/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.226 - (hide annotations) (download)
Tue Jun 17 18:29:37 2008 UTC (6 years, 3 months ago) by solar
Branch: MAIN
Changes since 1.225: +12 -1 lines
2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635, #224647, #225461, other fixes.
2.6.24-r3: Fixes security bugs #212136, #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes.
2.6.25: Initial 2.6.25 release.

(Portage version: 2.1.3.19)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.226 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.225 2008/05/15 15:35:54 solar Exp $
4    
5     *hardened-sources-2.6.25 (17 Jun 2008)
6     *hardened-sources-2.6.24-r3 (17 Jun 2008)
7     *hardened-sources-2.6.23-r13 (17 Jun 2008)
8    
9     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
10     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
11     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
12     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
13     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
14     2.6.25: Initial 2.6.25 release.
15 solar 1.225
16     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
17     - fasttrack to stable x86/amd64
18 swegener 1.224
19     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
20     Fix broken digest for linux-2.6.24.tar.bz2.
21 solar 1.223
22     *hardened-sources-2.6.24-r2 (11 May 2008)
23     *hardened-sources-2.6.23-r12 (11 May 2008)
24    
25     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
26     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
27     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
28     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
29     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
30     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
31     security bugs 219901, 220691, 220975, 220979, 221123. New
32     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
33     should be removed as far as I'm concerned, everything else remove due to
34     vulnerable to numerous security bugs or brokeness.
35 nixnut 1.222
36     10 May 2008; nixnut <nixnut@gentoo.org>
37     hardened-sources-2.6.23-r11.ebuild:
38     Stable on ppc
39 solar 1.221
40     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
41     - -r11 stable on x86/amd64
42 solar 1.220
43     *hardened-sources-2.6.23-r11 (01 May 2008)
44    
45     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
46     - version bump to fix ulgy linux bugs
47 phreak 1.219
48     *hardened-sources-2.6.24-r1 (30 Apr 2008)
49    
50     30 Apr 2008; Christian Heim <phreak@gentoo.org>
51     +hardened-sources-2.6.24-r1.ebuild:
52     Revision bump (thanks to Kerin and Gordon, again), pulling
53     genpatches-2.6.24-7, solving #219089. Additionally contains further security
54     fixes plus some minor updates.
55 phreak 1.218
56     *hardened-sources-2.6.23-r10 (30 Apr 2008)
57    
58     30 Apr 2008; Christian Heim <phreak@gentoo.org>
59     +hardened-sources-2.6.23-r10.ebuild:
60     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
61     Additional contains "various other fixes".
62 phreak 1.217
63     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
64     Update the longdescription in metadata, thanks to Gordon Malm.
65 nixnut 1.216
66     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
67     Stable on ppc wrt bug #213255
68 solar 1.215
69     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
70     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
71     - stable on x86/amd64 per request. Removed obsolete ebuilds
72 phreak 1.214
73     *hardened-sources-2.6.24 (07 Apr 2008)
74    
75     07 Apr 2008; Christian Heim <phreak@gentoo.org>
76     +hardened-sources-2.6.24.ebuild:
77     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
78     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
79     for the many contributions and their continued effort in #216612) based on
80     2.6.24 and genpatches-2.6.24-5.
81    
82     The current ebuild/patchset contains these things:
83     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
84     * Introduces bespoke server and workstation oriented security levels
85     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
86 phreak 1.213
87     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
88     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
89     maintaining it).
90 phreak 1.212
91     24 Mar 2008; Christian Heim <phreak@gentoo.org>
92     hardened-sources-2.4.35-r2.ebuild:
93     Fixing SRC_URI for 2.4.35-r2.
94 phreak 1.211
95     *hardened-sources-2.6.23-r9 (22 Mar 2008)
96    
97     22 Mar 2008; Christian Heim <phreak@gentoo.org>
98     +hardened-sources-2.6.23-r9.ebuild:
99     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
100     * Change the default GIDs for some grsecurity options
101     * Revamp the Hardened [Gentoo] security level and make it the default level
102     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
103     * Fix a recursive lock -- call to capable() within ptrace_attach()
104     * Fix bug that allows audit and iscsi operations to be controlled via netlink
105 solar 1.210
106     *hardened-sources-2.6.23-r8 (27 Feb 2008)
107    
108     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
109     - version bump from Kerin Millar bug 210026
110 solar 1.209
111     17 Feb 2008; <solar@gentoo.org> metadata.xml,
112     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
113     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
114     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
115     - stable on x86 and remove old ebuilds
116 solar 1.207
117     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
118 solar 1.208 - stable on amd64 per request of amd64 lead
119 solar 1.206
120     *hardened-sources-2.6.23-r7 (11 Feb 2008)
121    
122     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
123     - version bump from kerin.millar
124     Changes:
125    
126     * Bump to genpatches-base-2.6.23-9
127     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
128     * Disables COMPAT_VDSO in x86/defconfig
129     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
130 phreak 1.205
131     25 Jan 2008; Christian Heim <phreak@gentoo.org>
132     -hardened-sources-2.6.22-r8.ebuild:
133     Cleaning up old versions.
134 phreak 1.204
135     *hardened-sources-2.6.23-r6 (25 Jan 2008)
136    
137     25 Jan 2008; Christian Heim <phreak@gentoo.org>
138     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
139     Revision bump, pulling in the latest genpatches.
140 phreak 1.203
141     *hardened-sources-2.6.23-r5 (24 Dec 2007)
142    
143     24 Dec 2007; Christian Heim <phreak@gentoo.org>
144     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
145     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
146     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
147     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
148 phreak 1.202
149     24 Dec 2007; Christian Heim <phreak@gentoo.org>
150     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
151     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
152     -hardened-sources-2.6.23-r3.ebuild:
153     Cleaning out some unused, old versions.
154 phreak 1.201
155     24 Dec 2007; Christian Heim <phreak@gentoo.org>
156     hardened-sources-2.6.23-r4.ebuild:
157     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
158     in the tree for long, but there isn't much of a difference between this and
159     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
160 phreak 1.200
161     *hardened-sources-2.6.23-r4 (23 Dec 2007)
162    
163     23 Dec 2007; Christian Heim <phreak@gentoo.org>
164     +hardened-sources-2.6.23-r4.ebuild:
165     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
166 phreak 1.199
167     *hardened-sources-2.6.23-r3 (04 Dec 2007)
168    
169     04 Dec 2007; Christian Heim <phreak@gentoo.org>
170     +hardened-sources-2.6.23-r3.ebuild:
171     Revision bump, pulling in 2.6.23.9.
172 phreak 1.198
173     *hardened-sources-2.6.23-r2 (25 Nov 2007)
174    
175     25 Nov 2007; Christian Heim <phreak@gentoo.org>
176     +hardened-sources-2.6.23-r2.ebuild:
177     Updated patchset, thanks to solar.
178 phreak 1.197
179     *hardened-sources-2.6.23-r1 (31 Oct 2007)
180    
181     31 Oct 2007; Christian Heim <phreak@gentoo.org>
182     +hardened-sources-2.6.23-r1.ebuild:
183     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
184 solar 1.196
185     29 Oct 2007; <solar@gentoo.org> metadata.xml:
186     - update metadata.xml
187 phreak 1.195
188     25 Oct 2007; Christian Heim <phreak@gentoo.org>
189     hardened-sources-2.6.22-r8.ebuild:
190     Marking 2.6.22-r8 stable on amd64 and x86.
191 phreak 1.194
192     21 Oct 2007; Christian Heim <phreak@gentoo.org>
193     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
194     -hardened-sources-2.6.21-r4.ebuild:
195     Removing old ebuilds.
196 phreak 1.193
197     *hardened-sources-2.4.35-r2 (21 Oct 2007)
198    
199     21 Oct 2007; Christian Heim <phreak@gentoo.org>
200     +hardened-sources-2.4.35-r2.ebuild:
201     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
202     patches.
203 phreak 1.192
204     *hardened-sources-2.6.22-r8 (21 Oct 2007)
205    
206     21 Oct 2007; Christian Heim <phreak@gentoo.org>
207     +hardened-sources-2.6.22-r8.ebuild:
208     Yet another new patch, hopefully fixing the remaining issues we had w/
209     2.6.22. Candidate for stabling.
210 phreak 1.191
211     *hardened-sources-2.6.23 (13 Oct 2007)
212    
213     13 Oct 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.23.ebuild:
215     Initial hardened-sources-2.6.23. If people still have problems w/ bug
216     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
217 phreak 1.190
218     11 Oct 2007; Christian Heim <phreak@gentoo.org>
219     hardened-sources-2.6.20-r10.ebuild:
220     Pulling in yet another new genpatches version, fixing the PWC bug for real.
221 phreak 1.189
222     04 Oct 2007; Christian Heim <phreak@gentoo.org>
223     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
224     Removing old versions.
225 phreak 1.188
226     *hardened-sources-2.6.22-r7 (01 Oct 2007)
227    
228     01 Oct 2007; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.22-r7.ebuild:
230     Revision bump, pulling in a newer patch. Should fix #194276.
231 phreak 1.187
232     30 Sep 2007; Christian Heim <phreak@gentoo.org>
233     hardened-sources-2.6.20-r10.ebuild:
234     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
235     Mike Doty).
236 phreak 1.186
237     *hardened-sources-2.6.22-r6 (26 Sep 2007)
238    
239     26 Sep 2007; Christian Heim <phreak@gentoo.org>
240     +hardened-sources-2.6.22-r6.ebuild:
241     Revision bump, grabbing up till Linux 2.6.22.9.
242 phreak 1.185
243     24 Sep 2007; Christian Heim <phreak@gentoo.org>
244     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
245     Cleaning up further.
246 phreak 1.184
247     *hardened-sources-2.6.20-r10 (24 Sep 2007)
248    
249     24 Sep 2007; Christian Heim <phreak@gentoo.org>
250     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
251     +hardened-sources-2.6.20-r10.ebuild:
252     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
253     revisions.
254 phreak 1.183
255     *hardened-sources-2.6.22-r5 (22 Sep 2007)
256    
257     22 Sep 2007; Christian Heim <phreak@gentoo.org>
258     +hardened-sources-2.6.22-r5.ebuild:
259     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
260 phreak 1.182
261     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
262     Removing johnm from metadata.xml (see #186467 for reference).
263 phreak 1.181
264     *hardened-sources-2.6.22-r4 (17 Sep 2007)
265    
266     17 Sep 2007; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.22-r4.ebuild:
268     Revision bump, hopefully fixing all those weird PAX failures.
269 phreak 1.180
270     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
271     Updating the metadata.xml.
272 phreak 1.179
273     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
274     Removing tocharian from metadata due to his retirement (see #71718 for
275     reference).
276 phreak 1.178
277     *hardened-sources-2.6.20-r9 (30 Aug 2007)
278    
279     30 Aug 2007; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.6.20-r9.ebuild:
281     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
282 phreak 1.177
283     29 Aug 2007; Christian Heim <phreak@gentoo.org>
284     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
285     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
286     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
287     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
288     -hardened-sources-2.6.22-r2.ebuild:
289     Removing some redundant versions.
290 phreak 1.176
291     *hardened-sources-2.4.35-r1 (29 Aug 2007)
292    
293     29 Aug 2007; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.4.35-r1.ebuild:
295     Revision bump, new grsecurity patch.
296 phreak 1.175
297     *hardened-sources-2.6.20-r8 (26 Aug 2007)
298    
299     26 Aug 2007; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.6.20-r8.ebuild:
301     Revision bump for Linux 2.6.20.17.
302 phreak 1.174
303     *hardened-sources-2.6.22-r3 (22 Aug 2007)
304    
305     22 Aug 2007; Christian Heim <phreak@gentoo.org>
306     +hardened-sources-2.6.22-r3.ebuild:
307     Revision bump for Linux 2.6.22.4.
308 phreak 1.173
309     16 Aug 2007; Christian Heim <phreak@gentoo.org>
310     hardened-sources-2.6.22-r2.ebuild:
311     Updated patchset, to fix the alignment against 2.6.22.3.
312 phreak 1.172
313     *hardened-sources-2.6.22-r2 (16 Aug 2007)
314    
315     16 Aug 2007; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.6.22-r2.ebuild:
317     Revision bump for Linux 2.6.22.3.
318 phreak 1.171
319     *hardened-sources-2.4.35 (16 Aug 2007)
320    
321     16 Aug 2007; Christian Heim <phreak@gentoo.org>
322     +hardened-sources-2.4.35.ebuild:
323     Version bump, initial version for Linux 2.4.35.
324 phreak 1.170
325     *hardened-sources-2.6.21-r4 (16 Aug 2007)
326    
327     16 Aug 2007; Christian Heim <phreak@gentoo.org>
328     +hardened-sources-2.6.21-r4.ebuild:
329     Revision bump for Linux 2.6.21.6.
330 phreak 1.169
331     *hardened-sources-2.6.20-r7 (16 Aug 2007)
332    
333     16 Aug 2007; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.20-r7.ebuild:
335     Revision bump for Linux 2.6.20.16.
336 phreak 1.168
337     *hardened-sources-2.6.22-r1 (13 Aug 2007)
338    
339     13 Aug 2007; Christian Heim <phreak@gentoo.org>
340     +hardened-sources-2.6.22-r1.ebuild:
341     Yet another revision bump.
342 phreak 1.167
343     *hardened-sources-2.6.22 (10 Aug 2007)
344    
345     10 Aug 2007; Christian Heim <phreak@gentoo.org>
346     +hardened-sources-2.6.22.ebuild:
347     Initial release for 2.6.22. If you are using hardened-sources on a desktop
348     machine (P4 or newer), be aware you might need to disable
349     CONFIG_PAX_PAGEEXEC.
350 phreak 1.166
351     04 Aug 2007; Christian Heim <phreak@gentoo.org>
352     hardened-sources-2.6.20-r6.ebuild:
353     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
354     2.6.20.15.
355 phreak 1.165
356     10 Jul 2007; Christian Heim <phreak@gentoo.org>
357     hardened-sources-2.6.20-r5.ebuild:
358     Marking hardened-sources-2.6.20-r5 stable on ppc.
359 phreak 1.164
360     10 Jul 2007; Christian Heim <phreak@gentoo.org>
361     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
362     Cleanup.
363 phreak 1.163
364     *hardened-sources-2.6.20-r6 (08 Jul 2007)
365    
366     08 Jul 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.20-r6.ebuild:
368     Revision bump, grabbing yet another stable release.
369 phreak 1.162
370     17 Jun 2007; Christian Heim <phreak@gentoo.org>
371     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
372     -hardened-sources-2.6.21-r2.ebuild:
373     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
374     alpha stable KEYWORD by mistake.
375 phreak 1.161
376     17 Jun 2007; Christian Heim <phreak@gentoo.org>
377     hardened-sources-2.6.20-r5.ebuild:
378     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
379     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
380 phreak 1.160
381     *hardened-sources-2.6.21-r3 (12 Jun 2007)
382    
383     12 Jun 2007; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.21-r3.ebuild:
385     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
386     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
387     love.
388 phreak 1.159
389     *hardened-sources-2.6.20-r5 (11 Jun 2007)
390    
391     11 Jun 2007; Christian Heim <phreak@gentoo.org>
392     +hardened-sources-2.6.20-r5.ebuild:
393     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
394     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
395     love.
396 pappy 1.158
397     *hardened-sources-2.4.34.5 (11 Jun 2007)
398    
399     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
400     +hardened-sources-2.4.34.5.ebuild:
401     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
402 phreak 1.157
403     30 May 2007; Christian Heim <phreak@gentoo.org>
404     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
405     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
406     stale ebuild(s).
407 phreak 1.156
408     30 May 2007; Christian Heim <phreak@gentoo.org>
409     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
410     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
411     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
412     Doing some cleanups, remove stale ebuilds.
413 phreak 1.155
414     26 May 2007; Christian Heim <phreak@gentoo.org>
415     hardened-sources-2.6.21-r2.ebuild:
416     Fixing the grsecurity patch, had one '};' too much.
417 phreak 1.154
418     *hardened-sources-2.6.21-r2 (26 May 2007)
419    
420     26 May 2007; Christian Heim <phreak@gentoo.org>
421     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
422     +hardened-sources-2.6.21-r2.ebuild:
423     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
424     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
425 phreak 1.153
426     *hardened-sources-2.6.20-r4 (26 May 2007)
427    
428     26 May 2007; Christian Heim <phreak@gentoo.org>
429     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
430     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
431 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
432 phreak 1.152
433     15 May 2007; Christian Heim <phreak@gentoo.org>
434     hardened-sources-2.6.20-r3.ebuild:
435     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
436     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
437     grsecurity patch fail in that exact same hunk.
438 phreak 1.151
439     *hardened-sources-2.6.20-r3 (15 May 2007)
440    
441     15 May 2007; Christian Heim <phreak@gentoo.org>
442     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
443     Revision bump, incorporating Linux 2.6.20.11.
444    
445     *hardened-sources-2.6.21-r1 (11 May 2007)
446    
447     11 May 2007; Christian Heim <phreak@gentoo.org>
448     +hardened-sources-2.6.21-r1.ebuild:
449     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
450     mentioned in #177234.
451 kevquinn 1.150
452     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
453     files/digest-hardened-sources-2.6.21, Manifest:
454     Fix Manifest/digest for linux-2.6.21.tar.bz2
455 phreak 1.149
456     06 May 2007; Christian Heim <phreak@gentoo.org>
457     hardened-sources-2.6.21.ebuild:
458     Bumping the hardened-patches version, needed for the fix for #177234.
459 phreak 1.148
460     *hardened-sources-2.6.21 (02 May 2007)
461    
462     02 May 2007; Christian Heim <phreak@gentoo.org>
463     +hardened-sources-2.6.21.ebuild:
464     Version bump, Linux 2.6.21-hardened.
465 phreak 1.147
466     29 Apr 2007; Christian Heim <phreak@gentoo.org>
467     hardened-sources-2.6.20-r2.ebuild:
468     Adding ~ia64 on Ned's request.
469 phreak 1.146
470     29 Apr 2007; Christian Heim <phreak@gentoo.org>
471     hardened-sources-2.6.20-r2.ebuild:
472     Fixing the included grsecurity patch, wasn't alligning due to the Index:
473     header line(s).
