/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.235 - (hide annotations) (download)
Sun Aug 31 19:06:09 2008 UTC (5 years, 10 months ago) by nixnut
Branch: MAIN
Changes since 1.234: +4 -1 lines
stable on ppc
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.235 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.234 2008/08/23 02:12:48 battousai Exp $
4    
5     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
6     stable on ppc
7 battousai 1.234
8     *hardened-sources-2.6.26-r1 (23 Aug 2008)
9     *hardened-sources-2.6.25-r5 (23 Aug 2008)
10    
11     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
12     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
13     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
14     +hardened-sources-2.6.26-r1.ebuild:
15     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
16     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
17     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
18     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
19     (gengor).
20 solar 1.233
21     *hardened-sources-2.6.26 (18 Aug 2008)
22     *hardened-sources-2.6.25-r4 (18 Aug 2008)
23    
24     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
25     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
26     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
27     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
28     2.6.25-r2: Removed.
29 tove 1.232
30     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
31     Remove phreak from metadata.xml (#96398)
32 solar 1.231
33     *hardened-sources-2.6.25-r3 (31 Jul 2008)
34    
35     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
36     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
37     +hardened-sources-2.6.25-r3.ebuild:
38     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
39     fixes, including security bug #231750.
40 nixnut 1.230
41     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
42     Stable on ppc
43 solar 1.229
44     *hardened-sources-2.6.25-r2 (05 Jul 2008)
45    
46     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
47     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
48     +hardened-sources-2.6.25-r2.ebuild:
49     2.6.23-r4: Stable x86/amd64
50     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
51     2.6.23-r{11,12}: Removed due to multiple vulns.
52     (gengor & kerframil)
53 nixnut 1.228
54     04 Jul 2008; nixnut <nixnut@gentoo.org>
55     hardened-sources-2.6.23-r13.ebuild:
56     Stable on ppc
57 solar 1.227
58     *hardened-sources-2.6.25-r1 (30 Jun 2008)
59    
60     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
61     +hardened-sources-2.6.25-r1.ebuild:
62     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
63     grsecurity release. 2.6.23-r13: x86/amd64 stable
64 solar 1.226
65     *hardened-sources-2.6.25 (17 Jun 2008)
66     *hardened-sources-2.6.24-r3 (17 Jun 2008)
67     *hardened-sources-2.6.23-r13 (17 Jun 2008)
68    
69     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
70     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
71     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
72     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
73     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
74     2.6.25: Initial 2.6.25 release.
75 solar 1.225
76     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
77     - fasttrack to stable x86/amd64
78 swegener 1.224
79     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
80     Fix broken digest for linux-2.6.24.tar.bz2.
81 solar 1.223
82     *hardened-sources-2.6.24-r2 (11 May 2008)
83     *hardened-sources-2.6.23-r12 (11 May 2008)
84    
85     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
86     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
87     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
88     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
89     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
90     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
91     security bugs 219901, 220691, 220975, 220979, 221123. New
92     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
93     should be removed as far as I'm concerned, everything else remove due to
94     vulnerable to numerous security bugs or brokeness.
95 nixnut 1.222
96     10 May 2008; nixnut <nixnut@gentoo.org>
97     hardened-sources-2.6.23-r11.ebuild:
98     Stable on ppc
99 solar 1.221
100     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
101     - -r11 stable on x86/amd64
102 solar 1.220
103     *hardened-sources-2.6.23-r11 (01 May 2008)
104    
105     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
106     - version bump to fix ulgy linux bugs
107 phreak 1.219
108     *hardened-sources-2.6.24-r1 (30 Apr 2008)
109    
110     30 Apr 2008; Christian Heim <phreak@gentoo.org>
111     +hardened-sources-2.6.24-r1.ebuild:
112     Revision bump (thanks to Kerin and Gordon, again), pulling
113     genpatches-2.6.24-7, solving #219089. Additionally contains further security
114     fixes plus some minor updates.
115 phreak 1.218
116     *hardened-sources-2.6.23-r10 (30 Apr 2008)
117    
118     30 Apr 2008; Christian Heim <phreak@gentoo.org>
119     +hardened-sources-2.6.23-r10.ebuild:
120     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
121     Additional contains "various other fixes".
122 phreak 1.217
123     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
124     Update the longdescription in metadata, thanks to Gordon Malm.
125 nixnut 1.216
126     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
127     Stable on ppc wrt bug #213255
128 solar 1.215
129     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
130     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
131     - stable on x86/amd64 per request. Removed obsolete ebuilds
132 phreak 1.214
133     *hardened-sources-2.6.24 (07 Apr 2008)
134    
135     07 Apr 2008; Christian Heim <phreak@gentoo.org>
136     +hardened-sources-2.6.24.ebuild:
137     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
138     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
139     for the many contributions and their continued effort in #216612) based on
140     2.6.24 and genpatches-2.6.24-5.
141    
142     The current ebuild/patchset contains these things:
143     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
144     * Introduces bespoke server and workstation oriented security levels
145     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
146 phreak 1.213
147     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
148     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
149     maintaining it).
150 phreak 1.212
151     24 Mar 2008; Christian Heim <phreak@gentoo.org>
152     hardened-sources-2.4.35-r2.ebuild:
153     Fixing SRC_URI for 2.4.35-r2.
154 phreak 1.211
155     *hardened-sources-2.6.23-r9 (22 Mar 2008)
156    
157     22 Mar 2008; Christian Heim <phreak@gentoo.org>
158     +hardened-sources-2.6.23-r9.ebuild:
159     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
160     * Change the default GIDs for some grsecurity options
161     * Revamp the Hardened [Gentoo] security level and make it the default level
162     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
163     * Fix a recursive lock -- call to capable() within ptrace_attach()
164     * Fix bug that allows audit and iscsi operations to be controlled via netlink
165 solar 1.210
166     *hardened-sources-2.6.23-r8 (27 Feb 2008)
167    
168     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
169     - version bump from Kerin Millar bug 210026
170 solar 1.209
171     17 Feb 2008; <solar@gentoo.org> metadata.xml,
172     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
173     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
174     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
175     - stable on x86 and remove old ebuilds
176 solar 1.207
177     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
178 solar 1.208 - stable on amd64 per request of amd64 lead
179 solar 1.206
180     *hardened-sources-2.6.23-r7 (11 Feb 2008)
181    
182     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
183     - version bump from kerin.millar
184     Changes:
185    
186     * Bump to genpatches-base-2.6.23-9
187     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
188     * Disables COMPAT_VDSO in x86/defconfig
189     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
190 phreak 1.205
191     25 Jan 2008; Christian Heim <phreak@gentoo.org>
192     -hardened-sources-2.6.22-r8.ebuild:
