/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.252 - (hide annotations) (download)
Tue Nov 4 06:13:28 2008 UTC (5 years, 9 months ago) by gengor
Branch: MAIN
Changes since 1.251: +7 -1 lines
Add initial 2.6.27 release.
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.252 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.251 2008/11/03 07:33:28 gengor Exp $
4    
5     *hardened-sources-2.6.27 (04 Nov 2008)
6    
7     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.27.ebuild:
9     Initial 2.6.27 release.
10 gengor 1.251
11     *hardened-sources-2.6.26-r5 (03 Nov 2008)
12    
13     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
14     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
15     +hardened-sources-2.6.26-r5.ebuild:
16     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
17     Clean out some old versions.
18 nixnut 1.250
19     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
20     Stable on ppc
21 gengor 1.249
22     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
23     hardened-sources-2.6.25-r9.ebuild:
24     Stable on amd64/x86.
25 gengor 1.248
26     *hardened-sources-2.6.25-r9 (26 Oct 2008)
27    
28     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
29     +hardened-sources-2.6.25-r9.ebuild:
30     Update to Linux 2.6.25.19
31 nixnut 1.247
32     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
33     Stable on ppc
34 gengor 1.246
35     *hardened-sources-2.6.26-r4 (14 Oct 2008)
36    
37     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
38     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
39     Update to latest grsecurity patch, fixing building of non-modular kernels.
40 gengor 1.245
41     *hardened-sources-2.6.26-r3 (12 Oct 2008)
42    
43     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
44     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
45     +hardened-sources-2.6.26-r3.ebuild:
46     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
47     2.6.26-r1: Removed.
48     2.6.25-r8: Stable amd64/x86.
49 gengor 1.244
50     *hardened-sources-2.6.25-r8 (09 Oct 2008)
51    
52     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
53     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
54     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
55     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
56 nixnut 1.243
57     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
58     Stable on ppc
59 gengor 1.242
60     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
61     hardened-sources-2.6.25-r7.ebuild:
62     Stable amd64/x86.
63 gengor 1.241
64     *hardened-sources-2.6.26-r2 (13 Sep 2008)
65    
66     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
67     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
68     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
69     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
70 gengor 1.240
71     *hardened-sources-2.6.25-r7 (13 Sep 2008)
72    
73     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
74     +hardened-sources-2.6.25-r7.ebuild:
75     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
76 gengor 1.239
77     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
78     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
79     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
80     hardened-sources-2.6.26-r1.ebuild:
81     Update DESCRIPTION and HGPV_URI.
82 gengor 1.238
83     *hardened-sources-2.6.25-r6 (09 Sep 2008)
84    
85     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
86     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
87     2.6.25-r6: Update to Linux 2.6.25.17.
88     2.6.24-r3: Removed.
89 gengor 1.237
90     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
91     hardened-sources-2.6.25-r5.ebuild:
92     Stable on amd64/x86
93 gengor 1.236
94     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
95     Update my email address.
96 nixnut 1.235
97     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
98     stable on ppc
99 battousai 1.234
100     *hardened-sources-2.6.26-r1 (23 Aug 2008)
101     *hardened-sources-2.6.25-r5 (23 Aug 2008)
102    
103     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
104     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
105     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
106     +hardened-sources-2.6.26-r1.ebuild:
107     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
108     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
109     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
110     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
111     (gengor).
112 solar 1.233
113     *hardened-sources-2.6.26 (18 Aug 2008)
114     *hardened-sources-2.6.25-r4 (18 Aug 2008)
115    
116     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
117     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
118     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
119     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
120     2.6.25-r2: Removed.
121 tove 1.232
122     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
123     Remove phreak from metadata.xml (#96398)
124 solar 1.231
125     *hardened-sources-2.6.25-r3 (31 Jul 2008)
126    
127     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
128     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
129     +hardened-sources-2.6.25-r3.ebuild:
130     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
131     fixes, including security bug #231750.
132 nixnut 1.230
133     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
134     Stable on ppc
135 solar 1.229
136     *hardened-sources-2.6.25-r2 (05 Jul 2008)
137    
138     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
139     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
140     +hardened-sources-2.6.25-r2.ebuild:
141     2.6.23-r4: Stable x86/amd64
142     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
143     2.6.23-r{11,12}: Removed due to multiple vulns.
144     (gengor & kerframil)
145 nixnut 1.228
146     04 Jul 2008; nixnut <nixnut@gentoo.org>
147     hardened-sources-2.6.23-r13.ebuild:
148     Stable on ppc
149 solar 1.227
150     *hardened-sources-2.6.25-r1 (30 Jun 2008)
151    
152     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
153     +hardened-sources-2.6.25-r1.ebuild:
154     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
155     grsecurity release. 2.6.23-r13: x86/amd64 stable
156 solar 1.226
157     *hardened-sources-2.6.25 (17 Jun 2008)
158     *hardened-sources-2.6.24-r3 (17 Jun 2008)
159     *hardened-sources-2.6.23-r13 (17 Jun 2008)
160    
161     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
162     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
163     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
164     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
165     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
166     2.6.25: Initial 2.6.25 release.
167 solar 1.225
168     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
169     - fasttrack to stable x86/amd64
170 swegener 1.224
171     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
172     Fix broken digest for linux-2.6.24.tar.bz2.
173 solar 1.223
174     *hardened-sources-2.6.24-r2 (11 May 2008)
175     *hardened-sources-2.6.23-r12 (11 May 2008)
176    
177     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
178     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
179     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
180     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
181     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
182     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
183     security bugs 219901, 220691, 220975, 220979, 221123. New
184     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
185     should be removed as far as I'm concerned, everything else remove due to
186     vulnerable to numerous security bugs or brokeness.
187 nixnut 1.222
188     10 May 2008; nixnut <nixnut@gentoo.org>
189     hardened-sources-2.6.23-r11.ebuild:
190     Stable on ppc
191 solar 1.221
192     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
193     - -r11 stable on x86/amd64
194 solar 1.220
195     *hardened-sources-2.6.23-r11 (01 May 2008)
196    
197     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
198     - version bump to fix ulgy linux bugs
199 phreak 1.219
200     *hardened-sources-2.6.24-r1 (30 Apr 2008)
201    
202     30 Apr 2008; Christian Heim <phreak@gentoo.org>
203     +hardened-sources-2.6.24-r1.ebuild:
204     Revision bump (thanks to Kerin and Gordon, again), pulling
205     genpatches-2.6.24-7, solving #219089. Additionally contains further security
206     fixes plus some minor updates.
