/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.234 - (hide annotations) (download)
Sat Aug 23 02:12:48 2008 UTC (6 years, 2 months ago) by battousai
Branch: MAIN
Changes since 1.233: +14 -1 lines
Drop 2.6.23-r13, 2.6.25-r3. Bump to 2.6.25-r5, 2.6.26-r1, fixing security bug #235221. Stable 2.6.25-r4 on amd64, x86. On behalf of gengor.
(Portage version: 2.2_rc8/cvs/Linux 2.6.27-rc4 x86_64)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 battousai 1.234 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.233 2008/08/18 01:39:02 solar Exp $
4    
5     *hardened-sources-2.6.26-r1 (23 Aug 2008)
6     *hardened-sources-2.6.25-r5 (23 Aug 2008)
7    
8     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
9     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
10     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
11     +hardened-sources-2.6.26-r1.ebuild:
12     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
13     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
14     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
15     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
16     (gengor).
17 solar 1.233
18     *hardened-sources-2.6.26 (18 Aug 2008)
19     *hardened-sources-2.6.25-r4 (18 Aug 2008)
20    
21     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
22     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
23     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
24     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
25     2.6.25-r2: Removed.
26 tove 1.232
27     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
28     Remove phreak from metadata.xml (#96398)
29 solar 1.231
30     *hardened-sources-2.6.25-r3 (31 Jul 2008)
31    
32     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
33     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
34     +hardened-sources-2.6.25-r3.ebuild:
35     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
36     fixes, including security bug #231750.
37 nixnut 1.230
38     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
39     Stable on ppc
40 solar 1.229
41     *hardened-sources-2.6.25-r2 (05 Jul 2008)
42    
43     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
44     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
45     +hardened-sources-2.6.25-r2.ebuild:
46     2.6.23-r4: Stable x86/amd64
47     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
48     2.6.23-r{11,12}: Removed due to multiple vulns.
49     (gengor & kerframil)
50 nixnut 1.228
51     04 Jul 2008; nixnut <nixnut@gentoo.org>
52     hardened-sources-2.6.23-r13.ebuild:
53     Stable on ppc
54 solar 1.227
55     *hardened-sources-2.6.25-r1 (30 Jun 2008)
56    
57     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
58     +hardened-sources-2.6.25-r1.ebuild:
59     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
60     grsecurity release. 2.6.23-r13: x86/amd64 stable
61 solar 1.226
62     *hardened-sources-2.6.25 (17 Jun 2008)
63     *hardened-sources-2.6.24-r3 (17 Jun 2008)
64     *hardened-sources-2.6.23-r13 (17 Jun 2008)
65    
66     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
67     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
68     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
69     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
70     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
71     2.6.25: Initial 2.6.25 release.
72 solar 1.225
73     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
74     - fasttrack to stable x86/amd64
75 swegener 1.224
76     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
77     Fix broken digest for linux-2.6.24.tar.bz2.
78 solar 1.223
79     *hardened-sources-2.6.24-r2 (11 May 2008)
80     *hardened-sources-2.6.23-r12 (11 May 2008)
81    
82     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
83     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
84     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
85     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
86     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
87     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
88     security bugs 219901, 220691, 220975, 220979, 221123. New
89     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
90     should be removed as far as I'm concerned, everything else remove due to
91     vulnerable to numerous security bugs or brokeness.
92 nixnut 1.222
93     10 May 2008; nixnut <nixnut@gentoo.org>
94     hardened-sources-2.6.23-r11.ebuild:
95     Stable on ppc
96 solar 1.221
97     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
98     - -r11 stable on x86/amd64
99 solar 1.220
100     *hardened-sources-2.6.23-r11 (01 May 2008)
101    
102     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
103     - version bump to fix ulgy linux bugs
104 phreak 1.219
105     *hardened-sources-2.6.24-r1 (30 Apr 2008)
106    
107     30 Apr 2008; Christian Heim <phreak@gentoo.org>
108     +hardened-sources-2.6.24-r1.ebuild:
109     Revision bump (thanks to Kerin and Gordon, again), pulling
110     genpatches-2.6.24-7, solving #219089. Additionally contains further security
111     fixes plus some minor updates.
112 phreak 1.218
113     *hardened-sources-2.6.23-r10 (30 Apr 2008)
114    
115     30 Apr 2008; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.6.23-r10.ebuild:
117     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
118     Additional contains "various other fixes".
119 phreak 1.217
120     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
121     Update the longdescription in metadata, thanks to Gordon Malm.
122 nixnut 1.216
123     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
124     Stable on ppc wrt bug #213255
125 solar 1.215
126     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
127     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
128     - stable on x86/amd64 per request. Removed obsolete ebuilds
129 phreak 1.214
130     *hardened-sources-2.6.24 (07 Apr 2008)
131    
132     07 Apr 2008; Christian Heim <phreak@gentoo.org>
133     +hardened-sources-2.6.24.ebuild:
134     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
135     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
136     for the many contributions and their continued effort in #216612) based on
137     2.6.24 and genpatches-2.6.24-5.
138    
139     The current ebuild/patchset contains these things:
140     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
141     * Introduces bespoke server and workstation oriented security levels
142     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
143 phreak 1.213
144     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
145     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
146     maintaining it).
147 phreak 1.212
148     24 Mar 2008; Christian Heim <phreak@gentoo.org>
149     hardened-sources-2.4.35-r2.ebuild:
150     Fixing SRC_URI for 2.4.35-r2.
151 phreak 1.211
152     *hardened-sources-2.6.23-r9 (22 Mar 2008)
153    
154     22 Mar 2008; Christian Heim <phreak@gentoo.org>
155     +hardened-sources-2.6.23-r9.ebuild:
156     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
157     * Change the default GIDs for some grsecurity options
158     * Revamp the Hardened [Gentoo] security level and make it the default level
159     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
160     * Fix a recursive lock -- call to capable() within ptrace_attach()
161     * Fix bug that allows audit and iscsi operations to be controlled via netlink
162 solar 1.210
163     *hardened-sources-2.6.23-r8 (27 Feb 2008)
164    
165     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
166     - version bump from Kerin Millar bug 210026
167 solar 1.209
168     17 Feb 2008; <solar@gentoo.org> metadata.xml,
169     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
170     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
171     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
172     - stable on x86 and remove old ebuilds
173 solar 1.207
174     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
175 solar 1.208 - stable on amd64 per request of amd64 lead
176 solar 1.206
177     *hardened-sources-2.6.23-r7 (11 Feb 2008)
178    
179     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
180     - version bump from kerin.millar
181     Changes:
182    
183     * Bump to genpatches-base-2.6.23-9
184     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
185     * Disables COMPAT_VDSO in x86/defconfig
186     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
187 phreak 1.205
188     25 Jan 2008; Christian Heim <phreak@gentoo.org>
189     -hardened-sources-2.6.22-r8.ebuild:
190     Cleaning up old versions.
191 phreak 1.204
192     *hardened-sources-2.6.23-r6 (25 Jan 2008)
193    
194     25 Jan 2008; Christian Heim <phreak@gentoo.org>
195     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
196     Revision bump, pulling in the latest genpatches.
197 phreak 1.203
198     *hardened-sources-2.6.23-r5 (24 Dec 2007)
199    
200     24 Dec 2007; Christian Heim <phreak@gentoo.org>
201     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
202     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
203     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
204     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
205 phreak 1.202
206     24 Dec 2007; Christian Heim <phreak@gentoo.org>
207     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
208     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
209     -hardened-sources-2.6.23-r3.ebuild:
210     Cleaning out some unused, old versions.
211 phreak 1.201
212     24 Dec 2007; Christian Heim <phreak@gentoo.org>
213     hardened-sources-2.6.23-r4.ebuild:
214     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
215     in the tree for long, but there isn't much of a difference between this and
216     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
217 phreak 1.200
218     *hardened-sources-2.6.23-r4 (23 Dec 2007)
219    
220     23 Dec 2007; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.6.23-r4.ebuild:
222     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
223 phreak 1.199
224     *hardened-sources-2.6.23-r3 (04 Dec 2007)
225    
226     04 Dec 2007; Christian Heim <phreak@gentoo.org>
227     +hardened-sources-2.6.23-r3.ebuild:
228     Revision bump, pulling in 2.6.23.9.
229 phreak 1.198
230     *hardened-sources-2.6.23-r2 (25 Nov 2007)
231    
232     25 Nov 2007; Christian Heim <phreak@gentoo.org>
233     +hardened-sources-2.6.23-r2.ebuild:
234     Updated patchset, thanks to solar.
235 phreak 1.197
236     *hardened-sources-2.6.23-r1 (31 Oct 2007)
237    
238     31 Oct 2007; Christian Heim <phreak@gentoo.org>
239     +hardened-sources-2.6.23-r1.ebuild:
240     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
241 solar 1.196
242     29 Oct 2007; <solar@gentoo.org> metadata.xml:
243     - update metadata.xml
244 phreak 1.195
245     25 Oct 2007; Christian Heim <phreak@gentoo.org>
246     hardened-sources-2.6.22-r8.ebuild:
247     Marking 2.6.22-r8 stable on amd64 and x86.
248 phreak 1.194
249     21 Oct 2007; Christian Heim <phreak@gentoo.org>
250     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
251     -hardened-sources-2.6.21-r4.ebuild:
252     Removing old ebuilds.
253 phreak 1.193
254     *hardened-sources-2.4.35-r2 (21 Oct 2007)
255    
256     21 Oct 2007; Christian Heim <phreak@gentoo.org>
257     +hardened-sources-2.4.35-r2.ebuild:
258     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
259     patches.
260 phreak 1.192
261     *hardened-sources-2.6.22-r8 (21 Oct 2007)
262    
263     21 Oct 2007; Christian Heim <phreak@gentoo.org>
264     +hardened-sources-2.6.22-r8.ebuild:
265     Yet another new patch, hopefully fixing the remaining issues we had w/
266     2.6.22. Candidate for stabling.
267 phreak 1.191
268     *hardened-sources-2.6.23 (13 Oct 2007)
269    
270     13 Oct 2007; Christian Heim <phreak@gentoo.org>
271     +hardened-sources-2.6.23.ebuild:
272     Initial hardened-sources-2.6.23. If people still have problems w/ bug
273     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
274 phreak 1.190
275     11 Oct 2007; Christian Heim <phreak@gentoo.org>
276     hardened-sources-2.6.20-r10.ebuild:
277     Pulling in yet another new genpatches version, fixing the PWC bug for real.
278 phreak 1.189
279     04 Oct 2007; Christian Heim <phreak@gentoo.org>
280     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
281     Removing old versions.
282 phreak 1.188
283     *hardened-sources-2.6.22-r7 (01 Oct 2007)
284    
285     01 Oct 2007; Christian Heim <phreak@gentoo.org>
286     +hardened-sources-2.6.22-r7.ebuild:
287     Revision bump, pulling in a newer patch. Should fix #194276.
288 phreak 1.187
289     30 Sep 2007; Christian Heim <phreak@gentoo.org>
290     hardened-sources-2.6.20-r10.ebuild:
291     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
292     Mike Doty).
293 phreak 1.186
294     *hardened-sources-2.6.22-r6 (26 Sep 2007)
295    
296     26 Sep 2007; Christian Heim <phreak@gentoo.org>
297     +hardened-sources-2.6.22-r6.ebuild:
298     Revision bump, grabbing up till Linux 2.6.22.9.
299 phreak 1.185
300     24 Sep 2007; Christian Heim <phreak@gentoo.org>
301     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
302     Cleaning up further.
303 phreak 1.184
304     *hardened-sources-2.6.20-r10 (24 Sep 2007)
305    
306     24 Sep 2007; Christian Heim <phreak@gentoo.org>
307     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
308     +hardened-sources-2.6.20-r10.ebuild:
309     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
310     revisions.
311 phreak 1.183
312     *hardened-sources-2.6.22-r5 (22 Sep 2007)
313    
314     22 Sep 2007; Christian Heim <phreak@gentoo.org>
315     +hardened-sources-2.6.22-r5.ebuild:
316     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
317 phreak 1.182
318     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
319     Removing johnm from metadata.xml (see #186467 for reference).
320 phreak 1.181
321     *hardened-sources-2.6.22-r4 (17 Sep 2007)
322    
323     17 Sep 2007; Christian Heim <phreak@gentoo.org>
324     +hardened-sources-2.6.22-r4.ebuild:
325     Revision bump, hopefully fixing all those weird PAX failures.
326 phreak 1.180
327     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
328     Updating the metadata.xml.
329 phreak 1.179
330     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
331     Removing tocharian from metadata due to his retirement (see #71718 for
332     reference).