474 phreak 1.145
475     29 Apr 2007; Christian Heim <phreak@gentoo.org>
476     hardened-sources-2.6.20-r2.ebuild:
477     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
478 armin76 1.144
479     *hardened-sources-2.6.20-r2 (10 Apr 2007)
480    
481     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
482     +hardened-sources-2.6.20-r2.ebuild:
483     Version bump, on behalf of phreak
484 phreak 1.143
485     *hardened-sources-2.6.20-r1 (04 Apr 2007)
486    
487     04 Apr 2007; Christian Heim <phreak@gentoo.org>
488     +hardened-sources-2.6.20-r1.ebuild:
489     Revision bump, grabbing a newer grsecurity snapshot.
490 phreak 1.142
491     *hardened-sources-2.6.20 (25 Mar 2007)
492    
493     25 Mar 2007; Christian Heim <phreak@gentoo.org>
494     +hardened-sources-2.6.20.ebuild:
495     Finally a hardened-sources version for 2.6.20; many people have been waiting
496     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
497     testbox.
498 chainsaw 1.141
499     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
500     hardened-sources-2.6.18-r6.ebuild:
501     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
502 phreak 1.140
503     *hardened-sources-2.6.18-r6 (16 Mar 2007)
504    
505     16 Mar 2007; Christian Heim <phreak@gentoo.org>
506     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
507     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
508     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
509     supposed to be.
510 phreak 1.139
511     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
512     Fixing the Manifest, the previous one was broken (as in still had the
513     deleted ebuild in it).
514 phreak 1.138
515     06 Mar 2007; Christian Heim <phreak@gentoo.org>
516     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
517     +hardened-sources-2.6.18-r5.ebuild:
518     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
519     Linux 2.6.18.8. Also cleaning up the older version.
520    
521     *hardened-sources-2.6.18-r5 (06 Mar 2007)
522    
523     06 Mar 2007; Christian Heim <phreak@gentoo.org>
524     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
525     +hardened-sources-2.6.18-r5.ebuild:
526     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
527     Linux 2.6.18.8. Also cleaning up the older version.
528 phreak 1.137
529     24 Feb 2007; Christian Heim <phreak@gentoo.org>
530     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
531     -hardened-sources-2.6.19-r5.ebuild:
532     Removing some of the old version, that didn't work.
533 phreak 1.136
534     *hardened-sources-2.6.19-r6 (12 Feb 2007)
535    
536     12 Feb 2007; Christian Heim <phreak@gentoo.org>
537     +hardened-sources-2.6.19-r6.ebuild:
538     Revision bump, including a new grsec version fixing #166235.
539 pappy 1.134
540     *hardened-sources-2.4.34 (24 Jan 2007)
541    
542     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
543 pappy 1.135 Manifest:
544     updating Manifest with checksums of new tarball and ebuild
545    
546     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
547 pappy 1.134 +hardened-sources-2.4.34.ebuild:
548     I added new hardened sources 2.4 update, this is a critical path
549     security bugfix - all users of h-s are strongly advised
550     to update their existing hardened sources to this version.
551     It contains a fix for a kernel vulnerability that is pertaining
552     to the PaX changes to virtual memory management, possibly leading
553     to a local kernel exploit ... see grsecurity.net forums and homepage
554 phreak 1.133
555     23 Jan 2007; Christian Heim <phreak@gentoo.org>
556     files/digest-hardened-sources-2.6.19-r5, Manifest:
557     Fixing the patch-tarball digest.
558 phreak 1.132
559     *hardened-sources-2.6.19-r5 (23 Jan 2007)
560    
561     23 Jan 2007; Christian Heim <phreak@gentoo.org>
562     +hardened-sources-2.6.19-r5.ebuild:
563     Revision bump, closing the recently discovered PaX expand_stack()
564     vulnerability.
565 phreak 1.131
566     *hardened-sources-2.6.19-r4 (14 Jan 2007)
567    
568     14 Jan 2007; Christian Heim <phreak@gentoo.org>
569     +hardened-sources-2.6.19-r4.ebuild:
570     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
571     dropping the randomized PID feature.
572 opfer 1.130
573     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
574     hardened-sources-2.4.33.4.ebuild:
575     stable x86, bug #161171
576 phreak 1.129
577     *hardened-sources-2.6.19-r3 (27 Dec 2006)
578    
579     27 Dec 2006; Christian Heim <phreak@gentoo.org>
580     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
581     Revision bump for bug #157186 and #158786.
582 phreak 1.128
583     *hardened-sources-2.6.18-r4 (27 Dec 2006)
584    
585     27 Dec 2006; Christian Heim <phreak@gentoo.org>
586     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
587     Revision bump for bug #157186.
588 phreak 1.127
589     *hardened-sources-2.6.19-r2 (23 Dec 2006)
590    
591     23 Dec 2006; Christian Heim <phreak@gentoo.org>
592     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
593     Revision bump to pull in genpatches-2.6.19-3 for #157186.
594 phreak 1.126
595     17 Dec 2006; Christian Heim <phreak@gentoo.org>
596     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
597     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
598     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
599     hardened-sources-2.6.19-r1.ebuild:
600     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
601     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
602 pappy 1.125
603     *hardened-sources-2.4.33.4 (17 Dec 2006)
604    
605     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
606     +hardened-sources-2.4.33.4.ebuild:
607     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
608     and quilting
609 phreak 1.124
610     *hardened-sources-2.6.19-r1 (14 Dec 2006)
611    
612     14 Dec 2006; Christian Heim <phreak@gentoo.org>
613     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
614     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
615     for reporting).
