006; Christian Heim <phreak@gentoo.org>
581     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
582     Revision bump to pull in genpatches-2.6.19-3 for #157186.
583 phreak 1.126
584     17 Dec 2006; Christian Heim <phreak@gentoo.org>
585     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
586     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
587     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
588     hardened-sources-2.6.19-r1.ebuild:
589     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
590     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
591 pappy 1.125
592     *hardened-sources-2.4.33.4 (17 Dec 2006)
593    
594     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
595     +hardened-sources-2.4.33.4.ebuild:
596     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
597     and quilting
598 phreak 1.124
599     *hardened-sources-2.6.19-r1 (14 Dec 2006)
600    
601     14 Dec 2006; Christian Heim <phreak@gentoo.org>
602     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
603     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
604     for reporting).
605 phreak 1.123
606     *hardened-sources-2.6.19 (13 Dec 2006)
607    
608     13 Dec 2006; Christian Heim <phreak@gentoo.org>
609     +hardened-sources-2.6.19.ebuild:
610     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
611     Brad for providing that prompt update.
612 phreak 1.122
613     *hardened-sources-2.6.18-r3 (13 Dec 2006)
614    
615     13 Dec 2006; Christian Heim <phreak@gentoo.org>
616     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
617     +hardened-sources-2.6.18-r3.ebuild:
618     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
619     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
620 phreak 1.121
621     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
622     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
623 nixnut 1.120
624     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
625     Stable on ppc wrt bug 157356
626 opfer 1.119
627     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
628     hardened-sources-2.6.18.ebuild:
629     stable x86, bug #157356
630 phreak 1.118
631     *hardened-sources-2.6.18-r2 (06 Dec 2006)
632    
633     06 Dec 2006; Christian Heim <phreak@gentoo.org>
634     +hardened-sources-2.6.18-r2.ebuild:
635     Revision bump, including 2.6.18.5 (via genpatches) and
636     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
637     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
638     redesign.
639 phreak 1.117
640     06 Dec 2006; Christian Heim <phreak@gentoo.org>
641     hardened-sources-2.6.18.ebuild:
642     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
643     of Mike Doty).
644 phreak 1.116
645     *hardened-sources-2.6.18-r1 (23 Nov 2006)
646    
647     23 Nov 2006; Christian Heim <phreak@gentoo.org>
648     +hardened-sources-2.6.18-r1.ebuild:
649     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
650 phreak 1.115
651     *hardened-sources-2.6.18 (11 Nov 2006)
652    
653     11 Nov 2006; Christian Heim <phreak@gentoo.org>
654     +hardened-sources-2.6.18.ebuild:
655     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
656 solar 1.114
657     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
658     - mark amd64 stable also. bug #151877
659 solar 1.113
660     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
661     - mark 2.6.17-r1 stable
662 phreak 1.112
663     27 Aug 2006; Christian Heim <phreak@gentoo.org>
664     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
665     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
666 phreak 1.111
667     *hardened-sources-2.6.17-r1 (26 Aug 2006)
668    
669     26 Aug 2006; Christian Heim <phreak@gentoo.org>
670     +hardened-sources-2.6.17-r1.ebuild:
671     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
672     grsecurity patch.
673 phreak 1.110
674     *hardened-sources-2.6.17 (17 Aug 2006)
675    
676     17 Aug 2006; Christian Heim <phreak@gentoo.org>
677     +hardened-sources-2.6.17.ebuild:
678     Bumping the hardened-sources-2.6 series to 2.6.17, using
679     genpatches-2.6.17-6.base.
680 solar 1.109
681     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
682     - stable on x86 and amd64
683 solar 1.108
684     *hardened-sources-2.6.16-r11 (15 Jul 2006)
685    
686     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
687     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
688     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
689     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
690     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
691     crusty ebuilds
692 johnm 1.107
693     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
694     hardened-sources-2.6.16-r10.ebuild:
695     marking stable on x86 and amd64
696 solar 1.106
697     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
698     - 2.4.32-r6 stable on x86. RSBAC state unknown
699 kang 1.105
700     *hardened-sources-2.4.32-r7 (10 Jul 2006)
701    
702     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
703     +hardened-sources-2.4.32-r7.ebuild:
704     Bump PaX for RSBAC to test-17
705 johnm 1.104
706     *hardened-sources-2.6.16-r9 (03 Jul 2006)
707    
708     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
709     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
710     hardened-sources-2.6.16 bump to latest -base.