207 phreak 1.218
208     *hardened-sources-2.6.23-r10 (30 Apr 2008)
209    
210     30 Apr 2008; Christian Heim <phreak@gentoo.org>
211     +hardened-sources-2.6.23-r10.ebuild:
212     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
213     Additional contains "various other fixes".
214 phreak 1.217
215     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
216     Update the longdescription in metadata, thanks to Gordon Malm.
217 nixnut 1.216
218     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
219     Stable on ppc wrt bug #213255
220 solar 1.215
221     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
222     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
223     - stable on x86/amd64 per request. Removed obsolete ebuilds
224 phreak 1.214
225     *hardened-sources-2.6.24 (07 Apr 2008)
226    
227     07 Apr 2008; Christian Heim <phreak@gentoo.org>
228     +hardened-sources-2.6.24.ebuild:
229     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
230     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
231     for the many contributions and their continued effort in #216612) based on
232     2.6.24 and genpatches-2.6.24-5.
233    
234     The current ebuild/patchset contains these things:
235     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
236     * Introduces bespoke server and workstation oriented security levels
237     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
238 phreak 1.213
239     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
240     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
241     maintaining it).
242 phreak 1.212
243     24 Mar 2008; Christian Heim <phreak@gentoo.org>
244     hardened-sources-2.4.35-r2.ebuild:
245     Fixing SRC_URI for 2.4.35-r2.
246 phreak 1.211
247     *hardened-sources-2.6.23-r9 (22 Mar 2008)
248    
249     22 Mar 2008; Christian Heim <phreak@gentoo.org>
250     +hardened-sources-2.6.23-r9.ebuild:
251     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
252     * Change the default GIDs for some grsecurity options
253     * Revamp the Hardened [Gentoo] security level and make it the default level
254     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
255     * Fix a recursive lock -- call to capable() within ptrace_attach()
256     * Fix bug that allows audit and iscsi operations to be controlled via netlink
257 solar 1.210
258     *hardened-sources-2.6.23-r8 (27 Feb 2008)
259    
260     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
261     - version bump from Kerin Millar bug 210026
262 solar 1.209
263     17 Feb 2008; <solar@gentoo.org> metadata.xml,
264     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
265     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
266     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
267     - stable on x86 and remove old ebuilds
268 solar 1.207
269     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
270 solar 1.208 - stable on amd64 per request of amd64 lead
271 solar 1.206
272     *hardened-sources-2.6.23-r7 (11 Feb 2008)
273    
274     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
275     - version bump from kerin.millar
276     Changes:
277    
278     * Bump to genpatches-base-2.6.23-9
279     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
280     * Disables COMPAT_VDSO in x86/defconfig
281     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
282 phreak 1.205
283     25 Jan 2008; Christian Heim <phreak@gentoo.org>
284     -hardened-sources-2.6.22-r8.ebuild:
285     Cleaning up old versions.
286 phreak 1.204
287     *hardened-sources-2.6.23-r6 (25 Jan 2008)
288    
289     25 Jan 2008; Christian Heim <phreak@gentoo.org>
290     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
291     Revision bump, pulling in the latest genpatches.
292 phreak 1.203
293     *hardened-sources-2.6.23-r5 (24 Dec 2007)
294    
295     24 Dec 2007; Christian Heim <phreak@gentoo.org>
296     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
297     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
298     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
299     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
300 phreak 1.202
301     24 Dec 2007; Christian Heim <phreak@gentoo.org>
302     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
303     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
304     -hardened-sources-2.6.23-r3.ebuild:
305     Cleaning out some unused, old versions.
306 phreak 1.201
307     24 Dec 2007; Christian Heim <phreak@gentoo.org>
308     hardened-sources-2.6.23-r4.ebuild:
309     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
310     in the tree for long, but there isn't much of a difference between this and
311     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
312 phreak 1.200
313     *hardened-sources-2.6.23-r4 (23 Dec 2007)
314    
315     23 Dec 2007; Christian Heim <phreak@gentoo.org>
316     +hardened-sources-2.6.23-r4.ebuild:
317     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
318 phreak 1.199
319     *hardened-sources-2.6.23-r3 (04 Dec 2007)
320    
321     04 Dec 2007; Christian Heim <phreak@gentoo.org>
322     +hardened-sources-2.6.23-r3.ebuild:
323     Revision bump, pulling in 2.6.23.9.
324 phreak 1.198
325     *hardened-sources-2.6.23-r2 (25 Nov 2007)
326    
327     25 Nov 2007; Christian Heim <phreak@gentoo.org>
328     +hardened-sources-2.6.23-r2.ebuild:
329     Updated patchset, thanks to solar.
330 phreak 1.197
331     *hardened-sources-2.6.23-r1 (31 Oct 2007)
332    
333     31 Oct 2007; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.23-r1.ebuild:
335     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
336 solar 1.196
337     29 Oct 2007; <solar@gentoo.org> metadata.xml:
338     - update metadata.xml
339 phreak 1.195
340     25 Oct 2007; Christian Heim <phreak@gentoo.org>
341     hardened-sources-2.6.22-r8.ebuild:
342     Marking 2.6.22-r8 stable on amd64 and x86.
343 phreak 1.194
344     21 Oct 2007; Christian Heim <phreak@gentoo.org>
345     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
346     -hardened-sources-2.6.21-r4.ebuild:
347     Removing old ebuilds.
348 phreak 1.193
349     *hardened-sources-2.4.35-r2 (21 Oct 2007)
350    
351     21 Oct 2007; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.4.35-r2.ebuild:
353     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
354     patches.
355 phreak 1.192
356     *hardened-sources-2.6.22-r8 (21 Oct 2007)
357    
358     21 Oct 2007; Christian Heim <phreak@gentoo.org>
359     +hardened-sources-2.6.22-r8.ebuild:
360     Yet another new patch, hopefully fixing the remaining issues we had w/
361     2.6.22. Candidate for stabling.
