/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.237 - (hide annotations) (download)
Mon Sep 8 01:15:27 2008 UTC (5 years, 10 months ago) by gengor
Branch: MAIN
Changes since 1.236: +5 -1 lines
Mark 2.6.25-r5 stable on amd64/x86
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.237 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.236 2008/09/07 23:35:42 gengor Exp $
4    
5     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
6     hardened-sources-2.6.25-r5.ebuild:
7     Stable on amd64/x86
8 gengor 1.236
9     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
10     Update my email address.
11 nixnut 1.235
12     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
13     stable on ppc
14 battousai 1.234
15     *hardened-sources-2.6.26-r1 (23 Aug 2008)
16     *hardened-sources-2.6.25-r5 (23 Aug 2008)
17    
18     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
19     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
20     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
21     +hardened-sources-2.6.26-r1.ebuild:
22     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
23     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
24     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
25     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
26     (gengor).
27 solar 1.233
28     *hardened-sources-2.6.26 (18 Aug 2008)
29     *hardened-sources-2.6.25-r4 (18 Aug 2008)
30    
31     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
32     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
33     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
34     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
35     2.6.25-r2: Removed.
36 tove 1.232
37     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
38     Remove phreak from metadata.xml (#96398)
39 solar 1.231
40     *hardened-sources-2.6.25-r3 (31 Jul 2008)
41    
42     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
43     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
44     +hardened-sources-2.6.25-r3.ebuild:
45     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
46     fixes, including security bug #231750.
47 nixnut 1.230
48     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
49     Stable on ppc
50 solar 1.229
51     *hardened-sources-2.6.25-r2 (05 Jul 2008)
52    
53     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
54     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
55     +hardened-sources-2.6.25-r2.ebuild:
56     2.6.23-r4: Stable x86/amd64
57     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
58     2.6.23-r{11,12}: Removed due to multiple vulns.
59     (gengor & kerframil)
60 nixnut 1.228
61     04 Jul 2008; nixnut <nixnut@gentoo.org>
62     hardened-sources-2.6.23-r13.ebuild:
63     Stable on ppc
64 solar 1.227
65     *hardened-sources-2.6.25-r1 (30 Jun 2008)
66    
67     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
68     +hardened-sources-2.6.25-r1.ebuild:
69     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
70     grsecurity release. 2.6.23-r13: x86/amd64 stable
71 solar 1.226
72     *hardened-sources-2.6.25 (17 Jun 2008)
73     *hardened-sources-2.6.24-r3 (17 Jun 2008)
74     *hardened-sources-2.6.23-r13 (17 Jun 2008)
75    
76     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
77     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
78     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
79     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
80     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
81     2.6.25: Initial 2.6.25 release.
82 solar 1.225
83     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
84     - fasttrack to stable x86/amd64
85 swegener 1.224
86     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
87     Fix broken digest for linux-2.6.24.tar.bz2.
88 solar 1.223
89     *hardened-sources-2.6.24-r2 (11 May 2008)
90     *hardened-sources-2.6.23-r12 (11 May 2008)
91    
92     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
93     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
94     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
95     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
96     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
97     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
98     security bugs 219901, 220691, 220975, 220979, 221123. New
99     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
100     should be removed as far as I'm concerned, everything else remove due to
101     vulnerable to numerous security bugs or brokeness.
102 nixnut 1.222
103     10 May 2008; nixnut <nixnut@gentoo.org>
104     hardened-sources-2.6.23-r11.ebuild:
105     Stable on ppc
106 solar 1.221
107     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
108     - -r11 stable on x86/amd64
109 solar 1.220
110     *hardened-sources-2.6.23-r11 (01 May 2008)
111    
112     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
113     - version bump to fix ulgy linux bugs
114 phreak 1.219
115     *hardened-sources-2.6.24-r1 (30 Apr 2008)
116    
117     30 Apr 2008; Christian Heim <phreak@gentoo.org>
118     +hardened-sources-2.6.24-r1.ebuild:
119     Revision bump (thanks to Kerin and Gordon, again), pulling
120     genpatches-2.6.24-7, solving #219089. Additionally contains further security
121     fixes plus some minor updates.
122 phreak 1.218
123     *hardened-sources-2.6.23-r10 (30 Apr 2008)
124    
125     30 Apr 2008; Christian Heim <phreak@gentoo.org>
126     +hardened-sources-2.6.23-r10.ebuild:
127     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
128     Additional contains "various other fixes".
129 phreak 1.217
130     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
131     Update the longdescription in metadata, thanks to Gordon Malm.
132 nixnut 1.216
133     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
134     Stable on ppc wrt bug #213255
135 solar 1.215
136     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
137     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
138     - stable on x86/amd64 per request. Removed obsolete ebuilds
139 phreak 1.214
140     *hardened-sources-2.6.24 (07 Apr 2008)
141    
142     07 Apr 2008; Christian Heim <phreak@gentoo.org>
143     +hardened-sources-2.6.24.ebuild:
144     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
145     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
146     for the many contributions and their continued effort in #216612) based on
147     2.6.24 and genpatches-2.6.24-5.
148    
149     The current ebuild/patchset contains these things:
150     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
151     * Introduces bespoke server and workstation oriented security levels
152     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
153 phreak 1.213
154     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
155     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
156     maintaining it).
157 phreak 1.212
158     24 Mar 2008; Christian Heim <phreak@gentoo.org>
159     hardened-sources-2.4.35-r2.ebuild:
160     Fixing SRC_URI for 2.4.35-r2.
161 phreak 1.211
162     *hardened-sources-2.6.23-r9 (22 Mar 2008)
163    
164     22 Mar 2008; Christian Heim <phreak@gentoo.org>
165     +hardened-sources-2.6.23-r9.ebuild:
166     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
167     * Change the default GIDs for some grsecurity options
168     * Revamp the Hardened [Gentoo] security level and make it the default level
169     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
170     * Fix a recursive lock -- call to capable() within ptrace_attach()
171     * Fix bug that allows audit and iscsi operations to be controlled via netlink
172 solar 1.210
173     *hardened-sources-2.6.23-r8 (27 Feb 2008)
174    
175     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
176     - version bump from Kerin Millar bug 210026
177 solar 1.209
178     17 Feb 2008; <solar@gentoo.org> metadata.xml,
179     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
180     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
181     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
182     - stable on x86 and remove old ebuilds
183 solar 1.207
184     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
185 solar 1.208 - stable on amd64 per request of amd64 lead
186 solar 1.206
187     *hardened-sources-2.6.23-r7 (11 Feb 2008)
188    
189     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
190     - version bump from kerin.millar
191     Changes:
192    
193     * Bump to genpatches-base-2.6.23-9
194     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
195     * Disables COMPAT_VDSO in x86/defconfig
196     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
197 phreak 1.205
198     25 Jan 2008; Christian Heim <phreak@gentoo.org>
199     -hardened-sources-2.6.22-r8.ebuild:
