/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.245 - (hide annotations) (download)
Sun Oct 12 20:37:25 2008 UTC (5 years, 9 months ago) by gengor
Branch: MAIN
Changes since 1.244: +10 -1 lines
Add 2.6.26-r3, remove 2.6.26-r1, mark 2.6.25-r8 stable on amd64/x86.
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.245 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.244 2008/10/09 19:39:20 gengor Exp $
4    
5     *hardened-sources-2.6.26-r3 (12 Oct 2008)
6    
7     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
8     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
9     +hardened-sources-2.6.26-r3.ebuild:
10     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
11     2.6.26-r1: Removed.
12     2.6.25-r8: Stable amd64/x86.
13 gengor 1.244
14     *hardened-sources-2.6.25-r8 (09 Oct 2008)
15    
16     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
17     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
18     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
19     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
20 nixnut 1.243
21     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
22     Stable on ppc
23 gengor 1.242
24     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
25     hardened-sources-2.6.25-r7.ebuild:
26     Stable amd64/x86.
27 gengor 1.241
28     *hardened-sources-2.6.26-r2 (13 Sep 2008)
29    
30     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
31     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
32     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
33     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
34 gengor 1.240
35     *hardened-sources-2.6.25-r7 (13 Sep 2008)
36    
37     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
38     +hardened-sources-2.6.25-r7.ebuild:
39     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
40 gengor 1.239
41     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
42     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
43     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
44     hardened-sources-2.6.26-r1.ebuild:
45     Update DESCRIPTION and HGPV_URI.
46 gengor 1.238
47     *hardened-sources-2.6.25-r6 (09 Sep 2008)
48    
49     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
50     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
51     2.6.25-r6: Update to Linux 2.6.25.17.
52     2.6.24-r3: Removed.
53 gengor 1.237
54     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
55     hardened-sources-2.6.25-r5.ebuild:
56     Stable on amd64/x86
57 gengor 1.236
58     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
59     Update my email address.
60 nixnut 1.235
61     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
62     stable on ppc
63 battousai 1.234
64     *hardened-sources-2.6.26-r1 (23 Aug 2008)
65     *hardened-sources-2.6.25-r5 (23 Aug 2008)
66    
67     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
68     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
69     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
70     +hardened-sources-2.6.26-r1.ebuild:
71     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
72     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
73     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
74     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
75     (gengor).
76 solar 1.233
77     *hardened-sources-2.6.26 (18 Aug 2008)
78     *hardened-sources-2.6.25-r4 (18 Aug 2008)
79    
80     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
81     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
82     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
83     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
84     2.6.25-r2: Removed.
85 tove 1.232
86     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
87     Remove phreak from metadata.xml (#96398)
88 solar 1.231
89     *hardened-sources-2.6.25-r3 (31 Jul 2008)
90    
91     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
92     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
93     +hardened-sources-2.6.25-r3.ebuild:
94     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
95     fixes, including security bug #231750.
96 nixnut 1.230
97     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
98     Stable on ppc
99 solar 1.229
100     *hardened-sources-2.6.25-r2 (05 Jul 2008)
101    
102     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
103     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
104     +hardened-sources-2.6.25-r2.ebuild:
105     2.6.23-r4: Stable x86/amd64
106     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
107     2.6.23-r{11,12}: Removed due to multiple vulns.
108     (gengor & kerframil)
109 nixnut 1.228
110     04 Jul 2008; nixnut <nixnut@gentoo.org>
111     hardened-sources-2.6.23-r13.ebuild:
112     Stable on ppc
113 solar 1.227
114     *hardened-sources-2.6.25-r1 (30 Jun 2008)
115    
116     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
117     +hardened-sources-2.6.25-r1.ebuild:
118     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
119     grsecurity release. 2.6.23-r13: x86/amd64 stable
120 solar 1.226
121     *hardened-sources-2.6.25 (17 Jun 2008)
122     *hardened-sources-2.6.24-r3 (17 Jun 2008)
123     *hardened-sources-2.6.23-r13 (17 Jun 2008)
124    
125     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
126     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
127     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
128     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
129     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
130     2.6.25: Initial 2.6.25 release.
131 solar 1.225
132     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
133     - fasttrack to stable x86/amd64
134 swegener 1.224
135     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
136     Fix broken digest for linux-2.6.24.tar.bz2.
137 solar 1.223
138     *hardened-sources-2.6.24-r2 (11 May 2008)
139     *hardened-sources-2.6.23-r12 (11 May 2008)
140    
141     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
142     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
143     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
144     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
145     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
146     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
147     security bugs 219901, 220691, 220975, 220979, 221123. New
148     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
149     should be removed as far as I'm concerned, everything else remove due to
150     vulnerable to numerous security bugs or brokeness.
151 nixnut 1.222
152     10 May 2008; nixnut <nixnut@gentoo.org>
153     hardened-sources-2.6.23-r11.ebuild:
154     Stable on ppc
155 solar 1.221
156     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
157     - -r11 stable on x86/amd64
158 solar 1.220
159     *hardened-sources-2.6.23-r11 (01 May 2008)
160    
161     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
162     - version bump to fix ulgy linux bugs
163 phreak 1.219
164     *hardened-sources-2.6.24-r1 (30 Apr 2008)
165    
166     30 Apr 2008; Christian Heim <phreak@gentoo.org>
167     +hardened-sources-2.6.24-r1.ebuild:
168     Revision bump (thanks to Kerin and Gordon, again), pulling
169     genpatches-2.6.24-7, solving #219089. Additionally contains further security
170     fixes plus some minor updates.
171 phreak 1.218
172     *hardened-sources-2.6.23-r10 (30 Apr 2008)
173    
174     30 Apr 2008; Christian Heim <phreak@gentoo.org>
175     +hardened-sources-2.6.23-r10.ebuild:
176     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
177     Additional contains "various other fixes".
178 phreak 1.217
179     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
180     Update the longdescription in metadata, thanks to Gordon Malm.
181 nixnut 1.216
182     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
183     Stable on ppc wrt bug #213255
184 solar 1.215
185     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
186     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
187     - stable on x86/amd64 per request. Removed obsolete ebuilds
188 phreak 1.214
189     *hardened-sources-2.6.24 (07 Apr 2008)
190    
191     07 Apr 2008; Christian Heim <phreak@gentoo.org>
192     +hardened-sources-2.6.24.ebuild:
193     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
194     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
195     for the many contributions and their continued effort in #216612) based on
196     2.6.24 and genpatches-2.6.24-5.