333 phreak 1.178
334     *hardened-sources-2.6.20-r9 (30 Aug 2007)
335    
336     30 Aug 2007; Christian Heim <phreak@gentoo.org>
337     +hardened-sources-2.6.20-r9.ebuild:
338     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
339 phreak 1.177
340     29 Aug 2007; Christian Heim <phreak@gentoo.org>
341     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
342     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
343     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
344     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
345     -hardened-sources-2.6.22-r2.ebuild:
346     Removing some redundant versions.
347 phreak 1.176
348     *hardened-sources-2.4.35-r1 (29 Aug 2007)
349    
350     29 Aug 2007; Christian Heim <phreak@gentoo.org>
351     +hardened-sources-2.4.35-r1.ebuild:
352     Revision bump, new grsecurity patch.
353 phreak 1.175
354     *hardened-sources-2.6.20-r8 (26 Aug 2007)
355    
356     26 Aug 2007; Christian Heim <phreak@gentoo.org>
357     +hardened-sources-2.6.20-r8.ebuild:
358     Revision bump for Linux 2.6.20.17.
359 phreak 1.174
360     *hardened-sources-2.6.22-r3 (22 Aug 2007)
361    
362     22 Aug 2007; Christian Heim <phreak@gentoo.org>
363     +hardened-sources-2.6.22-r3.ebuild:
364     Revision bump for Linux 2.6.22.4.
365 phreak 1.173
366     16 Aug 2007; Christian Heim <phreak@gentoo.org>
367     hardened-sources-2.6.22-r2.ebuild:
368     Updated patchset, to fix the alignment against 2.6.22.3.
369 phreak 1.172
370     *hardened-sources-2.6.22-r2 (16 Aug 2007)
371    
372     16 Aug 2007; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.22-r2.ebuild:
374     Revision bump for Linux 2.6.22.3.
375 phreak 1.171
376     *hardened-sources-2.4.35 (16 Aug 2007)
377    
378     16 Aug 2007; Christian Heim <phreak@gentoo.org>
379     +hardened-sources-2.4.35.ebuild:
380     Version bump, initial version for Linux 2.4.35.
381 phreak 1.170
382     *hardened-sources-2.6.21-r4 (16 Aug 2007)
383    
384     16 Aug 2007; Christian Heim <phreak@gentoo.org>
385     +hardened-sources-2.6.21-r4.ebuild:
386     Revision bump for Linux 2.6.21.6.
387 phreak 1.169
388     *hardened-sources-2.6.20-r7 (16 Aug 2007)
389    
390     16 Aug 2007; Christian Heim <phreak@gentoo.org>
391     +hardened-sources-2.6.20-r7.ebuild:
392     Revision bump for Linux 2.6.20.16.
393 phreak 1.168
394     *hardened-sources-2.6.22-r1 (13 Aug 2007)
395    
396     13 Aug 2007; Christian Heim <phreak@gentoo.org>
397     +hardened-sources-2.6.22-r1.ebuild:
398     Yet another revision bump.
399 phreak 1.167
400     *hardened-sources-2.6.22 (10 Aug 2007)
401    
402     10 Aug 2007; Christian Heim <phreak@gentoo.org>
403     +hardened-sources-2.6.22.ebuild:
404     Initial release for 2.6.22. If you are using hardened-sources on a desktop
405     machine (P4 or newer), be aware you might need to disable
406     CONFIG_PAX_PAGEEXEC.
407 phreak 1.166
408     04 Aug 2007; Christian Heim <phreak@gentoo.org>
409     hardened-sources-2.6.20-r6.ebuild:
410     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
411     2.6.20.15.
412 phreak 1.165
413     10 Jul 2007; Christian Heim <phreak@gentoo.org>
414     hardened-sources-2.6.20-r5.ebuild:
415     Marking hardened-sources-2.6.20-r5 stable on ppc.
416 phreak 1.164
417     10 Jul 2007; Christian Heim <phreak@gentoo.org>
418     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
419     Cleanup.
420 phreak 1.163
421     *hardened-sources-2.6.20-r6 (08 Jul 2007)
422    
423     08 Jul 2007; Christian Heim <phreak@gentoo.org>
424     +hardened-sources-2.6.20-r6.ebuild:
425     Revision bump, grabbing yet another stable release.
426 phreak 1.162
427     17 Jun 2007; Christian Heim <phreak@gentoo.org>
428     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
429     -hardened-sources-2.6.21-r2.ebuild:
430     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
431     alpha stable KEYWORD by mistake.
432 phreak 1.161
433     17 Jun 2007; Christian Heim <phreak@gentoo.org>
434     hardened-sources-2.6.20-r5.ebuild:
435     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
436     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
437 phreak 1.160
438     *hardened-sources-2.6.21-r3 (12 Jun 2007)
439    
440     12 Jun 2007; Christian Heim <phreak@gentoo.org>
441     +hardened-sources-2.6.21-r3.ebuild:
442     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
443     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
444     love.
445 phreak 1.159
446     *hardened-sources-2.6.20-r5 (11 Jun 2007)
447    
448     11 Jun 2007; Christian Heim <phreak@gentoo.org>
449     +hardened-sources-2.6.20-r5.ebuild:
450     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
451     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
452     love.
453 pappy 1.158
454     *hardened-sources-2.4.34.5 (11 Jun 2007)
455    
456     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
457     +hardened-sources-2.4.34.5.ebuild:
458     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
459 phreak 1.157
460     30 May 2007; Christian Heim <phreak@gentoo.org>
461     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
462     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
463     stale ebuild(s).
464 phreak 1.156
465     30 May 2007; Christian Heim <phreak@gentoo.org>
466     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
467     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
468     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
469     Doing some cleanups, remove stale ebuilds.
470 phreak 1.155
471     26 May 2007; Christian Heim <phreak@gentoo.org>
472     hardened-sources-2.6.21-r2.ebuild:
473     Fixing the grsecurity patch, had one '};' too much.
474 phreak 1.154
475     *hardened-sources-2.6.21-r2 (26 May 2007)
476    
477     26 May 2007; Christian Heim <phreak@gentoo.org>
478     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
479     +hardened-sources-2.6.21-r2.ebuild:
480     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
481     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
482 phreak 1.153
483     *hardened-sources-2.6.20-r4 (26 May 2007)
484    
485     26 May 2007; Christian Heim <phreak@gentoo.org>
486     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
487     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
488 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
489 phreak 1.152
490     15 May 2007; Christian Heim <phreak@gentoo.org>
491     hardened-sources-2.6.20-r3.ebuild:
492     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
493     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
494     grsecurity patch fail in that exact same hunk.