200     Cleaning up old versions.
201 phreak 1.204
202     *hardened-sources-2.6.23-r6 (25 Jan 2008)
203    
204     25 Jan 2008; Christian Heim <phreak@gentoo.org>
205     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
206     Revision bump, pulling in the latest genpatches.
207 phreak 1.203
208     *hardened-sources-2.6.23-r5 (24 Dec 2007)
209    
210     24 Dec 2007; Christian Heim <phreak@gentoo.org>
211     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
212     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
213     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
214     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
215 phreak 1.202
216     24 Dec 2007; Christian Heim <phreak@gentoo.org>
217     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
218     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
219     -hardened-sources-2.6.23-r3.ebuild:
220     Cleaning out some unused, old versions.
221 phreak 1.201
222     24 Dec 2007; Christian Heim <phreak@gentoo.org>
223     hardened-sources-2.6.23-r4.ebuild:
224     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
225     in the tree for long, but there isn't much of a difference between this and
226     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
227 phreak 1.200
228     *hardened-sources-2.6.23-r4 (23 Dec 2007)
229    
230     23 Dec 2007; Christian Heim <phreak@gentoo.org>
231     +hardened-sources-2.6.23-r4.ebuild:
232     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
233 phreak 1.199
234     *hardened-sources-2.6.23-r3 (04 Dec 2007)
235    
236     04 Dec 2007; Christian Heim <phreak@gentoo.org>
237     +hardened-sources-2.6.23-r3.ebuild:
238     Revision bump, pulling in 2.6.23.9.
239 phreak 1.198
240     *hardened-sources-2.6.23-r2 (25 Nov 2007)
241    
242     25 Nov 2007; Christian Heim <phreak@gentoo.org>
243     +hardened-sources-2.6.23-r2.ebuild:
244     Updated patchset, thanks to solar.
245 phreak 1.197
246     *hardened-sources-2.6.23-r1 (31 Oct 2007)
247    
248     31 Oct 2007; Christian Heim <phreak@gentoo.org>
249     +hardened-sources-2.6.23-r1.ebuild:
250     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
251 solar 1.196
252     29 Oct 2007; <solar@gentoo.org> metadata.xml:
253     - update metadata.xml
254 phreak 1.195
255     25 Oct 2007; Christian Heim <phreak@gentoo.org>
256     hardened-sources-2.6.22-r8.ebuild:
257     Marking 2.6.22-r8 stable on amd64 and x86.
258 phreak 1.194
259     21 Oct 2007; Christian Heim <phreak@gentoo.org>
260     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
261     -hardened-sources-2.6.21-r4.ebuild:
262     Removing old ebuilds.
263 phreak 1.193
264     *hardened-sources-2.4.35-r2 (21 Oct 2007)
265    
266     21 Oct 2007; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.4.35-r2.ebuild:
268     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
269     patches.
270 phreak 1.192
271     *hardened-sources-2.6.22-r8 (21 Oct 2007)
272    
273     21 Oct 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.6.22-r8.ebuild:
275     Yet another new patch, hopefully fixing the remaining issues we had w/
276     2.6.22. Candidate for stabling.
277 phreak 1.191
278     *hardened-sources-2.6.23 (13 Oct 2007)
279    
280     13 Oct 2007; Christian Heim <phreak@gentoo.org>
281     +hardened-sources-2.6.23.ebuild:
282     Initial hardened-sources-2.6.23. If people still have problems w/ bug
283     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
284 phreak 1.190
285     11 Oct 2007; Christian Heim <phreak@gentoo.org>
286     hardened-sources-2.6.20-r10.ebuild:
287     Pulling in yet another new genpatches version, fixing the PWC bug for real.
288 phreak 1.189
289     04 Oct 2007; Christian Heim <phreak@gentoo.org>
290     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
291     Removing old versions.
292 phreak 1.188
293     *hardened-sources-2.6.22-r7 (01 Oct 2007)
294    
295     01 Oct 2007; Christian Heim <phreak@gentoo.org>
296     +hardened-sources-2.6.22-r7.ebuild:
297     Revision bump, pulling in a newer patch. Should fix #194276.
298 phreak 1.187
299     30 Sep 2007; Christian Heim <phreak@gentoo.org>
300     hardened-sources-2.6.20-r10.ebuild:
301     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
302     Mike Doty).
303 phreak 1.186
304     *hardened-sources-2.6.22-r6 (26 Sep 2007)
305    
306     26 Sep 2007; Christian Heim <phreak@gentoo.org>
307     +hardened-sources-2.6.22-r6.ebuild:
308     Revision bump, grabbing up till Linux 2.6.22.9.
309 phreak 1.185
310     24 Sep 2007; Christian Heim <phreak@gentoo.org>
311     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
312     Cleaning up further.
313 phreak 1.184
314     *hardened-sources-2.6.20-r10 (24 Sep 2007)
315    
316     24 Sep 2007; Christian Heim <phreak@gentoo.org>
317     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
318     +hardened-sources-2.6.20-r10.ebuild:
319     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
320     revisions.
321 phreak 1.183
322     *hardened-sources-2.6.22-r5 (22 Sep 2007)
323    
324     22 Sep 2007; Christian Heim <phreak@gentoo.org>
325     +hardened-sources-2.6.22-r5.ebuild:
326     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
327 phreak 1.182
328     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
329     Removing johnm from metadata.xml (see #186467 for reference).
330 phreak 1.181
331     *hardened-sources-2.6.22-r4 (17 Sep 2007)
332    
333     17 Sep 2007; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.22-r4.ebuild:
335     Revision bump, hopefully fixing all those weird PAX failures.
336 phreak 1.180
337     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
338     Updating the metadata.xml.
339 phreak 1.179
340     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
341     Removing tocharian from metadata due to his retirement (see #71718 for
342     reference).
