/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.227 - (hide annotations) (download)
Mon Jun 30 00:37:12 2008 UTC (6 years, 2 months ago) by solar
Branch: MAIN
Changes since 1.226: +8 -1 lines
2.6.25-r1:  Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer grsecurity release.
2.6.23-r13: x86/amd64 stable
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.227 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.226 2008/06/17 18:29:37 solar Exp $
4    
5     *hardened-sources-2.6.25-r1 (30 Jun 2008)
6    
7     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
8     +hardened-sources-2.6.25-r1.ebuild:
9     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
10     grsecurity release. 2.6.23-r13: x86/amd64 stable
11 solar 1.226
12     *hardened-sources-2.6.25 (17 Jun 2008)
13     *hardened-sources-2.6.24-r3 (17 Jun 2008)
14     *hardened-sources-2.6.23-r13 (17 Jun 2008)
15    
16     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
17     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
18     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
19     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
20     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
21     2.6.25: Initial 2.6.25 release.
22 solar 1.225
23     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
24     - fasttrack to stable x86/amd64
25 swegener 1.224
26     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
27     Fix broken digest for linux-2.6.24.tar.bz2.
28 solar 1.223
29     *hardened-sources-2.6.24-r2 (11 May 2008)
30     *hardened-sources-2.6.23-r12 (11 May 2008)
31    
32     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
33     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
34     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
35     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
36     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
37     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
38     security bugs 219901, 220691, 220975, 220979, 221123. New
39     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
40     should be removed as far as I'm concerned, everything else remove due to
41     vulnerable to numerous security bugs or brokeness.
42 nixnut 1.222
43     10 May 2008; nixnut <nixnut@gentoo.org>
44     hardened-sources-2.6.23-r11.ebuild:
45     Stable on ppc
46 solar 1.221
47     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
48     - -r11 stable on x86/amd64
49 solar 1.220
50     *hardened-sources-2.6.23-r11 (01 May 2008)
51    
52     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
53     - version bump to fix ulgy linux bugs
54 phreak 1.219
55     *hardened-sources-2.6.24-r1 (30 Apr 2008)
56    
57     30 Apr 2008; Christian Heim <phreak@gentoo.org>
58     +hardened-sources-2.6.24-r1.ebuild:
59     Revision bump (thanks to Kerin and Gordon, again), pulling
60     genpatches-2.6.24-7, solving #219089. Additionally contains further security
61     fixes plus some minor updates.
62 phreak 1.218
63     *hardened-sources-2.6.23-r10 (30 Apr 2008)
64    
65     30 Apr 2008; Christian Heim <phreak@gentoo.org>
66     +hardened-sources-2.6.23-r10.ebuild:
67     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
68     Additional contains "various other fixes".
69 phreak 1.217
70     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
71     Update the longdescription in metadata, thanks to Gordon Malm.
72 nixnut 1.216
73     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
74     Stable on ppc wrt bug #213255
75 solar 1.215
76     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
77     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
78     - stable on x86/amd64 per request. Removed obsolete ebuilds
79 phreak 1.214
80     *hardened-sources-2.6.24 (07 Apr 2008)
81    
82     07 Apr 2008; Christian Heim <phreak@gentoo.org>
83     +hardened-sources-2.6.24.ebuild:
84     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
85     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
86     for the many contributions and their continued effort in #216612) based on
87     2.6.24 and genpatches-2.6.24-5.
88    
89     The current ebuild/patchset contains these things:
90     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
91     * Introduces bespoke server and workstation oriented security levels
92     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
93 phreak 1.213
94     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
95     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
96     maintaining it).
97 phreak 1.212
98     24 Mar 2008; Christian Heim <phreak@gentoo.org>
99     hardened-sources-2.4.35-r2.ebuild:
100     Fixing SRC_URI for 2.4.35-r2.
101 phreak 1.211
102     *hardened-sources-2.6.23-r9 (22 Mar 2008)
103    
104     22 Mar 2008; Christian Heim <phreak@gentoo.org>
105     +hardened-sources-2.6.23-r9.ebuild:
106     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
107     * Change the default GIDs for some grsecurity options
108     * Revamp the Hardened [Gentoo] security level and make it the default level
109     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
110     * Fix a recursive lock -- call to capable() within ptrace_attach()
111     * Fix bug that allows audit and iscsi operations to be controlled via netlink
112 solar 1.210
113     *hardened-sources-2.6.23-r8 (27 Feb 2008)
114    
115     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
116     - version bump from Kerin Millar bug 210026
117 solar 1.209
118     17 Feb 2008; <solar@gentoo.org> metadata.xml,
119     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
120     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
121     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
122     - stable on x86 and remove old ebuilds
123 solar 1.207
124     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
125 solar 1.208 - stable on amd64 per request of amd64 lead
126 solar 1.206
127     *hardened-sources-2.6.23-r7 (11 Feb 2008)
128    
129     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
130     - version bump from kerin.millar
131     Changes:
132    
133     * Bump to genpatches-base-2.6.23-9
134     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
135     * Disables COMPAT_VDSO in x86/defconfig
136     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
137 phreak 1.205
138     25 Jan 2008; Christian Heim <phreak@gentoo.org>
139     -hardened-sources-2.6.22-r8.ebuild:
140     Cleaning up old versions.
141 phreak 1.204
142     *hardened-sources-2.6.23-r6 (25 Jan 2008)
143    
144     25 Jan 2008; Christian Heim <phreak@gentoo.org>
145     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
146     Revision bump, pulling in the latest genpatches.
147 phreak 1.203
148     *hardened-sources-2.6.23-r5 (24 Dec 2007)
149    
150     24 Dec 2007; Christian Heim <phreak@gentoo.org>
151     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
152     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
153     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
154     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
155 phreak 1.202
156     24 Dec 2007; Christian Heim <phreak@gentoo.org>
157     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
158     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
159     -hardened-sources-2.6.23-r3.ebuild:
160     Cleaning out some unused, old versions.
161 phreak 1.201
162     24 Dec 2007; Christian Heim <phreak@gentoo.org>
163     hardened-sources-2.6.23-r4.ebuild:
164     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
165     in the tree for long, but there isn't much of a difference between this and
166     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
167 phreak 1.200
168     *hardened-sources-2.6.23-r4 (23 Dec 2007)
169    
170     23 Dec 2007; Christian Heim <phreak@gentoo.org>
171     +hardened-sources-2.6.23-r4.ebuild:
172     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
173 phreak 1.199
174     *hardened-sources-2.6.23-r3 (04 Dec 2007)
175    
176     04 Dec 2007; Christian Heim <phreak@gentoo.org>
177     +hardened-sources-2.6.23-r3.ebuild:
178     Revision bump, pulling in 2.6.23.9.
179 phreak 1.198
180     *hardened-sources-2.6.23-r2 (25 Nov 2007)
181    
182     25 Nov 2007; Christian Heim <phreak@gentoo.org>
183     +hardened-sources-2.6.23-r2.ebuild:
184     Updated patchset, thanks to solar.
185 phreak 1.197
186     *hardened-sources-2.6.23-r1 (31 Oct 2007)
187    
188     31 Oct 2007; Christian Heim <phreak@gentoo.org>
189     +hardened-sources-2.6.23-r1.ebuild:
190     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
191 solar 1.196
192     29 Oct 2007; <solar@gentoo.org> metadata.xml:
193     - update metadata.xml
194 phreak 1.195
195     25 Oct 2007; Christian Heim <phreak@gentoo.org>
196     hardened-sources-2.6.22-r8.ebuild:
197     Marking 2.6.22-r8 stable on amd64 and x86.
198 phreak 1.194
199     21 Oct 2007; Christian Heim <phreak@gentoo.org>
200     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
201     -hardened-sources-2.6.21-r4.ebuild:
202     Removing old ebuilds.
203 phreak 1.193
204     *hardened-sources-2.4.35-r2 (21 Oct 2007)
205    
206     21 Oct 2007; Christian Heim <phreak@gentoo.org>
207     +hardened-sources-2.4.35-r2.ebuild:
208     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
209     patches.
210 phreak 1.192
211     *hardened-sources-2.6.22-r8 (21 Oct 2007)
212    
213     21 Oct 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.22-r8.ebuild:
215     Yet another new patch, hopefully fixing the remaining issues we had w/
216     2.6.22. Candidate for stabling.
217 phreak 1.191
218     *hardened-sources-2.6.23 (13 Oct 2007)
219    
220     13 Oct 2007; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.6.23.ebuild:
222     Initial hardened-sources-2.6.23. If people still have problems w/ bug
223     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
224 phreak 1.190
225     11 Oct 2007; Christian Heim <phreak@gentoo.org>
226     hardened-sources-2.6.20-r10.ebuild:
227     Pulling in yet another new genpatches version, fixing the PWC bug for real.
228 phreak 1.189
229     04 Oct 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
231     Removing old versions.
232 phreak 1.188
233     *hardened-sources-2.6.22-r7 (01 Oct 2007)
234    
235     01 Oct 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.22-r7.ebuild:
237     Revision bump, pulling in a newer patch. Should fix #194276.
238 phreak 1.187
239     30 Sep 2007; Christian Heim <phreak@gentoo.org>
240     hardened-sources-2.6.20-r10.ebuild:
241     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
242     Mike Doty).
243 phreak 1.186
244     *hardened-sources-2.6.22-r6 (26 Sep 2007)
245    
246     26 Sep 2007; Christian Heim <phreak@gentoo.org>
247     +hardened-sources-2.6.22-r6.ebuild:
248     Revision bump, grabbing up till Linux 2.6.22.9.
249 phreak 1.185
250     24 Sep 2007; Christian Heim <phreak@gentoo.org>
251     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
252     Cleaning up further.
253 phreak 1.184
254     *hardened-sources-2.6.20-r10 (24 Sep 2007)
255    
256     24 Sep 2007; Christian Heim <phreak@gentoo.org>
257     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
258     +hardened-sources-2.6.20-r10.ebuild:
259     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
260     revisions.
261 phreak 1.183
262     *hardened-sources-2.6.22-r5 (22 Sep 2007)
263    
264     22 Sep 2007; Christian Heim <phreak@gentoo.org>
265     +hardened-sources-2.6.22-r5.ebuild:
266     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
267 phreak 1.182
268     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
269     Removing johnm from metadata.xml (see #186467 for reference).
270 phreak 1.181
271     *hardened-sources-2.6.22-r4 (17 Sep 2007)
272    
273     17 Sep 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.22-r4.ebuild:
275     Revision bump, hopefully fixing all those weird PAX failures.
276 phreak 1.180
277     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
278     Updating the metadata.xml.
279 phreak 1.179
280     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
281     Removing tocharian from metadata due to his retirement (see #71718 for
282     reference).
283 phreak 1.178
284     *hardened-sources-2.6.20-r9 (30 Aug 2007)
285    
286     30 Aug 2007; Christian Heim <phreak@gentoo.org>
287     +hardened-sources-2.6.20-r9.ebuild:
288     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
289 phreak 1.177
290     29 Aug 2007; Christian Heim <phreak@gentoo.org>
291     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
292     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
293     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
294     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
295     -hardened-sources-2.6.22-r2.ebuild:
296     Removing some redundant versions.
297 phreak 1.176
298     *hardened-sources-2.4.35-r1 (29 Aug 2007)
299    
300     29 Aug 2007; Christian Heim <phreak@gentoo.org>
301     +hardened-sources-2.4.35-r1.ebuild:
302     Revision bump, new grsecurity patch.
303 phreak 1.175
304     *hardened-sources-2.6.20-r8 (26 Aug 2007)
305    
306     26 Aug 2007; Christian Heim <phreak@gentoo.org>
307     +hardened-sources-2.6.20-r8.ebuild:
308     Revision bump for Linux 2.6.20.17.
309 phreak 1.174
310     *hardened-sources-2.6.22-r3 (22 Aug 2007)
311    
312     22 Aug 2007; Christian Heim <phreak@gentoo.org>
313     +hardened-sources-2.6.22-r3.ebuild:
314     Revision bump for Linux 2.6.22.4.
315 phreak 1.173
316     16 Aug 2007; Christian Heim <phreak@gentoo.org>
317     hardened-sources-2.6.22-r2.ebuild:
318     Updated patchset, to fix the alignment against 2.6.22.3.
319 phreak 1.172
320     *hardened-sources-2.6.22-r2 (16 Aug 2007)
321    
322     16 Aug 2007; Christian Heim <phreak@gentoo.org>
323     +hardened-sources-2.6.22-r2.ebuild:
324     Revision bump for Linux 2.6.22.3.
325 phreak 1.171
326     *hardened-sources-2.4.35 (16 Aug 2007)
327    
328     16 Aug 2007; Christian Heim <phreak@gentoo.org>
329     +hardened-sources-2.4.35.ebuild:
330     Version bump, initial version for Linux 2.4.35.
331 phreak 1.170
332     *hardened-sources-2.6.21-r4 (16 Aug 2007)
333    
334     16 Aug 2007; Christian Heim <phreak@gentoo.org>
335     +hardened-sources-2.6.21-r4.ebuild:
336     Revision bump for Linux 2.6.21.6.
337 phreak 1.169
338     *hardened-sources-2.6.20-r7 (16 Aug 2007)
339    
340     16 Aug 2007; Christian Heim <phreak@gentoo.org>
341     +hardened-sources-2.6.20-r7.ebuild:
342     Revision bump for Linux 2.6.20.16.
343 phreak 1.168
344     *hardened-sources-2.6.22-r1 (13 Aug 2007)
345    
346     13 Aug 2007; Christian Heim <phreak@gentoo.org>
347     +hardened-sources-2.6.22-r1.ebuild:
348     Yet another revision bump.
349 phreak 1.167
350     *hardened-sources-2.6.22 (10 Aug 2007)
351    
352     10 Aug 2007; Christian Heim <phreak@gentoo.org>
353     +hardened-sources-2.6.22.ebuild:
354     Initial release for 2.6.22. If you are using hardened-sources on a desktop
355     machine (P4 or newer), be aware you might need to disable
356     CONFIG_PAX_PAGEEXEC.
357 phreak 1.166
358     04 Aug 2007; Christian Heim <phreak@gentoo.org>
359     hardened-sources-2.6.20-r6.ebuild:
360     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
361     2.6.20.15.
362 phreak 1.165
363     10 Jul 2007; Christian Heim <phreak@gentoo.org>
364     hardened-sources-2.6.20-r5.ebuild:
365     Marking hardened-sources-2.6.20-r5 stable on ppc.
366 phreak 1.164
367     10 Jul 2007; Christian Heim <phreak@gentoo.org>
368     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
369     Cleanup.
370 phreak 1.163
371     *hardened-sources-2.6.20-r6 (08 Jul 2007)
372    
373     08 Jul 2007; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.6.20-r6.ebuild:
375     Revision bump, grabbing yet another stable release.
376 phreak 1.162
377     17 Jun 2007; Christian Heim <phreak@gentoo.org>
378     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
379     -hardened-sources-2.6.21-r2.ebuild:
380     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
381     alpha stable KEYWORD by mistake.
382 phreak 1.161
383     17 Jun 2007; Christian Heim <phreak@gentoo.org>
384     hardened-sources-2.6.20-r5.ebuild:
385     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
386     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
387 phreak 1.160
388     *hardened-sources-2.6.21-r3 (12 Jun 2007)
389    
390     12 Jun 2007; Christian Heim <phreak@gentoo.org>
391     +hardened-sources-2.6.21-r3.ebuild:
392     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
393     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
394     love.
395 phreak 1.159
396     *hardened-sources-2.6.20-r5 (11 Jun 2007)
397    
398     11 Jun 2007; Christian Heim <phreak@gentoo.org>
399     +hardened-sources-2.6.20-r5.ebuild:
400     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
401     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
402     love.
403 pappy 1.158
404     *hardened-sources-2.4.34.5 (11 Jun 2007)
405    
406     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
407     +hardened-sources-2.4.34.5.ebuild:
408     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
409 phreak 1.157
410     30 May 2007; Christian Heim <phreak@gentoo.org>
411     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
412     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
413     stale ebuild(s).
414 phreak 1.156
415     30 May 2007; Christian Heim <phreak@gentoo.org>
416     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
417     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
418     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
419     Doing some cleanups, remove stale ebuilds.
420 phreak 1.155
421     26 May 2007; Christian Heim <phreak@gentoo.org>
422     hardened-sources-2.6.21-r2.ebuild:
423     Fixing the grsecurity patch, had one '};' too much.
424 phreak 1.154
425     *hardened-sources-2.6.21-r2 (26 May 2007)
426    
427     26 May 2007; Christian Heim <phreak@gentoo.org>
428     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
429     +hardened-sources-2.6.21-r2.ebuild:
430     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
431     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
432 phreak 1.153
433     *hardened-sources-2.6.20-r4 (26 May 2007)
434    
435     26 May 2007; Christian Heim <phreak@gentoo.org>
436     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
437     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
438 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
439 phreak 1.152
440     15 May 2007; Christian Heim <phreak@gentoo.org>
441     hardened-sources-2.6.20-r3.ebuild:
442     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
443     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
444     grsecurity patch fail in that exact same hunk.
445 phreak 1.151
446     *hardened-sources-2.6.20-r3 (15 May 2007)
447    
448     15 May 2007; Christian Heim <phreak@gentoo.org>
449     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
450     Revision bump, incorporating Linux 2.6.20.11.
451    
452     *hardened-sources-2.6.21-r1 (11 May 2007)
453    
454     11 May 2007; Christian Heim <phreak@gentoo.org>
455     +hardened-sources-2.6.21-r1.ebuild:
456     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
457     mentioned in #177234.
458 kevquinn 1.150
459     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
460     files/digest-hardened-sources-2.6.21, Manifest:
461     Fix Manifest/digest for linux-2.6.21.tar.bz2
462 phreak 1.149
463     06 May 2007; Christian Heim <phreak@gentoo.org>
464     hardened-sources-2.6.21.ebuild:
465     Bumping the hardened-patches version, needed for the fix for #177234.
466 phreak 1.148
467     *hardened-sources-2.6.21 (02 May 2007)
468    
469     02 May 2007; Christian Heim <phreak@gentoo.org>
470     +hardened-sources-2.6.21.ebuild:
471     Version bump, Linux 2.6.21-hardened.
472 phreak 1.147
473     29 Apr 2007; Christian Heim <phreak@gentoo.org>
474     hardened-sources-2.6.20-r2.ebuild:
475     Adding ~ia64 on Ned's request.
476 phreak 1.146
477     29 Apr 2007; Christian Heim <phreak@gentoo.org>
478     hardened-sources-2.6.20-r2.ebuild:
479     Fixing the included grsecurity patch, wasn't alligning due to the Index:
480     header line(s).