495 phreak 1.151
496     *hardened-sources-2.6.20-r3 (15 May 2007)
497    
498     15 May 2007; Christian Heim <phreak@gentoo.org>
499     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
500     Revision bump, incorporating Linux 2.6.20.11.
501    
502     *hardened-sources-2.6.21-r1 (11 May 2007)
503    
504     11 May 2007; Christian Heim <phreak@gentoo.org>
505     +hardened-sources-2.6.21-r1.ebuild:
506     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
507     mentioned in #177234.
508 kevquinn 1.150
509     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
510     files/digest-hardened-sources-2.6.21, Manifest:
511     Fix Manifest/digest for linux-2.6.21.tar.bz2
512 phreak 1.149
513     06 May 2007; Christian Heim <phreak@gentoo.org>
514     hardened-sources-2.6.21.ebuild:
515     Bumping the hardened-patches version, needed for the fix for #177234.
516 phreak 1.148
517     *hardened-sources-2.6.21 (02 May 2007)
518    
519     02 May 2007; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.21.ebuild:
521     Version bump, Linux 2.6.21-hardened.
522 phreak 1.147
523     29 Apr 2007; Christian Heim <phreak@gentoo.org>
524     hardened-sources-2.6.20-r2.ebuild:
525     Adding ~ia64 on Ned's request.
526 phreak 1.146
527     29 Apr 2007; Christian Heim <phreak@gentoo.org>
528     hardened-sources-2.6.20-r2.ebuild:
529     Fixing the included grsecurity patch, wasn't alligning due to the Index:
530     header line(s).
531 phreak 1.145
532     29 Apr 2007; Christian Heim <phreak@gentoo.org>
533     hardened-sources-2.6.20-r2.ebuild:
534     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
535 armin76 1.144
536     *hardened-sources-2.6.20-r2 (10 Apr 2007)
537    
538     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
539     +hardened-sources-2.6.20-r2.ebuild:
540     Version bump, on behalf of phreak
541 phreak 1.143
542     *hardened-sources-2.6.20-r1 (04 Apr 2007)
543    
544     04 Apr 2007; Christian Heim <phreak@gentoo.org>
545     +hardened-sources-2.6.20-r1.ebuild:
546     Revision bump, grabbing a newer grsecurity snapshot.
547 phreak 1.142
548     *hardened-sources-2.6.20 (25 Mar 2007)
549    
550     25 Mar 2007; Christian Heim <phreak@gentoo.org>
551     +hardened-sources-2.6.20.ebuild:
552     Finally a hardened-sources version for 2.6.20; many people have been waiting
553     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
554     testbox.
555 chainsaw 1.141
556     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
557     hardened-sources-2.6.18-r6.ebuild:
558     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
559 phreak 1.140
560     *hardened-sources-2.6.18-r6 (16 Mar 2007)
561    
562     16 Mar 2007; Christian Heim <phreak@gentoo.org>
563     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
564     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
565     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
566     supposed to be.
567 phreak 1.139
568     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
569     Fixing the Manifest, the previous one was broken (as in still had the
570     deleted ebuild in it).
571 phreak 1.138
572     06 Mar 2007; Christian Heim <phreak@gentoo.org>
573     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
574     +hardened-sources-2.6.18-r5.ebuild:
575     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
576     Linux 2.6.18.8. Also cleaning up the older version.
577    
578     *hardened-sources-2.6.18-r5 (06 Mar 2007)
579    
580     06 Mar 2007; Christian Heim <phreak@gentoo.org>
581     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
582     +hardened-sources-2.6.18-r5.ebuild:
583     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
584     Linux 2.6.18.8. Also cleaning up the older version.
585 phreak 1.137
586     24 Feb 2007; Christian Heim <phreak@gentoo.org>
587     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
588     -hardened-sources-2.6.19-r5.ebuild:
589     Removing some of the old version, that didn't work.
590 phreak 1.136
591     *hardened-sources-2.6.19-r6 (12 Feb 2007)
592    
593     12 Feb 2007; Christian Heim <phreak@gentoo.org>
594     +hardened-sources-2.6.19-r6.ebuild:
595     Revision bump, including a new grsec version fixing #166235.
596 pappy 1.134
597     *hardened-sources-2.4.34 (24 Jan 2007)
598    
599     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
600 pappy 1.135 Manifest:
601     updating Manifest with checksums of new tarball and ebuild
602    
603     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
604 pappy 1.134 +hardened-sources-2.4.34.ebuild:
605     I added new hardened sources 2.4 update, this is a critical path
606     security bugfix - all users of h-s are strongly advised
607     to update their existing hardened sources to this version.
608     It contains a fix for a kernel vulnerability that is pertaining
609     to the PaX changes to virtual memory management, possibly leading
610     to a local kernel exploit ... see grsecurity.net forums and homepage
611 phreak 1.133
612     23 Jan 2007; Christian Heim <phreak@gentoo.org>
613     files/digest-hardened-sources-2.6.19-r5, Manifest:
614     Fixing the patch-tarball digest.
615 phreak 1.132
616     *hardened-sources-2.6.19-r5 (23 Jan 2007)
617    
618     23 Jan 2007; Christian Heim <phreak@gentoo.org>
619     +hardened-sources-2.6.19-r5.ebuild:
620     Revision bump, closing the recently discovered PaX expand_stack()
621     vulnerability.
622 phreak 1.131
623     *hardened-sources-2.6.19-r4 (14 Jan 2007)
624    
625     14 Jan 2007; Christian Heim <phreak@gentoo.org>
626     +hardened-sources-2.6.19-r4.ebuild:
627     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
628     dropping the randomized PID feature.