197    
198     The current ebuild/patchset contains these things:
199     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
200     * Introduces bespoke server and workstation oriented security levels
201     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
202 phreak 1.213
203     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
204     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
205     maintaining it).
206 phreak 1.212
207     24 Mar 2008; Christian Heim <phreak@gentoo.org>
208     hardened-sources-2.4.35-r2.ebuild:
209     Fixing SRC_URI for 2.4.35-r2.
210 phreak 1.211
211     *hardened-sources-2.6.23-r9 (22 Mar 2008)
212    
213     22 Mar 2008; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.23-r9.ebuild:
215     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
216     * Change the default GIDs for some grsecurity options
217     * Revamp the Hardened [Gentoo] security level and make it the default level
218     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
219     * Fix a recursive lock -- call to capable() within ptrace_attach()
220     * Fix bug that allows audit and iscsi operations to be controlled via netlink
221 solar 1.210
222     *hardened-sources-2.6.23-r8 (27 Feb 2008)
223    
224     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
225     - version bump from Kerin Millar bug 210026
226 solar 1.209
227     17 Feb 2008; <solar@gentoo.org> metadata.xml,
228     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
229     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
230     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
231     - stable on x86 and remove old ebuilds
232 solar 1.207
233     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
234 solar 1.208 - stable on amd64 per request of amd64 lead
235 solar 1.206
236     *hardened-sources-2.6.23-r7 (11 Feb 2008)
237    
238     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
239     - version bump from kerin.millar
240     Changes:
241    
242     * Bump to genpatches-base-2.6.23-9
243     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
244     * Disables COMPAT_VDSO in x86/defconfig
245     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
246 phreak 1.205
247     25 Jan 2008; Christian Heim <phreak@gentoo.org>
248     -hardened-sources-2.6.22-r8.ebuild:
249     Cleaning up old versions.
250 phreak 1.204
251     *hardened-sources-2.6.23-r6 (25 Jan 2008)
252    
253     25 Jan 2008; Christian Heim <phreak@gentoo.org>
254     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
255     Revision bump, pulling in the latest genpatches.
256 phreak 1.203
257     *hardened-sources-2.6.23-r5 (24 Dec 2007)
258    
259     24 Dec 2007; Christian Heim <phreak@gentoo.org>
260     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
261     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
262     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
263     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
264 phreak 1.202
265     24 Dec 2007; Christian Heim <phreak@gentoo.org>
266     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
267     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
268     -hardened-sources-2.6.23-r3.ebuild:
269     Cleaning out some unused, old versions.
270 phreak 1.201
271     24 Dec 2007; Christian Heim <phreak@gentoo.org>
272     hardened-sources-2.6.23-r4.ebuild:
273     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
274     in the tree for long, but there isn't much of a difference between this and
275     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
276 phreak 1.200
277     *hardened-sources-2.6.23-r4 (23 Dec 2007)
278    
279     23 Dec 2007; Christian Heim <phreak@gentoo.org>
280     +hardened-sources-2.6.23-r4.ebuild:
281     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
282 phreak 1.199
283     *hardened-sources-2.6.23-r3 (04 Dec 2007)
284    
285     04 Dec 2007; Christian Heim <phreak@gentoo.org>
286     +hardened-sources-2.6.23-r3.ebuild:
287     Revision bump, pulling in 2.6.23.9.
288 phreak 1.198
289     *hardened-sources-2.6.23-r2 (25 Nov 2007)
290    
291     25 Nov 2007; Christian Heim <phreak@gentoo.org>
292     +hardened-sources-2.6.23-r2.ebuild:
293     Updated patchset, thanks to solar.
294 phreak 1.197
295     *hardened-sources-2.6.23-r1 (31 Oct 2007)
296    
297     31 Oct 2007; Christian Heim <phreak@gentoo.org>
298     +hardened-sources-2.6.23-r1.ebuild:
299     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
300 solar 1.196
301     29 Oct 2007; <solar@gentoo.org> metadata.xml:
302     - update metadata.xml
303 phreak 1.195
304     25 Oct 2007; Christian Heim <phreak@gentoo.org>
305     hardened-sources-2.6.22-r8.ebuild:
306     Marking 2.6.22-r8 stable on amd64 and x86.
307 phreak 1.194
308     21 Oct 2007; Christian Heim <phreak@gentoo.org>
309     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
310     -hardened-sources-2.6.21-r4.ebuild:
311     Removing old ebuilds.
312 phreak 1.193
313     *hardened-sources-2.4.35-r2 (21 Oct 2007)
314    
315     21 Oct 2007; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.4.35-r2.ebuild:
317     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
318     patches.
319 phreak 1.192
320     *hardened-sources-2.6.22-r8 (21 Oct 2007)
321    
322     21 Oct 2007; Christian Heim <phreak@gentoo.org>
323     +hardened-sources-2.6.22-r8.ebuild:
324     Yet another new patch, hopefully fixing the remaining issues we had w/
325     2.6.22. Candidate for stabling.
326 phreak 1.191
327     *hardened-sources-2.6.23 (13 Oct 2007)
328    
329     13 Oct 2007; Christian Heim <phreak@gentoo.org>
330     +hardened-sources-2.6.23.ebuild:
331     Initial hardened-sources-2.6.23. If people still have problems w/ bug
332     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
333 phreak 1.190
334     11 Oct 2007; Christian Heim <phreak@gentoo.org>
335     hardened-sources-2.6.20-r10.ebuild:
336     Pulling in yet another new genpatches version, fixing the PWC bug for real.
337 phreak 1.189
338     04 Oct 2007; Christian Heim <phreak@gentoo.org>
339     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
340     Removing old versions.
341 phreak 1.188
342     *hardened-sources-2.6.22-r7 (01 Oct 2007)
343    
344     01 Oct 2007; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.22-r7.ebuild:
346     Revision bump, pulling in a newer patch. Should fix #194276.
347 phreak 1.187
348     30 Sep 2007; Christian Heim <phreak@gentoo.org>
349     hardened-sources-2.6.20-r10.ebuild:
350     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
351     Mike Doty).
352 phreak 1.186
353     *hardened-sources-2.6.22-r6 (26 Sep 2007)
354    
355     26 Sep 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.22-r6.ebuild:
357     Revision bump, grabbing up till Linux 2.6.22.9.
358 phreak 1.185
359     24 Sep 2007; Christian Heim <phreak@gentoo.org>
360     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
361     Cleaning up further.
362 phreak 1.184
363     *hardened-sources-2.6.20-r10 (24 Sep 2007)
364    
365     24 Sep 2007; Christian Heim <phreak@gentoo.org>
366     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
367     +hardened-sources-2.6.20-r10.ebuild:
368     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
369     revisions.
