/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.229 - (hide annotations) (download)
Sat Jul 5 00:52:24 2008 UTC (6 years, 3 months ago) by solar
Branch: MAIN
Changes since 1.228: +11 -1 lines
2.6.23-r4: Stable x86/amd64 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release. 2.6.23-r{11,12}: Removed due to multiple vulns. (gengor & kerframil)
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.229 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.228 2008/07/04 19:21:58 nixnut Exp $
4    
5     *hardened-sources-2.6.25-r2 (05 Jul 2008)
6    
7     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
8     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
9     +hardened-sources-2.6.25-r2.ebuild:
10     2.6.23-r4: Stable x86/amd64
11     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
12     2.6.23-r{11,12}: Removed due to multiple vulns.
13     (gengor & kerframil)
14 nixnut 1.228
15     04 Jul 2008; nixnut <nixnut@gentoo.org>
16     hardened-sources-2.6.23-r13.ebuild:
17     Stable on ppc
18 solar 1.227
19     *hardened-sources-2.6.25-r1 (30 Jun 2008)
20    
21     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
22     +hardened-sources-2.6.25-r1.ebuild:
23     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
24     grsecurity release. 2.6.23-r13: x86/amd64 stable
25 solar 1.226
26     *hardened-sources-2.6.25 (17 Jun 2008)
27     *hardened-sources-2.6.24-r3 (17 Jun 2008)
28     *hardened-sources-2.6.23-r13 (17 Jun 2008)
29    
30     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
31     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
32     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
33     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
34     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
35     2.6.25: Initial 2.6.25 release.
36 solar 1.225
37     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
38     - fasttrack to stable x86/amd64
39 swegener 1.224
40     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
41     Fix broken digest for linux-2.6.24.tar.bz2.
42 solar 1.223
43     *hardened-sources-2.6.24-r2 (11 May 2008)
44     *hardened-sources-2.6.23-r12 (11 May 2008)
45    
46     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
47     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
48     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
49     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
50     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
51     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
52     security bugs 219901, 220691, 220975, 220979, 221123. New
53     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
54     should be removed as far as I'm concerned, everything else remove due to
55     vulnerable to numerous security bugs or brokeness.
56 nixnut 1.222
57     10 May 2008; nixnut <nixnut@gentoo.org>
58     hardened-sources-2.6.23-r11.ebuild:
59     Stable on ppc
60 solar 1.221
61     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
62     - -r11 stable on x86/amd64
63 solar 1.220
64     *hardened-sources-2.6.23-r11 (01 May 2008)
65    
66     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
67     - version bump to fix ulgy linux bugs
68 phreak 1.219
69     *hardened-sources-2.6.24-r1 (30 Apr 2008)
70    
71     30 Apr 2008; Christian Heim <phreak@gentoo.org>
72     +hardened-sources-2.6.24-r1.ebuild:
73     Revision bump (thanks to Kerin and Gordon, again), pulling
74     genpatches-2.6.24-7, solving #219089. Additionally contains further security
75     fixes plus some minor updates.
76 phreak 1.218
77     *hardened-sources-2.6.23-r10 (30 Apr 2008)
78    
79     30 Apr 2008; Christian Heim <phreak@gentoo.org>
80     +hardened-sources-2.6.23-r10.ebuild:
81     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
82     Additional contains "various other fixes".
83 phreak 1.217
84     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
85     Update the longdescription in metadata, thanks to Gordon Malm.
86 nixnut 1.216
87     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
88     Stable on ppc wrt bug #213255
89 solar 1.215
90     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
91     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
92     - stable on x86/amd64 per request. Removed obsolete ebuilds
93 phreak 1.214
94     *hardened-sources-2.6.24 (07 Apr 2008)
95    
96     07 Apr 2008; Christian Heim <phreak@gentoo.org>
97     +hardened-sources-2.6.24.ebuild:
98     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
99     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
100     for the many contributions and their continued effort in #216612) based on
101     2.6.24 and genpatches-2.6.24-5.
102    
103     The current ebuild/patchset contains these things:
104     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
105     * Introduces bespoke server and workstation oriented security levels
106     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
107 phreak 1.213
108     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
109     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
110     maintaining it).
111 phreak 1.212
112     24 Mar 2008; Christian Heim <phreak@gentoo.org>
113     hardened-sources-2.4.35-r2.ebuild:
114     Fixing SRC_URI for 2.4.35-r2.
115 phreak 1.211
116     *hardened-sources-2.6.23-r9 (22 Mar 2008)
117    
118     22 Mar 2008; Christian Heim <phreak@gentoo.org>
119     +hardened-sources-2.6.23-r9.ebuild:
120     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
121     * Change the default GIDs for some grsecurity options
122     * Revamp the Hardened [Gentoo] security level and make it the default level
123     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
124     * Fix a recursive lock -- call to capable() within ptrace_attach()
125     * Fix bug that allows audit and iscsi operations to be controlled via netlink
126 solar 1.210
127     *hardened-sources-2.6.23-r8 (27 Feb 2008)
128    
129     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
130     - version bump from Kerin Millar bug 210026
131 solar 1.209
132     17 Feb 2008; <solar@gentoo.org> metadata.xml,
133     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
134     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
135     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
136     - stable on x86 and remove old ebuilds
137 solar 1.207
138     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
139 solar 1.208 - stable on amd64 per request of amd64 lead
140 solar 1.206
141     *hardened-sources-2.6.23-r7 (11 Feb 2008)
142    
143     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
144     - version bump from kerin.millar
145     Changes:
146    
147     * Bump to genpatches-base-2.6.23-9
148     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
149     * Disables COMPAT_VDSO in x86/defconfig
150     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
151 phreak 1.205
152     25 Jan 2008; Christian Heim <phreak@gentoo.org>
153     -hardened-sources-2.6.22-r8.ebuild:
154     Cleaning up old versions.
155 phreak 1.204
156     *hardened-sources-2.6.23-r6 (25 Jan 2008)