193     Cleaning up old versions.
194 phreak 1.204
195     *hardened-sources-2.6.23-r6 (25 Jan 2008)
196    
197     25 Jan 2008; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
199     Revision bump, pulling in the latest genpatches.
200 phreak 1.203
201     *hardened-sources-2.6.23-r5 (24 Dec 2007)
202    
203     24 Dec 2007; Christian Heim <phreak@gentoo.org>
204     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
205     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
206     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
207     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
208 phreak 1.202
209     24 Dec 2007; Christian Heim <phreak@gentoo.org>
210     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
211     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
212     -hardened-sources-2.6.23-r3.ebuild:
213     Cleaning out some unused, old versions.
214 phreak 1.201
215     24 Dec 2007; Christian Heim <phreak@gentoo.org>
216     hardened-sources-2.6.23-r4.ebuild:
217     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
218     in the tree for long, but there isn't much of a difference between this and
219     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
220 phreak 1.200
221     *hardened-sources-2.6.23-r4 (23 Dec 2007)
222    
223     23 Dec 2007; Christian Heim <phreak@gentoo.org>
224     +hardened-sources-2.6.23-r4.ebuild:
225     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
226 phreak 1.199
227     *hardened-sources-2.6.23-r3 (04 Dec 2007)
228    
229     04 Dec 2007; Christian Heim <phreak@gentoo.org>
230     +hardened-sources-2.6.23-r3.ebuild:
231     Revision bump, pulling in 2.6.23.9.
232 phreak 1.198
233     *hardened-sources-2.6.23-r2 (25 Nov 2007)
234    
235     25 Nov 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.23-r2.ebuild:
237     Updated patchset, thanks to solar.
238 phreak 1.197
239     *hardened-sources-2.6.23-r1 (31 Oct 2007)
240    
241     31 Oct 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.23-r1.ebuild:
243     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
244 solar 1.196
245     29 Oct 2007; <solar@gentoo.org> metadata.xml:
246     - update metadata.xml
247 phreak 1.195
248     25 Oct 2007; Christian Heim <phreak@gentoo.org>
249     hardened-sources-2.6.22-r8.ebuild:
250     Marking 2.6.22-r8 stable on amd64 and x86.
251 phreak 1.194
252     21 Oct 2007; Christian Heim <phreak@gentoo.org>
253     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
254     -hardened-sources-2.6.21-r4.ebuild:
255     Removing old ebuilds.
256 phreak 1.193
257     *hardened-sources-2.4.35-r2 (21 Oct 2007)
258    
259     21 Oct 2007; Christian Heim <phreak@gentoo.org>
260     +hardened-sources-2.4.35-r2.ebuild:
261     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
262     patches.
263 phreak 1.192
264     *hardened-sources-2.6.22-r8 (21 Oct 2007)
265    
266     21 Oct 2007; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.22-r8.ebuild:
268     Yet another new patch, hopefully fixing the remaining issues we had w/
269     2.6.22. Candidate for stabling.
270 phreak 1.191
271     *hardened-sources-2.6.23 (13 Oct 2007)
272    
273     13 Oct 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.23.ebuild:
275     Initial hardened-sources-2.6.23. If people still have problems w/ bug
276     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
277 phreak 1.190
278     11 Oct 2007; Christian Heim <phreak@gentoo.org>
279     hardened-sources-2.6.20-r10.ebuild:
280     Pulling in yet another new genpatches version, fixing the PWC bug for real.
281 phreak 1.189
282     04 Oct 2007; Christian Heim <phreak@gentoo.org>
283     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
284     Removing old versions.
285 phreak 1.188
286     *hardened-sources-2.6.22-r7 (01 Oct 2007)
287    
288     01 Oct 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.22-r7.ebuild:
290     Revision bump, pulling in a newer patch. Should fix #194276.
291 phreak 1.187
292     30 Sep 2007; Christian Heim <phreak@gentoo.org>
293     hardened-sources-2.6.20-r10.ebuild:
294     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
295     Mike Doty).
296 phreak 1.186
297     *hardened-sources-2.6.22-r6 (26 Sep 2007)
298    
299     26 Sep 2007; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.6.22-r6.ebuild:
301     Revision bump, grabbing up till Linux 2.6.22.9.
302 phreak 1.185
303     24 Sep 2007; Christian Heim <phreak@gentoo.org>
304     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
305     Cleaning up further.
306 phreak 1.184
307     *hardened-sources-2.6.20-r10 (24 Sep 2007)
308    
309     24 Sep 2007; Christian Heim <phreak@gentoo.org>
310     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
311     +hardened-sources-2.6.20-r10.ebuild:
312     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
313     revisions.
314 phreak 1.183
315     *hardened-sources-2.6.22-r5 (22 Sep 2007)
316    
317     22 Sep 2007; Christian Heim <phreak@gentoo.org>
318     +hardened-sources-2.6.22-r5.ebuild:
319     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
320 phreak 1.182
321     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
322     Removing johnm from metadata.xml (see #186467 for reference).
323 phreak 1.181
324     *hardened-sources-2.6.22-r4 (17 Sep 2007)
325    
326     17 Sep 2007; Christian Heim <phreak@gentoo.org>
327     +hardened-sources-2.6.22-r4.ebuild:
328     Revision bump, hopefully fixing all those weird PAX failures.
329 phreak 1.180
330     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
331     Updating the metadata.xml.
332 phreak 1.179
333     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
334     Removing tocharian from metadata due to his retirement (see #71718 for
335     reference).