481 phreak 1.145
482     29 Apr 2007; Christian Heim <phreak@gentoo.org>
483     hardened-sources-2.6.20-r2.ebuild:
484     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
485 armin76 1.144
486     *hardened-sources-2.6.20-r2 (10 Apr 2007)
487    
488     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
489     +hardened-sources-2.6.20-r2.ebuild:
490     Version bump, on behalf of phreak
491 phreak 1.143
492     *hardened-sources-2.6.20-r1 (04 Apr 2007)
493    
494     04 Apr 2007; Christian Heim <phreak@gentoo.org>
495     +hardened-sources-2.6.20-r1.ebuild:
496     Revision bump, grabbing a newer grsecurity snapshot.
497 phreak 1.142
498     *hardened-sources-2.6.20 (25 Mar 2007)
499    
500     25 Mar 2007; Christian Heim <phreak@gentoo.org>
501     +hardened-sources-2.6.20.ebuild:
502     Finally a hardened-sources version for 2.6.20; many people have been waiting
503     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
504     testbox.
505 chainsaw 1.141
506     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
507     hardened-sources-2.6.18-r6.ebuild:
508     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
509 phreak 1.140
510     *hardened-sources-2.6.18-r6 (16 Mar 2007)
511    
512     16 Mar 2007; Christian Heim <phreak@gentoo.org>
513     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
514     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
515     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
516     supposed to be.
517 phreak 1.139
518     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
519     Fixing the Manifest, the previous one was broken (as in still had the
520     deleted ebuild in it).
521 phreak 1.138
522     06 Mar 2007; Christian Heim <phreak@gentoo.org>
523     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
524     +hardened-sources-2.6.18-r5.ebuild:
525     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
526     Linux 2.6.18.8. Also cleaning up the older version.
527    
528     *hardened-sources-2.6.18-r5 (06 Mar 2007)
529    
530     06 Mar 2007; Christian Heim <phreak@gentoo.org>
531     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
532     +hardened-sources-2.6.18-r5.ebuild:
533     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
534     Linux 2.6.18.8. Also cleaning up the older version.
535 phreak 1.137
536     24 Feb 2007; Christian Heim <phreak@gentoo.org>
537     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
538     -hardened-sources-2.6.19-r5.ebuild:
539     Removing some of the old version, that didn't work.
540 phreak 1.136
541     *hardened-sources-2.6.19-r6 (12 Feb 2007)
542    
543     12 Feb 2007; Christian Heim <phreak@gentoo.org>
544     +hardened-sources-2.6.19-r6.ebuild:
545     Revision bump, including a new grsec version fixing #166235.
546 pappy 1.134
547     *hardened-sources-2.4.34 (24 Jan 2007)
548    
549     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
550 pappy 1.135 Manifest:
551     updating Manifest with checksums of new tarball and ebuild
552    
553     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
554 pappy 1.134 +hardened-sources-2.4.34.ebuild:
555     I added new hardened sources 2.4 update, this is a critical path
556     security bugfix - all users of h-s are strongly advised
557     to update their existing hardened sources to this version.
558     It contains a fix for a kernel vulnerability that is pertaining
559     to the PaX changes to virtual memory management, possibly leading
560     to a local kernel exploit ... see grsecurity.net forums and homepage
561 phreak 1.133
562     23 Jan 2007; Christian Heim <phreak@gentoo.org>
563     files/digest-hardened-sources-2.6.19-r5, Manifest:
564     Fixing the patch-tarball digest.
565 phreak 1.132
566     *hardened-sources-2.6.19-r5 (23 Jan 2007)
567    
568     23 Jan 2007; Christian Heim <phreak@gentoo.org>
569     +hardened-sources-2.6.19-r5.ebuild:
570     Revision bump, closing the recently discovered PaX expand_stack()
571     vulnerability.
572 phreak 1.131
573     *hardened-sources-2.6.19-r4 (14 Jan 2007)
574    
575     14 Jan 2007; Christian Heim <phreak@gentoo.org>
576     +hardened-sources-2.6.19-r4.ebuild:
577     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
578     dropping the randomized PID feature.
579 opfer 1.130
580     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
581     hardened-sources-2.4.33.4.ebuild:
582     stable x86, bug #161171
583 phreak 1.129
584     *hardened-sources-2.6.19-r3 (27 Dec 2006)
585    
586     27 Dec 2006; Christian Heim <phreak@gentoo.org>
587     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
588     Revision bump for bug #157186 and #158786.
589 phreak 1.128
590     *hardened-sources-2.6.18-r4 (27 Dec 2006)
591    
592     27 Dec 2006; Christian Heim <phreak@gentoo.org>
593     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
594     Revision bump for bug #157186.
595 phreak 1.127
596     *hardened-sources-2.6.19-r2 (23 Dec 2006)
597    
598     23 Dec 2006; Christian Heim <phreak@gentoo.org>
599     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
600     Revision bump to pull in genpatches-2.6.19-3 for #157186.
601 phreak 1.126
602     17 Dec 2006; Christian Heim <phreak@gentoo.org>
603     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
604     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
605     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
606     hardened-sources-2.6.19-r1.ebuild:
607     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
608     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
609 pappy 1.125
610     *hardened-sources-2.4.33.4 (17 Dec 2006)
611    
612     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
613     +hardened-sources-2.4.33.4.ebuild:
614     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
615     and quilting
616 phreak 1.124
617     *hardened-sources-2.6.19-r1 (14 Dec 2006)
618    
619     14 Dec 2006; Christian Heim <phreak@gentoo.org>
620     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
621     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
622     for reporting).