157    
158     25 Jan 2008; Christian Heim <phreak@gentoo.org>
159     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
160     Revision bump, pulling in the latest genpatches.
161 phreak 1.203
162     *hardened-sources-2.6.23-r5 (24 Dec 2007)
163    
164     24 Dec 2007; Christian Heim <phreak@gentoo.org>
165     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
166     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
167     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
168     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
169 phreak 1.202
170     24 Dec 2007; Christian Heim <phreak@gentoo.org>
171     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
172     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
173     -hardened-sources-2.6.23-r3.ebuild:
174     Cleaning out some unused, old versions.
175 phreak 1.201
176     24 Dec 2007; Christian Heim <phreak@gentoo.org>
177     hardened-sources-2.6.23-r4.ebuild:
178     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
179     in the tree for long, but there isn't much of a difference between this and
180     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
181 phreak 1.200
182     *hardened-sources-2.6.23-r4 (23 Dec 2007)
183    
184     23 Dec 2007; Christian Heim <phreak@gentoo.org>
185     +hardened-sources-2.6.23-r4.ebuild:
186     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
187 phreak 1.199
188     *hardened-sources-2.6.23-r3 (04 Dec 2007)
189    
190     04 Dec 2007; Christian Heim <phreak@gentoo.org>
191     +hardened-sources-2.6.23-r3.ebuild:
192     Revision bump, pulling in 2.6.23.9.
193 phreak 1.198
194     *hardened-sources-2.6.23-r2 (25 Nov 2007)
195    
196     25 Nov 2007; Christian Heim <phreak@gentoo.org>
197     +hardened-sources-2.6.23-r2.ebuild:
198     Updated patchset, thanks to solar.
199 phreak 1.197
200     *hardened-sources-2.6.23-r1 (31 Oct 2007)
201    
202     31 Oct 2007; Christian Heim <phreak@gentoo.org>
203     +hardened-sources-2.6.23-r1.ebuild:
204     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
205 solar 1.196
206     29 Oct 2007; <solar@gentoo.org> metadata.xml:
207     - update metadata.xml
208 phreak 1.195
209     25 Oct 2007; Christian Heim <phreak@gentoo.org>
210     hardened-sources-2.6.22-r8.ebuild:
211     Marking 2.6.22-r8 stable on amd64 and x86.
212 phreak 1.194
213     21 Oct 2007; Christian Heim <phreak@gentoo.org>
214     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
215     -hardened-sources-2.6.21-r4.ebuild:
216     Removing old ebuilds.
217 phreak 1.193
218     *hardened-sources-2.4.35-r2 (21 Oct 2007)
219    
220     21 Oct 2007; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.4.35-r2.ebuild:
222     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
223     patches.
224 phreak 1.192
225     *hardened-sources-2.6.22-r8 (21 Oct 2007)
226    
227     21 Oct 2007; Christian Heim <phreak@gentoo.org>
228     +hardened-sources-2.6.22-r8.ebuild:
229     Yet another new patch, hopefully fixing the remaining issues we had w/
230     2.6.22. Candidate for stabling.
231 phreak 1.191
232     *hardened-sources-2.6.23 (13 Oct 2007)
233    
234     13 Oct 2007; Christian Heim <phreak@gentoo.org>
235     +hardened-sources-2.6.23.ebuild:
236     Initial hardened-sources-2.6.23. If people still have problems w/ bug
237     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
238 phreak 1.190
239     11 Oct 2007; Christian Heim <phreak@gentoo.org>
240     hardened-sources-2.6.20-r10.ebuild:
241     Pulling in yet another new genpatches version, fixing the PWC bug for real.
242 phreak 1.189
243     04 Oct 2007; Christian Heim <phreak@gentoo.org>
244     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
245     Removing old versions.
246 phreak 1.188
247     *hardened-sources-2.6.22-r7 (01 Oct 2007)
248    
249     01 Oct 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.22-r7.ebuild:
251     Revision bump, pulling in a newer patch. Should fix #194276.
252 phreak 1.187
253     30 Sep 2007; Christian Heim <phreak@gentoo.org>
254     hardened-sources-2.6.20-r10.ebuild:
255     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
256     Mike Doty).
257 phreak 1.186
258     *hardened-sources-2.6.22-r6 (26 Sep 2007)
259    
260     26 Sep 2007; Christian Heim <phreak@gentoo.org>
261     +hardened-sources-2.6.22-r6.ebuild:
262     Revision bump, grabbing up till Linux 2.6.22.9.
263 phreak 1.185
264     24 Sep 2007; Christian Heim <phreak@gentoo.org>
265     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
266     Cleaning up further.
267 phreak 1.184
268     *hardened-sources-2.6.20-r10 (24 Sep 2007)
269    
270     24 Sep 2007; Christian Heim <phreak@gentoo.org>
271     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
272     +hardened-sources-2.6.20-r10.ebuild:
273     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
274     revisions.
275 phreak 1.183
276     *hardened-sources-2.6.22-r5 (22 Sep 2007)
277    
278     22 Sep 2007; Christian Heim <phreak@gentoo.org>
279     +hardened-sources-2.6.22-r5.ebuild:
280     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
281 phreak 1.182
282     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
283     Removing johnm from metadata.xml (see #186467 for reference).
284 phreak 1.181
285     *hardened-sources-2.6.22-r4 (17 Sep 2007)
286    
287     17 Sep 2007; Christian Heim <phreak@gentoo.org>
288     +hardened-sources-2.6.22-r4.ebuild:
289     Revision bump, hopefully fixing all those weird PAX failures.
290 phreak 1.180
291     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
292     Updating the metadata.xml.
293 phreak 1.179
294     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
295     Removing tocharian from metadata due to his retirement (see #71718 for
296     reference).