370 phreak 1.183
371     *hardened-sources-2.6.22-r5 (22 Sep 2007)
372    
373     22 Sep 2007; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.6.22-r5.ebuild:
375     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
376 phreak 1.182
377     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
378     Removing johnm from metadata.xml (see #186467 for reference).
379 phreak 1.181
380     *hardened-sources-2.6.22-r4 (17 Sep 2007)
381    
382     17 Sep 2007; Christian Heim <phreak@gentoo.org>
383     +hardened-sources-2.6.22-r4.ebuild:
384     Revision bump, hopefully fixing all those weird PAX failures.
385 phreak 1.180
386     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
387     Updating the metadata.xml.
388 phreak 1.179
389     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
390     Removing tocharian from metadata due to his retirement (see #71718 for
391     reference).
392 phreak 1.178
393     *hardened-sources-2.6.20-r9 (30 Aug 2007)
394    
395     30 Aug 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.6.20-r9.ebuild:
397     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
398 phreak 1.177
399     29 Aug 2007; Christian Heim <phreak@gentoo.org>
400     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
401     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
402     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
403     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
404     -hardened-sources-2.6.22-r2.ebuild:
405     Removing some redundant versions.
406 phreak 1.176
407     *hardened-sources-2.4.35-r1 (29 Aug 2007)
408    
409     29 Aug 2007; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.4.35-r1.ebuild:
411     Revision bump, new grsecurity patch.
412 phreak 1.175
413     *hardened-sources-2.6.20-r8 (26 Aug 2007)
414    
415     26 Aug 2007; Christian Heim <phreak@gentoo.org>
416     +hardened-sources-2.6.20-r8.ebuild:
417     Revision bump for Linux 2.6.20.17.
418 phreak 1.174
419     *hardened-sources-2.6.22-r3 (22 Aug 2007)
420    
421     22 Aug 2007; Christian Heim <phreak@gentoo.org>
422     +hardened-sources-2.6.22-r3.ebuild:
423     Revision bump for Linux 2.6.22.4.
424 phreak 1.173
425     16 Aug 2007; Christian Heim <phreak@gentoo.org>
426     hardened-sources-2.6.22-r2.ebuild:
427     Updated patchset, to fix the alignment against 2.6.22.3.
428 phreak 1.172
429     *hardened-sources-2.6.22-r2 (16 Aug 2007)
430    
431     16 Aug 2007; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.6.22-r2.ebuild:
433     Revision bump for Linux 2.6.22.3.
434 phreak 1.171
435     *hardened-sources-2.4.35 (16 Aug 2007)
436    
437     16 Aug 2007; Christian Heim <phreak@gentoo.org>
438     +hardened-sources-2.4.35.ebuild:
439     Version bump, initial version for Linux 2.4.35.
440 phreak 1.170
441     *hardened-sources-2.6.21-r4 (16 Aug 2007)
442    
443     16 Aug 2007; Christian Heim <phreak@gentoo.org>
444     +hardened-sources-2.6.21-r4.ebuild:
445     Revision bump for Linux 2.6.21.6.
446 phreak 1.169
447     *hardened-sources-2.6.20-r7 (16 Aug 2007)
448    
449     16 Aug 2007; Christian Heim <phreak@gentoo.org>
450     +hardened-sources-2.6.20-r7.ebuild:
451     Revision bump for Linux 2.6.20.16.
452 phreak 1.168
453     *hardened-sources-2.6.22-r1 (13 Aug 2007)
454    
455     13 Aug 2007; Christian Heim <phreak@gentoo.org>
456     +hardened-sources-2.6.22-r1.ebuild:
457     Yet another revision bump.
458 phreak 1.167
459     *hardened-sources-2.6.22 (10 Aug 2007)
460    
461     10 Aug 2007; Christian Heim <phreak@gentoo.org>
462     +hardened-sources-2.6.22.ebuild:
463     Initial release for 2.6.22. If you are using hardened-sources on a desktop
464     machine (P4 or newer), be aware you might need to disable
465     CONFIG_PAX_PAGEEXEC.
466 phreak 1.166
467     04 Aug 2007; Christian Heim <phreak@gentoo.org>
468     hardened-sources-2.6.20-r6.ebuild:
469     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
470     2.6.20.15.
471 phreak 1.165
472     10 Jul 2007; Christian Heim <phreak@gentoo.org>
473     hardened-sources-2.6.20-r5.ebuild:
474     Marking hardened-sources-2.6.20-r5 stable on ppc.
475 phreak 1.164
476     10 Jul 2007; Christian Heim <phreak@gentoo.org>
477     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
478     Cleanup.
479 phreak 1.163
480     *hardened-sources-2.6.20-r6 (08 Jul 2007)
481    
482     08 Jul 2007; Christian Heim <phreak@gentoo.org>
483     +hardened-sources-2.6.20-r6.ebuild:
484     Revision bump, grabbing yet another stable release.
485 phreak 1.162
486     17 Jun 2007; Christian Heim <phreak@gentoo.org>
487     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
488     -hardened-sources-2.6.21-r2.ebuild:
489     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
490     alpha stable KEYWORD by mistake.
491 phreak 1.161
492     17 Jun 2007; Christian Heim <phreak@gentoo.org>
493     hardened-sources-2.6.20-r5.ebuild:
494     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
495     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
496 phreak 1.160
497     *hardened-sources-2.6.21-r3 (12 Jun 2007)
498    
499     12 Jun 2007; Christian Heim <phreak@gentoo.org>
500     +hardened-sources-2.6.21-r3.ebuild:
501     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
502     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
503     love.
504 phreak 1.159
505     *hardened-sources-2.6.20-r5 (11 Jun 2007)
506    
507     11 Jun 2007; Christian Heim <phreak@gentoo.org>
508     +hardened-sources-2.6.20-r5.ebuild:
509     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
510     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
511     love.
512 pappy 1.158
513     *hardened-sources-2.4.34.5 (11 Jun 2007)
514    
515     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
516     +hardened-sources-2.4.34.5.ebuild:
517     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
518 phreak 1.157
519     30 May 2007; Christian Heim <phreak@gentoo.org>
520     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
521     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
522     stale ebuild(s).