623 phreak 1.123
624     *hardened-sources-2.6.19 (13 Dec 2006)
625    
626     13 Dec 2006; Christian Heim <phreak@gentoo.org>
627     +hardened-sources-2.6.19.ebuild:
628     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
629     Brad for providing that prompt update.
630 phreak 1.122
631     *hardened-sources-2.6.18-r3 (13 Dec 2006)
632    
633     13 Dec 2006; Christian Heim <phreak@gentoo.org>
634     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
635     +hardened-sources-2.6.18-r3.ebuild:
636     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
637     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
638 phreak 1.121
639     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
640     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
641 nixnut 1.120
642     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
643     Stable on ppc wrt bug 157356
644 opfer 1.119
645     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
646     hardened-sources-2.6.18.ebuild:
647     stable x86, bug #157356
648 phreak 1.118
649     *hardened-sources-2.6.18-r2 (06 Dec 2006)
650    
651     06 Dec 2006; Christian Heim <phreak@gentoo.org>
652     +hardened-sources-2.6.18-r2.ebuild:
653     Revision bump, including 2.6.18.5 (via genpatches) and
654     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
655     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
656     redesign.
657 phreak 1.117
658     06 Dec 2006; Christian Heim <phreak@gentoo.org>
659     hardened-sources-2.6.18.ebuild:
660     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
661     of Mike Doty).
662 phreak 1.116
663     *hardened-sources-2.6.18-r1 (23 Nov 2006)
664    
665     23 Nov 2006; Christian Heim <phreak@gentoo.org>
666     +hardened-sources-2.6.18-r1.ebuild:
667     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
668 phreak 1.115
669     *hardened-sources-2.6.18 (11 Nov 2006)
670    
671     11 Nov 2006; Christian Heim <phreak@gentoo.org>
672     +hardened-sources-2.6.18.ebuild:
673     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
674 solar 1.114
675     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
676     - mark amd64 stable also. bug #151877
677 solar 1.113
678     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
679     - mark 2.6.17-r1 stable
680 phreak 1.112
681     27 Aug 2006; Christian Heim <phreak@gentoo.org>
682     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
683     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
684 phreak 1.111
685     *hardened-sources-2.6.17-r1 (26 Aug 2006)
686    
687     26 Aug 2006; Christian Heim <phreak@gentoo.org>
688     +hardened-sources-2.6.17-r1.ebuild:
689     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
690     grsecurity patch.
691 phreak 1.110
692     *hardened-sources-2.6.17 (17 Aug 2006)
693    
694     17 Aug 2006; Christian Heim <phreak@gentoo.org>
695     +hardened-sources-2.6.17.ebuild:
696     Bumping the hardened-sources-2.6 series to 2.6.17, using
697     genpatches-2.6.17-6.base.
698 solar 1.109
699     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
700     - stable on x86 and amd64
701 solar 1.108
702     *hardened-sources-2.6.16-r11 (15 Jul 2006)
703    
704     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
705     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
706     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
707     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
708     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
709     crusty ebuilds
710 johnm 1.107
711     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
712     hardened-sources-2.6.16-r10.ebuild:
713     marking stable on x86 and amd64
714 solar 1.106
715     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
716     - 2.4.32-r6 stable on x86. RSBAC state unknown
717 kang 1.105
718     *hardened-sources-2.4.32-r7 (10 Jul 2006)
719    
720     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
721     +hardened-sources-2.4.32-r7.ebuild:
722     Bump PaX for RSBAC to test-17
723 johnm 1.104
724     *hardened-sources-2.6.16-r9 (03 Jul 2006)
725    
726     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
727     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
728     hardened-sources-2.6.16 bump to latest -base.
729 solar 1.103
730     *hardened-sources-2.4.32-r6 (30 Jun 2006)
731    
732     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
733     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
734     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
735     sysctl controlable resource logging
736 johnm 1.102
737     *hardened-sources-2.6.16-r7 (05 Jun 2006)
738    
739     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
740     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
741     push new 2.6.16 release in preparation for stable
742 solar 1.101
743     22 May 2006; <solar@gentoo.org> :
744     - redigest bug 134002
745 kang 1.100
746     *hardened-sources-2.4.32-r5 (16 May 2006)
747    
748     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
749     +hardened-sources-2.4.32-r5.ebuild:
750     Fixes rsbac common patching (new patch in new -r5 patchset)
751 solar 1.99
752     *hardened-sources-2.4.32-r4 (13 May 2006)
753    
754     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
755     +hardened-sources-2.4.32-r4.ebuild:
756     - security bumps
757 johnm 1.98
758     *hardened-sources-2.6.16-r6 (03 May 2006)
759    
760     03 May 2006; John Mylchreest <johnm@gentoo.org>
761     +hardened-sources-2.6.16-r6.ebuild:
762     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
763 johnm 1.97
764     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
765     hardened-sources-2.6.14-r8.ebuild:
766     fix x86_64 build problem, this will delay the digest issue again for a short
767     while but it will sort itself out
768 johnm 1.96
769     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
770     hardened-sources-2.6.14-r8.ebuild:
771     bump hardened patchset
772 antarus 1.94
773     27 Apr 2006; Alec Warner <antarus@gentoo.org>
774     files/digest-hardened-sources-2.4.32-r2,
775     files/digest-hardened-sources-2.4.32-r3,
776     files/digest-hardened-sources-2.6.14-r8, Manifest:
777     Fixing duff SHA256 digests: Bug # 131293
778 johnm 1.93
779 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
780    
781     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
782     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
783     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
784     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
785     cleanup of old uneccessary sources
786    
787 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
788     fix digest
789 johnm 1.92
790     *hardened-sources-2.6.14-r8 (20 Apr 2006)
791    
792     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
793     +hardened-sources-2.6.14-r8.ebuild:
794     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
795 johnm 1.91
796     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
797     Turning on gpg-signing again, and recomitting
798 johnm 1.90
799     *hardened-sources-2.6.16-r4 (20 Apr 2006)
800    
801     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
802     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
803     +hardened-sources-2.6.16-r4.ebuild:
804     Fix numerous security vulns
805 solar 1.89
806     *hardened-sources-2.4.32-r3 (16 Apr 2006)
807    
808     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
809     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
810     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
811     - security bump for bug #112791. Removed old ebuilds
812 johnm 1.88
813     *hardened-sources-2.6.16-r3 (15 Apr 2006)
814    
815     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
816     +hardened-sources-2.6.16-r3.ebuild:
817     Removing silly localversion which I missed
818 johnm 1.87
819     *hardened-sources-2.6.14-r7 (14 Apr 2006)
820    
821     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
822     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
823     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
824 johnm 1.86
825     *hardened-sources-2.6.16-r2 (13 Apr 2006)
826    
827     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
828     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
829     +hardened-sources-2.6.16-r2.ebuild:
830     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
831     labels, dropping USERGROUP define fixes, since these were merged mainstream.