343 phreak 1.178
344     *hardened-sources-2.6.20-r9 (30 Aug 2007)
345    
346     30 Aug 2007; Christian Heim <phreak@gentoo.org>
347     +hardened-sources-2.6.20-r9.ebuild:
348     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
349 phreak 1.177
350     29 Aug 2007; Christian Heim <phreak@gentoo.org>
351     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
352     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
353     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
354     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
355     -hardened-sources-2.6.22-r2.ebuild:
356     Removing some redundant versions.
357 phreak 1.176
358     *hardened-sources-2.4.35-r1 (29 Aug 2007)
359    
360     29 Aug 2007; Christian Heim <phreak@gentoo.org>
361     +hardened-sources-2.4.35-r1.ebuild:
362     Revision bump, new grsecurity patch.
363 phreak 1.175
364     *hardened-sources-2.6.20-r8 (26 Aug 2007)
365    
366     26 Aug 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.20-r8.ebuild:
368     Revision bump for Linux 2.6.20.17.
369 phreak 1.174
370     *hardened-sources-2.6.22-r3 (22 Aug 2007)
371    
372     22 Aug 2007; Christian Heim <phreak@gentoo.org>
373     +hardened-sources-2.6.22-r3.ebuild:
374     Revision bump for Linux 2.6.22.4.
375 phreak 1.173
376     16 Aug 2007; Christian Heim <phreak@gentoo.org>
377     hardened-sources-2.6.22-r2.ebuild:
378     Updated patchset, to fix the alignment against 2.6.22.3.
379 phreak 1.172
380     *hardened-sources-2.6.22-r2 (16 Aug 2007)
381    
382     16 Aug 2007; Christian Heim <phreak@gentoo.org>
383     +hardened-sources-2.6.22-r2.ebuild:
384     Revision bump for Linux 2.6.22.3.
385 phreak 1.171
386     *hardened-sources-2.4.35 (16 Aug 2007)
387    
388     16 Aug 2007; Christian Heim <phreak@gentoo.org>
389     +hardened-sources-2.4.35.ebuild:
390     Version bump, initial version for Linux 2.4.35.
391 phreak 1.170
392     *hardened-sources-2.6.21-r4 (16 Aug 2007)
393    
394     16 Aug 2007; Christian Heim <phreak@gentoo.org>
395     +hardened-sources-2.6.21-r4.ebuild:
396     Revision bump for Linux 2.6.21.6.
397 phreak 1.169
398     *hardened-sources-2.6.20-r7 (16 Aug 2007)
399    
400     16 Aug 2007; Christian Heim <phreak@gentoo.org>
401     +hardened-sources-2.6.20-r7.ebuild:
402     Revision bump for Linux 2.6.20.16.
403 phreak 1.168
404     *hardened-sources-2.6.22-r1 (13 Aug 2007)
405    
406     13 Aug 2007; Christian Heim <phreak@gentoo.org>
407     +hardened-sources-2.6.22-r1.ebuild:
408     Yet another revision bump.
409 phreak 1.167
410     *hardened-sources-2.6.22 (10 Aug 2007)
411    
412     10 Aug 2007; Christian Heim <phreak@gentoo.org>
413     +hardened-sources-2.6.22.ebuild:
414     Initial release for 2.6.22. If you are using hardened-sources on a desktop
415     machine (P4 or newer), be aware you might need to disable
416     CONFIG_PAX_PAGEEXEC.
417 phreak 1.166
418     04 Aug 2007; Christian Heim <phreak@gentoo.org>
419     hardened-sources-2.6.20-r6.ebuild:
420     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
421     2.6.20.15.
422 phreak 1.165
423     10 Jul 2007; Christian Heim <phreak@gentoo.org>
424     hardened-sources-2.6.20-r5.ebuild:
425     Marking hardened-sources-2.6.20-r5 stable on ppc.
426 phreak 1.164
427     10 Jul 2007; Christian Heim <phreak@gentoo.org>
428     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
429     Cleanup.
430 phreak 1.163
431     *hardened-sources-2.6.20-r6 (08 Jul 2007)
432    
433     08 Jul 2007; Christian Heim <phreak@gentoo.org>
434     +hardened-sources-2.6.20-r6.ebuild:
435     Revision bump, grabbing yet another stable release.
436 phreak 1.162
437     17 Jun 2007; Christian Heim <phreak@gentoo.org>
438     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
439     -hardened-sources-2.6.21-r2.ebuild:
440     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
441     alpha stable KEYWORD by mistake.
442 phreak 1.161
443     17 Jun 2007; Christian Heim <phreak@gentoo.org>
444     hardened-sources-2.6.20-r5.ebuild:
445     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
446     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
447 phreak 1.160
448     *hardened-sources-2.6.21-r3 (12 Jun 2007)
449    
450     12 Jun 2007; Christian Heim <phreak@gentoo.org>
451     +hardened-sources-2.6.21-r3.ebuild:
452     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
453     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
454     love.
455 phreak 1.159
456     *hardened-sources-2.6.20-r5 (11 Jun 2007)
457    
458     11 Jun 2007; Christian Heim <phreak@gentoo.org>
459     +hardened-sources-2.6.20-r5.ebuild:
460     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
461     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
462     love.
463 pappy 1.158
464     *hardened-sources-2.4.34.5 (11 Jun 2007)
465    
466     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
467     +hardened-sources-2.4.34.5.ebuild:
468     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
469 phreak 1.157
470     30 May 2007; Christian Heim <phreak@gentoo.org>
471     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
472     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
473     stale ebuild(s).
474 phreak 1.156
475     30 May 2007; Christian Heim <phreak@gentoo.org>
476     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
477     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
478     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
479     Doing some cleanups, remove stale ebuilds.
480 phreak 1.155
481     26 May 2007; Christian Heim <phreak@gentoo.org>
482     hardened-sources-2.6.21-r2.ebuild:
483     Fixing the grsecurity patch, had one '};' too much.
484 phreak 1.154
485     *hardened-sources-2.6.21-r2 (26 May 2007)
486    
487     26 May 2007; Christian Heim <phreak@gentoo.org>
488     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
489     +hardened-sources-2.6.21-r2.ebuild:
490     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
491     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
492 phreak 1.153
493     *hardened-sources-2.6.20-r4 (26 May 2007)
494    
495     26 May 2007; Christian Heim <phreak@gentoo.org>
496     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
497     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
498 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
499 phreak 1.152
500     15 May 2007; Christian Heim <phreak@gentoo.org>
501     hardened-sources-2.6.20-r3.ebuild:
502     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
503     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
504     grsecurity patch fail in that exact same hunk.
