/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.247 - (hide annotations) (download)
Wed Oct 15 18:06:25 2008 UTC (5 years, 11 months ago) by nixnut
Branch: MAIN
Changes since 1.246: +4 -1 lines
Stable on ppc
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.247 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.246 2008/10/14 16:23:13 gengor Exp $
4    
5     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
6     Stable on ppc
7 gengor 1.246
8     *hardened-sources-2.6.26-r4 (14 Oct 2008)
9    
10     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
11     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
12     Update to latest grsecurity patch, fixing building of non-modular kernels.
13 gengor 1.245
14     *hardened-sources-2.6.26-r3 (12 Oct 2008)
15    
16     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
17     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
18     +hardened-sources-2.6.26-r3.ebuild:
19     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
20     2.6.26-r1: Removed.
21     2.6.25-r8: Stable amd64/x86.
22 gengor 1.244
23     *hardened-sources-2.6.25-r8 (09 Oct 2008)
24    
25     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
26     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
27     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
28     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
29 nixnut 1.243
30     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
31     Stable on ppc
32 gengor 1.242
33     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
34     hardened-sources-2.6.25-r7.ebuild:
35     Stable amd64/x86.
36 gengor 1.241
37     *hardened-sources-2.6.26-r2 (13 Sep 2008)
38    
39     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
40     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
41     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
42     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
43 gengor 1.240
44     *hardened-sources-2.6.25-r7 (13 Sep 2008)
45    
46     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
47     +hardened-sources-2.6.25-r7.ebuild:
48     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
49 gengor 1.239
50     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
51     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
52     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
53     hardened-sources-2.6.26-r1.ebuild:
54     Update DESCRIPTION and HGPV_URI.
55 gengor 1.238
56     *hardened-sources-2.6.25-r6 (09 Sep 2008)
57    
58     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
59     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
60     2.6.25-r6: Update to Linux 2.6.25.17.
61     2.6.24-r3: Removed.
62 gengor 1.237
63     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
64     hardened-sources-2.6.25-r5.ebuild:
65     Stable on amd64/x86
66 gengor 1.236
67     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
68     Update my email address.
69 nixnut 1.235
70     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
71     stable on ppc
72 battousai 1.234
73     *hardened-sources-2.6.26-r1 (23 Aug 2008)
74     *hardened-sources-2.6.25-r5 (23 Aug 2008)
75    
76     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
77     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
78     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
79     +hardened-sources-2.6.26-r1.ebuild:
80     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
81     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
82     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
83     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
84     (gengor).
85 solar 1.233
86     *hardened-sources-2.6.26 (18 Aug 2008)
87     *hardened-sources-2.6.25-r4 (18 Aug 2008)
88    
89     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
90     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
91     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
92     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
93     2.6.25-r2: Removed.
94 tove 1.232
95     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
96     Remove phreak from metadata.xml (#96398)
97 solar 1.231
98     *hardened-sources-2.6.25-r3 (31 Jul 2008)
99    
100     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
101     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
102     +hardened-sources-2.6.25-r3.ebuild:
103     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
104     fixes, including security bug #231750.
105 nixnut 1.230
106     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
107     Stable on ppc
108 solar 1.229
109     *hardened-sources-2.6.25-r2 (05 Jul 2008)
110    
111     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
112     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
113     +hardened-sources-2.6.25-r2.ebuild:
114     2.6.23-r4: Stable x86/amd64
115     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
116     2.6.23-r{11,12}: Removed due to multiple vulns.
117     (gengor & kerframil)
118 nixnut 1.228
119     04 Jul 2008; nixnut <nixnut@gentoo.org>
120     hardened-sources-2.6.23-r13.ebuild:
121     Stable on ppc
122 solar 1.227
123     *hardened-sources-2.6.25-r1 (30 Jun 2008)
124    
125     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
126     +hardened-sources-2.6.25-r1.ebuild:
127     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
128     grsecurity release. 2.6.23-r13: x86/amd64 stable
129 solar 1.226
130     *hardened-sources-2.6.25 (17 Jun 2008)
131     *hardened-sources-2.6.24-r3 (17 Jun 2008)
132     *hardened-sources-2.6.23-r13 (17 Jun 2008)
133    
134     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
135     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
136     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
137     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
138     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
139     2.6.25: Initial 2.6.25 release.
140 solar 1.225
141     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
142     - fasttrack to stable x86/amd64
143 swegener 1.224
144     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
145     Fix broken digest for linux-2.6.24.tar.bz2.
146 solar 1.223
147     *hardened-sources-2.6.24-r2 (11 May 2008)
148     *hardened-sources-2.6.23-r12 (11 May 2008)
149    
150     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
151     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
152     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
153     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
154     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
155     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
156     security bugs 219901, 220691, 220975, 220979, 221123. New
157     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
158     should be removed as far as I'm concerned, everything else remove due to
159     vulnerable to numerous security bugs or brokeness.
160 nixnut 1.222
161     10 May 2008; nixnut <nixnut@gentoo.org>
162     hardened-sources-2.6.23-r11.ebuild:
163     Stable on ppc
164 solar 1.221
165     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
166     - -r11 stable on x86/amd64
167 solar 1.220
168     *hardened-sources-2.6.23-r11 (01 May 2008)
169    
170     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
171     - version bump to fix ulgy linux bugs
172 phreak 1.219
173     *hardened-sources-2.6.24-r1 (30 Apr 2008)
174    
175     30 Apr 2008; Christian Heim <phreak@gentoo.org>
176     +hardened-sources-2.6.24-r1.ebuild:
177     Revision bump (thanks to Kerin and Gordon, again), pulling
178     genpatches-2.6.24-7, solving #219089. Additionally contains further security
179     fixes plus some minor updates.
180 phreak 1.218
181     *hardened-sources-2.6.23-r10 (30 Apr 2008)
182    
183     30 Apr 2008; Christian Heim <phreak@gentoo.org>
184     +hardened-sources-2.6.23-r10.ebuild:
185     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
186     Additional contains "various other fixes".
187 phreak 1.217
188     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
189     Update the longdescription in metadata, thanks to Gordon Malm.
190 nixnut 1.216
191     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
192     Stable on ppc wrt bug #213255
193 solar 1.215
194     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
195     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
196     - stable on x86/amd64 per request. Removed obsolete ebuilds
197 phreak 1.214
198     *hardened-sources-2.6.24 (07 Apr 2008)
199    
200     07 Apr 2008; Christian Heim <phreak@gentoo.org>
201     +hardened-sources-2.6.24.ebuild:
202     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
203     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
204     for the many contributions and their continued effort in #216612) based on
205     2.6.24 and genpatches-2.6.24-5.