711 solar 1.103
712     *hardened-sources-2.4.32-r6 (30 Jun 2006)
713    
714     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
715     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
716     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
717     sysctl controlable resource logging
718 johnm 1.102
719     *hardened-sources-2.6.16-r7 (05 Jun 2006)
720    
721     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
722     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
723     push new 2.6.16 release in preparation for stable
724 solar 1.101
725     22 May 2006; <solar@gentoo.org> :
726     - redigest bug 134002
727 kang 1.100
728     *hardened-sources-2.4.32-r5 (16 May 2006)
729    
730     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
731     +hardened-sources-2.4.32-r5.ebuild:
732     Fixes rsbac common patching (new patch in new -r5 patchset)
733 solar 1.99
734     *hardened-sources-2.4.32-r4 (13 May 2006)
735    
736     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
737     +hardened-sources-2.4.32-r4.ebuild:
738     - security bumps
739 johnm 1.98
740     *hardened-sources-2.6.16-r6 (03 May 2006)
741    
742     03 May 2006; John Mylchreest <johnm@gentoo.org>
743     +hardened-sources-2.6.16-r6.ebuild:
744     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
745 johnm 1.97
746     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
747     hardened-sources-2.6.14-r8.ebuild:
748     fix x86_64 build problem, this will delay the digest issue again for a short
749     while but it will sort itself out
750 johnm 1.96
751     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
752     hardened-sources-2.6.14-r8.ebuild:
753     bump hardened patchset
754 antarus 1.94
755     27 Apr 2006; Alec Warner <antarus@gentoo.org>
756     files/digest-hardened-sources-2.4.32-r2,
757     files/digest-hardened-sources-2.4.32-r3,
758     files/digest-hardened-sources-2.6.14-r8, Manifest:
759     Fixing duff SHA256 digests: Bug # 131293
760 johnm 1.93
761 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
762    
763     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
764     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
765     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
766     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
767     cleanup of old uneccessary sources
768    
769 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
770     fix digest
771 johnm 1.92
772     *hardened-sources-2.6.14-r8 (20 Apr 2006)
773    
774     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
775     +hardened-sources-2.6.14-r8.ebuild:
776     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
777 johnm 1.91
778     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
779     Turning on gpg-signing again, and recomitting
780 johnm 1.90
781     *hardened-sources-2.6.16-r4 (20 Apr 2006)
782    
783     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
784     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
785     +hardened-sources-2.6.16-r4.ebuild:
786     Fix numerous security vulns
787 solar 1.89
788     *hardened-sources-2.4.32-r3 (16 Apr 2006)
789    
790     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
791     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
792     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
793     - security bump for bug #112791. Removed old ebuilds
794 johnm 1.88
795     *hardened-sources-2.6.16-r3 (15 Apr 2006)
796    
797     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
798     +hardened-sources-2.6.16-r3.ebuild:
799     Removing silly localversion which I missed
800 johnm 1.87
801     *hardened-sources-2.6.14-r7 (14 Apr 2006)
802    
803     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
804     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
805     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
806 johnm 1.86
807     *hardened-sources-2.6.16-r2 (13 Apr 2006)
808    
809     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
810     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
811     +hardened-sources-2.6.16-r2.ebuild:
812     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
813     labels, dropping USERGROUP define fixes, since these were merged mainstream.
814 johnm 1.85
815     *hardened-sources-2.6.16-r1 (11 Apr 2006)
816    
817     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
818     +hardened-sources-2.6.16-r1.ebuild:
819     Bumping to include ppc build fix and 2.6.16.3
820 tsunam 1.84
821     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
822     hardened-sources-2.6.14-r6.ebuild:
823     Stable on x86; bug #127718
824 johnm 1.83
825     *hardened-sources-2.6.16 (31 Mar 2006)
826    
827     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
828     +hardened-sources-2.6.16.ebuild:
829     Bumping to new version of grsec, and kernel base. New squashfs. Based on
830     2.6.16.1
831 cryos 1.82
832     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
833     hardened-sources-2.6.14-r6.ebuild:
834     Stable on amd64, bug 127718.
835 nixnut 1.81
836     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
837     Stable on ppc. Bug #127718
838 johnm 1.80
839     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
840     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
841     -hardened-sources-2.6.14-r4.ebuild:
842     Cleanup.
843 johnm 1.79
844     *hardened-sources-2.6.14-r6 (15 Mar 2006)
845    
846     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
847     +hardened-sources-2.6.14-r6.ebuild:
848     Fixes grsec policy recreation bug and adds a
849     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
850 solar 1.78
851     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
852     - stable on x86
853 hansmi 1.77
854     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
855     hardened-sources-2.6.14-r5.ebuild:
856     Stable on ppc.
857 johnm 1.76
858     *hardened-sources-2.6.14-r5 (01 Feb 2006)
859    
860     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
861     +hardened-sources-2.6.14-r5.ebuild:
862     fixing every known exploit
863 solar 1.75
864     *hardened-sources-2.4.32-r2 (26 Jan 2006)
865    
866     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
867     +hardened-sources-2.4.32-r2.ebuild:
868     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
869 solar 1.74
870     *hardened-sources-2.6.14-r4 (12 Jan 2006)
871    
872     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
873     - version bump for new genpatches which fix up a few sec holes
874 solar 1.73
875     *hardened-sources-2.4.32-r1 (05 Jan 2006)
876    
877     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
878     - revision bump to add misc vital linux kernel security patches.
879 johnm 1.72
880     *hardened-sources-2.6.14-r3 (30 Dec 2005)
881    
882     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
883     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
884     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
885 johnm 1.71
886     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
887     hardened-sources-2.6.14-r2.ebuild:
888     making x86 & amd64 stable following testing.
889 johnm 1.70
890     *hardened-sources-2.6.14-r2 (27 Dec 2005)
891    
892     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
893     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
894     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
895     network hooks.
896 johnm 1.69
897     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
898     hardened-sources-2.6.14-r1.ebuild:
899     bumping to stable early for sec fix on x86 & amd64
900 johnm 1.68
901     *hardened-sources-2.6.14-r1 (05 Dec 2005)
902    
903     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
904     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
905     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
906 solar 1.67
907     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
908     - stable on x86 security bug #114227 CAN-2005-3257
909 kang 1.66
910     *hardened-sources-2.4.32 (19 Nov 2005)
911    
912     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
913     +hardened-sources-2.4.32.ebuild:
914     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
915     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
916     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
917     rsbac >> /etc/portage/package.use)
918 johnm 1.65
919     *hardened-sources-2.6.14 (14 Nov 2005)
920    
921     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
922     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
923     Bumping 2.6 series to 2.6.14.2
924 johnm 1.64
925     *hardened-sources-2.6.13-r2 (20 Oct 2005)
926    
927     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
928     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
929     +hardened-sources-2.6.13-r2.ebuild:
930     Fixes minor build error in ppc.
931 johnm 1.63
932     *hardened-sources-2.6.13-r1 (17 Oct 2005)
933    
934     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
935     +hardened-sources-2.6.13-r1.ebuild:
936     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
937     2.6.13.4, fixes some major amd64 stability problems.
938 johnm 1.62
939     *hardened-sources-2.6.13 (16 Sep 2005)
940    
941     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
942     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
943     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
944     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
945     users should test this thoroughly.
946 solar 1.61
947     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
948     - stable on x86
949 johnm 1.60
950     *hardened-sources-2.6.11-r15 (27 Jun 2005)
951    
952     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
953     +hardened-sources-2.6.11-r15.ebuild:
954     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
955     grsec redefining curr_ip struct.