362 phreak 1.191
363     *hardened-sources-2.6.23 (13 Oct 2007)
364    
365     13 Oct 2007; Christian Heim <phreak@gentoo.org>
366     +hardened-sources-2.6.23.ebuild:
367     Initial hardened-sources-2.6.23. If people still have problems w/ bug
368     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
369 phreak 1.190
370     11 Oct 2007; Christian Heim <phreak@gentoo.org>
371     hardened-sources-2.6.20-r10.ebuild:
372     Pulling in yet another new genpatches version, fixing the PWC bug for real.
373 phreak 1.189
374     04 Oct 2007; Christian Heim <phreak@gentoo.org>
375     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
376     Removing old versions.
377 phreak 1.188
378     *hardened-sources-2.6.22-r7 (01 Oct 2007)
379    
380     01 Oct 2007; Christian Heim <phreak@gentoo.org>
381     +hardened-sources-2.6.22-r7.ebuild:
382     Revision bump, pulling in a newer patch. Should fix #194276.
383 phreak 1.187
384     30 Sep 2007; Christian Heim <phreak@gentoo.org>
385     hardened-sources-2.6.20-r10.ebuild:
386     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
387     Mike Doty).
388 phreak 1.186
389     *hardened-sources-2.6.22-r6 (26 Sep 2007)
390    
391     26 Sep 2007; Christian Heim <phreak@gentoo.org>
392     +hardened-sources-2.6.22-r6.ebuild:
393     Revision bump, grabbing up till Linux 2.6.22.9.
394 phreak 1.185
395     24 Sep 2007; Christian Heim <phreak@gentoo.org>
396     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
397     Cleaning up further.
398 phreak 1.184
399     *hardened-sources-2.6.20-r10 (24 Sep 2007)
400    
401     24 Sep 2007; Christian Heim <phreak@gentoo.org>
402     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
403     +hardened-sources-2.6.20-r10.ebuild:
404     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
405     revisions.
406 phreak 1.183
407     *hardened-sources-2.6.22-r5 (22 Sep 2007)
408    
409     22 Sep 2007; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.6.22-r5.ebuild:
411     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
412 phreak 1.182
413     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
414     Removing johnm from metadata.xml (see #186467 for reference).
415 phreak 1.181
416     *hardened-sources-2.6.22-r4 (17 Sep 2007)
417    
418     17 Sep 2007; Christian Heim <phreak@gentoo.org>
419     +hardened-sources-2.6.22-r4.ebuild:
420     Revision bump, hopefully fixing all those weird PAX failures.
421 phreak 1.180
422     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
423     Updating the metadata.xml.
424 phreak 1.179
425     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
426     Removing tocharian from metadata due to his retirement (see #71718 for
427     reference).
428 phreak 1.178
429     *hardened-sources-2.6.20-r9 (30 Aug 2007)
430    
431     30 Aug 2007; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.6.20-r9.ebuild:
433     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
434 phreak 1.177
435     29 Aug 2007; Christian Heim <phreak@gentoo.org>
436     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
437     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
438     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
439     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
440     -hardened-sources-2.6.22-r2.ebuild:
441     Removing some redundant versions.
442 phreak 1.176
443     *hardened-sources-2.4.35-r1 (29 Aug 2007)
444    
445     29 Aug 2007; Christian Heim <phreak@gentoo.org>
446     +hardened-sources-2.4.35-r1.ebuild:
447     Revision bump, new grsecurity patch.
448 phreak 1.175
449     *hardened-sources-2.6.20-r8 (26 Aug 2007)
450    
451     26 Aug 2007; Christian Heim <phreak@gentoo.org>
452     +hardened-sources-2.6.20-r8.ebuild:
453     Revision bump for Linux 2.6.20.17.
454 phreak 1.174
455     *hardened-sources-2.6.22-r3 (22 Aug 2007)
456    
457     22 Aug 2007; Christian Heim <phreak@gentoo.org>
458     +hardened-sources-2.6.22-r3.ebuild:
459     Revision bump for Linux 2.6.22.4.
460 phreak 1.173
461     16 Aug 2007; Christian Heim <phreak@gentoo.org>
462     hardened-sources-2.6.22-r2.ebuild:
463     Updated patchset, to fix the alignment against 2.6.22.3.
464 phreak 1.172
465     *hardened-sources-2.6.22-r2 (16 Aug 2007)
466    
467     16 Aug 2007; Christian Heim <phreak@gentoo.org>
468     +hardened-sources-2.6.22-r2.ebuild:
469     Revision bump for Linux 2.6.22.3.
470 phreak 1.171
471     *hardened-sources-2.4.35 (16 Aug 2007)
472    
473     16 Aug 2007; Christian Heim <phreak@gentoo.org>
474     +hardened-sources-2.4.35.ebuild:
475     Version bump, initial version for Linux 2.4.35.
476 phreak 1.170
477     *hardened-sources-2.6.21-r4 (16 Aug 2007)
478    
479     16 Aug 2007; Christian Heim <phreak@gentoo.org>
480     +hardened-sources-2.6.21-r4.ebuild:
481     Revision bump for Linux 2.6.21.6.
482 phreak 1.169
483     *hardened-sources-2.6.20-r7 (16 Aug 2007)
484    
485     16 Aug 2007; Christian Heim <phreak@gentoo.org>
486     +hardened-sources-2.6.20-r7.ebuild:
487     Revision bump for Linux 2.6.20.16.
488 phreak 1.168
489     *hardened-sources-2.6.22-r1 (13 Aug 2007)
490    
491     13 Aug 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.22-r1.ebuild:
493     Yet another revision bump.
494 phreak 1.167
495     *hardened-sources-2.6.22 (10 Aug 2007)
496    
497     10 Aug 2007; Christian Heim <phreak@gentoo.org>
498     +hardened-sources-2.6.22.ebuild:
499     Initial release for 2.6.22. If you are using hardened-sources on a desktop
500     machine (P4 or newer), be aware you might need to disable
501     CONFIG_PAX_PAGEEXEC.
502 phreak 1.166
503     04 Aug 2007; Christian Heim <phreak@gentoo.org>
504     hardened-sources-2.6.20-r6.ebuild:
505     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
506     2.6.20.15.
507 phreak 1.165
508     10 Jul 2007; Christian Heim <phreak@gentoo.org>
509     hardened-sources-2.6.20-r5.ebuild:
510     Marking hardened-sources-2.6.20-r5 stable on ppc.
511 phreak 1.164
512     10 Jul 2007; Christian Heim <phreak@gentoo.org>
513     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
514     Cleanup.
515 phreak 1.163
516     *hardened-sources-2.6.20-r6 (08 Jul 2007)
517    
518     08 Jul 2007; Christian Heim <phreak@gentoo.org>
519     +hardened-sources-2.6.20-r6.ebuild:
520     Revision bump, grabbing yet another stable release.
521 phreak 1.162
522     17 Jun 2007; Christian Heim <phreak@gentoo.org>
523     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
524     -hardened-sources-2.6.21-r2.ebuild:
525     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
526     alpha stable KEYWORD by mistake.
527 phreak 1.161
528     17 Jun 2007; Christian Heim <phreak@gentoo.org>
529     hardened-sources-2.6.20-r5.ebuild:
530     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
531     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
532 phreak 1.160
533     *hardened-sources-2.6.21-r3 (12 Jun 2007)
534    
535     12 Jun 2007; Christian Heim <phreak@gentoo.org>
536     +hardened-sources-2.6.21-r3.ebuild:
537     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
538     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
539     love.
