/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.250 - (hide annotations) (download)
Sun Nov 2 20:32:59 2008 UTC (5 years, 9 months ago) by nixnut
Branch: MAIN
Changes since 1.249: +4 -1 lines
Stable on ppc
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.250 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.249 2008/10/30 15:17:14 gengor Exp $
4    
5     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
6     Stable on ppc
7 gengor 1.249
8     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
9     hardened-sources-2.6.25-r9.ebuild:
10     Stable on amd64/x86.
11 gengor 1.248
12     *hardened-sources-2.6.25-r9 (26 Oct 2008)
13    
14     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
15     +hardened-sources-2.6.25-r9.ebuild:
16     Update to Linux 2.6.25.19
17 nixnut 1.247
18     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
19     Stable on ppc
20 gengor 1.246
21     *hardened-sources-2.6.26-r4 (14 Oct 2008)
22    
23     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
24     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
25     Update to latest grsecurity patch, fixing building of non-modular kernels.
26 gengor 1.245
27     *hardened-sources-2.6.26-r3 (12 Oct 2008)
28    
29     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
30     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
31     +hardened-sources-2.6.26-r3.ebuild:
32     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
33     2.6.26-r1: Removed.
34     2.6.25-r8: Stable amd64/x86.
35 gengor 1.244
36     *hardened-sources-2.6.25-r8 (09 Oct 2008)
37    
38     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
39     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
40     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
41     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
42 nixnut 1.243
43     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
44     Stable on ppc
45 gengor 1.242
46     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
47     hardened-sources-2.6.25-r7.ebuild:
48     Stable amd64/x86.
49 gengor 1.241
50     *hardened-sources-2.6.26-r2 (13 Sep 2008)
51    
52     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
53     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
54     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
55     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
56 gengor 1.240
57     *hardened-sources-2.6.25-r7 (13 Sep 2008)
58    
59     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
60     +hardened-sources-2.6.25-r7.ebuild:
61     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
62 gengor 1.239
63     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
64     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
65     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
66     hardened-sources-2.6.26-r1.ebuild:
67     Update DESCRIPTION and HGPV_URI.
68 gengor 1.238
69     *hardened-sources-2.6.25-r6 (09 Sep 2008)
70    
71     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
72     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
73     2.6.25-r6: Update to Linux 2.6.25.17.
74     2.6.24-r3: Removed.
75 gengor 1.237
76     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
77     hardened-sources-2.6.25-r5.ebuild:
78     Stable on amd64/x86
79 gengor 1.236
80     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
81     Update my email address.
82 nixnut 1.235
83     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
84     stable on ppc
85 battousai 1.234
86     *hardened-sources-2.6.26-r1 (23 Aug 2008)
87     *hardened-sources-2.6.25-r5 (23 Aug 2008)
88    
89     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
90     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
91     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
92     +hardened-sources-2.6.26-r1.ebuild:
93     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
94     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
95     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
96     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
97     (gengor).
98 solar 1.233
99     *hardened-sources-2.6.26 (18 Aug 2008)
100     *hardened-sources-2.6.25-r4 (18 Aug 2008)
101    
102     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
103     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
104     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
105     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
106     2.6.25-r2: Removed.
107 tove 1.232
108     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
109     Remove phreak from metadata.xml (#96398)
110 solar 1.231
111     *hardened-sources-2.6.25-r3 (31 Jul 2008)
112    
113     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
114     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
115     +hardened-sources-2.6.25-r3.ebuild:
116     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
117     fixes, including security bug #231750.
118 nixnut 1.230
119     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
120     Stable on ppc
121 solar 1.229
122     *hardened-sources-2.6.25-r2 (05 Jul 2008)
123    
124     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
125     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
126     +hardened-sources-2.6.25-r2.ebuild:
127     2.6.23-r4: Stable x86/amd64
128     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
129     2.6.23-r{11,12}: Removed due to multiple vulns.
130     (gengor & kerframil)
131 nixnut 1.228
132     04 Jul 2008; nixnut <nixnut@gentoo.org>
133     hardened-sources-2.6.23-r13.ebuild:
134     Stable on ppc
135 solar 1.227
136     *hardened-sources-2.6.25-r1 (30 Jun 2008)
137    
138     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
139     +hardened-sources-2.6.25-r1.ebuild:
140     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
141     grsecurity release. 2.6.23-r13: x86/amd64 stable
142 solar 1.226
143     *hardened-sources-2.6.25 (17 Jun 2008)
144     *hardened-sources-2.6.24-r3 (17 Jun 2008)
145     *hardened-sources-2.6.23-r13 (17 Jun 2008)
146    
147     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
148     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
149     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
150     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
151     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
152     2.6.25: Initial 2.6.25 release.
153 solar 1.225
154     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
155     - fasttrack to stable x86/amd64
156 swegener 1.224
157     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
158     Fix broken digest for linux-2.6.24.tar.bz2.
159 solar 1.223
160     *hardened-sources-2.6.24-r2 (11 May 2008)
161     *hardened-sources-2.6.23-r12 (11 May 2008)
162    
163     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
164     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
165     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
166     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
167     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
168     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
169     security bugs 219901, 220691, 220975, 220979, 221123. New
170     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
171     should be removed as far as I'm concerned, everything else remove due to
172     vulnerable to numerous security bugs or brokeness.
173 nixnut 1.222
174     10 May 2008; nixnut <nixnut@gentoo.org>
175     hardened-sources-2.6.23-r11.ebuild:
176     Stable on ppc
177 solar 1.221
178     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
179     - -r11 stable on x86/amd64
180 solar 1.220
181     *hardened-sources-2.6.23-r11 (01 May 2008)
182    
183     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
184     - version bump to fix ulgy linux bugs
185 phreak 1.219
186     *hardened-sources-2.6.24-r1 (30 Apr 2008)
187    
188     30 Apr 2008; Christian Heim <phreak@gentoo.org>
189     +hardened-sources-2.6.24-r1.ebuild:
190     Revision bump (thanks to Kerin and Gordon, again), pulling
191     genpatches-2.6.24-7, solving #219089. Additionally contains further security
192     fixes plus some minor updates.