616 phreak 1.123
617     *hardened-sources-2.6.19 (13 Dec 2006)
618    
619     13 Dec 2006; Christian Heim <phreak@gentoo.org>
620     +hardened-sources-2.6.19.ebuild:
621     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
622     Brad for providing that prompt update.
623 phreak 1.122
624     *hardened-sources-2.6.18-r3 (13 Dec 2006)
625    
626     13 Dec 2006; Christian Heim <phreak@gentoo.org>
627     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
628     +hardened-sources-2.6.18-r3.ebuild:
629     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
630     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
631 phreak 1.121
632     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
633     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
634 nixnut 1.120
635     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
636     Stable on ppc wrt bug 157356
637 opfer 1.119
638     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
639     hardened-sources-2.6.18.ebuild:
640     stable x86, bug #157356
641 phreak 1.118
642     *hardened-sources-2.6.18-r2 (06 Dec 2006)
643    
644     06 Dec 2006; Christian Heim <phreak@gentoo.org>
645     +hardened-sources-2.6.18-r2.ebuild:
646     Revision bump, including 2.6.18.5 (via genpatches) and
647     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
648     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
649     redesign.
650 phreak 1.117
651     06 Dec 2006; Christian Heim <phreak@gentoo.org>
652     hardened-sources-2.6.18.ebuild:
653     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
654     of Mike Doty).
655 phreak 1.116
656     *hardened-sources-2.6.18-r1 (23 Nov 2006)
657    
658     23 Nov 2006; Christian Heim <phreak@gentoo.org>
659     +hardened-sources-2.6.18-r1.ebuild:
660     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
661 phreak 1.115
662     *hardened-sources-2.6.18 (11 Nov 2006)
663    
664     11 Nov 2006; Christian Heim <phreak@gentoo.org>
665     +hardened-sources-2.6.18.ebuild:
666     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
667 solar 1.114
668     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
669     - mark amd64 stable also. bug #151877
670 solar 1.113
671     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
672     - mark 2.6.17-r1 stable
673 phreak 1.112
674     27 Aug 2006; Christian Heim <phreak@gentoo.org>
675     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
676     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
677 phreak 1.111
678     *hardened-sources-2.6.17-r1 (26 Aug 2006)
679    
680     26 Aug 2006; Christian Heim <phreak@gentoo.org>
681     +hardened-sources-2.6.17-r1.ebuild:
682     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
683     grsecurity patch.
684 phreak 1.110
685     *hardened-sources-2.6.17 (17 Aug 2006)
686    
687     17 Aug 2006; Christian Heim <phreak@gentoo.org>
688     +hardened-sources-2.6.17.ebuild:
689     Bumping the hardened-sources-2.6 series to 2.6.17, using
690     genpatches-2.6.17-6.base.
691 solar 1.109
692     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
693     - stable on x86 and amd64
694 solar 1.108
695     *hardened-sources-2.6.16-r11 (15 Jul 2006)
696    
697     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
698     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
699     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
700     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
701     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
702     crusty ebuilds
703 johnm 1.107
704     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
705     hardened-sources-2.6.16-r10.ebuild:
706     marking stable on x86 and amd64
707 solar 1.106
708     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
709     - 2.4.32-r6 stable on x86. RSBAC state unknown
710 kang 1.105
711     *hardened-sources-2.4.32-r7 (10 Jul 2006)
712    
713     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
714     +hardened-sources-2.4.32-r7.ebuild:
715     Bump PaX for RSBAC to test-17
716 johnm 1.104
717     *hardened-sources-2.6.16-r9 (03 Jul 2006)
718    
719     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
720     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
721     hardened-sources-2.6.16 bump to latest -base.
722 solar 1.103
723     *hardened-sources-2.4.32-r6 (30 Jun 2006)
724    
725     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
726     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
727     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
728     sysctl controlable resource logging
729 johnm 1.102
730     *hardened-sources-2.6.16-r7 (05 Jun 2006)
731    
732     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
733     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
734     push new 2.6.16 release in preparation for stable
735 solar 1.101
736     22 May 2006; <solar@gentoo.org> :
737     - redigest bug 134002
738 kang 1.100
739     *hardened-sources-2.4.32-r5 (16 May 2006)
740    
741     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
742     +hardened-sources-2.4.32-r5.ebuild:
743     Fixes rsbac common patching (new patch in new -r5 patchset)
744 solar 1.99
745     *hardened-sources-2.4.32-r4 (13 May 2006)
746    
747     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
748     +hardened-sources-2.4.32-r4.ebuild:
749     - security bumps
750 johnm 1.98
751     *hardened-sources-2.6.16-r6 (03 May 2006)
752    
753     03 May 2006; John Mylchreest <johnm@gentoo.org>
754     +hardened-sources-2.6.16-r6.ebuild:
755     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
756 johnm 1.97
757     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
758     hardened-sources-2.6.14-r8.ebuild:
759     fix x86_64 build problem, this will delay the digest issue again for a short
760     while but it will sort itself out
761 johnm 1.96
762     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
763     hardened-sources-2.6.14-r8.ebuild:
764     bump hardened patchset
765 antarus 1.94
766     27 Apr 2006; Alec Warner <antarus@gentoo.org>
767     files/digest-hardened-sources-2.4.32-r2,
768     files/digest-hardened-sources-2.4.32-r3,
769     files/digest-hardened-sources-2.6.14-r8, Manifest:
770     Fixing duff SHA256 digests: Bug # 131293
771 johnm 1.93
772 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
773    
774     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
775     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
776     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
777     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
778     cleanup of old uneccessary sources
779    
780 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
781     fix digest
782 johnm 1.92
783     *hardened-sources-2.6.14-r8 (20 Apr 2006)
784    
785     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
786     +hardened-sources-2.6.14-r8.ebuild:
787     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
788 johnm 1.91
789     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
790     Turning on gpg-signing again, and recomitting
791 johnm 1.90
792     *hardened-sources-2.6.16-r4 (20 Apr 2006)
793    
794     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
795     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
796     +hardened-sources-2.6.16-r4.ebuild:
797     Fix numerous security vulns
798 solar 1.89
799     *hardened-sources-2.4.32-r3 (16 Apr 2006)
800    
801     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
802     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
803     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
804     - security bump for bug #112791. Removed old ebuilds
805 johnm 1.88
806     *hardened-sources-2.6.16-r3 (15 Apr 2006)
807    
808     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
809     +hardened-sources-2.6.16-r3.ebuild:
810     Removing silly localversion which I missed
811 johnm 1.87
812     *hardened-sources-2.6.14-r7 (14 Apr 2006)
813    
814     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
815     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
816     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
817 johnm 1.86
818     *hardened-sources-2.6.16-r2 (13 Apr 2006)
819    
820     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
821     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
822     +hardened-sources-2.6.16-r2.ebuild:
823     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
824     labels, dropping USERGROUP define fixes, since these were merged mainstream.