505 phreak 1.151
506     *hardened-sources-2.6.20-r3 (15 May 2007)
507    
508     15 May 2007; Christian Heim <phreak@gentoo.org>
509     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
510     Revision bump, incorporating Linux 2.6.20.11.
511    
512     *hardened-sources-2.6.21-r1 (11 May 2007)
513    
514     11 May 2007; Christian Heim <phreak@gentoo.org>
515     +hardened-sources-2.6.21-r1.ebuild:
516     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
517     mentioned in #177234.
518 kevquinn 1.150
519     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
520     files/digest-hardened-sources-2.6.21, Manifest:
521     Fix Manifest/digest for linux-2.6.21.tar.bz2
522 phreak 1.149
523     06 May 2007; Christian Heim <phreak@gentoo.org>
524     hardened-sources-2.6.21.ebuild:
525     Bumping the hardened-patches version, needed for the fix for #177234.
526 phreak 1.148
527     *hardened-sources-2.6.21 (02 May 2007)
528    
529     02 May 2007; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.6.21.ebuild:
531     Version bump, Linux 2.6.21-hardened.
532 phreak 1.147
533     29 Apr 2007; Christian Heim <phreak@gentoo.org>
534     hardened-sources-2.6.20-r2.ebuild:
535     Adding ~ia64 on Ned's request.
536 phreak 1.146
537     29 Apr 2007; Christian Heim <phreak@gentoo.org>
538     hardened-sources-2.6.20-r2.ebuild:
539     Fixing the included grsecurity patch, wasn't alligning due to the Index:
540     header line(s).
541 phreak 1.145
542     29 Apr 2007; Christian Heim <phreak@gentoo.org>
543     hardened-sources-2.6.20-r2.ebuild:
544     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
545 armin76 1.144
546     *hardened-sources-2.6.20-r2 (10 Apr 2007)
547    
548     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
549     +hardened-sources-2.6.20-r2.ebuild:
550     Version bump, on behalf of phreak
551 phreak 1.143
552     *hardened-sources-2.6.20-r1 (04 Apr 2007)
553    
554     04 Apr 2007; Christian Heim <phreak@gentoo.org>
555     +hardened-sources-2.6.20-r1.ebuild:
556     Revision bump, grabbing a newer grsecurity snapshot.
557 phreak 1.142
558     *hardened-sources-2.6.20 (25 Mar 2007)
559    
560     25 Mar 2007; Christian Heim <phreak@gentoo.org>
561     +hardened-sources-2.6.20.ebuild:
562     Finally a hardened-sources version for 2.6.20; many people have been waiting
563     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
564     testbox.
565 chainsaw 1.141
566     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
567     hardened-sources-2.6.18-r6.ebuild:
568     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
569 phreak 1.140
570     *hardened-sources-2.6.18-r6 (16 Mar 2007)
571    
572     16 Mar 2007; Christian Heim <phreak@gentoo.org>
573     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
574     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
575     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
576     supposed to be.
577 phreak 1.139
578     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
579     Fixing the Manifest, the previous one was broken (as in still had the
580     deleted ebuild in it).
581 phreak 1.138
582     06 Mar 2007; Christian Heim <phreak@gentoo.org>
583     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
584     +hardened-sources-2.6.18-r5.ebuild:
585     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
586     Linux 2.6.18.8. Also cleaning up the older version.
587    
588     *hardened-sources-2.6.18-r5 (06 Mar 2007)
589    
590     06 Mar 2007; Christian Heim <phreak@gentoo.org>
591     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
592     +hardened-sources-2.6.18-r5.ebuild:
593     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
594     Linux 2.6.18.8. Also cleaning up the older version.
595 phreak 1.137
596     24 Feb 2007; Christian Heim <phreak@gentoo.org>
597     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
598     -hardened-sources-2.6.19-r5.ebuild:
599     Removing some of the old version, that didn't work.
600 phreak 1.136
601     *hardened-sources-2.6.19-r6 (12 Feb 2007)
602    
603     12 Feb 2007; Christian Heim <phreak@gentoo.org>
604     +hardened-sources-2.6.19-r6.ebuild:
605     Revision bump, including a new grsec version fixing #166235.
606 pappy 1.134
607     *hardened-sources-2.4.34 (24 Jan 2007)
608    
609     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
610 pappy 1.135 Manifest:
611     updating Manifest with checksums of new tarball and ebuild
612    
613     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
614 pappy 1.134 +hardened-sources-2.4.34.ebuild:
615     I added new hardened sources 2.4 update, this is a critical path
616     security bugfix - all users of h-s are strongly advised
617     to update their existing hardened sources to this version.
618     It contains a fix for a kernel vulnerability that is pertaining
619     to the PaX changes to virtual memory management, possibly leading
620     to a local kernel exploit ... see grsecurity.net forums and homepage
621 phreak 1.133
622     23 Jan 2007; Christian Heim <phreak@gentoo.org>
623     files/digest-hardened-sources-2.6.19-r5, Manifest:
624     Fixing the patch-tarball digest.
625 phreak 1.132
626     *hardened-sources-2.6.19-r5 (23 Jan 2007)
627    
628     23 Jan 2007; Christian Heim <phreak@gentoo.org>
629     +hardened-sources-2.6.19-r5.ebuild:
630     Revision bump, closing the recently discovered PaX expand_stack()
631     vulnerability.
632 phreak 1.131
633     *hardened-sources-2.6.19-r4 (14 Jan 2007)
634    
635     14 Jan 2007; Christian Heim <phreak@gentoo.org>
636     +hardened-sources-2.6.19-r4.ebuild:
637     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
638     dropping the randomized PID feature.
