/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.243 - (hide annotations) (download)
Sat Sep 20 16:11:28 2008 UTC (5 years, 9 months ago) by nixnut
Branch: MAIN
Changes since 1.242: +4 -1 lines
Stable on ppc
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.243 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.242 2008/09/17 02:02:13 gengor Exp $
4    
5     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
6     Stable on ppc
7 gengor 1.242
8     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
9     hardened-sources-2.6.25-r7.ebuild:
10     Stable amd64/x86.
11 gengor 1.241
12     *hardened-sources-2.6.26-r2 (13 Sep 2008)
13    
14     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
15     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
16     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
17     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
18 gengor 1.240
19     *hardened-sources-2.6.25-r7 (13 Sep 2008)
20    
21     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
22     +hardened-sources-2.6.25-r7.ebuild:
23     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
24 gengor 1.239
25     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
26     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
27     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
28     hardened-sources-2.6.26-r1.ebuild:
29     Update DESCRIPTION and HGPV_URI.
30 gengor 1.238
31     *hardened-sources-2.6.25-r6 (09 Sep 2008)
32    
33     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
34     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
35     2.6.25-r6: Update to Linux 2.6.25.17.
36     2.6.24-r3: Removed.
37 gengor 1.237
38     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
39     hardened-sources-2.6.25-r5.ebuild:
40     Stable on amd64/x86
41 gengor 1.236
42     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
43     Update my email address.
44 nixnut 1.235
45     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
46     stable on ppc
47 battousai 1.234
48     *hardened-sources-2.6.26-r1 (23 Aug 2008)
49     *hardened-sources-2.6.25-r5 (23 Aug 2008)
50    
51     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
52     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
53     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
54     +hardened-sources-2.6.26-r1.ebuild:
55     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
56     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
57     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
58     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
59     (gengor).
60 solar 1.233
61     *hardened-sources-2.6.26 (18 Aug 2008)
62     *hardened-sources-2.6.25-r4 (18 Aug 2008)
63    
64     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
65     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
66     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
67     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
68     2.6.25-r2: Removed.
69 tove 1.232
70     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
71     Remove phreak from metadata.xml (#96398)
72 solar 1.231
73     *hardened-sources-2.6.25-r3 (31 Jul 2008)
74    
75     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
76     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
77     +hardened-sources-2.6.25-r3.ebuild:
78     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
79     fixes, including security bug #231750.
80 nixnut 1.230
81     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
82     Stable on ppc
83 solar 1.229
84     *hardened-sources-2.6.25-r2 (05 Jul 2008)
85    
86     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
87     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
88     +hardened-sources-2.6.25-r2.ebuild:
89     2.6.23-r4: Stable x86/amd64
90     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
91     2.6.23-r{11,12}: Removed due to multiple vulns.
92     (gengor & kerframil)
93 nixnut 1.228
94     04 Jul 2008; nixnut <nixnut@gentoo.org>
95     hardened-sources-2.6.23-r13.ebuild:
96     Stable on ppc
97 solar 1.227
98     *hardened-sources-2.6.25-r1 (30 Jun 2008)
99    
100     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
101     +hardened-sources-2.6.25-r1.ebuild:
102     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
103     grsecurity release. 2.6.23-r13: x86/amd64 stable
104 solar 1.226
105     *hardened-sources-2.6.25 (17 Jun 2008)
106     *hardened-sources-2.6.24-r3 (17 Jun 2008)
107     *hardened-sources-2.6.23-r13 (17 Jun 2008)
108    
109     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
110     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
111     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
112     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
113     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
114     2.6.25: Initial 2.6.25 release.
115 solar 1.225
116     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
117     - fasttrack to stable x86/amd64
118 swegener 1.224
119     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
120     Fix broken digest for linux-2.6.24.tar.bz2.
121 solar 1.223
122     *hardened-sources-2.6.24-r2 (11 May 2008)
123     *hardened-sources-2.6.23-r12 (11 May 2008)
124    
125     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
126     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
127     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
128     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
129     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
130     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
131     security bugs 219901, 220691, 220975, 220979, 221123. New
132     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
133     should be removed as far as I'm concerned, everything else remove due to
134     vulnerable to numerous security bugs or brokeness.
135 nixnut 1.222
136     10 May 2008; nixnut <nixnut@gentoo.org>
137     hardened-sources-2.6.23-r11.ebuild:
138     Stable on ppc
139 solar 1.221
140     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
141     - -r11 stable on x86/amd64
142 solar 1.220
143     *hardened-sources-2.6.23-r11 (01 May 2008)
144    
145     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
146     - version bump to fix ulgy linux bugs
147 phreak 1.219
148     *hardened-sources-2.6.24-r1 (30 Apr 2008)
149    
150     30 Apr 2008; Christian Heim <phreak@gentoo.org>
151     +hardened-sources-2.6.24-r1.ebuild:
152     Revision bump (thanks to Kerin and Gordon, again), pulling
153     genpatches-2.6.24-7, solving #219089. Additionally contains further security
154     fixes plus some minor updates.
155 phreak 1.218
156     *hardened-sources-2.6.23-r10 (30 Apr 2008)
157    
158     30 Apr 2008; Christian Heim <phreak@gentoo.org>
159     +hardened-sources-2.6.23-r10.ebuild:
160     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
161     Additional contains "various other fixes".
162 phreak 1.217
163     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
164     Update the longdescription in metadata, thanks to Gordon Malm.
165 nixnut 1.216
166     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
167     Stable on ppc wrt bug #213255
168 solar 1.215
169     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
170     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
171     - stable on x86/amd64 per request. Removed obsolete ebuilds
172 phreak 1.214
173     *hardened-sources-2.6.24 (07 Apr 2008)
174    
175     07 Apr 2008; Christian Heim <phreak@gentoo.org>
176     +hardened-sources-2.6.24.ebuild:
177     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
178     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
179     for the many contributions and their continued effort in #216612) based on
180     2.6.24 and genpatches-2.6.24-5.
181    
182     The current ebuild/patchset contains these things:
183     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
184     * Introduces bespoke server and workstation oriented security levels
185     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
186 phreak 1.213
187     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
188     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
189     maintaining it).
