/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.255 - (hide annotations) (download)
Wed Nov 12 19:27:34 2008 UTC (5 years, 8 months ago) by gengor
Branch: MAIN
Changes since 1.254: +7 -1 lines
Add 2.6.26-r6 release.
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.255 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.254 2008/11/12 07:05:45 gengor Exp $
4    
5     *hardened-sources-2.6.26-r6 (12 Nov 2008)
6    
7     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.26-r6.ebuild:
9     Bump to Linux 2.6.26.8 and fix security bug #245650.
10 gengor 1.254
11     *hardened-sources-2.6.25-r10 (12 Nov 2008)
12    
13     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
14     +hardened-sources-2.6.25-r10.ebuild:
15     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
16 gengor 1.253
17     *hardened-sources-2.6.27-r1 (09 Nov 2008)
18    
19     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
20     +hardened-sources-2.6.27-r1.ebuild:
21     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
22 gengor 1.252
23     *hardened-sources-2.6.27 (04 Nov 2008)
24    
25     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
26     +hardened-sources-2.6.27.ebuild:
27     Initial 2.6.27 release.
28 gengor 1.251
29     *hardened-sources-2.6.26-r5 (03 Nov 2008)
30    
31     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
32     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
33     +hardened-sources-2.6.26-r5.ebuild:
34     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
35     Clean out some old versions.
36 nixnut 1.250
37     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
38     Stable on ppc
39 gengor 1.249
40     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
41     hardened-sources-2.6.25-r9.ebuild:
42     Stable on amd64/x86.
43 gengor 1.248
44     *hardened-sources-2.6.25-r9 (26 Oct 2008)
45    
46     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
47     +hardened-sources-2.6.25-r9.ebuild:
48     Update to Linux 2.6.25.19
49 nixnut 1.247
50     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
51     Stable on ppc
52 gengor 1.246
53     *hardened-sources-2.6.26-r4 (14 Oct 2008)
54    
55     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
56     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
57     Update to latest grsecurity patch, fixing building of non-modular kernels.
58 gengor 1.245
59     *hardened-sources-2.6.26-r3 (12 Oct 2008)
60    
61     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
62     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
63     +hardened-sources-2.6.26-r3.ebuild:
64     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
65     2.6.26-r1: Removed.
66     2.6.25-r8: Stable amd64/x86.
67 gengor 1.244
68     *hardened-sources-2.6.25-r8 (09 Oct 2008)
69    
70     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
71     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
72     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
73     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
74 nixnut 1.243
75     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
76     Stable on ppc
77 gengor 1.242
78     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
79     hardened-sources-2.6.25-r7.ebuild:
80     Stable amd64/x86.
81 gengor 1.241
82     *hardened-sources-2.6.26-r2 (13 Sep 2008)
83    
84     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
85     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
86     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
87     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
88 gengor 1.240
89     *hardened-sources-2.6.25-r7 (13 Sep 2008)
90    
91     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
92     +hardened-sources-2.6.25-r7.ebuild:
93     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
94 gengor 1.239
95     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
96     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
97     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
98     hardened-sources-2.6.26-r1.ebuild:
99     Update DESCRIPTION and HGPV_URI.
100 gengor 1.238
101     *hardened-sources-2.6.25-r6 (09 Sep 2008)
102    
103     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
104     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
105     2.6.25-r6: Update to Linux 2.6.25.17.
106     2.6.24-r3: Removed.
107 gengor 1.237
108     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
109     hardened-sources-2.6.25-r5.ebuild:
110     Stable on amd64/x86
111 gengor 1.236
112     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
113     Update my email address.
114 nixnut 1.235
115     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
116     stable on ppc
117 battousai 1.234
118     *hardened-sources-2.6.26-r1 (23 Aug 2008)
119     *hardened-sources-2.6.25-r5 (23 Aug 2008)
120    
121     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
122     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
123     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
124     +hardened-sources-2.6.26-r1.ebuild:
125     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
126     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
127     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
128     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
129     (gengor).
130 solar 1.233
131     *hardened-sources-2.6.26 (18 Aug 2008)
132     *hardened-sources-2.6.25-r4 (18 Aug 2008)
133    
134     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
135     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
136     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
137     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
138     2.6.25-r2: Removed.
139 tove 1.232
140     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
141     Remove phreak from metadata.xml (#96398)
142 solar 1.231
143     *hardened-sources-2.6.25-r3 (31 Jul 2008)
144    
145     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
146     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
147     +hardened-sources-2.6.25-r3.ebuild:
148     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
149     fixes, including security bug #231750.
150 nixnut 1.230
151     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
152     Stable on ppc
153 solar 1.229
154     *hardened-sources-2.6.25-r2 (05 Jul 2008)
155    
156     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
157     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
158     +hardened-sources-2.6.25-r2.ebuild:
159     2.6.23-r4: Stable x86/amd64
160     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
161     2.6.23-r{11,12}: Removed due to multiple vulns.
162     (gengor & kerframil)
163 nixnut 1.228
164     04 Jul 2008; nixnut <nixnut@gentoo.org>
165     hardened-sources-2.6.23-r13.ebuild:
166     Stable on ppc
167 solar 1.227
168     *hardened-sources-2.6.25-r1 (30 Jun 2008)
169    
170     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
171     +hardened-sources-2.6.25-r1.ebuild:
172     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
173     grsecurity release. 2.6.23-r13: x86/amd64 stable
174 solar 1.226
175     *hardened-sources-2.6.25 (17 Jun 2008)
176     *hardened-sources-2.6.24-r3 (17 Jun 2008)
177     *hardened-sources-2.6.23-r13 (17 Jun 2008)
178    
179     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
180     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
181     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
182     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
183     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
184     2.6.25: Initial 2.6.25 release.