523 phreak 1.156
524     30 May 2007; Christian Heim <phreak@gentoo.org>
525     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
526     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
527     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
528     Doing some cleanups, remove stale ebuilds.
529 phreak 1.155
530     26 May 2007; Christian Heim <phreak@gentoo.org>
531     hardened-sources-2.6.21-r2.ebuild:
532     Fixing the grsecurity patch, had one '};' too much.
533 phreak 1.154
534     *hardened-sources-2.6.21-r2 (26 May 2007)
535    
536     26 May 2007; Christian Heim <phreak@gentoo.org>
537     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
538     +hardened-sources-2.6.21-r2.ebuild:
539     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
540     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
541 phreak 1.153
542     *hardened-sources-2.6.20-r4 (26 May 2007)
543    
544     26 May 2007; Christian Heim <phreak@gentoo.org>
545     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
546     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
547 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
548 phreak 1.152
549     15 May 2007; Christian Heim <phreak@gentoo.org>
550     hardened-sources-2.6.20-r3.ebuild:
551     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
552     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
553     grsecurity patch fail in that exact same hunk.
554 phreak 1.151
555     *hardened-sources-2.6.20-r3 (15 May 2007)
556    
557     15 May 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
559     Revision bump, incorporating Linux 2.6.20.11.
560    
561     *hardened-sources-2.6.21-r1 (11 May 2007)
562    
563     11 May 2007; Christian Heim <phreak@gentoo.org>
564     +hardened-sources-2.6.21-r1.ebuild:
565     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
566     mentioned in #177234.
567 kevquinn 1.150
568     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
569     files/digest-hardened-sources-2.6.21, Manifest:
570     Fix Manifest/digest for linux-2.6.21.tar.bz2
571 phreak 1.149
572     06 May 2007; Christian Heim <phreak@gentoo.org>
573     hardened-sources-2.6.21.ebuild:
574     Bumping the hardened-patches version, needed for the fix for #177234.
575 phreak 1.148
576     *hardened-sources-2.6.21 (02 May 2007)
577    
578     02 May 2007; Christian Heim <phreak@gentoo.org>
579     +hardened-sources-2.6.21.ebuild:
580     Version bump, Linux 2.6.21-hardened.
581 phreak 1.147
582     29 Apr 2007; Christian Heim <phreak@gentoo.org>
583     hardened-sources-2.6.20-r2.ebuild:
584     Adding ~ia64 on Ned's request.
585 phreak 1.146
586     29 Apr 2007; Christian Heim <phreak@gentoo.org>
587     hardened-sources-2.6.20-r2.ebuild:
588     Fixing the included grsecurity patch, wasn't alligning due to the Index:
589     header line(s).
590 phreak 1.145
591     29 Apr 2007; Christian Heim <phreak@gentoo.org>
592     hardened-sources-2.6.20-r2.ebuild:
593     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
594 armin76 1.144
595     *hardened-sources-2.6.20-r2 (10 Apr 2007)
596    
597     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
598     +hardened-sources-2.6.20-r2.ebuild:
599     Version bump, on behalf of phreak
600 phreak 1.143
601     *hardened-sources-2.6.20-r1 (04 Apr 2007)
602    
603     04 Apr 2007; Christian Heim <phreak@gentoo.org>
604     +hardened-sources-2.6.20-r1.ebuild:
605     Revision bump, grabbing a newer grsecurity snapshot.
606 phreak 1.142
607     *hardened-sources-2.6.20 (25 Mar 2007)
608    
609     25 Mar 2007; Christian Heim <phreak@gentoo.org>
610     +hardened-sources-2.6.20.ebuild:
611     Finally a hardened-sources version for 2.6.20; many people have been waiting
612     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
613     testbox.
614 chainsaw 1.141
615     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
616     hardened-sources-2.6.18-r6.ebuild:
617     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
618 phreak 1.140
619     *hardened-sources-2.6.18-r6 (16 Mar 2007)
620    
621     16 Mar 2007; Christian Heim <phreak@gentoo.org>
622     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
623     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
624     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
625     supposed to be.
626 phreak 1.139
627     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
628     Fixing the Manifest, the previous one was broken (as in still had the
629     deleted ebuild in it).
630 phreak 1.138
631     06 Mar 2007; Christian Heim <phreak@gentoo.org>
632     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
633     +hardened-sources-2.6.18-r5.ebuild:
634     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
635     Linux 2.6.18.8. Also cleaning up the older version.
636    
637     *hardened-sources-2.6.18-r5 (06 Mar 2007)
638    
639     06 Mar 2007; Christian Heim <phreak@gentoo.org>
640     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
641     +hardened-sources-2.6.18-r5.ebuild:
642     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
643     Linux 2.6.18.8. Also cleaning up the older version.
644 phreak 1.137
645     24 Feb 2007; Christian Heim <phreak@gentoo.org>
646     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
647     -hardened-sources-2.6.19-r5.ebuild:
648     Removing some of the old version, that didn't work.
649 phreak 1.136
650     *hardened-sources-2.6.19-r6 (12 Feb 2007)
651    
652     12 Feb 2007; Christian Heim <phreak@gentoo.org>
653     +hardened-sources-2.6.19-r6.ebuild:
654     Revision bump, including a new grsec version fixing #166235.
655 pappy 1.134
656     *hardened-sources-2.4.34 (24 Jan 2007)
657    
658     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
659 pappy 1.135 Manifest:
660     updating Manifest with checksums of new tarball and ebuild
661    
662     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
663 pappy 1.134 +hardened-sources-2.4.34.ebuild:
664     I added new hardened sources 2.4 update, this is a critical path
665     security bugfix - all users of h-s are strongly advised
666     to update their existing hardened sources to this version.
667     It contains a fix for a kernel vulnerability that is pertaining
668     to the PaX changes to virtual memory management, possibly leading
669     to a local kernel exploit ... see grsecurity.net forums and homepage
670 phreak 1.133
671     23 Jan 2007; Christian Heim <phreak@gentoo.org>
672     files/digest-hardened-sources-2.6.19-r5, Manifest:
673     Fixing the patch-tarball digest.
674 phreak 1.132
675     *hardened-sources-2.6.19-r5 (23 Jan 2007)
676    
677     23 Jan 2007; Christian Heim <phreak@gentoo.org>
678     +hardened-sources-2.6.19-r5.ebuild:
679     Revision bump, closing the recently discovered PaX expand_stack()
680     vulnerability.
681 phreak 1.131
682     *hardened-sources-2.6.19-r4 (14 Jan 2007)
683    
684     14 Jan 2007; Christian Heim <phreak@gentoo.org>
685     +hardened-sources-2.6.19-r4.ebuild:
686     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
687     dropping the randomized PID feature.