639 opfer 1.130
640     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
641     hardened-sources-2.4.33.4.ebuild:
642     stable x86, bug #161171
643 phreak 1.129
644     *hardened-sources-2.6.19-r3 (27 Dec 2006)
645    
646     27 Dec 2006; Christian Heim <phreak@gentoo.org>
647     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
648     Revision bump for bug #157186 and #158786.
649 phreak 1.128
650     *hardened-sources-2.6.18-r4 (27 Dec 2006)
651    
652     27 Dec 2006; Christian Heim <phreak@gentoo.org>
653     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
654     Revision bump for bug #157186.
655 phreak 1.127
656     *hardened-sources-2.6.19-r2 (23 Dec 2006)
657    
658     23 Dec 2006; Christian Heim <phreak@gentoo.org>
659     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
660     Revision bump to pull in genpatches-2.6.19-3 for #157186.
661 phreak 1.126
662     17 Dec 2006; Christian Heim <phreak@gentoo.org>
663     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
664     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
665     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
666     hardened-sources-2.6.19-r1.ebuild:
667     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
668     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
669 pappy 1.125
670     *hardened-sources-2.4.33.4 (17 Dec 2006)
671    
672     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
673     +hardened-sources-2.4.33.4.ebuild:
674     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
675     and quilting
676 phreak 1.124
677     *hardened-sources-2.6.19-r1 (14 Dec 2006)
678    
679     14 Dec 2006; Christian Heim <phreak@gentoo.org>
680     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
681     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
682     for reporting).
683 phreak 1.123
684     *hardened-sources-2.6.19 (13 Dec 2006)
685    
686     13 Dec 2006; Christian Heim <phreak@gentoo.org>
687     +hardened-sources-2.6.19.ebuild:
688     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
689     Brad for providing that prompt update.
690 phreak 1.122
691     *hardened-sources-2.6.18-r3 (13 Dec 2006)
692    
693     13 Dec 2006; Christian Heim <phreak@gentoo.org>
694     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
695     +hardened-sources-2.6.18-r3.ebuild:
696     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
697     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
698 phreak 1.121
699     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
700     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
701 nixnut 1.120
702     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
703     Stable on ppc wrt bug 157356
704 opfer 1.119
705     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
706     hardened-sources-2.6.18.ebuild:
707     stable x86, bug #157356
708 phreak 1.118
709     *hardened-sources-2.6.18-r2 (06 Dec 2006)
710    
711     06 Dec 2006; Christian Heim <phreak@gentoo.org>
712     +hardened-sources-2.6.18-r2.ebuild:
713     Revision bump, including 2.6.18.5 (via genpatches) and
714     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
715     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
716     redesign.
717 phreak 1.117
718     06 Dec 2006; Christian Heim <phreak@gentoo.org>
719     hardened-sources-2.6.18.ebuild:
720     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
721     of Mike Doty).
722 phreak 1.116
723     *hardened-sources-2.6.18-r1 (23 Nov 2006)
724    
725     23 Nov 2006; Christian Heim <phreak@gentoo.org>
726     +hardened-sources-2.6.18-r1.ebuild:
727     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
728 phreak 1.115
729     *hardened-sources-2.6.18 (11 Nov 2006)
730    
731     11 Nov 2006; Christian Heim <phreak@gentoo.org>
732     +hardened-sources-2.6.18.ebuild:
733     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
734 solar 1.114
735     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
736     - mark amd64 stable also. bug #151877
737 solar 1.113
738     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
739     - mark 2.6.17-r1 stable
740 phreak 1.112
741     27 Aug 2006; Christian Heim <phreak@gentoo.org>
742     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
743     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
744 phreak 1.111
745     *hardened-sources-2.6.17-r1 (26 Aug 2006)
746    
747     26 Aug 2006; Christian Heim <phreak@gentoo.org>
748     +hardened-sources-2.6.17-r1.ebuild:
749     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
750     grsecurity patch.
751 phreak 1.110
752     *hardened-sources-2.6.17 (17 Aug 2006)
753    
754     17 Aug 2006; Christian Heim <phreak@gentoo.org>
755     +hardened-sources-2.6.17.ebuild:
756     Bumping the hardened-sources-2.6 series to 2.6.17, using
757     genpatches-2.6.17-6.base.
758 solar 1.109
759     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
760     - stable on x86 and amd64
761 solar 1.108
762     *hardened-sources-2.6.16-r11 (15 Jul 2006)
763    
764     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
765     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
766     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
767     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
768     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
769     crusty ebuilds
770 johnm 1.107
771     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
772     hardened-sources-2.6.16-r10.ebuild:
773     marking stable on x86 and amd64
774 solar 1.106
775     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
776     - 2.4.32-r6 stable on x86. RSBAC state unknown
777 kang 1.105
778     *hardened-sources-2.4.32-r7 (10 Jul 2006)
779    
780     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
781     +hardened-sources-2.4.32-r7.ebuild:
782     Bump PaX for RSBAC to test-17
783 johnm 1.104
784     *hardened-sources-2.6.16-r9 (03 Jul 2006)
785    
786     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
787     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
788     hardened-sources-2.6.16 bump to latest -base.
789 solar 1.103
790     *hardened-sources-2.4.32-r6 (30 Jun 2006)
791    
792     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
793     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
794     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
795     sysctl controlable resource logging
796 johnm 1.102
797     *hardened-sources-2.6.16-r7 (05 Jun 2006)
798    
799     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
800     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
801     push new 2.6.16 release in preparation for stable
802 solar 1.101
803     22 May 2006; <solar@gentoo.org> :
804     - redigest bug 134002
805 kang 1.100
806     *hardened-sources-2.4.32-r5 (16 May 2006)
807    
808     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
809     +hardened-sources-2.4.32-r5.ebuild:
810     Fixes rsbac common patching (new patch in new -r5 patchset)
811 solar 1.99
812     *hardened-sources-2.4.32-r4 (13 May 2006)
813    
814     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
815     +hardened-sources-2.4.32-r4.ebuild:
816     - security bumps
817 johnm 1.98
818     *hardened-sources-2.6.16-r6 (03 May 2006)
819    
820     03 May 2006; John Mylchreest <johnm@gentoo.org>
821     +hardened-sources-2.6.16-r6.ebuild:
822     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
823 johnm 1.97
824     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
825     hardened-sources-2.6.14-r8.ebuild:
826     fix x86_64 build problem, this will delay the digest issue again for a short
827     while but it will sort itself out
828 johnm 1.96
829     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
830     hardened-sources-2.6.14-r8.ebuild:
831     bump hardened patchset
832 antarus 1.94
833     27 Apr 2006; Alec Warner <antarus@gentoo.org>
834     files/digest-hardened-sources-2.4.32-r2,
835     files/digest-hardened-sources-2.4.32-r3,
836     files/digest-hardened-sources-2.6.14-r8, Manifest:
837     Fixing duff SHA256 digests: Bug # 131293
838 johnm 1.93
839 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
840    
841     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
842     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
843     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
844     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
845     cleanup of old uneccessary sources
846    
847 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
848     fix digest
849 johnm 1.92
850     *hardened-sources-2.6.14-r8 (20 Apr 2006)
851    
852     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
853     +hardened-sources-2.6.14-r8.ebuild:
854     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
855 johnm 1.91
856     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
857     Turning on gpg-signing again, and recomitting
858 johnm 1.90
859     *hardened-sources-2.6.16-r4 (20 Apr 2006)
860    
861     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
862     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
863     +hardened-sources-2.6.16-r4.ebuild:
864     Fix numerous security vulns
865 solar 1.89
866     *hardened-sources-2.4.32-r3 (16 Apr 2006)
867    
868     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
869     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
870     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
871     - security bump for bug #112791. Removed old ebuilds
872 johnm 1.88
873     *hardened-sources-2.6.16-r3 (15 Apr 2006)
874    
875     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
876     +hardened-sources-2.6.16-r3.ebuild:
877     Removing silly localversion which I missed
878 johnm 1.87
879     *hardened-sources-2.6.14-r7 (14 Apr 2006)
880    
881     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
882     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
883     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
884 johnm 1.86
885     *hardened-sources-2.6.16-r2 (13 Apr 2006)
886    
887     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
888     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
889     +hardened-sources-2.6.16-r2.ebuild:
890     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
891     labels, dropping USERGROUP define fixes, since these were merged mainstream.