540 phreak 1.159
541     *hardened-sources-2.6.20-r5 (11 Jun 2007)
542    
543     11 Jun 2007; Christian Heim <phreak@gentoo.org>
544     +hardened-sources-2.6.20-r5.ebuild:
545     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
546     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
547     love.
548 pappy 1.158
549     *hardened-sources-2.4.34.5 (11 Jun 2007)
550    
551     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
552     +hardened-sources-2.4.34.5.ebuild:
553     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
554 phreak 1.157
555     30 May 2007; Christian Heim <phreak@gentoo.org>
556     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
557     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
558     stale ebuild(s).
559 phreak 1.156
560     30 May 2007; Christian Heim <phreak@gentoo.org>
561     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
562     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
563     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
564     Doing some cleanups, remove stale ebuilds.
565 phreak 1.155
566     26 May 2007; Christian Heim <phreak@gentoo.org>
567     hardened-sources-2.6.21-r2.ebuild:
568     Fixing the grsecurity patch, had one '};' too much.
569 phreak 1.154
570     *hardened-sources-2.6.21-r2 (26 May 2007)
571    
572     26 May 2007; Christian Heim <phreak@gentoo.org>
573     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
574     +hardened-sources-2.6.21-r2.ebuild:
575     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
576     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
577 phreak 1.153
578     *hardened-sources-2.6.20-r4 (26 May 2007)
579    
580     26 May 2007; Christian Heim <phreak@gentoo.org>
581     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
582     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
583 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
584 phreak 1.152
585     15 May 2007; Christian Heim <phreak@gentoo.org>
586     hardened-sources-2.6.20-r3.ebuild:
587     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
588     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
589     grsecurity patch fail in that exact same hunk.
590 phreak 1.151
591     *hardened-sources-2.6.20-r3 (15 May 2007)
592    
593     15 May 2007; Christian Heim <phreak@gentoo.org>
594     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
595     Revision bump, incorporating Linux 2.6.20.11.
596    
597     *hardened-sources-2.6.21-r1 (11 May 2007)
598    
599     11 May 2007; Christian Heim <phreak@gentoo.org>
600     +hardened-sources-2.6.21-r1.ebuild:
601     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
602     mentioned in #177234.
603 kevquinn 1.150
604     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
605     files/digest-hardened-sources-2.6.21, Manifest:
606     Fix Manifest/digest for linux-2.6.21.tar.bz2
607 phreak 1.149
608     06 May 2007; Christian Heim <phreak@gentoo.org>
609     hardened-sources-2.6.21.ebuild:
610     Bumping the hardened-patches version, needed for the fix for #177234.
611 phreak 1.148
612     *hardened-sources-2.6.21 (02 May 2007)
613    
614     02 May 2007; Christian Heim <phreak@gentoo.org>
615     +hardened-sources-2.6.21.ebuild:
616     Version bump, Linux 2.6.21-hardened.
617 phreak 1.147
618     29 Apr 2007; Christian Heim <phreak@gentoo.org>
619     hardened-sources-2.6.20-r2.ebuild:
620     Adding ~ia64 on Ned's request.
621 phreak 1.146
622     29 Apr 2007; Christian Heim <phreak@gentoo.org>
623     hardened-sources-2.6.20-r2.ebuild:
624     Fixing the included grsecurity patch, wasn't alligning due to the Index:
625     header line(s).
626 phreak 1.145
627     29 Apr 2007; Christian Heim <phreak@gentoo.org>
628     hardened-sources-2.6.20-r2.ebuild:
629     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
630 armin76 1.144
631     *hardened-sources-2.6.20-r2 (10 Apr 2007)
632    
633     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
634     +hardened-sources-2.6.20-r2.ebuild:
635     Version bump, on behalf of phreak
636 phreak 1.143
637     *hardened-sources-2.6.20-r1 (04 Apr 2007)
638    
639     04 Apr 2007; Christian Heim <phreak@gentoo.org>
640     +hardened-sources-2.6.20-r1.ebuild:
641     Revision bump, grabbing a newer grsecurity snapshot.
642 phreak 1.142
643     *hardened-sources-2.6.20 (25 Mar 2007)
644    
645     25 Mar 2007; Christian Heim <phreak@gentoo.org>
646     +hardened-sources-2.6.20.ebuild:
647     Finally a hardened-sources version for 2.6.20; many people have been waiting
648     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
649     testbox.
650 chainsaw 1.141
651     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
652     hardened-sources-2.6.18-r6.ebuild:
653     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
654 phreak 1.140
655     *hardened-sources-2.6.18-r6 (16 Mar 2007)
656    
657     16 Mar 2007; Christian Heim <phreak@gentoo.org>
658     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
659     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
660     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
661     supposed to be.
662 phreak 1.139
663     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
664     Fixing the Manifest, the previous one was broken (as in still had the
665     deleted ebuild in it).
666 phreak 1.138
667     06 Mar 2007; Christian Heim <phreak@gentoo.org>
668     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
669     +hardened-sources-2.6.18-r5.ebuild:
670     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
671     Linux 2.6.18.8. Also cleaning up the older version.
672    
673     *hardened-sources-2.6.18-r5 (06 Mar 2007)
674    
675     06 Mar 2007; Christian Heim <phreak@gentoo.org>
676     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
677     +hardened-sources-2.6.18-r5.ebuild:
678     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
679     Linux 2.6.18.8. Also cleaning up the older version.
680 phreak 1.137
681     24 Feb 2007; Christian Heim <phreak@gentoo.org>
682     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
683     -hardened-sources-2.6.19-r5.ebuild:
684     Removing some of the old version, that didn't work.
685 phreak 1.136
686     *hardened-sources-2.6.19-r6 (12 Feb 2007)
687    
688     12 Feb 2007; Christian Heim <phreak@gentoo.org>
689     +hardened-sources-2.6.19-r6.ebuild:
690     Revision bump, including a new grsec version fixing #166235.
691 pappy 1.134
692     *hardened-sources-2.4.34 (24 Jan 2007)
693    
694     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
695 pappy 1.135 Manifest:
696     updating Manifest with checksums of new tarball and ebuild
697    
698     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
699 pappy 1.134 +hardened-sources-2.4.34.ebuild:
700     I added new hardened sources 2.4 update, this is a critical path
701     security bugfix - all users of h-s are strongly advised
702     to update their existing hardened sources to this version.