688 opfer 1.130
689     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
690     hardened-sources-2.4.33.4.ebuild:
691     stable x86, bug #161171
692 phreak 1.129
693     *hardened-sources-2.6.19-r3 (27 Dec 2006)
694    
695     27 Dec 2006; Christian Heim <phreak@gentoo.org>
696     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
697     Revision bump for bug #157186 and #158786.
698 phreak 1.128
699     *hardened-sources-2.6.18-r4 (27 Dec 2006)
700    
701     27 Dec 2006; Christian Heim <phreak@gentoo.org>
702     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
703     Revision bump for bug #157186.
704 phreak 1.127
705     *hardened-sources-2.6.19-r2 (23 Dec 2006)
706    
707     23 Dec 2006; Christian Heim <phreak@gentoo.org>
708     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
709     Revision bump to pull in genpatches-2.6.19-3 for #157186.
710 phreak 1.126
711     17 Dec 2006; Christian Heim <phreak@gentoo.org>
712     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
713     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
714     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
715     hardened-sources-2.6.19-r1.ebuild:
716     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
717     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
718 pappy 1.125
719     *hardened-sources-2.4.33.4 (17 Dec 2006)
720    
721     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
722     +hardened-sources-2.4.33.4.ebuild:
723     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
724     and quilting
725 phreak 1.124
726     *hardened-sources-2.6.19-r1 (14 Dec 2006)
727    
728     14 Dec 2006; Christian Heim <phreak@gentoo.org>
729     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
730     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
731     for reporting).
732 phreak 1.123
733     *hardened-sources-2.6.19 (13 Dec 2006)
734    
735     13 Dec 2006; Christian Heim <phreak@gentoo.org>
736     +hardened-sources-2.6.19.ebuild:
737     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
738     Brad for providing that prompt update.
739 phreak 1.122
740     *hardened-sources-2.6.18-r3 (13 Dec 2006)
741    
742     13 Dec 2006; Christian Heim <phreak@gentoo.org>
743     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
744     +hardened-sources-2.6.18-r3.ebuild:
745     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
746     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
747 phreak 1.121
748     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
749     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
750 nixnut 1.120
751     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
752     Stable on ppc wrt bug 157356
753 opfer 1.119
754     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
755     hardened-sources-2.6.18.ebuild:
756     stable x86, bug #157356
757 phreak 1.118
758     *hardened-sources-2.6.18-r2 (06 Dec 2006)
759    
760     06 Dec 2006; Christian Heim <phreak@gentoo.org>
761     +hardened-sources-2.6.18-r2.ebuild:
762     Revision bump, including 2.6.18.5 (via genpatches) and
763     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
764     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
765     redesign.
766 phreak 1.117
767     06 Dec 2006; Christian Heim <phreak@gentoo.org>
768     hardened-sources-2.6.18.ebuild:
769     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
770     of Mike Doty).
771 phreak 1.116
772     *hardened-sources-2.6.18-r1 (23 Nov 2006)
773    
774     23 Nov 2006; Christian Heim <phreak@gentoo.org>
775     +hardened-sources-2.6.18-r1.ebuild:
776     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
777 phreak 1.115
778     *hardened-sources-2.6.18 (11 Nov 2006)
779    
780     11 Nov 2006; Christian Heim <phreak@gentoo.org>
781     +hardened-sources-2.6.18.ebuild:
782     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
783 solar 1.114
784     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
785     - mark amd64 stable also. bug #151877
786 solar 1.113
787     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
788     - mark 2.6.17-r1 stable
789 phreak 1.112
790     27 Aug 2006; Christian Heim <phreak@gentoo.org>
791     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
792     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
793 phreak 1.111
794     *hardened-sources-2.6.17-r1 (26 Aug 2006)
795    
796     26 Aug 2006; Christian Heim <phreak@gentoo.org>
797     +hardened-sources-2.6.17-r1.ebuild:
798     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
799     grsecurity patch.
800 phreak 1.110
801     *hardened-sources-2.6.17 (17 Aug 2006)
802    
803     17 Aug 2006; Christian Heim <phreak@gentoo.org>
804     +hardened-sources-2.6.17.ebuild:
805     Bumping the hardened-sources-2.6 series to 2.6.17, using
806     genpatches-2.6.17-6.base.
807 solar 1.109
808     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
809     - stable on x86 and amd64
810 solar 1.108
811     *hardened-sources-2.6.16-r11 (15 Jul 2006)
812    
813     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
814     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
815     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
816     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
817     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
818     crusty ebuilds
819 johnm 1.107
820     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
821     hardened-sources-2.6.16-r10.ebuild:
822     marking stable on x86 and amd64
823 solar 1.106
824     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
825     - 2.4.32-r6 stable on x86. RSBAC state unknown
826 kang 1.105
827     *hardened-sources-2.4.32-r7 (10 Jul 2006)
828    
829     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
830     +hardened-sources-2.4.32-r7.ebuild:
831     Bump PaX for RSBAC to test-17
832 johnm 1.104
833     *hardened-sources-2.6.16-r9 (03 Jul 2006)
834    
835     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
836     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
837     hardened-sources-2.6.16 bump to latest -base.