206    
207     The current ebuild/patchset contains these things:
208     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
209     * Introduces bespoke server and workstation oriented security levels
210     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
211 phreak 1.213
212     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
213     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
214     maintaining it).
215 phreak 1.212
216     24 Mar 2008; Christian Heim <phreak@gentoo.org>
217     hardened-sources-2.4.35-r2.ebuild:
218     Fixing SRC_URI for 2.4.35-r2.
219 phreak 1.211
220     *hardened-sources-2.6.23-r9 (22 Mar 2008)
221    
222     22 Mar 2008; Christian Heim <phreak@gentoo.org>
223     +hardened-sources-2.6.23-r9.ebuild:
224     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
225     * Change the default GIDs for some grsecurity options
226     * Revamp the Hardened [Gentoo] security level and make it the default level
227     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
228     * Fix a recursive lock -- call to capable() within ptrace_attach()
229     * Fix bug that allows audit and iscsi operations to be controlled via netlink
230 solar 1.210
231     *hardened-sources-2.6.23-r8 (27 Feb 2008)
232    
233     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
234     - version bump from Kerin Millar bug 210026
235 solar 1.209
236     17 Feb 2008; <solar@gentoo.org> metadata.xml,
237     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
238     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
239     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
240     - stable on x86 and remove old ebuilds
241 solar 1.207
242     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
243 solar 1.208 - stable on amd64 per request of amd64 lead
244 solar 1.206
245     *hardened-sources-2.6.23-r7 (11 Feb 2008)
246    
247     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
248     - version bump from kerin.millar
249     Changes:
250    
251     * Bump to genpatches-base-2.6.23-9
252     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
253     * Disables COMPAT_VDSO in x86/defconfig
254     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
255 phreak 1.205
256     25 Jan 2008; Christian Heim <phreak@gentoo.org>
257     -hardened-sources-2.6.22-r8.ebuild:
258     Cleaning up old versions.
259 phreak 1.204
260     *hardened-sources-2.6.23-r6 (25 Jan 2008)
261    
262     25 Jan 2008; Christian Heim <phreak@gentoo.org>
263     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
264     Revision bump, pulling in the latest genpatches.
265 phreak 1.203
266     *hardened-sources-2.6.23-r5 (24 Dec 2007)
267    
268     24 Dec 2007; Christian Heim <phreak@gentoo.org>
269     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
270     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
271     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
272     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
273 phreak 1.202
274     24 Dec 2007; Christian Heim <phreak@gentoo.org>
275     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
276     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
277     -hardened-sources-2.6.23-r3.ebuild:
278     Cleaning out some unused, old versions.
279 phreak 1.201
280     24 Dec 2007; Christian Heim <phreak@gentoo.org>
281     hardened-sources-2.6.23-r4.ebuild:
282     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
283     in the tree for long, but there isn't much of a difference between this and
284     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
285 phreak 1.200
286     *hardened-sources-2.6.23-r4 (23 Dec 2007)
287    
288     23 Dec 2007; Christian Heim <phreak@gentoo.org>
289     +hardened-sources-2.6.23-r4.ebuild:
290     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
291 phreak 1.199
292     *hardened-sources-2.6.23-r3 (04 Dec 2007)
293    
294     04 Dec 2007; Christian Heim <phreak@gentoo.org>
295     +hardened-sources-2.6.23-r3.ebuild:
296     Revision bump, pulling in 2.6.23.9.
297 phreak 1.198
298     *hardened-sources-2.6.23-r2 (25 Nov 2007)
299    
300     25 Nov 2007; Christian Heim <phreak@gentoo.org>
301     +hardened-sources-2.6.23-r2.ebuild:
302     Updated patchset, thanks to solar.
303 phreak 1.197
304     *hardened-sources-2.6.23-r1 (31 Oct 2007)
305    
306     31 Oct 2007; Christian Heim <phreak@gentoo.org>
307     +hardened-sources-2.6.23-r1.ebuild:
308     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
309 solar 1.196
310     29 Oct 2007; <solar@gentoo.org> metadata.xml:
311     - update metadata.xml
312 phreak 1.195
313     25 Oct 2007; Christian Heim <phreak@gentoo.org>
314     hardened-sources-2.6.22-r8.ebuild:
315     Marking 2.6.22-r8 stable on amd64 and x86.
316 phreak 1.194
317     21 Oct 2007; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
319     -hardened-sources-2.6.21-r4.ebuild:
320     Removing old ebuilds.
321 phreak 1.193
322     *hardened-sources-2.4.35-r2 (21 Oct 2007)
323    
324     21 Oct 2007; Christian Heim <phreak@gentoo.org>
325     +hardened-sources-2.4.35-r2.ebuild:
326     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
327     patches.
328 phreak 1.192
329     *hardened-sources-2.6.22-r8 (21 Oct 2007)
330    
331     21 Oct 2007; Christian Heim <phreak@gentoo.org>
332     +hardened-sources-2.6.22-r8.ebuild:
333     Yet another new patch, hopefully fixing the remaining issues we had w/
334     2.6.22. Candidate for stabling.
335 phreak 1.191
336     *hardened-sources-2.6.23 (13 Oct 2007)
337    
338     13 Oct 2007; Christian Heim <phreak@gentoo.org>
339     +hardened-sources-2.6.23.ebuild:
340     Initial hardened-sources-2.6.23. If people still have problems w/ bug
341     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
342 phreak 1.190
343     11 Oct 2007; Christian Heim <phreak@gentoo.org>
344     hardened-sources-2.6.20-r10.ebuild:
345     Pulling in yet another new genpatches version, fixing the PWC bug for real.
346 phreak 1.189
347     04 Oct 2007; Christian Heim <phreak@gentoo.org>
348     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
349     Removing old versions.
350 phreak 1.188
351     *hardened-sources-2.6.22-r7 (01 Oct 2007)
352    
353     01 Oct 2007; Christian Heim <phreak@gentoo.org>
354     +hardened-sources-2.6.22-r7.ebuild:
355     Revision bump, pulling in a newer patch. Should fix #194276.
356 phreak 1.187
357     30 Sep 2007; Christian Heim <phreak@gentoo.org>
358     hardened-sources-2.6.20-r10.ebuild:
359     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
360     Mike Doty).
361 phreak 1.186
362     *hardened-sources-2.6.22-r6 (26 Sep 2007)
363    
364     26 Sep 2007; Christian Heim <phreak@gentoo.org>
365     +hardened-sources-2.6.22-r6.ebuild:
366     Revision bump, grabbing up till Linux 2.6.22.9.
367 phreak 1.185
368     24 Sep 2007; Christian Heim <phreak@gentoo.org>
369     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
370     Cleaning up further.
371 phreak 1.184
372     *hardened-sources-2.6.20-r10 (24 Sep 2007)
373    
374     24 Sep 2007; Christian Heim <phreak@gentoo.org>
375     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
376     +hardened-sources-2.6.20-r10.ebuild:
377     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
378     revisions.