629 opfer 1.130
630     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
631     hardened-sources-2.4.33.4.ebuild:
632     stable x86, bug #161171
633 phreak 1.129
634     *hardened-sources-2.6.19-r3 (27 Dec 2006)
635    
636     27 Dec 2006; Christian Heim <phreak@gentoo.org>
637     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
638     Revision bump for bug #157186 and #158786.
639 phreak 1.128
640     *hardened-sources-2.6.18-r4 (27 Dec 2006)
641    
642     27 Dec 2006; Christian Heim <phreak@gentoo.org>
643     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
644     Revision bump for bug #157186.
645 phreak 1.127
646     *hardened-sources-2.6.19-r2 (23 Dec 2006)
647    
648     23 Dec 2006; Christian Heim <phreak@gentoo.org>
649     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
650     Revision bump to pull in genpatches-2.6.19-3 for #157186.
651 phreak 1.126
652     17 Dec 2006; Christian Heim <phreak@gentoo.org>
653     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
654     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
655     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
656     hardened-sources-2.6.19-r1.ebuild:
657     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
658     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
659 pappy 1.125
660     *hardened-sources-2.4.33.4 (17 Dec 2006)
661    
662     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
663     +hardened-sources-2.4.33.4.ebuild:
664     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
665     and quilting
666 phreak 1.124
667     *hardened-sources-2.6.19-r1 (14 Dec 2006)
668    
669     14 Dec 2006; Christian Heim <phreak@gentoo.org>
670     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
671     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
672     for reporting).
673 phreak 1.123
674     *hardened-sources-2.6.19 (13 Dec 2006)
675    
676     13 Dec 2006; Christian Heim <phreak@gentoo.org>
677     +hardened-sources-2.6.19.ebuild:
678     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
679     Brad for providing that prompt update.
680 phreak 1.122
681     *hardened-sources-2.6.18-r3 (13 Dec 2006)
682    
683     13 Dec 2006; Christian Heim <phreak@gentoo.org>
684     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
685     +hardened-sources-2.6.18-r3.ebuild:
686     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
687     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
688 phreak 1.121
689     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
690     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
691 nixnut 1.120
692     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
693     Stable on ppc wrt bug 157356
694 opfer 1.119
695     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
696     hardened-sources-2.6.18.ebuild:
697     stable x86, bug #157356
698 phreak 1.118
699     *hardened-sources-2.6.18-r2 (06 Dec 2006)
700    
701     06 Dec 2006; Christian Heim <phreak@gentoo.org>
702     +hardened-sources-2.6.18-r2.ebuild:
703     Revision bump, including 2.6.18.5 (via genpatches) and
704     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
705     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
706     redesign.
707 phreak 1.117
708     06 Dec 2006; Christian Heim <phreak@gentoo.org>
709     hardened-sources-2.6.18.ebuild:
710     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
711     of Mike Doty).
712 phreak 1.116
713     *hardened-sources-2.6.18-r1 (23 Nov 2006)
714    
715     23 Nov 2006; Christian Heim <phreak@gentoo.org>
716     +hardened-sources-2.6.18-r1.ebuild:
717     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
718 phreak 1.115
719     *hardened-sources-2.6.18 (11 Nov 2006)
720    
721     11 Nov 2006; Christian Heim <phreak@gentoo.org>
722     +hardened-sources-2.6.18.ebuild:
723     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
724 solar 1.114
725     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
726     - mark amd64 stable also. bug #151877
727 solar 1.113
728     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
729     - mark 2.6.17-r1 stable
730 phreak 1.112
731     27 Aug 2006; Christian Heim <phreak@gentoo.org>
732     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
733     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
734 phreak 1.111
735     *hardened-sources-2.6.17-r1 (26 Aug 2006)
736    
737     26 Aug 2006; Christian Heim <phreak@gentoo.org>
738     +hardened-sources-2.6.17-r1.ebuild:
739     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
740     grsecurity patch.
741 phreak 1.110
742     *hardened-sources-2.6.17 (17 Aug 2006)
743    
744     17 Aug 2006; Christian Heim <phreak@gentoo.org>
745     +hardened-sources-2.6.17.ebuild:
746     Bumping the hardened-sources-2.6 series to 2.6.17, using
747     genpatches-2.6.17-6.base.
748 solar 1.109
749     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
750     - stable on x86 and amd64
751 solar 1.108
752     *hardened-sources-2.6.16-r11 (15 Jul 2006)
753    
754     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
755     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
756     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
757     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
758     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
759     crusty ebuilds
760 johnm 1.107
761     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
762     hardened-sources-2.6.16-r10.ebuild:
763     marking stable on x86 and amd64
764 solar 1.106
765     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
766     - 2.4.32-r6 stable on x86. RSBAC state unknown
767 kang 1.105
768     *hardened-sources-2.4.32-r7 (10 Jul 2006)
769    
770     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
771     +hardened-sources-2.4.32-r7.ebuild:
772     Bump PaX for RSBAC to test-17
773 johnm 1.104
774     *hardened-sources-2.6.16-r9 (03 Jul 2006)
775    
776     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
778     hardened-sources-2.6.16 bump to latest -base.
779 solar 1.103
780     *hardened-sources-2.4.32-r6 (30 Jun 2006)
781    
782     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
783     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
784     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
785     sysctl controlable resource logging
786 johnm 1.102
787     *hardened-sources-2.6.16-r7 (05 Jun 2006)
788    
789     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
790     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
791     push new 2.6.16 release in preparation for stable
792 solar 1.101
793     22 May 2006; <solar@gentoo.org> :
794     - redigest bug 134002
795 kang 1.100
796     *hardened-sources-2.4.32-r5 (16 May 2006)
797    
798     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
799     +hardened-sources-2.4.32-r5.ebuild:
800     Fixes rsbac common patching (new patch in new -r5 patchset)
801 solar 1.99
802     *hardened-sources-2.4.32-r4 (13 May 2006)
803    
804     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
805     +hardened-sources-2.4.32-r4.ebuild:
806     - security bumps
807 johnm 1.98
808     *hardened-sources-2.6.16-r6 (03 May 2006)
809    
810     03 May 2006; John Mylchreest <johnm@gentoo.org>
811     +hardened-sources-2.6.16-r6.ebuild:
812     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
813 johnm 1.97
814     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
815     hardened-sources-2.6.14-r8.ebuild:
816     fix x86_64 build problem, this will delay the digest issue again for a short
817     while but it will sort itself out
818 johnm 1.96
819     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
820     hardened-sources-2.6.14-r8.ebuild:
821     bump hardened patchset
822 antarus 1.94
823     27 Apr 2006; Alec Warner <antarus@gentoo.org>
824     files/digest-hardened-sources-2.4.32-r2,
825     files/digest-hardened-sources-2.4.32-r3,
826     files/digest-hardened-sources-2.6.14-r8, Manifest:
827     Fixing duff SHA256 digests: Bug # 131293
828 johnm 1.93
829 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
830    
831     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
832     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
833     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
834     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
835     cleanup of old uneccessary sources
836    
837 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
838     fix digest
839 johnm 1.92
840     *hardened-sources-2.6.14-r8 (20 Apr 2006)
841    
842     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
843     +hardened-sources-2.6.14-r8.ebuild:
844     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
845 johnm 1.91
846     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
847     Turning on gpg-signing again, and recomitting
848 johnm 1.90
849     *hardened-sources-2.6.16-r4 (20 Apr 2006)
850    
851     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
852     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
853     +hardened-sources-2.6.16-r4.ebuild:
854     Fix numerous security vulns
855 solar 1.89
856     *hardened-sources-2.4.32-r3 (16 Apr 2006)
857    
858     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
859     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
860     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
861     - security bump for bug #112791. Removed old ebuilds
862 johnm 1.88
863     *hardened-sources-2.6.16-r3 (15 Apr 2006)
864    
865     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
866     +hardened-sources-2.6.16-r3.ebuild:
867     Removing silly localversion which I missed
868 johnm 1.87
869     *hardened-sources-2.6.14-r7 (14 Apr 2006)
870    
871     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
872     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
873     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
874 johnm 1.86
875     *hardened-sources-2.6.16-r2 (13 Apr 2006)
876    
877     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
878     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
879     +hardened-sources-2.6.16-r2.ebuild:
880     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
881     labels, dropping USERGROUP define fixes, since these were merged mainstream.