336 phreak 1.178
337     *hardened-sources-2.6.20-r9 (30 Aug 2007)
338    
339     30 Aug 2007; Christian Heim <phreak@gentoo.org>
340     +hardened-sources-2.6.20-r9.ebuild:
341     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
342 phreak 1.177
343     29 Aug 2007; Christian Heim <phreak@gentoo.org>
344     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
345     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
346     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
347     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
348     -hardened-sources-2.6.22-r2.ebuild:
349     Removing some redundant versions.
350 phreak 1.176
351     *hardened-sources-2.4.35-r1 (29 Aug 2007)
352    
353     29 Aug 2007; Christian Heim <phreak@gentoo.org>
354     +hardened-sources-2.4.35-r1.ebuild:
355     Revision bump, new grsecurity patch.
356 phreak 1.175
357     *hardened-sources-2.6.20-r8 (26 Aug 2007)
358    
359     26 Aug 2007; Christian Heim <phreak@gentoo.org>
360     +hardened-sources-2.6.20-r8.ebuild:
361     Revision bump for Linux 2.6.20.17.
362 phreak 1.174
363     *hardened-sources-2.6.22-r3 (22 Aug 2007)
364    
365     22 Aug 2007; Christian Heim <phreak@gentoo.org>
366     +hardened-sources-2.6.22-r3.ebuild:
367     Revision bump for Linux 2.6.22.4.
368 phreak 1.173
369     16 Aug 2007; Christian Heim <phreak@gentoo.org>
370     hardened-sources-2.6.22-r2.ebuild:
371     Updated patchset, to fix the alignment against 2.6.22.3.
372 phreak 1.172
373     *hardened-sources-2.6.22-r2 (16 Aug 2007)
374    
375     16 Aug 2007; Christian Heim <phreak@gentoo.org>
376     +hardened-sources-2.6.22-r2.ebuild:
377     Revision bump for Linux 2.6.22.3.
378 phreak 1.171
379     *hardened-sources-2.4.35 (16 Aug 2007)
380    
381     16 Aug 2007; Christian Heim <phreak@gentoo.org>
382     +hardened-sources-2.4.35.ebuild:
383     Version bump, initial version for Linux 2.4.35.
384 phreak 1.170
385     *hardened-sources-2.6.21-r4 (16 Aug 2007)
386    
387     16 Aug 2007; Christian Heim <phreak@gentoo.org>
388     +hardened-sources-2.6.21-r4.ebuild:
389     Revision bump for Linux 2.6.21.6.
390 phreak 1.169
391     *hardened-sources-2.6.20-r7 (16 Aug 2007)
392    
393     16 Aug 2007; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.20-r7.ebuild:
395     Revision bump for Linux 2.6.20.16.
396 phreak 1.168
397     *hardened-sources-2.6.22-r1 (13 Aug 2007)
398    
399     13 Aug 2007; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.22-r1.ebuild:
401     Yet another revision bump.
402 phreak 1.167
403     *hardened-sources-2.6.22 (10 Aug 2007)
404    
405     10 Aug 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.22.ebuild:
407     Initial release for 2.6.22. If you are using hardened-sources on a desktop
408     machine (P4 or newer), be aware you might need to disable
409     CONFIG_PAX_PAGEEXEC.
410 phreak 1.166
411     04 Aug 2007; Christian Heim <phreak@gentoo.org>
412     hardened-sources-2.6.20-r6.ebuild:
413     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
414     2.6.20.15.
415 phreak 1.165
416     10 Jul 2007; Christian Heim <phreak@gentoo.org>
417     hardened-sources-2.6.20-r5.ebuild:
418     Marking hardened-sources-2.6.20-r5 stable on ppc.
419 phreak 1.164
420     10 Jul 2007; Christian Heim <phreak@gentoo.org>
421     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
422     Cleanup.
423 phreak 1.163
424     *hardened-sources-2.6.20-r6 (08 Jul 2007)
425    
426     08 Jul 2007; Christian Heim <phreak@gentoo.org>
427     +hardened-sources-2.6.20-r6.ebuild:
428     Revision bump, grabbing yet another stable release.
429 phreak 1.162
430     17 Jun 2007; Christian Heim <phreak@gentoo.org>
431     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
432     -hardened-sources-2.6.21-r2.ebuild:
433     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
434     alpha stable KEYWORD by mistake.
435 phreak 1.161
436     17 Jun 2007; Christian Heim <phreak@gentoo.org>
437     hardened-sources-2.6.20-r5.ebuild:
438     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
439     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
440 phreak 1.160
441     *hardened-sources-2.6.21-r3 (12 Jun 2007)
442    
443     12 Jun 2007; Christian Heim <phreak@gentoo.org>
444     +hardened-sources-2.6.21-r3.ebuild:
445     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
446     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
447     love.
448 phreak 1.159
449     *hardened-sources-2.6.20-r5 (11 Jun 2007)
450    
451     11 Jun 2007; Christian Heim <phreak@gentoo.org>
452     +hardened-sources-2.6.20-r5.ebuild:
453     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
454     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
455     love.
456 pappy 1.158
457     *hardened-sources-2.4.34.5 (11 Jun 2007)
458    
459     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
460     +hardened-sources-2.4.34.5.ebuild:
461     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
462 phreak 1.157
463     30 May 2007; Christian Heim <phreak@gentoo.org>
464     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
465     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
466     stale ebuild(s).
467 phreak 1.156
468     30 May 2007; Christian Heim <phreak@gentoo.org>
469     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
470     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
471     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
472     Doing some cleanups, remove stale ebuilds.
473 phreak 1.155
474     26 May 2007; Christian Heim <phreak@gentoo.org>
475     hardened-sources-2.6.21-r2.ebuild:
476     Fixing the grsecurity patch, had one '};' too much.
477 phreak 1.154
478     *hardened-sources-2.6.21-r2 (26 May 2007)
479    
480     26 May 2007; Christian Heim <phreak@gentoo.org>
481     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
482     +hardened-sources-2.6.21-r2.ebuild:
483     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
484     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
485 phreak 1.153
486     *hardened-sources-2.6.20-r4 (26 May 2007)
487    
488     26 May 2007; Christian Heim <phreak@gentoo.org>
489     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
490     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
491 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
492 phreak 1.152
493     15 May 2007; Christian Heim <phreak@gentoo.org>
494     hardened-sources-2.6.20-r3.ebuild:
495     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
496     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
497     grsecurity patch fail in that exact same hunk.