379 phreak 1.183
380     *hardened-sources-2.6.22-r5 (22 Sep 2007)
381    
382     22 Sep 2007; Christian Heim <phreak@gentoo.org>
383     +hardened-sources-2.6.22-r5.ebuild:
384     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
385 phreak 1.182
386     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
387     Removing johnm from metadata.xml (see #186467 for reference).
388 phreak 1.181
389     *hardened-sources-2.6.22-r4 (17 Sep 2007)
390    
391     17 Sep 2007; Christian Heim <phreak@gentoo.org>
392     +hardened-sources-2.6.22-r4.ebuild:
393     Revision bump, hopefully fixing all those weird PAX failures.
394 phreak 1.180
395     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
396     Updating the metadata.xml.
397 phreak 1.179
398     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
399     Removing tocharian from metadata due to his retirement (see #71718 for
400     reference).
401 phreak 1.178
402     *hardened-sources-2.6.20-r9 (30 Aug 2007)
403    
404     30 Aug 2007; Christian Heim <phreak@gentoo.org>
405     +hardened-sources-2.6.20-r9.ebuild:
406     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
407 phreak 1.177
408     29 Aug 2007; Christian Heim <phreak@gentoo.org>
409     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
410     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
411     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
412     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
413     -hardened-sources-2.6.22-r2.ebuild:
414     Removing some redundant versions.
415 phreak 1.176
416     *hardened-sources-2.4.35-r1 (29 Aug 2007)
417    
418     29 Aug 2007; Christian Heim <phreak@gentoo.org>
419     +hardened-sources-2.4.35-r1.ebuild:
420     Revision bump, new grsecurity patch.
421 phreak 1.175
422     *hardened-sources-2.6.20-r8 (26 Aug 2007)
423    
424     26 Aug 2007; Christian Heim <phreak@gentoo.org>
425     +hardened-sources-2.6.20-r8.ebuild:
426     Revision bump for Linux 2.6.20.17.
427 phreak 1.174
428     *hardened-sources-2.6.22-r3 (22 Aug 2007)
429    
430     22 Aug 2007; Christian Heim <phreak@gentoo.org>
431     +hardened-sources-2.6.22-r3.ebuild:
432     Revision bump for Linux 2.6.22.4.
433 phreak 1.173
434     16 Aug 2007; Christian Heim <phreak@gentoo.org>
435     hardened-sources-2.6.22-r2.ebuild:
436     Updated patchset, to fix the alignment against 2.6.22.3.
437 phreak 1.172
438     *hardened-sources-2.6.22-r2 (16 Aug 2007)
439    
440     16 Aug 2007; Christian Heim <phreak@gentoo.org>
441     +hardened-sources-2.6.22-r2.ebuild:
442     Revision bump for Linux 2.6.22.3.
443 phreak 1.171
444     *hardened-sources-2.4.35 (16 Aug 2007)
445    
446     16 Aug 2007; Christian Heim <phreak@gentoo.org>
447     +hardened-sources-2.4.35.ebuild:
448     Version bump, initial version for Linux 2.4.35.
449 phreak 1.170
450     *hardened-sources-2.6.21-r4 (16 Aug 2007)
451    
452     16 Aug 2007; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.21-r4.ebuild:
454     Revision bump for Linux 2.6.21.6.
455 phreak 1.169
456     *hardened-sources-2.6.20-r7 (16 Aug 2007)
457    
458     16 Aug 2007; Christian Heim <phreak@gentoo.org>
459     +hardened-sources-2.6.20-r7.ebuild:
460     Revision bump for Linux 2.6.20.16.
461 phreak 1.168
462     *hardened-sources-2.6.22-r1 (13 Aug 2007)
463    
464     13 Aug 2007; Christian Heim <phreak@gentoo.org>
465     +hardened-sources-2.6.22-r1.ebuild:
466     Yet another revision bump.
467 phreak 1.167
468     *hardened-sources-2.6.22 (10 Aug 2007)
469    
470     10 Aug 2007; Christian Heim <phreak@gentoo.org>
471     +hardened-sources-2.6.22.ebuild:
472     Initial release for 2.6.22. If you are using hardened-sources on a desktop
473     machine (P4 or newer), be aware you might need to disable
474     CONFIG_PAX_PAGEEXEC.
475 phreak 1.166
476     04 Aug 2007; Christian Heim <phreak@gentoo.org>
477     hardened-sources-2.6.20-r6.ebuild:
478     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
479     2.6.20.15.
480 phreak 1.165
481     10 Jul 2007; Christian Heim <phreak@gentoo.org>
482     hardened-sources-2.6.20-r5.ebuild:
483     Marking hardened-sources-2.6.20-r5 stable on ppc.
484 phreak 1.164
485     10 Jul 2007; Christian Heim <phreak@gentoo.org>
486     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
487     Cleanup.
488 phreak 1.163
489     *hardened-sources-2.6.20-r6 (08 Jul 2007)
490    
491     08 Jul 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.20-r6.ebuild:
493     Revision bump, grabbing yet another stable release.
494 phreak 1.162
495     17 Jun 2007; Christian Heim <phreak@gentoo.org>
496     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
497     -hardened-sources-2.6.21-r2.ebuild:
498     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
499     alpha stable KEYWORD by mistake.
500 phreak 1.161
501     17 Jun 2007; Christian Heim <phreak@gentoo.org>
502     hardened-sources-2.6.20-r5.ebuild:
503     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
504     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
505 phreak 1.160
506     *hardened-sources-2.6.21-r3 (12 Jun 2007)
507    
508     12 Jun 2007; Christian Heim <phreak@gentoo.org>
509     +hardened-sources-2.6.21-r3.ebuild:
510     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
511     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
512     love.
513 phreak 1.159
514     *hardened-sources-2.6.20-r5 (11 Jun 2007)
515    
516     11 Jun 2007; Christian Heim <phreak@gentoo.org>
517     +hardened-sources-2.6.20-r5.ebuild:
518     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
519     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
520     love.
