/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.238 - (hide annotations) (download)
Tue Sep 9 05:30:04 2008 UTC (6 years, 1 month ago) by gengor
Branch: MAIN
Changes since 1.237: +8 -1 lines
Add 2.6.25-r6, remove 2.6.24-r3.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.238 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.237 2008/09/08 01:15:27 gengor Exp $
4    
5     *hardened-sources-2.6.25-r6 (09 Sep 2008)
6    
7     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
8     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
9     2.6.25-r6: Update to Linux 2.6.25.17.
10     2.6.24-r3: Removed.
11 gengor 1.237
12     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
13     hardened-sources-2.6.25-r5.ebuild:
14     Stable on amd64/x86
15 gengor 1.236
16     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
17     Update my email address.
18 nixnut 1.235
19     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
20     stable on ppc
21 battousai 1.234
22     *hardened-sources-2.6.26-r1 (23 Aug 2008)
23     *hardened-sources-2.6.25-r5 (23 Aug 2008)
24    
25     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
26     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
27     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
28     +hardened-sources-2.6.26-r1.ebuild:
29     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
30     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
31     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
32     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
33     (gengor).
34 solar 1.233
35     *hardened-sources-2.6.26 (18 Aug 2008)
36     *hardened-sources-2.6.25-r4 (18 Aug 2008)
37    
38     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
39     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
40     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
41     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
42     2.6.25-r2: Removed.
43 tove 1.232
44     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
45     Remove phreak from metadata.xml (#96398)
46 solar 1.231
47     *hardened-sources-2.6.25-r3 (31 Jul 2008)
48    
49     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
50     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
51     +hardened-sources-2.6.25-r3.ebuild:
52     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
53     fixes, including security bug #231750.
54 nixnut 1.230
55     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
56     Stable on ppc
57 solar 1.229
58     *hardened-sources-2.6.25-r2 (05 Jul 2008)
59    
60     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
61     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
62     +hardened-sources-2.6.25-r2.ebuild:
63     2.6.23-r4: Stable x86/amd64
64     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
65     2.6.23-r{11,12}: Removed due to multiple vulns.
66     (gengor & kerframil)
67 nixnut 1.228
68     04 Jul 2008; nixnut <nixnut@gentoo.org>
69     hardened-sources-2.6.23-r13.ebuild:
70     Stable on ppc
71 solar 1.227
72     *hardened-sources-2.6.25-r1 (30 Jun 2008)
73    
74     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
75     +hardened-sources-2.6.25-r1.ebuild:
76     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
77     grsecurity release. 2.6.23-r13: x86/amd64 stable
78 solar 1.226
79     *hardened-sources-2.6.25 (17 Jun 2008)
80     *hardened-sources-2.6.24-r3 (17 Jun 2008)
81     *hardened-sources-2.6.23-r13 (17 Jun 2008)
82    
83     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
84     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
85     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
86     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
87     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
88     2.6.25: Initial 2.6.25 release.
89 solar 1.225
90     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
91     - fasttrack to stable x86/amd64
92 swegener 1.224
93     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
94     Fix broken digest for linux-2.6.24.tar.bz2.
95 solar 1.223
96     *hardened-sources-2.6.24-r2 (11 May 2008)
97     *hardened-sources-2.6.23-r12 (11 May 2008)
98    
99     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
100     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
101     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
102     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
103     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
104     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
105     security bugs 219901, 220691, 220975, 220979, 221123. New
106     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
107     should be removed as far as I'm concerned, everything else remove due to
108     vulnerable to numerous security bugs or brokeness.
109 nixnut 1.222
110     10 May 2008; nixnut <nixnut@gentoo.org>
111     hardened-sources-2.6.23-r11.ebuild:
112     Stable on ppc
113 solar 1.221
114     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
115     - -r11 stable on x86/amd64
116 solar 1.220
117     *hardened-sources-2.6.23-r11 (01 May 2008)
118    
119     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
120     - version bump to fix ulgy linux bugs
121 phreak 1.219
122     *hardened-sources-2.6.24-r1 (30 Apr 2008)
123    
124     30 Apr 2008; Christian Heim <phreak@gentoo.org>
125     +hardened-sources-2.6.24-r1.ebuild:
126     Revision bump (thanks to Kerin and Gordon, again), pulling
127     genpatches-2.6.24-7, solving #219089. Additionally contains further security
128     fixes plus some minor updates.
129 phreak 1.218
130     *hardened-sources-2.6.23-r10 (30 Apr 2008)
131    
132     30 Apr 2008; Christian Heim <phreak@gentoo.org>
133     +hardened-sources-2.6.23-r10.ebuild:
134     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
135     Additional contains "various other fixes".
136 phreak 1.217
137     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
138     Update the longdescription in metadata, thanks to Gordon Malm.
139 nixnut 1.216
140     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
141     Stable on ppc wrt bug #213255
142 solar 1.215
143     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
144     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
145     - stable on x86/amd64 per request. Removed obsolete ebuilds
146 phreak 1.214
147     *hardened-sources-2.6.24 (07 Apr 2008)
148    
149     07 Apr 2008; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.24.ebuild:
151     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
152     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
153     for the many contributions and their continued effort in #216612) based on
154     2.6.24 and genpatches-2.6.24-5.
155    
156     The current ebuild/patchset contains these things:
157     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
158     * Introduces bespoke server and workstation oriented security levels
159     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
160 phreak 1.213
161     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
162     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
163     maintaining it).