832 johnm 1.85
833     *hardened-sources-2.6.16-r1 (11 Apr 2006)
834    
835     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
836     +hardened-sources-2.6.16-r1.ebuild:
837     Bumping to include ppc build fix and 2.6.16.3
838 tsunam 1.84
839     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
840     hardened-sources-2.6.14-r6.ebuild:
841     Stable on x86; bug #127718
842 johnm 1.83
843     *hardened-sources-2.6.16 (31 Mar 2006)
844    
845     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
846     +hardened-sources-2.6.16.ebuild:
847     Bumping to new version of grsec, and kernel base. New squashfs. Based on
848     2.6.16.1
849 cryos 1.82
850     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
851     hardened-sources-2.6.14-r6.ebuild:
852     Stable on amd64, bug 127718.
853 nixnut 1.81
854     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
855     Stable on ppc. Bug #127718
856 johnm 1.80
857     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
858     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
859     -hardened-sources-2.6.14-r4.ebuild:
860     Cleanup.
861 johnm 1.79
862     *hardened-sources-2.6.14-r6 (15 Mar 2006)
863    
864     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
865     +hardened-sources-2.6.14-r6.ebuild:
866     Fixes grsec policy recreation bug and adds a
867     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
868 solar 1.78
869     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
870     - stable on x86
871 hansmi 1.77
872     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
873     hardened-sources-2.6.14-r5.ebuild:
874     Stable on ppc.
875 johnm 1.76
876     *hardened-sources-2.6.14-r5 (01 Feb 2006)
877    
878     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
879     +hardened-sources-2.6.14-r5.ebuild:
880     fixing every known exploit
881 solar 1.75
882     *hardened-sources-2.4.32-r2 (26 Jan 2006)
883    
884     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
885     +hardened-sources-2.4.32-r2.ebuild:
886     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
887 solar 1.74
888     *hardened-sources-2.6.14-r4 (12 Jan 2006)
889    
890     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
891     - version bump for new genpatches which fix up a few sec holes
892 solar 1.73
893     *hardened-sources-2.4.32-r1 (05 Jan 2006)
894    
895     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
896     - revision bump to add misc vital linux kernel security patches.
897 johnm 1.72
898     *hardened-sources-2.6.14-r3 (30 Dec 2005)
899    
900     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
901     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
902     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
903 johnm 1.71
904     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
905     hardened-sources-2.6.14-r2.ebuild:
906     making x86 & amd64 stable following testing.
907 johnm 1.70
908     *hardened-sources-2.6.14-r2 (27 Dec 2005)
909    
910     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
911     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
912     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
913     network hooks.
914 johnm 1.69
915     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
916     hardened-sources-2.6.14-r1.ebuild:
917     bumping to stable early for sec fix on x86 & amd64
918 johnm 1.68
919     *hardened-sources-2.6.14-r1 (05 Dec 2005)
920    
921     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
922     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
923     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
924 solar 1.67
925     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
926     - stable on x86 security bug #114227 CAN-2005-3257
927 kang 1.66
928     *hardened-sources-2.4.32 (19 Nov 2005)
929    
930     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
931     +hardened-sources-2.4.32.ebuild:
932     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
933     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
934     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
935     rsbac >> /etc/portage/package.use)
936 johnm 1.65
937     *hardened-sources-2.6.14 (14 Nov 2005)
938    
939     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
940     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
941     Bumping 2.6 series to 2.6.14.2
942 johnm 1.64
943     *hardened-sources-2.6.13-r2 (20 Oct 2005)
944    
945     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
946     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
947     +hardened-sources-2.6.13-r2.ebuild:
948     Fixes minor build error in ppc.
949 johnm 1.63
950     *hardened-sources-2.6.13-r1 (17 Oct 2005)
951    
952     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
953     +hardened-sources-2.6.13-r1.ebuild:
954     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
955     2.6.13.4, fixes some major amd64 stability problems.
956 johnm 1.62
957     *hardened-sources-2.6.13 (16 Sep 2005)
958    
959     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
960     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
961     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
962     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
963     users should test this thoroughly.
964 solar 1.61
965     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
966     - stable on x86
967 johnm 1.60
968     *hardened-sources-2.6.11-r15 (27 Jun 2005)
969    
970     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
971     +hardened-sources-2.6.11-r15.ebuild:
972     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
973     grsec redefining curr_ip struct.
974 solar 1.59
975     *hardened-sources-2.4.31 (20 Jun 2005)
976    
977     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
978     initial import of 2.4.31 tree
979 johnm 1.58
980     *hardened-sources-2.6.11-r14 (14 Jun 2005)
981    
982     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
983     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
984     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
985     naming scheme to abide by genpatches
986 johnm 1.57
987     *hardened-sources-2.6.11-r13 (18 May 2005)
988    
989     18 May 2005; John Mylchreest <johnm@gentoo.org>
990     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
991     Managed to mangle the Makefile patch from grsec, to miss out the grsec
992     target. sorry about that. Fixes bug #93022
993 johnm 1.56
994     *hardened-sources-2.6.11-r12 (17 May 2005)
995    
996     17 May 2005; John Mylchreest <johnm@gentoo.org>
997     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
998     +hardened-sources-2.6.11-r12.ebuild:
999     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1000     merges in genpatches-base
1001 johnm 1.55
1002     *hardened-sources-2.6.11-r12 (17 May 2005)
1003    
1004     17 May 2005; John Mylchreest <johnm@gentoo.org>
1005     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1006     +hardened-sources-2.6.11-r12.ebuild:
1007     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1008     merges in genpatches-base
1009 solar 1.54
1010     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1011     -files/2.4.27-cmdline-race.patch,
1012     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1013     -files/2.4.28-grsec-binfmt_a.out.patch,
1014     -files/2.4.28-grsec-cmdline-race.patch,
1015     -files/2.4.28-selinux-binfmt_a.out.patch,
1016     -files/2.4.28-selinux-cmdline-race.patch,
1017     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1018     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1019     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1020     cleanup..