297 phreak 1.178
298     *hardened-sources-2.6.20-r9 (30 Aug 2007)
299    
300     30 Aug 2007; Christian Heim <phreak@gentoo.org>
301     +hardened-sources-2.6.20-r9.ebuild:
302     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
303 phreak 1.177
304     29 Aug 2007; Christian Heim <phreak@gentoo.org>
305     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
306     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
307     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
308     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
309     -hardened-sources-2.6.22-r2.ebuild:
310     Removing some redundant versions.
311 phreak 1.176
312     *hardened-sources-2.4.35-r1 (29 Aug 2007)
313    
314     29 Aug 2007; Christian Heim <phreak@gentoo.org>
315     +hardened-sources-2.4.35-r1.ebuild:
316     Revision bump, new grsecurity patch.
317 phreak 1.175
318     *hardened-sources-2.6.20-r8 (26 Aug 2007)
319    
320     26 Aug 2007; Christian Heim <phreak@gentoo.org>
321     +hardened-sources-2.6.20-r8.ebuild:
322     Revision bump for Linux 2.6.20.17.
323 phreak 1.174
324     *hardened-sources-2.6.22-r3 (22 Aug 2007)
325    
326     22 Aug 2007; Christian Heim <phreak@gentoo.org>
327     +hardened-sources-2.6.22-r3.ebuild:
328     Revision bump for Linux 2.6.22.4.
329 phreak 1.173
330     16 Aug 2007; Christian Heim <phreak@gentoo.org>
331     hardened-sources-2.6.22-r2.ebuild:
332     Updated patchset, to fix the alignment against 2.6.22.3.
333 phreak 1.172
334     *hardened-sources-2.6.22-r2 (16 Aug 2007)
335    
336     16 Aug 2007; Christian Heim <phreak@gentoo.org>
337     +hardened-sources-2.6.22-r2.ebuild:
338     Revision bump for Linux 2.6.22.3.
339 phreak 1.171
340     *hardened-sources-2.4.35 (16 Aug 2007)
341    
342     16 Aug 2007; Christian Heim <phreak@gentoo.org>
343     +hardened-sources-2.4.35.ebuild:
344     Version bump, initial version for Linux 2.4.35.
345 phreak 1.170
346     *hardened-sources-2.6.21-r4 (16 Aug 2007)
347    
348     16 Aug 2007; Christian Heim <phreak@gentoo.org>
349     +hardened-sources-2.6.21-r4.ebuild:
350     Revision bump for Linux 2.6.21.6.
351 phreak 1.169
352     *hardened-sources-2.6.20-r7 (16 Aug 2007)
353    
354     16 Aug 2007; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.20-r7.ebuild:
356     Revision bump for Linux 2.6.20.16.
357 phreak 1.168
358     *hardened-sources-2.6.22-r1 (13 Aug 2007)
359    
360     13 Aug 2007; Christian Heim <phreak@gentoo.org>
361     +hardened-sources-2.6.22-r1.ebuild:
362     Yet another revision bump.
363 phreak 1.167
364     *hardened-sources-2.6.22 (10 Aug 2007)
365    
366     10 Aug 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.22.ebuild:
368     Initial release for 2.6.22. If you are using hardened-sources on a desktop
369     machine (P4 or newer), be aware you might need to disable
370     CONFIG_PAX_PAGEEXEC.
371 phreak 1.166
372     04 Aug 2007; Christian Heim <phreak@gentoo.org>
373     hardened-sources-2.6.20-r6.ebuild:
374     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
375     2.6.20.15.
376 phreak 1.165
377     10 Jul 2007; Christian Heim <phreak@gentoo.org>
378     hardened-sources-2.6.20-r5.ebuild:
379     Marking hardened-sources-2.6.20-r5 stable on ppc.
380 phreak 1.164
381     10 Jul 2007; Christian Heim <phreak@gentoo.org>
382     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
383     Cleanup.
384 phreak 1.163
385     *hardened-sources-2.6.20-r6 (08 Jul 2007)
386    
387     08 Jul 2007; Christian Heim <phreak@gentoo.org>
388     +hardened-sources-2.6.20-r6.ebuild:
389     Revision bump, grabbing yet another stable release.
390 phreak 1.162
391     17 Jun 2007; Christian Heim <phreak@gentoo.org>
392     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
393     -hardened-sources-2.6.21-r2.ebuild:
394     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
395     alpha stable KEYWORD by mistake.
396 phreak 1.161
397     17 Jun 2007; Christian Heim <phreak@gentoo.org>
398     hardened-sources-2.6.20-r5.ebuild:
399     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
400     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
401 phreak 1.160
402     *hardened-sources-2.6.21-r3 (12 Jun 2007)
403    
404     12 Jun 2007; Christian Heim <phreak@gentoo.org>
405     +hardened-sources-2.6.21-r3.ebuild:
406     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
407     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
408     love.
409 phreak 1.159
410     *hardened-sources-2.6.20-r5 (11 Jun 2007)
411    
412     11 Jun 2007; Christian Heim <phreak@gentoo.org>
413     +hardened-sources-2.6.20-r5.ebuild:
414     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
415     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
416     love.
417 pappy 1.158
418     *hardened-sources-2.4.34.5 (11 Jun 2007)
419    
420     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
421     +hardened-sources-2.4.34.5.ebuild:
422     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
423 phreak 1.157
424     30 May 2007; Christian Heim <phreak@gentoo.org>
425     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
426     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
427     stale ebuild(s).
428 phreak 1.156
429     30 May 2007; Christian Heim <phreak@gentoo.org>
430     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
431     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
432     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
433     Doing some cleanups, remove stale ebuilds.
434 phreak 1.155
435     26 May 2007; Christian Heim <phreak@gentoo.org>
436     hardened-sources-2.6.21-r2.ebuild:
437     Fixing the grsecurity patch, had one '};' too much.
438 phreak 1.154
439     *hardened-sources-2.6.21-r2 (26 May 2007)
440    
441     26 May 2007; Christian Heim <phreak@gentoo.org>
442     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
443     +hardened-sources-2.6.21-r2.ebuild:
444     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
445     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
446 phreak 1.153
447     *hardened-sources-2.6.20-r4 (26 May 2007)
448    
449     26 May 2007; Christian Heim <phreak@gentoo.org>
450     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
451     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
452 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
453 phreak 1.152
454     15 May 2007; Christian Heim <phreak@gentoo.org>
455     hardened-sources-2.6.20-r3.ebuild:
456     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
457     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
458     grsecurity patch fail in that exact same hunk.
459 phreak 1.151
460     *hardened-sources-2.6.20-r3 (15 May 2007)
461    
462     15 May 2007; Christian Heim <phreak@gentoo.org>
463     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
464     Revision bump, incorporating Linux 2.6.20.11.
465    
466     *hardened-sources-2.6.21-r1 (11 May 2007)
467    
468     11 May 2007; Christian Heim <phreak@gentoo.org>
469     +hardened-sources-2.6.21-r1.ebuild:
470     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
471     mentioned in #177234.