703     It contains a fix for a kernel vulnerability that is pertaining
704     to the PaX changes to virtual memory management, possibly leading
705     to a local kernel exploit ... see grsecurity.net forums and homepage
706 phreak 1.133
707     23 Jan 2007; Christian Heim <phreak@gentoo.org>
708     files/digest-hardened-sources-2.6.19-r5, Manifest:
709     Fixing the patch-tarball digest.
710 phreak 1.132
711     *hardened-sources-2.6.19-r5 (23 Jan 2007)
712    
713     23 Jan 2007; Christian Heim <phreak@gentoo.org>
714     +hardened-sources-2.6.19-r5.ebuild:
715     Revision bump, closing the recently discovered PaX expand_stack()
716     vulnerability.
717 phreak 1.131
718     *hardened-sources-2.6.19-r4 (14 Jan 2007)
719    
720     14 Jan 2007; Christian Heim <phreak@gentoo.org>
721     +hardened-sources-2.6.19-r4.ebuild:
722     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
723     dropping the randomized PID feature.
724 opfer 1.130
725     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
726     hardened-sources-2.4.33.4.ebuild:
727     stable x86, bug #161171
728 phreak 1.129
729     *hardened-sources-2.6.19-r3 (27 Dec 2006)
730    
731     27 Dec 2006; Christian Heim <phreak@gentoo.org>
732     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
733     Revision bump for bug #157186 and #158786.
734 phreak 1.128
735     *hardened-sources-2.6.18-r4 (27 Dec 2006)
736    
737     27 Dec 2006; Christian Heim <phreak@gentoo.org>
738     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
739     Revision bump for bug #157186.
740 phreak 1.127
741     *hardened-sources-2.6.19-r2 (23 Dec 2006)
742    
743     23 Dec 2006; Christian Heim <phreak@gentoo.org>
744     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
745     Revision bump to pull in genpatches-2.6.19-3 for #157186.
746 phreak 1.126
747     17 Dec 2006; Christian Heim <phreak@gentoo.org>
748     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
749     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
750     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
751     hardened-sources-2.6.19-r1.ebuild:
752     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
753     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
754 pappy 1.125
755     *hardened-sources-2.4.33.4 (17 Dec 2006)
756    
757     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
758     +hardened-sources-2.4.33.4.ebuild:
759     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
760     and quilting
761 phreak 1.124
762     *hardened-sources-2.6.19-r1 (14 Dec 2006)
763    
764     14 Dec 2006; Christian Heim <phreak@gentoo.org>
765     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
766     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
767     for reporting).
768 phreak 1.123
769     *hardened-sources-2.6.19 (13 Dec 2006)
770    
771     13 Dec 2006; Christian Heim <phreak@gentoo.org>
772     +hardened-sources-2.6.19.ebuild:
773     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
774     Brad for providing that prompt update.
775 phreak 1.122
776     *hardened-sources-2.6.18-r3 (13 Dec 2006)
777    
778     13 Dec 2006; Christian Heim <phreak@gentoo.org>
779     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
780     +hardened-sources-2.6.18-r3.ebuild:
781     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
782     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
783 phreak 1.121
784     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
785     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
786 nixnut 1.120
787     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
788     Stable on ppc wrt bug 157356
789 opfer 1.119
790     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
791     hardened-sources-2.6.18.ebuild:
792     stable x86, bug #157356
793 phreak 1.118
794     *hardened-sources-2.6.18-r2 (06 Dec 2006)
795    
796     06 Dec 2006; Christian Heim <phreak@gentoo.org>
797     +hardened-sources-2.6.18-r2.ebuild:
798     Revision bump, including 2.6.18.5 (via genpatches) and
799     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
800     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
801     redesign.
802 phreak 1.117
803     06 Dec 2006; Christian Heim <phreak@gentoo.org>
804     hardened-sources-2.6.18.ebuild:
805     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
806     of Mike Doty).
807 phreak 1.116
808     *hardened-sources-2.6.18-r1 (23 Nov 2006)
809    
810     23 Nov 2006; Christian Heim <phreak@gentoo.org>
811     +hardened-sources-2.6.18-r1.ebuild:
812     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
813 phreak 1.115
814     *hardened-sources-2.6.18 (11 Nov 2006)
815    
816     11 Nov 2006; Christian Heim <phreak@gentoo.org>
817     +hardened-sources-2.6.18.ebuild:
818     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
819 solar 1.114
820     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
821     - mark amd64 stable also. bug #151877
822 solar 1.113
823     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
824     - mark 2.6.17-r1 stable
825 phreak 1.112
826     27 Aug 2006; Christian Heim <phreak@gentoo.org>
827     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
828     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
829 phreak 1.111
830     *hardened-sources-2.6.17-r1 (26 Aug 2006)
831    
832     26 Aug 2006; Christian Heim <phreak@gentoo.org>
833     +hardened-sources-2.6.17-r1.ebuild:
834     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
835     grsecurity patch.
836 phreak 1.110
837     *hardened-sources-2.6.17 (17 Aug 2006)
838    
839     17 Aug 2006; Christian Heim <phreak@gentoo.org>
840     +hardened-sources-2.6.17.ebuild:
841     Bumping the hardened-sources-2.6 series to 2.6.17, using
842     genpatches-2.6.17-6.base.
843 solar 1.109
844     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
845     - stable on x86 and amd64
846 solar 1.108
847     *hardened-sources-2.6.16-r11 (15 Jul 2006)
848    
849     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
850     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
851     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
852     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
853     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
854     crusty ebuilds
855 johnm 1.107
856     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
857     hardened-sources-2.6.16-r10.ebuild:
858     marking stable on x86 and amd64
859 solar 1.106
860     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
861     - 2.4.32-r6 stable on x86. RSBAC state unknown
862 kang 1.105
863     *hardened-sources-2.4.32-r7 (10 Jul 2006)
864    
865     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
866     +hardened-sources-2.4.32-r7.ebuild:
867     Bump PaX for RSBAC to test-17
868 johnm 1.104
869     *hardened-sources-2.6.16-r9 (03 Jul 2006)
870    
871     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
872     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
873     hardened-sources-2.6.16 bump to latest -base.
