/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.239 - (hide annotations) (download)
Wed Sep 10 21:25:24 2008 UTC (6 years ago) by gengor
Branch: MAIN
Changes since 1.238: +7 -1 lines
Update DESCRIPTION and HGPV_URI.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.239 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.238 2008/09/09 05:30:04 gengor Exp $
4    
5     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
6     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
7     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
8     hardened-sources-2.6.26-r1.ebuild:
9     Update DESCRIPTION and HGPV_URI.
10 gengor 1.238
11     *hardened-sources-2.6.25-r6 (09 Sep 2008)
12    
13     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
14     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
15     2.6.25-r6: Update to Linux 2.6.25.17.
16     2.6.24-r3: Removed.
17 gengor 1.237
18     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
19     hardened-sources-2.6.25-r5.ebuild:
20     Stable on amd64/x86
21 gengor 1.236
22     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
23     Update my email address.
24 nixnut 1.235
25     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
26     stable on ppc
27 battousai 1.234
28     *hardened-sources-2.6.26-r1 (23 Aug 2008)
29     *hardened-sources-2.6.25-r5 (23 Aug 2008)
30    
31     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
32     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
33     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
34     +hardened-sources-2.6.26-r1.ebuild:
35     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
36     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
37     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
38     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
39     (gengor).
40 solar 1.233
41     *hardened-sources-2.6.26 (18 Aug 2008)
42     *hardened-sources-2.6.25-r4 (18 Aug 2008)
43    
44     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
45     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
46     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
47     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
48     2.6.25-r2: Removed.
49 tove 1.232
50     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
51     Remove phreak from metadata.xml (#96398)
52 solar 1.231
53     *hardened-sources-2.6.25-r3 (31 Jul 2008)
54    
55     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
56     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
57     +hardened-sources-2.6.25-r3.ebuild:
58     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
59     fixes, including security bug #231750.
60 nixnut 1.230
61     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
62     Stable on ppc
63 solar 1.229
64     *hardened-sources-2.6.25-r2 (05 Jul 2008)
65    
66     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
67     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
68     +hardened-sources-2.6.25-r2.ebuild:
69     2.6.23-r4: Stable x86/amd64
70     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
71     2.6.23-r{11,12}: Removed due to multiple vulns.
72     (gengor & kerframil)
73 nixnut 1.228
74     04 Jul 2008; nixnut <nixnut@gentoo.org>
75     hardened-sources-2.6.23-r13.ebuild:
76     Stable on ppc
77 solar 1.227
78     *hardened-sources-2.6.25-r1 (30 Jun 2008)
79    
80     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
81     +hardened-sources-2.6.25-r1.ebuild:
82     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
83     grsecurity release. 2.6.23-r13: x86/amd64 stable
84 solar 1.226
85     *hardened-sources-2.6.25 (17 Jun 2008)
86     *hardened-sources-2.6.24-r3 (17 Jun 2008)
87     *hardened-sources-2.6.23-r13 (17 Jun 2008)
88    
89     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
90     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
91     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
92     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
93     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
94     2.6.25: Initial 2.6.25 release.
95 solar 1.225
96     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
97     - fasttrack to stable x86/amd64
98 swegener 1.224
99     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
100     Fix broken digest for linux-2.6.24.tar.bz2.
101 solar 1.223
102     *hardened-sources-2.6.24-r2 (11 May 2008)
103     *hardened-sources-2.6.23-r12 (11 May 2008)
104    
105     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
106     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
107     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
108     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
109     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
110     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
111     security bugs 219901, 220691, 220975, 220979, 221123. New
112     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
113     should be removed as far as I'm concerned, everything else remove due to
114     vulnerable to numerous security bugs or brokeness.
115 nixnut 1.222
116     10 May 2008; nixnut <nixnut@gentoo.org>
117     hardened-sources-2.6.23-r11.ebuild:
118     Stable on ppc
119 solar 1.221
120     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
121     - -r11 stable on x86/amd64
122 solar 1.220
123     *hardened-sources-2.6.23-r11 (01 May 2008)
124    
125     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
126     - version bump to fix ulgy linux bugs
127 phreak 1.219
128     *hardened-sources-2.6.24-r1 (30 Apr 2008)
129    
130     30 Apr 2008; Christian Heim <phreak@gentoo.org>
131     +hardened-sources-2.6.24-r1.ebuild:
132     Revision bump (thanks to Kerin and Gordon, again), pulling
133     genpatches-2.6.24-7, solving #219089. Additionally contains further security
134     fixes plus some minor updates.
135 phreak 1.218
136     *hardened-sources-2.6.23-r10 (30 Apr 2008)
137    
138     30 Apr 2008; Christian Heim <phreak@gentoo.org>
139     +hardened-sources-2.6.23-r10.ebuild:
140     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
141     Additional contains "various other fixes".
142 phreak 1.217
143     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
144     Update the longdescription in metadata, thanks to Gordon Malm.
145 nixnut 1.216
146     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
147     Stable on ppc wrt bug #213255
148 solar 1.215
149     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
150     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
151     - stable on x86/amd64 per request. Removed obsolete ebuilds
152 phreak 1.214
153     *hardened-sources-2.6.24 (07 Apr 2008)
154    
155     07 Apr 2008; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.24.ebuild:
157     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
158     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
159     for the many contributions and their continued effort in #216612) based on
160     2.6.24 and genpatches-2.6.24-5.
161    
162     The current ebuild/patchset contains these things:
163     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
164     * Introduces bespoke server and workstation oriented security levels
165     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
166 phreak 1.213
167     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
168     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
169     maintaining it).