498 phreak 1.151
499     *hardened-sources-2.6.20-r3 (15 May 2007)
500    
501     15 May 2007; Christian Heim <phreak@gentoo.org>
502     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
503     Revision bump, incorporating Linux 2.6.20.11.
504    
505     *hardened-sources-2.6.21-r1 (11 May 2007)
506    
507     11 May 2007; Christian Heim <phreak@gentoo.org>
508     +hardened-sources-2.6.21-r1.ebuild:
509     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
510     mentioned in #177234.
511 kevquinn 1.150
512     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
513     files/digest-hardened-sources-2.6.21, Manifest:
514     Fix Manifest/digest for linux-2.6.21.tar.bz2
515 phreak 1.149
516     06 May 2007; Christian Heim <phreak@gentoo.org>
517     hardened-sources-2.6.21.ebuild:
518     Bumping the hardened-patches version, needed for the fix for #177234.
519 phreak 1.148
520     *hardened-sources-2.6.21 (02 May 2007)
521    
522     02 May 2007; Christian Heim <phreak@gentoo.org>
523     +hardened-sources-2.6.21.ebuild:
524     Version bump, Linux 2.6.21-hardened.
525 phreak 1.147
526     29 Apr 2007; Christian Heim <phreak@gentoo.org>
527     hardened-sources-2.6.20-r2.ebuild:
528     Adding ~ia64 on Ned's request.
529 phreak 1.146
530     29 Apr 2007; Christian Heim <phreak@gentoo.org>
531     hardened-sources-2.6.20-r2.ebuild:
532     Fixing the included grsecurity patch, wasn't alligning due to the Index:
533     header line(s).
534 phreak 1.145
535     29 Apr 2007; Christian Heim <phreak@gentoo.org>
536     hardened-sources-2.6.20-r2.ebuild:
537     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
538 armin76 1.144
539     *hardened-sources-2.6.20-r2 (10 Apr 2007)
540    
541     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
542     +hardened-sources-2.6.20-r2.ebuild:
543     Version bump, on behalf of phreak
544 phreak 1.143
545     *hardened-sources-2.6.20-r1 (04 Apr 2007)
546    
547     04 Apr 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.20-r1.ebuild:
549     Revision bump, grabbing a newer grsecurity snapshot.
550 phreak 1.142
551     *hardened-sources-2.6.20 (25 Mar 2007)
552    
553     25 Mar 2007; Christian Heim <phreak@gentoo.org>
554     +hardened-sources-2.6.20.ebuild:
555     Finally a hardened-sources version for 2.6.20; many people have been waiting
556     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
557     testbox.
558 chainsaw 1.141
559     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
560     hardened-sources-2.6.18-r6.ebuild:
561     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
562 phreak 1.140
563     *hardened-sources-2.6.18-r6 (16 Mar 2007)
564    
565     16 Mar 2007; Christian Heim <phreak@gentoo.org>
566     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
567     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
568     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
569     supposed to be.
570 phreak 1.139
571     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
572     Fixing the Manifest, the previous one was broken (as in still had the
573     deleted ebuild in it).
574 phreak 1.138
575     06 Mar 2007; Christian Heim <phreak@gentoo.org>
576     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
577     +hardened-sources-2.6.18-r5.ebuild:
578     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
579     Linux 2.6.18.8. Also cleaning up the older version.
580    
581     *hardened-sources-2.6.18-r5 (06 Mar 2007)
582    
583     06 Mar 2007; Christian Heim <phreak@gentoo.org>
584     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
585     +hardened-sources-2.6.18-r5.ebuild:
586     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
587     Linux 2.6.18.8. Also cleaning up the older version.
588 phreak 1.137
589     24 Feb 2007; Christian Heim <phreak@gentoo.org>
590     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
591     -hardened-sources-2.6.19-r5.ebuild:
592     Removing some of the old version, that didn't work.
593 phreak 1.136
594     *hardened-sources-2.6.19-r6 (12 Feb 2007)
595    
596     12 Feb 2007; Christian Heim <phreak@gentoo.org>
597     +hardened-sources-2.6.19-r6.ebuild:
598     Revision bump, including a new grsec version fixing #166235.
599 pappy 1.134
600     *hardened-sources-2.4.34 (24 Jan 2007)
601    
602     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
603 pappy 1.135 Manifest:
604     updating Manifest with checksums of new tarball and ebuild
605    
606     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
607 pappy 1.134 +hardened-sources-2.4.34.ebuild:
608     I added new hardened sources 2.4 update, this is a critical path
609     security bugfix - all users of h-s are strongly advised
610     to update their existing hardened sources to this version.
611     It contains a fix for a kernel vulnerability that is pertaining
612     to the PaX changes to virtual memory management, possibly leading
613     to a local kernel exploit ... see grsecurity.net forums and homepage
614 phreak 1.133
615     23 Jan 2007; Christian Heim <phreak@gentoo.org>
616     files/digest-hardened-sources-2.6.19-r5, Manifest:
617     Fixing the patch-tarball digest.
618 phreak 1.132
619     *hardened-sources-2.6.19-r5 (23 Jan 2007)
620    
621     23 Jan 2007; Christian Heim <phreak@gentoo.org>
622     +hardened-sources-2.6.19-r5.ebuild:
623     Revision bump, closing the recently discovered PaX expand_stack()
624     vulnerability.
625 phreak 1.131
626     *hardened-sources-2.6.19-r4 (14 Jan 2007)
627    
628     14 Jan 2007; Christian Heim <phreak@gentoo.org>
629     +hardened-sources-2.6.19-r4.ebuild:
630     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
631     dropping the randomized PID feature.
632 opfer 1.130
633     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
634     hardened-sources-2.4.33.4.ebuild:
635     stable x86, bug #161171
636 phreak 1.129
637     *hardened-sources-2.6.19-r3 (27 Dec 2006)
638    
639     27 Dec 2006; Christian Heim <phreak@gentoo.org>
640     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
641     Revision bump for bug #157186 and #158786.
642 phreak 1.128
643     *hardened-sources-2.6.18-r4 (27 Dec 2006)
644    
645     27 Dec 2006; Christian Heim <phreak@gentoo.org>
646     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
647     Revision bump for bug #157186.
648 phreak 1.127
649     *hardened-sources-2.6.19-r2 (23 Dec 2006)
650    
651     23 Dec 2006; Christian Heim <phreak@gentoo.org>
652     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
653     Revision bump to pull in genpatches-2.6.19-3 for #157186.
654 phreak 1.126
655     17 Dec 2006; Christian Heim <phreak@gentoo.org>
656     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
657     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
658     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
659     hardened-sources-2.6.19-r1.ebuild:
660     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
661     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
662 pappy 1.125
663     *hardened-sources-2.4.33.4 (17 Dec 2006)
664    
665     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
666     +hardened-sources-2.4.33.4.ebuild:
667     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
668     and quilting
669 phreak 1.124
670     *hardened-sources-2.6.19-r1 (14 Dec 2006)
671    
672     14 Dec 2006; Christian Heim <phreak@gentoo.org>
673     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
674     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
675     for reporting).