164 phreak 1.212
165     24 Mar 2008; Christian Heim <phreak@gentoo.org>
166     hardened-sources-2.4.35-r2.ebuild:
167     Fixing SRC_URI for 2.4.35-r2.
168 phreak 1.211
169     *hardened-sources-2.6.23-r9 (22 Mar 2008)
170    
171     22 Mar 2008; Christian Heim <phreak@gentoo.org>
172     +hardened-sources-2.6.23-r9.ebuild:
173     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
174     * Change the default GIDs for some grsecurity options
175     * Revamp the Hardened [Gentoo] security level and make it the default level
176     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
177     * Fix a recursive lock -- call to capable() within ptrace_attach()
178     * Fix bug that allows audit and iscsi operations to be controlled via netlink
179 solar 1.210
180     *hardened-sources-2.6.23-r8 (27 Feb 2008)
181    
182     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
183     - version bump from Kerin Millar bug 210026
184 solar 1.209
185     17 Feb 2008; <solar@gentoo.org> metadata.xml,
186     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
187     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
188     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
189     - stable on x86 and remove old ebuilds
190 solar 1.207
191     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
192 solar 1.208 - stable on amd64 per request of amd64 lead
193 solar 1.206
194     *hardened-sources-2.6.23-r7 (11 Feb 2008)
195    
196     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
197     - version bump from kerin.millar
198     Changes:
199    
200     * Bump to genpatches-base-2.6.23-9
201     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
202     * Disables COMPAT_VDSO in x86/defconfig
203     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
204 phreak 1.205
205     25 Jan 2008; Christian Heim <phreak@gentoo.org>
206     -hardened-sources-2.6.22-r8.ebuild:
207     Cleaning up old versions.
208 phreak 1.204
209     *hardened-sources-2.6.23-r6 (25 Jan 2008)
210    
211     25 Jan 2008; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
213     Revision bump, pulling in the latest genpatches.
214 phreak 1.203
215     *hardened-sources-2.6.23-r5 (24 Dec 2007)
216    
217     24 Dec 2007; Christian Heim <phreak@gentoo.org>
218     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
219     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
220     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
221     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
222 phreak 1.202
223     24 Dec 2007; Christian Heim <phreak@gentoo.org>
224     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
225     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
226     -hardened-sources-2.6.23-r3.ebuild:
227     Cleaning out some unused, old versions.
228 phreak 1.201
229     24 Dec 2007; Christian Heim <phreak@gentoo.org>
230     hardened-sources-2.6.23-r4.ebuild:
231     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
232     in the tree for long, but there isn't much of a difference between this and
233     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
234 phreak 1.200
235     *hardened-sources-2.6.23-r4 (23 Dec 2007)
236    
237     23 Dec 2007; Christian Heim <phreak@gentoo.org>
238     +hardened-sources-2.6.23-r4.ebuild:
239     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
240 phreak 1.199
241     *hardened-sources-2.6.23-r3 (04 Dec 2007)
242    
243     04 Dec 2007; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.6.23-r3.ebuild:
245     Revision bump, pulling in 2.6.23.9.
246 phreak 1.198
247     *hardened-sources-2.6.23-r2 (25 Nov 2007)
248    
249     25 Nov 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.23-r2.ebuild:
251     Updated patchset, thanks to solar.
252 phreak 1.197
253     *hardened-sources-2.6.23-r1 (31 Oct 2007)
254    
255     31 Oct 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.23-r1.ebuild:
257     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
258 solar 1.196
259     29 Oct 2007; <solar@gentoo.org> metadata.xml:
260     - update metadata.xml
261 phreak 1.195
262     25 Oct 2007; Christian Heim <phreak@gentoo.org>
263     hardened-sources-2.6.22-r8.ebuild:
264     Marking 2.6.22-r8 stable on amd64 and x86.
265 phreak 1.194
266     21 Oct 2007; Christian Heim <phreak@gentoo.org>
267     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
268     -hardened-sources-2.6.21-r4.ebuild:
269     Removing old ebuilds.
270 phreak 1.193
271     *hardened-sources-2.4.35-r2 (21 Oct 2007)
272    
273     21 Oct 2007; Christian Heim <phreak@gentoo.org>
274     +hardened-sources-2.4.35-r2.ebuild:
275     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
276     patches.
277 phreak 1.192
278     *hardened-sources-2.6.22-r8 (21 Oct 2007)
279    
280     21 Oct 2007; Christian Heim <phreak@gentoo.org>
281     +hardened-sources-2.6.22-r8.ebuild:
282     Yet another new patch, hopefully fixing the remaining issues we had w/
283     2.6.22. Candidate for stabling.
284 phreak 1.191
285     *hardened-sources-2.6.23 (13 Oct 2007)
286    
287     13 Oct 2007; Christian Heim <phreak@gentoo.org>
288     +hardened-sources-2.6.23.ebuild:
289     Initial hardened-sources-2.6.23. If people still have problems w/ bug
290     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
291 phreak 1.190
292     11 Oct 2007; Christian Heim <phreak@gentoo.org>
293     hardened-sources-2.6.20-r10.ebuild:
294     Pulling in yet another new genpatches version, fixing the PWC bug for real.
295 phreak 1.189
296     04 Oct 2007; Christian Heim <phreak@gentoo.org>
297     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
298     Removing old versions.
299 phreak 1.188
300     *hardened-sources-2.6.22-r7 (01 Oct 2007)
301    
302     01 Oct 2007; Christian Heim <phreak@gentoo.org>
303     +hardened-sources-2.6.22-r7.ebuild:
304     Revision bump, pulling in a newer patch. Should fix #194276.
305 phreak 1.187
306     30 Sep 2007; Christian Heim <phreak@gentoo.org>
307     hardened-sources-2.6.20-r10.ebuild:
308     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
309     Mike Doty).
310 phreak 1.186
311     *hardened-sources-2.6.22-r6 (26 Sep 2007)
312    
313     26 Sep 2007; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.22-r6.ebuild:
315     Revision bump, grabbing up till Linux 2.6.22.9.
316 phreak 1.185
317     24 Sep 2007; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
319     Cleaning up further.
320 phreak 1.184
321     *hardened-sources-2.6.20-r10 (24 Sep 2007)
322    
323     24 Sep 2007; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
325     +hardened-sources-2.6.20-r10.ebuild:
326     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
327     revisions.
328 phreak 1.183
329     *hardened-sources-2.6.22-r5 (22 Sep 2007)
330    
331     22 Sep 2007; Christian Heim <phreak@gentoo.org>
332     +hardened-sources-2.6.22-r5.ebuild:
333     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
334 phreak 1.182
335     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
336     Removing johnm from metadata.xml (see #186467 for reference).
337 phreak 1.181
338     *hardened-sources-2.6.22-r4 (17 Sep 2007)
339    
340     17 Sep 2007; Christian Heim <phreak@gentoo.org>
341     +hardened-sources-2.6.22-r4.ebuild:
342     Revision bump, hopefully fixing all those weird PAX failures.
343 phreak 1.180
344     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
345     Updating the metadata.xml.
346 phreak 1.179
347     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
348     Removing tocharian from metadata due to his retirement (see #71718 for
349     reference).