956 solar 1.59
957     *hardened-sources-2.4.31 (20 Jun 2005)
958    
959     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
960     initial import of 2.4.31 tree
961 johnm 1.58
962     *hardened-sources-2.6.11-r14 (14 Jun 2005)
963    
964     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
965     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
966     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
967     naming scheme to abide by genpatches
968 johnm 1.57
969     *hardened-sources-2.6.11-r13 (18 May 2005)
970    
971     18 May 2005; John Mylchreest <johnm@gentoo.org>
972     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
973     Managed to mangle the Makefile patch from grsec, to miss out the grsec
974     target. sorry about that. Fixes bug #93022
975 johnm 1.56
976     *hardened-sources-2.6.11-r12 (17 May 2005)
977    
978     17 May 2005; John Mylchreest <johnm@gentoo.org>
979     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
980     +hardened-sources-2.6.11-r12.ebuild:
981     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
982     merges in genpatches-base
983 johnm 1.55
984     *hardened-sources-2.6.11-r12 (17 May 2005)
985    
986     17 May 2005; John Mylchreest <johnm@gentoo.org>
987     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
988     +hardened-sources-2.6.11-r12.ebuild:
989     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
990     merges in genpatches-base
991 solar 1.54
992     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
993     -files/2.4.27-cmdline-race.patch,
994     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
995     -files/2.4.28-grsec-binfmt_a.out.patch,
996     -files/2.4.28-grsec-cmdline-race.patch,
997     -files/2.4.28-selinux-binfmt_a.out.patch,
998     -files/2.4.28-selinux-cmdline-race.patch,
999     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1000     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1001     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1002     cleanup..
1003 solar 1.53
1004     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1005    
1006     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1007     - disable aout by default
1008 solar 1.52
1009     *hardened-sources-2.4.30 (18 Apr 2005)
1010    
1011     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1012     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1013     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1014     use
1015 tocharian 1.50
1016 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1017    
1018     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1019     +hardened-sources-2.4.29.ebuild:
1020     New hardened-patches-2.4-29.0 patchball.
1021     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1022    
1023     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1024    
1025     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1026     +hardened-sources-2.4.28-r5.ebuild:
1027     Added a fix for a PaX vulnerability.
1028    
1029     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1030 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1031     Stable on x86
1032 solar 1.49
1033     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1034     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1035     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1036     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1037     - fixed/added RDEPEND= in all kernel-2 ebuilds
1038 tocharian 1.48
1039     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1040    
1041     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1042     +hardened-sources-2.4.28-r4.ebuild:
1043     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1044     backport of neighbour hash updates.
1045 tocharian 1.47
1046     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1047     hardened-sources-2.4.28-r3.ebuild:
1048     Stable on x86
1049 tseng 1.46
1050     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1051    
1052     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1053     +hardened-sources-2.6.10-r3.ebuild:
1054     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1055     in 2005.0
1056 tocharian 1.45
1057     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1058     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1059     hardened-sources-2.4.28-r2.ebuild:
1060     Mark stable on x86
1061 tocharian 1.44
1062     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1063    
1064     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1065     +hardened-sources-2.4.28-r3.ebuild:
1066     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1067 tocharian 1.43
1068     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069     hardened-sources-2.4.28.ebuild:
1070     Mark stable on x86.
1071 tocharian 1.42
1072     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1073    
1074     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1075     +hardened-sources-2.4.28-r2.ebuild:
1076     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1077     Mazinger for grsecurity patches as well.
1078 plasmaroo 1.41
1079     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1080    
1081     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1082     Security bump. Thank tocharian for rolling a new patchset...
1083 solar 1.40
1084     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1085     +files/2.4.28-grsec-cmdline-race.patch,
1086     +files/2.4.28-selinux-binfmt_a.out.patch,
1087     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1088     - Round up remaining security patches that appear to be missing in 2.4.28. -
1089     PaX standalone updated to current. hgpv=28.1
1090 solar 1.39
1091     *hardened-sources-2.4.28 (28 Nov 2004)
1092    
1093     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1094     security bump. Thank tocharian for rolling a new patchset
1095 scox 1.31
1096 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1097    
1098     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1099     +hardened-sources-2.4.27-r3.ebuild:
1100     Applies the new 2.4-27.2 patchball which updates
1101     GRSecurity to the 2.0.1 version.
1102    
1103 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1104    
1105     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1106     +hardened-sources-2.4.27-r2.ebuild:
1107     Version bump.
1108     This version uses the new 2.4-27.1 patchball which updates
1109     both the SELinux PaX hooks patch and the SELinux headers.