825 johnm 1.85
826     *hardened-sources-2.6.16-r1 (11 Apr 2006)
827    
828     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
829     +hardened-sources-2.6.16-r1.ebuild:
830     Bumping to include ppc build fix and 2.6.16.3
831 tsunam 1.84
832     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
833     hardened-sources-2.6.14-r6.ebuild:
834     Stable on x86; bug #127718
835 johnm 1.83
836     *hardened-sources-2.6.16 (31 Mar 2006)
837    
838     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
839     +hardened-sources-2.6.16.ebuild:
840     Bumping to new version of grsec, and kernel base. New squashfs. Based on
841     2.6.16.1
842 cryos 1.82
843     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
844     hardened-sources-2.6.14-r6.ebuild:
845     Stable on amd64, bug 127718.
846 nixnut 1.81
847     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
848     Stable on ppc. Bug #127718
849 johnm 1.80
850     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
851     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
852     -hardened-sources-2.6.14-r4.ebuild:
853     Cleanup.
854 johnm 1.79
855     *hardened-sources-2.6.14-r6 (15 Mar 2006)
856    
857     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
858     +hardened-sources-2.6.14-r6.ebuild:
859     Fixes grsec policy recreation bug and adds a
860     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
861 solar 1.78
862     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
863     - stable on x86
864 hansmi 1.77
865     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
866     hardened-sources-2.6.14-r5.ebuild:
867     Stable on ppc.
868 johnm 1.76
869     *hardened-sources-2.6.14-r5 (01 Feb 2006)
870    
871     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
872     +hardened-sources-2.6.14-r5.ebuild:
873     fixing every known exploit
874 solar 1.75
875     *hardened-sources-2.4.32-r2 (26 Jan 2006)
876    
877     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
878     +hardened-sources-2.4.32-r2.ebuild:
879     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
880 solar 1.74
881     *hardened-sources-2.6.14-r4 (12 Jan 2006)
882    
883     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
884     - version bump for new genpatches which fix up a few sec holes
885 solar 1.73
886     *hardened-sources-2.4.32-r1 (05 Jan 2006)
887    
888     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
889     - revision bump to add misc vital linux kernel security patches.
890 johnm 1.72
891     *hardened-sources-2.6.14-r3 (30 Dec 2005)
892    
893     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
894     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
895     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
896 johnm 1.71
897     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
898     hardened-sources-2.6.14-r2.ebuild:
899     making x86 & amd64 stable following testing.
900 johnm 1.70
901     *hardened-sources-2.6.14-r2 (27 Dec 2005)
902    
903     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
904     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
905     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
906     network hooks.
907 johnm 1.69
908     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
909     hardened-sources-2.6.14-r1.ebuild:
910     bumping to stable early for sec fix on x86 & amd64
911 johnm 1.68
912     *hardened-sources-2.6.14-r1 (05 Dec 2005)
913    
914     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
915     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
916     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
917 solar 1.67
918     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
919     - stable on x86 security bug #114227 CAN-2005-3257
920 kang 1.66
921     *hardened-sources-2.4.32 (19 Nov 2005)
922    
923     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
924     +hardened-sources-2.4.32.ebuild:
925     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
926     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
927     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
928     rsbac >> /etc/portage/package.use)
929 johnm 1.65
930     *hardened-sources-2.6.14 (14 Nov 2005)
931    
932     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
933     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
934     Bumping 2.6 series to 2.6.14.2
935 johnm 1.64
936     *hardened-sources-2.6.13-r2 (20 Oct 2005)
937    
938     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
939     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
940     +hardened-sources-2.6.13-r2.ebuild:
941     Fixes minor build error in ppc.
942 johnm 1.63
943     *hardened-sources-2.6.13-r1 (17 Oct 2005)
944    
945     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
946     +hardened-sources-2.6.13-r1.ebuild:
947     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
948     2.6.13.4, fixes some major amd64 stability problems.
949 johnm 1.62
950     *hardened-sources-2.6.13 (16 Sep 2005)
951    
952     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
953     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
954     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
955     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
956     users should test this thoroughly.
957 solar 1.61
958     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
959     - stable on x86
960 johnm 1.60
961     *hardened-sources-2.6.11-r15 (27 Jun 2005)
962    
963     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
964     +hardened-sources-2.6.11-r15.ebuild:
965     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
966     grsec redefining curr_ip struct.
967 solar 1.59
968     *hardened-sources-2.4.31 (20 Jun 2005)
969    
970     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
971     initial import of 2.4.31 tree
972 johnm 1.58
973     *hardened-sources-2.6.11-r14 (14 Jun 2005)
974    
975     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
976     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
977     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
978     naming scheme to abide by genpatches
979 johnm 1.57
980     *hardened-sources-2.6.11-r13 (18 May 2005)
981    
982     18 May 2005; John Mylchreest <johnm@gentoo.org>
983     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
984     Managed to mangle the Makefile patch from grsec, to miss out the grsec
985     target. sorry about that. Fixes bug #93022
986 johnm 1.56
987     *hardened-sources-2.6.11-r12 (17 May 2005)
988    
989     17 May 2005; John Mylchreest <johnm@gentoo.org>
990     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
991     +hardened-sources-2.6.11-r12.ebuild:
992     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
993     merges in genpatches-base
994 johnm 1.55
995     *hardened-sources-2.6.11-r12 (17 May 2005)
996    
997     17 May 2005; John Mylchreest <johnm@gentoo.org>
998     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
999     +hardened-sources-2.6.11-r12.ebuild:
1000     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1001     merges in genpatches-base
1002 solar 1.54
1003     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1004     -files/2.4.27-cmdline-race.patch,
1005     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1006     -files/2.4.28-grsec-binfmt_a.out.patch,
1007     -files/2.4.28-grsec-cmdline-race.patch,
1008     -files/2.4.28-selinux-binfmt_a.out.patch,
1009     -files/2.4.28-selinux-cmdline-race.patch,
1010     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1011     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1012     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1013     cleanup..