350 phreak 1.178
351     *hardened-sources-2.6.20-r9 (30 Aug 2007)
352    
353     30 Aug 2007; Christian Heim <phreak@gentoo.org>
354     +hardened-sources-2.6.20-r9.ebuild:
355     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
356 phreak 1.177
357     29 Aug 2007; Christian Heim <phreak@gentoo.org>
358     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
359     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
360     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
361     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
362     -hardened-sources-2.6.22-r2.ebuild:
363     Removing some redundant versions.
364 phreak 1.176
365     *hardened-sources-2.4.35-r1 (29 Aug 2007)
366    
367     29 Aug 2007; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.4.35-r1.ebuild:
369     Revision bump, new grsecurity patch.
370 phreak 1.175
371     *hardened-sources-2.6.20-r8 (26 Aug 2007)
372    
373     26 Aug 2007; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.6.20-r8.ebuild:
375     Revision bump for Linux 2.6.20.17.
376 phreak 1.174
377     *hardened-sources-2.6.22-r3 (22 Aug 2007)
378    
379     22 Aug 2007; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.22-r3.ebuild:
381     Revision bump for Linux 2.6.22.4.
382 phreak 1.173
383     16 Aug 2007; Christian Heim <phreak@gentoo.org>
384     hardened-sources-2.6.22-r2.ebuild:
385     Updated patchset, to fix the alignment against 2.6.22.3.
386 phreak 1.172
387     *hardened-sources-2.6.22-r2 (16 Aug 2007)
388    
389     16 Aug 2007; Christian Heim <phreak@gentoo.org>
390     +hardened-sources-2.6.22-r2.ebuild:
391     Revision bump for Linux 2.6.22.3.
392 phreak 1.171
393     *hardened-sources-2.4.35 (16 Aug 2007)
394    
395     16 Aug 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.4.35.ebuild:
397     Version bump, initial version for Linux 2.4.35.
398 phreak 1.170
399     *hardened-sources-2.6.21-r4 (16 Aug 2007)
400    
401     16 Aug 2007; Christian Heim <phreak@gentoo.org>
402     +hardened-sources-2.6.21-r4.ebuild:
403     Revision bump for Linux 2.6.21.6.
404 phreak 1.169
405     *hardened-sources-2.6.20-r7 (16 Aug 2007)
406    
407     16 Aug 2007; Christian Heim <phreak@gentoo.org>
408     +hardened-sources-2.6.20-r7.ebuild:
409     Revision bump for Linux 2.6.20.16.
410 phreak 1.168
411     *hardened-sources-2.6.22-r1 (13 Aug 2007)
412    
413     13 Aug 2007; Christian Heim <phreak@gentoo.org>
414     +hardened-sources-2.6.22-r1.ebuild:
415     Yet another revision bump.
416 phreak 1.167
417     *hardened-sources-2.6.22 (10 Aug 2007)
418    
419     10 Aug 2007; Christian Heim <phreak@gentoo.org>
420     +hardened-sources-2.6.22.ebuild:
421     Initial release for 2.6.22. If you are using hardened-sources on a desktop
422     machine (P4 or newer), be aware you might need to disable
423     CONFIG_PAX_PAGEEXEC.
424 phreak 1.166
425     04 Aug 2007; Christian Heim <phreak@gentoo.org>
426     hardened-sources-2.6.20-r6.ebuild:
427     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
428     2.6.20.15.
429 phreak 1.165
430     10 Jul 2007; Christian Heim <phreak@gentoo.org>
431     hardened-sources-2.6.20-r5.ebuild:
432     Marking hardened-sources-2.6.20-r5 stable on ppc.
433 phreak 1.164
434     10 Jul 2007; Christian Heim <phreak@gentoo.org>
435     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
436     Cleanup.
437 phreak 1.163
438     *hardened-sources-2.6.20-r6 (08 Jul 2007)
439    
440     08 Jul 2007; Christian Heim <phreak@gentoo.org>
441     +hardened-sources-2.6.20-r6.ebuild:
442     Revision bump, grabbing yet another stable release.
443 phreak 1.162
444     17 Jun 2007; Christian Heim <phreak@gentoo.org>
445     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
446     -hardened-sources-2.6.21-r2.ebuild:
447     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
448     alpha stable KEYWORD by mistake.
449 phreak 1.161
450     17 Jun 2007; Christian Heim <phreak@gentoo.org>
451     hardened-sources-2.6.20-r5.ebuild:
452     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
453     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
454 phreak 1.160
455     *hardened-sources-2.6.21-r3 (12 Jun 2007)
456    
457     12 Jun 2007; Christian Heim <phreak@gentoo.org>
458     +hardened-sources-2.6.21-r3.ebuild:
459     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
460     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
461     love.
462 phreak 1.159
463     *hardened-sources-2.6.20-r5 (11 Jun 2007)
464    
465     11 Jun 2007; Christian Heim <phreak@gentoo.org>
466     +hardened-sources-2.6.20-r5.ebuild:
467     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
468     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
469     love.
470 pappy 1.158
471     *hardened-sources-2.4.34.5 (11 Jun 2007)
472    
473     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
474     +hardened-sources-2.4.34.5.ebuild:
475     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
476 phreak 1.157
477     30 May 2007; Christian Heim <phreak@gentoo.org>
478     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
479     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
480     stale ebuild(s).
481 phreak 1.156
482     30 May 2007; Christian Heim <phreak@gentoo.org>
483     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
484     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
485     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
486     Doing some cleanups, remove stale ebuilds.
487 phreak 1.155
488     26 May 2007; Christian Heim <phreak@gentoo.org>
489     hardened-sources-2.6.21-r2.ebuild:
490     Fixing the grsecurity patch, had one '};' too much.
491 phreak 1.154
492     *hardened-sources-2.6.21-r2 (26 May 2007)
493    
494     26 May 2007; Christian Heim <phreak@gentoo.org>
495     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
496     +hardened-sources-2.6.21-r2.ebuild:
497     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
498     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
499 phreak 1.153
500     *hardened-sources-2.6.20-r4 (26 May 2007)
501    
502     26 May 2007; Christian Heim <phreak@gentoo.org>
503     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
504     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
505 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
506 phreak 1.152
507     15 May 2007; Christian Heim <phreak@gentoo.org>
508     hardened-sources-2.6.20-r3.ebuild:
509     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
510     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
511     grsecurity patch fail in that exact same hunk.