521 pappy 1.158
522     *hardened-sources-2.4.34.5 (11 Jun 2007)
523    
524     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
525     +hardened-sources-2.4.34.5.ebuild:
526     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
527 phreak 1.157
528     30 May 2007; Christian Heim <phreak@gentoo.org>
529     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
530     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
531     stale ebuild(s).
532 phreak 1.156
533     30 May 2007; Christian Heim <phreak@gentoo.org>
534     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
535     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
536     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
537     Doing some cleanups, remove stale ebuilds.
538 phreak 1.155
539     26 May 2007; Christian Heim <phreak@gentoo.org>
540     hardened-sources-2.6.21-r2.ebuild:
541     Fixing the grsecurity patch, had one '};' too much.
542 phreak 1.154
543     *hardened-sources-2.6.21-r2 (26 May 2007)
544    
545     26 May 2007; Christian Heim <phreak@gentoo.org>
546     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
547     +hardened-sources-2.6.21-r2.ebuild:
548     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
549     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
550 phreak 1.153
551     *hardened-sources-2.6.20-r4 (26 May 2007)
552    
553     26 May 2007; Christian Heim <phreak@gentoo.org>
554     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
555     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
556 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
557 phreak 1.152
558     15 May 2007; Christian Heim <phreak@gentoo.org>
559     hardened-sources-2.6.20-r3.ebuild:
560     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
561     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
562     grsecurity patch fail in that exact same hunk.
563 phreak 1.151
564     *hardened-sources-2.6.20-r3 (15 May 2007)
565    
566     15 May 2007; Christian Heim <phreak@gentoo.org>
567     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
568     Revision bump, incorporating Linux 2.6.20.11.
569    
570     *hardened-sources-2.6.21-r1 (11 May 2007)
571    
572     11 May 2007; Christian Heim <phreak@gentoo.org>
573     +hardened-sources-2.6.21-r1.ebuild:
574     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
575     mentioned in #177234.
576 kevquinn 1.150
577     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
578     files/digest-hardened-sources-2.6.21, Manifest:
579     Fix Manifest/digest for linux-2.6.21.tar.bz2
580 phreak 1.149
581     06 May 2007; Christian Heim <phreak@gentoo.org>
582     hardened-sources-2.6.21.ebuild:
583     Bumping the hardened-patches version, needed for the fix for #177234.
584 phreak 1.148
585     *hardened-sources-2.6.21 (02 May 2007)
586    
587     02 May 2007; Christian Heim <phreak@gentoo.org>
588     +hardened-sources-2.6.21.ebuild:
589     Version bump, Linux 2.6.21-hardened.
590 phreak 1.147
591     29 Apr 2007; Christian Heim <phreak@gentoo.org>
592     hardened-sources-2.6.20-r2.ebuild:
593     Adding ~ia64 on Ned's request.
594 phreak 1.146
595     29 Apr 2007; Christian Heim <phreak@gentoo.org>
596     hardened-sources-2.6.20-r2.ebuild:
597     Fixing the included grsecurity patch, wasn't alligning due to the Index:
598     header line(s).
599 phreak 1.145
600     29 Apr 2007; Christian Heim <phreak@gentoo.org>
601     hardened-sources-2.6.20-r2.ebuild:
602     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
603 armin76 1.144
604     *hardened-sources-2.6.20-r2 (10 Apr 2007)
605    
606     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
607     +hardened-sources-2.6.20-r2.ebuild:
608     Version bump, on behalf of phreak
609 phreak 1.143
610     *hardened-sources-2.6.20-r1 (04 Apr 2007)
611    
612     04 Apr 2007; Christian Heim <phreak@gentoo.org>
613     +hardened-sources-2.6.20-r1.ebuild:
614     Revision bump, grabbing a newer grsecurity snapshot.
615 phreak 1.142
616     *hardened-sources-2.6.20 (25 Mar 2007)
617    
618     25 Mar 2007; Christian Heim <phreak@gentoo.org>
619     +hardened-sources-2.6.20.ebuild:
620     Finally a hardened-sources version for 2.6.20; many people have been waiting
621     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
622     testbox.
623 chainsaw 1.141
624     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
625     hardened-sources-2.6.18-r6.ebuild:
626     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
627 phreak 1.140
628     *hardened-sources-2.6.18-r6 (16 Mar 2007)
629    
630     16 Mar 2007; Christian Heim <phreak@gentoo.org>
631     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
632     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
633     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
634     supposed to be.
635 phreak 1.139
636     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
637     Fixing the Manifest, the previous one was broken (as in still had the
638     deleted ebuild in it).
639 phreak 1.138
640     06 Mar 2007; Christian Heim <phreak@gentoo.org>
641     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
642     +hardened-sources-2.6.18-r5.ebuild:
643     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
644     Linux 2.6.18.8. Also cleaning up the older version.
645    
646     *hardened-sources-2.6.18-r5 (06 Mar 2007)
647    
648     06 Mar 2007; Christian Heim <phreak@gentoo.org>
649     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
650     +hardened-sources-2.6.18-r5.ebuild:
651     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
652     Linux 2.6.18.8. Also cleaning up the older version.
653 phreak 1.137
654     24 Feb 2007; Christian Heim <phreak@gentoo.org>
655     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
656     -hardened-sources-2.6.19-r5.ebuild:
657     Removing some of the old version, that didn't work.
658 phreak 1.136
659     *hardened-sources-2.6.19-r6 (12 Feb 2007)
660    
661     12 Feb 2007; Christian Heim <phreak@gentoo.org>
662     +hardened-sources-2.6.19-r6.ebuild:
663     Revision bump, including a new grsec version fixing #166235.
664 pappy 1.134
665     *hardened-sources-2.4.34 (24 Jan 2007)
666    
667     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
668 pappy 1.135 Manifest:
669     updating Manifest with checksums of new tarball and ebuild
670    
671     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
672 pappy 1.134 +hardened-sources-2.4.34.ebuild:
673     I added new hardened sources 2.4 update, this is a critical path
674     security bugfix - all users of h-s are strongly advised
675     to update their existing hardened sources to this version.
676     It contains a fix for a kernel vulnerability that is pertaining
677     to the PaX changes to virtual memory management, possibly leading
678     to a local kernel exploit ... see grsecurity.net forums and homepage
679 phreak 1.133
680     23 Jan 2007; Christian Heim <phreak@gentoo.org>
681     files/digest-hardened-sources-2.6.19-r5, Manifest:
682     Fixing the patch-tarball digest.
683 phreak 1.132
684     *hardened-sources-2.6.19-r5 (23 Jan 2007)
685    
686     23 Jan 2007; Christian Heim <phreak@gentoo.org>
687     +hardened-sources-2.6.19-r5.ebuild:
688     Revision bump, closing the recently discovered PaX expand_stack()
689     vulnerability.