882 johnm 1.85
883     *hardened-sources-2.6.16-r1 (11 Apr 2006)
884    
885     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
886     +hardened-sources-2.6.16-r1.ebuild:
887     Bumping to include ppc build fix and 2.6.16.3
888 tsunam 1.84
889     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
890     hardened-sources-2.6.14-r6.ebuild:
891     Stable on x86; bug #127718
892 johnm 1.83
893     *hardened-sources-2.6.16 (31 Mar 2006)
894    
895     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
896     +hardened-sources-2.6.16.ebuild:
897     Bumping to new version of grsec, and kernel base. New squashfs. Based on
898     2.6.16.1
899 cryos 1.82
900     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
901     hardened-sources-2.6.14-r6.ebuild:
902     Stable on amd64, bug 127718.
903 nixnut 1.81
904     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
905     Stable on ppc. Bug #127718
906 johnm 1.80
907     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
908     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
909     -hardened-sources-2.6.14-r4.ebuild:
910     Cleanup.
911 johnm 1.79
912     *hardened-sources-2.6.14-r6 (15 Mar 2006)
913    
914     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
915     +hardened-sources-2.6.14-r6.ebuild:
916     Fixes grsec policy recreation bug and adds a
917     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
918 solar 1.78
919     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
920     - stable on x86
921 hansmi 1.77
922     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
923     hardened-sources-2.6.14-r5.ebuild:
924     Stable on ppc.
925 johnm 1.76
926     *hardened-sources-2.6.14-r5 (01 Feb 2006)
927    
928     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
929     +hardened-sources-2.6.14-r5.ebuild:
930     fixing every known exploit
931 solar 1.75
932     *hardened-sources-2.4.32-r2 (26 Jan 2006)
933    
934     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
935     +hardened-sources-2.4.32-r2.ebuild:
936     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
937 solar 1.74
938     *hardened-sources-2.6.14-r4 (12 Jan 2006)
939    
940     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
941     - version bump for new genpatches which fix up a few sec holes
942 solar 1.73
943     *hardened-sources-2.4.32-r1 (05 Jan 2006)
944    
945     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
946     - revision bump to add misc vital linux kernel security patches.
947 johnm 1.72
948     *hardened-sources-2.6.14-r3 (30 Dec 2005)
949    
950     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
951     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
952     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
953 johnm 1.71
954     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
955     hardened-sources-2.6.14-r2.ebuild:
956     making x86 & amd64 stable following testing.
957 johnm 1.70
958     *hardened-sources-2.6.14-r2 (27 Dec 2005)
959    
960     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
961     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
962     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
963     network hooks.
964 johnm 1.69
965     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
966     hardened-sources-2.6.14-r1.ebuild:
967     bumping to stable early for sec fix on x86 & amd64
968 johnm 1.68
969     *hardened-sources-2.6.14-r1 (05 Dec 2005)
970    
971     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
972     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
973     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
974 solar 1.67
975     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
976     - stable on x86 security bug #114227 CAN-2005-3257
977 kang 1.66
978     *hardened-sources-2.4.32 (19 Nov 2005)
979    
980     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
981     +hardened-sources-2.4.32.ebuild:
982     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
983     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
984     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
985     rsbac >> /etc/portage/package.use)
986 johnm 1.65
987     *hardened-sources-2.6.14 (14 Nov 2005)
988    
989     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
990     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
991     Bumping 2.6 series to 2.6.14.2
992 johnm 1.64
993     *hardened-sources-2.6.13-r2 (20 Oct 2005)
994    
995     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
996     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
997     +hardened-sources-2.6.13-r2.ebuild:
998     Fixes minor build error in ppc.
999 johnm 1.63
1000     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1001    
1002     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1003     +hardened-sources-2.6.13-r1.ebuild:
1004     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1005     2.6.13.4, fixes some major amd64 stability problems.
1006 johnm 1.62
1007     *hardened-sources-2.6.13 (16 Sep 2005)
1008    
1009     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1010     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1011     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1012     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1013     users should test this thoroughly.
1014 solar 1.61
1015     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1016     - stable on x86
1017 johnm 1.60
1018     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1019    
1020     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1021     +hardened-sources-2.6.11-r15.ebuild:
1022     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1023     grsec redefining curr_ip struct.