512 phreak 1.151
513     *hardened-sources-2.6.20-r3 (15 May 2007)
514    
515     15 May 2007; Christian Heim <phreak@gentoo.org>
516     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
517     Revision bump, incorporating Linux 2.6.20.11.
518    
519     *hardened-sources-2.6.21-r1 (11 May 2007)
520    
521     11 May 2007; Christian Heim <phreak@gentoo.org>
522     +hardened-sources-2.6.21-r1.ebuild:
523     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
524     mentioned in #177234.
525 kevquinn 1.150
526     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
527     files/digest-hardened-sources-2.6.21, Manifest:
528     Fix Manifest/digest for linux-2.6.21.tar.bz2
529 phreak 1.149
530     06 May 2007; Christian Heim <phreak@gentoo.org>
531     hardened-sources-2.6.21.ebuild:
532     Bumping the hardened-patches version, needed for the fix for #177234.
533 phreak 1.148
534     *hardened-sources-2.6.21 (02 May 2007)
535    
536     02 May 2007; Christian Heim <phreak@gentoo.org>
537     +hardened-sources-2.6.21.ebuild:
538     Version bump, Linux 2.6.21-hardened.
539 phreak 1.147
540     29 Apr 2007; Christian Heim <phreak@gentoo.org>
541     hardened-sources-2.6.20-r2.ebuild:
542     Adding ~ia64 on Ned's request.
543 phreak 1.146
544     29 Apr 2007; Christian Heim <phreak@gentoo.org>
545     hardened-sources-2.6.20-r2.ebuild:
546     Fixing the included grsecurity patch, wasn't alligning due to the Index:
547     header line(s).
548 phreak 1.145
549     29 Apr 2007; Christian Heim <phreak@gentoo.org>
550     hardened-sources-2.6.20-r2.ebuild:
551     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
552 armin76 1.144
553     *hardened-sources-2.6.20-r2 (10 Apr 2007)
554    
555     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
556     +hardened-sources-2.6.20-r2.ebuild:
557     Version bump, on behalf of phreak
558 phreak 1.143
559     *hardened-sources-2.6.20-r1 (04 Apr 2007)
560    
561     04 Apr 2007; Christian Heim <phreak@gentoo.org>
562     +hardened-sources-2.6.20-r1.ebuild:
563     Revision bump, grabbing a newer grsecurity snapshot.
564 phreak 1.142
565     *hardened-sources-2.6.20 (25 Mar 2007)
566    
567     25 Mar 2007; Christian Heim <phreak@gentoo.org>
568     +hardened-sources-2.6.20.ebuild:
569     Finally a hardened-sources version for 2.6.20; many people have been waiting
570     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
571     testbox.
572 chainsaw 1.141
573     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
574     hardened-sources-2.6.18-r6.ebuild:
575     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
576 phreak 1.140
577     *hardened-sources-2.6.18-r6 (16 Mar 2007)
578    
579     16 Mar 2007; Christian Heim <phreak@gentoo.org>
580     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
581     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
582     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
583     supposed to be.
584 phreak 1.139
585     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
586     Fixing the Manifest, the previous one was broken (as in still had the
587     deleted ebuild in it).
588 phreak 1.138
589     06 Mar 2007; Christian Heim <phreak@gentoo.org>
590     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
591     +hardened-sources-2.6.18-r5.ebuild:
592     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
593     Linux 2.6.18.8. Also cleaning up the older version.
594    
595     *hardened-sources-2.6.18-r5 (06 Mar 2007)
596    
597     06 Mar 2007; Christian Heim <phreak@gentoo.org>
598     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
599     +hardened-sources-2.6.18-r5.ebuild:
600     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
601     Linux 2.6.18.8. Also cleaning up the older version.
602 phreak 1.137
603     24 Feb 2007; Christian Heim <phreak@gentoo.org>
604     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
605     -hardened-sources-2.6.19-r5.ebuild:
606     Removing some of the old version, that didn't work.
607 phreak 1.136
608     *hardened-sources-2.6.19-r6 (12 Feb 2007)
609    
610     12 Feb 2007; Christian Heim <phreak@gentoo.org>
611     +hardened-sources-2.6.19-r6.ebuild:
612     Revision bump, including a new grsec version fixing #166235.
613 pappy 1.134
614     *hardened-sources-2.4.34 (24 Jan 2007)
615    
616     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
617 pappy 1.135 Manifest:
618     updating Manifest with checksums of new tarball and ebuild
619    
620     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
621 pappy 1.134 +hardened-sources-2.4.34.ebuild:
622     I added new hardened sources 2.4 update, this is a critical path
623     security bugfix - all users of h-s are strongly advised
624     to update their existing hardened sources to this version.
625     It contains a fix for a kernel vulnerability that is pertaining
626     to the PaX changes to virtual memory management, possibly leading
627     to a local kernel exploit ... see grsecurity.net forums and homepage
628 phreak 1.133
629     23 Jan 2007; Christian Heim <phreak@gentoo.org>
630     files/digest-hardened-sources-2.6.19-r5, Manifest:
631     Fixing the patch-tarball digest.
632 phreak 1.132
633     *hardened-sources-2.6.19-r5 (23 Jan 2007)
634    
635     23 Jan 2007; Christian Heim <phreak@gentoo.org>
636     +hardened-sources-2.6.19-r5.ebuild:
637     Revision bump, closing the recently discovered PaX expand_stack()
638     vulnerability.
639 phreak 1.131
640     *hardened-sources-2.6.19-r4 (14 Jan 2007)
641    
642     14 Jan 2007; Christian Heim <phreak@gentoo.org>
643     +hardened-sources-2.6.19-r4.ebuild:
644     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
645     dropping the randomized PID feature.