185 solar 1.225
186     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
187     - fasttrack to stable x86/amd64
188 swegener 1.224
189     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
190     Fix broken digest for linux-2.6.24.tar.bz2.
191 solar 1.223
192     *hardened-sources-2.6.24-r2 (11 May 2008)
193     *hardened-sources-2.6.23-r12 (11 May 2008)
194    
195     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
196     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
197     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
198     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
199     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
200     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
201     security bugs 219901, 220691, 220975, 220979, 221123. New
202     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
203     should be removed as far as I'm concerned, everything else remove due to
204     vulnerable to numerous security bugs or brokeness.
205 nixnut 1.222
206     10 May 2008; nixnut <nixnut@gentoo.org>
207     hardened-sources-2.6.23-r11.ebuild:
208     Stable on ppc
209 solar 1.221
210     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
211     - -r11 stable on x86/amd64
212 solar 1.220
213     *hardened-sources-2.6.23-r11 (01 May 2008)
214    
215     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
216     - version bump to fix ulgy linux bugs
217 phreak 1.219
218     *hardened-sources-2.6.24-r1 (30 Apr 2008)
219    
220     30 Apr 2008; Christian Heim <phreak@gentoo.org>
221     +hardened-sources-2.6.24-r1.ebuild:
222     Revision bump (thanks to Kerin and Gordon, again), pulling
223     genpatches-2.6.24-7, solving #219089. Additionally contains further security
224     fixes plus some minor updates.
225 phreak 1.218
226     *hardened-sources-2.6.23-r10 (30 Apr 2008)
227    
228     30 Apr 2008; Christian Heim <phreak@gentoo.org>
229     +hardened-sources-2.6.23-r10.ebuild:
230     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
231     Additional contains "various other fixes".
232 phreak 1.217
233     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
234     Update the longdescription in metadata, thanks to Gordon Malm.
235 nixnut 1.216
236     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
237     Stable on ppc wrt bug #213255
238 solar 1.215
239     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
240     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
241     - stable on x86/amd64 per request. Removed obsolete ebuilds
242 phreak 1.214
243     *hardened-sources-2.6.24 (07 Apr 2008)
244    
245     07 Apr 2008; Christian Heim <phreak@gentoo.org>
246     +hardened-sources-2.6.24.ebuild:
247     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
248     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
249     for the many contributions and their continued effort in #216612) based on
250     2.6.24 and genpatches-2.6.24-5.
251    
252     The current ebuild/patchset contains these things:
253     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
254     * Introduces bespoke server and workstation oriented security levels
255     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
256 phreak 1.213
257     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
258     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
259     maintaining it).
260 phreak 1.212
261     24 Mar 2008; Christian Heim <phreak@gentoo.org>
262     hardened-sources-2.4.35-r2.ebuild:
263     Fixing SRC_URI for 2.4.35-r2.
264 phreak 1.211
265     *hardened-sources-2.6.23-r9 (22 Mar 2008)
266    
267     22 Mar 2008; Christian Heim <phreak@gentoo.org>
268     +hardened-sources-2.6.23-r9.ebuild:
269     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
270     * Change the default GIDs for some grsecurity options
271     * Revamp the Hardened [Gentoo] security level and make it the default level
272     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
273     * Fix a recursive lock -- call to capable() within ptrace_attach()
274     * Fix bug that allows audit and iscsi operations to be controlled via netlink
275 solar 1.210
276     *hardened-sources-2.6.23-r8 (27 Feb 2008)
277    
278     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
279     - version bump from Kerin Millar bug 210026
280 solar 1.209
281     17 Feb 2008; <solar@gentoo.org> metadata.xml,
282     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
283     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
284     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
285     - stable on x86 and remove old ebuilds
286 solar 1.207
287     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
288 solar 1.208 - stable on amd64 per request of amd64 lead
289 solar 1.206
290     *hardened-sources-2.6.23-r7 (11 Feb 2008)
291    
292     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
293     - version bump from kerin.millar
294     Changes:
295    
296     * Bump to genpatches-base-2.6.23-9
297     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
298     * Disables COMPAT_VDSO in x86/defconfig
299     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
300 phreak 1.205
301     25 Jan 2008; Christian Heim <phreak@gentoo.org>
302     -hardened-sources-2.6.22-r8.ebuild:
303     Cleaning up old versions.
304 phreak 1.204
305     *hardened-sources-2.6.23-r6 (25 Jan 2008)
306    
307     25 Jan 2008; Christian Heim <phreak@gentoo.org>
308     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
309     Revision bump, pulling in the latest genpatches.
310 phreak 1.203
311     *hardened-sources-2.6.23-r5 (24 Dec 2007)
312    
313     24 Dec 2007; Christian Heim <phreak@gentoo.org>
314     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
315     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
316     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
317     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
318 phreak 1.202
319     24 Dec 2007; Christian Heim <phreak@gentoo.org>
320     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
321     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
322     -hardened-sources-2.6.23-r3.ebuild:
323     Cleaning out some unused, old versions.
324 phreak 1.201
325     24 Dec 2007; Christian Heim <phreak@gentoo.org>
326     hardened-sources-2.6.23-r4.ebuild:
327     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
328     in the tree for long, but there isn't much of a difference between this and
329     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
330 phreak 1.200
331     *hardened-sources-2.6.23-r4 (23 Dec 2007)
332    
333     23 Dec 2007; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.23-r4.ebuild:
335     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
336 phreak 1.199
337     *hardened-sources-2.6.23-r3 (04 Dec 2007)
338    
339     04 Dec 2007; Christian Heim <phreak@gentoo.org>
340     +hardened-sources-2.6.23-r3.ebuild:
341     Revision bump, pulling in 2.6.23.9.
342 phreak 1.198
343     *hardened-sources-2.6.23-r2 (25 Nov 2007)
344    
345     25 Nov 2007; Christian Heim <phreak@gentoo.org>
346     +hardened-sources-2.6.23-r2.ebuild:
347     Updated patchset, thanks to solar.
348 phreak 1.197
349     *hardened-sources-2.6.23-r1 (31 Oct 2007)
350    
351     31 Oct 2007; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.6.23-r1.ebuild:
353     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
354 solar 1.196
355     29 Oct 2007; <solar@gentoo.org> metadata.xml:
356     - update metadata.xml
357 phreak 1.195
358     25 Oct 2007; Christian Heim <phreak@gentoo.org>
359     hardened-sources-2.6.22-r8.ebuild:
360     Marking 2.6.22-r8 stable on amd64 and x86.
361 phreak 1.194
362     21 Oct 2007; Christian Heim <phreak@gentoo.org>
363     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
364     -hardened-sources-2.6.21-r4.ebuild:
365     Removing old ebuilds.
366 phreak 1.193
367     *hardened-sources-2.4.35-r2 (21 Oct 2007)
368    
369     21 Oct 2007; Christian Heim <phreak@gentoo.org>
370     +hardened-sources-2.4.35-r2.ebuild:
371     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
372     patches.
373 phreak 1.192
374     *hardened-sources-2.6.22-r8 (21 Oct 2007)
375    
376     21 Oct 2007; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.22-r8.ebuild:
378     Yet another new patch, hopefully fixing the remaining issues we had w/
379     2.6.22. Candidate for stabling.
380 phreak 1.191
381     *hardened-sources-2.6.23 (13 Oct 2007)
382    
383     13 Oct 2007; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.23.ebuild:
385     Initial hardened-sources-2.6.23. If people still have problems w/ bug
386     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
387 phreak 1.190
388     11 Oct 2007; Christian Heim <phreak@gentoo.org>
389     hardened-sources-2.6.20-r10.ebuild:
390     Pulling in yet another new genpatches version, fixing the PWC bug for real.
391 phreak 1.189
392     04 Oct 2007; Christian Heim <phreak@gentoo.org>
393     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
394     Removing old versions.
395 phreak 1.188
396     *hardened-sources-2.6.22-r7 (01 Oct 2007)
397    
398     01 Oct 2007; Christian Heim <phreak@gentoo.org>
399     +hardened-sources-2.6.22-r7.ebuild:
400     Revision bump, pulling in a newer patch. Should fix #194276.
401 phreak 1.187
402     30 Sep 2007; Christian Heim <phreak@gentoo.org>
403     hardened-sources-2.6.20-r10.ebuild:
404     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
405     Mike Doty).
406 phreak 1.186
407     *hardened-sources-2.6.22-r6 (26 Sep 2007)
408    
409     26 Sep 2007; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.6.22-r6.ebuild:
411     Revision bump, grabbing up till Linux 2.6.22.9.
412 phreak 1.185
413     24 Sep 2007; Christian Heim <phreak@gentoo.org>
414     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
415     Cleaning up further.
416 phreak 1.184
417     *hardened-sources-2.6.20-r10 (24 Sep 2007)
418    
419     24 Sep 2007; Christian Heim <phreak@gentoo.org>
420     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
421     +hardened-sources-2.6.20-r10.ebuild:
422     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
423     revisions.
424 phreak 1.183
425     *hardened-sources-2.6.22-r5 (22 Sep 2007)
426    
427     22 Sep 2007; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.22-r5.ebuild:
429     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
430 phreak 1.182
431     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
432     Removing johnm from metadata.xml (see #186467 for reference).
433 phreak 1.181
434     *hardened-sources-2.6.22-r4 (17 Sep 2007)
435    
436     17 Sep 2007; Christian Heim <phreak@gentoo.org>
437     +hardened-sources-2.6.22-r4.ebuild:
438     Revision bump, hopefully fixing all those weird PAX failures.
439 phreak 1.180
440     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
441     Updating the metadata.xml.
442 phreak 1.179
443     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
444     Removing tocharian from metadata due to his retirement (see #71718 for
445     reference).
446 phreak 1.178
447     *hardened-sources-2.6.20-r9 (30 Aug 2007)
448    
449     30 Aug 2007; Christian Heim <phreak@gentoo.org>
450     +hardened-sources-2.6.20-r9.ebuild:
451     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
452 phreak 1.177
453     29 Aug 2007; Christian Heim <phreak@gentoo.org>
454     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
455     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
456     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
457     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
458     -hardened-sources-2.6.22-r2.ebuild:
459     Removing some redundant versions.
460 phreak 1.176
461     *hardened-sources-2.4.35-r1 (29 Aug 2007)
462    
463     29 Aug 2007; Christian Heim <phreak@gentoo.org>
464     +hardened-sources-2.4.35-r1.ebuild:
465     Revision bump, new grsecurity patch.
466 phreak 1.175
467     *hardened-sources-2.6.20-r8 (26 Aug 2007)
468    
469     26 Aug 2007; Christian Heim <phreak@gentoo.org>
470     +hardened-sources-2.6.20-r8.ebuild:
471     Revision bump for Linux 2.6.20.17.
472 phreak 1.174
473     *hardened-sources-2.6.22-r3 (22 Aug 2007)
474    
475     22 Aug 2007; Christian Heim <phreak@gentoo.org>
476     +hardened-sources-2.6.22-r3.ebuild:
477     Revision bump for Linux 2.6.22.4.
478 phreak 1.173
479     16 Aug 2007; Christian Heim <phreak@gentoo.org>
480     hardened-sources-2.6.22-r2.ebuild:
481     Updated patchset, to fix the alignment against 2.6.22.3.
482 phreak 1.172
483     *hardened-sources-2.6.22-r2 (16 Aug 2007)
484    
485     16 Aug 2007; Christian Heim <phreak@gentoo.org>
486     +hardened-sources-2.6.22-r2.ebuild:
487     Revision bump for Linux 2.6.22.3.
488 phreak 1.171
489     *hardened-sources-2.4.35 (16 Aug 2007)
490    
491     16 Aug 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.4.35.ebuild:
493     Version bump, initial version for Linux 2.4.35.
494 phreak 1.170
495     *hardened-sources-2.6.21-r4 (16 Aug 2007)
496    
497     16 Aug 2007; Christian Heim <phreak@gentoo.org>
498     +hardened-sources-2.6.21-r4.ebuild:
499     Revision bump for Linux 2.6.21.6.
500 phreak 1.169
501     *hardened-sources-2.6.20-r7 (16 Aug 2007)
502    
503     16 Aug 2007; Christian Heim <phreak@gentoo.org>
504     +hardened-sources-2.6.20-r7.ebuild:
505     Revision bump for Linux 2.6.20.16.
506 phreak 1.168
507     *hardened-sources-2.6.22-r1 (13 Aug 2007)
508    
509     13 Aug 2007; Christian Heim <phreak@gentoo.org>
510     +hardened-sources-2.6.22-r1.ebuild:
511     Yet another revision bump.
512 phreak 1.167
513     *hardened-sources-2.6.22 (10 Aug 2007)
514    
515     10 Aug 2007; Christian Heim <phreak@gentoo.org>
516     +hardened-sources-2.6.22.ebuild:
517     Initial release for 2.6.22. If you are using hardened-sources on a desktop
518     machine (P4 or newer), be aware you might need to disable
519     CONFIG_PAX_PAGEEXEC.
520 phreak 1.166
521     04 Aug 2007; Christian Heim <phreak@gentoo.org>
522     hardened-sources-2.6.20-r6.ebuild:
523     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
524     2.6.20.15.
525 phreak 1.165
526     10 Jul 2007; Christian Heim <phreak@gentoo.org>
527     hardened-sources-2.6.20-r5.ebuild:
528     Marking hardened-sources-2.6.20-r5 stable on ppc.
529 phreak 1.164
530     10 Jul 2007; Christian Heim <phreak@gentoo.org>
531     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
532     Cleanup.
533 phreak 1.163
534     *hardened-sources-2.6.20-r6 (08 Jul 2007)
535    
536     08 Jul 2007; Christian Heim <phreak@gentoo.org>
537     +hardened-sources-2.6.20-r6.ebuild:
538     Revision bump, grabbing yet another stable release.
539 phreak 1.162
540     17 Jun 2007; Christian Heim <phreak@gentoo.org>
541     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
542     -hardened-sources-2.6.21-r2.ebuild:
543     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
544     alpha stable KEYWORD by mistake.
545 phreak 1.161
546     17 Jun 2007; Christian Heim <phreak@gentoo.org>
547     hardened-sources-2.6.20-r5.ebuild:
548     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
549     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
550 phreak 1.160
551     *hardened-sources-2.6.21-r3 (12 Jun 2007)
552    
553     12 Jun 2007; Christian Heim <phreak@gentoo.org>
554     +hardened-sources-2.6.21-r3.ebuild:
555     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
556     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
557     love.
558 phreak 1.159
559     *hardened-sources-2.6.20-r5 (11 Jun 2007)
560    
561     11 Jun 2007; Christian Heim <phreak@gentoo.org>
562     +hardened-sources-2.6.20-r5.ebuild:
563     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
564     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
565     love.
566 pappy 1.158
567     *hardened-sources-2.4.34.5 (11 Jun 2007)
568    
569     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
570     +hardened-sources-2.4.34.5.ebuild:
571     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
572 phreak 1.157
573     30 May 2007; Christian Heim <phreak@gentoo.org>
574     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
575     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
576     stale ebuild(s).
577 phreak 1.156
578     30 May 2007; Christian Heim <phreak@gentoo.org>
579     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
580     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
581     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
582     Doing some cleanups, remove stale ebuilds.
583 phreak 1.155
584     26 May 2007; Christian Heim <phreak@gentoo.org>
585     hardened-sources-2.6.21-r2.ebuild:
586     Fixing the grsecurity patch, had one '};' too much.
587 phreak 1.154
588     *hardened-sources-2.6.21-r2 (26 May 2007)
589    
590     26 May 2007; Christian Heim <phreak@gentoo.org>
591     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
592     +hardened-sources-2.6.21-r2.ebuild:
593     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
594     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
595 phreak 1.153
596     *hardened-sources-2.6.20-r4 (26 May 2007)
597    
598     26 May 2007; Christian Heim <phreak@gentoo.org>
599     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
600     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
601 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
602 phreak 1.152
603     15 May 2007; Christian Heim <phreak@gentoo.org>
604     hardened-sources-2.6.20-r3.ebuild:
605     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
606     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
607     grsecurity patch fail in that exact same hunk.
608 phreak 1.151
609     *hardened-sources-2.6.20-r3 (15 May 2007)
610    
611     15 May 2007; Christian Heim <phreak@gentoo.org>
612     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
613     Revision bump, incorporating Linux 2.6.20.11.
614    
615     *hardened-sources-2.6.21-r1 (11 May 2007)
616    
617     11 May 2007; Christian Heim <phreak@gentoo.org>
618     +hardened-sources-2.6.21-r1.ebuild:
619     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
620     mentioned in #177234.
621 kevquinn 1.150
622     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
623     files/digest-hardened-sources-2.6.21, Manifest:
624     Fix Manifest/digest for linux-2.6.21.tar.bz2
625 phreak 1.149
626     06 May 2007; Christian Heim <phreak@gentoo.org>
627     hardened-sources-2.6.21.ebuild:
628     Bumping the hardened-patches version, needed for the fix for #177234.
629 phreak 1.148
630     *hardened-sources-2.6.21 (02 May 2007)
631    
632     02 May 2007; Christian Heim <phreak@gentoo.org>
633     +hardened-sources-2.6.21.ebuild:
634     Version bump, Linux 2.6.21-hardened.
635 phreak 1.147
636     29 Apr 2007; Christian Heim <phreak@gentoo.org>
637     hardened-sources-2.6.20-r2.ebuild:
638     Adding ~ia64 on Ned's request.
639 phreak 1.146
640     29 Apr 2007; Christian Heim <phreak@gentoo.org>
641     hardened-sources-2.6.20-r2.ebuild:
642     Fixing the included grsecurity patch, wasn't alligning due to the Index:
643     header line(s).