190 phreak 1.212
191     24 Mar 2008; Christian Heim <phreak@gentoo.org>
192     hardened-sources-2.4.35-r2.ebuild:
193     Fixing SRC_URI for 2.4.35-r2.
194 phreak 1.211
195     *hardened-sources-2.6.23-r9 (22 Mar 2008)
196    
197     22 Mar 2008; Christian Heim <phreak@gentoo.org>
198     +hardened-sources-2.6.23-r9.ebuild:
199     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
200     * Change the default GIDs for some grsecurity options
201     * Revamp the Hardened [Gentoo] security level and make it the default level
202     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
203     * Fix a recursive lock -- call to capable() within ptrace_attach()
204     * Fix bug that allows audit and iscsi operations to be controlled via netlink
205 solar 1.210
206     *hardened-sources-2.6.23-r8 (27 Feb 2008)
207    
208     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
209     - version bump from Kerin Millar bug 210026
210 solar 1.209
211     17 Feb 2008; <solar@gentoo.org> metadata.xml,
212     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
213     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
214     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
215     - stable on x86 and remove old ebuilds
216 solar 1.207
217     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
218 solar 1.208 - stable on amd64 per request of amd64 lead
219 solar 1.206
220     *hardened-sources-2.6.23-r7 (11 Feb 2008)
221    
222     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
223     - version bump from kerin.millar
224     Changes:
225    
226     * Bump to genpatches-base-2.6.23-9
227     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
228     * Disables COMPAT_VDSO in x86/defconfig
229     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
230 phreak 1.205
231     25 Jan 2008; Christian Heim <phreak@gentoo.org>
232     -hardened-sources-2.6.22-r8.ebuild:
233     Cleaning up old versions.
234 phreak 1.204
235     *hardened-sources-2.6.23-r6 (25 Jan 2008)
236    
237     25 Jan 2008; Christian Heim <phreak@gentoo.org>
238     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
239     Revision bump, pulling in the latest genpatches.
240 phreak 1.203
241     *hardened-sources-2.6.23-r5 (24 Dec 2007)
242    
243     24 Dec 2007; Christian Heim <phreak@gentoo.org>
244     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
245     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
246     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
247     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
248 phreak 1.202
249     24 Dec 2007; Christian Heim <phreak@gentoo.org>
250     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
251     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
252     -hardened-sources-2.6.23-r3.ebuild:
253     Cleaning out some unused, old versions.
254 phreak 1.201
255     24 Dec 2007; Christian Heim <phreak@gentoo.org>
256     hardened-sources-2.6.23-r4.ebuild:
257     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
258     in the tree for long, but there isn't much of a difference between this and
259     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
260 phreak 1.200
261     *hardened-sources-2.6.23-r4 (23 Dec 2007)
262    
263     23 Dec 2007; Christian Heim <phreak@gentoo.org>
264     +hardened-sources-2.6.23-r4.ebuild:
265     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
266 phreak 1.199
267     *hardened-sources-2.6.23-r3 (04 Dec 2007)
268    
269     04 Dec 2007; Christian Heim <phreak@gentoo.org>
270     +hardened-sources-2.6.23-r3.ebuild:
271     Revision bump, pulling in 2.6.23.9.
272 phreak 1.198
273     *hardened-sources-2.6.23-r2 (25 Nov 2007)
274    
275     25 Nov 2007; Christian Heim <phreak@gentoo.org>
276     +hardened-sources-2.6.23-r2.ebuild:
277     Updated patchset, thanks to solar.
278 phreak 1.197
279     *hardened-sources-2.6.23-r1 (31 Oct 2007)
280    
281     31 Oct 2007; Christian Heim <phreak@gentoo.org>
282     +hardened-sources-2.6.23-r1.ebuild:
283     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
284 solar 1.196
285     29 Oct 2007; <solar@gentoo.org> metadata.xml:
286     - update metadata.xml
287 phreak 1.195
288     25 Oct 2007; Christian Heim <phreak@gentoo.org>
289     hardened-sources-2.6.22-r8.ebuild:
290     Marking 2.6.22-r8 stable on amd64 and x86.
291 phreak 1.194
292     21 Oct 2007; Christian Heim <phreak@gentoo.org>
293     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
294     -hardened-sources-2.6.21-r4.ebuild:
295     Removing old ebuilds.
296 phreak 1.193
297     *hardened-sources-2.4.35-r2 (21 Oct 2007)
298    
299     21 Oct 2007; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.4.35-r2.ebuild:
301     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
302     patches.
303 phreak 1.192
304     *hardened-sources-2.6.22-r8 (21 Oct 2007)
305    
306     21 Oct 2007; Christian Heim <phreak@gentoo.org>
307     +hardened-sources-2.6.22-r8.ebuild:
308     Yet another new patch, hopefully fixing the remaining issues we had w/
309     2.6.22. Candidate for stabling.
310 phreak 1.191
311     *hardened-sources-2.6.23 (13 Oct 2007)
312    
313     13 Oct 2007; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.23.ebuild:
315     Initial hardened-sources-2.6.23. If people still have problems w/ bug
316     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
317 phreak 1.190
318     11 Oct 2007; Christian Heim <phreak@gentoo.org>
319     hardened-sources-2.6.20-r10.ebuild:
320     Pulling in yet another new genpatches version, fixing the PWC bug for real.
321 phreak 1.189
322     04 Oct 2007; Christian Heim <phreak@gentoo.org>
323     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
324     Removing old versions.
325 phreak 1.188
326     *hardened-sources-2.6.22-r7 (01 Oct 2007)
327    
328     01 Oct 2007; Christian Heim <phreak@gentoo.org>
329     +hardened-sources-2.6.22-r7.ebuild:
330     Revision bump, pulling in a newer patch. Should fix #194276.
331 phreak 1.187
332     30 Sep 2007; Christian Heim <phreak@gentoo.org>
333     hardened-sources-2.6.20-r10.ebuild:
334     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
335     Mike Doty).
336 phreak 1.186
337     *hardened-sources-2.6.22-r6 (26 Sep 2007)
338    
339     26 Sep 2007; Christian Heim <phreak@gentoo.org>
340     +hardened-sources-2.6.22-r6.ebuild:
341     Revision bump, grabbing up till Linux 2.6.22.9.
342 phreak 1.185
343     24 Sep 2007; Christian Heim <phreak@gentoo.org>
344     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
345     Cleaning up further.
346 phreak 1.184
347     *hardened-sources-2.6.20-r10 (24 Sep 2007)
348    
349     24 Sep 2007; Christian Heim <phreak@gentoo.org>
350     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
351     +hardened-sources-2.6.20-r10.ebuild:
352     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
353     revisions.