1021 solar 1.53
1022     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1023    
1024     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1025     - disable aout by default
1026 solar 1.52
1027     *hardened-sources-2.4.30 (18 Apr 2005)
1028    
1029     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1030     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1031     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1032     use
1033 tocharian 1.50
1034 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1035    
1036     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1037     +hardened-sources-2.4.29.ebuild:
1038     New hardened-patches-2.4-29.0 patchball.
1039     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1040    
1041     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1042    
1043     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1044     +hardened-sources-2.4.28-r5.ebuild:
1045     Added a fix for a PaX vulnerability.
1046    
1047     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1048 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1049     Stable on x86
1050 solar 1.49
1051     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1052     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1053     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1054     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1055     - fixed/added RDEPEND= in all kernel-2 ebuilds
1056 tocharian 1.48
1057     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1058    
1059     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1060     +hardened-sources-2.4.28-r4.ebuild:
1061     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1062     backport of neighbour hash updates.
1063 tocharian 1.47
1064     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1065     hardened-sources-2.4.28-r3.ebuild:
1066     Stable on x86
1067 tseng 1.46
1068     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1069    
1070     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1071     +hardened-sources-2.6.10-r3.ebuild:
1072     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1073     in 2005.0
1074 tocharian 1.45
1075     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1076     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1077     hardened-sources-2.4.28-r2.ebuild:
1078     Mark stable on x86
1079 tocharian 1.44
1080     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1081    
1082     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1083     +hardened-sources-2.4.28-r3.ebuild:
1084     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1085 tocharian 1.43
1086     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1087     hardened-sources-2.4.28.ebuild:
1088     Mark stable on x86.
1089 tocharian 1.42
1090     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1091    
1092     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1093     +hardened-sources-2.4.28-r2.ebuild:
1094     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1095     Mazinger for grsecurity patches as well.
1096 plasmaroo 1.41
1097     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1098    
1099     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1100     Security bump. Thank tocharian for rolling a new patchset...
1101 solar 1.40
1102     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1103     +files/2.4.28-grsec-cmdline-race.patch,
1104     +files/2.4.28-selinux-binfmt_a.out.patch,
1105     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1106     - Round up remaining security patches that appear to be missing in 2.4.28. -
1107     PaX standalone updated to current. hgpv=28.1
1108 solar 1.39
1109     *hardened-sources-2.4.28 (28 Nov 2004)
1110    
1111     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1112     security bump. Thank tocharian for rolling a new patchset
1113 scox 1.31
1114 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1115    
1116     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1117     +hardened-sources-2.4.27-r3.ebuild:
1118     Applies the new 2.4-27.2 patchball which updates
1119     GRSecurity to the 2.0.1 version.
1120    
1121 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1122    
1123     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1124     +hardened-sources-2.4.27-r2.ebuild:
1125     Version bump.
1126     This version uses the new 2.4-27.1 patchball which updates
1127     both the SELinux PaX hooks patch and the SELinux headers.
1128    
1129 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1130    
1131     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1132     +hardened-sources-2.4.27-r1.ebuild,
1133     -hardened-sources-2.4.27.ebuild,
1134     +files/2.4.27-cmdline-race.patch:
1135     Version bump, fix for cmdline race. See bug #59905.
1136    
1137     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1138    
1139     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1140     +hardened-sources-2.4.26-r6.ebuild,
1141     -hardened-sources-2.4.26-r5.ebuild,
1142     -hardened-sources-2.4.26-r4.ebuild,
1143     +files/2.4.26-cmdline-race.patch:
1144     Version bump, fix for cmdline race. See bug #59905.
1145    
1146 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1147    
1148     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1149     +hardened-sources-2.4.27.ebuild,
1150     +files/2.4.27-CAN-2004-0394.patch:
1151     Ported the patchball to the 2.4.27 kernel version.
1152    
1153 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1154    
1155     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1156     +hardened-sources-2.4.26-r5.ebuild:
1157 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1158 scox 1.34 It adds the following features:
1159     - Squashfs
1160     - Ebtables
1161     - Netdev random (core+drivers)
1162     - Watchdog Timer (WDT) fix.
1163    
1164 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1165    
1166     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1167     +hardened-sources-2.4.26-r4.ebuild,
1168     +files/2.4.26-CAN-2004-0415.patch,
1169     -hardened-sources-2.4.26-3:
1170     Version bump, fix for CAN 0415, see bug #59378.
1171    
1172 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1173    
1174     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1175     +hardened-sources-2.4.26-r3.ebuild,
1176     +files/2.4.26-CAN-2004-0497.patch,
1177     -hardened-sources-2.4.26-r2.ebuild:
1178     Version bump, fixed CAN 0497, see bug #56171.
1179    
1180 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1181    
1182     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1183 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1184 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1185     +files/2.4.26-CAN-2004-0535.patch,
1186     -hardened-sources-2.4.26-r1.ebuild:
1187     Fixes for both CAN 0495 and 0535, see bug #54976
1188 pvdabeel 1.27
1189 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1190     hardened-sources-2.4.26-r1.ebuild:
1191     QA - fix use invocation
1192 scox 1.28
1193     *hardened-sources-2.4.26-r1 (22 June 2004)
1194    
1195     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1196     +hardened-sources-2.4.26-r1.ebuild,
1197     +files/2.4.26-CAN-2004-0394.patch,
1198     +files/2.4.26-signal-race.patch,
1199     -hardened-sources-2.4.26.ebuild,
1200     -hardened-sources-2.4.24-r3.ebuild:
1201     Version bump for the CAN-2004-0394 issue and bug #53804
1202     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1203    
1204    
1205 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1206     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1207     Masked hardened-sources-2.4.26.ebuild broken for ppc
1208    
1209     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1210     hardened-sources-2.4.24-r3.ebuild:
1211     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1212 plasmaroo 1.25
1213 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1214    
1215     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1216     +hardened-sources-2.4.26.ebuild:
1217     Updated hardened-sources for the 2.4.26 kernel
1218     Removed broken components, updated almost everything.
1219    
1220 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1221    
1222     17 Apr 2004; <plasmaroo@gentoo.org>
1223     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1224     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1225     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1226     +hardened-sources-2.4.24-r3.ebuild:
1227     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1228     vulnerabilities. Old revisions removed.