644 phreak 1.145
645     29 Apr 2007; Christian Heim <phreak@gentoo.org>
646     hardened-sources-2.6.20-r2.ebuild:
647     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
648 armin76 1.144
649     *hardened-sources-2.6.20-r2 (10 Apr 2007)
650    
651     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
652     +hardened-sources-2.6.20-r2.ebuild:
653     Version bump, on behalf of phreak
654 phreak 1.143
655     *hardened-sources-2.6.20-r1 (04 Apr 2007)
656    
657     04 Apr 2007; Christian Heim <phreak@gentoo.org>
658     +hardened-sources-2.6.20-r1.ebuild:
659     Revision bump, grabbing a newer grsecurity snapshot.
660 phreak 1.142
661     *hardened-sources-2.6.20 (25 Mar 2007)
662    
663     25 Mar 2007; Christian Heim <phreak@gentoo.org>
664     +hardened-sources-2.6.20.ebuild:
665     Finally a hardened-sources version for 2.6.20; many people have been waiting
666     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
667     testbox.
668 chainsaw 1.141
669     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
670     hardened-sources-2.6.18-r6.ebuild:
671     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
672 phreak 1.140
673     *hardened-sources-2.6.18-r6 (16 Mar 2007)
674    
675     16 Mar 2007; Christian Heim <phreak@gentoo.org>
676     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
677     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
678     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
679     supposed to be.
680 phreak 1.139
681     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
682     Fixing the Manifest, the previous one was broken (as in still had the
683     deleted ebuild in it).
684 phreak 1.138
685     06 Mar 2007; Christian Heim <phreak@gentoo.org>
686     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
687     +hardened-sources-2.6.18-r5.ebuild:
688     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
689     Linux 2.6.18.8. Also cleaning up the older version.
690    
691     *hardened-sources-2.6.18-r5 (06 Mar 2007)
692    
693     06 Mar 2007; Christian Heim <phreak@gentoo.org>
694     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
695     +hardened-sources-2.6.18-r5.ebuild:
696     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
697     Linux 2.6.18.8. Also cleaning up the older version.
698 phreak 1.137
699     24 Feb 2007; Christian Heim <phreak@gentoo.org>
700     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
701     -hardened-sources-2.6.19-r5.ebuild:
702     Removing some of the old version, that didn't work.
703 phreak 1.136
704     *hardened-sources-2.6.19-r6 (12 Feb 2007)
705    
706     12 Feb 2007; Christian Heim <phreak@gentoo.org>
707     +hardened-sources-2.6.19-r6.ebuild:
708     Revision bump, including a new grsec version fixing #166235.
709 pappy 1.134
710     *hardened-sources-2.4.34 (24 Jan 2007)
711    
712     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
713 pappy 1.135 Manifest:
714     updating Manifest with checksums of new tarball and ebuild
715    
716     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
717 pappy 1.134 +hardened-sources-2.4.34.ebuild:
718     I added new hardened sources 2.4 update, this is a critical path
719     security bugfix - all users of h-s are strongly advised
720     to update their existing hardened sources to this version.
721     It contains a fix for a kernel vulnerability that is pertaining
722     to the PaX changes to virtual memory management, possibly leading
723     to a local kernel exploit ... see grsecurity.net forums and homepage
724 phreak 1.133
725     23 Jan 2007; Christian Heim <phreak@gentoo.org>
726     files/digest-hardened-sources-2.6.19-r5, Manifest:
727     Fixing the patch-tarball digest.
728 phreak 1.132
729     *hardened-sources-2.6.19-r5 (23 Jan 2007)
730    
731     23 Jan 2007; Christian Heim <phreak@gentoo.org>
732     +hardened-sources-2.6.19-r5.ebuild:
733     Revision bump, closing the recently discovered PaX expand_stack()
734     vulnerability.
735 phreak 1.131
736     *hardened-sources-2.6.19-r4 (14 Jan 2007)
737    
738     14 Jan 2007; Christian Heim <phreak@gentoo.org>
739     +hardened-sources-2.6.19-r4.ebuild:
740     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
741     dropping the randomized PID feature.
742 opfer 1.130
743     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
744     hardened-sources-2.4.33.4.ebuild:
745     stable x86, bug #161171
746 phreak 1.129
747     *hardened-sources-2.6.19-r3 (27 Dec 2006)
748    
749     27 Dec 2006; Christian Heim <phreak@gentoo.org>
750     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
751     Revision bump for bug #157186 and #158786.
752 phreak 1.128
753     *hardened-sources-2.6.18-r4 (27 Dec 2006)
754    
755     27 Dec 2006; Christian Heim <phreak@gentoo.org>
756     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
757     Revision bump for bug #157186.
758 phreak 1.127
759     *hardened-sources-2.6.19-r2 (23 Dec 2006)
760    
761     23 Dec 2006; Christian Heim <phreak@gentoo.org>
762     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
763     Revision bump to pull in genpatches-2.6.19-3 for #157186.
764 phreak 1.126
765     17 Dec 2006; Christian Heim <phreak@gentoo.org>
766     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
767     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
768     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
769     hardened-sources-2.6.19-r1.ebuild:
770     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
771     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
772 pappy 1.125
773     *hardened-sources-2.4.33.4 (17 Dec 2006)
774    
775     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
776     +hardened-sources-2.4.33.4.ebuild:
777     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
778     and quilting
779 phreak 1.124
780     *hardened-sources-2.6.19-r1 (14 Dec 2006)
781    
782     14 Dec 2006; Christian Heim <phreak@gentoo.org>
783     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
784     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
785     for reporting).