170 phreak 1.212
171     24 Mar 2008; Christian Heim <phreak@gentoo.org>
172     hardened-sources-2.4.35-r2.ebuild:
173     Fixing SRC_URI for 2.4.35-r2.
174 phreak 1.211
175     *hardened-sources-2.6.23-r9 (22 Mar 2008)
176    
177     22 Mar 2008; Christian Heim <phreak@gentoo.org>
178     +hardened-sources-2.6.23-r9.ebuild:
179     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
180     * Change the default GIDs for some grsecurity options
181     * Revamp the Hardened [Gentoo] security level and make it the default level
182     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
183     * Fix a recursive lock -- call to capable() within ptrace_attach()
184     * Fix bug that allows audit and iscsi operations to be controlled via netlink
185 solar 1.210
186     *hardened-sources-2.6.23-r8 (27 Feb 2008)
187    
188     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
189     - version bump from Kerin Millar bug 210026
190 solar 1.209
191     17 Feb 2008; <solar@gentoo.org> metadata.xml,
192     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
193     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
194     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
195     - stable on x86 and remove old ebuilds
196 solar 1.207
197     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
198 solar 1.208 - stable on amd64 per request of amd64 lead
199 solar 1.206
200     *hardened-sources-2.6.23-r7 (11 Feb 2008)
201    
202     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
203     - version bump from kerin.millar
204     Changes:
205    
206     * Bump to genpatches-base-2.6.23-9
207     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
208     * Disables COMPAT_VDSO in x86/defconfig
209     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
210 phreak 1.205
211     25 Jan 2008; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.22-r8.ebuild:
213     Cleaning up old versions.
214 phreak 1.204
215     *hardened-sources-2.6.23-r6 (25 Jan 2008)
216    
217     25 Jan 2008; Christian Heim <phreak@gentoo.org>
218     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
219     Revision bump, pulling in the latest genpatches.
220 phreak 1.203
221     *hardened-sources-2.6.23-r5 (24 Dec 2007)
222    
223     24 Dec 2007; Christian Heim <phreak@gentoo.org>
224     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
225     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
226     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
227     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
228 phreak 1.202
229     24 Dec 2007; Christian Heim <phreak@gentoo.org>
230     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
231     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
232     -hardened-sources-2.6.23-r3.ebuild:
233     Cleaning out some unused, old versions.
234 phreak 1.201
235     24 Dec 2007; Christian Heim <phreak@gentoo.org>
236     hardened-sources-2.6.23-r4.ebuild:
237     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
238     in the tree for long, but there isn't much of a difference between this and
239     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
240 phreak 1.200
241     *hardened-sources-2.6.23-r4 (23 Dec 2007)
242    
243     23 Dec 2007; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.6.23-r4.ebuild:
245     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
246 phreak 1.199
247     *hardened-sources-2.6.23-r3 (04 Dec 2007)
248    
249     04 Dec 2007; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.23-r3.ebuild:
251     Revision bump, pulling in 2.6.23.9.
252 phreak 1.198
253     *hardened-sources-2.6.23-r2 (25 Nov 2007)
254    
255     25 Nov 2007; Christian Heim <phreak@gentoo.org>
256     +hardened-sources-2.6.23-r2.ebuild:
257     Updated patchset, thanks to solar.
258 phreak 1.197
259     *hardened-sources-2.6.23-r1 (31 Oct 2007)
260    
261     31 Oct 2007; Christian Heim <phreak@gentoo.org>
262     +hardened-sources-2.6.23-r1.ebuild:
263     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
264 solar 1.196
265     29 Oct 2007; <solar@gentoo.org> metadata.xml:
266     - update metadata.xml
267 phreak 1.195
268     25 Oct 2007; Christian Heim <phreak@gentoo.org>
269     hardened-sources-2.6.22-r8.ebuild:
270     Marking 2.6.22-r8 stable on amd64 and x86.
271 phreak 1.194
272     21 Oct 2007; Christian Heim <phreak@gentoo.org>
273     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
274     -hardened-sources-2.6.21-r4.ebuild:
275     Removing old ebuilds.
276 phreak 1.193
277     *hardened-sources-2.4.35-r2 (21 Oct 2007)
278    
279     21 Oct 2007; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.4.35-r2.ebuild:
281     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
282     patches.
283 phreak 1.192
284     *hardened-sources-2.6.22-r8 (21 Oct 2007)
285    
286     21 Oct 2007; Christian Heim <phreak@gentoo.org>
287     +hardened-sources-2.6.22-r8.ebuild:
288     Yet another new patch, hopefully fixing the remaining issues we had w/
289     2.6.22. Candidate for stabling.
290 phreak 1.191
291     *hardened-sources-2.6.23 (13 Oct 2007)
292    
293     13 Oct 2007; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.23.ebuild:
295     Initial hardened-sources-2.6.23. If people still have problems w/ bug
296     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
297 phreak 1.190
298     11 Oct 2007; Christian Heim <phreak@gentoo.org>
299     hardened-sources-2.6.20-r10.ebuild:
300     Pulling in yet another new genpatches version, fixing the PWC bug for real.
301 phreak 1.189
302     04 Oct 2007; Christian Heim <phreak@gentoo.org>
303     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
304     Removing old versions.
305 phreak 1.188
306     *hardened-sources-2.6.22-r7 (01 Oct 2007)
307    
308     01 Oct 2007; Christian Heim <phreak@gentoo.org>
309     +hardened-sources-2.6.22-r7.ebuild:
310     Revision bump, pulling in a newer patch. Should fix #194276.
311 phreak 1.187
312     30 Sep 2007; Christian Heim <phreak@gentoo.org>
313     hardened-sources-2.6.20-r10.ebuild:
314     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
315     Mike Doty).
316 phreak 1.186
317     *hardened-sources-2.6.22-r6 (26 Sep 2007)
318    
319     26 Sep 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.22-r6.ebuild:
321     Revision bump, grabbing up till Linux 2.6.22.9.
322 phreak 1.185
323     24 Sep 2007; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
325     Cleaning up further.
326 phreak 1.184
327     *hardened-sources-2.6.20-r10 (24 Sep 2007)
328    
329     24 Sep 2007; Christian Heim <phreak@gentoo.org>
330     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
331     +hardened-sources-2.6.20-r10.ebuild:
332     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
333     revisions.
334 phreak 1.183
335     *hardened-sources-2.6.22-r5 (22 Sep 2007)
336    
337     22 Sep 2007; Christian Heim <phreak@gentoo.org>
338     +hardened-sources-2.6.22-r5.ebuild:
339     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
340 phreak 1.182
341     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
342     Removing johnm from metadata.xml (see #186467 for reference).
343 phreak 1.181
344     *hardened-sources-2.6.22-r4 (17 Sep 2007)
345    
346     17 Sep 2007; Christian Heim <phreak@gentoo.org>
347     +hardened-sources-2.6.22-r4.ebuild:
348     Revision bump, hopefully fixing all those weird PAX failures.
349 phreak 1.180
350     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
351     Updating the metadata.xml.
352 phreak 1.179
353     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
354     Removing tocharian from metadata due to his retirement (see #71718 for
355     reference).