690 phreak 1.131
691     *hardened-sources-2.6.19-r4 (14 Jan 2007)
692    
693     14 Jan 2007; Christian Heim <phreak@gentoo.org>
694     +hardened-sources-2.6.19-r4.ebuild:
695     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
696     dropping the randomized PID feature.
697 opfer 1.130
698     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
699     hardened-sources-2.4.33.4.ebuild:
700     stable x86, bug #161171
701 phreak 1.129
702     *hardened-sources-2.6.19-r3 (27 Dec 2006)
703    
704     27 Dec 2006; Christian Heim <phreak@gentoo.org>
705     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
706     Revision bump for bug #157186 and #158786.
707 phreak 1.128
708     *hardened-sources-2.6.18-r4 (27 Dec 2006)
709    
710     27 Dec 2006; Christian Heim <phreak@gentoo.org>
711     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
712     Revision bump for bug #157186.
713 phreak 1.127
714     *hardened-sources-2.6.19-r2 (23 Dec 2006)
715    
716     23 Dec 2006; Christian Heim <phreak@gentoo.org>
717     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
718     Revision bump to pull in genpatches-2.6.19-3 for #157186.
719 phreak 1.126
720     17 Dec 2006; Christian Heim <phreak@gentoo.org>
721     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
722     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
723     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
724     hardened-sources-2.6.19-r1.ebuild:
725     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
726     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
727 pappy 1.125
728     *hardened-sources-2.4.33.4 (17 Dec 2006)
729    
730     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
731     +hardened-sources-2.4.33.4.ebuild:
732     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
733     and quilting
734 phreak 1.124
735     *hardened-sources-2.6.19-r1 (14 Dec 2006)
736    
737     14 Dec 2006; Christian Heim <phreak@gentoo.org>
738     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
739     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
740     for reporting).
741 phreak 1.123
742     *hardened-sources-2.6.19 (13 Dec 2006)
743    
744     13 Dec 2006; Christian Heim <phreak@gentoo.org>
745     +hardened-sources-2.6.19.ebuild:
746     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
747     Brad for providing that prompt update.
748 phreak 1.122
749     *hardened-sources-2.6.18-r3 (13 Dec 2006)
750    
751     13 Dec 2006; Christian Heim <phreak@gentoo.org>
752     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
753     +hardened-sources-2.6.18-r3.ebuild:
754     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
755     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
756 phreak 1.121
757     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
758     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
759 nixnut 1.120
760     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
761     Stable on ppc wrt bug 157356
762 opfer 1.119
763     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
764     hardened-sources-2.6.18.ebuild:
765     stable x86, bug #157356
766 phreak 1.118
767     *hardened-sources-2.6.18-r2 (06 Dec 2006)
768    
769     06 Dec 2006; Christian Heim <phreak@gentoo.org>
770     +hardened-sources-2.6.18-r2.ebuild:
771     Revision bump, including 2.6.18.5 (via genpatches) and
772     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
773     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
774     redesign.
775 phreak 1.117
776     06 Dec 2006; Christian Heim <phreak@gentoo.org>
777     hardened-sources-2.6.18.ebuild:
778     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
779     of Mike Doty).
780 phreak 1.116
781     *hardened-sources-2.6.18-r1 (23 Nov 2006)
782    
783     23 Nov 2006; Christian Heim <phreak@gentoo.org>
784     +hardened-sources-2.6.18-r1.ebuild:
785     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
786 phreak 1.115
787     *hardened-sources-2.6.18 (11 Nov 2006)
788    
789     11 Nov 2006; Christian Heim <phreak@gentoo.org>
790     +hardened-sources-2.6.18.ebuild:
791     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
792 solar 1.114
793     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
794     - mark amd64 stable also. bug #151877
795 solar 1.113
796     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
797     - mark 2.6.17-r1 stable
798 phreak 1.112
799     27 Aug 2006; Christian Heim <phreak@gentoo.org>
800     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
801     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
802 phreak 1.111
803     *hardened-sources-2.6.17-r1 (26 Aug 2006)
804    
805     26 Aug 2006; Christian Heim <phreak@gentoo.org>
806     +hardened-sources-2.6.17-r1.ebuild:
807     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
808     grsecurity patch.
809 phreak 1.110
810     *hardened-sources-2.6.17 (17 Aug 2006)
811    
812     17 Aug 2006; Christian Heim <phreak@gentoo.org>
813     +hardened-sources-2.6.17.ebuild:
814     Bumping the hardened-sources-2.6 series to 2.6.17, using
815     genpatches-2.6.17-6.base.
816 solar 1.109
817     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
818     - stable on x86 and amd64
819 solar 1.108
820     *hardened-sources-2.6.16-r11 (15 Jul 2006)
821    
822     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
823     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
824     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
825     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
826     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
827     crusty ebuilds
828 johnm 1.107
829     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
830     hardened-sources-2.6.16-r10.ebuild:
831     marking stable on x86 and amd64
832 solar 1.106
833     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
834     - 2.4.32-r6 stable on x86. RSBAC state unknown
835 kang 1.105
836     *hardened-sources-2.4.32-r7 (10 Jul 2006)
837    
838     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
839     +hardened-sources-2.4.32-r7.ebuild:
840     Bump PaX for RSBAC to test-17
841 johnm 1.104
842     *hardened-sources-2.6.16-r9 (03 Jul 2006)
843    
844     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
845     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
846     hardened-sources-2.6.16 bump to latest -base.