646 opfer 1.130
647     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
648     hardened-sources-2.4.33.4.ebuild:
649     stable x86, bug #161171
650 phreak 1.129
651     *hardened-sources-2.6.19-r3 (27 Dec 2006)
652    
653     27 Dec 2006; Christian Heim <phreak@gentoo.org>
654     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
655     Revision bump for bug #157186 and #158786.
656 phreak 1.128
657     *hardened-sources-2.6.18-r4 (27 Dec 2006)
658    
659     27 Dec 2006; Christian Heim <phreak@gentoo.org>
660     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
661     Revision bump for bug #157186.
662 phreak 1.127
663     *hardened-sources-2.6.19-r2 (23 Dec 2006)
664    
665     23 Dec 2006; Christian Heim <phreak@gentoo.org>
666     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
667     Revision bump to pull in genpatches-2.6.19-3 for #157186.
668 phreak 1.126
669     17 Dec 2006; Christian Heim <phreak@gentoo.org>
670     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
671     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
672     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
673     hardened-sources-2.6.19-r1.ebuild:
674     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
675     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
676 pappy 1.125
677     *hardened-sources-2.4.33.4 (17 Dec 2006)
678    
679     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
680     +hardened-sources-2.4.33.4.ebuild:
681     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
682     and quilting
683 phreak 1.124
684     *hardened-sources-2.6.19-r1 (14 Dec 2006)
685    
686     14 Dec 2006; Christian Heim <phreak@gentoo.org>
687     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
688     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
689     for reporting).
690 phreak 1.123
691     *hardened-sources-2.6.19 (13 Dec 2006)
692    
693     13 Dec 2006; Christian Heim <phreak@gentoo.org>
694     +hardened-sources-2.6.19.ebuild:
695     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
696     Brad for providing that prompt update.
697 phreak 1.122
698     *hardened-sources-2.6.18-r3 (13 Dec 2006)
699    
700     13 Dec 2006; Christian Heim <phreak@gentoo.org>
701     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
702     +hardened-sources-2.6.18-r3.ebuild:
703     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
704     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
705 phreak 1.121
706     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
707     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
708 nixnut 1.120
709     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
710     Stable on ppc wrt bug 157356
711 opfer 1.119
712     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
713     hardened-sources-2.6.18.ebuild:
714     stable x86, bug #157356
715 phreak 1.118
716     *hardened-sources-2.6.18-r2 (06 Dec 2006)
717    
718     06 Dec 2006; Christian Heim <phreak@gentoo.org>
719     +hardened-sources-2.6.18-r2.ebuild:
720     Revision bump, including 2.6.18.5 (via genpatches) and
721     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
722     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
723     redesign.
724 phreak 1.117
725     06 Dec 2006; Christian Heim <phreak@gentoo.org>
726     hardened-sources-2.6.18.ebuild:
727     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
728     of Mike Doty).
729 phreak 1.116
730     *hardened-sources-2.6.18-r1 (23 Nov 2006)
731    
732     23 Nov 2006; Christian Heim <phreak@gentoo.org>
733     +hardened-sources-2.6.18-r1.ebuild:
734     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
735 phreak 1.115
736     *hardened-sources-2.6.18 (11 Nov 2006)
737    
738     11 Nov 2006; Christian Heim <phreak@gentoo.org>
739     +hardened-sources-2.6.18.ebuild:
740     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
741 solar 1.114
742     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
743     - mark amd64 stable also. bug #151877
744 solar 1.113
745     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
746     - mark 2.6.17-r1 stable
747 phreak 1.112
748     27 Aug 2006; Christian Heim <phreak@gentoo.org>
749     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
750     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
751 phreak 1.111
752     *hardened-sources-2.6.17-r1 (26 Aug 2006)
753    
754     26 Aug 2006; Christian Heim <phreak@gentoo.org>
755     +hardened-sources-2.6.17-r1.ebuild:
756     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
757     grsecurity patch.
758 phreak 1.110
759     *hardened-sources-2.6.17 (17 Aug 2006)
760    
761     17 Aug 2006; Christian Heim <phreak@gentoo.org>
762     +hardened-sources-2.6.17.ebuild:
763     Bumping the hardened-sources-2.6 series to 2.6.17, using
764     genpatches-2.6.17-6.base.
765 solar 1.109
766     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
767     - stable on x86 and amd64
768 solar 1.108
769     *hardened-sources-2.6.16-r11 (15 Jul 2006)
770    
771     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
772     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
773     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
774     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
775     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
776     crusty ebuilds
777 johnm 1.107
778     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
779     hardened-sources-2.6.16-r10.ebuild:
780     marking stable on x86 and amd64
781 solar 1.106
782     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
783     - 2.4.32-r6 stable on x86. RSBAC state unknown
784 kang 1.105
785     *hardened-sources-2.4.32-r7 (10 Jul 2006)
786    
787     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
788     +hardened-sources-2.4.32-r7.ebuild:
789     Bump PaX for RSBAC to test-17
790 johnm 1.104
791     *hardened-sources-2.6.16-r9 (03 Jul 2006)
792    
793     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
794     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
795     hardened-sources-2.6.16 bump to latest -base.
796 solar 1.103
797     *hardened-sources-2.4.32-r6 (30 Jun 2006)
798    
799     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
800     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
801     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
802     sysctl controlable resource logging
803 johnm 1.102
804     *hardened-sources-2.6.16-r7 (05 Jun 2006)
805    
806     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
807     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
808     push new 2.6.16 release in preparation for stable
809 solar 1.101
810     22 May 2006; <solar@gentoo.org> :
811     - redigest bug 134002
812 kang 1.100
813     *hardened-sources-2.4.32-r5 (16 May 2006)
814    
815     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
816     +hardened-sources-2.4.32-r5.ebuild:
817     Fixes rsbac common patching (new patch in new -r5 patchset)
818 solar 1.99
819     *hardened-sources-2.4.32-r4 (13 May 2006)
820    
821     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
822     +hardened-sources-2.4.32-r4.ebuild:
823     - security bumps
824 johnm 1.98
825     *hardened-sources-2.6.16-r6 (03 May 2006)
826    
827     03 May 2006; John Mylchreest <johnm@gentoo.org>
828     +hardened-sources-2.6.16-r6.ebuild:
829     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
830 johnm 1.97
831     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
832     hardened-sources-2.6.14-r8.ebuild:
833     fix x86_64 build problem, this will delay the digest issue again for a short
834     while but it will sort itself out
835 johnm 1.96
836     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
837     hardened-sources-2.6.14-r8.ebuild:
838     bump hardened patchset
839 antarus 1.94
840     27 Apr 2006; Alec Warner <antarus@gentoo.org>
841     files/digest-hardened-sources-2.4.32-r2,
842     files/digest-hardened-sources-2.4.32-r3,
843     files/digest-hardened-sources-2.6.14-r8, Manifest:
844     Fixing duff SHA256 digests: Bug # 131293
845 johnm 1.93
846 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
847    
848     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
849     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
850     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
851     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
852     cleanup of old uneccessary sources
853    
854 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
855     fix digest
856 johnm 1.92
857     *hardened-sources-2.6.14-r8 (20 Apr 2006)
858    
859     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
860     +hardened-sources-2.6.14-r8.ebuild:
861     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
862 johnm 1.91
863     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
864     Turning on gpg-signing again, and recomitting
865 johnm 1.90
866     *hardened-sources-2.6.16-r4 (20 Apr 2006)
867    
868     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
869     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
870     +hardened-sources-2.6.16-r4.ebuild:
871     Fix numerous security vulns
872 solar 1.89
873     *hardened-sources-2.4.32-r3 (16 Apr 2006)
874    
875     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
876     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
877     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
878     - security bump for bug #112791. Removed old ebuilds
879 johnm 1.88
880     *hardened-sources-2.6.16-r3 (15 Apr 2006)
881    
882     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
883     +hardened-sources-2.6.16-r3.ebuild:
884     Removing silly localversion which I missed
885 johnm 1.87
886     *hardened-sources-2.6.14-r7 (14 Apr 2006)
887    
888     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
889     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
890     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
891 johnm 1.86
892     *hardened-sources-2.6.16-r2 (13 Apr 2006)
893    
894     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
895     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
896     +hardened-sources-2.6.16-r2.ebuild:
897     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
898     labels, dropping USERGROUP define fixes, since these were merged mainstream.