356 phreak 1.178
357     *hardened-sources-2.6.20-r9 (30 Aug 2007)
358    
359     30 Aug 2007; Christian Heim <phreak@gentoo.org>
360     +hardened-sources-2.6.20-r9.ebuild:
361     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
362 phreak 1.177
363     29 Aug 2007; Christian Heim <phreak@gentoo.org>
364     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
365     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
366     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
367     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
368     -hardened-sources-2.6.22-r2.ebuild:
369     Removing some redundant versions.
370 phreak 1.176
371     *hardened-sources-2.4.35-r1 (29 Aug 2007)
372    
373     29 Aug 2007; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.4.35-r1.ebuild:
375     Revision bump, new grsecurity patch.
376 phreak 1.175
377     *hardened-sources-2.6.20-r8 (26 Aug 2007)
378    
379     26 Aug 2007; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.20-r8.ebuild:
381     Revision bump for Linux 2.6.20.17.
382 phreak 1.174
383     *hardened-sources-2.6.22-r3 (22 Aug 2007)
384    
385     22 Aug 2007; Christian Heim <phreak@gentoo.org>
386     +hardened-sources-2.6.22-r3.ebuild:
387     Revision bump for Linux 2.6.22.4.
388 phreak 1.173
389     16 Aug 2007; Christian Heim <phreak@gentoo.org>
390     hardened-sources-2.6.22-r2.ebuild:
391     Updated patchset, to fix the alignment against 2.6.22.3.
392 phreak 1.172
393     *hardened-sources-2.6.22-r2 (16 Aug 2007)
394    
395     16 Aug 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.6.22-r2.ebuild:
397     Revision bump for Linux 2.6.22.3.
398 phreak 1.171
399     *hardened-sources-2.4.35 (16 Aug 2007)
400    
401     16 Aug 2007; Christian Heim <phreak@gentoo.org>
402     +hardened-sources-2.4.35.ebuild:
403     Version bump, initial version for Linux 2.4.35.
404 phreak 1.170
405     *hardened-sources-2.6.21-r4 (16 Aug 2007)
406    
407     16 Aug 2007; Christian Heim <phreak@gentoo.org>
408     +hardened-sources-2.6.21-r4.ebuild:
409     Revision bump for Linux 2.6.21.6.
410 phreak 1.169
411     *hardened-sources-2.6.20-r7 (16 Aug 2007)
412    
413     16 Aug 2007; Christian Heim <phreak@gentoo.org>
414     +hardened-sources-2.6.20-r7.ebuild:
415     Revision bump for Linux 2.6.20.16.
416 phreak 1.168
417     *hardened-sources-2.6.22-r1 (13 Aug 2007)
418    
419     13 Aug 2007; Christian Heim <phreak@gentoo.org>
420     +hardened-sources-2.6.22-r1.ebuild:
421     Yet another revision bump.
422 phreak 1.167
423     *hardened-sources-2.6.22 (10 Aug 2007)
424    
425     10 Aug 2007; Christian Heim <phreak@gentoo.org>
426     +hardened-sources-2.6.22.ebuild:
427     Initial release for 2.6.22. If you are using hardened-sources on a desktop
428     machine (P4 or newer), be aware you might need to disable
429     CONFIG_PAX_PAGEEXEC.
430 phreak 1.166
431     04 Aug 2007; Christian Heim <phreak@gentoo.org>
432     hardened-sources-2.6.20-r6.ebuild:
433     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
434     2.6.20.15.
435 phreak 1.165
436     10 Jul 2007; Christian Heim <phreak@gentoo.org>
437     hardened-sources-2.6.20-r5.ebuild:
438     Marking hardened-sources-2.6.20-r5 stable on ppc.
439 phreak 1.164
440     10 Jul 2007; Christian Heim <phreak@gentoo.org>
441     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
442     Cleanup.
443 phreak 1.163
444     *hardened-sources-2.6.20-r6 (08 Jul 2007)
445    
446     08 Jul 2007; Christian Heim <phreak@gentoo.org>
447     +hardened-sources-2.6.20-r6.ebuild:
448     Revision bump, grabbing yet another stable release.
449 phreak 1.162
450     17 Jun 2007; Christian Heim <phreak@gentoo.org>
451     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
452     -hardened-sources-2.6.21-r2.ebuild:
453     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
454     alpha stable KEYWORD by mistake.
455 phreak 1.161
456     17 Jun 2007; Christian Heim <phreak@gentoo.org>
457     hardened-sources-2.6.20-r5.ebuild:
458     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
459     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
460 phreak 1.160
461     *hardened-sources-2.6.21-r3 (12 Jun 2007)
462    
463     12 Jun 2007; Christian Heim <phreak@gentoo.org>
464     +hardened-sources-2.6.21-r3.ebuild:
465     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
466     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
467     love.
468 phreak 1.159
469     *hardened-sources-2.6.20-r5 (11 Jun 2007)
470    
471     11 Jun 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.20-r5.ebuild:
473     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
474     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
475     love.
476 pappy 1.158
477     *hardened-sources-2.4.34.5 (11 Jun 2007)
478    
479     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
480     +hardened-sources-2.4.34.5.ebuild:
481     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
482 phreak 1.157
483     30 May 2007; Christian Heim <phreak@gentoo.org>
484     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
485     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
486     stale ebuild(s).
487 phreak 1.156
488     30 May 2007; Christian Heim <phreak@gentoo.org>
489     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
490     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
491     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
492     Doing some cleanups, remove stale ebuilds.
493 phreak 1.155
494     26 May 2007; Christian Heim <phreak@gentoo.org>
495     hardened-sources-2.6.21-r2.ebuild:
496     Fixing the grsecurity patch, had one '};' too much.
497 phreak 1.154
498     *hardened-sources-2.6.21-r2 (26 May 2007)
499    
500     26 May 2007; Christian Heim <phreak@gentoo.org>
501     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
502     +hardened-sources-2.6.21-r2.ebuild:
503     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
504     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
505 phreak 1.153
506     *hardened-sources-2.6.20-r4 (26 May 2007)
507    
508     26 May 2007; Christian Heim <phreak@gentoo.org>
509     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
510     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
511 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
512 phreak 1.152
513     15 May 2007; Christian Heim <phreak@gentoo.org>
514     hardened-sources-2.6.20-r3.ebuild:
515     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
516     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
517     grsecurity patch fail in that exact same hunk.