1110    
1111 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1112    
1113     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1114     +hardened-sources-2.4.27-r1.ebuild,
1115     -hardened-sources-2.4.27.ebuild,
1116     +files/2.4.27-cmdline-race.patch:
1117     Version bump, fix for cmdline race. See bug #59905.
1118    
1119     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1120    
1121     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1122     +hardened-sources-2.4.26-r6.ebuild,
1123     -hardened-sources-2.4.26-r5.ebuild,
1124     -hardened-sources-2.4.26-r4.ebuild,
1125     +files/2.4.26-cmdline-race.patch:
1126     Version bump, fix for cmdline race. See bug #59905.
1127    
1128 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1129    
1130     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1131     +hardened-sources-2.4.27.ebuild,
1132     +files/2.4.27-CAN-2004-0394.patch:
1133     Ported the patchball to the 2.4.27 kernel version.
1134    
1135 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1136    
1137     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1138     +hardened-sources-2.4.26-r5.ebuild:
1139 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1140 scox 1.34 It adds the following features:
1141     - Squashfs
1142     - Ebtables
1143     - Netdev random (core+drivers)
1144     - Watchdog Timer (WDT) fix.
1145    
1146 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1147    
1148     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1149     +hardened-sources-2.4.26-r4.ebuild,
1150     +files/2.4.26-CAN-2004-0415.patch,
1151     -hardened-sources-2.4.26-3:
1152     Version bump, fix for CAN 0415, see bug #59378.
1153    
1154 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1155    
1156     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1157     +hardened-sources-2.4.26-r3.ebuild,
1158     +files/2.4.26-CAN-2004-0497.patch,
1159     -hardened-sources-2.4.26-r2.ebuild:
1160     Version bump, fixed CAN 0497, see bug #56171.
1161    
1162 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1163    
1164     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1165 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1166 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1167     +files/2.4.26-CAN-2004-0535.patch,
1168     -hardened-sources-2.4.26-r1.ebuild:
1169     Fixes for both CAN 0495 and 0535, see bug #54976
1170 pvdabeel 1.27
1171 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1172     hardened-sources-2.4.26-r1.ebuild:
1173     QA - fix use invocation
1174 scox 1.28
1175     *hardened-sources-2.4.26-r1 (22 June 2004)
1176    
1177     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1178     +hardened-sources-2.4.26-r1.ebuild,
1179     +files/2.4.26-CAN-2004-0394.patch,
1180     +files/2.4.26-signal-race.patch,
1181     -hardened-sources-2.4.26.ebuild,
1182     -hardened-sources-2.4.24-r3.ebuild:
1183     Version bump for the CAN-2004-0394 issue and bug #53804
1184     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1185    
1186    
1187 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1188     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1189     Masked hardened-sources-2.4.26.ebuild broken for ppc
1190    
1191     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1192     hardened-sources-2.4.24-r3.ebuild:
1193     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1194 plasmaroo 1.25
1195 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1196    
1197     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1198     +hardened-sources-2.4.26.ebuild:
1199     Updated hardened-sources for the 2.4.26 kernel
1200     Removed broken components, updated almost everything.
1201    
1202 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1203    
1204     17 Apr 2004; <plasmaroo@gentoo.org>
1205     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1206     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1207     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1208     +hardened-sources-2.4.24-r3.ebuild:
1209     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1210     vulnerabilities. Old revisions removed.
1211 plasmaroo 1.24
1212     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1213    
1214     15 Apr 2004; <plasmaroo@gentoo.org>
1215     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1216     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1217     Version bump for the CAN-2004-0109 issue; bug #47881.
1218 aliz 1.23
1219     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1220     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1221     Add eutils to inherit.
1222 plasmaroo 1.22
1223     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1224    
1225     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1226     files/hardened-sources-2.4.24.munmap.patch:
1227     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1228 scox 1.19
1229 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1230 scox 1.26
1231 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1232     hardened-sources-2.4.24.ebuild:
1233     Version bump, updated most of the components.
1234     This release includes the following:
1235    
1236     - Hardened security
1237     - Netfilter patch-o-matic 20031219
1238     - FreeSWAN 2.04 & x509 1.4.8
1239     - EVMS 2.2.2
1240     - XFS 1.3.1
1241     - cryptoloop jari
1242     - grsecurity 2.0-rc4
1243     - SELinux
1244     - PaX 200402060000
1245     - PaX Obscurity 200308302223
1246     - Others...
1247    
1248     Neither -ck nor systrace are included anymore.
1249    
1250 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1251    
1252     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1253     hardened-sources-2.4.22-r2.ebuild:
1254 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1255 scox 1.19
1256     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1257 iggy 1.17
1258     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1259 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1260 iggy 1.16
1261     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1262 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1263     Version bump for the 'do_brk' vulnerability.