354 phreak 1.183
355     *hardened-sources-2.6.22-r5 (22 Sep 2007)
356    
357     22 Sep 2007; Christian Heim <phreak@gentoo.org>
358     +hardened-sources-2.6.22-r5.ebuild:
359     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
360 phreak 1.182
361     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
362     Removing johnm from metadata.xml (see #186467 for reference).
363 phreak 1.181
364     *hardened-sources-2.6.22-r4 (17 Sep 2007)
365    
366     17 Sep 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.22-r4.ebuild:
368     Revision bump, hopefully fixing all those weird PAX failures.
369 phreak 1.180
370     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
371     Updating the metadata.xml.
372 phreak 1.179
373     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
374     Removing tocharian from metadata due to his retirement (see #71718 for
375     reference).
376 phreak 1.178
377     *hardened-sources-2.6.20-r9 (30 Aug 2007)
378    
379     30 Aug 2007; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.20-r9.ebuild:
381     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
382 phreak 1.177
383     29 Aug 2007; Christian Heim <phreak@gentoo.org>
384     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
385     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
386     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
387     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
388     -hardened-sources-2.6.22-r2.ebuild:
389     Removing some redundant versions.
390 phreak 1.176
391     *hardened-sources-2.4.35-r1 (29 Aug 2007)
392    
393     29 Aug 2007; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.4.35-r1.ebuild:
395     Revision bump, new grsecurity patch.
396 phreak 1.175
397     *hardened-sources-2.6.20-r8 (26 Aug 2007)
398    
399     26 Aug 2007; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.20-r8.ebuild:
401     Revision bump for Linux 2.6.20.17.
402 phreak 1.174
403     *hardened-sources-2.6.22-r3 (22 Aug 2007)
404    
405     22 Aug 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.22-r3.ebuild:
407     Revision bump for Linux 2.6.22.4.
408 phreak 1.173
409     16 Aug 2007; Christian Heim <phreak@gentoo.org>
410     hardened-sources-2.6.22-r2.ebuild:
411     Updated patchset, to fix the alignment against 2.6.22.3.
412 phreak 1.172
413     *hardened-sources-2.6.22-r2 (16 Aug 2007)
414    
415     16 Aug 2007; Christian Heim <phreak@gentoo.org>
416     +hardened-sources-2.6.22-r2.ebuild:
417     Revision bump for Linux 2.6.22.3.
418 phreak 1.171
419     *hardened-sources-2.4.35 (16 Aug 2007)
420    
421     16 Aug 2007; Christian Heim <phreak@gentoo.org>
422     +hardened-sources-2.4.35.ebuild:
423     Version bump, initial version for Linux 2.4.35.
424 phreak 1.170
425     *hardened-sources-2.6.21-r4 (16 Aug 2007)
426    
427     16 Aug 2007; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.21-r4.ebuild:
429     Revision bump for Linux 2.6.21.6.
430 phreak 1.169
431     *hardened-sources-2.6.20-r7 (16 Aug 2007)
432    
433     16 Aug 2007; Christian Heim <phreak@gentoo.org>
434     +hardened-sources-2.6.20-r7.ebuild:
435     Revision bump for Linux 2.6.20.16.
436 phreak 1.168
437     *hardened-sources-2.6.22-r1 (13 Aug 2007)
438    
439     13 Aug 2007; Christian Heim <phreak@gentoo.org>
440     +hardened-sources-2.6.22-r1.ebuild:
441     Yet another revision bump.
442 phreak 1.167
443     *hardened-sources-2.6.22 (10 Aug 2007)
444    
445     10 Aug 2007; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.6.22.ebuild:
447     Initial release for 2.6.22. If you are using hardened-sources on a desktop
448     machine (P4 or newer), be aware you might need to disable
449     CONFIG_PAX_PAGEEXEC.
450 phreak 1.166
451     04 Aug 2007; Christian Heim <phreak@gentoo.org>
452     hardened-sources-2.6.20-r6.ebuild:
453     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
454     2.6.20.15.
455 phreak 1.165
456     10 Jul 2007; Christian Heim <phreak@gentoo.org>
457     hardened-sources-2.6.20-r5.ebuild:
458     Marking hardened-sources-2.6.20-r5 stable on ppc.
459 phreak 1.164
460     10 Jul 2007; Christian Heim <phreak@gentoo.org>
461     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
462     Cleanup.
463 phreak 1.163
464     *hardened-sources-2.6.20-r6 (08 Jul 2007)
465    
466     08 Jul 2007; Christian Heim <phreak@gentoo.org>
467     +hardened-sources-2.6.20-r6.ebuild:
468     Revision bump, grabbing yet another stable release.
469 phreak 1.162
470     17 Jun 2007; Christian Heim <phreak@gentoo.org>
471     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
472     -hardened-sources-2.6.21-r2.ebuild:
473     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
474     alpha stable KEYWORD by mistake.
475 phreak 1.161
476     17 Jun 2007; Christian Heim <phreak@gentoo.org>
477     hardened-sources-2.6.20-r5.ebuild:
478     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
479     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
480 phreak 1.160
481     *hardened-sources-2.6.21-r3 (12 Jun 2007)
482    
483     12 Jun 2007; Christian Heim <phreak@gentoo.org>
484     +hardened-sources-2.6.21-r3.ebuild:
485     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
486     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
487     love.
488 phreak 1.159
489     *hardened-sources-2.6.20-r5 (11 Jun 2007)
490    
491     11 Jun 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.20-r5.ebuild:
493     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
494     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
495     love.
496 pappy 1.158
497     *hardened-sources-2.4.34.5 (11 Jun 2007)
498    
499     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
500     +hardened-sources-2.4.34.5.ebuild:
501     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
502 phreak 1.157
503     30 May 2007; Christian Heim <phreak@gentoo.org>
504     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
505     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
506     stale ebuild(s).
507 phreak 1.156
508     30 May 2007; Christian Heim <phreak@gentoo.org>
509     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
510     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
511     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
512     Doing some cleanups, remove stale ebuilds.
513 phreak 1.155
514     26 May 2007; Christian Heim <phreak@gentoo.org>
515     hardened-sources-2.6.21-r2.ebuild:
516     Fixing the grsecurity patch, had one '};' too much.
517 phreak 1.154
518     *hardened-sources-2.6.21-r2 (26 May 2007)
519    
520     26 May 2007; Christian Heim <phreak@gentoo.org>
521     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
522     +hardened-sources-2.6.21-r2.ebuild:
523     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
524     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
525 phreak 1.153
526     *hardened-sources-2.6.20-r4 (26 May 2007)
527    
528     26 May 2007; Christian Heim <phreak@gentoo.org>
529     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
530     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
531 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
532 phreak 1.152
533     15 May 2007; Christian Heim <phreak@gentoo.org>
534     hardened-sources-2.6.20-r3.ebuild:
535     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
536     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
537     grsecurity patch fail in that exact same hunk.