1024 solar 1.59
1025     *hardened-sources-2.4.31 (20 Jun 2005)
1026    
1027     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1028     initial import of 2.4.31 tree
1029 johnm 1.58
1030     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1031    
1032     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1033     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1034     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1035     naming scheme to abide by genpatches
1036 johnm 1.57
1037     *hardened-sources-2.6.11-r13 (18 May 2005)
1038    
1039     18 May 2005; John Mylchreest <johnm@gentoo.org>
1040     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1041     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1042     target. sorry about that. Fixes bug #93022
1043 johnm 1.56
1044     *hardened-sources-2.6.11-r12 (17 May 2005)
1045    
1046     17 May 2005; John Mylchreest <johnm@gentoo.org>
1047     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1048     +hardened-sources-2.6.11-r12.ebuild:
1049     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1050     merges in genpatches-base
1051 johnm 1.55
1052     *hardened-sources-2.6.11-r12 (17 May 2005)
1053    
1054     17 May 2005; John Mylchreest <johnm@gentoo.org>
1055     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1056     +hardened-sources-2.6.11-r12.ebuild:
1057     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1058     merges in genpatches-base
1059 solar 1.54
1060     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1061     -files/2.4.27-cmdline-race.patch,
1062     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1063     -files/2.4.28-grsec-binfmt_a.out.patch,
1064     -files/2.4.28-grsec-cmdline-race.patch,
1065     -files/2.4.28-selinux-binfmt_a.out.patch,
1066     -files/2.4.28-selinux-cmdline-race.patch,
1067     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1068     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1069     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1070     cleanup..
1071 solar 1.53
1072     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1073    
1074     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1075     - disable aout by default
1076 solar 1.52
1077     *hardened-sources-2.4.30 (18 Apr 2005)
1078    
1079     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1080     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1081     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1082     use
1083 tocharian 1.50
1084 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1085    
1086     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1087     +hardened-sources-2.4.29.ebuild:
1088     New hardened-patches-2.4-29.0 patchball.
1089     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1090    
1091     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1092    
1093     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1094     +hardened-sources-2.4.28-r5.ebuild:
1095     Added a fix for a PaX vulnerability.
1096    
1097     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1098 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1099     Stable on x86
1100 solar 1.49
1101     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1102     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1103     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1104     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1105     - fixed/added RDEPEND= in all kernel-2 ebuilds
1106 tocharian 1.48
1107     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1108    
1109     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1110     +hardened-sources-2.4.28-r4.ebuild:
1111     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1112     backport of neighbour hash updates.
1113 tocharian 1.47
1114     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1115     hardened-sources-2.4.28-r3.ebuild:
1116     Stable on x86
1117 tseng 1.46
1118     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1119    
1120     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1121     +hardened-sources-2.6.10-r3.ebuild:
1122     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1123     in 2005.0
1124 tocharian 1.45
1125     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1126     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1127     hardened-sources-2.4.28-r2.ebuild:
1128     Mark stable on x86
1129 tocharian 1.44
1130     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1131    
1132     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1133     +hardened-sources-2.4.28-r3.ebuild:
1134     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1135 tocharian 1.43
1136     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1137     hardened-sources-2.4.28.ebuild:
1138     Mark stable on x86.
1139 tocharian 1.42
1140     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1141    
1142     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1143     +hardened-sources-2.4.28-r2.ebuild:
1144     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1145     Mazinger for grsecurity patches as well.
1146 plasmaroo 1.41
1147     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1148    
1149     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1150     Security bump. Thank tocharian for rolling a new patchset...
1151 solar 1.40
1152     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1153     +files/2.4.28-grsec-cmdline-race.patch,
1154     +files/2.4.28-selinux-binfmt_a.out.patch,
1155     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1156     - Round up remaining security patches that appear to be missing in 2.4.28. -
1157     PaX standalone updated to current. hgpv=28.1
1158 solar 1.39
1159     *hardened-sources-2.4.28 (28 Nov 2004)
1160    
1161     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1162     security bump. Thank tocharian for rolling a new patchset
1163 scox 1.31
1164 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1165    
1166     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1167     +hardened-sources-2.4.27-r3.ebuild:
1168     Applies the new 2.4-27.2 patchball which updates
1169     GRSecurity to the 2.0.1 version.
1170    
1171 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1172    
1173     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1174     +hardened-sources-2.4.27-r2.ebuild:
1175     Version bump.
1176     This version uses the new 2.4-27.1 patchball which updates
1177     both the SELinux PaX hooks patch and the SELinux headers.
1178    
1179 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1180    
1181     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1182     +hardened-sources-2.4.27-r1.ebuild,
1183     -hardened-sources-2.4.27.ebuild,
1184     +files/2.4.27-cmdline-race.patch:
1185     Version bump, fix for cmdline race. See bug #59905.
1186    
1187     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1188    
1189     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1190     +hardened-sources-2.4.26-r6.ebuild,
1191     -hardened-sources-2.4.26-r5.ebuild,
1192     -hardened-sources-2.4.26-r4.ebuild,
1193     +files/2.4.26-cmdline-race.patch:
1194     Version bump, fix for cmdline race. See bug #59905.
1195    
1196 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1197    
1198     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1199     +hardened-sources-2.4.27.ebuild,
1200     +files/2.4.27-CAN-2004-0394.patch:
1201     Ported the patchball to the 2.4.27 kernel version.
1202    
1203 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1204    
1205     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1206     +hardened-sources-2.4.26-r5.ebuild:
1207 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1208 scox 1.34 It adds the following features:
1209     - Squashfs
1210     - Ebtables
1211     - Netdev random (core+drivers)
1212     - Watchdog Timer (WDT) fix.
1213    
1214 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1215    
1216     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1217     +hardened-sources-2.4.26-r4.ebuild,
1218     +files/2.4.26-CAN-2004-0415.patch,
1219     -hardened-sources-2.4.26-3:
1220     Version bump, fix for CAN 0415, see bug #59378.
1221    
1222 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1223    
1224     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1225     +hardened-sources-2.4.26-r3.ebuild,
1226     +files/2.4.26-CAN-2004-0497.patch,
1227     -hardened-sources-2.4.26-r2.ebuild:
1228     Version bump, fixed CAN 0497, see bug #56171.
1229    
1230 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1231    
1232     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1233 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1234 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1235     +files/2.4.26-CAN-2004-0535.patch,
1236     -hardened-sources-2.4.26-r1.ebuild:
1237     Fixes for both CAN 0495 and 0535, see bug #54976
1238 pvdabeel 1.27
1239 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1240     hardened-sources-2.4.26-r1.ebuild:
1241     QA - fix use invocation
1242 scox 1.28
1243     *hardened-sources-2.4.26-r1 (22 June 2004)
1244    
1245     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1246     +hardened-sources-2.4.26-r1.ebuild,
1247     +files/2.4.26-CAN-2004-0394.patch,
1248     +files/2.4.26-signal-race.patch,
1249     -hardened-sources-2.4.26.ebuild,
1250     -hardened-sources-2.4.24-r3.ebuild:
1251     Version bump for the CAN-2004-0394 issue and bug #53804
1252     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1253    
1254    
1255 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1256     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1257     Masked hardened-sources-2.4.26.ebuild broken for ppc
1258    
1259     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1260     hardened-sources-2.4.24-r3.ebuild:
1261     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1262 plasmaroo 1.25
1263 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1264    
1265     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1266     +hardened-sources-2.4.26.ebuild:
1267     Updated hardened-sources for the 2.4.26 kernel
1268     Removed broken components, updated almost everything.
1269    
1270 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1271    
1272     17 Apr 2004; <plasmaroo@gentoo.org>
1273     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1274     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1275     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1276     +hardened-sources-2.4.24-r3.ebuild:
1277     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1278     vulnerabilities. Old revisions removed.