518 phreak 1.151
519     *hardened-sources-2.6.20-r3 (15 May 2007)
520    
521     15 May 2007; Christian Heim <phreak@gentoo.org>
522     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
523     Revision bump, incorporating Linux 2.6.20.11.
524    
525     *hardened-sources-2.6.21-r1 (11 May 2007)
526    
527     11 May 2007; Christian Heim <phreak@gentoo.org>
528     +hardened-sources-2.6.21-r1.ebuild:
529     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
530     mentioned in #177234.
531 kevquinn 1.150
532     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
533     files/digest-hardened-sources-2.6.21, Manifest:
534     Fix Manifest/digest for linux-2.6.21.tar.bz2
535 phreak 1.149
536     06 May 2007; Christian Heim <phreak@gentoo.org>
537     hardened-sources-2.6.21.ebuild:
538     Bumping the hardened-patches version, needed for the fix for #177234.
539 phreak 1.148
540     *hardened-sources-2.6.21 (02 May 2007)
541    
542     02 May 2007; Christian Heim <phreak@gentoo.org>
543     +hardened-sources-2.6.21.ebuild:
544     Version bump, Linux 2.6.21-hardened.
545 phreak 1.147
546     29 Apr 2007; Christian Heim <phreak@gentoo.org>
547     hardened-sources-2.6.20-r2.ebuild:
548     Adding ~ia64 on Ned's request.
549 phreak 1.146
550     29 Apr 2007; Christian Heim <phreak@gentoo.org>
551     hardened-sources-2.6.20-r2.ebuild:
552     Fixing the included grsecurity patch, wasn't alligning due to the Index:
553     header line(s).
554 phreak 1.145
555     29 Apr 2007; Christian Heim <phreak@gentoo.org>
556     hardened-sources-2.6.20-r2.ebuild:
557     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
558 armin76 1.144
559     *hardened-sources-2.6.20-r2 (10 Apr 2007)
560    
561     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
562     +hardened-sources-2.6.20-r2.ebuild:
563     Version bump, on behalf of phreak
564 phreak 1.143
565     *hardened-sources-2.6.20-r1 (04 Apr 2007)
566    
567     04 Apr 2007; Christian Heim <phreak@gentoo.org>
568     +hardened-sources-2.6.20-r1.ebuild:
569     Revision bump, grabbing a newer grsecurity snapshot.
570 phreak 1.142
571     *hardened-sources-2.6.20 (25 Mar 2007)
572    
573     25 Mar 2007; Christian Heim <phreak@gentoo.org>
574     +hardened-sources-2.6.20.ebuild:
575     Finally a hardened-sources version for 2.6.20; many people have been waiting
576     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
577     testbox.
578 chainsaw 1.141
579     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
580     hardened-sources-2.6.18-r6.ebuild:
581     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
582 phreak 1.140
583     *hardened-sources-2.6.18-r6 (16 Mar 2007)
584    
585     16 Mar 2007; Christian Heim <phreak@gentoo.org>
586     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
587     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
588     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
589     supposed to be.
590 phreak 1.139
591     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
592     Fixing the Manifest, the previous one was broken (as in still had the
593     deleted ebuild in it).
594 phreak 1.138
595     06 Mar 2007; Christian Heim <phreak@gentoo.org>
596     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
597     +hardened-sources-2.6.18-r5.ebuild:
598     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
599     Linux 2.6.18.8. Also cleaning up the older version.
600    
601     *hardened-sources-2.6.18-r5 (06 Mar 2007)
602    
603     06 Mar 2007; Christian Heim <phreak@gentoo.org>
604     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
605     +hardened-sources-2.6.18-r5.ebuild:
606     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
607     Linux 2.6.18.8. Also cleaning up the older version.
608 phreak 1.137
609     24 Feb 2007; Christian Heim <phreak@gentoo.org>
610     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
611     -hardened-sources-2.6.19-r5.ebuild:
612     Removing some of the old version, that didn't work.
613 phreak 1.136
614     *hardened-sources-2.6.19-r6 (12 Feb 2007)
615    
616     12 Feb 2007; Christian Heim <phreak@gentoo.org>
617     +hardened-sources-2.6.19-r6.ebuild:
618     Revision bump, including a new grsec version fixing #166235.
619 pappy 1.134
620     *hardened-sources-2.4.34 (24 Jan 2007)
621    
622     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
623 pappy 1.135 Manifest:
624     updating Manifest with checksums of new tarball and ebuild
625    
626     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
627 pappy 1.134 +hardened-sources-2.4.34.ebuild:
628     I added new hardened sources 2.4 update, this is a critical path
629     security bugfix - all users of h-s are strongly advised
630     to update their existing hardened sources to this version.
631     It contains a fix for a kernel vulnerability that is pertaining
632     to the PaX changes to virtual memory management, possibly leading
633     to a local kernel exploit ... see grsecurity.net forums and homepage
634 phreak 1.133
635     23 Jan 2007; Christian Heim <phreak@gentoo.org>
636     files/digest-hardened-sources-2.6.19-r5, Manifest:
637     Fixing the patch-tarball digest.
638 phreak 1.132
639     *hardened-sources-2.6.19-r5 (23 Jan 2007)
640    
641     23 Jan 2007; Christian Heim <phreak@gentoo.org>
642     +hardened-sources-2.6.19-r5.ebuild:
643     Revision bump, closing the recently discovered PaX expand_stack()
644     vulnerability.
645 phreak 1.131
646     *hardened-sources-2.6.19-r4 (14 Jan 2007)
647    
648     14 Jan 2007; Christian Heim <phreak@gentoo.org>
649     +hardened-sources-2.6.19-r4.ebuild:
650     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
651     dropping the randomized PID feature.