193 phreak 1.218
194     *hardened-sources-2.6.23-r10 (30 Apr 2008)
195    
196     30 Apr 2008; Christian Heim <phreak@gentoo.org>
197     +hardened-sources-2.6.23-r10.ebuild:
198     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
199     Additional contains "various other fixes".
200 phreak 1.217
201     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
202     Update the longdescription in metadata, thanks to Gordon Malm.
203 nixnut 1.216
204     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
205     Stable on ppc wrt bug #213255
206 solar 1.215
207     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
208     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
209     - stable on x86/amd64 per request. Removed obsolete ebuilds
210 phreak 1.214
211     *hardened-sources-2.6.24 (07 Apr 2008)
212    
213     07 Apr 2008; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.24.ebuild:
215     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
216     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
217     for the many contributions and their continued effort in #216612) based on
218     2.6.24 and genpatches-2.6.24-5.
219    
220     The current ebuild/patchset contains these things:
221     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
222     * Introduces bespoke server and workstation oriented security levels
223     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
224 phreak 1.213
225     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
226     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
227     maintaining it).
228 phreak 1.212
229     24 Mar 2008; Christian Heim <phreak@gentoo.org>
230     hardened-sources-2.4.35-r2.ebuild:
231     Fixing SRC_URI for 2.4.35-r2.
232 phreak 1.211
233     *hardened-sources-2.6.23-r9 (22 Mar 2008)
234    
235     22 Mar 2008; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.23-r9.ebuild:
237     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
238     * Change the default GIDs for some grsecurity options
239     * Revamp the Hardened [Gentoo] security level and make it the default level
240     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
241     * Fix a recursive lock -- call to capable() within ptrace_attach()
242     * Fix bug that allows audit and iscsi operations to be controlled via netlink
243 solar 1.210
244     *hardened-sources-2.6.23-r8 (27 Feb 2008)
245    
246     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
247     - version bump from Kerin Millar bug 210026
248 solar 1.209
249     17 Feb 2008; <solar@gentoo.org> metadata.xml,
250     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
251     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
252     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
253     - stable on x86 and remove old ebuilds
254 solar 1.207
255     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
256 solar 1.208 - stable on amd64 per request of amd64 lead
257 solar 1.206
258     *hardened-sources-2.6.23-r7 (11 Feb 2008)
259    
260     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
261     - version bump from kerin.millar
262     Changes:
263    
264     * Bump to genpatches-base-2.6.23-9
265     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
266     * Disables COMPAT_VDSO in x86/defconfig
267     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
268 phreak 1.205
269     25 Jan 2008; Christian Heim <phreak@gentoo.org>
270     -hardened-sources-2.6.22-r8.ebuild:
271     Cleaning up old versions.
272 phreak 1.204
273     *hardened-sources-2.6.23-r6 (25 Jan 2008)
274    
275     25 Jan 2008; Christian Heim <phreak@gentoo.org>
276     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
277     Revision bump, pulling in the latest genpatches.
278 phreak 1.203
279     *hardened-sources-2.6.23-r5 (24 Dec 2007)
280    
281     24 Dec 2007; Christian Heim <phreak@gentoo.org>
282     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
283     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
284     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
285     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
286 phreak 1.202
287     24 Dec 2007; Christian Heim <phreak@gentoo.org>
288     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
289     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
290     -hardened-sources-2.6.23-r3.ebuild:
291     Cleaning out some unused, old versions.
292 phreak 1.201
293     24 Dec 2007; Christian Heim <phreak@gentoo.org>
294     hardened-sources-2.6.23-r4.ebuild:
295     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
296     in the tree for long, but there isn't much of a difference between this and
297     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
298 phreak 1.200
299     *hardened-sources-2.6.23-r4 (23 Dec 2007)
300    
301     23 Dec 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.23-r4.ebuild:
303     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
304 phreak 1.199
305     *hardened-sources-2.6.23-r3 (04 Dec 2007)
306    
307     04 Dec 2007; Christian Heim <phreak@gentoo.org>
308     +hardened-sources-2.6.23-r3.ebuild:
309     Revision bump, pulling in 2.6.23.9.
310 phreak 1.198
311     *hardened-sources-2.6.23-r2 (25 Nov 2007)
312    
313     25 Nov 2007; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.23-r2.ebuild:
315     Updated patchset, thanks to solar.
316 phreak 1.197
317     *hardened-sources-2.6.23-r1 (31 Oct 2007)
318    
319     31 Oct 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.23-r1.ebuild:
321     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
322 solar 1.196
323     29 Oct 2007; <solar@gentoo.org> metadata.xml:
324     - update metadata.xml
325 phreak 1.195
326     25 Oct 2007; Christian Heim <phreak@gentoo.org>
327     hardened-sources-2.6.22-r8.ebuild:
328     Marking 2.6.22-r8 stable on amd64 and x86.
329 phreak 1.194
330     21 Oct 2007; Christian Heim <phreak@gentoo.org>
331     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
332     -hardened-sources-2.6.21-r4.ebuild:
333     Removing old ebuilds.
334 phreak 1.193
335     *hardened-sources-2.4.35-r2 (21 Oct 2007)
336    
337     21 Oct 2007; Christian Heim <phreak@gentoo.org>
338     +hardened-sources-2.4.35-r2.ebuild:
339     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
340     patches.
341 phreak 1.192
342     *hardened-sources-2.6.22-r8 (21 Oct 2007)
343    
344     21 Oct 2007; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.22-r8.ebuild:
346     Yet another new patch, hopefully fixing the remaining issues we had w/
347     2.6.22. Candidate for stabling.
348 phreak 1.191
349     *hardened-sources-2.6.23 (13 Oct 2007)
350    
351     13 Oct 2007; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.6.23.ebuild:
353     Initial hardened-sources-2.6.23. If people still have problems w/ bug
354     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
355 phreak 1.190
356     11 Oct 2007; Christian Heim <phreak@gentoo.org>
357     hardened-sources-2.6.20-r10.ebuild:
358     Pulling in yet another new genpatches version, fixing the PWC bug for real.
359 phreak 1.189
360     04 Oct 2007; Christian Heim <phreak@gentoo.org>
361     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
362     Removing old versions.
363 phreak 1.188
364     *hardened-sources-2.6.22-r7 (01 Oct 2007)
365    
366     01 Oct 2007; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.22-r7.ebuild:
368     Revision bump, pulling in a newer patch. Should fix #194276.
369 phreak 1.187
370     30 Sep 2007; Christian Heim <phreak@gentoo.org>
371     hardened-sources-2.6.20-r10.ebuild:
372     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
373     Mike Doty).
374 phreak 1.186
375     *hardened-sources-2.6.22-r6 (26 Sep 2007)
376    
377     26 Sep 2007; Christian Heim <phreak@gentoo.org>
378     +hardened-sources-2.6.22-r6.ebuild:
379     Revision bump, grabbing up till Linux 2.6.22.9.
380 phreak 1.185
381     24 Sep 2007; Christian Heim <phreak@gentoo.org>
382     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
383     Cleaning up further.
384 phreak 1.184
385     *hardened-sources-2.6.20-r10 (24 Sep 2007)
386    
387     24 Sep 2007; Christian Heim <phreak@gentoo.org>
388     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
389     +hardened-sources-2.6.20-r10.ebuild:
390     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
391     revisions.