1014 solar 1.53
1015     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1016    
1017     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1018     - disable aout by default
1019 solar 1.52
1020     *hardened-sources-2.4.30 (18 Apr 2005)
1021    
1022     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1023     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1024     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1025     use
1026 tocharian 1.50
1027 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1028    
1029     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1030     +hardened-sources-2.4.29.ebuild:
1031     New hardened-patches-2.4-29.0 patchball.
1032     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1033    
1034     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1035    
1036     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1037     +hardened-sources-2.4.28-r5.ebuild:
1038     Added a fix for a PaX vulnerability.
1039    
1040     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1042     Stable on x86
1043 solar 1.49
1044     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1045     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1046     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1047     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1048     - fixed/added RDEPEND= in all kernel-2 ebuilds
1049 tocharian 1.48
1050     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1051    
1052     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1053     +hardened-sources-2.4.28-r4.ebuild:
1054     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1055     backport of neighbour hash updates.
1056 tocharian 1.47
1057     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1058     hardened-sources-2.4.28-r3.ebuild:
1059     Stable on x86
1060 tseng 1.46
1061     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1062    
1063     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1064     +hardened-sources-2.6.10-r3.ebuild:
1065     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1066     in 2005.0
1067 tocharian 1.45
1068     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1070     hardened-sources-2.4.28-r2.ebuild:
1071     Mark stable on x86
1072 tocharian 1.44
1073     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1074    
1075     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1076     +hardened-sources-2.4.28-r3.ebuild:
1077     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1078 tocharian 1.43
1079     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1080     hardened-sources-2.4.28.ebuild:
1081     Mark stable on x86.
1082 tocharian 1.42
1083     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1084    
1085     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1086     +hardened-sources-2.4.28-r2.ebuild:
1087     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1088     Mazinger for grsecurity patches as well.
1089 plasmaroo 1.41
1090     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1091    
1092     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1093     Security bump. Thank tocharian for rolling a new patchset...
1094 solar 1.40
1095     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1096     +files/2.4.28-grsec-cmdline-race.patch,
1097     +files/2.4.28-selinux-binfmt_a.out.patch,
1098     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1099     - Round up remaining security patches that appear to be missing in 2.4.28. -
1100     PaX standalone updated to current. hgpv=28.1
1101 solar 1.39
1102     *hardened-sources-2.4.28 (28 Nov 2004)
1103    
1104     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1105     security bump. Thank tocharian for rolling a new patchset
1106 scox 1.31
1107 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1108    
1109     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1110     +hardened-sources-2.4.27-r3.ebuild:
1111     Applies the new 2.4-27.2 patchball which updates
1112     GRSecurity to the 2.0.1 version.
1113    
1114 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1115    
1116     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1117     +hardened-sources-2.4.27-r2.ebuild:
1118     Version bump.
1119     This version uses the new 2.4-27.1 patchball which updates
1120     both the SELinux PaX hooks patch and the SELinux headers.
1121    
1122 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1123    
1124     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125     +hardened-sources-2.4.27-r1.ebuild,
1126     -hardened-sources-2.4.27.ebuild,
1127     +files/2.4.27-cmdline-race.patch:
1128     Version bump, fix for cmdline race. See bug #59905.
1129    
1130     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1131    
1132     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1133     +hardened-sources-2.4.26-r6.ebuild,
1134     -hardened-sources-2.4.26-r5.ebuild,
1135     -hardened-sources-2.4.26-r4.ebuild,
1136     +files/2.4.26-cmdline-race.patch:
1137     Version bump, fix for cmdline race. See bug #59905.
1138    
1139 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1140    
1141     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1142     +hardened-sources-2.4.27.ebuild,
1143     +files/2.4.27-CAN-2004-0394.patch:
1144     Ported the patchball to the 2.4.27 kernel version.
1145    
1146 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1147    
1148     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1149     +hardened-sources-2.4.26-r5.ebuild:
1150 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1151 scox 1.34 It adds the following features:
1152     - Squashfs
1153     - Ebtables
1154     - Netdev random (core+drivers)
1155     - Watchdog Timer (WDT) fix.
1156    
1157 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1158    
1159     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1160     +hardened-sources-2.4.26-r4.ebuild,
1161     +files/2.4.26-CAN-2004-0415.patch,
1162     -hardened-sources-2.4.26-3:
1163     Version bump, fix for CAN 0415, see bug #59378.
1164    
1165 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1166    
1167     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1168     +hardened-sources-2.4.26-r3.ebuild,
1169     +files/2.4.26-CAN-2004-0497.patch,
1170     -hardened-sources-2.4.26-r2.ebuild:
1171     Version bump, fixed CAN 0497, see bug #56171.
1172    
1173 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1174    
1175     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1176 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1177 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1178     +files/2.4.26-CAN-2004-0535.patch,
1179     -hardened-sources-2.4.26-r1.ebuild:
1180     Fixes for both CAN 0495 and 0535, see bug #54976
1181 pvdabeel 1.27
1182 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1183     hardened-sources-2.4.26-r1.ebuild:
1184     QA - fix use invocation
1185 scox 1.28
1186     *hardened-sources-2.4.26-r1 (22 June 2004)
1187    
1188     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1189     +hardened-sources-2.4.26-r1.ebuild,
1190     +files/2.4.26-CAN-2004-0394.patch,
1191     +files/2.4.26-signal-race.patch,
1192     -hardened-sources-2.4.26.ebuild,
1193     -hardened-sources-2.4.24-r3.ebuild:
1194     Version bump for the CAN-2004-0394 issue and bug #53804
1195     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1196    
1197    
1198 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1199     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1200     Masked hardened-sources-2.4.26.ebuild broken for ppc
1201    
1202     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1203     hardened-sources-2.4.24-r3.ebuild:
1204     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1205 plasmaroo 1.25
1206 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1207    
1208     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1209     +hardened-sources-2.4.26.ebuild:
1210     Updated hardened-sources for the 2.4.26 kernel
1211     Removed broken components, updated almost everything.
1212    
1213 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1214    
1215     17 Apr 2004; <plasmaroo@gentoo.org>
1216     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1217     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1218     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1219     +hardened-sources-2.4.24-r3.ebuild:
1220     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1221     vulnerabilities. Old revisions removed.