652 opfer 1.130
653     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
654     hardened-sources-2.4.33.4.ebuild:
655     stable x86, bug #161171
656 phreak 1.129
657     *hardened-sources-2.6.19-r3 (27 Dec 2006)
658    
659     27 Dec 2006; Christian Heim <phreak@gentoo.org>
660     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
661     Revision bump for bug #157186 and #158786.
662 phreak 1.128
663     *hardened-sources-2.6.18-r4 (27 Dec 2006)
664    
665     27 Dec 2006; Christian Heim <phreak@gentoo.org>
666     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
667     Revision bump for bug #157186.
668 phreak 1.127
669     *hardened-sources-2.6.19-r2 (23 Dec 2006)
670    
671     23 Dec 2006; Christian Heim <phreak@gentoo.org>
672     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
673     Revision bump to pull in genpatches-2.6.19-3 for #157186.
674 phreak 1.126
675     17 Dec 2006; Christian Heim <phreak@gentoo.org>
676     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
677     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
678     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
679     hardened-sources-2.6.19-r1.ebuild:
680     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
681     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
682 pappy 1.125
683     *hardened-sources-2.4.33.4 (17 Dec 2006)
684    
685     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
686     +hardened-sources-2.4.33.4.ebuild:
687     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
688     and quilting
689 phreak 1.124
690     *hardened-sources-2.6.19-r1 (14 Dec 2006)
691    
692     14 Dec 2006; Christian Heim <phreak@gentoo.org>
693     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
694     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
695     for reporting).
696 phreak 1.123
697     *hardened-sources-2.6.19 (13 Dec 2006)
698    
699     13 Dec 2006; Christian Heim <phreak@gentoo.org>
700     +hardened-sources-2.6.19.ebuild:
701     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
702     Brad for providing that prompt update.
703 phreak 1.122
704     *hardened-sources-2.6.18-r3 (13 Dec 2006)
705    
706     13 Dec 2006; Christian Heim <phreak@gentoo.org>
707     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
708     +hardened-sources-2.6.18-r3.ebuild:
709     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
710     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
711 phreak 1.121
712     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
713     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
714 nixnut 1.120
715     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
716     Stable on ppc wrt bug 157356
717 opfer 1.119
718     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
719     hardened-sources-2.6.18.ebuild:
720     stable x86, bug #157356
721 phreak 1.118
722     *hardened-sources-2.6.18-r2 (06 Dec 2006)
723    
724     06 Dec 2006; Christian Heim <phreak@gentoo.org>
725     +hardened-sources-2.6.18-r2.ebuild:
726     Revision bump, including 2.6.18.5 (via genpatches) and
727     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
728     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
729     redesign.
730 phreak 1.117
731     06 Dec 2006; Christian Heim <phreak@gentoo.org>
732     hardened-sources-2.6.18.ebuild:
733     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
734     of Mike Doty).
735 phreak 1.116
736     *hardened-sources-2.6.18-r1 (23 Nov 2006)
737    
738     23 Nov 2006; Christian Heim <phreak@gentoo.org>
739     +hardened-sources-2.6.18-r1.ebuild:
740     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
741 phreak 1.115
742     *hardened-sources-2.6.18 (11 Nov 2006)
743    
744     11 Nov 2006; Christian Heim <phreak@gentoo.org>
745     +hardened-sources-2.6.18.ebuild:
746     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
747 solar 1.114
748     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
749     - mark amd64 stable also. bug #151877
750 solar 1.113
751     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
752     - mark 2.6.17-r1 stable
753 phreak 1.112
754     27 Aug 2006; Christian Heim <phreak@gentoo.org>
755     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
756     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
757 phreak 1.111
758     *hardened-sources-2.6.17-r1 (26 Aug 2006)
759    
760     26 Aug 2006; Christian Heim <phreak@gentoo.org>
761     +hardened-sources-2.6.17-r1.ebuild:
762     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
763     grsecurity patch.
764 phreak 1.110
765     *hardened-sources-2.6.17 (17 Aug 2006)
766    
767     17 Aug 2006; Christian Heim <phreak@gentoo.org>
768     +hardened-sources-2.6.17.ebuild:
769     Bumping the hardened-sources-2.6 series to 2.6.17, using
770     genpatches-2.6.17-6.base.
771 solar 1.109
772     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
773     - stable on x86 and amd64
774 solar 1.108
775     *hardened-sources-2.6.16-r11 (15 Jul 2006)
776    
777     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
778     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
779     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
780     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
781     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
782     crusty ebuilds
783 johnm 1.107
784     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
785     hardened-sources-2.6.16-r10.ebuild:
786     marking stable on x86 and amd64
787 solar 1.106
788     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
789     - 2.4.32-r6 stable on x86. RSBAC state unknown
790 kang 1.105
791     *hardened-sources-2.4.32-r7 (10 Jul 2006)
792    
793     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
794     +hardened-sources-2.4.32-r7.ebuild:
795     Bump PaX for RSBAC to test-17
796 johnm 1.104
797     *hardened-sources-2.6.16-r9 (03 Jul 2006)
798    
799     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
800     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
801     hardened-sources-2.6.16 bump to latest -base.
802 solar 1.103
803     *hardened-sources-2.4.32-r6 (30 Jun 2006)
804    
805     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
806     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
807     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
808     sysctl controlable resource logging
809 johnm 1.102
810     *hardened-sources-2.6.16-r7 (05 Jun 2006)
811    
812     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
813     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
814     push new 2.6.16 release in preparation for stable
815 solar 1.101
816     22 May 2006; <solar@gentoo.org> :
817     - redigest bug 134002
818 kang 1.100
819     *hardened-sources-2.4.32-r5 (16 May 2006)
820    
821     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
822     +hardened-sources-2.4.32-r5.ebuild:
823     Fixes rsbac common patching (new patch in new -r5 patchset)
824 solar 1.99
825     *hardened-sources-2.4.32-r4 (13 May 2006)
826    
827     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
828     +hardened-sources-2.4.32-r4.ebuild:
829     - security bumps
830 johnm 1.98
831     *hardened-sources-2.6.16-r6 (03 May 2006)
832    
833     03 May 2006; John Mylchreest <johnm@gentoo.org>
834     +hardened-sources-2.6.16-r6.ebuild:
835     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
836 johnm 1.97
837     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
838     hardened-sources-2.6.14-r8.ebuild:
839     fix x86_64 build problem, this will delay the digest issue again for a short
840     while but it will sort itself out
841 johnm 1.96
842     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
843     hardened-sources-2.6.14-r8.ebuild:
844     bump hardened patchset
845 antarus 1.94
846     27 Apr 2006; Alec Warner <antarus@gentoo.org>
847     files/digest-hardened-sources-2.4.32-r2,
848     files/digest-hardened-sources-2.4.32-r3,
849     files/digest-hardened-sources-2.6.14-r8, Manifest:
850     Fixing duff SHA256 digests: Bug # 131293
851 johnm 1.93
852 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
853    
854     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
855     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
856     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
857     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
858     cleanup of old uneccessary sources
859    
860 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
861     fix digest
862 johnm 1.92
863     *hardened-sources-2.6.14-r8 (20 Apr 2006)
864    
865     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
866     +hardened-sources-2.6.14-r8.ebuild:
867     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
868 johnm 1.91
869     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
870     Turning on gpg-signing again, and recomitting
871 johnm 1.90
872     *hardened-sources-2.6.16-r4 (20 Apr 2006)
873    
874     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
875     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
876     +hardened-sources-2.6.16-r4.ebuild:
877     Fix numerous security vulns
878 solar 1.89
879     *hardened-sources-2.4.32-r3 (16 Apr 2006)
880    
881     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
882     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
883     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
884     - security bump for bug #112791. Removed old ebuilds
885 johnm 1.88
886     *hardened-sources-2.6.16-r3 (15 Apr 2006)
887    
888     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
889     +hardened-sources-2.6.16-r3.ebuild:
890     Removing silly localversion which I missed
891 johnm 1.87
892     *hardened-sources-2.6.14-r7 (14 Apr 2006)
893    
894     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
895     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
896     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
897 johnm 1.86
898     *hardened-sources-2.6.16-r2 (13 Apr 2006)
899    
900     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
901     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
902     +hardened-sources-2.6.16-r2.ebuild:
903     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
904     labels, dropping USERGROUP define fixes, since these were merged mainstream.