874 solar 1.103
875     *hardened-sources-2.4.32-r6 (30 Jun 2006)
876    
877     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
878     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
879     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
880     sysctl controlable resource logging
881 johnm 1.102
882     *hardened-sources-2.6.16-r7 (05 Jun 2006)
883    
884     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
885     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
886     push new 2.6.16 release in preparation for stable
887 solar 1.101
888     22 May 2006; <solar@gentoo.org> :
889     - redigest bug 134002
890 kang 1.100
891     *hardened-sources-2.4.32-r5 (16 May 2006)
892    
893     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
894     +hardened-sources-2.4.32-r5.ebuild:
895     Fixes rsbac common patching (new patch in new -r5 patchset)
896 solar 1.99
897     *hardened-sources-2.4.32-r4 (13 May 2006)
898    
899     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
900     +hardened-sources-2.4.32-r4.ebuild:
901     - security bumps
902 johnm 1.98
903     *hardened-sources-2.6.16-r6 (03 May 2006)
904    
905     03 May 2006; John Mylchreest <johnm@gentoo.org>
906     +hardened-sources-2.6.16-r6.ebuild:
907     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
908 johnm 1.97
909     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
910     hardened-sources-2.6.14-r8.ebuild:
911     fix x86_64 build problem, this will delay the digest issue again for a short
912     while but it will sort itself out
913 johnm 1.96
914     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
915     hardened-sources-2.6.14-r8.ebuild:
916     bump hardened patchset
917 antarus 1.94
918     27 Apr 2006; Alec Warner <antarus@gentoo.org>
919     files/digest-hardened-sources-2.4.32-r2,
920     files/digest-hardened-sources-2.4.32-r3,
921     files/digest-hardened-sources-2.6.14-r8, Manifest:
922     Fixing duff SHA256 digests: Bug # 131293
923 johnm 1.93
924 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
925    
926     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
927     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
928     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
929     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
930     cleanup of old uneccessary sources
931    
932 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
933     fix digest
934 johnm 1.92
935     *hardened-sources-2.6.14-r8 (20 Apr 2006)
936    
937     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
938     +hardened-sources-2.6.14-r8.ebuild:
939     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
940 johnm 1.91
941     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
942     Turning on gpg-signing again, and recomitting
943 johnm 1.90
944     *hardened-sources-2.6.16-r4 (20 Apr 2006)
945    
946     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
947     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
948     +hardened-sources-2.6.16-r4.ebuild:
949     Fix numerous security vulns
950 solar 1.89
951     *hardened-sources-2.4.32-r3 (16 Apr 2006)
952    
953     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
954     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
955     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
956     - security bump for bug #112791. Removed old ebuilds
957 johnm 1.88
958     *hardened-sources-2.6.16-r3 (15 Apr 2006)
959    
960     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
961     +hardened-sources-2.6.16-r3.ebuild:
962     Removing silly localversion which I missed
963 johnm 1.87
964     *hardened-sources-2.6.14-r7 (14 Apr 2006)
965    
966     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
967     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
968     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
969 johnm 1.86
970     *hardened-sources-2.6.16-r2 (13 Apr 2006)
971    
972     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
973     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
974     +hardened-sources-2.6.16-r2.ebuild:
975     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
976     labels, dropping USERGROUP define fixes, since these were merged mainstream.
977 johnm 1.85
978     *hardened-sources-2.6.16-r1 (11 Apr 2006)
979    
980     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
981     +hardened-sources-2.6.16-r1.ebuild:
982     Bumping to include ppc build fix and 2.6.16.3
983 tsunam 1.84
984     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
985     hardened-sources-2.6.14-r6.ebuild:
986     Stable on x86; bug #127718
987 johnm 1.83
988     *hardened-sources-2.6.16 (31 Mar 2006)
989    
990     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
991     +hardened-sources-2.6.16.ebuild:
992     Bumping to new version of grsec, and kernel base. New squashfs. Based on
993     2.6.16.1
994 cryos 1.82
995     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
996     hardened-sources-2.6.14-r6.ebuild:
997     Stable on amd64, bug 127718.
998 nixnut 1.81
999     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1000     Stable on ppc. Bug #127718
1001 johnm 1.80
1002     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1003     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1004     -hardened-sources-2.6.14-r4.ebuild:
1005     Cleanup.
1006 johnm 1.79
1007     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1008    
1009     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1010     +hardened-sources-2.6.14-r6.ebuild:
1011     Fixes grsec policy recreation bug and adds a
1012     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1013 solar 1.78
1014     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1015     - stable on x86
1016 hansmi 1.77
1017     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1018     hardened-sources-2.6.14-r5.ebuild:
1019     Stable on ppc.
1020 johnm 1.76
1021     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1022    
1023     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1024     +hardened-sources-2.6.14-r5.ebuild:
1025     fixing every known exploit
1026 solar 1.75
1027     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1028    
1029     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1030     +hardened-sources-2.4.32-r2.ebuild:
1031     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1032 solar 1.74
1033     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1034    
1035     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1036     - version bump for new genpatches which fix up a few sec holes
1037 solar 1.73
1038     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1039    
1040     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1041     - revision bump to add misc vital linux kernel security patches.
1042 johnm 1.72
1043     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1044    
1045     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1046     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1047     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1048 johnm 1.71
1049     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1050     hardened-sources-2.6.14-r2.ebuild:
1051     making x86 & amd64 stable following testing.
1052 johnm 1.70
1053     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1054    
1055     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1056     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1057     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1058     network hooks.
1059 johnm 1.69
1060     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1061     hardened-sources-2.6.14-r1.ebuild:
1062     bumping to stable early for sec fix on x86 & amd64
1063 johnm 1.68
1064     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1065    
1066     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1067     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1068     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1069 solar 1.67
1070     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1071     - stable on x86 security bug #114227 CAN-2005-3257
1072 kang 1.66
1073     *hardened-sources-2.4.32 (19 Nov 2005)
1074    
1075     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1076     +hardened-sources-2.4.32.ebuild:
1077     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1078     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1079     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1080     rsbac >> /etc/portage/package.use)
1081 johnm 1.65
1082     *hardened-sources-2.6.14 (14 Nov 2005)
1083    
1084     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1085     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1086     Bumping 2.6 series to 2.6.14.2
1087 johnm 1.64
1088     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1089    
1090     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1091     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1092     +hardened-sources-2.6.13-r2.ebuild:
1093     Fixes minor build error in ppc.
1094 johnm 1.63
1095     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1096    
1097     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1098     +hardened-sources-2.6.13-r1.ebuild:
1099     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1100     2.6.13.4, fixes some major amd64 stability problems.
1101 johnm 1.62
1102     *hardened-sources-2.6.13 (16 Sep 2005)
1103    
1104     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1105     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1106     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1107     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1108     users should test this thoroughly.
1109 solar 1.61
1110     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1111     - stable on x86
1112 johnm 1.60
1113     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1114    
1115     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1116     +hardened-sources-2.6.11-r15.ebuild:
1117     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1118     grsec redefining curr_ip struct.