892 johnm 1.85
893     *hardened-sources-2.6.16-r1 (11 Apr 2006)
894    
895     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
896     +hardened-sources-2.6.16-r1.ebuild:
897     Bumping to include ppc build fix and 2.6.16.3
898 tsunam 1.84
899     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
900     hardened-sources-2.6.14-r6.ebuild:
901     Stable on x86; bug #127718
902 johnm 1.83
903     *hardened-sources-2.6.16 (31 Mar 2006)
904    
905     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
906     +hardened-sources-2.6.16.ebuild:
907     Bumping to new version of grsec, and kernel base. New squashfs. Based on
908     2.6.16.1
909 cryos 1.82
910     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
911     hardened-sources-2.6.14-r6.ebuild:
912     Stable on amd64, bug 127718.
913 nixnut 1.81
914     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
915     Stable on ppc. Bug #127718
916 johnm 1.80
917     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
918     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
919     -hardened-sources-2.6.14-r4.ebuild:
920     Cleanup.
921 johnm 1.79
922     *hardened-sources-2.6.14-r6 (15 Mar 2006)
923    
924     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
925     +hardened-sources-2.6.14-r6.ebuild:
926     Fixes grsec policy recreation bug and adds a
927     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
928 solar 1.78
929     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
930     - stable on x86
931 hansmi 1.77
932     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
933     hardened-sources-2.6.14-r5.ebuild:
934     Stable on ppc.
935 johnm 1.76
936     *hardened-sources-2.6.14-r5 (01 Feb 2006)
937    
938     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
939     +hardened-sources-2.6.14-r5.ebuild:
940     fixing every known exploit
941 solar 1.75
942     *hardened-sources-2.4.32-r2 (26 Jan 2006)
943    
944     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
945     +hardened-sources-2.4.32-r2.ebuild:
946     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
947 solar 1.74
948     *hardened-sources-2.6.14-r4 (12 Jan 2006)
949    
950     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
951     - version bump for new genpatches which fix up a few sec holes
952 solar 1.73
953     *hardened-sources-2.4.32-r1 (05 Jan 2006)
954    
955     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
956     - revision bump to add misc vital linux kernel security patches.
957 johnm 1.72
958     *hardened-sources-2.6.14-r3 (30 Dec 2005)
959    
960     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
961     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
962     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
963 johnm 1.71
964     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
965     hardened-sources-2.6.14-r2.ebuild:
966     making x86 & amd64 stable following testing.
967 johnm 1.70
968     *hardened-sources-2.6.14-r2 (27 Dec 2005)
969    
970     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
971     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
972     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
973     network hooks.
974 johnm 1.69
975     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
976     hardened-sources-2.6.14-r1.ebuild:
977     bumping to stable early for sec fix on x86 & amd64
978 johnm 1.68
979     *hardened-sources-2.6.14-r1 (05 Dec 2005)
980    
981     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
982     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
983     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
984 solar 1.67
985     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
986     - stable on x86 security bug #114227 CAN-2005-3257
987 kang 1.66
988     *hardened-sources-2.4.32 (19 Nov 2005)
989    
990     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
991     +hardened-sources-2.4.32.ebuild:
992     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
993     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
994     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
995     rsbac >> /etc/portage/package.use)
996 johnm 1.65
997     *hardened-sources-2.6.14 (14 Nov 2005)
998    
999     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1000     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1001     Bumping 2.6 series to 2.6.14.2
1002 johnm 1.64
1003     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1004    
1005     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1006     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1007     +hardened-sources-2.6.13-r2.ebuild:
1008     Fixes minor build error in ppc.
1009 johnm 1.63
1010     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1011    
1012     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1013     +hardened-sources-2.6.13-r1.ebuild:
1014     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1015     2.6.13.4, fixes some major amd64 stability problems.
1016 johnm 1.62
1017     *hardened-sources-2.6.13 (16 Sep 2005)
1018    
1019     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1020     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1021     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1022     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1023     users should test this thoroughly.
1024 solar 1.61
1025     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1026     - stable on x86
1027 johnm 1.60
1028     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1029    
1030     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1031     +hardened-sources-2.6.11-r15.ebuild:
1032     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1033     grsec redefining curr_ip struct.