392 phreak 1.183
393     *hardened-sources-2.6.22-r5 (22 Sep 2007)
394    
395     22 Sep 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.6.22-r5.ebuild:
397     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
398 phreak 1.182
399     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
400     Removing johnm from metadata.xml (see #186467 for reference).
401 phreak 1.181
402     *hardened-sources-2.6.22-r4 (17 Sep 2007)
403    
404     17 Sep 2007; Christian Heim <phreak@gentoo.org>
405     +hardened-sources-2.6.22-r4.ebuild:
406     Revision bump, hopefully fixing all those weird PAX failures.
407 phreak 1.180
408     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
409     Updating the metadata.xml.
410 phreak 1.179
411     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
412     Removing tocharian from metadata due to his retirement (see #71718 for
413     reference).
414 phreak 1.178
415     *hardened-sources-2.6.20-r9 (30 Aug 2007)
416    
417     30 Aug 2007; Christian Heim <phreak@gentoo.org>
418     +hardened-sources-2.6.20-r9.ebuild:
419     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
420 phreak 1.177
421     29 Aug 2007; Christian Heim <phreak@gentoo.org>
422     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
423     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
424     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
425     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
426     -hardened-sources-2.6.22-r2.ebuild:
427     Removing some redundant versions.
428 phreak 1.176
429     *hardened-sources-2.4.35-r1 (29 Aug 2007)
430    
431     29 Aug 2007; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.4.35-r1.ebuild:
433     Revision bump, new grsecurity patch.
434 phreak 1.175
435     *hardened-sources-2.6.20-r8 (26 Aug 2007)
436    
437     26 Aug 2007; Christian Heim <phreak@gentoo.org>
438     +hardened-sources-2.6.20-r8.ebuild:
439     Revision bump for Linux 2.6.20.17.
440 phreak 1.174
441     *hardened-sources-2.6.22-r3 (22 Aug 2007)
442    
443     22 Aug 2007; Christian Heim <phreak@gentoo.org>
444     +hardened-sources-2.6.22-r3.ebuild:
445     Revision bump for Linux 2.6.22.4.
446 phreak 1.173
447     16 Aug 2007; Christian Heim <phreak@gentoo.org>
448     hardened-sources-2.6.22-r2.ebuild:
449     Updated patchset, to fix the alignment against 2.6.22.3.
450 phreak 1.172
451     *hardened-sources-2.6.22-r2 (16 Aug 2007)
452    
453     16 Aug 2007; Christian Heim <phreak@gentoo.org>
454     +hardened-sources-2.6.22-r2.ebuild:
455     Revision bump for Linux 2.6.22.3.
456 phreak 1.171
457     *hardened-sources-2.4.35 (16 Aug 2007)
458    
459     16 Aug 2007; Christian Heim <phreak@gentoo.org>
460     +hardened-sources-2.4.35.ebuild:
461     Version bump, initial version for Linux 2.4.35.
462 phreak 1.170
463     *hardened-sources-2.6.21-r4 (16 Aug 2007)
464    
465     16 Aug 2007; Christian Heim <phreak@gentoo.org>
466     +hardened-sources-2.6.21-r4.ebuild:
467     Revision bump for Linux 2.6.21.6.
468 phreak 1.169
469     *hardened-sources-2.6.20-r7 (16 Aug 2007)
470    
471     16 Aug 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.20-r7.ebuild:
473     Revision bump for Linux 2.6.20.16.
474 phreak 1.168
475     *hardened-sources-2.6.22-r1 (13 Aug 2007)
476    
477     13 Aug 2007; Christian Heim <phreak@gentoo.org>
478     +hardened-sources-2.6.22-r1.ebuild:
479     Yet another revision bump.
480 phreak 1.167
481     *hardened-sources-2.6.22 (10 Aug 2007)
482    
483     10 Aug 2007; Christian Heim <phreak@gentoo.org>
484     +hardened-sources-2.6.22.ebuild:
485     Initial release for 2.6.22. If you are using hardened-sources on a desktop
486     machine (P4 or newer), be aware you might need to disable
487     CONFIG_PAX_PAGEEXEC.
488 phreak 1.166
489     04 Aug 2007; Christian Heim <phreak@gentoo.org>
490     hardened-sources-2.6.20-r6.ebuild:
491     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
492     2.6.20.15.
493 phreak 1.165
494     10 Jul 2007; Christian Heim <phreak@gentoo.org>
495     hardened-sources-2.6.20-r5.ebuild:
496     Marking hardened-sources-2.6.20-r5 stable on ppc.
497 phreak 1.164
498     10 Jul 2007; Christian Heim <phreak@gentoo.org>
499     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
500     Cleanup.
501 phreak 1.163
502     *hardened-sources-2.6.20-r6 (08 Jul 2007)
503    
504     08 Jul 2007; Christian Heim <phreak@gentoo.org>
505     +hardened-sources-2.6.20-r6.ebuild:
506     Revision bump, grabbing yet another stable release.
507 phreak 1.162
508     17 Jun 2007; Christian Heim <phreak@gentoo.org>
509     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
510     -hardened-sources-2.6.21-r2.ebuild:
511     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
512     alpha stable KEYWORD by mistake.
513 phreak 1.161
514     17 Jun 2007; Christian Heim <phreak@gentoo.org>
515     hardened-sources-2.6.20-r5.ebuild:
516     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
517     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
518 phreak 1.160
519     *hardened-sources-2.6.21-r3 (12 Jun 2007)
520    
521     12 Jun 2007; Christian Heim <phreak@gentoo.org>
522     +hardened-sources-2.6.21-r3.ebuild:
523     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
524     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
525     love.
526 phreak 1.159
527     *hardened-sources-2.6.20-r5 (11 Jun 2007)
528    
529     11 Jun 2007; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.6.20-r5.ebuild:
531     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
532     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
533     love.
534 pappy 1.158
535     *hardened-sources-2.4.34.5 (11 Jun 2007)
536    
537     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
538     +hardened-sources-2.4.34.5.ebuild:
539     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
540 phreak 1.157
541     30 May 2007; Christian Heim <phreak@gentoo.org>
542     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
543     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
544     stale ebuild(s).