1119 solar 1.59
1120     *hardened-sources-2.4.31 (20 Jun 2005)
1121    
1122     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1123     initial import of 2.4.31 tree
1124 johnm 1.58
1125     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1126    
1127     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1128     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1129     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1130     naming scheme to abide by genpatches
1131 johnm 1.57
1132     *hardened-sources-2.6.11-r13 (18 May 2005)
1133    
1134     18 May 2005; John Mylchreest <johnm@gentoo.org>
1135     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1136     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1137     target. sorry about that. Fixes bug #93022
1138 johnm 1.56
1139     *hardened-sources-2.6.11-r12 (17 May 2005)
1140    
1141     17 May 2005; John Mylchreest <johnm@gentoo.org>
1142     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1143     +hardened-sources-2.6.11-r12.ebuild:
1144     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1145     merges in genpatches-base
1146 johnm 1.55
1147     *hardened-sources-2.6.11-r12 (17 May 2005)
1148    
1149     17 May 2005; John Mylchreest <johnm@gentoo.org>
1150     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1151     +hardened-sources-2.6.11-r12.ebuild:
1152     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1153     merges in genpatches-base
1154 solar 1.54
1155     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1156     -files/2.4.27-cmdline-race.patch,
1157     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1158     -files/2.4.28-grsec-binfmt_a.out.patch,
1159     -files/2.4.28-grsec-cmdline-race.patch,
1160     -files/2.4.28-selinux-binfmt_a.out.patch,
1161     -files/2.4.28-selinux-cmdline-race.patch,
1162     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1163     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1164     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1165     cleanup..
1166 solar 1.53
1167     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1168    
1169     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1170     - disable aout by default
1171 solar 1.52
1172     *hardened-sources-2.4.30 (18 Apr 2005)
1173    
1174     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1175     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1176     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1177     use
1178 tocharian 1.50
1179 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1180    
1181     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1182     +hardened-sources-2.4.29.ebuild:
1183     New hardened-patches-2.4-29.0 patchball.
1184     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1185    
1186     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1187    
1188     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1189     +hardened-sources-2.4.28-r5.ebuild:
1190     Added a fix for a PaX vulnerability.
1191    
1192     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1193 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1194     Stable on x86
1195 solar 1.49
1196     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1197     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1198     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1199     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1200     - fixed/added RDEPEND= in all kernel-2 ebuilds
1201 tocharian 1.48
1202     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1203    
1204     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1205     +hardened-sources-2.4.28-r4.ebuild:
1206     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1207     backport of neighbour hash updates.
1208 tocharian 1.47
1209     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1210     hardened-sources-2.4.28-r3.ebuild:
1211     Stable on x86
1212 tseng 1.46
1213     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1214    
1215     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1216     +hardened-sources-2.6.10-r3.ebuild:
1217     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1218     in 2005.0
1219 tocharian 1.45
1220     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1221     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1222     hardened-sources-2.4.28-r2.ebuild:
1223     Mark stable on x86
1224 tocharian 1.44
1225     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1226    
1227     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1228     +hardened-sources-2.4.28-r3.ebuild:
1229     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1230 tocharian 1.43
1231     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1232     hardened-sources-2.4.28.ebuild:
1233     Mark stable on x86.
1234 tocharian 1.42
1235     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1236    
1237     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1238     +hardened-sources-2.4.28-r2.ebuild:
1239     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1240     Mazinger for grsecurity patches as well.
1241 plasmaroo 1.41
1242     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1243    
1244     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1245     Security bump. Thank tocharian for rolling a new patchset...
1246 solar 1.40
1247     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1248     +files/2.4.28-grsec-cmdline-race.patch,
1249     +files/2.4.28-selinux-binfmt_a.out.patch,
1250     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1251     - Round up remaining security patches that appear to be missing in 2.4.28. -
1252     PaX standalone updated to current. hgpv=28.1
1253 solar 1.39
1254     *hardened-sources-2.4.28 (28 Nov 2004)
1255    
1256     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1257     security bump. Thank tocharian for rolling a new patchset
1258 scox 1.31
1259 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1260    
1261     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1262     +hardened-sources-2.4.27-r3.ebuild:
1263     Applies the new 2.4-27.2 patchball which updates
1264     GRSecurity to the 2.0.1 version.
1265    
1266 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1267    
1268     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1269     +hardened-sources-2.4.27-r2.ebuild:
1270     Version bump.
1271     This version uses the new 2.4-27.1 patchball which updates
1272     both the SELinux PaX hooks patch and the SELinux headers.
1273    
1274 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1275    
1276     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1277     +hardened-sources-2.4.27-r1.ebuild,
1278     -hardened-sources-2.4.27.ebuild,
1279     +files/2.4.27-cmdline-race.patch:
1280     Version bump, fix for cmdline race. See bug #59905.
1281    
1282     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1283    
1284     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1285     +hardened-sources-2.4.26-r6.ebuild,
1286     -hardened-sources-2.4.26-r5.ebuild,
1287     -hardened-sources-2.4.26-r4.ebuild,
1288     +files/2.4.26-cmdline-race.patch:
1289     Version bump, fix for cmdline race. See bug #59905.
1290    
1291 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1292    
1293     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1294     +hardened-sources-2.4.27.ebuild,
1295     +files/2.4.27-CAN-2004-0394.patch:
1296     Ported the patchball to the 2.4.27 kernel version.
1297    
1298 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1299    
1300     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1301     +hardened-sources-2.4.26-r5.ebuild:
1302 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1303 scox 1.34 It adds the following features:
1304     - Squashfs
1305     - Ebtables
1306     - Netdev random (core+drivers)
1307     - Watchdog Timer (WDT) fix.
1308    
1309 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1310    
1311     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1312     +hardened-sources-2.4.26-r4.ebuild,
1313     +files/2.4.26-CAN-2004-0415.patch,
1314     -hardened-sources-2.4.26-3:
1315     Version bump, fix for CAN 0415, see bug #59378.
1316    
1317 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1318    
1319     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1320     +hardened-sources-2.4.26-r3.ebuild,
1321     +files/2.4.26-CAN-2004-0497.patch,
1322     -hardened-sources-2.4.26-r2.ebuild:
1323     Version bump, fixed CAN 0497, see bug #56171.
1324    
1325 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1326    
1327     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1328 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1329 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1330     +files/2.4.26-CAN-2004-0535.patch,
1331     -hardened-sources-2.4.26-r1.ebuild:
1332     Fixes for both CAN 0495 and 0535, see bug #54976
1333 pvdabeel 1.27
1334 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1335     hardened-sources-2.4.26-r1.ebuild:
1336     QA - fix use invocation
1337 scox 1.28
1338     *hardened-sources-2.4.26-r1 (22 June 2004)
1339    
1340     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1341     +hardened-sources-2.4.26-r1.ebuild,
1342     +files/2.4.26-CAN-2004-0394.patch,
1343     +files/2.4.26-signal-race.patch,
1344     -hardened-sources-2.4.26.ebuild,
1345     -hardened-sources-2.4.24-r3.ebuild:
1346     Version bump for the CAN-2004-0394 issue and bug #53804
1347     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1348    
1349    
1350 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1351     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1352     Masked hardened-sources-2.4.26.ebuild broken for ppc
1353    
1354     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1355     hardened-sources-2.4.24-r3.ebuild:
1356     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1357 plasmaroo 1.25
1358 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1359    
1360     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1361     +hardened-sources-2.4.26.ebuild:
1362     Updated hardened-sources for the 2.4.26 kernel
1363     Removed broken components, updated almost everything.
1364    
1365 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1366    
1367     17 Apr 2004; <plasmaroo@gentoo.org>
1368     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1369     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1370     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1371     +hardened-sources-2.4.24-r3.ebuild:
1372     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1373     vulnerabilities. Old revisions removed.