786 phreak 1.123
787     *hardened-sources-2.6.19 (13 Dec 2006)
788    
789     13 Dec 2006; Christian Heim <phreak@gentoo.org>
790     +hardened-sources-2.6.19.ebuild:
791     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
792     Brad for providing that prompt update.
793 phreak 1.122
794     *hardened-sources-2.6.18-r3 (13 Dec 2006)
795    
796     13 Dec 2006; Christian Heim <phreak@gentoo.org>
797     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
798     +hardened-sources-2.6.18-r3.ebuild:
799     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
800     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
801 phreak 1.121
802     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
803     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
804 nixnut 1.120
805     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
806     Stable on ppc wrt bug 157356
807 opfer 1.119
808     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
809     hardened-sources-2.6.18.ebuild:
810     stable x86, bug #157356
811 phreak 1.118
812     *hardened-sources-2.6.18-r2 (06 Dec 2006)
813    
814     06 Dec 2006; Christian Heim <phreak@gentoo.org>
815     +hardened-sources-2.6.18-r2.ebuild:
816     Revision bump, including 2.6.18.5 (via genpatches) and
817     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
818     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
819     redesign.
820 phreak 1.117
821     06 Dec 2006; Christian Heim <phreak@gentoo.org>
822     hardened-sources-2.6.18.ebuild:
823     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
824     of Mike Doty).
825 phreak 1.116
826     *hardened-sources-2.6.18-r1 (23 Nov 2006)
827    
828     23 Nov 2006; Christian Heim <phreak@gentoo.org>
829     +hardened-sources-2.6.18-r1.ebuild:
830     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
831 phreak 1.115
832     *hardened-sources-2.6.18 (11 Nov 2006)
833    
834     11 Nov 2006; Christian Heim <phreak@gentoo.org>
835     +hardened-sources-2.6.18.ebuild:
836     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
837 solar 1.114
838     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
839     - mark amd64 stable also. bug #151877
840 solar 1.113
841     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
842     - mark 2.6.17-r1 stable
843 phreak 1.112
844     27 Aug 2006; Christian Heim <phreak@gentoo.org>
845     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
846     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
847 phreak 1.111
848     *hardened-sources-2.6.17-r1 (26 Aug 2006)
849    
850     26 Aug 2006; Christian Heim <phreak@gentoo.org>
851     +hardened-sources-2.6.17-r1.ebuild:
852     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
853     grsecurity patch.
854 phreak 1.110
855     *hardened-sources-2.6.17 (17 Aug 2006)
856    
857     17 Aug 2006; Christian Heim <phreak@gentoo.org>
858     +hardened-sources-2.6.17.ebuild:
859     Bumping the hardened-sources-2.6 series to 2.6.17, using
860     genpatches-2.6.17-6.base.
861 solar 1.109
862     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
863     - stable on x86 and amd64
864 solar 1.108
865     *hardened-sources-2.6.16-r11 (15 Jul 2006)
866    
867     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
868     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
869     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
870     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
871     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
872     crusty ebuilds
873 johnm 1.107
874     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
875     hardened-sources-2.6.16-r10.ebuild:
876     marking stable on x86 and amd64
877 solar 1.106
878     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
879     - 2.4.32-r6 stable on x86. RSBAC state unknown
880 kang 1.105
881     *hardened-sources-2.4.32-r7 (10 Jul 2006)
882    
883     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
884     +hardened-sources-2.4.32-r7.ebuild:
885     Bump PaX for RSBAC to test-17
886 johnm 1.104
887     *hardened-sources-2.6.16-r9 (03 Jul 2006)
888    
889     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
890     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
891     hardened-sources-2.6.16 bump to latest -base.
892 solar 1.103
893     *hardened-sources-2.4.32-r6 (30 Jun 2006)
894    
895     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
896     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
897     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
898     sysctl controlable resource logging
899 johnm 1.102
900     *hardened-sources-2.6.16-r7 (05 Jun 2006)
901    
902     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
903     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
904     push new 2.6.16 release in preparation for stable
905 solar 1.101
906     22 May 2006; <solar@gentoo.org> :
907     - redigest bug 134002
908 kang 1.100
909     *hardened-sources-2.4.32-r5 (16 May 2006)
910    
911     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
912     +hardened-sources-2.4.32-r5.ebuild:
913     Fixes rsbac common patching (new patch in new -r5 patchset)
914 solar 1.99
915     *hardened-sources-2.4.32-r4 (13 May 2006)
916    
917     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
918     +hardened-sources-2.4.32-r4.ebuild:
919     - security bumps
920 johnm 1.98
921     *hardened-sources-2.6.16-r6 (03 May 2006)
922    
923     03 May 2006; John Mylchreest <johnm@gentoo.org>
924     +hardened-sources-2.6.16-r6.ebuild:
925     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
926 johnm 1.97
927     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
928     hardened-sources-2.6.14-r8.ebuild:
929     fix x86_64 build problem, this will delay the digest issue again for a short
930     while but it will sort itself out
931 johnm 1.96
932     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
933     hardened-sources-2.6.14-r8.ebuild:
934     bump hardened patchset
935 antarus 1.94
936     27 Apr 2006; Alec Warner <antarus@gentoo.org>
937     files/digest-hardened-sources-2.4.32-r2,
938     files/digest-hardened-sources-2.4.32-r3,
939     files/digest-hardened-sources-2.6.14-r8, Manifest:
940     Fixing duff SHA256 digests: Bug # 131293
941 johnm 1.93
942 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
943    
944     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
945     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
946     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
947     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
948     cleanup of old uneccessary sources
949    
950 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
951     fix digest
952 johnm 1.92
953     *hardened-sources-2.6.14-r8 (20 Apr 2006)
954    
955     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
956     +hardened-sources-2.6.14-r8.ebuild:
957     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
958 johnm 1.91
959     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
960     Turning on gpg-signing again, and recomitting
961 johnm 1.90
962     *hardened-sources-2.6.16-r4 (20 Apr 2006)
963    
964     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
965     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
966     +hardened-sources-2.6.16-r4.ebuild:
967     Fix numerous security vulns
968 solar 1.89
969     *hardened-sources-2.4.32-r3 (16 Apr 2006)
970    
971     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
972     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
973     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
974     - security bump for bug #112791. Removed old ebuilds
975 johnm 1.88
976     *hardened-sources-2.6.16-r3 (15 Apr 2006)
977    
978     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
979     +hardened-sources-2.6.16-r3.ebuild:
980     Removing silly localversion which I missed
981 johnm 1.87
982     *hardened-sources-2.6.14-r7 (14 Apr 2006)
983    
984     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
985     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
986     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
987 johnm 1.86
988     *hardened-sources-2.6.16-r2 (13 Apr 2006)
989    
990     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
991     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
992     +hardened-sources-2.6.16-r2.ebuild:
993     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
994     labels, dropping USERGROUP define fixes, since these were merged mainstream.