472 kevquinn 1.150
473     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
474     files/digest-hardened-sources-2.6.21, Manifest:
475     Fix Manifest/digest for linux-2.6.21.tar.bz2
476 phreak 1.149
477     06 May 2007; Christian Heim <phreak@gentoo.org>
478     hardened-sources-2.6.21.ebuild:
479     Bumping the hardened-patches version, needed for the fix for #177234.
480 phreak 1.148
481     *hardened-sources-2.6.21 (02 May 2007)
482    
483     02 May 2007; Christian Heim <phreak@gentoo.org>
484     +hardened-sources-2.6.21.ebuild:
485     Version bump, Linux 2.6.21-hardened.
486 phreak 1.147
487     29 Apr 2007; Christian Heim <phreak@gentoo.org>
488     hardened-sources-2.6.20-r2.ebuild:
489     Adding ~ia64 on Ned's request.
490 phreak 1.146
491     29 Apr 2007; Christian Heim <phreak@gentoo.org>
492     hardened-sources-2.6.20-r2.ebuild:
493     Fixing the included grsecurity patch, wasn't alligning due to the Index:
494     header line(s).
495 phreak 1.145
496     29 Apr 2007; Christian Heim <phreak@gentoo.org>
497     hardened-sources-2.6.20-r2.ebuild:
498     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
499 armin76 1.144
500     *hardened-sources-2.6.20-r2 (10 Apr 2007)
501    
502     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
503     +hardened-sources-2.6.20-r2.ebuild:
504     Version bump, on behalf of phreak
505 phreak 1.143
506     *hardened-sources-2.6.20-r1 (04 Apr 2007)
507    
508     04 Apr 2007; Christian Heim <phreak@gentoo.org>
509     +hardened-sources-2.6.20-r1.ebuild:
510     Revision bump, grabbing a newer grsecurity snapshot.
511 phreak 1.142
512     *hardened-sources-2.6.20 (25 Mar 2007)
513    
514     25 Mar 2007; Christian Heim <phreak@gentoo.org>
515     +hardened-sources-2.6.20.ebuild:
516     Finally a hardened-sources version for 2.6.20; many people have been waiting
517     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
518     testbox.
519 chainsaw 1.141
520     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
521     hardened-sources-2.6.18-r6.ebuild:
522     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
523 phreak 1.140
524     *hardened-sources-2.6.18-r6 (16 Mar 2007)
525    
526     16 Mar 2007; Christian Heim <phreak@gentoo.org>
527     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
528     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
529     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
530     supposed to be.
531 phreak 1.139
532     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
533     Fixing the Manifest, the previous one was broken (as in still had the
534     deleted ebuild in it).
535 phreak 1.138
536     06 Mar 2007; Christian Heim <phreak@gentoo.org>
537     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
538     +hardened-sources-2.6.18-r5.ebuild:
539     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
540     Linux 2.6.18.8. Also cleaning up the older version.
541    
542     *hardened-sources-2.6.18-r5 (06 Mar 2007)
543    
544     06 Mar 2007; Christian Heim <phreak@gentoo.org>
545     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
546     +hardened-sources-2.6.18-r5.ebuild:
547     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
548     Linux 2.6.18.8. Also cleaning up the older version.
549 phreak 1.137
550     24 Feb 2007; Christian Heim <phreak@gentoo.org>
551     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
552     -hardened-sources-2.6.19-r5.ebuild:
553     Removing some of the old version, that didn't work.
554 phreak 1.136
555     *hardened-sources-2.6.19-r6 (12 Feb 2007)
556    
557     12 Feb 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.19-r6.ebuild:
559     Revision bump, including a new grsec version fixing #166235.
560 pappy 1.134
561     *hardened-sources-2.4.34 (24 Jan 2007)
562    
563     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
564 pappy 1.135 Manifest:
565     updating Manifest with checksums of new tarball and ebuild
566    
567     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
568 pappy 1.134 +hardened-sources-2.4.34.ebuild:
569     I added new hardened sources 2.4 update, this is a critical path
570     security bugfix - all users of h-s are strongly advised
571     to update their existing hardened sources to this version.
572     It contains a fix for a kernel vulnerability that is pertaining
573     to the PaX changes to virtual memory management, possibly leading
574     to a local kernel exploit ... see grsecurity.net forums and homepage
575 phreak 1.133
576     23 Jan 2007; Christian Heim <phreak@gentoo.org>
577     files/digest-hardened-sources-2.6.19-r5, Manifest:
578     Fixing the patch-tarball digest.
579 phreak 1.132
580     *hardened-sources-2.6.19-r5 (23 Jan 2007)
581    
582     23 Jan 2007; Christian Heim <phreak@gentoo.org>
583     +hardened-sources-2.6.19-r5.ebuild:
584     Revision bump, closing the recently discovered PaX expand_stack()
585     vulnerability.
586 phreak 1.131
587     *hardened-sources-2.6.19-r4 (14 Jan 2007)
588    
589     14 Jan 2007; Christian Heim <phreak@gentoo.org>
590     +hardened-sources-2.6.19-r4.ebuild:
591     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
592     dropping the randomized PID feature.
593 opfer 1.130
594     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
595     hardened-sources-2.4.33.4.ebuild:
596     stable x86, bug #161171
597 phreak 1.129
598     *hardened-sources-2.6.19-r3 (27 Dec 2006)
599    
600     27 Dec 2006; Christian Heim <phreak@gentoo.org>
601     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
602     Revision bump for bug #157186 and #158786.
603 phreak 1.128
604     *hardened-sources-2.6.18-r4 (27 Dec 2006)
605    
606     27 Dec 2006; Christian Heim <phreak@gentoo.org>
607     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
608     Revision bump for bug #157186.
609 phreak 1.127
610     *hardened-sources-2.6.19-r2 (23 Dec 2006)
611    
612     23 Dec 2006; Christian Heim <phreak@gentoo.org>
613     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
614     Revision bump to pull in genpatches-2.6.19-3 for #157186.
615 phreak 1.126
616     17 Dec 2006; Christian Heim <phreak@gentoo.org>
617     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
618     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
619     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
620     hardened-sources-2.6.19-r1.ebuild:
621     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
622     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
623 pappy 1.125
624     *hardened-sources-2.4.33.4 (17 Dec 2006)
625    
626     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
627     +hardened-sources-2.4.33.4.ebuild:
628     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
629     and quilting
630 phreak 1.124
631     *hardened-sources-2.6.19-r1 (14 Dec 2006)
632    
633     14 Dec 2006; Christian Heim <phreak@gentoo.org>
634     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
635     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
636     for reporting).