676 phreak 1.123
677     *hardened-sources-2.6.19 (13 Dec 2006)
678    
679     13 Dec 2006; Christian Heim <phreak@gentoo.org>
680     +hardened-sources-2.6.19.ebuild:
681     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
682     Brad for providing that prompt update.
683 phreak 1.122
684     *hardened-sources-2.6.18-r3 (13 Dec 2006)
685    
686     13 Dec 2006; Christian Heim <phreak@gentoo.org>
687     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
688     +hardened-sources-2.6.18-r3.ebuild:
689     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
690     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
691 phreak 1.121
692     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
693     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
694 nixnut 1.120
695     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
696     Stable on ppc wrt bug 157356
697 opfer 1.119
698     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
699     hardened-sources-2.6.18.ebuild:
700     stable x86, bug #157356
701 phreak 1.118
702     *hardened-sources-2.6.18-r2 (06 Dec 2006)
703    
704     06 Dec 2006; Christian Heim <phreak@gentoo.org>
705     +hardened-sources-2.6.18-r2.ebuild:
706     Revision bump, including 2.6.18.5 (via genpatches) and
707     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
708     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
709     redesign.
710 phreak 1.117
711     06 Dec 2006; Christian Heim <phreak@gentoo.org>
712     hardened-sources-2.6.18.ebuild:
713     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
714     of Mike Doty).
715 phreak 1.116
716     *hardened-sources-2.6.18-r1 (23 Nov 2006)
717    
718     23 Nov 2006; Christian Heim <phreak@gentoo.org>
719     +hardened-sources-2.6.18-r1.ebuild:
720     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
721 phreak 1.115
722     *hardened-sources-2.6.18 (11 Nov 2006)
723    
724     11 Nov 2006; Christian Heim <phreak@gentoo.org>
725     +hardened-sources-2.6.18.ebuild:
726     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
727 solar 1.114
728     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
729     - mark amd64 stable also. bug #151877
730 solar 1.113
731     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
732     - mark 2.6.17-r1 stable
733 phreak 1.112
734     27 Aug 2006; Christian Heim <phreak@gentoo.org>
735     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
736     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
737 phreak 1.111
738     *hardened-sources-2.6.17-r1 (26 Aug 2006)
739    
740     26 Aug 2006; Christian Heim <phreak@gentoo.org>
741     +hardened-sources-2.6.17-r1.ebuild:
742     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
743     grsecurity patch.
744 phreak 1.110
745     *hardened-sources-2.6.17 (17 Aug 2006)
746    
747     17 Aug 2006; Christian Heim <phreak@gentoo.org>
748     +hardened-sources-2.6.17.ebuild:
749     Bumping the hardened-sources-2.6 series to 2.6.17, using
750     genpatches-2.6.17-6.base.
751 solar 1.109
752     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
753     - stable on x86 and amd64
754 solar 1.108
755     *hardened-sources-2.6.16-r11 (15 Jul 2006)
756    
757     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
758     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
759     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
760     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
761     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
762     crusty ebuilds
763 johnm 1.107
764     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
765     hardened-sources-2.6.16-r10.ebuild:
766     marking stable on x86 and amd64
767 solar 1.106
768     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
769     - 2.4.32-r6 stable on x86. RSBAC state unknown
770 kang 1.105
771     *hardened-sources-2.4.32-r7 (10 Jul 2006)
772    
773     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
774     +hardened-sources-2.4.32-r7.ebuild:
775     Bump PaX for RSBAC to test-17
776 johnm 1.104
777     *hardened-sources-2.6.16-r9 (03 Jul 2006)
778    
779     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
780     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
781     hardened-sources-2.6.16 bump to latest -base.
782 solar 1.103
783     *hardened-sources-2.4.32-r6 (30 Jun 2006)
784    
785     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
786     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
787     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
788     sysctl controlable resource logging
789 johnm 1.102
790     *hardened-sources-2.6.16-r7 (05 Jun 2006)
791    
792     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
793     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
794     push new 2.6.16 release in preparation for stable
795 solar 1.101
796     22 May 2006; <solar@gentoo.org> :
797     - redigest bug 134002
798 kang 1.100
799     *hardened-sources-2.4.32-r5 (16 May 2006)
800    
801     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
802     +hardened-sources-2.4.32-r5.ebuild:
803     Fixes rsbac common patching (new patch in new -r5 patchset)
804 solar 1.99
805     *hardened-sources-2.4.32-r4 (13 May 2006)
806    
807     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
808     +hardened-sources-2.4.32-r4.ebuild:
809     - security bumps
810 johnm 1.98
811     *hardened-sources-2.6.16-r6 (03 May 2006)
812    
813     03 May 2006; John Mylchreest <johnm@gentoo.org>
814     +hardened-sources-2.6.16-r6.ebuild:
815     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
816 johnm 1.97
817     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
818     hardened-sources-2.6.14-r8.ebuild:
819     fix x86_64 build problem, this will delay the digest issue again for a short
820     while but it will sort itself out
821 johnm 1.96
822     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
823     hardened-sources-2.6.14-r8.ebuild:
824     bump hardened patchset
825 antarus 1.94
826     27 Apr 2006; Alec Warner <antarus@gentoo.org>
827     files/digest-hardened-sources-2.4.32-r2,
828     files/digest-hardened-sources-2.4.32-r3,
829     files/digest-hardened-sources-2.6.14-r8, Manifest:
830     Fixing duff SHA256 digests: Bug # 131293
831 johnm 1.93
832 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
833    
834     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
835     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
836     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
837     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
838     cleanup of old uneccessary sources
839    
840 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
841     fix digest
842 johnm 1.92
843     *hardened-sources-2.6.14-r8 (20 Apr 2006)
844    
845     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
846     +hardened-sources-2.6.14-r8.ebuild:
847     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
848 johnm 1.91
849     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
850     Turning on gpg-signing again, and recomitting
851 johnm 1.90
852     *hardened-sources-2.6.16-r4 (20 Apr 2006)
853    
854     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
855     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
856     +hardened-sources-2.6.16-r4.ebuild:
857     Fix numerous security vulns
858 solar 1.89
859     *hardened-sources-2.4.32-r3 (16 Apr 2006)
860    
861     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
862     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
863     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
864     - security bump for bug #112791. Removed old ebuilds
865 johnm 1.88
866     *hardened-sources-2.6.16-r3 (15 Apr 2006)
867    
868     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
869     +hardened-sources-2.6.16-r3.ebuild:
870     Removing silly localversion which I missed
871 johnm 1.87
872     *hardened-sources-2.6.14-r7 (14 Apr 2006)
873    
874     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
875     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
876     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
877 johnm 1.86
878     *hardened-sources-2.6.16-r2 (13 Apr 2006)
879    
880     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
881     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
882     +hardened-sources-2.6.16-r2.ebuild:
883     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
884     labels, dropping USERGROUP define fixes, since these were merged mainstream.