545 phreak 1.156
546     30 May 2007; Christian Heim <phreak@gentoo.org>
547     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
548     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
549     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
550     Doing some cleanups, remove stale ebuilds.
551 phreak 1.155
552     26 May 2007; Christian Heim <phreak@gentoo.org>
553     hardened-sources-2.6.21-r2.ebuild:
554     Fixing the grsecurity patch, had one '};' too much.
555 phreak 1.154
556     *hardened-sources-2.6.21-r2 (26 May 2007)
557    
558     26 May 2007; Christian Heim <phreak@gentoo.org>
559     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
560     +hardened-sources-2.6.21-r2.ebuild:
561     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
562     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
563 phreak 1.153
564     *hardened-sources-2.6.20-r4 (26 May 2007)
565    
566     26 May 2007; Christian Heim <phreak@gentoo.org>
567     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
568     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
569 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
570 phreak 1.152
571     15 May 2007; Christian Heim <phreak@gentoo.org>
572     hardened-sources-2.6.20-r3.ebuild:
573     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
574     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
575     grsecurity patch fail in that exact same hunk.
576 phreak 1.151
577     *hardened-sources-2.6.20-r3 (15 May 2007)
578    
579     15 May 2007; Christian Heim <phreak@gentoo.org>
580     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
581     Revision bump, incorporating Linux 2.6.20.11.
582    
583     *hardened-sources-2.6.21-r1 (11 May 2007)
584    
585     11 May 2007; Christian Heim <phreak@gentoo.org>
586     +hardened-sources-2.6.21-r1.ebuild:
587     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
588     mentioned in #177234.
589 kevquinn 1.150
590     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
591     files/digest-hardened-sources-2.6.21, Manifest:
592     Fix Manifest/digest for linux-2.6.21.tar.bz2
593 phreak 1.149
594     06 May 2007; Christian Heim <phreak@gentoo.org>
595     hardened-sources-2.6.21.ebuild:
596     Bumping the hardened-patches version, needed for the fix for #177234.
597 phreak 1.148
598     *hardened-sources-2.6.21 (02 May 2007)
599    
600     02 May 2007; Christian Heim <phreak@gentoo.org>
601     +hardened-sources-2.6.21.ebuild:
602     Version bump, Linux 2.6.21-hardened.
603 phreak 1.147
604     29 Apr 2007; Christian Heim <phreak@gentoo.org>
605     hardened-sources-2.6.20-r2.ebuild:
606     Adding ~ia64 on Ned's request.
607 phreak 1.146
608     29 Apr 2007; Christian Heim <phreak@gentoo.org>
609     hardened-sources-2.6.20-r2.ebuild:
610     Fixing the included grsecurity patch, wasn't alligning due to the Index:
611     header line(s).
612 phreak 1.145
613     29 Apr 2007; Christian Heim <phreak@gentoo.org>
614     hardened-sources-2.6.20-r2.ebuild:
615     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
616 armin76 1.144
617     *hardened-sources-2.6.20-r2 (10 Apr 2007)
618    
619     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
620     +hardened-sources-2.6.20-r2.ebuild:
621     Version bump, on behalf of phreak
622 phreak 1.143
623     *hardened-sources-2.6.20-r1 (04 Apr 2007)
624    
625     04 Apr 2007; Christian Heim <phreak@gentoo.org>
626     +hardened-sources-2.6.20-r1.ebuild:
627     Revision bump, grabbing a newer grsecurity snapshot.
628 phreak 1.142
629     *hardened-sources-2.6.20 (25 Mar 2007)
630    
631     25 Mar 2007; Christian Heim <phreak@gentoo.org>
632     +hardened-sources-2.6.20.ebuild:
633     Finally a hardened-sources version for 2.6.20; many people have been waiting
634     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
635     testbox.
636 chainsaw 1.141
637     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
638     hardened-sources-2.6.18-r6.ebuild:
639     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
640 phreak 1.140
641     *hardened-sources-2.6.18-r6 (16 Mar 2007)
642    
643     16 Mar 2007; Christian Heim <phreak@gentoo.org>
644     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
645     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
646     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
647     supposed to be.
648 phreak 1.139
649     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
650     Fixing the Manifest, the previous one was broken (as in still had the
651     deleted ebuild in it).
652 phreak 1.138
653     06 Mar 2007; Christian Heim <phreak@gentoo.org>
654     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
655     +hardened-sources-2.6.18-r5.ebuild:
656     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
657     Linux 2.6.18.8. Also cleaning up the older version.
658    
659     *hardened-sources-2.6.18-r5 (06 Mar 2007)
660    
661     06 Mar 2007; Christian Heim <phreak@gentoo.org>
662     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
663     +hardened-sources-2.6.18-r5.ebuild:
664     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
665     Linux 2.6.18.8. Also cleaning up the older version.
666 phreak 1.137
667     24 Feb 2007; Christian Heim <phreak@gentoo.org>
668     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
669     -hardened-sources-2.6.19-r5.ebuild:
670     Removing some of the old version, that didn't work.
671 phreak 1.136
672     *hardened-sources-2.6.19-r6 (12 Feb 2007)
673    
674     12 Feb 2007; Christian Heim <phreak@gentoo.org>
675     +hardened-sources-2.6.19-r6.ebuild:
676     Revision bump, including a new grsec version fixing #166235.
677 pappy 1.134
678     *hardened-sources-2.4.34 (24 Jan 2007)
679    
680     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
681 pappy 1.135 Manifest:
682     updating Manifest with checksums of new tarball and ebuild
683    
684     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
685 pappy 1.134 +hardened-sources-2.4.34.ebuild:
686     I added new hardened sources 2.4 update, this is a critical path
687     security bugfix - all users of h-s are strongly advised
688     to update their existing hardened sources to this version.
689     It contains a fix for a kernel vulnerability that is pertaining
690     to the PaX changes to virtual memory management, possibly leading
691     to a local kernel exploit ... see grsecurity.net forums and homepage
692 phreak 1.133
693     23 Jan 2007; Christian Heim <phreak@gentoo.org>
694     files/digest-hardened-sources-2.6.19-r5, Manifest:
695     Fixing the patch-tarball digest.
696 phreak 1.132
697     *hardened-sources-2.6.19-r5 (23 Jan 2007)
698    
699     23 Jan 2007; Christian Heim <phreak@gentoo.org>
700     +hardened-sources-2.6.19-r5.ebuild:
701     Revision bump, closing the recently discovered PaX expand_stack()
702     vulnerability.