637 phreak 1.123
638     *hardened-sources-2.6.19 (13 Dec 2006)
639    
640     13 Dec 2006; Christian Heim <phreak@gentoo.org>
641     +hardened-sources-2.6.19.ebuild:
642     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
643     Brad for providing that prompt update.
644 phreak 1.122
645     *hardened-sources-2.6.18-r3 (13 Dec 2006)
646    
647     13 Dec 2006; Christian Heim <phreak@gentoo.org>
648     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
649     +hardened-sources-2.6.18-r3.ebuild:
650     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
651     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
652 phreak 1.121
653     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
654     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
655 nixnut 1.120
656     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
657     Stable on ppc wrt bug 157356
658 opfer 1.119
659     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
660     hardened-sources-2.6.18.ebuild:
661     stable x86, bug #157356
662 phreak 1.118
663     *hardened-sources-2.6.18-r2 (06 Dec 2006)
664    
665     06 Dec 2006; Christian Heim <phreak@gentoo.org>
666     +hardened-sources-2.6.18-r2.ebuild:
667     Revision bump, including 2.6.18.5 (via genpatches) and
668     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
669     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
670     redesign.
671 phreak 1.117
672     06 Dec 2006; Christian Heim <phreak@gentoo.org>
673     hardened-sources-2.6.18.ebuild:
674     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
675     of Mike Doty).
676 phreak 1.116
677     *hardened-sources-2.6.18-r1 (23 Nov 2006)
678    
679     23 Nov 2006; Christian Heim <phreak@gentoo.org>
680     +hardened-sources-2.6.18-r1.ebuild:
681     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
682 phreak 1.115
683     *hardened-sources-2.6.18 (11 Nov 2006)
684    
685     11 Nov 2006; Christian Heim <phreak@gentoo.org>
686     +hardened-sources-2.6.18.ebuild:
687     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
688 solar 1.114
689     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
690     - mark amd64 stable also. bug #151877
691 solar 1.113
692     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
693     - mark 2.6.17-r1 stable
694 phreak 1.112
695     27 Aug 2006; Christian Heim <phreak@gentoo.org>
696     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
697     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
698 phreak 1.111
699     *hardened-sources-2.6.17-r1 (26 Aug 2006)
700    
701     26 Aug 2006; Christian Heim <phreak@gentoo.org>
702     +hardened-sources-2.6.17-r1.ebuild:
703     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
704     grsecurity patch.
705 phreak 1.110
706     *hardened-sources-2.6.17 (17 Aug 2006)
707    
708     17 Aug 2006; Christian Heim <phreak@gentoo.org>
709     +hardened-sources-2.6.17.ebuild:
710     Bumping the hardened-sources-2.6 series to 2.6.17, using
711     genpatches-2.6.17-6.base.
712 solar 1.109
713     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
714     - stable on x86 and amd64
715 solar 1.108
716     *hardened-sources-2.6.16-r11 (15 Jul 2006)
717    
718     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
719     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
720     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
721     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
722     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
723     crusty ebuilds
724 johnm 1.107
725     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
726     hardened-sources-2.6.16-r10.ebuild:
727     marking stable on x86 and amd64
728 solar 1.106
729     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
730     - 2.4.32-r6 stable on x86. RSBAC state unknown
731 kang 1.105
732     *hardened-sources-2.4.32-r7 (10 Jul 2006)
733    
734     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
735     +hardened-sources-2.4.32-r7.ebuild:
736     Bump PaX for RSBAC to test-17
737 johnm 1.104
738     *hardened-sources-2.6.16-r9 (03 Jul 2006)
739    
740     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
741     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
742     hardened-sources-2.6.16 bump to latest -base.
743 solar 1.103
744     *hardened-sources-2.4.32-r6 (30 Jun 2006)
745    
746     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
747     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
748     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
749     sysctl controlable resource logging
750 johnm 1.102
751     *hardened-sources-2.6.16-r7 (05 Jun 2006)
752    
753     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
754     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
755     push new 2.6.16 release in preparation for stable
756 solar 1.101
757     22 May 2006; <solar@gentoo.org> :
758     - redigest bug 134002
759 kang 1.100
760     *hardened-sources-2.4.32-r5 (16 May 2006)
761    
762     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
763     +hardened-sources-2.4.32-r5.ebuild:
764     Fixes rsbac common patching (new patch in new -r5 patchset)
765 solar 1.99
766     *hardened-sources-2.4.32-r4 (13 May 2006)
767    
768     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
769     +hardened-sources-2.4.32-r4.ebuild:
770     - security bumps
771 johnm 1.98
772     *hardened-sources-2.6.16-r6 (03 May 2006)
773    
774     03 May 2006; John Mylchreest <johnm@gentoo.org>
775     +hardened-sources-2.6.16-r6.ebuild:
776     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
777 johnm 1.97
778     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
779     hardened-sources-2.6.14-r8.ebuild:
780     fix x86_64 build problem, this will delay the digest issue again for a short
781     while but it will sort itself out
782 johnm 1.96
783     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
784     hardened-sources-2.6.14-r8.ebuild:
785     bump hardened patchset
786 antarus 1.94
787     27 Apr 2006; Alec Warner <antarus@gentoo.org>
788     files/digest-hardened-sources-2.4.32-r2,
789     files/digest-hardened-sources-2.4.32-r3,
790     files/digest-hardened-sources-2.6.14-r8, Manifest:
791     Fixing duff SHA256 digests: Bug # 131293
792 johnm 1.93
793 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
794    
795     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
796     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
797     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
798     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
799     cleanup of old uneccessary sources
800    
801 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
802     fix digest
803 johnm 1.92
804     *hardened-sources-2.6.14-r8 (20 Apr 2006)
805    
806     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
807     +hardened-sources-2.6.14-r8.ebuild:
808     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
809 johnm 1.91
810     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
811     Turning on gpg-signing again, and recomitting
812 johnm 1.90
813     *hardened-sources-2.6.16-r4 (20 Apr 2006)
814    
815     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
816     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
817     +hardened-sources-2.6.16-r4.ebuild:
818     Fix numerous security vulns
819 solar 1.89
820     *hardened-sources-2.4.32-r3 (16 Apr 2006)
821    
822     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
823     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
824     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
825     - security bump for bug #112791. Removed old ebuilds
826 johnm 1.88
827     *hardened-sources-2.6.16-r3 (15 Apr 2006)
828    
829     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
830     +hardened-sources-2.6.16-r3.ebuild:
831     Removing silly localversion which I missed
832 johnm 1.87
833     *hardened-sources-2.6.14-r7 (14 Apr 2006)
834    
835     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
836     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
837     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
838 johnm 1.86
839     *hardened-sources-2.6.16-r2 (13 Apr 2006)
840    
841     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
842     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
843     +hardened-sources-2.6.16-r2.ebuild:
844     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
845     labels, dropping USERGROUP define fixes, since these were merged mainstream.