899 johnm 1.85
900     *hardened-sources-2.6.16-r1 (11 Apr 2006)
901    
902     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
903     +hardened-sources-2.6.16-r1.ebuild:
904     Bumping to include ppc build fix and 2.6.16.3
905 tsunam 1.84
906     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
907     hardened-sources-2.6.14-r6.ebuild:
908     Stable on x86; bug #127718
909 johnm 1.83
910     *hardened-sources-2.6.16 (31 Mar 2006)
911    
912     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
913     +hardened-sources-2.6.16.ebuild:
914     Bumping to new version of grsec, and kernel base. New squashfs. Based on
915     2.6.16.1
916 cryos 1.82
917     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
918     hardened-sources-2.6.14-r6.ebuild:
919     Stable on amd64, bug 127718.
920 nixnut 1.81
921     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
922     Stable on ppc. Bug #127718
923 johnm 1.80
924     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
925     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
926     -hardened-sources-2.6.14-r4.ebuild:
927     Cleanup.
928 johnm 1.79
929     *hardened-sources-2.6.14-r6 (15 Mar 2006)
930    
931     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
932     +hardened-sources-2.6.14-r6.ebuild:
933     Fixes grsec policy recreation bug and adds a
934     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
935 solar 1.78
936     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
937     - stable on x86
938 hansmi 1.77
939     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
940     hardened-sources-2.6.14-r5.ebuild:
941     Stable on ppc.
942 johnm 1.76
943     *hardened-sources-2.6.14-r5 (01 Feb 2006)
944    
945     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
946     +hardened-sources-2.6.14-r5.ebuild:
947     fixing every known exploit
948 solar 1.75
949     *hardened-sources-2.4.32-r2 (26 Jan 2006)
950    
951     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
952     +hardened-sources-2.4.32-r2.ebuild:
953     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
954 solar 1.74
955     *hardened-sources-2.6.14-r4 (12 Jan 2006)
956    
957     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
958     - version bump for new genpatches which fix up a few sec holes
959 solar 1.73
960     *hardened-sources-2.4.32-r1 (05 Jan 2006)
961    
962     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
963     - revision bump to add misc vital linux kernel security patches.
964 johnm 1.72
965     *hardened-sources-2.6.14-r3 (30 Dec 2005)
966    
967     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
968     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
969     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
970 johnm 1.71
971     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
972     hardened-sources-2.6.14-r2.ebuild:
973     making x86 & amd64 stable following testing.
974 johnm 1.70
975     *hardened-sources-2.6.14-r2 (27 Dec 2005)
976    
977     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
978     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
979     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
980     network hooks.
981 johnm 1.69
982     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
983     hardened-sources-2.6.14-r1.ebuild:
984     bumping to stable early for sec fix on x86 & amd64
985 johnm 1.68
986     *hardened-sources-2.6.14-r1 (05 Dec 2005)
987    
988     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
989     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
990     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
991 solar 1.67
992     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
993     - stable on x86 security bug #114227 CAN-2005-3257
994 kang 1.66
995     *hardened-sources-2.4.32 (19 Nov 2005)
996    
997     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
998     +hardened-sources-2.4.32.ebuild:
999     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1000     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1001     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1002     rsbac >> /etc/portage/package.use)
1003 johnm 1.65
1004     *hardened-sources-2.6.14 (14 Nov 2005)
1005    
1006     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1007     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1008     Bumping 2.6 series to 2.6.14.2
1009 johnm 1.64
1010     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1011    
1012     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1013     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1014     +hardened-sources-2.6.13-r2.ebuild:
1015     Fixes minor build error in ppc.
1016 johnm 1.63
1017     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1018    
1019     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1020     +hardened-sources-2.6.13-r1.ebuild:
1021     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1022     2.6.13.4, fixes some major amd64 stability problems.
1023 johnm 1.62
1024     *hardened-sources-2.6.13 (16 Sep 2005)
1025    
1026     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1027     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1028     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1029     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1030     users should test this thoroughly.
1031 solar 1.61
1032     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1033     - stable on x86
1034 johnm 1.60
1035     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1036    
1037     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1038     +hardened-sources-2.6.11-r15.ebuild:
1039     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1040     grsec redefining curr_ip struct.