847 solar 1.103
848     *hardened-sources-2.4.32-r6 (30 Jun 2006)
849    
850     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
851     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
852     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
853     sysctl controlable resource logging
854 johnm 1.102
855     *hardened-sources-2.6.16-r7 (05 Jun 2006)
856    
857     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
858     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
859     push new 2.6.16 release in preparation for stable
860 solar 1.101
861     22 May 2006; <solar@gentoo.org> :
862     - redigest bug 134002
863 kang 1.100
864     *hardened-sources-2.4.32-r5 (16 May 2006)
865    
866     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
867     +hardened-sources-2.4.32-r5.ebuild:
868     Fixes rsbac common patching (new patch in new -r5 patchset)
869 solar 1.99
870     *hardened-sources-2.4.32-r4 (13 May 2006)
871    
872     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
873     +hardened-sources-2.4.32-r4.ebuild:
874     - security bumps
875 johnm 1.98
876     *hardened-sources-2.6.16-r6 (03 May 2006)
877    
878     03 May 2006; John Mylchreest <johnm@gentoo.org>
879     +hardened-sources-2.6.16-r6.ebuild:
880     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
881 johnm 1.97
882     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
883     hardened-sources-2.6.14-r8.ebuild:
884     fix x86_64 build problem, this will delay the digest issue again for a short
885     while but it will sort itself out
886 johnm 1.96
887     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
888     hardened-sources-2.6.14-r8.ebuild:
889     bump hardened patchset
890 antarus 1.94
891     27 Apr 2006; Alec Warner <antarus@gentoo.org>
892     files/digest-hardened-sources-2.4.32-r2,
893     files/digest-hardened-sources-2.4.32-r3,
894     files/digest-hardened-sources-2.6.14-r8, Manifest:
895     Fixing duff SHA256 digests: Bug # 131293
896 johnm 1.93
897 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
898    
899     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
900     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
901     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
902     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
903     cleanup of old uneccessary sources
904    
905 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
906     fix digest
907 johnm 1.92
908     *hardened-sources-2.6.14-r8 (20 Apr 2006)
909    
910     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
911     +hardened-sources-2.6.14-r8.ebuild:
912     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
913 johnm 1.91
914     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
915     Turning on gpg-signing again, and recomitting
916 johnm 1.90
917     *hardened-sources-2.6.16-r4 (20 Apr 2006)
918    
919     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
920     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
921     +hardened-sources-2.6.16-r4.ebuild:
922     Fix numerous security vulns
923 solar 1.89
924     *hardened-sources-2.4.32-r3 (16 Apr 2006)
925    
926     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
927     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
928     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
929     - security bump for bug #112791. Removed old ebuilds
930 johnm 1.88
931     *hardened-sources-2.6.16-r3 (15 Apr 2006)
932    
933     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
934     +hardened-sources-2.6.16-r3.ebuild:
935     Removing silly localversion which I missed
936 johnm 1.87
937     *hardened-sources-2.6.14-r7 (14 Apr 2006)
938    
939     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
940     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
941     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
942 johnm 1.86
943     *hardened-sources-2.6.16-r2 (13 Apr 2006)
944    
945     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
946     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
947     +hardened-sources-2.6.16-r2.ebuild:
948     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
949     labels, dropping USERGROUP define fixes, since these were merged mainstream.
950 johnm 1.85
951     *hardened-sources-2.6.16-r1 (11 Apr 2006)
952    
953     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
954     +hardened-sources-2.6.16-r1.ebuild:
955     Bumping to include ppc build fix and 2.6.16.3
956 tsunam 1.84
957     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
958     hardened-sources-2.6.14-r6.ebuild:
959     Stable on x86; bug #127718
960 johnm 1.83
961     *hardened-sources-2.6.16 (31 Mar 2006)
962    
963     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
964     +hardened-sources-2.6.16.ebuild:
965     Bumping to new version of grsec, and kernel base. New squashfs. Based on
966     2.6.16.1
967 cryos 1.82
968     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
969     hardened-sources-2.6.14-r6.ebuild:
970     Stable on amd64, bug 127718.
971 nixnut 1.81
972     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
973     Stable on ppc. Bug #127718
974 johnm 1.80
975     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
976     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
977     -hardened-sources-2.6.14-r4.ebuild:
978     Cleanup.
979 johnm 1.79
980     *hardened-sources-2.6.14-r6 (15 Mar 2006)
981    
982     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
983     +hardened-sources-2.6.14-r6.ebuild:
984     Fixes grsec policy recreation bug and adds a
985     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
986 solar 1.78
987     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
988     - stable on x86
989 hansmi 1.77
990     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
991     hardened-sources-2.6.14-r5.ebuild:
992     Stable on ppc.
993 johnm 1.76
994     *hardened-sources-2.6.14-r5 (01 Feb 2006)
995    
996     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
997     +hardened-sources-2.6.14-r5.ebuild:
998     fixing every known exploit
999 solar 1.75
1000     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1001    
1002     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1003     +hardened-sources-2.4.32-r2.ebuild:
1004     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1005 solar 1.74
1006     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1007    
1008     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1009     - version bump for new genpatches which fix up a few sec holes
1010 solar 1.73
1011     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1012    
1013     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1014     - revision bump to add misc vital linux kernel security patches.
1015 johnm 1.72
1016     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1017    
1018     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1019     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1020     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1021 johnm 1.71
1022     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1023     hardened-sources-2.6.14-r2.ebuild:
1024     making x86 & amd64 stable following testing.
1025 johnm 1.70
1026     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1027    
1028     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1029     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1030     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1031     network hooks.
1032 johnm 1.69
1033     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1034     hardened-sources-2.6.14-r1.ebuild:
1035     bumping to stable early for sec fix on x86 & amd64
1036 johnm 1.68
1037     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1038    
1039     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1040     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1041     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1042 solar 1.67
1043     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1044     - stable on x86 security bug #114227 CAN-2005-3257
1045 kang 1.66
1046     *hardened-sources-2.4.32 (19 Nov 2005)
1047    
1048     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1049     +hardened-sources-2.4.32.ebuild:
1050     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1051     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1052     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1053     rsbac >> /etc/portage/package.use)
1054 johnm 1.65
1055     *hardened-sources-2.6.14 (14 Nov 2005)
1056    
1057     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1058     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1059     Bumping 2.6 series to 2.6.14.2
1060 johnm 1.64
1061     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1062    
1063     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1064     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1065     +hardened-sources-2.6.13-r2.ebuild:
1066     Fixes minor build error in ppc.
1067 johnm 1.63
1068     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1069    
1070     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1071     +hardened-sources-2.6.13-r1.ebuild:
1072     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1073     2.6.13.4, fixes some major amd64 stability problems.
1074 johnm 1.62
1075     *hardened-sources-2.6.13 (16 Sep 2005)
1076    
1077     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1078     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1079     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1080     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1081     users should test this thoroughly.
1082 solar 1.61
1083     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1084     - stable on x86
1085 johnm 1.60
1086     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1087    
1088     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1089     +hardened-sources-2.6.11-r15.ebuild:
1090     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1091     grsec redefining curr_ip struct.