995 johnm 1.85
996     *hardened-sources-2.6.16-r1 (11 Apr 2006)
997    
998     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
999     +hardened-sources-2.6.16-r1.ebuild:
1000     Bumping to include ppc build fix and 2.6.16.3
1001 tsunam 1.84
1002     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1003     hardened-sources-2.6.14-r6.ebuild:
1004     Stable on x86; bug #127718
1005 johnm 1.83
1006     *hardened-sources-2.6.16 (31 Mar 2006)
1007    
1008     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1009     +hardened-sources-2.6.16.ebuild:
1010     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1011     2.6.16.1
1012 cryos 1.82
1013     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1014     hardened-sources-2.6.14-r6.ebuild:
1015     Stable on amd64, bug 127718.
1016 nixnut 1.81
1017     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1018     Stable on ppc. Bug #127718
1019 johnm 1.80
1020     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1021     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1022     -hardened-sources-2.6.14-r4.ebuild:
1023     Cleanup.
1024 johnm 1.79
1025     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1026    
1027     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1028     +hardened-sources-2.6.14-r6.ebuild:
1029     Fixes grsec policy recreation bug and adds a
1030     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1031 solar 1.78
1032     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1033     - stable on x86
1034 hansmi 1.77
1035     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1036     hardened-sources-2.6.14-r5.ebuild:
1037     Stable on ppc.
1038 johnm 1.76
1039     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1040    
1041     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1042     +hardened-sources-2.6.14-r5.ebuild:
1043     fixing every known exploit
1044 solar 1.75
1045     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1046    
1047     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1048     +hardened-sources-2.4.32-r2.ebuild:
1049     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1050 solar 1.74
1051     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1052    
1053     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1054     - version bump for new genpatches which fix up a few sec holes
1055 solar 1.73
1056     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1057    
1058     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1059     - revision bump to add misc vital linux kernel security patches.
1060 johnm 1.72
1061     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1062    
1063     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1064     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1065     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1066 johnm 1.71
1067     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1068     hardened-sources-2.6.14-r2.ebuild:
1069     making x86 & amd64 stable following testing.
1070 johnm 1.70
1071     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1072    
1073     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1074     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1075     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1076     network hooks.
1077 johnm 1.69
1078     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1079     hardened-sources-2.6.14-r1.ebuild:
1080     bumping to stable early for sec fix on x86 & amd64
1081 johnm 1.68
1082     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1083    
1084     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1085     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1086     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1087 solar 1.67
1088     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1089     - stable on x86 security bug #114227 CAN-2005-3257
1090 kang 1.66
1091     *hardened-sources-2.4.32 (19 Nov 2005)
1092    
1093     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1094     +hardened-sources-2.4.32.ebuild:
1095     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1096     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1097     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1098     rsbac >> /etc/portage/package.use)
1099 johnm 1.65
1100     *hardened-sources-2.6.14 (14 Nov 2005)
1101    
1102     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1103     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1104     Bumping 2.6 series to 2.6.14.2
1105 johnm 1.64
1106     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1107    
1108     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1109     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1110     +hardened-sources-2.6.13-r2.ebuild:
1111     Fixes minor build error in ppc.
1112 johnm 1.63
1113     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1114    
1115     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1116     +hardened-sources-2.6.13-r1.ebuild:
1117     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1118     2.6.13.4, fixes some major amd64 stability problems.
1119 johnm 1.62
1120     *hardened-sources-2.6.13 (16 Sep 2005)
1121    
1122     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1123     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1124     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1125     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1126     users should test this thoroughly.
1127 solar 1.61
1128     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1129     - stable on x86
1130 johnm 1.60
1131     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1132    
1133     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1134     +hardened-sources-2.6.11-r15.ebuild:
1135     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1136     grsec redefining curr_ip struct.
1137 solar 1.59
1138     *hardened-sources-2.4.31 (20 Jun 2005)
1139    
1140     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1141     initial import of 2.4.31 tree
1142 johnm 1.58
1143     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1144    
1145     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1146     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1147     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1148     naming scheme to abide by genpatches
1149 johnm 1.57
1150     *hardened-sources-2.6.11-r13 (18 May 2005)
1151    
1152     18 May 2005; John Mylchreest <johnm@gentoo.org>
1153     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1154     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1155     target. sorry about that. Fixes bug #93022
1156 johnm 1.56
1157     *hardened-sources-2.6.11-r12 (17 May 2005)
1158    
1159     17 May 2005; John Mylchreest <johnm@gentoo.org>
1160     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1161     +hardened-sources-2.6.11-r12.ebuild:
1162     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1163     merges in genpatches-base
1164 johnm 1.55
1165     *hardened-sources-2.6.11-r12 (17 May 2005)
1166    
1167     17 May 2005; John Mylchreest <johnm@gentoo.org>
1168     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1169     +hardened-sources-2.6.11-r12.ebuild:
1170     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1171     merges in genpatches-base
1172 solar 1.54
1173     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1174     -files/2.4.27-cmdline-race.patch,
1175     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1176     -files/2.4.28-grsec-binfmt_a.out.patch,
1177     -files/2.4.28-grsec-cmdline-race.patch,
1178     -files/2.4.28-selinux-binfmt_a.out.patch,
1179     -files/2.4.28-selinux-cmdline-race.patch,
1180     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1181     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1182     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1183     cleanup..