703 phreak 1.131
704     *hardened-sources-2.6.19-r4 (14 Jan 2007)
705    
706     14 Jan 2007; Christian Heim <phreak@gentoo.org>
707     +hardened-sources-2.6.19-r4.ebuild:
708     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
709     dropping the randomized PID feature.
710 opfer 1.130
711     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
712     hardened-sources-2.4.33.4.ebuild:
713     stable x86, bug #161171
714 phreak 1.129
715     *hardened-sources-2.6.19-r3 (27 Dec 2006)
716    
717     27 Dec 2006; Christian Heim <phreak@gentoo.org>
718     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
719     Revision bump for bug #157186 and #158786.
720 phreak 1.128
721     *hardened-sources-2.6.18-r4 (27 Dec 2006)
722    
723     27 Dec 2006; Christian Heim <phreak@gentoo.org>
724     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
725     Revision bump for bug #157186.
726 phreak 1.127
727     *hardened-sources-2.6.19-r2 (23 Dec 2006)
728    
729     23 Dec 2006; Christian Heim <phreak@gentoo.org>
730     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
731     Revision bump to pull in genpatches-2.6.19-3 for #157186.
732 phreak 1.126
733     17 Dec 2006; Christian Heim <phreak@gentoo.org>
734     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
735     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
736     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
737     hardened-sources-2.6.19-r1.ebuild:
738     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
739     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
740 pappy 1.125
741     *hardened-sources-2.4.33.4 (17 Dec 2006)
742    
743     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
744     +hardened-sources-2.4.33.4.ebuild:
745     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
746     and quilting
747 phreak 1.124
748     *hardened-sources-2.6.19-r1 (14 Dec 2006)
749    
750     14 Dec 2006; Christian Heim <phreak@gentoo.org>
751     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
752     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
753     for reporting).
754 phreak 1.123
755     *hardened-sources-2.6.19 (13 Dec 2006)
756    
757     13 Dec 2006; Christian Heim <phreak@gentoo.org>
758     +hardened-sources-2.6.19.ebuild:
759     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
760     Brad for providing that prompt update.
761 phreak 1.122
762     *hardened-sources-2.6.18-r3 (13 Dec 2006)
763    
764     13 Dec 2006; Christian Heim <phreak@gentoo.org>
765     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
766     +hardened-sources-2.6.18-r3.ebuild:
767     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
768     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
769 phreak 1.121
770     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
771     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
772 nixnut 1.120
773     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
774     Stable on ppc wrt bug 157356
775 opfer 1.119
776     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
777     hardened-sources-2.6.18.ebuild:
778     stable x86, bug #157356
779 phreak 1.118
780     *hardened-sources-2.6.18-r2 (06 Dec 2006)
781    
782     06 Dec 2006; Christian Heim <phreak@gentoo.org>
783     +hardened-sources-2.6.18-r2.ebuild:
784     Revision bump, including 2.6.18.5 (via genpatches) and
785     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
786     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
787     redesign.
788 phreak 1.117
789     06 Dec 2006; Christian Heim <phreak@gentoo.org>
790     hardened-sources-2.6.18.ebuild:
791     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
792     of Mike Doty).
793 phreak 1.116
794     *hardened-sources-2.6.18-r1 (23 Nov 2006)
795    
796     23 Nov 2006; Christian Heim <phreak@gentoo.org>
797     +hardened-sources-2.6.18-r1.ebuild:
798     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
799 phreak 1.115
800     *hardened-sources-2.6.18 (11 Nov 2006)
801    
802     11 Nov 2006; Christian Heim <phreak@gentoo.org>
803     +hardened-sources-2.6.18.ebuild:
804     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
805 solar 1.114
806     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
807     - mark amd64 stable also. bug #151877
808 solar 1.113
809     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
810     - mark 2.6.17-r1 stable
811 phreak 1.112
812     27 Aug 2006; Christian Heim <phreak@gentoo.org>
813     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
814     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
815 phreak 1.111
816     *hardened-sources-2.6.17-r1 (26 Aug 2006)
817    
818     26 Aug 2006; Christian Heim <phreak@gentoo.org>
819     +hardened-sources-2.6.17-r1.ebuild:
820     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
821     grsecurity patch.
822 phreak 1.110
823     *hardened-sources-2.6.17 (17 Aug 2006)
824    
825     17 Aug 2006; Christian Heim <phreak@gentoo.org>
826     +hardened-sources-2.6.17.ebuild:
827     Bumping the hardened-sources-2.6 series to 2.6.17, using
828     genpatches-2.6.17-6.base.
829 solar 1.109
830     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
831     - stable on x86 and amd64
832 solar 1.108
833     *hardened-sources-2.6.16-r11 (15 Jul 2006)
834    
835     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
836     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
837     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
838     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
839     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
840     crusty ebuilds
841 johnm 1.107
842     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
843     hardened-sources-2.6.16-r10.ebuild:
844     marking stable on x86 and amd64
845 solar 1.106
846     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
847     - 2.4.32-r6 stable on x86. RSBAC state unknown
848 kang 1.105
849     *hardened-sources-2.4.32-r7 (10 Jul 2006)
850    
851     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
852     +hardened-sources-2.4.32-r7.ebuild:
853     Bump PaX for RSBAC to test-17
854 johnm 1.104
855     *hardened-sources-2.6.16-r9 (03 Jul 2006)
856    
857     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
858     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
859     hardened-sources-2.6.16 bump to latest -base.