846 johnm 1.85
847     *hardened-sources-2.6.16-r1 (11 Apr 2006)
848    
849     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
850     +hardened-sources-2.6.16-r1.ebuild:
851     Bumping to include ppc build fix and 2.6.16.3
852 tsunam 1.84
853     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
854     hardened-sources-2.6.14-r6.ebuild:
855     Stable on x86; bug #127718
856 johnm 1.83
857     *hardened-sources-2.6.16 (31 Mar 2006)
858    
859     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
860     +hardened-sources-2.6.16.ebuild:
861     Bumping to new version of grsec, and kernel base. New squashfs. Based on
862     2.6.16.1
863 cryos 1.82
864     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
865     hardened-sources-2.6.14-r6.ebuild:
866     Stable on amd64, bug 127718.
867 nixnut 1.81
868     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
869     Stable on ppc. Bug #127718
870 johnm 1.80
871     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
872     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
873     -hardened-sources-2.6.14-r4.ebuild:
874     Cleanup.
875 johnm 1.79
876     *hardened-sources-2.6.14-r6 (15 Mar 2006)
877    
878     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
879     +hardened-sources-2.6.14-r6.ebuild:
880     Fixes grsec policy recreation bug and adds a
881     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
882 solar 1.78
883     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
884     - stable on x86
885 hansmi 1.77
886     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
887     hardened-sources-2.6.14-r5.ebuild:
888     Stable on ppc.
889 johnm 1.76
890     *hardened-sources-2.6.14-r5 (01 Feb 2006)
891    
892     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
893     +hardened-sources-2.6.14-r5.ebuild:
894     fixing every known exploit
895 solar 1.75
896     *hardened-sources-2.4.32-r2 (26 Jan 2006)
897    
898     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
899     +hardened-sources-2.4.32-r2.ebuild:
900     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
901 solar 1.74
902     *hardened-sources-2.6.14-r4 (12 Jan 2006)
903    
904     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
905     - version bump for new genpatches which fix up a few sec holes
906 solar 1.73
907     *hardened-sources-2.4.32-r1 (05 Jan 2006)
908    
909     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
910     - revision bump to add misc vital linux kernel security patches.
911 johnm 1.72
912     *hardened-sources-2.6.14-r3 (30 Dec 2005)
913    
914     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
915     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
916     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
917 johnm 1.71
918     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
919     hardened-sources-2.6.14-r2.ebuild:
920     making x86 & amd64 stable following testing.
921 johnm 1.70
922     *hardened-sources-2.6.14-r2 (27 Dec 2005)
923    
924     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
925     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
926     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
927     network hooks.
928 johnm 1.69
929     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
930     hardened-sources-2.6.14-r1.ebuild:
931     bumping to stable early for sec fix on x86 & amd64
932 johnm 1.68
933     *hardened-sources-2.6.14-r1 (05 Dec 2005)
934    
935     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
936     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
937     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
938 solar 1.67
939     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
940     - stable on x86 security bug #114227 CAN-2005-3257
941 kang 1.66
942     *hardened-sources-2.4.32 (19 Nov 2005)
943    
944     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
945     +hardened-sources-2.4.32.ebuild:
946     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
947     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
948     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
949     rsbac >> /etc/portage/package.use)
950 johnm 1.65
951     *hardened-sources-2.6.14 (14 Nov 2005)
952    
953     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
954     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
955     Bumping 2.6 series to 2.6.14.2
956 johnm 1.64
957     *hardened-sources-2.6.13-r2 (20 Oct 2005)
958    
959     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
960     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
961     +hardened-sources-2.6.13-r2.ebuild:
962     Fixes minor build error in ppc.
963 johnm 1.63
964     *hardened-sources-2.6.13-r1 (17 Oct 2005)
965    
966     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
967     +hardened-sources-2.6.13-r1.ebuild:
968     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
969     2.6.13.4, fixes some major amd64 stability problems.
970 johnm 1.62
971     *hardened-sources-2.6.13 (16 Sep 2005)
972    
973     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
974     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
975     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
976     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
977     users should test this thoroughly.
978 solar 1.61
979     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
980     - stable on x86
981 johnm 1.60
982     *hardened-sources-2.6.11-r15 (27 Jun 2005)
983    
984     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
985     +hardened-sources-2.6.11-r15.ebuild:
986     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
987     grsec redefining curr_ip struct.
988 solar 1.59
989     *hardened-sources-2.4.31 (20 Jun 2005)
990    
991     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
992     initial import of 2.4.31 tree
993 johnm 1.58
994     *hardened-sources-2.6.11-r14 (14 Jun 2005)
995    
996     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
997     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
998     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
999     naming scheme to abide by genpatches
1000 johnm 1.57
1001     *hardened-sources-2.6.11-r13 (18 May 2005)
1002    
1003     18 May 2005; John Mylchreest <johnm@gentoo.org>
1004     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1005     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1006     target. sorry about that. Fixes bug #93022
1007 johnm 1.56
1008     *hardened-sources-2.6.11-r12 (17 May 2005)
1009    
1010     17 May 2005; John Mylchreest <johnm@gentoo.org>
1011     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1012     +hardened-sources-2.6.11-r12.ebuild:
1013     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1014     merges in genpatches-base
1015 johnm 1.55
1016     *hardened-sources-2.6.11-r12 (17 May 2005)
1017    
1018     17 May 2005; John Mylchreest <johnm@gentoo.org>
1019     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1020     +hardened-sources-2.6.11-r12.ebuild:
1021     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1022     merges in genpatches-base
1023 solar 1.54
1024     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1025     -files/2.4.27-cmdline-race.patch,
1026     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1027     -files/2.4.28-grsec-binfmt_a.out.patch,
1028     -files/2.4.28-grsec-cmdline-race.patch,
1029     -files/2.4.28-selinux-binfmt_a.out.patch,
1030     -files/2.4.28-selinux-cmdline-race.patch,
1031     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1032     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1033     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1034     cleanup..