1264 iggy 1.15
1265     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1266     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1267     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1268     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1269 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1270 frogger 1.14
1271     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1272     hardened-sources-2.4.22.ebuild:
1273 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1274     components. These are no longer handled in the kernel
1275     so this code was not necessary.
1276 frogger 1.13
1277     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1278     New 2.4.22 based hardened-sources thanks to
1279     Phil West <p.west@computer.org>.
1280    
1281     These sources include:
1282 plasmaroo 1.18 - New SELinux API
1283     - Updated CK-base
1284     - Updated GRSec
1285     - Systrace
1286     - SuperFreeS/WAN 1.99.8
1287     - Propolice kernel build support
1288     - EVMS
1289     - Other various security related patches
1290 frogger 1.11
1291 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1292    
1293     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1294     Updated hardened-sources based on the 2.4.21 Linux kernel.
1295     This includes updates to most major components such as:
1296 plasmaroo 1.18 - ck-base-0306300059
1297     - selinux-2.4-2003071106
1298     - grsecurity-2.0-rc1
1299     - Updated IPTables patch-o-matic
1300     - Updated SuperFreeS/WAN
1301    
1302 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1303     updated patch set ready for the 2.4.21 based kernel.
1304    
1305 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1306     Initial import of hardened-sources-2.4.20-r4. This revision
1307     includes only a few changes, but one of these is an important
1308     security fix. It is recommended all users of hardened-sources
1309     upgrade to this release.
1310 plasmaroo 1.18
1311 frogger 1.11 - ioperm bug fix
1312     - fixed compilation failure when building without GRSec
1313 plasmaroo 1.18
1314 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1315     due to time constraints, but is planned for inclusion in the near
1316     future.
1317 msterret 1.10
1318     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1319    
1320     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1321     hardened-sources-2.4.20-r3.ebuild:
1322 plasmaroo 1.18 Add Header...
1323 frogger 1.9
1324     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1325     hardened-sources-2.4.20-r3.ebuild:
1326     Removed warnings from ebuild. This kernel should be safe to
1327     use at this point.
1328 frogger 1.8
1329     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1330    
1331     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1332     hardened-sources-2.4.20-r3.ebuild:
1333     New revision. Includes the following changes over -r2:
1334 plasmaroo 1.18
1335 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1336     - Super FreeS/WAN 1.99.7rc2
1337     - PaX for the LSM/SELinux branch
1338     - GRSecurity 2.0-pre4 (role based access control)
1339     - Systrace 1.3
1340     - EXT3 fixes
1341     - EVMS 2.0.1
1342     - GCC 3.1+ compile optimizations
1343     - ProPolice kernel build support
1344     - Hashing table security fixes
1345 frogger 1.3
1346     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1347 frogger 1.7
1348     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1349     Initial import of hardened-sources-r2. This new
1350     ebuild includes many new performance and security
1351     related patches. As in -r1, it will patch in
1352     LSM/SELinux if "selinux" is in USE, otherwise it
1353     will patch in GRSecurity. The following patches
1354     are included in this revision:
1355 plasmaroo 1.18
1356 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1357     (pulled from the base CK patch)
1358     - ptrace exploit patch for the LSM kernel
1359     (the GRSec patch already fixes this)
1360     - LSM 2.4-2003040709
1361     - SELinux 2.4-2003040709
1362     - Systrace v1.2
1363     - IPTables patch-o-matic base patches - 20030107
1364     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1365     - Super FreeS/WAN 1.99.6.1
1366     - GRSecurity 1.9.9g
1367     - MPPE
1368     - EXT3 data journal fix
1369     - CIPE 1.5.4
1370 frogger 1.6
1371     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1372     hardened-sources-2.4.20-r1.ebuild, manifest:
1373 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1374 frogger 1.5
1375     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1376     hardened-sources-2.4.20-r1.ebuild:
1377     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1378     is patched in instead. Ptrace patches for selinux have also been added. In
1379     either case, systrace support will be patched in as well.
1380 frogger 1.3
1381     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1382     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1383 plasmaroo 1.18 Revision bump for new sources.
1384 frogger 1.4
1385 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1386 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1387 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1388 method 1.1
1389 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1390    
1391 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1392     hardened-sources-2.4.20.ebuild:
1393 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20