838 solar 1.103
839     *hardened-sources-2.4.32-r6 (30 Jun 2006)
840    
841     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
842     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
843     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
844     sysctl controlable resource logging
845 johnm 1.102
846     *hardened-sources-2.6.16-r7 (05 Jun 2006)
847    
848     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
849     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
850     push new 2.6.16 release in preparation for stable
851 solar 1.101
852     22 May 2006; <solar@gentoo.org> :
853     - redigest bug 134002
854 kang 1.100
855     *hardened-sources-2.4.32-r5 (16 May 2006)
856    
857     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
858     +hardened-sources-2.4.32-r5.ebuild:
859     Fixes rsbac common patching (new patch in new -r5 patchset)
860 solar 1.99
861     *hardened-sources-2.4.32-r4 (13 May 2006)
862    
863     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
864     +hardened-sources-2.4.32-r4.ebuild:
865     - security bumps
866 johnm 1.98
867     *hardened-sources-2.6.16-r6 (03 May 2006)
868    
869     03 May 2006; John Mylchreest <johnm@gentoo.org>
870     +hardened-sources-2.6.16-r6.ebuild:
871     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
872 johnm 1.97
873     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
874     hardened-sources-2.6.14-r8.ebuild:
875     fix x86_64 build problem, this will delay the digest issue again for a short
876     while but it will sort itself out
877 johnm 1.96
878     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
879     hardened-sources-2.6.14-r8.ebuild:
880     bump hardened patchset
881 antarus 1.94
882     27 Apr 2006; Alec Warner <antarus@gentoo.org>
883     files/digest-hardened-sources-2.4.32-r2,
884     files/digest-hardened-sources-2.4.32-r3,
885     files/digest-hardened-sources-2.6.14-r8, Manifest:
886     Fixing duff SHA256 digests: Bug # 131293
887 johnm 1.93
888 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
889    
890     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
891     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
892     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
893     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
894     cleanup of old uneccessary sources
895    
896 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
897     fix digest
898 johnm 1.92
899     *hardened-sources-2.6.14-r8 (20 Apr 2006)
900    
901     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
902     +hardened-sources-2.6.14-r8.ebuild:
903     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
904 johnm 1.91
905     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
906     Turning on gpg-signing again, and recomitting
907 johnm 1.90
908     *hardened-sources-2.6.16-r4 (20 Apr 2006)
909    
910     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
911     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
912     +hardened-sources-2.6.16-r4.ebuild:
913     Fix numerous security vulns
914 solar 1.89
915     *hardened-sources-2.4.32-r3 (16 Apr 2006)
916    
917     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
918     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
919     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
920     - security bump for bug #112791. Removed old ebuilds
921 johnm 1.88
922     *hardened-sources-2.6.16-r3 (15 Apr 2006)
923    
924     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
925     +hardened-sources-2.6.16-r3.ebuild:
926     Removing silly localversion which I missed
927 johnm 1.87
928     *hardened-sources-2.6.14-r7 (14 Apr 2006)
929    
930     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
931     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
932     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
933 johnm 1.86
934     *hardened-sources-2.6.16-r2 (13 Apr 2006)
935    
936     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
937     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
938     +hardened-sources-2.6.16-r2.ebuild:
939     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
940     labels, dropping USERGROUP define fixes, since these were merged mainstream.
941 johnm 1.85
942     *hardened-sources-2.6.16-r1 (11 Apr 2006)
943    
944     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
945     +hardened-sources-2.6.16-r1.ebuild:
946     Bumping to include ppc build fix and 2.6.16.3
947 tsunam 1.84
948     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
949     hardened-sources-2.6.14-r6.ebuild:
950     Stable on x86; bug #127718
951 johnm 1.83
952     *hardened-sources-2.6.16 (31 Mar 2006)
953    
954     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
955     +hardened-sources-2.6.16.ebuild:
956     Bumping to new version of grsec, and kernel base. New squashfs. Based on
957     2.6.16.1
958 cryos 1.82
959     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
960     hardened-sources-2.6.14-r6.ebuild:
961     Stable on amd64, bug 127718.
962 nixnut 1.81
963     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
964     Stable on ppc. Bug #127718
965 johnm 1.80
966     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
967     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
968     -hardened-sources-2.6.14-r4.ebuild:
969     Cleanup.
970 johnm 1.79
971     *hardened-sources-2.6.14-r6 (15 Mar 2006)
972    
973     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
974     +hardened-sources-2.6.14-r6.ebuild:
975     Fixes grsec policy recreation bug and adds a
976     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
977 solar 1.78
978     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
979     - stable on x86
980 hansmi 1.77
981     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
982     hardened-sources-2.6.14-r5.ebuild:
983     Stable on ppc.
984 johnm 1.76
985     *hardened-sources-2.6.14-r5 (01 Feb 2006)
986    
987     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
988     +hardened-sources-2.6.14-r5.ebuild:
989     fixing every known exploit
990 solar 1.75
991     *hardened-sources-2.4.32-r2 (26 Jan 2006)
992    
993     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
994     +hardened-sources-2.4.32-r2.ebuild:
995     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
996 solar 1.74
997     *hardened-sources-2.6.14-r4 (12 Jan 2006)
998    
999     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1000     - version bump for new genpatches which fix up a few sec holes
1001 solar 1.73
1002     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1003    
1004     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1005     - revision bump to add misc vital linux kernel security patches.
1006 johnm 1.72
1007     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1008    
1009     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1010     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1011     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1012 johnm 1.71
1013     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1014     hardened-sources-2.6.14-r2.ebuild:
1015     making x86 & amd64 stable following testing.
1016 johnm 1.70
1017     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1018    
1019     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1020     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1021     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1022     network hooks.
1023 johnm 1.69
1024     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1025     hardened-sources-2.6.14-r1.ebuild:
1026     bumping to stable early for sec fix on x86 & amd64
1027 johnm 1.68
1028     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1029    
1030     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1031     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1032     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1033 solar 1.67
1034     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1035     - stable on x86 security bug #114227 CAN-2005-3257
1036 kang 1.66
1037     *hardened-sources-2.4.32 (19 Nov 2005)
1038    
1039     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1040     +hardened-sources-2.4.32.ebuild:
1041     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1042     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1043     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1044     rsbac >> /etc/portage/package.use)
1045 johnm 1.65
1046     *hardened-sources-2.6.14 (14 Nov 2005)
1047    
1048     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1049     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1050     Bumping 2.6 series to 2.6.14.2
1051 johnm 1.64
1052     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1053    
1054     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1055     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1056     +hardened-sources-2.6.13-r2.ebuild:
1057     Fixes minor build error in ppc.
1058 johnm 1.63
1059     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1060    
1061     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1062     +hardened-sources-2.6.13-r1.ebuild:
1063     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1064     2.6.13.4, fixes some major amd64 stability problems.
1065 johnm 1.62
1066     *hardened-sources-2.6.13 (16 Sep 2005)
1067    
1068     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1069     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1070     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1071     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1072     users should test this thoroughly.
1073 solar 1.61
1074     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1075     - stable on x86
1076 johnm 1.60
1077     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1078    
1079     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1080     +hardened-sources-2.6.11-r15.ebuild:
1081     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1082     grsec redefining curr_ip struct.