1035 solar 1.53
1036     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1037    
1038     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1039     - disable aout by default
1040 solar 1.52
1041     *hardened-sources-2.4.30 (18 Apr 2005)
1042    
1043     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1044     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1045     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1046     use
1047 tocharian 1.50
1048 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1049    
1050     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1051     +hardened-sources-2.4.29.ebuild:
1052     New hardened-patches-2.4-29.0 patchball.
1053     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1054    
1055     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1056    
1057     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1058     +hardened-sources-2.4.28-r5.ebuild:
1059     Added a fix for a PaX vulnerability.
1060    
1061     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1062 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1063     Stable on x86
1064 solar 1.49
1065     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1066     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1067     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1068     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1069     - fixed/added RDEPEND= in all kernel-2 ebuilds
1070 tocharian 1.48
1071     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1072    
1073     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1074     +hardened-sources-2.4.28-r4.ebuild:
1075     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1076     backport of neighbour hash updates.
1077 tocharian 1.47
1078     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1079     hardened-sources-2.4.28-r3.ebuild:
1080     Stable on x86
1081 tseng 1.46
1082     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1083    
1084     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1085     +hardened-sources-2.6.10-r3.ebuild:
1086     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1087     in 2005.0
1088 tocharian 1.45
1089     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1090     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1091     hardened-sources-2.4.28-r2.ebuild:
1092     Mark stable on x86
1093 tocharian 1.44
1094     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1095    
1096     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1097     +hardened-sources-2.4.28-r3.ebuild:
1098     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1099 tocharian 1.43
1100     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1101     hardened-sources-2.4.28.ebuild:
1102     Mark stable on x86.
1103 tocharian 1.42
1104     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1105    
1106     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1107     +hardened-sources-2.4.28-r2.ebuild:
1108     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1109     Mazinger for grsecurity patches as well.
1110 plasmaroo 1.41
1111     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1112    
1113     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1114     Security bump. Thank tocharian for rolling a new patchset...
1115 solar 1.40
1116     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1117     +files/2.4.28-grsec-cmdline-race.patch,
1118     +files/2.4.28-selinux-binfmt_a.out.patch,
1119     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1120     - Round up remaining security patches that appear to be missing in 2.4.28. -
1121     PaX standalone updated to current. hgpv=28.1
1122 solar 1.39
1123     *hardened-sources-2.4.28 (28 Nov 2004)
1124    
1125     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1126     security bump. Thank tocharian for rolling a new patchset
1127 scox 1.31
1128 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1129    
1130     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1131     +hardened-sources-2.4.27-r3.ebuild:
1132     Applies the new 2.4-27.2 patchball which updates
1133     GRSecurity to the 2.0.1 version.
1134    
1135 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1136    
1137     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1138     +hardened-sources-2.4.27-r2.ebuild:
1139     Version bump.
1140     This version uses the new 2.4-27.1 patchball which updates
1141     both the SELinux PaX hooks patch and the SELinux headers.
1142    
1143 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1144    
1145     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1146     +hardened-sources-2.4.27-r1.ebuild,
1147     -hardened-sources-2.4.27.ebuild,
1148     +files/2.4.27-cmdline-race.patch:
1149     Version bump, fix for cmdline race. See bug #59905.
1150    
1151     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1152    
1153     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1154     +hardened-sources-2.4.26-r6.ebuild,
1155     -hardened-sources-2.4.26-r5.ebuild,
1156     -hardened-sources-2.4.26-r4.ebuild,
1157     +files/2.4.26-cmdline-race.patch:
1158     Version bump, fix for cmdline race. See bug #59905.
1159    
1160 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1161    
1162     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1163     +hardened-sources-2.4.27.ebuild,
1164     +files/2.4.27-CAN-2004-0394.patch:
1165     Ported the patchball to the 2.4.27 kernel version.
1166    
1167 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1168    
1169     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1170     +hardened-sources-2.4.26-r5.ebuild:
1171 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1172 scox 1.34 It adds the following features:
1173     - Squashfs
1174     - Ebtables
1175     - Netdev random (core+drivers)
1176     - Watchdog Timer (WDT) fix.
1177    
1178 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1179    
1180     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1181     +hardened-sources-2.4.26-r4.ebuild,
1182     +files/2.4.26-CAN-2004-0415.patch,
1183     -hardened-sources-2.4.26-3:
1184     Version bump, fix for CAN 0415, see bug #59378.
1185    
1186 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1187    
1188     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1189     +hardened-sources-2.4.26-r3.ebuild,
1190     +files/2.4.26-CAN-2004-0497.patch,
1191     -hardened-sources-2.4.26-r2.ebuild:
1192     Version bump, fixed CAN 0497, see bug #56171.
1193    
1194 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1195    
1196     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1197 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1198 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1199     +files/2.4.26-CAN-2004-0535.patch,
1200     -hardened-sources-2.4.26-r1.ebuild:
1201     Fixes for both CAN 0495 and 0535, see bug #54976
1202 pvdabeel 1.27
1203 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1204     hardened-sources-2.4.26-r1.ebuild:
1205     QA - fix use invocation
1206 scox 1.28
1207     *hardened-sources-2.4.26-r1 (22 June 2004)
1208    
1209     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1210     +hardened-sources-2.4.26-r1.ebuild,
1211     +files/2.4.26-CAN-2004-0394.patch,
1212     +files/2.4.26-signal-race.patch,
1213     -hardened-sources-2.4.26.ebuild,
1214     -hardened-sources-2.4.24-r3.ebuild:
1215     Version bump for the CAN-2004-0394 issue and bug #53804
1216     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1217    
1218    
1219 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1220     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1221     Masked hardened-sources-2.4.26.ebuild broken for ppc
1222    
1223     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1224     hardened-sources-2.4.24-r3.ebuild:
1225     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1226 plasmaroo 1.25
1227 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1228    
1229     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1230     +hardened-sources-2.4.26.ebuild:
1231     Updated hardened-sources for the 2.4.26 kernel
1232     Removed broken components, updated almost everything.
1233    
1234 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1235    
1236     17 Apr 2004; <plasmaroo@gentoo.org>
1237     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1238     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1239     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1240     +hardened-sources-2.4.24-r3.ebuild:
1241     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1242     vulnerabilities. Old revisions removed.