860 solar 1.103
861     *hardened-sources-2.4.32-r6 (30 Jun 2006)
862    
863     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
864     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
865     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
866     sysctl controlable resource logging
867 johnm 1.102
868     *hardened-sources-2.6.16-r7 (05 Jun 2006)
869    
870     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
871     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
872     push new 2.6.16 release in preparation for stable
873 solar 1.101
874     22 May 2006; <solar@gentoo.org> :
875     - redigest bug 134002
876 kang 1.100
877     *hardened-sources-2.4.32-r5 (16 May 2006)
878    
879     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
880     +hardened-sources-2.4.32-r5.ebuild:
881     Fixes rsbac common patching (new patch in new -r5 patchset)
882 solar 1.99
883     *hardened-sources-2.4.32-r4 (13 May 2006)
884    
885     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
886     +hardened-sources-2.4.32-r4.ebuild:
887     - security bumps
888 johnm 1.98
889     *hardened-sources-2.6.16-r6 (03 May 2006)
890    
891     03 May 2006; John Mylchreest <johnm@gentoo.org>
892     +hardened-sources-2.6.16-r6.ebuild:
893     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
894 johnm 1.97
895     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
896     hardened-sources-2.6.14-r8.ebuild:
897     fix x86_64 build problem, this will delay the digest issue again for a short
898     while but it will sort itself out
899 johnm 1.96
900     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
901     hardened-sources-2.6.14-r8.ebuild:
902     bump hardened patchset
903 antarus 1.94
904     27 Apr 2006; Alec Warner <antarus@gentoo.org>
905     files/digest-hardened-sources-2.4.32-r2,
906     files/digest-hardened-sources-2.4.32-r3,
907     files/digest-hardened-sources-2.6.14-r8, Manifest:
908     Fixing duff SHA256 digests: Bug # 131293
909 johnm 1.93
910 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
911    
912     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
913     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
914     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
915     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
916     cleanup of old uneccessary sources
917    
918 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
919     fix digest
920 johnm 1.92
921     *hardened-sources-2.6.14-r8 (20 Apr 2006)
922    
923     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
924     +hardened-sources-2.6.14-r8.ebuild:
925     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
926 johnm 1.91
927     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
928     Turning on gpg-signing again, and recomitting
929 johnm 1.90
930     *hardened-sources-2.6.16-r4 (20 Apr 2006)
931    
932     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
933     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
934     +hardened-sources-2.6.16-r4.ebuild:
935     Fix numerous security vulns
936 solar 1.89
937     *hardened-sources-2.4.32-r3 (16 Apr 2006)
938    
939     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
940     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
941     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
942     - security bump for bug #112791. Removed old ebuilds
943 johnm 1.88
944     *hardened-sources-2.6.16-r3 (15 Apr 2006)
945    
946     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
947     +hardened-sources-2.6.16-r3.ebuild:
948     Removing silly localversion which I missed
949 johnm 1.87
950     *hardened-sources-2.6.14-r7 (14 Apr 2006)
951    
952     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
953     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
954     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
955 johnm 1.86
956     *hardened-sources-2.6.16-r2 (13 Apr 2006)
957    
958     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
959     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
960     +hardened-sources-2.6.16-r2.ebuild:
961     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
962     labels, dropping USERGROUP define fixes, since these were merged mainstream.
963 johnm 1.85
964     *hardened-sources-2.6.16-r1 (11 Apr 2006)
965    
966     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
967     +hardened-sources-2.6.16-r1.ebuild:
968     Bumping to include ppc build fix and 2.6.16.3
969 tsunam 1.84
970     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
971     hardened-sources-2.6.14-r6.ebuild:
972     Stable on x86; bug #127718
973 johnm 1.83
974     *hardened-sources-2.6.16 (31 Mar 2006)
975    
976     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
977     +hardened-sources-2.6.16.ebuild:
978     Bumping to new version of grsec, and kernel base. New squashfs. Based on
979     2.6.16.1
980 cryos 1.82
981     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
982     hardened-sources-2.6.14-r6.ebuild:
983     Stable on amd64, bug 127718.
984 nixnut 1.81
985     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
986     Stable on ppc. Bug #127718
987 johnm 1.80
988     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
989     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
990     -hardened-sources-2.6.14-r4.ebuild:
991     Cleanup.
992 johnm 1.79
993     *hardened-sources-2.6.14-r6 (15 Mar 2006)
994    
995     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
996     +hardened-sources-2.6.14-r6.ebuild:
997     Fixes grsec policy recreation bug and adds a
998     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
999 solar 1.78
1000     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1001     - stable on x86
1002 hansmi 1.77
1003     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1004     hardened-sources-2.6.14-r5.ebuild:
1005     Stable on ppc.
1006 johnm 1.76
1007     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1008    
1009     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1010     +hardened-sources-2.6.14-r5.ebuild:
1011     fixing every known exploit
1012 solar 1.75
1013     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1014    
1015     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1016     +hardened-sources-2.4.32-r2.ebuild:
1017     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1018 solar 1.74
1019     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1020    
1021     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1022     - version bump for new genpatches which fix up a few sec holes
1023 solar 1.73
1024     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1025    
1026     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1027     - revision bump to add misc vital linux kernel security patches.
1028 johnm 1.72
1029     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1030    
1031     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1032     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1033     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1034 johnm 1.71
1035     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1036     hardened-sources-2.6.14-r2.ebuild:
1037     making x86 & amd64 stable following testing.
1038 johnm 1.70
1039     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1040    
1041     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1042     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1043     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1044     network hooks.
1045 johnm 1.69
1046     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1047     hardened-sources-2.6.14-r1.ebuild:
1048     bumping to stable early for sec fix on x86 & amd64
1049 johnm 1.68
1050     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1051    
1052     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1053     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1054     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1055 solar 1.67
1056     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1057     - stable on x86 security bug #114227 CAN-2005-3257
1058 kang 1.66
1059     *hardened-sources-2.4.32 (19 Nov 2005)
1060    
1061     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1062     +hardened-sources-2.4.32.ebuild:
1063     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1064     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1065     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1066     rsbac >> /etc/portage/package.use)
1067 johnm 1.65
1068     *hardened-sources-2.6.14 (14 Nov 2005)
1069    
1070     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1071     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1072     Bumping 2.6 series to 2.6.14.2
1073 johnm 1.64
1074     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1075    
1076     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1077     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1078     +hardened-sources-2.6.13-r2.ebuild:
1079     Fixes minor build error in ppc.
1080 johnm 1.63
1081     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1082    
1083     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1084     +hardened-sources-2.6.13-r1.ebuild:
1085     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1086     2.6.13.4, fixes some major amd64 stability problems.
1087 johnm 1.62
1088     *hardened-sources-2.6.13 (16 Sep 2005)
1089    
1090     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1091     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1092     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1093     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1094     users should test this thoroughly.
1095 solar 1.61
1096     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1097     - stable on x86
1098 johnm 1.60
1099     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1100    
1101     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1102     +hardened-sources-2.6.11-r15.ebuild:
1103     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1104     grsec redefining curr_ip struct.