1229 plasmaroo 1.24
1230     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1231    
1232     15 Apr 2004; <plasmaroo@gentoo.org>
1233     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1234     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1235     Version bump for the CAN-2004-0109 issue; bug #47881.
1236 aliz 1.23
1237     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1238     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1239     Add eutils to inherit.
1240 plasmaroo 1.22
1241     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1242    
1243     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1244     files/hardened-sources-2.4.24.munmap.patch:
1245     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1246 scox 1.19
1247 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1248 scox 1.26
1249 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1250     hardened-sources-2.4.24.ebuild:
1251     Version bump, updated most of the components.
1252     This release includes the following:
1253    
1254     - Hardened security
1255     - Netfilter patch-o-matic 20031219
1256     - FreeSWAN 2.04 & x509 1.4.8
1257     - EVMS 2.2.2
1258     - XFS 1.3.1
1259     - cryptoloop jari
1260     - grsecurity 2.0-rc4
1261     - SELinux
1262     - PaX 200402060000
1263     - PaX Obscurity 200308302223
1264     - Others...
1265    
1266     Neither -ck nor systrace are included anymore.
1267    
1268 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1269    
1270     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1271     hardened-sources-2.4.22-r2.ebuild:
1272 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1273 scox 1.19
1274     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1275 iggy 1.17
1276     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1277 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1278 iggy 1.16
1279     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1280 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1281     Version bump for the 'do_brk' vulnerability.
1282 iggy 1.15
1283     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1284     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1285     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1286     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1287 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1288 frogger 1.14
1289     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1290     hardened-sources-2.4.22.ebuild:
1291 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1292     components. These are no longer handled in the kernel
1293     so this code was not necessary.
1294 frogger 1.13
1295     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1296     New 2.4.22 based hardened-sources thanks to
1297     Phil West <p.west@computer.org>.
1298    
1299     These sources include:
1300 plasmaroo 1.18 - New SELinux API
1301     - Updated CK-base
1302     - Updated GRSec
1303     - Systrace
1304     - SuperFreeS/WAN 1.99.8
1305     - Propolice kernel build support
1306     - EVMS
1307     - Other various security related patches
1308 frogger 1.11
1309 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1310    
1311     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1312     Updated hardened-sources based on the 2.4.21 Linux kernel.
1313     This includes updates to most major components such as:
1314 plasmaroo 1.18 - ck-base-0306300059
1315     - selinux-2.4-2003071106
1316     - grsecurity-2.0-rc1
1317     - Updated IPTables patch-o-matic
1318     - Updated SuperFreeS/WAN
1319    
1320 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1321     updated patch set ready for the 2.4.21 based kernel.
1322    
1323 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1324     Initial import of hardened-sources-2.4.20-r4. This revision
1325     includes only a few changes, but one of these is an important
1326     security fix. It is recommended all users of hardened-sources
1327     upgrade to this release.
1328 plasmaroo 1.18
1329 frogger 1.11 - ioperm bug fix
1330     - fixed compilation failure when building without GRSec
1331 plasmaroo 1.18
1332 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1333     due to time constraints, but is planned for inclusion in the near
1334     future.
1335 msterret 1.10
1336     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1337    
1338     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1339     hardened-sources-2.4.20-r3.ebuild:
1340 plasmaroo 1.18 Add Header...
1341 frogger 1.9
1342     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1343     hardened-sources-2.4.20-r3.ebuild:
1344     Removed warnings from ebuild. This kernel should be safe to
1345     use at this point.
1346 frogger 1.8
1347     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1348    
1349     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1350     hardened-sources-2.4.20-r3.ebuild:
1351     New revision. Includes the following changes over -r2:
1352 plasmaroo 1.18
1353 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1354     - Super FreeS/WAN 1.99.7rc2
1355     - PaX for the LSM/SELinux branch
1356     - GRSecurity 2.0-pre4 (role based access control)
1357     - Systrace 1.3
1358     - EXT3 fixes
1359     - EVMS 2.0.1
1360     - GCC 3.1+ compile optimizations
1361     - ProPolice kernel build support
1362     - Hashing table security fixes
1363 frogger 1.3
1364     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1365 frogger 1.7
1366     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1367     Initial import of hardened-sources-r2. This new
1368     ebuild includes many new performance and security
1369     related patches. As in -r1, it will patch in
1370     LSM/SELinux if "selinux" is in USE, otherwise it
1371     will patch in GRSecurity. The following patches
1372     are included in this revision:
1373 plasmaroo 1.18
1374 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1375     (pulled from the base CK patch)
1376     - ptrace exploit patch for the LSM kernel
1377     (the GRSec patch already fixes this)
1378     - LSM 2.4-2003040709
1379     - SELinux 2.4-2003040709
1380     - Systrace v1.2
1381     - IPTables patch-o-matic base patches - 20030107
1382     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1383     - Super FreeS/WAN 1.99.6.1
1384     - GRSecurity 1.9.9g
1385     - MPPE
1386     - EXT3 data journal fix
1387     - CIPE 1.5.4
1388 frogger 1.6
1389     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1390     hardened-sources-2.4.20-r1.ebuild, manifest:
1391 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1392 frogger 1.5
1393     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1394     hardened-sources-2.4.20-r1.ebuild:
1395     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1396     is patched in instead. Ptrace patches for selinux have also been added. In
1397     either case, systrace support will be patched in as well.
1398 frogger 1.3
1399     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1400     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1401 plasmaroo 1.18 Revision bump for new sources.
1402 frogger 1.4
1403 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1404 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1405 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1406 method 1.1
1407 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1408    
1409 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1410     hardened-sources-2.4.20.ebuild:
1411 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20