1279 plasmaroo 1.24
1280     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1281    
1282     15 Apr 2004; <plasmaroo@gentoo.org>
1283     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1284     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1285     Version bump for the CAN-2004-0109 issue; bug #47881.
1286 aliz 1.23
1287     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1288     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1289     Add eutils to inherit.
1290 plasmaroo 1.22
1291     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1292    
1293     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1294     files/hardened-sources-2.4.24.munmap.patch:
1295     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1296 scox 1.19
1297 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1298 scox 1.26
1299 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1300     hardened-sources-2.4.24.ebuild:
1301     Version bump, updated most of the components.
1302     This release includes the following:
1303    
1304     - Hardened security
1305     - Netfilter patch-o-matic 20031219
1306     - FreeSWAN 2.04 & x509 1.4.8
1307     - EVMS 2.2.2
1308     - XFS 1.3.1
1309     - cryptoloop jari
1310     - grsecurity 2.0-rc4
1311     - SELinux
1312     - PaX 200402060000
1313     - PaX Obscurity 200308302223
1314     - Others...
1315    
1316     Neither -ck nor systrace are included anymore.
1317    
1318 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1319    
1320     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1321     hardened-sources-2.4.22-r2.ebuild:
1322 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1323 scox 1.19
1324     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1325 iggy 1.17
1326     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1327 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1328 iggy 1.16
1329     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1330 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1331     Version bump for the 'do_brk' vulnerability.
1332 iggy 1.15
1333     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1334     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1335     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1336     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1337 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1338 frogger 1.14
1339     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1340     hardened-sources-2.4.22.ebuild:
1341 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1342     components. These are no longer handled in the kernel
1343     so this code was not necessary.
1344 frogger 1.13
1345     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1346     New 2.4.22 based hardened-sources thanks to
1347     Phil West <p.west@computer.org>.
1348    
1349     These sources include:
1350 plasmaroo 1.18 - New SELinux API
1351     - Updated CK-base
1352     - Updated GRSec
1353     - Systrace
1354     - SuperFreeS/WAN 1.99.8
1355     - Propolice kernel build support
1356     - EVMS
1357     - Other various security related patches
1358 frogger 1.11
1359 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1360    
1361     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1362     Updated hardened-sources based on the 2.4.21 Linux kernel.
1363     This includes updates to most major components such as:
1364 plasmaroo 1.18 - ck-base-0306300059
1365     - selinux-2.4-2003071106
1366     - grsecurity-2.0-rc1
1367     - Updated IPTables patch-o-matic
1368     - Updated SuperFreeS/WAN
1369    
1370 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1371     updated patch set ready for the 2.4.21 based kernel.
1372    
1373 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1374     Initial import of hardened-sources-2.4.20-r4. This revision
1375     includes only a few changes, but one of these is an important
1376     security fix. It is recommended all users of hardened-sources
1377     upgrade to this release.
1378 plasmaroo 1.18
1379 frogger 1.11 - ioperm bug fix
1380     - fixed compilation failure when building without GRSec
1381 plasmaroo 1.18
1382 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1383     due to time constraints, but is planned for inclusion in the near
1384     future.
1385 msterret 1.10
1386     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1387    
1388     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1389     hardened-sources-2.4.20-r3.ebuild:
1390 plasmaroo 1.18 Add Header...
1391 frogger 1.9
1392     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1393     hardened-sources-2.4.20-r3.ebuild:
1394     Removed warnings from ebuild. This kernel should be safe to
1395     use at this point.
1396 frogger 1.8
1397     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1398    
1399     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1400     hardened-sources-2.4.20-r3.ebuild:
1401     New revision. Includes the following changes over -r2:
1402 plasmaroo 1.18
1403 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1404     - Super FreeS/WAN 1.99.7rc2
1405     - PaX for the LSM/SELinux branch
1406     - GRSecurity 2.0-pre4 (role based access control)
1407     - Systrace 1.3
1408     - EXT3 fixes
1409     - EVMS 2.0.1
1410     - GCC 3.1+ compile optimizations
1411     - ProPolice kernel build support
1412     - Hashing table security fixes
1413 frogger 1.3
1414     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1415 frogger 1.7
1416     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1417     Initial import of hardened-sources-r2. This new
1418     ebuild includes many new performance and security
1419     related patches. As in -r1, it will patch in
1420     LSM/SELinux if "selinux" is in USE, otherwise it
1421     will patch in GRSecurity. The following patches
1422     are included in this revision:
1423 plasmaroo 1.18
1424 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1425     (pulled from the base CK patch)
1426     - ptrace exploit patch for the LSM kernel
1427     (the GRSec patch already fixes this)
1428     - LSM 2.4-2003040709
1429     - SELinux 2.4-2003040709
1430     - Systrace v1.2
1431     - IPTables patch-o-matic base patches - 20030107
1432     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1433     - Super FreeS/WAN 1.99.6.1
1434     - GRSecurity 1.9.9g
1435     - MPPE
1436     - EXT3 data journal fix
1437     - CIPE 1.5.4
1438 frogger 1.6
1439     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1440     hardened-sources-2.4.20-r1.ebuild, manifest:
1441 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1442 frogger 1.5
1443     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1444     hardened-sources-2.4.20-r1.ebuild:
1445     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1446     is patched in instead. Ptrace patches for selinux have also been added. In
1447     either case, systrace support will be patched in as well.
1448 frogger 1.3
1449     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1450     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1451 plasmaroo 1.18 Revision bump for new sources.
1452 frogger 1.4
1453 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1454 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1455 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1456 method 1.1
1457 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1458    
1459 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1460     hardened-sources-2.4.20.ebuild:
1461 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20