1105 solar 1.59
1106     *hardened-sources-2.4.31 (20 Jun 2005)
1107    
1108     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1109     initial import of 2.4.31 tree
1110 johnm 1.58
1111     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1112    
1113     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1114     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1115     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1116     naming scheme to abide by genpatches
1117 johnm 1.57
1118     *hardened-sources-2.6.11-r13 (18 May 2005)
1119    
1120     18 May 2005; John Mylchreest <johnm@gentoo.org>
1121     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1122     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1123     target. sorry about that. Fixes bug #93022
1124 johnm 1.56
1125     *hardened-sources-2.6.11-r12 (17 May 2005)
1126    
1127     17 May 2005; John Mylchreest <johnm@gentoo.org>
1128     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1129     +hardened-sources-2.6.11-r12.ebuild:
1130     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1131     merges in genpatches-base
1132 johnm 1.55
1133     *hardened-sources-2.6.11-r12 (17 May 2005)
1134    
1135     17 May 2005; John Mylchreest <johnm@gentoo.org>
1136     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1137     +hardened-sources-2.6.11-r12.ebuild:
1138     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1139     merges in genpatches-base
1140 solar 1.54
1141     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1142     -files/2.4.27-cmdline-race.patch,
1143     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1144     -files/2.4.28-grsec-binfmt_a.out.patch,
1145     -files/2.4.28-grsec-cmdline-race.patch,
1146     -files/2.4.28-selinux-binfmt_a.out.patch,
1147     -files/2.4.28-selinux-cmdline-race.patch,
1148     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1149     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1150     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1151     cleanup..
1152 solar 1.53
1153     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1154    
1155     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1156     - disable aout by default
1157 solar 1.52
1158     *hardened-sources-2.4.30 (18 Apr 2005)
1159    
1160     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1161     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1162     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1163     use
1164 tocharian 1.50
1165 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1166    
1167     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1168     +hardened-sources-2.4.29.ebuild:
1169     New hardened-patches-2.4-29.0 patchball.
1170     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1171    
1172     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1173    
1174     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1175     +hardened-sources-2.4.28-r5.ebuild:
1176     Added a fix for a PaX vulnerability.
1177    
1178     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1179 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1180     Stable on x86
1181 solar 1.49
1182     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1183     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1184     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1185     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1186     - fixed/added RDEPEND= in all kernel-2 ebuilds
1187 tocharian 1.48
1188     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1189    
1190     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1191     +hardened-sources-2.4.28-r4.ebuild:
1192     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1193     backport of neighbour hash updates.
1194 tocharian 1.47
1195     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1196     hardened-sources-2.4.28-r3.ebuild:
1197     Stable on x86
1198 tseng 1.46
1199     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1200    
1201     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1202     +hardened-sources-2.6.10-r3.ebuild:
1203     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1204     in 2005.0
1205 tocharian 1.45
1206     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1207     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1208     hardened-sources-2.4.28-r2.ebuild:
1209     Mark stable on x86
1210 tocharian 1.44
1211     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1212    
1213     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1214     +hardened-sources-2.4.28-r3.ebuild:
1215     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1216 tocharian 1.43
1217     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1218     hardened-sources-2.4.28.ebuild:
1219     Mark stable on x86.
1220 tocharian 1.42
1221     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1222    
1223     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1224     +hardened-sources-2.4.28-r2.ebuild:
1225     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1226     Mazinger for grsecurity patches as well.
1227 plasmaroo 1.41
1228     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1229    
1230     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1231     Security bump. Thank tocharian for rolling a new patchset...
1232 solar 1.40
1233     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1234     +files/2.4.28-grsec-cmdline-race.patch,
1235     +files/2.4.28-selinux-binfmt_a.out.patch,
1236     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1237     - Round up remaining security patches that appear to be missing in 2.4.28. -
1238     PaX standalone updated to current. hgpv=28.1
1239 solar 1.39
1240     *hardened-sources-2.4.28 (28 Nov 2004)
1241    
1242     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1243     security bump. Thank tocharian for rolling a new patchset
1244 scox 1.31
1245 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1246    
1247     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1248     +hardened-sources-2.4.27-r3.ebuild:
1249     Applies the new 2.4-27.2 patchball which updates
1250     GRSecurity to the 2.0.1 version.
1251    
1252 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1253    
1254     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1255     +hardened-sources-2.4.27-r2.ebuild:
1256     Version bump.
1257     This version uses the new 2.4-27.1 patchball which updates
1258     both the SELinux PaX hooks patch and the SELinux headers.
1259    
1260 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1261    
1262     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1263     +hardened-sources-2.4.27-r1.ebuild,
1264     -hardened-sources-2.4.27.ebuild,
1265     +files/2.4.27-cmdline-race.patch:
1266     Version bump, fix for cmdline race. See bug #59905.
1267    
1268     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1269    
1270     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1271     +hardened-sources-2.4.26-r6.ebuild,
1272     -hardened-sources-2.4.26-r5.ebuild,
1273     -hardened-sources-2.4.26-r4.ebuild,
1274     +files/2.4.26-cmdline-race.patch:
1275     Version bump, fix for cmdline race. See bug #59905.
1276    
1277 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1278    
1279     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1280     +hardened-sources-2.4.27.ebuild,
1281     +files/2.4.27-CAN-2004-0394.patch:
1282     Ported the patchball to the 2.4.27 kernel version.
1283    
1284 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1285    
1286     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1287     +hardened-sources-2.4.26-r5.ebuild:
1288 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1289 scox 1.34 It adds the following features:
1290     - Squashfs
1291     - Ebtables
1292     - Netdev random (core+drivers)
1293     - Watchdog Timer (WDT) fix.
1294    
1295 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1296    
1297     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1298     +hardened-sources-2.4.26-r4.ebuild,
1299     +files/2.4.26-CAN-2004-0415.patch,
1300     -hardened-sources-2.4.26-3:
1301     Version bump, fix for CAN 0415, see bug #59378.
1302    
1303 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1304    
1305     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1306     +hardened-sources-2.4.26-r3.ebuild,
1307     +files/2.4.26-CAN-2004-0497.patch,
1308     -hardened-sources-2.4.26-r2.ebuild:
1309     Version bump, fixed CAN 0497, see bug #56171.
1310    
1311 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1312    
1313     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1314 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1315 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1316     +files/2.4.26-CAN-2004-0535.patch,
1317     -hardened-sources-2.4.26-r1.ebuild:
1318     Fixes for both CAN 0495 and 0535, see bug #54976
1319 pvdabeel 1.27
1320 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1321     hardened-sources-2.4.26-r1.ebuild:
1322     QA - fix use invocation
1323 scox 1.28
1324     *hardened-sources-2.4.26-r1 (22 June 2004)
1325    
1326     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1327     +hardened-sources-2.4.26-r1.ebuild,
1328     +files/2.4.26-CAN-2004-0394.patch,
1329     +files/2.4.26-signal-race.patch,
1330     -hardened-sources-2.4.26.ebuild,
1331     -hardened-sources-2.4.24-r3.ebuild:
1332     Version bump for the CAN-2004-0394 issue and bug #53804
1333     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1334    
1335    
1336 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1337     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1338     Masked hardened-sources-2.4.26.ebuild broken for ppc
1339    
1340     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1341     hardened-sources-2.4.24-r3.ebuild:
1342     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1343 plasmaroo 1.25
1344 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1345    
1346     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1347     +hardened-sources-2.4.26.ebuild:
1348     Updated hardened-sources for the 2.4.26 kernel
1349     Removed broken components, updated almost everything.
1350    
1351 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1352    
1353     17 Apr 2004; <plasmaroo@gentoo.org>
1354     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1355     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1356     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1357     +hardened-sources-2.4.24-r3.ebuild:
1358     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1359     vulnerabilities. Old revisions removed.