1083 solar 1.59
1084     *hardened-sources-2.4.31 (20 Jun 2005)
1085    
1086     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1087     initial import of 2.4.31 tree
1088 johnm 1.58
1089     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1090    
1091     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1092     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1093     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1094     naming scheme to abide by genpatches
1095 johnm 1.57
1096     *hardened-sources-2.6.11-r13 (18 May 2005)
1097    
1098     18 May 2005; John Mylchreest <johnm@gentoo.org>
1099     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1100     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1101     target. sorry about that. Fixes bug #93022
1102 johnm 1.56
1103     *hardened-sources-2.6.11-r12 (17 May 2005)
1104    
1105     17 May 2005; John Mylchreest <johnm@gentoo.org>
1106     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1107     +hardened-sources-2.6.11-r12.ebuild:
1108     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1109     merges in genpatches-base
1110 johnm 1.55
1111     *hardened-sources-2.6.11-r12 (17 May 2005)
1112    
1113     17 May 2005; John Mylchreest <johnm@gentoo.org>
1114     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1115     +hardened-sources-2.6.11-r12.ebuild:
1116     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1117     merges in genpatches-base
1118 solar 1.54
1119     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1120     -files/2.4.27-cmdline-race.patch,
1121     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1122     -files/2.4.28-grsec-binfmt_a.out.patch,
1123     -files/2.4.28-grsec-cmdline-race.patch,
1124     -files/2.4.28-selinux-binfmt_a.out.patch,
1125     -files/2.4.28-selinux-cmdline-race.patch,
1126     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1127     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1128     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1129     cleanup..
1130 solar 1.53
1131     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1132    
1133     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1134     - disable aout by default
1135 solar 1.52
1136     *hardened-sources-2.4.30 (18 Apr 2005)
1137    
1138     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1139     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1140     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1141     use
1142 tocharian 1.50
1143 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1144    
1145     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1146     +hardened-sources-2.4.29.ebuild:
1147     New hardened-patches-2.4-29.0 patchball.
1148     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1149    
1150     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1151    
1152     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1153     +hardened-sources-2.4.28-r5.ebuild:
1154     Added a fix for a PaX vulnerability.
1155    
1156     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1157 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1158     Stable on x86
1159 solar 1.49
1160     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1161     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1162     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1163     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1164     - fixed/added RDEPEND= in all kernel-2 ebuilds
1165 tocharian 1.48
1166     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1167    
1168     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1169     +hardened-sources-2.4.28-r4.ebuild:
1170     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1171     backport of neighbour hash updates.
1172 tocharian 1.47
1173     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1174     hardened-sources-2.4.28-r3.ebuild:
1175     Stable on x86
1176 tseng 1.46
1177     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1178    
1179     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1180     +hardened-sources-2.6.10-r3.ebuild:
1181     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1182     in 2005.0
1183 tocharian 1.45
1184     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1185     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1186     hardened-sources-2.4.28-r2.ebuild:
1187     Mark stable on x86
1188 tocharian 1.44
1189     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1190    
1191     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1192     +hardened-sources-2.4.28-r3.ebuild:
1193     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1194 tocharian 1.43
1195     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1196     hardened-sources-2.4.28.ebuild:
1197     Mark stable on x86.
1198 tocharian 1.42
1199     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1200    
1201     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1202     +hardened-sources-2.4.28-r2.ebuild:
1203     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1204     Mazinger for grsecurity patches as well.
1205 plasmaroo 1.41
1206     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1207    
1208     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1209     Security bump. Thank tocharian for rolling a new patchset...
1210 solar 1.40
1211     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1212     +files/2.4.28-grsec-cmdline-race.patch,
1213     +files/2.4.28-selinux-binfmt_a.out.patch,
1214     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1215     - Round up remaining security patches that appear to be missing in 2.4.28. -
1216     PaX standalone updated to current. hgpv=28.1
1217 solar 1.39
1218     *hardened-sources-2.4.28 (28 Nov 2004)
1219    
1220     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1221     security bump. Thank tocharian for rolling a new patchset
1222 scox 1.31
1223 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1224    
1225     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1226     +hardened-sources-2.4.27-r3.ebuild:
1227     Applies the new 2.4-27.2 patchball which updates
1228     GRSecurity to the 2.0.1 version.
1229    
1230 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1231    
1232     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1233     +hardened-sources-2.4.27-r2.ebuild:
1234     Version bump.
1235     This version uses the new 2.4-27.1 patchball which updates
1236     both the SELinux PaX hooks patch and the SELinux headers.
1237    
1238 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1239    
1240     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1241     +hardened-sources-2.4.27-r1.ebuild,
1242     -hardened-sources-2.4.27.ebuild,
1243     +files/2.4.27-cmdline-race.patch:
1244     Version bump, fix for cmdline race. See bug #59905.
1245    
1246     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1247    
1248     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1249     +hardened-sources-2.4.26-r6.ebuild,
1250     -hardened-sources-2.4.26-r5.ebuild,
1251     -hardened-sources-2.4.26-r4.ebuild,
1252     +files/2.4.26-cmdline-race.patch:
1253     Version bump, fix for cmdline race. See bug #59905.
1254    
1255 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1256    
1257     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1258     +hardened-sources-2.4.27.ebuild,
1259     +files/2.4.27-CAN-2004-0394.patch:
1260     Ported the patchball to the 2.4.27 kernel version.
1261    
1262 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1263    
1264     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1265     +hardened-sources-2.4.26-r5.ebuild:
1266 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1267 scox 1.34 It adds the following features:
1268     - Squashfs
1269     - Ebtables
1270     - Netdev random (core+drivers)
1271     - Watchdog Timer (WDT) fix.
1272    
1273 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1274    
1275     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1276     +hardened-sources-2.4.26-r4.ebuild,
1277     +files/2.4.26-CAN-2004-0415.patch,
1278     -hardened-sources-2.4.26-3:
1279     Version bump, fix for CAN 0415, see bug #59378.
1280    
1281 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1282    
1283     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1284     +hardened-sources-2.4.26-r3.ebuild,
1285     +files/2.4.26-CAN-2004-0497.patch,
1286     -hardened-sources-2.4.26-r2.ebuild:
1287     Version bump, fixed CAN 0497, see bug #56171.
1288    
1289 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1290    
1291     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1292 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1293 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1294     +files/2.4.26-CAN-2004-0535.patch,
1295     -hardened-sources-2.4.26-r1.ebuild:
1296     Fixes for both CAN 0495 and 0535, see bug #54976
1297 pvdabeel 1.27
1298 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1299     hardened-sources-2.4.26-r1.ebuild:
1300     QA - fix use invocation
1301 scox 1.28
1302     *hardened-sources-2.4.26-r1 (22 June 2004)
1303    
1304     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1305     +hardened-sources-2.4.26-r1.ebuild,
1306     +files/2.4.26-CAN-2004-0394.patch,
1307     +files/2.4.26-signal-race.patch,
1308     -hardened-sources-2.4.26.ebuild,
1309     -hardened-sources-2.4.24-r3.ebuild:
1310     Version bump for the CAN-2004-0394 issue and bug #53804
1311     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1312    
1313    
1314 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1315     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1316     Masked hardened-sources-2.4.26.ebuild broken for ppc
1317    
1318     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1319     hardened-sources-2.4.24-r3.ebuild:
1320     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1321 plasmaroo 1.25
1322 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1323    
1324     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1325     +hardened-sources-2.4.26.ebuild:
1326     Updated hardened-sources for the 2.4.26 kernel
1327     Removed broken components, updated almost everything.
1328    
1329 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1330    
1331     17 Apr 2004; <plasmaroo@gentoo.org>
1332     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1333     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1334     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1335     +hardened-sources-2.4.24-r3.ebuild:
1336     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1337     vulnerabilities. Old revisions removed.