538 phreak 1.151
539     *hardened-sources-2.6.20-r3 (15 May 2007)
540    
541     15 May 2007; Christian Heim <phreak@gentoo.org>
542     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
543     Revision bump, incorporating Linux 2.6.20.11.
544    
545     *hardened-sources-2.6.21-r1 (11 May 2007)
546    
547     11 May 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.21-r1.ebuild:
549     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
550     mentioned in #177234.
551 kevquinn 1.150
552     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
553     files/digest-hardened-sources-2.6.21, Manifest:
554     Fix Manifest/digest for linux-2.6.21.tar.bz2
555 phreak 1.149
556     06 May 2007; Christian Heim <phreak@gentoo.org>
557     hardened-sources-2.6.21.ebuild:
558     Bumping the hardened-patches version, needed for the fix for #177234.
559 phreak 1.148
560     *hardened-sources-2.6.21 (02 May 2007)
561    
562     02 May 2007; Christian Heim <phreak@gentoo.org>
563     +hardened-sources-2.6.21.ebuild:
564     Version bump, Linux 2.6.21-hardened.
565 phreak 1.147
566     29 Apr 2007; Christian Heim <phreak@gentoo.org>
567     hardened-sources-2.6.20-r2.ebuild:
568     Adding ~ia64 on Ned's request.
569 phreak 1.146
570     29 Apr 2007; Christian Heim <phreak@gentoo.org>
571     hardened-sources-2.6.20-r2.ebuild:
572     Fixing the included grsecurity patch, wasn't alligning due to the Index:
573     header line(s).
574 phreak 1.145
575     29 Apr 2007; Christian Heim <phreak@gentoo.org>
576     hardened-sources-2.6.20-r2.ebuild:
577     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
578 armin76 1.144
579     *hardened-sources-2.6.20-r2 (10 Apr 2007)
580    
581     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
582     +hardened-sources-2.6.20-r2.ebuild:
583     Version bump, on behalf of phreak
584 phreak 1.143
585     *hardened-sources-2.6.20-r1 (04 Apr 2007)
586    
587     04 Apr 2007; Christian Heim <phreak@gentoo.org>
588     +hardened-sources-2.6.20-r1.ebuild:
589     Revision bump, grabbing a newer grsecurity snapshot.
590 phreak 1.142
591     *hardened-sources-2.6.20 (25 Mar 2007)
592    
593     25 Mar 2007; Christian Heim <phreak@gentoo.org>
594     +hardened-sources-2.6.20.ebuild:
595     Finally a hardened-sources version for 2.6.20; many people have been waiting
596     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
597     testbox.
598 chainsaw 1.141
599     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
600     hardened-sources-2.6.18-r6.ebuild:
601     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
602 phreak 1.140
603     *hardened-sources-2.6.18-r6 (16 Mar 2007)
604    
605     16 Mar 2007; Christian Heim <phreak@gentoo.org>
606     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
607     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
608     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
609     supposed to be.
610 phreak 1.139
611     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
612     Fixing the Manifest, the previous one was broken (as in still had the
613     deleted ebuild in it).
614 phreak 1.138
615     06 Mar 2007; Christian Heim <phreak@gentoo.org>
616     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
617     +hardened-sources-2.6.18-r5.ebuild:
618     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
619     Linux 2.6.18.8. Also cleaning up the older version.
620    
621     *hardened-sources-2.6.18-r5 (06 Mar 2007)
622    
623     06 Mar 2007; Christian Heim <phreak@gentoo.org>
624     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
625     +hardened-sources-2.6.18-r5.ebuild:
626     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
627     Linux 2.6.18.8. Also cleaning up the older version.
628 phreak 1.137
629     24 Feb 2007; Christian Heim <phreak@gentoo.org>
630     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
631     -hardened-sources-2.6.19-r5.ebuild:
632     Removing some of the old version, that didn't work.
633 phreak 1.136
634     *hardened-sources-2.6.19-r6 (12 Feb 2007)
635    
636     12 Feb 2007; Christian Heim <phreak@gentoo.org>
637     +hardened-sources-2.6.19-r6.ebuild:
638     Revision bump, including a new grsec version fixing #166235.
639 pappy 1.134
640     *hardened-sources-2.4.34 (24 Jan 2007)
641    
642     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
643 pappy 1.135 Manifest:
644     updating Manifest with checksums of new tarball and ebuild
645    
646     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
647 pappy 1.134 +hardened-sources-2.4.34.ebuild:
648     I added new hardened sources 2.4 update, this is a critical path
649     security bugfix - all users of h-s are strongly advised
650     to update their existing hardened sources to this version.
651     It contains a fix for a kernel vulnerability that is pertaining
652     to the PaX changes to virtual memory management, possibly leading
653     to a local kernel exploit ... see grsecurity.net forums and homepage
654 phreak 1.133
655     23 Jan 2007; Christian Heim <phreak@gentoo.org>
656     files/digest-hardened-sources-2.6.19-r5, Manifest:
657     Fixing the patch-tarball digest.
658 phreak 1.132
659     *hardened-sources-2.6.19-r5 (23 Jan 2007)
660    
661     23 Jan 2007; Christian Heim <phreak@gentoo.org>
662     +hardened-sources-2.6.19-r5.ebuild:
663     Revision bump, closing the recently discovered PaX expand_stack()
664     vulnerability.
665 phreak 1.131
666     *hardened-sources-2.6.19-r4 (14 Jan 2007)
667    
668     14 Jan 2007; Christian Heim <phreak@gentoo.org>
669     +hardened-sources-2.6.19-r4.ebuild:
670     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
671     dropping the randomized PID feature.