1360 plasmaroo 1.24
1361     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1362    
1363     15 Apr 2004; <plasmaroo@gentoo.org>
1364     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1365     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1366     Version bump for the CAN-2004-0109 issue; bug #47881.
1367 aliz 1.23
1368     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1369     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1370     Add eutils to inherit.
1371 plasmaroo 1.22
1372     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1373    
1374     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1375     files/hardened-sources-2.4.24.munmap.patch:
1376     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1377 scox 1.19
1378 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1379 scox 1.26
1380 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1381     hardened-sources-2.4.24.ebuild:
1382     Version bump, updated most of the components.
1383     This release includes the following:
1384    
1385     - Hardened security
1386     - Netfilter patch-o-matic 20031219
1387     - FreeSWAN 2.04 & x509 1.4.8
1388     - EVMS 2.2.2
1389     - XFS 1.3.1
1390     - cryptoloop jari
1391     - grsecurity 2.0-rc4
1392     - SELinux
1393     - PaX 200402060000
1394     - PaX Obscurity 200308302223
1395     - Others...
1396    
1397     Neither -ck nor systrace are included anymore.
1398    
1399 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1400    
1401     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1402     hardened-sources-2.4.22-r2.ebuild:
1403 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1404 scox 1.19
1405     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1406 iggy 1.17
1407     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1408 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1409 iggy 1.16
1410     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1411 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1412     Version bump for the 'do_brk' vulnerability.
1413 iggy 1.15
1414     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1415     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1416     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1417     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1418 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1419 frogger 1.14
1420     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1421     hardened-sources-2.4.22.ebuild:
1422 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1423     components. These are no longer handled in the kernel
1424     so this code was not necessary.
1425 frogger 1.13
1426     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1427     New 2.4.22 based hardened-sources thanks to
1428     Phil West <p.west@computer.org>.
1429    
1430     These sources include:
1431 plasmaroo 1.18 - New SELinux API
1432     - Updated CK-base
1433     - Updated GRSec
1434     - Systrace
1435     - SuperFreeS/WAN 1.99.8
1436     - Propolice kernel build support
1437     - EVMS
1438     - Other various security related patches
1439 frogger 1.11
1440 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1441    
1442     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1443     Updated hardened-sources based on the 2.4.21 Linux kernel.
1444     This includes updates to most major components such as:
1445 plasmaroo 1.18 - ck-base-0306300059
1446     - selinux-2.4-2003071106
1447     - grsecurity-2.0-rc1
1448     - Updated IPTables patch-o-matic
1449     - Updated SuperFreeS/WAN
1450    
1451 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1452     updated patch set ready for the 2.4.21 based kernel.
1453    
1454 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1455     Initial import of hardened-sources-2.4.20-r4. This revision
1456     includes only a few changes, but one of these is an important
1457     security fix. It is recommended all users of hardened-sources
1458     upgrade to this release.
1459 plasmaroo 1.18
1460 frogger 1.11 - ioperm bug fix
1461     - fixed compilation failure when building without GRSec
1462 plasmaroo 1.18
1463 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1464     due to time constraints, but is planned for inclusion in the near
1465     future.
1466 msterret 1.10
1467     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1468    
1469     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1470     hardened-sources-2.4.20-r3.ebuild:
1471 plasmaroo 1.18 Add Header...
1472 frogger 1.9
1473     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1474     hardened-sources-2.4.20-r3.ebuild:
1475     Removed warnings from ebuild. This kernel should be safe to
1476     use at this point.
1477 frogger 1.8
1478     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1479    
1480     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1481     hardened-sources-2.4.20-r3.ebuild:
1482     New revision. Includes the following changes over -r2:
1483 plasmaroo 1.18
1484 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1485     - Super FreeS/WAN 1.99.7rc2
1486     - PaX for the LSM/SELinux branch
1487     - GRSecurity 2.0-pre4 (role based access control)
1488     - Systrace 1.3
1489     - EXT3 fixes
1490     - EVMS 2.0.1
1491     - GCC 3.1+ compile optimizations
1492     - ProPolice kernel build support
1493     - Hashing table security fixes
1494 frogger 1.3
1495     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1496 frogger 1.7
1497     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1498     Initial import of hardened-sources-r2. This new
1499     ebuild includes many new performance and security
1500     related patches. As in -r1, it will patch in
1501     LSM/SELinux if "selinux" is in USE, otherwise it
1502     will patch in GRSecurity. The following patches
1503     are included in this revision:
1504 plasmaroo 1.18
1505 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1506     (pulled from the base CK patch)
1507     - ptrace exploit patch for the LSM kernel
1508     (the GRSec patch already fixes this)
1509     - LSM 2.4-2003040709
1510     - SELinux 2.4-2003040709
1511     - Systrace v1.2
1512     - IPTables patch-o-matic base patches - 20030107
1513     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1514     - Super FreeS/WAN 1.99.6.1
1515     - GRSecurity 1.9.9g
1516     - MPPE
1517     - EXT3 data journal fix
1518     - CIPE 1.5.4
1519 frogger 1.6
1520     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1521     hardened-sources-2.4.20-r1.ebuild, manifest:
1522 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1523 frogger 1.5
1524     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1525     hardened-sources-2.4.20-r1.ebuild:
1526     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1527     is patched in instead. Ptrace patches for selinux have also been added. In
1528     either case, systrace support will be patched in as well.
1529 frogger 1.3
1530     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1531     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1532 plasmaroo 1.18 Revision bump for new sources.
1533 frogger 1.4
1534 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1535 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1536 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1537 method 1.1
1538 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1539    
1540 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1541     hardened-sources-2.4.20.ebuild:
1542 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20