1092 solar 1.59
1093     *hardened-sources-2.4.31 (20 Jun 2005)
1094    
1095     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1096     initial import of 2.4.31 tree
1097 johnm 1.58
1098     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1099    
1100     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1101     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1102     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1103     naming scheme to abide by genpatches
1104 johnm 1.57
1105     *hardened-sources-2.6.11-r13 (18 May 2005)
1106    
1107     18 May 2005; John Mylchreest <johnm@gentoo.org>
1108     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1109     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1110     target. sorry about that. Fixes bug #93022
1111 johnm 1.56
1112     *hardened-sources-2.6.11-r12 (17 May 2005)
1113    
1114     17 May 2005; John Mylchreest <johnm@gentoo.org>
1115     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1116     +hardened-sources-2.6.11-r12.ebuild:
1117     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1118     merges in genpatches-base
1119 johnm 1.55
1120     *hardened-sources-2.6.11-r12 (17 May 2005)
1121    
1122     17 May 2005; John Mylchreest <johnm@gentoo.org>
1123     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1124     +hardened-sources-2.6.11-r12.ebuild:
1125     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1126     merges in genpatches-base
1127 solar 1.54
1128     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1129     -files/2.4.27-cmdline-race.patch,
1130     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1131     -files/2.4.28-grsec-binfmt_a.out.patch,
1132     -files/2.4.28-grsec-cmdline-race.patch,
1133     -files/2.4.28-selinux-binfmt_a.out.patch,
1134     -files/2.4.28-selinux-cmdline-race.patch,
1135     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1136     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1137     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1138     cleanup..
1139 solar 1.53
1140     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1141    
1142     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1143     - disable aout by default
1144 solar 1.52
1145     *hardened-sources-2.4.30 (18 Apr 2005)
1146    
1147     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1148     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1149     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1150     use
1151 tocharian 1.50
1152 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1153    
1154     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1155     +hardened-sources-2.4.29.ebuild:
1156     New hardened-patches-2.4-29.0 patchball.
1157     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1158    
1159     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1160    
1161     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1162     +hardened-sources-2.4.28-r5.ebuild:
1163     Added a fix for a PaX vulnerability.
1164    
1165     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1166 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1167     Stable on x86
1168 solar 1.49
1169     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1170     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1171     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1172     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1173     - fixed/added RDEPEND= in all kernel-2 ebuilds
1174 tocharian 1.48
1175     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1176    
1177     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1178     +hardened-sources-2.4.28-r4.ebuild:
1179     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1180     backport of neighbour hash updates.
1181 tocharian 1.47
1182     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1183     hardened-sources-2.4.28-r3.ebuild:
1184     Stable on x86
1185 tseng 1.46
1186     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1187    
1188     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1189     +hardened-sources-2.6.10-r3.ebuild:
1190     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1191     in 2005.0
1192 tocharian 1.45
1193     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1194     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1195     hardened-sources-2.4.28-r2.ebuild:
1196     Mark stable on x86
1197 tocharian 1.44
1198     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1199    
1200     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1201     +hardened-sources-2.4.28-r3.ebuild:
1202     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1203 tocharian 1.43
1204     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1205     hardened-sources-2.4.28.ebuild:
1206     Mark stable on x86.
1207 tocharian 1.42
1208     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1209    
1210     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1211     +hardened-sources-2.4.28-r2.ebuild:
1212     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1213     Mazinger for grsecurity patches as well.
1214 plasmaroo 1.41
1215     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1216    
1217     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1218     Security bump. Thank tocharian for rolling a new patchset...
1219 solar 1.40
1220     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1221     +files/2.4.28-grsec-cmdline-race.patch,
1222     +files/2.4.28-selinux-binfmt_a.out.patch,
1223     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1224     - Round up remaining security patches that appear to be missing in 2.4.28. -
1225     PaX standalone updated to current. hgpv=28.1
1226 solar 1.39
1227     *hardened-sources-2.4.28 (28 Nov 2004)
1228    
1229     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1230     security bump. Thank tocharian for rolling a new patchset
1231 scox 1.31
1232 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1233    
1234     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1235     +hardened-sources-2.4.27-r3.ebuild:
1236     Applies the new 2.4-27.2 patchball which updates
1237     GRSecurity to the 2.0.1 version.
1238    
1239 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1240    
1241     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1242     +hardened-sources-2.4.27-r2.ebuild:
1243     Version bump.
1244     This version uses the new 2.4-27.1 patchball which updates
1245     both the SELinux PaX hooks patch and the SELinux headers.
1246    
1247 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1248    
1249     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1250     +hardened-sources-2.4.27-r1.ebuild,
1251     -hardened-sources-2.4.27.ebuild,
1252     +files/2.4.27-cmdline-race.patch:
1253     Version bump, fix for cmdline race. See bug #59905.
1254    
1255     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1256    
1257     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1258     +hardened-sources-2.4.26-r6.ebuild,
1259     -hardened-sources-2.4.26-r5.ebuild,
1260     -hardened-sources-2.4.26-r4.ebuild,
1261     +files/2.4.26-cmdline-race.patch:
1262     Version bump, fix for cmdline race. See bug #59905.
1263    
1264 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1265    
1266     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1267     +hardened-sources-2.4.27.ebuild,
1268     +files/2.4.27-CAN-2004-0394.patch:
1269     Ported the patchball to the 2.4.27 kernel version.
1270    
1271 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1272    
1273     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1274     +hardened-sources-2.4.26-r5.ebuild:
1275 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1276 scox 1.34 It adds the following features:
1277     - Squashfs
1278     - Ebtables
1279     - Netdev random (core+drivers)
1280     - Watchdog Timer (WDT) fix.
1281    
1282 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1283    
1284     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1285     +hardened-sources-2.4.26-r4.ebuild,
1286     +files/2.4.26-CAN-2004-0415.patch,
1287     -hardened-sources-2.4.26-3:
1288     Version bump, fix for CAN 0415, see bug #59378.
1289    
1290 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1291    
1292     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1293     +hardened-sources-2.4.26-r3.ebuild,
1294     +files/2.4.26-CAN-2004-0497.patch,
1295     -hardened-sources-2.4.26-r2.ebuild:
1296     Version bump, fixed CAN 0497, see bug #56171.
1297    
1298 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1299    
1300     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1301 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1302 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1303     +files/2.4.26-CAN-2004-0535.patch,
1304     -hardened-sources-2.4.26-r1.ebuild:
1305     Fixes for both CAN 0495 and 0535, see bug #54976
1306 pvdabeel 1.27
1307 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1308     hardened-sources-2.4.26-r1.ebuild:
1309     QA - fix use invocation
1310 scox 1.28
1311     *hardened-sources-2.4.26-r1 (22 June 2004)
1312    
1313     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1314     +hardened-sources-2.4.26-r1.ebuild,
1315     +files/2.4.26-CAN-2004-0394.patch,
1316     +files/2.4.26-signal-race.patch,
1317     -hardened-sources-2.4.26.ebuild,
1318     -hardened-sources-2.4.24-r3.ebuild:
1319     Version bump for the CAN-2004-0394 issue and bug #53804
1320     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1321    
1322    
1323 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1324     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1325     Masked hardened-sources-2.4.26.ebuild broken for ppc
1326    
1327     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1328     hardened-sources-2.4.24-r3.ebuild:
1329     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1330 plasmaroo 1.25
1331 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1332    
1333     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1334     +hardened-sources-2.4.26.ebuild:
1335     Updated hardened-sources for the 2.4.26 kernel
1336     Removed broken components, updated almost everything.
1337    
1338 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1339    
1340     17 Apr 2004; <plasmaroo@gentoo.org>
1341     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1342     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1343     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1344     +hardened-sources-2.4.24-r3.ebuild:
1345     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1346     vulnerabilities. Old revisions removed.