672 opfer 1.130
673     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
674     hardened-sources-2.4.33.4.ebuild:
675     stable x86, bug #161171
676 phreak 1.129
677     *hardened-sources-2.6.19-r3 (27 Dec 2006)
678    
679     27 Dec 2006; Christian Heim <phreak@gentoo.org>
680     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
681     Revision bump for bug #157186 and #158786.
682 phreak 1.128
683     *hardened-sources-2.6.18-r4 (27 Dec 2006)
684    
685     27 Dec 2006; Christian Heim <phreak@gentoo.org>
686     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
687     Revision bump for bug #157186.
688 phreak 1.127
689     *hardened-sources-2.6.19-r2 (23 Dec 2006)
690    
691     23 Dec 2006; Christian Heim <phreak@gentoo.org>
692     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
693     Revision bump to pull in genpatches-2.6.19-3 for #157186.
694 phreak 1.126
695     17 Dec 2006; Christian Heim <phreak@gentoo.org>
696     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
697     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
698     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
699     hardened-sources-2.6.19-r1.ebuild:
700     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
701     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
702 pappy 1.125
703     *hardened-sources-2.4.33.4 (17 Dec 2006)
704    
705     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
706     +hardened-sources-2.4.33.4.ebuild:
707     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
708     and quilting
709 phreak 1.124
710     *hardened-sources-2.6.19-r1 (14 Dec 2006)
711    
712     14 Dec 2006; Christian Heim <phreak@gentoo.org>
713     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
714     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
715     for reporting).
716 phreak 1.123
717     *hardened-sources-2.6.19 (13 Dec 2006)
718    
719     13 Dec 2006; Christian Heim <phreak@gentoo.org>
720     +hardened-sources-2.6.19.ebuild:
721     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
722     Brad for providing that prompt update.
723 phreak 1.122
724     *hardened-sources-2.6.18-r3 (13 Dec 2006)
725    
726     13 Dec 2006; Christian Heim <phreak@gentoo.org>
727     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
728     +hardened-sources-2.6.18-r3.ebuild:
729     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
730     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
731 phreak 1.121
732     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
733     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
734 nixnut 1.120
735     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
736     Stable on ppc wrt bug 157356
737 opfer 1.119
738     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
739     hardened-sources-2.6.18.ebuild:
740     stable x86, bug #157356
741 phreak 1.118
742     *hardened-sources-2.6.18-r2 (06 Dec 2006)
743    
744     06 Dec 2006; Christian Heim <phreak@gentoo.org>
745     +hardened-sources-2.6.18-r2.ebuild:
746     Revision bump, including 2.6.18.5 (via genpatches) and
747     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
748     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
749     redesign.
750 phreak 1.117
751     06 Dec 2006; Christian Heim <phreak@gentoo.org>
752     hardened-sources-2.6.18.ebuild:
753     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
754     of Mike Doty).
755 phreak 1.116
756     *hardened-sources-2.6.18-r1 (23 Nov 2006)
757    
758     23 Nov 2006; Christian Heim <phreak@gentoo.org>
759     +hardened-sources-2.6.18-r1.ebuild:
760     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
761 phreak 1.115
762     *hardened-sources-2.6.18 (11 Nov 2006)
763    
764     11 Nov 2006; Christian Heim <phreak@gentoo.org>
765     +hardened-sources-2.6.18.ebuild:
766     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
767 solar 1.114
768     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
769     - mark amd64 stable also. bug #151877
770 solar 1.113
771     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
772     - mark 2.6.17-r1 stable
773 phreak 1.112
774     27 Aug 2006; Christian Heim <phreak@gentoo.org>
775     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
776     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
777 phreak 1.111
778     *hardened-sources-2.6.17-r1 (26 Aug 2006)
779    
780     26 Aug 2006; Christian Heim <phreak@gentoo.org>
781     +hardened-sources-2.6.17-r1.ebuild:
782     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
783     grsecurity patch.
784 phreak 1.110
785     *hardened-sources-2.6.17 (17 Aug 2006)
786    
787     17 Aug 2006; Christian Heim <phreak@gentoo.org>
788     +hardened-sources-2.6.17.ebuild:
789     Bumping the hardened-sources-2.6 series to 2.6.17, using
790     genpatches-2.6.17-6.base.
791 solar 1.109
792     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
793     - stable on x86 and amd64
794 solar 1.108
795     *hardened-sources-2.6.16-r11 (15 Jul 2006)
796    
797     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
798     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
799     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
800     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
801     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
802     crusty ebuilds
803 johnm 1.107
804     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
805     hardened-sources-2.6.16-r10.ebuild:
806     marking stable on x86 and amd64
807 solar 1.106
808     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
809     - 2.4.32-r6 stable on x86. RSBAC state unknown
810 kang 1.105
811     *hardened-sources-2.4.32-r7 (10 Jul 2006)
812    
813     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
814     +hardened-sources-2.4.32-r7.ebuild:
815     Bump PaX for RSBAC to test-17
816 johnm 1.104
817     *hardened-sources-2.6.16-r9 (03 Jul 2006)
818    
819     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
820     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
821     hardened-sources-2.6.16 bump to latest -base.