1243 plasmaroo 1.24
1244     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1245    
1246     15 Apr 2004; <plasmaroo@gentoo.org>
1247     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1248     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1249     Version bump for the CAN-2004-0109 issue; bug #47881.
1250 aliz 1.23
1251     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1252     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1253     Add eutils to inherit.
1254 plasmaroo 1.22
1255     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1256    
1257     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1258     files/hardened-sources-2.4.24.munmap.patch:
1259     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1260 scox 1.19
1261 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1262 scox 1.26
1263 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1264     hardened-sources-2.4.24.ebuild:
1265     Version bump, updated most of the components.
1266     This release includes the following:
1267    
1268     - Hardened security
1269     - Netfilter patch-o-matic 20031219
1270     - FreeSWAN 2.04 & x509 1.4.8
1271     - EVMS 2.2.2
1272     - XFS 1.3.1
1273     - cryptoloop jari
1274     - grsecurity 2.0-rc4
1275     - SELinux
1276     - PaX 200402060000
1277     - PaX Obscurity 200308302223
1278     - Others...
1279    
1280     Neither -ck nor systrace are included anymore.
1281    
1282 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1283    
1284     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1285     hardened-sources-2.4.22-r2.ebuild:
1286 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1287 scox 1.19
1288     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1289 iggy 1.17
1290     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1291 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1292 iggy 1.16
1293     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1294 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1295     Version bump for the 'do_brk' vulnerability.
1296 iggy 1.15
1297     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1298     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1299     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1300     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1301 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1302 frogger 1.14
1303     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1304     hardened-sources-2.4.22.ebuild:
1305 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1306     components. These are no longer handled in the kernel
1307     so this code was not necessary.
1308 frogger 1.13
1309     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1310     New 2.4.22 based hardened-sources thanks to
1311     Phil West <p.west@computer.org>.
1312    
1313     These sources include:
1314 plasmaroo 1.18 - New SELinux API
1315     - Updated CK-base
1316     - Updated GRSec
1317     - Systrace
1318     - SuperFreeS/WAN 1.99.8
1319     - Propolice kernel build support
1320     - EVMS
1321     - Other various security related patches
1322 frogger 1.11
1323 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1324    
1325     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1326     Updated hardened-sources based on the 2.4.21 Linux kernel.
1327     This includes updates to most major components such as:
1328 plasmaroo 1.18 - ck-base-0306300059
1329     - selinux-2.4-2003071106
1330     - grsecurity-2.0-rc1
1331     - Updated IPTables patch-o-matic
1332     - Updated SuperFreeS/WAN
1333    
1334 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1335     updated patch set ready for the 2.4.21 based kernel.
1336    
1337 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1338     Initial import of hardened-sources-2.4.20-r4. This revision
1339     includes only a few changes, but one of these is an important
1340     security fix. It is recommended all users of hardened-sources
1341     upgrade to this release.
1342 plasmaroo 1.18
1343 frogger 1.11 - ioperm bug fix
1344     - fixed compilation failure when building without GRSec
1345 plasmaroo 1.18
1346 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1347     due to time constraints, but is planned for inclusion in the near
1348     future.
1349 msterret 1.10
1350     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1351    
1352     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1353     hardened-sources-2.4.20-r3.ebuild:
1354 plasmaroo 1.18 Add Header...
1355 frogger 1.9
1356     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1357     hardened-sources-2.4.20-r3.ebuild:
1358     Removed warnings from ebuild. This kernel should be safe to
1359     use at this point.
1360 frogger 1.8
1361     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1362    
1363     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1364     hardened-sources-2.4.20-r3.ebuild:
1365     New revision. Includes the following changes over -r2:
1366 plasmaroo 1.18
1367 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1368     - Super FreeS/WAN 1.99.7rc2
1369     - PaX for the LSM/SELinux branch
1370     - GRSecurity 2.0-pre4 (role based access control)
1371     - Systrace 1.3
1372     - EXT3 fixes
1373     - EVMS 2.0.1
1374     - GCC 3.1+ compile optimizations
1375     - ProPolice kernel build support
1376     - Hashing table security fixes
1377 frogger 1.3
1378     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1379 frogger 1.7
1380     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1381     Initial import of hardened-sources-r2. This new
1382     ebuild includes many new performance and security
1383     related patches. As in -r1, it will patch in
1384     LSM/SELinux if "selinux" is in USE, otherwise it
1385     will patch in GRSecurity. The following patches
1386     are included in this revision:
1387 plasmaroo 1.18
1388 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1389     (pulled from the base CK patch)
1390     - ptrace exploit patch for the LSM kernel
1391     (the GRSec patch already fixes this)
1392     - LSM 2.4-2003040709
1393     - SELinux 2.4-2003040709
1394     - Systrace v1.2
1395     - IPTables patch-o-matic base patches - 20030107
1396     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1397     - Super FreeS/WAN 1.99.6.1
1398     - GRSecurity 1.9.9g
1399     - MPPE
1400     - EXT3 data journal fix
1401     - CIPE 1.5.4
1402 frogger 1.6
1403     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1404     hardened-sources-2.4.20-r1.ebuild, manifest:
1405 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1406 frogger 1.5
1407     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1408     hardened-sources-2.4.20-r1.ebuild:
1409     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1410     is patched in instead. Ptrace patches for selinux have also been added. In
1411     either case, systrace support will be patched in as well.
1412 frogger 1.3
1413     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1414     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1415 plasmaroo 1.18 Revision bump for new sources.
1416 frogger 1.4
1417 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1418 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1419 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1420 method 1.1
1421 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1422    
1423 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1424     hardened-sources-2.4.20.ebuild:
1425 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20