885 johnm 1.85
886     *hardened-sources-2.6.16-r1 (11 Apr 2006)
887    
888     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
889     +hardened-sources-2.6.16-r1.ebuild:
890     Bumping to include ppc build fix and 2.6.16.3
891 tsunam 1.84
892     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
893     hardened-sources-2.6.14-r6.ebuild:
894     Stable on x86; bug #127718
895 johnm 1.83
896     *hardened-sources-2.6.16 (31 Mar 2006)
897    
898     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
899     +hardened-sources-2.6.16.ebuild:
900     Bumping to new version of grsec, and kernel base. New squashfs. Based on
901     2.6.16.1
902 cryos 1.82
903     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
904     hardened-sources-2.6.14-r6.ebuild:
905     Stable on amd64, bug 127718.
906 nixnut 1.81
907     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
908     Stable on ppc. Bug #127718
909 johnm 1.80
910     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
911     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
912     -hardened-sources-2.6.14-r4.ebuild:
913     Cleanup.
914 johnm 1.79
915     *hardened-sources-2.6.14-r6 (15 Mar 2006)
916    
917     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
918     +hardened-sources-2.6.14-r6.ebuild:
919     Fixes grsec policy recreation bug and adds a
920     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
921 solar 1.78
922     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
923     - stable on x86
924 hansmi 1.77
925     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
926     hardened-sources-2.6.14-r5.ebuild:
927     Stable on ppc.
928 johnm 1.76
929     *hardened-sources-2.6.14-r5 (01 Feb 2006)
930    
931     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
932     +hardened-sources-2.6.14-r5.ebuild:
933     fixing every known exploit
934 solar 1.75
935     *hardened-sources-2.4.32-r2 (26 Jan 2006)
936    
937     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
938     +hardened-sources-2.4.32-r2.ebuild:
939     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
940 solar 1.74
941     *hardened-sources-2.6.14-r4 (12 Jan 2006)
942    
943     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
944     - version bump for new genpatches which fix up a few sec holes
945 solar 1.73
946     *hardened-sources-2.4.32-r1 (05 Jan 2006)
947    
948     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
949     - revision bump to add misc vital linux kernel security patches.
950 johnm 1.72
951     *hardened-sources-2.6.14-r3 (30 Dec 2005)
952    
953     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
954     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
955     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
956 johnm 1.71
957     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
958     hardened-sources-2.6.14-r2.ebuild:
959     making x86 & amd64 stable following testing.
960 johnm 1.70
961     *hardened-sources-2.6.14-r2 (27 Dec 2005)
962    
963     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
964     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
965     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
966     network hooks.
967 johnm 1.69
968     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
969     hardened-sources-2.6.14-r1.ebuild:
970     bumping to stable early for sec fix on x86 & amd64
971 johnm 1.68
972     *hardened-sources-2.6.14-r1 (05 Dec 2005)
973    
974     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
975     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
976     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
977 solar 1.67
978     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
979     - stable on x86 security bug #114227 CAN-2005-3257
980 kang 1.66
981     *hardened-sources-2.4.32 (19 Nov 2005)
982    
983     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
984     +hardened-sources-2.4.32.ebuild:
985     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
986     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
987     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
988     rsbac >> /etc/portage/package.use)
989 johnm 1.65
990     *hardened-sources-2.6.14 (14 Nov 2005)
991    
992     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
993     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
994     Bumping 2.6 series to 2.6.14.2
995 johnm 1.64
996     *hardened-sources-2.6.13-r2 (20 Oct 2005)
997    
998     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
999     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1000     +hardened-sources-2.6.13-r2.ebuild:
1001     Fixes minor build error in ppc.
1002 johnm 1.63
1003     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1004    
1005     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1006     +hardened-sources-2.6.13-r1.ebuild:
1007     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1008     2.6.13.4, fixes some major amd64 stability problems.
1009 johnm 1.62
1010     *hardened-sources-2.6.13 (16 Sep 2005)
1011    
1012     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1013     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1014     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1015     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1016     users should test this thoroughly.
1017 solar 1.61
1018     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1019     - stable on x86
1020 johnm 1.60
1021     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1022    
1023     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1024     +hardened-sources-2.6.11-r15.ebuild:
1025     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1026     grsec redefining curr_ip struct.
1027 solar 1.59
1028     *hardened-sources-2.4.31 (20 Jun 2005)
1029    
1030     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1031     initial import of 2.4.31 tree
1032 johnm 1.58
1033     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1034    
1035     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1036     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1037     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1038     naming scheme to abide by genpatches
1039 johnm 1.57
1040     *hardened-sources-2.6.11-r13 (18 May 2005)
1041    
1042     18 May 2005; John Mylchreest <johnm@gentoo.org>
1043     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1044     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1045     target. sorry about that. Fixes bug #93022
1046 johnm 1.56
1047     *hardened-sources-2.6.11-r12 (17 May 2005)
1048    
1049     17 May 2005; John Mylchreest <johnm@gentoo.org>
1050     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1051     +hardened-sources-2.6.11-r12.ebuild:
1052     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1053     merges in genpatches-base
1054 johnm 1.55
1055     *hardened-sources-2.6.11-r12 (17 May 2005)
1056    
1057     17 May 2005; John Mylchreest <johnm@gentoo.org>
1058     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1059     +hardened-sources-2.6.11-r12.ebuild:
1060     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1061     merges in genpatches-base
1062 solar 1.54
1063     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1064     -files/2.4.27-cmdline-race.patch,
1065     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1066     -files/2.4.28-grsec-binfmt_a.out.patch,
1067     -files/2.4.28-grsec-cmdline-race.patch,
1068     -files/2.4.28-selinux-binfmt_a.out.patch,
1069     -files/2.4.28-selinux-cmdline-race.patch,
1070     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1071     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1072     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1073     cleanup..