822 solar 1.103
823     *hardened-sources-2.4.32-r6 (30 Jun 2006)
824    
825     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
826     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
827     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
828     sysctl controlable resource logging
829 johnm 1.102
830     *hardened-sources-2.6.16-r7 (05 Jun 2006)
831    
832     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
833     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
834     push new 2.6.16 release in preparation for stable
835 solar 1.101
836     22 May 2006; <solar@gentoo.org> :
837     - redigest bug 134002
838 kang 1.100
839     *hardened-sources-2.4.32-r5 (16 May 2006)
840    
841     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
842     +hardened-sources-2.4.32-r5.ebuild:
843     Fixes rsbac common patching (new patch in new -r5 patchset)
844 solar 1.99
845     *hardened-sources-2.4.32-r4 (13 May 2006)
846    
847     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
848     +hardened-sources-2.4.32-r4.ebuild:
849     - security bumps
850 johnm 1.98
851     *hardened-sources-2.6.16-r6 (03 May 2006)
852    
853     03 May 2006; John Mylchreest <johnm@gentoo.org>
854     +hardened-sources-2.6.16-r6.ebuild:
855     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
856 johnm 1.97
857     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
858     hardened-sources-2.6.14-r8.ebuild:
859     fix x86_64 build problem, this will delay the digest issue again for a short
860     while but it will sort itself out
861 johnm 1.96
862     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
863     hardened-sources-2.6.14-r8.ebuild:
864     bump hardened patchset
865 antarus 1.94
866     27 Apr 2006; Alec Warner <antarus@gentoo.org>
867     files/digest-hardened-sources-2.4.32-r2,
868     files/digest-hardened-sources-2.4.32-r3,
869     files/digest-hardened-sources-2.6.14-r8, Manifest:
870     Fixing duff SHA256 digests: Bug # 131293
871 johnm 1.93
872 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
873    
874     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
875     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
876     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
877     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
878     cleanup of old uneccessary sources
879    
880 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
881     fix digest
882 johnm 1.92
883     *hardened-sources-2.6.14-r8 (20 Apr 2006)
884    
885     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
886     +hardened-sources-2.6.14-r8.ebuild:
887     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
888 johnm 1.91
889     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
890     Turning on gpg-signing again, and recomitting
891 johnm 1.90
892     *hardened-sources-2.6.16-r4 (20 Apr 2006)
893    
894     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
895     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
896     +hardened-sources-2.6.16-r4.ebuild:
897     Fix numerous security vulns
898 solar 1.89
899     *hardened-sources-2.4.32-r3 (16 Apr 2006)
900    
901     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
902     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
903     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
904     - security bump for bug #112791. Removed old ebuilds
905 johnm 1.88
906     *hardened-sources-2.6.16-r3 (15 Apr 2006)
907    
908     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
909     +hardened-sources-2.6.16-r3.ebuild:
910     Removing silly localversion which I missed
911 johnm 1.87
912     *hardened-sources-2.6.14-r7 (14 Apr 2006)
913    
914     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
915     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
916     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
917 johnm 1.86
918     *hardened-sources-2.6.16-r2 (13 Apr 2006)
919    
920     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
921     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
922     +hardened-sources-2.6.16-r2.ebuild:
923     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
924     labels, dropping USERGROUP define fixes, since these were merged mainstream.
925 johnm 1.85
926     *hardened-sources-2.6.16-r1 (11 Apr 2006)
927    
928     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
929     +hardened-sources-2.6.16-r1.ebuild:
930     Bumping to include ppc build fix and 2.6.16.3
931 tsunam 1.84
932     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
933     hardened-sources-2.6.14-r6.ebuild:
934     Stable on x86; bug #127718
935 johnm 1.83
936     *hardened-sources-2.6.16 (31 Mar 2006)
937    
938     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
939     +hardened-sources-2.6.16.ebuild:
940     Bumping to new version of grsec, and kernel base. New squashfs. Based on
941     2.6.16.1
942 cryos 1.82
943     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
944     hardened-sources-2.6.14-r6.ebuild:
945     Stable on amd64, bug 127718.
946 nixnut 1.81
947     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
948     Stable on ppc. Bug #127718
949 johnm 1.80
950     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
951     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
952     -hardened-sources-2.6.14-r4.ebuild:
953     Cleanup.
954 johnm 1.79
955     *hardened-sources-2.6.14-r6 (15 Mar 2006)
956    
957     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
958     +hardened-sources-2.6.14-r6.ebuild:
959     Fixes grsec policy recreation bug and adds a
960     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
961 solar 1.78
962     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
963     - stable on x86
964 hansmi 1.77
965     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
966     hardened-sources-2.6.14-r5.ebuild:
967     Stable on ppc.
968 johnm 1.76
969     *hardened-sources-2.6.14-r5 (01 Feb 2006)
970    
971     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
972     +hardened-sources-2.6.14-r5.ebuild:
973     fixing every known exploit
974 solar 1.75
975     *hardened-sources-2.4.32-r2 (26 Jan 2006)
976    
977     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
978     +hardened-sources-2.4.32-r2.ebuild:
979     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
980 solar 1.74
981     *hardened-sources-2.6.14-r4 (12 Jan 2006)
982    
983     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
984     - version bump for new genpatches which fix up a few sec holes
985 solar 1.73
986     *hardened-sources-2.4.32-r1 (05 Jan 2006)
987    
988     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
989     - revision bump to add misc vital linux kernel security patches.
990 johnm 1.72
991     *hardened-sources-2.6.14-r3 (30 Dec 2005)
992    
993     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
994     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
995     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
996 johnm 1.71
997     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
998     hardened-sources-2.6.14-r2.ebuild:
999     making x86 & amd64 stable following testing.
1000 johnm 1.70
1001     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1002    
1003     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1004     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1005     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1006     network hooks.
1007 johnm 1.69
1008     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1009     hardened-sources-2.6.14-r1.ebuild:
1010     bumping to stable early for sec fix on x86 & amd64
1011 johnm 1.68
1012     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1013    
1014     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1015     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1016     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1017 solar 1.67
1018     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1019     - stable on x86 security bug #114227 CAN-2005-3257
1020 kang 1.66
1021     *hardened-sources-2.4.32 (19 Nov 2005)
1022    
1023     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1024     +hardened-sources-2.4.32.ebuild:
1025     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1026     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1027     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1028     rsbac >> /etc/portage/package.use)
1029 johnm 1.65
1030     *hardened-sources-2.6.14 (14 Nov 2005)
1031    
1032     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1033     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1034     Bumping 2.6 series to 2.6.14.2
1035 johnm 1.64
1036     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1037    
1038     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1039     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1040     +hardened-sources-2.6.13-r2.ebuild:
1041     Fixes minor build error in ppc.
1042 johnm 1.63
1043     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1044    
1045     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1046     +hardened-sources-2.6.13-r1.ebuild:
1047     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1048     2.6.13.4, fixes some major amd64 stability problems.
1049 johnm 1.62
1050     *hardened-sources-2.6.13 (16 Sep 2005)
1051    
1052     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1053     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1054     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1055     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1056     users should test this thoroughly.
1057 solar 1.61
1058     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1059     - stable on x86
1060 johnm 1.60
1061     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1062    
1063     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1064     +hardened-sources-2.6.11-r15.ebuild:
1065     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1066     grsec redefining curr_ip struct.