1222 plasmaroo 1.24
1223     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1224    
1225     15 Apr 2004; <plasmaroo@gentoo.org>
1226     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1227     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1228     Version bump for the CAN-2004-0109 issue; bug #47881.
1229 aliz 1.23
1230     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1231     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1232     Add eutils to inherit.
1233 plasmaroo 1.22
1234     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1235    
1236     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1237     files/hardened-sources-2.4.24.munmap.patch:
1238     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1239 scox 1.19
1240 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1241 scox 1.26
1242 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1243     hardened-sources-2.4.24.ebuild:
1244     Version bump, updated most of the components.
1245     This release includes the following:
1246    
1247     - Hardened security
1248     - Netfilter patch-o-matic 20031219
1249     - FreeSWAN 2.04 & x509 1.4.8
1250     - EVMS 2.2.2
1251     - XFS 1.3.1
1252     - cryptoloop jari
1253     - grsecurity 2.0-rc4
1254     - SELinux
1255     - PaX 200402060000
1256     - PaX Obscurity 200308302223
1257     - Others...
1258    
1259     Neither -ck nor systrace are included anymore.
1260    
1261 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1262    
1263     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1264     hardened-sources-2.4.22-r2.ebuild:
1265 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1266 scox 1.19
1267     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1268 iggy 1.17
1269     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1270 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1271 iggy 1.16
1272     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1273 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1274     Version bump for the 'do_brk' vulnerability.
1275 iggy 1.15
1276     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1277     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1278     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1279     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1280 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1281 frogger 1.14
1282     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1283     hardened-sources-2.4.22.ebuild:
1284 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1285     components. These are no longer handled in the kernel
1286     so this code was not necessary.
1287 frogger 1.13
1288     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1289     New 2.4.22 based hardened-sources thanks to
1290     Phil West <p.west@computer.org>.
1291    
1292     These sources include:
1293 plasmaroo 1.18 - New SELinux API
1294     - Updated CK-base
1295     - Updated GRSec
1296     - Systrace
1297     - SuperFreeS/WAN 1.99.8
1298     - Propolice kernel build support
1299     - EVMS
1300     - Other various security related patches
1301 frogger 1.11
1302 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1303    
1304     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1305     Updated hardened-sources based on the 2.4.21 Linux kernel.
1306     This includes updates to most major components such as:
1307 plasmaroo 1.18 - ck-base-0306300059
1308     - selinux-2.4-2003071106
1309     - grsecurity-2.0-rc1
1310     - Updated IPTables patch-o-matic
1311     - Updated SuperFreeS/WAN
1312    
1313 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1314     updated patch set ready for the 2.4.21 based kernel.
1315    
1316 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1317     Initial import of hardened-sources-2.4.20-r4. This revision
1318     includes only a few changes, but one of these is an important
1319     security fix. It is recommended all users of hardened-sources
1320     upgrade to this release.
1321 plasmaroo 1.18
1322 frogger 1.11 - ioperm bug fix
1323     - fixed compilation failure when building without GRSec
1324 plasmaroo 1.18
1325 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1326     due to time constraints, but is planned for inclusion in the near
1327     future.
1328 msterret 1.10
1329     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1330    
1331     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1332     hardened-sources-2.4.20-r3.ebuild:
1333 plasmaroo 1.18 Add Header...
1334 frogger 1.9
1335     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1336     hardened-sources-2.4.20-r3.ebuild:
1337     Removed warnings from ebuild. This kernel should be safe to
1338     use at this point.
1339 frogger 1.8
1340     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1341    
1342     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1343     hardened-sources-2.4.20-r3.ebuild:
1344     New revision. Includes the following changes over -r2:
1345 plasmaroo 1.18
1346 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1347     - Super FreeS/WAN 1.99.7rc2
1348     - PaX for the LSM/SELinux branch
1349     - GRSecurity 2.0-pre4 (role based access control)
1350     - Systrace 1.3
1351     - EXT3 fixes
1352     - EVMS 2.0.1
1353     - GCC 3.1+ compile optimizations
1354     - ProPolice kernel build support
1355     - Hashing table security fixes
1356 frogger 1.3
1357     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1358 frogger 1.7
1359     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1360     Initial import of hardened-sources-r2. This new
1361     ebuild includes many new performance and security
1362     related patches. As in -r1, it will patch in
1363     LSM/SELinux if "selinux" is in USE, otherwise it
1364     will patch in GRSecurity. The following patches
1365     are included in this revision:
1366 plasmaroo 1.18
1367 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1368     (pulled from the base CK patch)
1369     - ptrace exploit patch for the LSM kernel
1370     (the GRSec patch already fixes this)
1371     - LSM 2.4-2003040709
1372     - SELinux 2.4-2003040709
1373     - Systrace v1.2
1374     - IPTables patch-o-matic base patches - 20030107
1375     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1376     - Super FreeS/WAN 1.99.6.1
1377     - GRSecurity 1.9.9g
1378     - MPPE
1379     - EXT3 data journal fix
1380     - CIPE 1.5.4
1381 frogger 1.6
1382     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1383     hardened-sources-2.4.20-r1.ebuild, manifest:
1384 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1385 frogger 1.5
1386     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1387     hardened-sources-2.4.20-r1.ebuild:
1388     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1389     is patched in instead. Ptrace patches for selinux have also been added. In
1390     either case, systrace support will be patched in as well.
1391 frogger 1.3
1392     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1393     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1394 plasmaroo 1.18 Revision bump for new sources.
1395 frogger 1.4
1396 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1397 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1398 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1399 method 1.1
1400 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1401    
1402 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1403     hardened-sources-2.4.20.ebuild:
1404 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20