1338 plasmaroo 1.24
1339     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1340    
1341     15 Apr 2004; <plasmaroo@gentoo.org>
1342     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1343     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1344     Version bump for the CAN-2004-0109 issue; bug #47881.
1345 aliz 1.23
1346     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1347     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1348     Add eutils to inherit.
1349 plasmaroo 1.22
1350     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1351    
1352     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1353     files/hardened-sources-2.4.24.munmap.patch:
1354     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1355 scox 1.19
1356 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1357 scox 1.26
1358 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1359     hardened-sources-2.4.24.ebuild:
1360     Version bump, updated most of the components.
1361     This release includes the following:
1362    
1363     - Hardened security
1364     - Netfilter patch-o-matic 20031219
1365     - FreeSWAN 2.04 & x509 1.4.8
1366     - EVMS 2.2.2
1367     - XFS 1.3.1
1368     - cryptoloop jari
1369     - grsecurity 2.0-rc4
1370     - SELinux
1371     - PaX 200402060000
1372     - PaX Obscurity 200308302223
1373     - Others...
1374    
1375     Neither -ck nor systrace are included anymore.
1376    
1377 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1378    
1379     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1380     hardened-sources-2.4.22-r2.ebuild:
1381 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1382 scox 1.19
1383     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1384 iggy 1.17
1385     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1386 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1387 iggy 1.16
1388     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1389 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1390     Version bump for the 'do_brk' vulnerability.
1391 iggy 1.15
1392     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1393     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1394     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1395     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1396 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1397 frogger 1.14
1398     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1399     hardened-sources-2.4.22.ebuild:
1400 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1401     components. These are no longer handled in the kernel
1402     so this code was not necessary.
1403 frogger 1.13
1404     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1405     New 2.4.22 based hardened-sources thanks to
1406     Phil West <p.west@computer.org>.
1407    
1408     These sources include:
1409 plasmaroo 1.18 - New SELinux API
1410     - Updated CK-base
1411     - Updated GRSec
1412     - Systrace
1413     - SuperFreeS/WAN 1.99.8
1414     - Propolice kernel build support
1415     - EVMS
1416     - Other various security related patches
1417 frogger 1.11
1418 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1419    
1420     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1421     Updated hardened-sources based on the 2.4.21 Linux kernel.
1422     This includes updates to most major components such as:
1423 plasmaroo 1.18 - ck-base-0306300059
1424     - selinux-2.4-2003071106
1425     - grsecurity-2.0-rc1
1426     - Updated IPTables patch-o-matic
1427     - Updated SuperFreeS/WAN
1428    
1429 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1430     updated patch set ready for the 2.4.21 based kernel.
1431    
1432 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1433     Initial import of hardened-sources-2.4.20-r4. This revision
1434     includes only a few changes, but one of these is an important
1435     security fix. It is recommended all users of hardened-sources
1436     upgrade to this release.
1437 plasmaroo 1.18
1438 frogger 1.11 - ioperm bug fix
1439     - fixed compilation failure when building without GRSec
1440 plasmaroo 1.18
1441 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1442     due to time constraints, but is planned for inclusion in the near
1443     future.
1444 msterret 1.10
1445     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1446    
1447     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1448     hardened-sources-2.4.20-r3.ebuild:
1449 plasmaroo 1.18 Add Header...
1450 frogger 1.9
1451     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1452     hardened-sources-2.4.20-r3.ebuild:
1453     Removed warnings from ebuild. This kernel should be safe to
1454     use at this point.
1455 frogger 1.8
1456     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1457    
1458     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1459     hardened-sources-2.4.20-r3.ebuild:
1460     New revision. Includes the following changes over -r2:
1461 plasmaroo 1.18
1462 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1463     - Super FreeS/WAN 1.99.7rc2
1464     - PaX for the LSM/SELinux branch
1465     - GRSecurity 2.0-pre4 (role based access control)
1466     - Systrace 1.3
1467     - EXT3 fixes
1468     - EVMS 2.0.1
1469     - GCC 3.1+ compile optimizations
1470     - ProPolice kernel build support
1471     - Hashing table security fixes
1472 frogger 1.3
1473     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1474 frogger 1.7
1475     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1476     Initial import of hardened-sources-r2. This new
1477     ebuild includes many new performance and security
1478     related patches. As in -r1, it will patch in
1479     LSM/SELinux if "selinux" is in USE, otherwise it
1480     will patch in GRSecurity. The following patches
1481     are included in this revision:
1482 plasmaroo 1.18
1483 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1484     (pulled from the base CK patch)
1485     - ptrace exploit patch for the LSM kernel
1486     (the GRSec patch already fixes this)
1487     - LSM 2.4-2003040709
1488     - SELinux 2.4-2003040709
1489     - Systrace v1.2
1490     - IPTables patch-o-matic base patches - 20030107
1491     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1492     - Super FreeS/WAN 1.99.6.1
1493     - GRSecurity 1.9.9g
1494     - MPPE
1495     - EXT3 data journal fix
1496     - CIPE 1.5.4
1497 frogger 1.6
1498     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1499     hardened-sources-2.4.20-r1.ebuild, manifest:
1500 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1501 frogger 1.5
1502     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1503     hardened-sources-2.4.20-r1.ebuild:
1504     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1505     is patched in instead. Ptrace patches for selinux have also been added. In
1506     either case, systrace support will be patched in as well.
1507 frogger 1.3
1508     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1509     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1510 plasmaroo 1.18 Revision bump for new sources.
1511 frogger 1.4
1512 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1513 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1514 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1515 method 1.1
1516 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1517    
1518 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1519     hardened-sources-2.4.20.ebuild:
1520 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20