1034 solar 1.59
1035     *hardened-sources-2.4.31 (20 Jun 2005)
1036    
1037     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1038     initial import of 2.4.31 tree
1039 johnm 1.58
1040     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1041    
1042     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1043     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1044     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1045     naming scheme to abide by genpatches
1046 johnm 1.57
1047     *hardened-sources-2.6.11-r13 (18 May 2005)
1048    
1049     18 May 2005; John Mylchreest <johnm@gentoo.org>
1050     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1051     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1052     target. sorry about that. Fixes bug #93022
1053 johnm 1.56
1054     *hardened-sources-2.6.11-r12 (17 May 2005)
1055    
1056     17 May 2005; John Mylchreest <johnm@gentoo.org>
1057     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1058     +hardened-sources-2.6.11-r12.ebuild:
1059     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1060     merges in genpatches-base
1061 johnm 1.55
1062     *hardened-sources-2.6.11-r12 (17 May 2005)
1063    
1064     17 May 2005; John Mylchreest <johnm@gentoo.org>
1065     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1066     +hardened-sources-2.6.11-r12.ebuild:
1067     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1068     merges in genpatches-base
1069 solar 1.54
1070     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1071     -files/2.4.27-cmdline-race.patch,
1072     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1073     -files/2.4.28-grsec-binfmt_a.out.patch,
1074     -files/2.4.28-grsec-cmdline-race.patch,
1075     -files/2.4.28-selinux-binfmt_a.out.patch,
1076     -files/2.4.28-selinux-cmdline-race.patch,
1077     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1078     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1079     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1080     cleanup..
1081 solar 1.53
1082     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1083    
1084     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1085     - disable aout by default
1086 solar 1.52
1087     *hardened-sources-2.4.30 (18 Apr 2005)
1088    
1089     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1090     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1091     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1092     use
1093 tocharian 1.50
1094 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1095    
1096     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1097     +hardened-sources-2.4.29.ebuild:
1098     New hardened-patches-2.4-29.0 patchball.
1099     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1100    
1101     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1102    
1103     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1104     +hardened-sources-2.4.28-r5.ebuild:
1105     Added a fix for a PaX vulnerability.
1106    
1107     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1108 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1109     Stable on x86
1110 solar 1.49
1111     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1112     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1113     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1114     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1115     - fixed/added RDEPEND= in all kernel-2 ebuilds
1116 tocharian 1.48
1117     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1118    
1119     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1120     +hardened-sources-2.4.28-r4.ebuild:
1121     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1122     backport of neighbour hash updates.
1123 tocharian 1.47
1124     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1125     hardened-sources-2.4.28-r3.ebuild:
1126     Stable on x86
1127 tseng 1.46
1128     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1129    
1130     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1131     +hardened-sources-2.6.10-r3.ebuild:
1132     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1133     in 2005.0
1134 tocharian 1.45
1135     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1136     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1137     hardened-sources-2.4.28-r2.ebuild:
1138     Mark stable on x86
1139 tocharian 1.44
1140     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1141    
1142     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1143     +hardened-sources-2.4.28-r3.ebuild:
1144     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1145 tocharian 1.43
1146     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1147     hardened-sources-2.4.28.ebuild:
1148     Mark stable on x86.
1149 tocharian 1.42
1150     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1151    
1152     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1153     +hardened-sources-2.4.28-r2.ebuild:
1154     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1155     Mazinger for grsecurity patches as well.
1156 plasmaroo 1.41
1157     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1158    
1159     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1160     Security bump. Thank tocharian for rolling a new patchset...
1161 solar 1.40
1162     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1163     +files/2.4.28-grsec-cmdline-race.patch,
1164     +files/2.4.28-selinux-binfmt_a.out.patch,
1165     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1166     - Round up remaining security patches that appear to be missing in 2.4.28. -
1167     PaX standalone updated to current. hgpv=28.1
1168 solar 1.39
1169     *hardened-sources-2.4.28 (28 Nov 2004)
1170    
1171     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1172     security bump. Thank tocharian for rolling a new patchset
1173 scox 1.31
1174 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1175    
1176     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1177     +hardened-sources-2.4.27-r3.ebuild:
1178     Applies the new 2.4-27.2 patchball which updates
1179     GRSecurity to the 2.0.1 version.
1180    
1181 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1182    
1183     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1184     +hardened-sources-2.4.27-r2.ebuild:
1185     Version bump.
1186     This version uses the new 2.4-27.1 patchball which updates
1187     both the SELinux PaX hooks patch and the SELinux headers.
1188    
1189 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1190    
1191     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1192     +hardened-sources-2.4.27-r1.ebuild,
1193     -hardened-sources-2.4.27.ebuild,
1194     +files/2.4.27-cmdline-race.patch:
1195     Version bump, fix for cmdline race. See bug #59905.
1196    
1197     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1198    
1199     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1200     +hardened-sources-2.4.26-r6.ebuild,
1201     -hardened-sources-2.4.26-r5.ebuild,
1202     -hardened-sources-2.4.26-r4.ebuild,
1203     +files/2.4.26-cmdline-race.patch:
1204     Version bump, fix for cmdline race. See bug #59905.
1205    
1206 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1207    
1208     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1209     +hardened-sources-2.4.27.ebuild,
1210     +files/2.4.27-CAN-2004-0394.patch:
1211     Ported the patchball to the 2.4.27 kernel version.
1212    
1213 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1214    
1215     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1216     +hardened-sources-2.4.26-r5.ebuild:
1217 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1218 scox 1.34 It adds the following features:
1219     - Squashfs
1220     - Ebtables
1221     - Netdev random (core+drivers)
1222     - Watchdog Timer (WDT) fix.
1223    
1224 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1225    
1226     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1227     +hardened-sources-2.4.26-r4.ebuild,
1228     +files/2.4.26-CAN-2004-0415.patch,
1229     -hardened-sources-2.4.26-3:
1230     Version bump, fix for CAN 0415, see bug #59378.
1231    
1232 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1233    
1234     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1235     +hardened-sources-2.4.26-r3.ebuild,
1236     +files/2.4.26-CAN-2004-0497.patch,
1237     -hardened-sources-2.4.26-r2.ebuild:
1238     Version bump, fixed CAN 0497, see bug #56171.
1239    
1240 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1241    
1242     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1243 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1244 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1245     +files/2.4.26-CAN-2004-0535.patch,
1246     -hardened-sources-2.4.26-r1.ebuild:
1247     Fixes for both CAN 0495 and 0535, see bug #54976
1248 pvdabeel 1.27
1249 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1250     hardened-sources-2.4.26-r1.ebuild:
1251     QA - fix use invocation
1252 scox 1.28
1253     *hardened-sources-2.4.26-r1 (22 June 2004)
1254    
1255     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1256     +hardened-sources-2.4.26-r1.ebuild,
1257     +files/2.4.26-CAN-2004-0394.patch,
1258     +files/2.4.26-signal-race.patch,
1259     -hardened-sources-2.4.26.ebuild,
1260     -hardened-sources-2.4.24-r3.ebuild:
1261     Version bump for the CAN-2004-0394 issue and bug #53804
1262     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1263    
1264    
1265 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1266     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1267     Masked hardened-sources-2.4.26.ebuild broken for ppc
1268    
1269     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1270     hardened-sources-2.4.24-r3.ebuild:
1271     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1272 plasmaroo 1.25
1273 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1274    
1275     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1276     +hardened-sources-2.4.26.ebuild:
1277     Updated hardened-sources for the 2.4.26 kernel
1278     Removed broken components, updated almost everything.
1279    
1280 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1281    
1282     17 Apr 2004; <plasmaroo@gentoo.org>
1283     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1284     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1285     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1286     +hardened-sources-2.4.24-r3.ebuild:
1287     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1288     vulnerabilities. Old revisions removed.