1374 plasmaroo 1.24
1375     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1376    
1377     15 Apr 2004; <plasmaroo@gentoo.org>
1378     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1379     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1380     Version bump for the CAN-2004-0109 issue; bug #47881.
1381 aliz 1.23
1382     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1383     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1384     Add eutils to inherit.
1385 plasmaroo 1.22
1386     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1387    
1388     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1389     files/hardened-sources-2.4.24.munmap.patch:
1390     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1391 scox 1.19
1392 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1393 scox 1.26
1394 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1395     hardened-sources-2.4.24.ebuild:
1396     Version bump, updated most of the components.
1397     This release includes the following:
1398    
1399     - Hardened security
1400     - Netfilter patch-o-matic 20031219
1401     - FreeSWAN 2.04 & x509 1.4.8
1402     - EVMS 2.2.2
1403     - XFS 1.3.1
1404     - cryptoloop jari
1405     - grsecurity 2.0-rc4
1406     - SELinux
1407     - PaX 200402060000
1408     - PaX Obscurity 200308302223
1409     - Others...
1410    
1411     Neither -ck nor systrace are included anymore.
1412    
1413 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1414    
1415     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1416     hardened-sources-2.4.22-r2.ebuild:
1417 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1418 scox 1.19
1419     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1420 iggy 1.17
1421     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1422 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1423 iggy 1.16
1424     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1425 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1426     Version bump for the 'do_brk' vulnerability.
1427 iggy 1.15
1428     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1429     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1430     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1431     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1432 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1433 frogger 1.14
1434     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1435     hardened-sources-2.4.22.ebuild:
1436 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1437     components. These are no longer handled in the kernel
1438     so this code was not necessary.
1439 frogger 1.13
1440     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1441     New 2.4.22 based hardened-sources thanks to
1442     Phil West <p.west@computer.org>.
1443    
1444     These sources include:
1445 plasmaroo 1.18 - New SELinux API
1446     - Updated CK-base
1447     - Updated GRSec
1448     - Systrace
1449     - SuperFreeS/WAN 1.99.8
1450     - Propolice kernel build support
1451     - EVMS
1452     - Other various security related patches
1453 frogger 1.11
1454 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1455    
1456     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1457     Updated hardened-sources based on the 2.4.21 Linux kernel.
1458     This includes updates to most major components such as:
1459 plasmaroo 1.18 - ck-base-0306300059
1460     - selinux-2.4-2003071106
1461     - grsecurity-2.0-rc1
1462     - Updated IPTables patch-o-matic
1463     - Updated SuperFreeS/WAN
1464    
1465 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1466     updated patch set ready for the 2.4.21 based kernel.
1467    
1468 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1469     Initial import of hardened-sources-2.4.20-r4. This revision
1470     includes only a few changes, but one of these is an important
1471     security fix. It is recommended all users of hardened-sources
1472     upgrade to this release.
1473 plasmaroo 1.18
1474 frogger 1.11 - ioperm bug fix
1475     - fixed compilation failure when building without GRSec
1476 plasmaroo 1.18
1477 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1478     due to time constraints, but is planned for inclusion in the near
1479     future.
1480 msterret 1.10
1481     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1482    
1483     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1484     hardened-sources-2.4.20-r3.ebuild:
1485 plasmaroo 1.18 Add Header...
1486 frogger 1.9
1487     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1488     hardened-sources-2.4.20-r3.ebuild:
1489     Removed warnings from ebuild. This kernel should be safe to
1490     use at this point.
1491 frogger 1.8
1492     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1493    
1494     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1495     hardened-sources-2.4.20-r3.ebuild:
1496     New revision. Includes the following changes over -r2:
1497 plasmaroo 1.18
1498 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1499     - Super FreeS/WAN 1.99.7rc2
1500     - PaX for the LSM/SELinux branch
1501     - GRSecurity 2.0-pre4 (role based access control)
1502     - Systrace 1.3
1503     - EXT3 fixes
1504     - EVMS 2.0.1
1505     - GCC 3.1+ compile optimizations
1506     - ProPolice kernel build support
1507     - Hashing table security fixes
1508 frogger 1.3
1509     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1510 frogger 1.7
1511     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1512     Initial import of hardened-sources-r2. This new
1513     ebuild includes many new performance and security
1514     related patches. As in -r1, it will patch in
1515     LSM/SELinux if "selinux" is in USE, otherwise it
1516     will patch in GRSecurity. The following patches
1517     are included in this revision:
1518 plasmaroo 1.18
1519 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1520     (pulled from the base CK patch)
1521     - ptrace exploit patch for the LSM kernel
1522     (the GRSec patch already fixes this)
1523     - LSM 2.4-2003040709
1524     - SELinux 2.4-2003040709
1525     - Systrace v1.2
1526     - IPTables patch-o-matic base patches - 20030107
1527     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1528     - Super FreeS/WAN 1.99.6.1
1529     - GRSecurity 1.9.9g
1530     - MPPE
1531     - EXT3 data journal fix
1532     - CIPE 1.5.4
1533 frogger 1.6
1534     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1535     hardened-sources-2.4.20-r1.ebuild, manifest:
1536 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1537 frogger 1.5
1538     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1539     hardened-sources-2.4.20-r1.ebuild:
1540     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1541     is patched in instead. Ptrace patches for selinux have also been added. In
1542     either case, systrace support will be patched in as well.
1543 frogger 1.3
1544     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1545     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1546 plasmaroo 1.18 Revision bump for new sources.
1547 frogger 1.4
1548 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1549 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1550 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1551 method 1.1
1552 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1553    
1554 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1555     hardened-sources-2.4.20.ebuild:
1556 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20