1074 solar 1.53
1075     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1076    
1077     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1078     - disable aout by default
1079 solar 1.52
1080     *hardened-sources-2.4.30 (18 Apr 2005)
1081    
1082     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1083     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1084     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1085     use
1086 tocharian 1.50
1087 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1088    
1089     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1090     +hardened-sources-2.4.29.ebuild:
1091     New hardened-patches-2.4-29.0 patchball.
1092     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1093    
1094     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1095    
1096     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1097     +hardened-sources-2.4.28-r5.ebuild:
1098     Added a fix for a PaX vulnerability.
1099    
1100     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1101 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1102     Stable on x86
1103 solar 1.49
1104     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1105     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1106     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1107     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1108     - fixed/added RDEPEND= in all kernel-2 ebuilds
1109 tocharian 1.48
1110     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1111    
1112     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1113     +hardened-sources-2.4.28-r4.ebuild:
1114     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1115     backport of neighbour hash updates.
1116 tocharian 1.47
1117     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1118     hardened-sources-2.4.28-r3.ebuild:
1119     Stable on x86
1120 tseng 1.46
1121     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1122    
1123     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1124     +hardened-sources-2.6.10-r3.ebuild:
1125     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1126     in 2005.0
1127 tocharian 1.45
1128     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1129     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1130     hardened-sources-2.4.28-r2.ebuild:
1131     Mark stable on x86
1132 tocharian 1.44
1133     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1134    
1135     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1136     +hardened-sources-2.4.28-r3.ebuild:
1137     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1138 tocharian 1.43
1139     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1140     hardened-sources-2.4.28.ebuild:
1141     Mark stable on x86.
1142 tocharian 1.42
1143     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1144    
1145     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1146     +hardened-sources-2.4.28-r2.ebuild:
1147     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1148     Mazinger for grsecurity patches as well.
1149 plasmaroo 1.41
1150     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1151    
1152     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1153     Security bump. Thank tocharian for rolling a new patchset...
1154 solar 1.40
1155     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1156     +files/2.4.28-grsec-cmdline-race.patch,
1157     +files/2.4.28-selinux-binfmt_a.out.patch,
1158     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1159     - Round up remaining security patches that appear to be missing in 2.4.28. -
1160     PaX standalone updated to current. hgpv=28.1
1161 solar 1.39
1162     *hardened-sources-2.4.28 (28 Nov 2004)
1163    
1164     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1165     security bump. Thank tocharian for rolling a new patchset
1166 scox 1.31
1167 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1168    
1169     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1170     +hardened-sources-2.4.27-r3.ebuild:
1171     Applies the new 2.4-27.2 patchball which updates
1172     GRSecurity to the 2.0.1 version.
1173    
1174 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1175    
1176     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1177     +hardened-sources-2.4.27-r2.ebuild:
1178     Version bump.
1179     This version uses the new 2.4-27.1 patchball which updates
1180     both the SELinux PaX hooks patch and the SELinux headers.
1181    
1182 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1183    
1184     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1185     +hardened-sources-2.4.27-r1.ebuild,
1186     -hardened-sources-2.4.27.ebuild,
1187     +files/2.4.27-cmdline-race.patch:
1188     Version bump, fix for cmdline race. See bug #59905.
1189    
1190     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1191    
1192     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1193     +hardened-sources-2.4.26-r6.ebuild,
1194     -hardened-sources-2.4.26-r5.ebuild,
1195     -hardened-sources-2.4.26-r4.ebuild,
1196     +files/2.4.26-cmdline-race.patch:
1197     Version bump, fix for cmdline race. See bug #59905.
1198    
1199 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1200    
1201     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1202     +hardened-sources-2.4.27.ebuild,
1203     +files/2.4.27-CAN-2004-0394.patch:
1204     Ported the patchball to the 2.4.27 kernel version.
1205    
1206 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1207    
1208     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1209     +hardened-sources-2.4.26-r5.ebuild:
1210 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1211 scox 1.34 It adds the following features:
1212     - Squashfs
1213     - Ebtables
1214     - Netdev random (core+drivers)
1215     - Watchdog Timer (WDT) fix.
1216    
1217 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1218    
1219     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1220     +hardened-sources-2.4.26-r4.ebuild,
1221     +files/2.4.26-CAN-2004-0415.patch,
1222     -hardened-sources-2.4.26-3:
1223     Version bump, fix for CAN 0415, see bug #59378.
1224    
1225 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1226    
1227     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1228     +hardened-sources-2.4.26-r3.ebuild,
1229     +files/2.4.26-CAN-2004-0497.patch,
1230     -hardened-sources-2.4.26-r2.ebuild:
1231     Version bump, fixed CAN 0497, see bug #56171.
1232    
1233 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1234    
1235     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1236 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1237 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1238     +files/2.4.26-CAN-2004-0535.patch,
1239     -hardened-sources-2.4.26-r1.ebuild:
1240     Fixes for both CAN 0495 and 0535, see bug #54976
1241 pvdabeel 1.27
1242 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1243     hardened-sources-2.4.26-r1.ebuild:
1244     QA - fix use invocation
1245 scox 1.28
1246     *hardened-sources-2.4.26-r1 (22 June 2004)
1247    
1248     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1249     +hardened-sources-2.4.26-r1.ebuild,
1250     +files/2.4.26-CAN-2004-0394.patch,
1251     +files/2.4.26-signal-race.patch,
1252     -hardened-sources-2.4.26.ebuild,
1253     -hardened-sources-2.4.24-r3.ebuild:
1254     Version bump for the CAN-2004-0394 issue and bug #53804
1255     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1256    
1257    
1258 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1259     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1260     Masked hardened-sources-2.4.26.ebuild broken for ppc
1261    
1262     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1263     hardened-sources-2.4.24-r3.ebuild:
1264     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1265 plasmaroo 1.25
1266 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1267    
1268     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1269     +hardened-sources-2.4.26.ebuild:
1270     Updated hardened-sources for the 2.4.26 kernel
1271     Removed broken components, updated almost everything.
1272    
1273 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1274    
1275     17 Apr 2004; <plasmaroo@gentoo.org>
1276     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1277     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1278     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1279     +hardened-sources-2.4.24-r3.ebuild:
1280     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1281     vulnerabilities. Old revisions removed.