1041 solar 1.59
1042     *hardened-sources-2.4.31 (20 Jun 2005)
1043    
1044     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1045     initial import of 2.4.31 tree
1046 johnm 1.58
1047     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1048    
1049     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1050     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1051     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1052     naming scheme to abide by genpatches
1053 johnm 1.57
1054     *hardened-sources-2.6.11-r13 (18 May 2005)
1055    
1056     18 May 2005; John Mylchreest <johnm@gentoo.org>
1057     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1058     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1059     target. sorry about that. Fixes bug #93022
1060 johnm 1.56
1061     *hardened-sources-2.6.11-r12 (17 May 2005)
1062    
1063     17 May 2005; John Mylchreest <johnm@gentoo.org>
1064     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1065     +hardened-sources-2.6.11-r12.ebuild:
1066     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1067     merges in genpatches-base
1068 johnm 1.55
1069     *hardened-sources-2.6.11-r12 (17 May 2005)
1070    
1071     17 May 2005; John Mylchreest <johnm@gentoo.org>
1072     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1073     +hardened-sources-2.6.11-r12.ebuild:
1074     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1075     merges in genpatches-base
1076 solar 1.54
1077     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1078     -files/2.4.27-cmdline-race.patch,
1079     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1080     -files/2.4.28-grsec-binfmt_a.out.patch,
1081     -files/2.4.28-grsec-cmdline-race.patch,
1082     -files/2.4.28-selinux-binfmt_a.out.patch,
1083     -files/2.4.28-selinux-cmdline-race.patch,
1084     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1085     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1086     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1087     cleanup..
1088 solar 1.53
1089     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1090    
1091     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1092     - disable aout by default
1093 solar 1.52
1094     *hardened-sources-2.4.30 (18 Apr 2005)
1095    
1096     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1097     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1098     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1099     use
1100 tocharian 1.50
1101 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1102    
1103     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1104     +hardened-sources-2.4.29.ebuild:
1105     New hardened-patches-2.4-29.0 patchball.
1106     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1107    
1108     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1109    
1110     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1111     +hardened-sources-2.4.28-r5.ebuild:
1112     Added a fix for a PaX vulnerability.
1113    
1114     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1115 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1116     Stable on x86
1117 solar 1.49
1118     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1119     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1120     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1121     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1122     - fixed/added RDEPEND= in all kernel-2 ebuilds
1123 tocharian 1.48
1124     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1125    
1126     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1127     +hardened-sources-2.4.28-r4.ebuild:
1128     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1129     backport of neighbour hash updates.
1130 tocharian 1.47
1131     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1132     hardened-sources-2.4.28-r3.ebuild:
1133     Stable on x86
1134 tseng 1.46
1135     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1136    
1137     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1138     +hardened-sources-2.6.10-r3.ebuild:
1139     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1140     in 2005.0
1141 tocharian 1.45
1142     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1143     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1144     hardened-sources-2.4.28-r2.ebuild:
1145     Mark stable on x86
1146 tocharian 1.44
1147     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1148    
1149     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1150     +hardened-sources-2.4.28-r3.ebuild:
1151     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1152 tocharian 1.43
1153     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1154     hardened-sources-2.4.28.ebuild:
1155     Mark stable on x86.
1156 tocharian 1.42
1157     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1158    
1159     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1160     +hardened-sources-2.4.28-r2.ebuild:
1161     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1162     Mazinger for grsecurity patches as well.
1163 plasmaroo 1.41
1164     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1165    
1166     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1167     Security bump. Thank tocharian for rolling a new patchset...
1168 solar 1.40
1169     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1170     +files/2.4.28-grsec-cmdline-race.patch,
1171     +files/2.4.28-selinux-binfmt_a.out.patch,
1172     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1173     - Round up remaining security patches that appear to be missing in 2.4.28. -
1174     PaX standalone updated to current. hgpv=28.1
1175 solar 1.39
1176     *hardened-sources-2.4.28 (28 Nov 2004)
1177    
1178     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1179     security bump. Thank tocharian for rolling a new patchset
1180 scox 1.31
1181 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1182    
1183     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1184     +hardened-sources-2.4.27-r3.ebuild:
1185     Applies the new 2.4-27.2 patchball which updates
1186     GRSecurity to the 2.0.1 version.
1187    
1188 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1189    
1190     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1191     +hardened-sources-2.4.27-r2.ebuild:
1192     Version bump.
1193     This version uses the new 2.4-27.1 patchball which updates
1194     both the SELinux PaX hooks patch and the SELinux headers.
1195    
1196 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1197    
1198     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1199     +hardened-sources-2.4.27-r1.ebuild,
1200     -hardened-sources-2.4.27.ebuild,
1201     +files/2.4.27-cmdline-race.patch:
1202     Version bump, fix for cmdline race. See bug #59905.
1203    
1204     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1205    
1206     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1207     +hardened-sources-2.4.26-r6.ebuild,
1208     -hardened-sources-2.4.26-r5.ebuild,
1209     -hardened-sources-2.4.26-r4.ebuild,
1210     +files/2.4.26-cmdline-race.patch:
1211     Version bump, fix for cmdline race. See bug #59905.
1212    
1213 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1214    
1215     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1216     +hardened-sources-2.4.27.ebuild,
1217     +files/2.4.27-CAN-2004-0394.patch:
1218     Ported the patchball to the 2.4.27 kernel version.
1219    
1220 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1221    
1222     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1223     +hardened-sources-2.4.26-r5.ebuild:
1224 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1225 scox 1.34 It adds the following features:
1226     - Squashfs
1227     - Ebtables
1228     - Netdev random (core+drivers)
1229     - Watchdog Timer (WDT) fix.
1230    
1231 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1232    
1233     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1234     +hardened-sources-2.4.26-r4.ebuild,
1235     +files/2.4.26-CAN-2004-0415.patch,
1236     -hardened-sources-2.4.26-3:
1237     Version bump, fix for CAN 0415, see bug #59378.
1238    
1239 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1240    
1241     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1242     +hardened-sources-2.4.26-r3.ebuild,
1243     +files/2.4.26-CAN-2004-0497.patch,
1244     -hardened-sources-2.4.26-r2.ebuild:
1245     Version bump, fixed CAN 0497, see bug #56171.
1246    
1247 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1248    
1249     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1250 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1251 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1252     +files/2.4.26-CAN-2004-0535.patch,
1253     -hardened-sources-2.4.26-r1.ebuild:
1254     Fixes for both CAN 0495 and 0535, see bug #54976
1255 pvdabeel 1.27
1256 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1257     hardened-sources-2.4.26-r1.ebuild:
1258     QA - fix use invocation
1259 scox 1.28
1260     *hardened-sources-2.4.26-r1 (22 June 2004)
1261    
1262     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1263     +hardened-sources-2.4.26-r1.ebuild,
1264     +files/2.4.26-CAN-2004-0394.patch,
1265     +files/2.4.26-signal-race.patch,
1266     -hardened-sources-2.4.26.ebuild,
1267     -hardened-sources-2.4.24-r3.ebuild:
1268     Version bump for the CAN-2004-0394 issue and bug #53804
1269     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1270    
1271    
1272 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1273     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1274     Masked hardened-sources-2.4.26.ebuild broken for ppc
1275    
1276     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1277     hardened-sources-2.4.24-r3.ebuild:
1278     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1279 plasmaroo 1.25
1280 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1281    
1282     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1283     +hardened-sources-2.4.26.ebuild:
1284     Updated hardened-sources for the 2.4.26 kernel
1285     Removed broken components, updated almost everything.
1286    
1287 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1288    
1289     17 Apr 2004; <plasmaroo@gentoo.org>
1290     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1291     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1292     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1293     +hardened-sources-2.4.24-r3.ebuild:
1294     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1295     vulnerabilities. Old revisions removed.