905 johnm 1.85
906     *hardened-sources-2.6.16-r1 (11 Apr 2006)
907    
908     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
909     +hardened-sources-2.6.16-r1.ebuild:
910     Bumping to include ppc build fix and 2.6.16.3
911 tsunam 1.84
912     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
913     hardened-sources-2.6.14-r6.ebuild:
914     Stable on x86; bug #127718
915 johnm 1.83
916     *hardened-sources-2.6.16 (31 Mar 2006)
917    
918     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
919     +hardened-sources-2.6.16.ebuild:
920     Bumping to new version of grsec, and kernel base. New squashfs. Based on
921     2.6.16.1
922 cryos 1.82
923     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
924     hardened-sources-2.6.14-r6.ebuild:
925     Stable on amd64, bug 127718.
926 nixnut 1.81
927     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
928     Stable on ppc. Bug #127718
929 johnm 1.80
930     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
931     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
932     -hardened-sources-2.6.14-r4.ebuild:
933     Cleanup.
934 johnm 1.79
935     *hardened-sources-2.6.14-r6 (15 Mar 2006)
936    
937     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
938     +hardened-sources-2.6.14-r6.ebuild:
939     Fixes grsec policy recreation bug and adds a
940     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
941 solar 1.78
942     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
943     - stable on x86
944 hansmi 1.77
945     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
946     hardened-sources-2.6.14-r5.ebuild:
947     Stable on ppc.
948 johnm 1.76
949     *hardened-sources-2.6.14-r5 (01 Feb 2006)
950    
951     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
952     +hardened-sources-2.6.14-r5.ebuild:
953     fixing every known exploit
954 solar 1.75
955     *hardened-sources-2.4.32-r2 (26 Jan 2006)
956    
957     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
958     +hardened-sources-2.4.32-r2.ebuild:
959     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
960 solar 1.74
961     *hardened-sources-2.6.14-r4 (12 Jan 2006)
962    
963     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
964     - version bump for new genpatches which fix up a few sec holes
965 solar 1.73
966     *hardened-sources-2.4.32-r1 (05 Jan 2006)
967    
968     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
969     - revision bump to add misc vital linux kernel security patches.
970 johnm 1.72
971     *hardened-sources-2.6.14-r3 (30 Dec 2005)
972    
973     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
974     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
975     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
976 johnm 1.71
977     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
978     hardened-sources-2.6.14-r2.ebuild:
979     making x86 & amd64 stable following testing.
980 johnm 1.70
981     *hardened-sources-2.6.14-r2 (27 Dec 2005)
982    
983     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
984     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
985     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
986     network hooks.
987 johnm 1.69
988     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
989     hardened-sources-2.6.14-r1.ebuild:
990     bumping to stable early for sec fix on x86 & amd64
991 johnm 1.68
992     *hardened-sources-2.6.14-r1 (05 Dec 2005)
993    
994     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
995     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
996     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
997 solar 1.67
998     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
999     - stable on x86 security bug #114227 CAN-2005-3257
1000 kang 1.66
1001     *hardened-sources-2.4.32 (19 Nov 2005)
1002    
1003     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1004     +hardened-sources-2.4.32.ebuild:
1005     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1006     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1007     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1008     rsbac >> /etc/portage/package.use)
1009 johnm 1.65
1010     *hardened-sources-2.6.14 (14 Nov 2005)
1011    
1012     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1013     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1014     Bumping 2.6 series to 2.6.14.2
1015 johnm 1.64
1016     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1017    
1018     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1019     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1020     +hardened-sources-2.6.13-r2.ebuild:
1021     Fixes minor build error in ppc.
1022 johnm 1.63
1023     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1024    
1025     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1026     +hardened-sources-2.6.13-r1.ebuild:
1027     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1028     2.6.13.4, fixes some major amd64 stability problems.
1029 johnm 1.62
1030     *hardened-sources-2.6.13 (16 Sep 2005)
1031    
1032     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1033     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1034     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1035     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1036     users should test this thoroughly.
1037 solar 1.61
1038     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1039     - stable on x86
1040 johnm 1.60
1041     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1042    
1043     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1044     +hardened-sources-2.6.11-r15.ebuild:
1045     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1046     grsec redefining curr_ip struct.