1067 solar 1.59
1068     *hardened-sources-2.4.31 (20 Jun 2005)
1069    
1070     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1071     initial import of 2.4.31 tree
1072 johnm 1.58
1073     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1074    
1075     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1076     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1077     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1078     naming scheme to abide by genpatches
1079 johnm 1.57
1080     *hardened-sources-2.6.11-r13 (18 May 2005)
1081    
1082     18 May 2005; John Mylchreest <johnm@gentoo.org>
1083     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1084     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1085     target. sorry about that. Fixes bug #93022
1086 johnm 1.56
1087     *hardened-sources-2.6.11-r12 (17 May 2005)
1088    
1089     17 May 2005; John Mylchreest <johnm@gentoo.org>
1090     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1091     +hardened-sources-2.6.11-r12.ebuild:
1092     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1093     merges in genpatches-base
1094 johnm 1.55
1095     *hardened-sources-2.6.11-r12 (17 May 2005)
1096    
1097     17 May 2005; John Mylchreest <johnm@gentoo.org>
1098     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1099     +hardened-sources-2.6.11-r12.ebuild:
1100     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1101     merges in genpatches-base
1102 solar 1.54
1103     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1104     -files/2.4.27-cmdline-race.patch,
1105     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1106     -files/2.4.28-grsec-binfmt_a.out.patch,
1107     -files/2.4.28-grsec-cmdline-race.patch,
1108     -files/2.4.28-selinux-binfmt_a.out.patch,
1109     -files/2.4.28-selinux-cmdline-race.patch,
1110     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1111     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1112     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1113     cleanup..
1114 solar 1.53
1115     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1116    
1117     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1118     - disable aout by default
1119 solar 1.52
1120     *hardened-sources-2.4.30 (18 Apr 2005)
1121    
1122     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1123     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1124     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1125     use
1126 tocharian 1.50
1127 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1128    
1129     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1130     +hardened-sources-2.4.29.ebuild:
1131     New hardened-patches-2.4-29.0 patchball.
1132     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1133    
1134     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1135    
1136     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1137     +hardened-sources-2.4.28-r5.ebuild:
1138     Added a fix for a PaX vulnerability.
1139    
1140     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1141 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1142     Stable on x86
1143 solar 1.49
1144     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1145     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1146     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1147     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1148     - fixed/added RDEPEND= in all kernel-2 ebuilds
1149 tocharian 1.48
1150     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1151    
1152     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1153     +hardened-sources-2.4.28-r4.ebuild:
1154     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1155     backport of neighbour hash updates.
1156 tocharian 1.47
1157     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1158     hardened-sources-2.4.28-r3.ebuild:
1159     Stable on x86
1160 tseng 1.46
1161     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1162    
1163     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1164     +hardened-sources-2.6.10-r3.ebuild:
1165     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1166     in 2005.0
1167 tocharian 1.45
1168     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1169     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1170     hardened-sources-2.4.28-r2.ebuild:
1171     Mark stable on x86
1172 tocharian 1.44
1173     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1174    
1175     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1176     +hardened-sources-2.4.28-r3.ebuild:
1177     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1178 tocharian 1.43
1179     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1180     hardened-sources-2.4.28.ebuild:
1181     Mark stable on x86.
1182 tocharian 1.42
1183     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1184    
1185     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1186     +hardened-sources-2.4.28-r2.ebuild:
1187     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1188     Mazinger for grsecurity patches as well.
1189 plasmaroo 1.41
1190     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1191    
1192     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1193     Security bump. Thank tocharian for rolling a new patchset...
1194 solar 1.40
1195     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1196     +files/2.4.28-grsec-cmdline-race.patch,
1197     +files/2.4.28-selinux-binfmt_a.out.patch,
1198     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1199     - Round up remaining security patches that appear to be missing in 2.4.28. -
1200     PaX standalone updated to current. hgpv=28.1
1201 solar 1.39
1202     *hardened-sources-2.4.28 (28 Nov 2004)
1203    
1204     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1205     security bump. Thank tocharian for rolling a new patchset
1206 scox 1.31
1207 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1208    
1209     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1210     +hardened-sources-2.4.27-r3.ebuild:
1211     Applies the new 2.4-27.2 patchball which updates
1212     GRSecurity to the 2.0.1 version.
1213    
1214 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1215    
1216     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1217     +hardened-sources-2.4.27-r2.ebuild:
1218     Version bump.
1219     This version uses the new 2.4-27.1 patchball which updates
1220     both the SELinux PaX hooks patch and the SELinux headers.
1221    
1222 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1223    
1224     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1225     +hardened-sources-2.4.27-r1.ebuild,
1226     -hardened-sources-2.4.27.ebuild,
1227     +files/2.4.27-cmdline-race.patch:
1228     Version bump, fix for cmdline race. See bug #59905.
1229    
1230     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1231    
1232     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1233     +hardened-sources-2.4.26-r6.ebuild,
1234     -hardened-sources-2.4.26-r5.ebuild,
1235     -hardened-sources-2.4.26-r4.ebuild,
1236     +files/2.4.26-cmdline-race.patch:
1237     Version bump, fix for cmdline race. See bug #59905.
1238    
1239 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1240    
1241     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1242     +hardened-sources-2.4.27.ebuild,
1243     +files/2.4.27-CAN-2004-0394.patch:
1244     Ported the patchball to the 2.4.27 kernel version.
1245    
1246 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1247    
1248     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1249     +hardened-sources-2.4.26-r5.ebuild:
1250 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1251 scox 1.34 It adds the following features:
1252     - Squashfs
1253     - Ebtables
1254     - Netdev random (core+drivers)
1255     - Watchdog Timer (WDT) fix.
1256    
1257 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1258    
1259     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1260     +hardened-sources-2.4.26-r4.ebuild,
1261     +files/2.4.26-CAN-2004-0415.patch,
1262     -hardened-sources-2.4.26-3:
1263     Version bump, fix for CAN 0415, see bug #59378.
1264    
1265 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1266    
1267     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1268     +hardened-sources-2.4.26-r3.ebuild,
1269     +files/2.4.26-CAN-2004-0497.patch,
1270     -hardened-sources-2.4.26-r2.ebuild:
1271     Version bump, fixed CAN 0497, see bug #56171.
1272    
1273 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1274    
1275     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1276 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1277 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1278     +files/2.4.26-CAN-2004-0535.patch,
1279     -hardened-sources-2.4.26-r1.ebuild:
1280     Fixes for both CAN 0495 and 0535, see bug #54976
1281 pvdabeel 1.27
1282 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1283     hardened-sources-2.4.26-r1.ebuild:
1284     QA - fix use invocation
1285 scox 1.28
1286     *hardened-sources-2.4.26-r1 (22 June 2004)
1287    
1288     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1289     +hardened-sources-2.4.26-r1.ebuild,
1290     +files/2.4.26-CAN-2004-0394.patch,
1291     +files/2.4.26-signal-race.patch,
1292     -hardened-sources-2.4.26.ebuild,
1293     -hardened-sources-2.4.24-r3.ebuild:
1294     Version bump for the CAN-2004-0394 issue and bug #53804
1295     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1296    
1297    
1298 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1299     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1300     Masked hardened-sources-2.4.26.ebuild broken for ppc
1301    
1302     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1303     hardened-sources-2.4.24-r3.ebuild:
1304     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1305 plasmaroo 1.25
1306 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1307    
1308     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1309     +hardened-sources-2.4.26.ebuild:
1310     Updated hardened-sources for the 2.4.26 kernel
1311     Removed broken components, updated almost everything.
1312    
1313 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1314    
1315     17 Apr 2004; <plasmaroo@gentoo.org>
1316     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1317     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1318     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1319     +hardened-sources-2.4.24-r3.ebuild:
1320     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1321     vulnerabilities. Old revisions removed.