1289 plasmaroo 1.24
1290     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1291    
1292     15 Apr 2004; <plasmaroo@gentoo.org>
1293     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1294     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1295     Version bump for the CAN-2004-0109 issue; bug #47881.
1296 aliz 1.23
1297     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1298     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1299     Add eutils to inherit.
1300 plasmaroo 1.22
1301     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1302    
1303     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1304     files/hardened-sources-2.4.24.munmap.patch:
1305     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1306 scox 1.19
1307 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1308 scox 1.26
1309 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1310     hardened-sources-2.4.24.ebuild:
1311     Version bump, updated most of the components.
1312     This release includes the following:
1313    
1314     - Hardened security
1315     - Netfilter patch-o-matic 20031219
1316     - FreeSWAN 2.04 & x509 1.4.8
1317     - EVMS 2.2.2
1318     - XFS 1.3.1
1319     - cryptoloop jari
1320     - grsecurity 2.0-rc4
1321     - SELinux
1322     - PaX 200402060000
1323     - PaX Obscurity 200308302223
1324     - Others...
1325    
1326     Neither -ck nor systrace are included anymore.
1327    
1328 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1329    
1330     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1331     hardened-sources-2.4.22-r2.ebuild:
1332 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1333 scox 1.19
1334     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1335 iggy 1.17
1336     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1337 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1338 iggy 1.16
1339     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1340 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1341     Version bump for the 'do_brk' vulnerability.
1342 iggy 1.15
1343     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1344     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1345     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1346     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1347 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1348 frogger 1.14
1349     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1350     hardened-sources-2.4.22.ebuild:
1351 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1352     components. These are no longer handled in the kernel
1353     so this code was not necessary.
1354 frogger 1.13
1355     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1356     New 2.4.22 based hardened-sources thanks to
1357     Phil West <p.west@computer.org>.
1358    
1359     These sources include:
1360 plasmaroo 1.18 - New SELinux API
1361     - Updated CK-base
1362     - Updated GRSec
1363     - Systrace
1364     - SuperFreeS/WAN 1.99.8
1365     - Propolice kernel build support
1366     - EVMS
1367     - Other various security related patches
1368 frogger 1.11
1369 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1370    
1371     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1372     Updated hardened-sources based on the 2.4.21 Linux kernel.
1373     This includes updates to most major components such as:
1374 plasmaroo 1.18 - ck-base-0306300059
1375     - selinux-2.4-2003071106
1376     - grsecurity-2.0-rc1
1377     - Updated IPTables patch-o-matic
1378     - Updated SuperFreeS/WAN
1379    
1380 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1381     updated patch set ready for the 2.4.21 based kernel.
1382    
1383 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1384     Initial import of hardened-sources-2.4.20-r4. This revision
1385     includes only a few changes, but one of these is an important
1386     security fix. It is recommended all users of hardened-sources
1387     upgrade to this release.
1388 plasmaroo 1.18
1389 frogger 1.11 - ioperm bug fix
1390     - fixed compilation failure when building without GRSec
1391 plasmaroo 1.18
1392 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1393     due to time constraints, but is planned for inclusion in the near
1394     future.
1395 msterret 1.10
1396     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1397    
1398     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1399     hardened-sources-2.4.20-r3.ebuild:
1400 plasmaroo 1.18 Add Header...
1401 frogger 1.9
1402     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1403     hardened-sources-2.4.20-r3.ebuild:
1404     Removed warnings from ebuild. This kernel should be safe to
1405     use at this point.
1406 frogger 1.8
1407     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1408    
1409     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1410     hardened-sources-2.4.20-r3.ebuild:
1411     New revision. Includes the following changes over -r2:
1412 plasmaroo 1.18
1413 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1414     - Super FreeS/WAN 1.99.7rc2
1415     - PaX for the LSM/SELinux branch
1416     - GRSecurity 2.0-pre4 (role based access control)
1417     - Systrace 1.3
1418     - EXT3 fixes
1419     - EVMS 2.0.1
1420     - GCC 3.1+ compile optimizations
1421     - ProPolice kernel build support
1422     - Hashing table security fixes
1423 frogger 1.3
1424     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1425 frogger 1.7
1426     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1427     Initial import of hardened-sources-r2. This new
1428     ebuild includes many new performance and security
1429     related patches. As in -r1, it will patch in
1430     LSM/SELinux if "selinux" is in USE, otherwise it
1431     will patch in GRSecurity. The following patches
1432     are included in this revision:
1433 plasmaroo 1.18
1434 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1435     (pulled from the base CK patch)
1436     - ptrace exploit patch for the LSM kernel
1437     (the GRSec patch already fixes this)
1438     - LSM 2.4-2003040709
1439     - SELinux 2.4-2003040709
1440     - Systrace v1.2
1441     - IPTables patch-o-matic base patches - 20030107
1442     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1443     - Super FreeS/WAN 1.99.6.1
1444     - GRSecurity 1.9.9g
1445     - MPPE
1446     - EXT3 data journal fix
1447     - CIPE 1.5.4
1448 frogger 1.6
1449     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1450     hardened-sources-2.4.20-r1.ebuild, manifest:
1451 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1452 frogger 1.5
1453     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1454     hardened-sources-2.4.20-r1.ebuild:
1455     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1456     is patched in instead. Ptrace patches for selinux have also been added. In
1457     either case, systrace support will be patched in as well.
1458 frogger 1.3
1459     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1460     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1461 plasmaroo 1.18 Revision bump for new sources.
1462 frogger 1.4
1463 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1464 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1465 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1466 method 1.1
1467 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1468    
1469 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1470     hardened-sources-2.4.20.ebuild:
1471 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20