1296 plasmaroo 1.24
1297     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1298    
1299     15 Apr 2004; <plasmaroo@gentoo.org>
1300     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1301     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1302     Version bump for the CAN-2004-0109 issue; bug #47881.
1303 aliz 1.23
1304     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1305     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1306     Add eutils to inherit.
1307 plasmaroo 1.22
1308     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1309    
1310     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1311     files/hardened-sources-2.4.24.munmap.patch:
1312     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1313 scox 1.19
1314 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1315 scox 1.26
1316 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1317     hardened-sources-2.4.24.ebuild:
1318     Version bump, updated most of the components.
1319     This release includes the following:
1320    
1321     - Hardened security
1322     - Netfilter patch-o-matic 20031219
1323     - FreeSWAN 2.04 & x509 1.4.8
1324     - EVMS 2.2.2
1325     - XFS 1.3.1
1326     - cryptoloop jari
1327     - grsecurity 2.0-rc4
1328     - SELinux
1329     - PaX 200402060000
1330     - PaX Obscurity 200308302223
1331     - Others...
1332    
1333     Neither -ck nor systrace are included anymore.
1334    
1335 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1336    
1337     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1338     hardened-sources-2.4.22-r2.ebuild:
1339 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1340 scox 1.19
1341     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1342 iggy 1.17
1343     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1344 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1345 iggy 1.16
1346     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1347 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1348     Version bump for the 'do_brk' vulnerability.
1349 iggy 1.15
1350     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1351     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1352     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1353     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1354 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1355 frogger 1.14
1356     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1357     hardened-sources-2.4.22.ebuild:
1358 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1359     components. These are no longer handled in the kernel
1360     so this code was not necessary.
1361 frogger 1.13
1362     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1363     New 2.4.22 based hardened-sources thanks to
1364     Phil West <p.west@computer.org>.
1365    
1366     These sources include:
1367 plasmaroo 1.18 - New SELinux API
1368     - Updated CK-base
1369     - Updated GRSec
1370     - Systrace
1371     - SuperFreeS/WAN 1.99.8
1372     - Propolice kernel build support
1373     - EVMS
1374     - Other various security related patches
1375 frogger 1.11
1376 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1377    
1378     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1379     Updated hardened-sources based on the 2.4.21 Linux kernel.
1380     This includes updates to most major components such as:
1381 plasmaroo 1.18 - ck-base-0306300059
1382     - selinux-2.4-2003071106
1383     - grsecurity-2.0-rc1
1384     - Updated IPTables patch-o-matic
1385     - Updated SuperFreeS/WAN
1386    
1387 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1388     updated patch set ready for the 2.4.21 based kernel.
1389    
1390 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1391     Initial import of hardened-sources-2.4.20-r4. This revision
1392     includes only a few changes, but one of these is an important
1393     security fix. It is recommended all users of hardened-sources
1394     upgrade to this release.
1395 plasmaroo 1.18
1396 frogger 1.11 - ioperm bug fix
1397     - fixed compilation failure when building without GRSec
1398 plasmaroo 1.18
1399 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1400     due to time constraints, but is planned for inclusion in the near
1401     future.
1402 msterret 1.10
1403     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1404    
1405     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1406     hardened-sources-2.4.20-r3.ebuild:
1407 plasmaroo 1.18 Add Header...
1408 frogger 1.9
1409     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1410     hardened-sources-2.4.20-r3.ebuild:
1411     Removed warnings from ebuild. This kernel should be safe to
1412     use at this point.
1413 frogger 1.8
1414     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1415    
1416     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1417     hardened-sources-2.4.20-r3.ebuild:
1418     New revision. Includes the following changes over -r2:
1419 plasmaroo 1.18
1420 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1421     - Super FreeS/WAN 1.99.7rc2
1422     - PaX for the LSM/SELinux branch
1423     - GRSecurity 2.0-pre4 (role based access control)
1424     - Systrace 1.3
1425     - EXT3 fixes
1426     - EVMS 2.0.1
1427     - GCC 3.1+ compile optimizations
1428     - ProPolice kernel build support
1429     - Hashing table security fixes
1430 frogger 1.3
1431     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1432 frogger 1.7
1433     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1434     Initial import of hardened-sources-r2. This new
1435     ebuild includes many new performance and security
1436     related patches. As in -r1, it will patch in
1437     LSM/SELinux if "selinux" is in USE, otherwise it
1438     will patch in GRSecurity. The following patches
1439     are included in this revision:
1440 plasmaroo 1.18
1441 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1442     (pulled from the base CK patch)
1443     - ptrace exploit patch for the LSM kernel
1444     (the GRSec patch already fixes this)
1445     - LSM 2.4-2003040709
1446     - SELinux 2.4-2003040709
1447     - Systrace v1.2
1448     - IPTables patch-o-matic base patches - 20030107
1449     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1450     - Super FreeS/WAN 1.99.6.1
1451     - GRSecurity 1.9.9g
1452     - MPPE
1453     - EXT3 data journal fix
1454     - CIPE 1.5.4
1455 frogger 1.6
1456     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1457     hardened-sources-2.4.20-r1.ebuild, manifest:
1458 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1459 frogger 1.5
1460     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1461     hardened-sources-2.4.20-r1.ebuild:
1462     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1463     is patched in instead. Ptrace patches for selinux have also been added. In
1464     either case, systrace support will be patched in as well.
1465 frogger 1.3
1466     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1467     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1468 plasmaroo 1.18 Revision bump for new sources.
1469 frogger 1.4
1470 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1471 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1472 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1473 method 1.1
1474 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1475    
1476 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1477     hardened-sources-2.4.20.ebuild:
1478 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20