1322 plasmaroo 1.24
1323     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1324    
1325     15 Apr 2004; <plasmaroo@gentoo.org>
1326     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1327     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1328     Version bump for the CAN-2004-0109 issue; bug #47881.
1329 aliz 1.23
1330     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1331     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1332     Add eutils to inherit.
1333 plasmaroo 1.22
1334     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1335    
1336     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1337     files/hardened-sources-2.4.24.munmap.patch:
1338     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1339 scox 1.19
1340 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1341 scox 1.26
1342 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1343     hardened-sources-2.4.24.ebuild:
1344     Version bump, updated most of the components.
1345     This release includes the following:
1346    
1347     - Hardened security
1348     - Netfilter patch-o-matic 20031219
1349     - FreeSWAN 2.04 & x509 1.4.8
1350     - EVMS 2.2.2
1351     - XFS 1.3.1
1352     - cryptoloop jari
1353     - grsecurity 2.0-rc4
1354     - SELinux
1355     - PaX 200402060000
1356     - PaX Obscurity 200308302223
1357     - Others...
1358    
1359     Neither -ck nor systrace are included anymore.
1360    
1361 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1362    
1363     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1364     hardened-sources-2.4.22-r2.ebuild:
1365 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1366 scox 1.19
1367     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1368 iggy 1.17
1369     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1370 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1371 iggy 1.16
1372     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1373 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1374     Version bump for the 'do_brk' vulnerability.
1375 iggy 1.15
1376     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1377     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1378     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1379     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1380 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1381 frogger 1.14
1382     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1383     hardened-sources-2.4.22.ebuild:
1384 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1385     components. These are no longer handled in the kernel
1386     so this code was not necessary.
1387 frogger 1.13
1388     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1389     New 2.4.22 based hardened-sources thanks to
1390     Phil West <p.west@computer.org>.
1391    
1392     These sources include:
1393 plasmaroo 1.18 - New SELinux API
1394     - Updated CK-base
1395     - Updated GRSec
1396     - Systrace
1397     - SuperFreeS/WAN 1.99.8
1398     - Propolice kernel build support
1399     - EVMS
1400     - Other various security related patches
1401 frogger 1.11
1402 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1403    
1404     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1405     Updated hardened-sources based on the 2.4.21 Linux kernel.
1406     This includes updates to most major components such as:
1407 plasmaroo 1.18 - ck-base-0306300059
1408     - selinux-2.4-2003071106
1409     - grsecurity-2.0-rc1
1410     - Updated IPTables patch-o-matic
1411     - Updated SuperFreeS/WAN
1412    
1413 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1414     updated patch set ready for the 2.4.21 based kernel.
1415    
1416 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1417     Initial import of hardened-sources-2.4.20-r4. This revision
1418     includes only a few changes, but one of these is an important
1419     security fix. It is recommended all users of hardened-sources
1420     upgrade to this release.
1421 plasmaroo 1.18
1422 frogger 1.11 - ioperm bug fix
1423     - fixed compilation failure when building without GRSec
1424 plasmaroo 1.18
1425 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1426     due to time constraints, but is planned for inclusion in the near
1427     future.
1428 msterret 1.10
1429     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1430    
1431     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1432     hardened-sources-2.4.20-r3.ebuild:
1433 plasmaroo 1.18 Add Header...
1434 frogger 1.9
1435     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1436     hardened-sources-2.4.20-r3.ebuild:
1437     Removed warnings from ebuild. This kernel should be safe to
1438     use at this point.
1439 frogger 1.8
1440     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1441    
1442     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1443     hardened-sources-2.4.20-r3.ebuild:
1444     New revision. Includes the following changes over -r2:
1445 plasmaroo 1.18
1446 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1447     - Super FreeS/WAN 1.99.7rc2
1448     - PaX for the LSM/SELinux branch
1449     - GRSecurity 2.0-pre4 (role based access control)
1450     - Systrace 1.3
1451     - EXT3 fixes
1452     - EVMS 2.0.1
1453     - GCC 3.1+ compile optimizations
1454     - ProPolice kernel build support
1455     - Hashing table security fixes
1456 frogger 1.3
1457     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1458 frogger 1.7
1459     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1460     Initial import of hardened-sources-r2. This new
1461     ebuild includes many new performance and security
1462     related patches. As in -r1, it will patch in
1463     LSM/SELinux if "selinux" is in USE, otherwise it
1464     will patch in GRSecurity. The following patches
1465     are included in this revision:
1466 plasmaroo 1.18
1467 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1468     (pulled from the base CK patch)
1469     - ptrace exploit patch for the LSM kernel
1470     (the GRSec patch already fixes this)
1471     - LSM 2.4-2003040709
1472     - SELinux 2.4-2003040709
1473     - Systrace v1.2
1474     - IPTables patch-o-matic base patches - 20030107
1475     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1476     - Super FreeS/WAN 1.99.6.1
1477     - GRSecurity 1.9.9g
1478     - MPPE
1479     - EXT3 data journal fix
1480     - CIPE 1.5.4
1481 frogger 1.6
1482     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1483     hardened-sources-2.4.20-r1.ebuild, manifest:
1484 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1485 frogger 1.5
1486     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1487     hardened-sources-2.4.20-r1.ebuild:
1488     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1489     is patched in instead. Ptrace patches for selinux have also been added. In
1490     either case, systrace support will be patched in as well.
1491 frogger 1.3
1492     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1493     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1494 plasmaroo 1.18 Revision bump for new sources.
1495 frogger 1.4
1496 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1497 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1498 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1499 method 1.1
1500 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1501    
1502 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1503     hardened-sources-2.4.20.ebuild:
1504 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20