1047 solar 1.59
1048     *hardened-sources-2.4.31 (20 Jun 2005)
1049    
1050     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1051     initial import of 2.4.31 tree
1052 johnm 1.58
1053     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1054    
1055     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1056     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1057     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1058     naming scheme to abide by genpatches
1059 johnm 1.57
1060     *hardened-sources-2.6.11-r13 (18 May 2005)
1061    
1062     18 May 2005; John Mylchreest <johnm@gentoo.org>
1063     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1064     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1065     target. sorry about that. Fixes bug #93022
1066 johnm 1.56
1067     *hardened-sources-2.6.11-r12 (17 May 2005)
1068    
1069     17 May 2005; John Mylchreest <johnm@gentoo.org>
1070     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1071     +hardened-sources-2.6.11-r12.ebuild:
1072     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1073     merges in genpatches-base
1074 johnm 1.55
1075     *hardened-sources-2.6.11-r12 (17 May 2005)
1076    
1077     17 May 2005; John Mylchreest <johnm@gentoo.org>
1078     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1079     +hardened-sources-2.6.11-r12.ebuild:
1080     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1081     merges in genpatches-base
1082 solar 1.54
1083     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1084     -files/2.4.27-cmdline-race.patch,
1085     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1086     -files/2.4.28-grsec-binfmt_a.out.patch,
1087     -files/2.4.28-grsec-cmdline-race.patch,
1088     -files/2.4.28-selinux-binfmt_a.out.patch,
1089     -files/2.4.28-selinux-cmdline-race.patch,
1090     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1091     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1092     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1093     cleanup..
1094 solar 1.53
1095     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1096    
1097     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1098     - disable aout by default
1099 solar 1.52
1100     *hardened-sources-2.4.30 (18 Apr 2005)
1101    
1102     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1103     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1104     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1105     use
1106 tocharian 1.50
1107 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1108    
1109     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1110     +hardened-sources-2.4.29.ebuild:
1111     New hardened-patches-2.4-29.0 patchball.
1112     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1113    
1114     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1115    
1116     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1117     +hardened-sources-2.4.28-r5.ebuild:
1118     Added a fix for a PaX vulnerability.
1119    
1120     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1121 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1122     Stable on x86
1123 solar 1.49
1124     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1125     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1126     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1127     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1128     - fixed/added RDEPEND= in all kernel-2 ebuilds
1129 tocharian 1.48
1130     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1131    
1132     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1133     +hardened-sources-2.4.28-r4.ebuild:
1134     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1135     backport of neighbour hash updates.
1136 tocharian 1.47
1137     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1138     hardened-sources-2.4.28-r3.ebuild:
1139     Stable on x86
1140 tseng 1.46
1141     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1142    
1143     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1144     +hardened-sources-2.6.10-r3.ebuild:
1145     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1146     in 2005.0
1147 tocharian 1.45
1148     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1149     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1150     hardened-sources-2.4.28-r2.ebuild:
1151     Mark stable on x86
1152 tocharian 1.44
1153     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1154    
1155     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1156     +hardened-sources-2.4.28-r3.ebuild:
1157     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1158 tocharian 1.43
1159     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1160     hardened-sources-2.4.28.ebuild:
1161     Mark stable on x86.
1162 tocharian 1.42
1163     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1164    
1165     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1166     +hardened-sources-2.4.28-r2.ebuild:
1167     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1168     Mazinger for grsecurity patches as well.
1169 plasmaroo 1.41
1170     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1171    
1172     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1173     Security bump. Thank tocharian for rolling a new patchset...
1174 solar 1.40
1175     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1176     +files/2.4.28-grsec-cmdline-race.patch,
1177     +files/2.4.28-selinux-binfmt_a.out.patch,
1178     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1179     - Round up remaining security patches that appear to be missing in 2.4.28. -
1180     PaX standalone updated to current. hgpv=28.1
1181 solar 1.39
1182     *hardened-sources-2.4.28 (28 Nov 2004)
1183    
1184     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1185     security bump. Thank tocharian for rolling a new patchset
1186 scox 1.31
1187 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1188    
1189     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1190     +hardened-sources-2.4.27-r3.ebuild:
1191     Applies the new 2.4-27.2 patchball which updates
1192     GRSecurity to the 2.0.1 version.
1193    
1194 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1195    
1196     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1197     +hardened-sources-2.4.27-r2.ebuild:
1198     Version bump.
1199     This version uses the new 2.4-27.1 patchball which updates
1200     both the SELinux PaX hooks patch and the SELinux headers.
1201    
1202 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1203    
1204     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1205     +hardened-sources-2.4.27-r1.ebuild,
1206     -hardened-sources-2.4.27.ebuild,
1207     +files/2.4.27-cmdline-race.patch:
1208     Version bump, fix for cmdline race. See bug #59905.
1209    
1210     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1211    
1212     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1213     +hardened-sources-2.4.26-r6.ebuild,
1214     -hardened-sources-2.4.26-r5.ebuild,
1215     -hardened-sources-2.4.26-r4.ebuild,
1216     +files/2.4.26-cmdline-race.patch:
1217     Version bump, fix for cmdline race. See bug #59905.
1218    
1219 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1220    
1221     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1222     +hardened-sources-2.4.27.ebuild,
1223     +files/2.4.27-CAN-2004-0394.patch:
1224     Ported the patchball to the 2.4.27 kernel version.
1225    
1226 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1227    
1228     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1229     +hardened-sources-2.4.26-r5.ebuild:
1230 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1231 scox 1.34 It adds the following features:
1232     - Squashfs
1233     - Ebtables
1234     - Netdev random (core+drivers)
1235     - Watchdog Timer (WDT) fix.
1236    
1237 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1238    
1239     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1240     +hardened-sources-2.4.26-r4.ebuild,
1241     +files/2.4.26-CAN-2004-0415.patch,
1242     -hardened-sources-2.4.26-3:
1243     Version bump, fix for CAN 0415, see bug #59378.
1244    
1245 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1246    
1247     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1248     +hardened-sources-2.4.26-r3.ebuild,
1249     +files/2.4.26-CAN-2004-0497.patch,
1250     -hardened-sources-2.4.26-r2.ebuild:
1251     Version bump, fixed CAN 0497, see bug #56171.
1252    
1253 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1254    
1255     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1256 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1257 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1258     +files/2.4.26-CAN-2004-0535.patch,
1259     -hardened-sources-2.4.26-r1.ebuild:
1260     Fixes for both CAN 0495 and 0535, see bug #54976
1261 pvdabeel 1.27
1262 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1263     hardened-sources-2.4.26-r1.ebuild:
1264     QA - fix use invocation
1265 scox 1.28
1266     *hardened-sources-2.4.26-r1 (22 June 2004)
1267    
1268     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1269     +hardened-sources-2.4.26-r1.ebuild,
1270     +files/2.4.26-CAN-2004-0394.patch,
1271     +files/2.4.26-signal-race.patch,
1272     -hardened-sources-2.4.26.ebuild,
1273     -hardened-sources-2.4.24-r3.ebuild:
1274     Version bump for the CAN-2004-0394 issue and bug #53804
1275     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1276    
1277    
1278 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1279     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1280     Masked hardened-sources-2.4.26.ebuild broken for ppc
1281    
1282     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1283     hardened-sources-2.4.24-r3.ebuild:
1284     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1285 plasmaroo 1.25
1286 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1287    
1288     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1289     +hardened-sources-2.4.26.ebuild:
1290     Updated hardened-sources for the 2.4.26 kernel
1291     Removed broken components, updated almost everything.
1292    
1293 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1294    
1295     17 Apr 2004; <plasmaroo@gentoo.org>
1296     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1297     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1298     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1299     +hardened-sources-2.4.24-r3.ebuild:
1300     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1301     vulnerabilities. Old revisions removed.