1282 plasmaroo 1.24
1283     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1284    
1285     15 Apr 2004; <plasmaroo@gentoo.org>
1286     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1287     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1288     Version bump for the CAN-2004-0109 issue; bug #47881.
1289 aliz 1.23
1290     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1291     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1292     Add eutils to inherit.
1293 plasmaroo 1.22
1294     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1295    
1296     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1297     files/hardened-sources-2.4.24.munmap.patch:
1298     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1299 scox 1.19
1300 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1301 scox 1.26
1302 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1303     hardened-sources-2.4.24.ebuild:
1304     Version bump, updated most of the components.
1305     This release includes the following:
1306    
1307     - Hardened security
1308     - Netfilter patch-o-matic 20031219
1309     - FreeSWAN 2.04 & x509 1.4.8
1310     - EVMS 2.2.2
1311     - XFS 1.3.1
1312     - cryptoloop jari
1313     - grsecurity 2.0-rc4
1314     - SELinux
1315     - PaX 200402060000
1316     - PaX Obscurity 200308302223
1317     - Others...
1318    
1319     Neither -ck nor systrace are included anymore.
1320    
1321 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1322    
1323     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1324     hardened-sources-2.4.22-r2.ebuild:
1325 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1326 scox 1.19
1327     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1328 iggy 1.17
1329     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1330 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1331 iggy 1.16
1332     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1333 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1334     Version bump for the 'do_brk' vulnerability.
1335 iggy 1.15
1336     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1337     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1338     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1339     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1340 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1341 frogger 1.14
1342     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1343     hardened-sources-2.4.22.ebuild:
1344 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1345     components. These are no longer handled in the kernel
1346     so this code was not necessary.
1347 frogger 1.13
1348     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1349     New 2.4.22 based hardened-sources thanks to
1350     Phil West <p.west@computer.org>.
1351    
1352     These sources include:
1353 plasmaroo 1.18 - New SELinux API
1354     - Updated CK-base
1355     - Updated GRSec
1356     - Systrace
1357     - SuperFreeS/WAN 1.99.8
1358     - Propolice kernel build support
1359     - EVMS
1360     - Other various security related patches
1361 frogger 1.11
1362 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1363    
1364     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1365     Updated hardened-sources based on the 2.4.21 Linux kernel.
1366     This includes updates to most major components such as:
1367 plasmaroo 1.18 - ck-base-0306300059
1368     - selinux-2.4-2003071106
1369     - grsecurity-2.0-rc1
1370     - Updated IPTables patch-o-matic
1371     - Updated SuperFreeS/WAN
1372    
1373 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1374     updated patch set ready for the 2.4.21 based kernel.
1375    
1376 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1377     Initial import of hardened-sources-2.4.20-r4. This revision
1378     includes only a few changes, but one of these is an important
1379     security fix. It is recommended all users of hardened-sources
1380     upgrade to this release.
1381 plasmaroo 1.18
1382 frogger 1.11 - ioperm bug fix
1383     - fixed compilation failure when building without GRSec
1384 plasmaroo 1.18
1385 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1386     due to time constraints, but is planned for inclusion in the near
1387     future.
1388 msterret 1.10
1389     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1390    
1391     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1392     hardened-sources-2.4.20-r3.ebuild:
1393 plasmaroo 1.18 Add Header...
1394 frogger 1.9
1395     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1396     hardened-sources-2.4.20-r3.ebuild:
1397     Removed warnings from ebuild. This kernel should be safe to
1398     use at this point.
1399 frogger 1.8
1400     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1401    
1402     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1403     hardened-sources-2.4.20-r3.ebuild:
1404     New revision. Includes the following changes over -r2:
1405 plasmaroo 1.18
1406 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1407     - Super FreeS/WAN 1.99.7rc2
1408     - PaX for the LSM/SELinux branch
1409     - GRSecurity 2.0-pre4 (role based access control)
1410     - Systrace 1.3
1411     - EXT3 fixes
1412     - EVMS 2.0.1
1413     - GCC 3.1+ compile optimizations
1414     - ProPolice kernel build support
1415     - Hashing table security fixes
1416 frogger 1.3
1417     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1418 frogger 1.7
1419     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1420     Initial import of hardened-sources-r2. This new
1421     ebuild includes many new performance and security
1422     related patches. As in -r1, it will patch in
1423     LSM/SELinux if "selinux" is in USE, otherwise it
1424     will patch in GRSecurity. The following patches
1425     are included in this revision:
1426 plasmaroo 1.18
1427 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1428     (pulled from the base CK patch)
1429     - ptrace exploit patch for the LSM kernel
1430     (the GRSec patch already fixes this)
1431     - LSM 2.4-2003040709
1432     - SELinux 2.4-2003040709
1433     - Systrace v1.2
1434     - IPTables patch-o-matic base patches - 20030107
1435     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1436     - Super FreeS/WAN 1.99.6.1
1437     - GRSecurity 1.9.9g
1438     - MPPE
1439     - EXT3 data journal fix
1440     - CIPE 1.5.4
1441 frogger 1.6
1442     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1443     hardened-sources-2.4.20-r1.ebuild, manifest:
1444 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1445 frogger 1.5
1446     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1447     hardened-sources-2.4.20-r1.ebuild:
1448     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1449     is patched in instead. Ptrace patches for selinux have also been added. In
1450     either case, systrace support will be patched in as well.
1451 frogger 1.3
1452     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1453     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1454 plasmaroo 1.18 Revision bump for new sources.
1455 frogger 1.4
1456 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1457 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1458 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1459 method 1.1
1460 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1461    
1462 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1463     hardened-sources-2.4.20.ebuild:
1464 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20