1347 plasmaroo 1.24
1348     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1349    
1350     15 Apr 2004; <plasmaroo@gentoo.org>
1351     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1352     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1353     Version bump for the CAN-2004-0109 issue; bug #47881.
1354 aliz 1.23
1355     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1356     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1357     Add eutils to inherit.
1358 plasmaroo 1.22
1359     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1360    
1361     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1362     files/hardened-sources-2.4.24.munmap.patch:
1363     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1364 scox 1.19
1365 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1366 scox 1.26
1367 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1368     hardened-sources-2.4.24.ebuild:
1369     Version bump, updated most of the components.
1370     This release includes the following:
1371    
1372     - Hardened security
1373     - Netfilter patch-o-matic 20031219
1374     - FreeSWAN 2.04 & x509 1.4.8
1375     - EVMS 2.2.2
1376     - XFS 1.3.1
1377     - cryptoloop jari
1378     - grsecurity 2.0-rc4
1379     - SELinux
1380     - PaX 200402060000
1381     - PaX Obscurity 200308302223
1382     - Others...
1383    
1384     Neither -ck nor systrace are included anymore.
1385    
1386 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1387    
1388     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1389     hardened-sources-2.4.22-r2.ebuild:
1390 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1391 scox 1.19
1392     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1393 iggy 1.17
1394     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1395 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1396 iggy 1.16
1397     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1398 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1399     Version bump for the 'do_brk' vulnerability.
1400 iggy 1.15
1401     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1402     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1403     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1404     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1405 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1406 frogger 1.14
1407     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1408     hardened-sources-2.4.22.ebuild:
1409 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1410     components. These are no longer handled in the kernel
1411     so this code was not necessary.
1412 frogger 1.13
1413     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1414     New 2.4.22 based hardened-sources thanks to
1415     Phil West <p.west@computer.org>.
1416    
1417     These sources include:
1418 plasmaroo 1.18 - New SELinux API
1419     - Updated CK-base
1420     - Updated GRSec
1421     - Systrace
1422     - SuperFreeS/WAN 1.99.8
1423     - Propolice kernel build support
1424     - EVMS
1425     - Other various security related patches
1426 frogger 1.11
1427 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1428    
1429     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1430     Updated hardened-sources based on the 2.4.21 Linux kernel.
1431     This includes updates to most major components such as:
1432 plasmaroo 1.18 - ck-base-0306300059
1433     - selinux-2.4-2003071106
1434     - grsecurity-2.0-rc1
1435     - Updated IPTables patch-o-matic
1436     - Updated SuperFreeS/WAN
1437    
1438 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1439     updated patch set ready for the 2.4.21 based kernel.
1440    
1441 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1442     Initial import of hardened-sources-2.4.20-r4. This revision
1443     includes only a few changes, but one of these is an important
1444     security fix. It is recommended all users of hardened-sources
1445     upgrade to this release.
1446 plasmaroo 1.18
1447 frogger 1.11 - ioperm bug fix
1448     - fixed compilation failure when building without GRSec
1449 plasmaroo 1.18
1450 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1451     due to time constraints, but is planned for inclusion in the near
1452     future.
1453 msterret 1.10
1454     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1455    
1456     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1457     hardened-sources-2.4.20-r3.ebuild:
1458 plasmaroo 1.18 Add Header...
1459 frogger 1.9
1460     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1461     hardened-sources-2.4.20-r3.ebuild:
1462     Removed warnings from ebuild. This kernel should be safe to
1463     use at this point.
1464 frogger 1.8
1465     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1466    
1467     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1468     hardened-sources-2.4.20-r3.ebuild:
1469     New revision. Includes the following changes over -r2:
1470 plasmaroo 1.18
1471 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1472     - Super FreeS/WAN 1.99.7rc2
1473     - PaX for the LSM/SELinux branch
1474     - GRSecurity 2.0-pre4 (role based access control)
1475     - Systrace 1.3
1476     - EXT3 fixes
1477     - EVMS 2.0.1
1478     - GCC 3.1+ compile optimizations
1479     - ProPolice kernel build support
1480     - Hashing table security fixes
1481 frogger 1.3
1482     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1483 frogger 1.7
1484     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1485     Initial import of hardened-sources-r2. This new
1486     ebuild includes many new performance and security
1487     related patches. As in -r1, it will patch in
1488     LSM/SELinux if "selinux" is in USE, otherwise it
1489     will patch in GRSecurity. The following patches
1490     are included in this revision:
1491 plasmaroo 1.18
1492 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1493     (pulled from the base CK patch)
1494     - ptrace exploit patch for the LSM kernel
1495     (the GRSec patch already fixes this)
1496     - LSM 2.4-2003040709
1497     - SELinux 2.4-2003040709
1498     - Systrace v1.2
1499     - IPTables patch-o-matic base patches - 20030107
1500     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1501     - Super FreeS/WAN 1.99.6.1
1502     - GRSecurity 1.9.9g
1503     - MPPE
1504     - EXT3 data journal fix
1505     - CIPE 1.5.4
1506 frogger 1.6
1507     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1508     hardened-sources-2.4.20-r1.ebuild, manifest:
1509 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1510 frogger 1.5
1511     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1512     hardened-sources-2.4.20-r1.ebuild:
1513     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1514     is patched in instead. Ptrace patches for selinux have also been added. In
1515     either case, systrace support will be patched in as well.
1516 frogger 1.3
1517     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1518     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1519 plasmaroo 1.18 Revision bump for new sources.
1520 frogger 1.4
1521 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1522 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1523 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1524 method 1.1
1525 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1526    
1527 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1528     hardened-sources-2.4.20.ebuild:
1529 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20