1302 plasmaroo 1.24
1303     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1304    
1305     15 Apr 2004; <plasmaroo@gentoo.org>
1306     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1307     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1308     Version bump for the CAN-2004-0109 issue; bug #47881.
1309 aliz 1.23
1310     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1311     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1312     Add eutils to inherit.
1313 plasmaroo 1.22
1314     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1315    
1316     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1317     files/hardened-sources-2.4.24.munmap.patch:
1318     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1319 scox 1.19
1320 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1321 scox 1.26
1322 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1323     hardened-sources-2.4.24.ebuild:
1324     Version bump, updated most of the components.
1325     This release includes the following:
1326    
1327     - Hardened security
1328     - Netfilter patch-o-matic 20031219
1329     - FreeSWAN 2.04 & x509 1.4.8
1330     - EVMS 2.2.2
1331     - XFS 1.3.1
1332     - cryptoloop jari
1333     - grsecurity 2.0-rc4
1334     - SELinux
1335     - PaX 200402060000
1336     - PaX Obscurity 200308302223
1337     - Others...
1338    
1339     Neither -ck nor systrace are included anymore.
1340    
1341 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1342    
1343     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1344     hardened-sources-2.4.22-r2.ebuild:
1345 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1346 scox 1.19
1347     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1348 iggy 1.17
1349     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1350 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1351 iggy 1.16
1352     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1353 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1354     Version bump for the 'do_brk' vulnerability.
1355 iggy 1.15
1356     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1357     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1358     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1359     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1360 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1361 frogger 1.14
1362     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1363     hardened-sources-2.4.22.ebuild:
1364 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1365     components. These are no longer handled in the kernel
1366     so this code was not necessary.
1367 frogger 1.13
1368     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1369     New 2.4.22 based hardened-sources thanks to
1370     Phil West <p.west@computer.org>.
1371    
1372     These sources include:
1373 plasmaroo 1.18 - New SELinux API
1374     - Updated CK-base
1375     - Updated GRSec
1376     - Systrace
1377     - SuperFreeS/WAN 1.99.8
1378     - Propolice kernel build support
1379     - EVMS
1380     - Other various security related patches
1381 frogger 1.11
1382 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1383    
1384     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1385     Updated hardened-sources based on the 2.4.21 Linux kernel.
1386     This includes updates to most major components such as:
1387 plasmaroo 1.18 - ck-base-0306300059
1388     - selinux-2.4-2003071106
1389     - grsecurity-2.0-rc1
1390     - Updated IPTables patch-o-matic
1391     - Updated SuperFreeS/WAN
1392    
1393 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1394     updated patch set ready for the 2.4.21 based kernel.
1395    
1396 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1397     Initial import of hardened-sources-2.4.20-r4. This revision
1398     includes only a few changes, but one of these is an important
1399     security fix. It is recommended all users of hardened-sources
1400     upgrade to this release.
1401 plasmaroo 1.18
1402 frogger 1.11 - ioperm bug fix
1403     - fixed compilation failure when building without GRSec
1404 plasmaroo 1.18
1405 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1406     due to time constraints, but is planned for inclusion in the near
1407     future.
1408 msterret 1.10
1409     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1410    
1411     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1412     hardened-sources-2.4.20-r3.ebuild:
1413 plasmaroo 1.18 Add Header...
1414 frogger 1.9
1415     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1416     hardened-sources-2.4.20-r3.ebuild:
1417     Removed warnings from ebuild. This kernel should be safe to
1418     use at this point.
1419 frogger 1.8
1420     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1421    
1422     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1423     hardened-sources-2.4.20-r3.ebuild:
1424     New revision. Includes the following changes over -r2:
1425 plasmaroo 1.18
1426 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1427     - Super FreeS/WAN 1.99.7rc2
1428     - PaX for the LSM/SELinux branch
1429     - GRSecurity 2.0-pre4 (role based access control)
1430     - Systrace 1.3
1431     - EXT3 fixes
1432     - EVMS 2.0.1
1433     - GCC 3.1+ compile optimizations
1434     - ProPolice kernel build support
1435     - Hashing table security fixes
1436 frogger 1.3
1437     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1438 frogger 1.7
1439     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1440     Initial import of hardened-sources-r2. This new
1441     ebuild includes many new performance and security
1442     related patches. As in -r1, it will patch in
1443     LSM/SELinux if "selinux" is in USE, otherwise it
1444     will patch in GRSecurity. The following patches
1445     are included in this revision:
1446 plasmaroo 1.18
1447 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1448     (pulled from the base CK patch)
1449     - ptrace exploit patch for the LSM kernel
1450     (the GRSec patch already fixes this)
1451     - LSM 2.4-2003040709
1452     - SELinux 2.4-2003040709
1453     - Systrace v1.2
1454     - IPTables patch-o-matic base patches - 20030107
1455     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1456     - Super FreeS/WAN 1.99.6.1
1457     - GRSecurity 1.9.9g
1458     - MPPE
1459     - EXT3 data journal fix
1460     - CIPE 1.5.4
1461 frogger 1.6
1462     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1463     hardened-sources-2.4.20-r1.ebuild, manifest:
1464 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1465 frogger 1.5
1466     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1467     hardened-sources-2.4.20-r1.ebuild:
1468     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1469     is patched in instead. Ptrace patches for selinux have also been added. In
1470     either case, systrace support will be patched in as well.
1471 frogger 1.3
1472     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1473     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1474 plasmaroo 1.18 Revision bump for new sources.
1475 frogger 1.4
1476 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1477 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1478 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1479 method 1.1
1480 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1481    
1482 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1483     hardened-sources-2.4.20.ebuild:
1484 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20