1184 solar 1.53
1185     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1186    
1187     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1188     - disable aout by default
1189 solar 1.52
1190     *hardened-sources-2.4.30 (18 Apr 2005)
1191    
1192     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1193     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1194     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1195     use
1196 tocharian 1.50
1197 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1198    
1199     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1200     +hardened-sources-2.4.29.ebuild:
1201     New hardened-patches-2.4-29.0 patchball.
1202     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1203    
1204     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1205    
1206     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1207     +hardened-sources-2.4.28-r5.ebuild:
1208     Added a fix for a PaX vulnerability.
1209    
1210     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1211 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1212     Stable on x86
1213 solar 1.49
1214     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1215     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1216     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1217     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1218     - fixed/added RDEPEND= in all kernel-2 ebuilds
1219 tocharian 1.48
1220     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1221    
1222     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1223     +hardened-sources-2.4.28-r4.ebuild:
1224     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1225     backport of neighbour hash updates.
1226 tocharian 1.47
1227     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1228     hardened-sources-2.4.28-r3.ebuild:
1229     Stable on x86
1230 tseng 1.46
1231     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1232    
1233     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1234     +hardened-sources-2.6.10-r3.ebuild:
1235     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1236     in 2005.0
1237 tocharian 1.45
1238     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1239     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1240     hardened-sources-2.4.28-r2.ebuild:
1241     Mark stable on x86
1242 tocharian 1.44
1243     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1244    
1245     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1246     +hardened-sources-2.4.28-r3.ebuild:
1247     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1248 tocharian 1.43
1249     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1250     hardened-sources-2.4.28.ebuild:
1251     Mark stable on x86.
1252 tocharian 1.42
1253     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1254    
1255     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1256     +hardened-sources-2.4.28-r2.ebuild:
1257     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1258     Mazinger for grsecurity patches as well.
1259 plasmaroo 1.41
1260     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1261    
1262     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1263     Security bump. Thank tocharian for rolling a new patchset...
1264 solar 1.40
1265     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1266     +files/2.4.28-grsec-cmdline-race.patch,
1267     +files/2.4.28-selinux-binfmt_a.out.patch,
1268     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1269     - Round up remaining security patches that appear to be missing in 2.4.28. -
1270     PaX standalone updated to current. hgpv=28.1
1271 solar 1.39
1272     *hardened-sources-2.4.28 (28 Nov 2004)
1273    
1274     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1275     security bump. Thank tocharian for rolling a new patchset
1276 scox 1.31
1277 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1278    
1279     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1280     +hardened-sources-2.4.27-r3.ebuild:
1281     Applies the new 2.4-27.2 patchball which updates
1282     GRSecurity to the 2.0.1 version.
1283    
1284 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1285    
1286     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1287     +hardened-sources-2.4.27-r2.ebuild:
1288     Version bump.
1289     This version uses the new 2.4-27.1 patchball which updates
1290     both the SELinux PaX hooks patch and the SELinux headers.
1291    
1292 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1293    
1294     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1295     +hardened-sources-2.4.27-r1.ebuild,
1296     -hardened-sources-2.4.27.ebuild,
1297     +files/2.4.27-cmdline-race.patch:
1298     Version bump, fix for cmdline race. See bug #59905.
1299    
1300     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1301    
1302     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1303     +hardened-sources-2.4.26-r6.ebuild,
1304     -hardened-sources-2.4.26-r5.ebuild,
1305     -hardened-sources-2.4.26-r4.ebuild,
1306     +files/2.4.26-cmdline-race.patch:
1307     Version bump, fix for cmdline race. See bug #59905.
1308    
1309 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1310    
1311     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1312     +hardened-sources-2.4.27.ebuild,
1313     +files/2.4.27-CAN-2004-0394.patch:
1314     Ported the patchball to the 2.4.27 kernel version.
1315    
1316 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1317    
1318     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1319     +hardened-sources-2.4.26-r5.ebuild:
1320 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1321 scox 1.34 It adds the following features:
1322     - Squashfs
1323     - Ebtables
1324     - Netdev random (core+drivers)
1325     - Watchdog Timer (WDT) fix.
1326    
1327 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1328    
1329     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1330     +hardened-sources-2.4.26-r4.ebuild,
1331     +files/2.4.26-CAN-2004-0415.patch,
1332     -hardened-sources-2.4.26-3:
1333     Version bump, fix for CAN 0415, see bug #59378.
1334    
1335 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1336    
1337     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1338     +hardened-sources-2.4.26-r3.ebuild,
1339     +files/2.4.26-CAN-2004-0497.patch,
1340     -hardened-sources-2.4.26-r2.ebuild:
1341     Version bump, fixed CAN 0497, see bug #56171.
1342    
1343 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1344    
1345     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1346 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1347 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1348     +files/2.4.26-CAN-2004-0535.patch,
1349     -hardened-sources-2.4.26-r1.ebuild:
1350     Fixes for both CAN 0495 and 0535, see bug #54976
1351 pvdabeel 1.27
1352 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1353     hardened-sources-2.4.26-r1.ebuild:
1354     QA - fix use invocation
1355 scox 1.28
1356     *hardened-sources-2.4.26-r1 (22 June 2004)
1357    
1358     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1359     +hardened-sources-2.4.26-r1.ebuild,
1360     +files/2.4.26-CAN-2004-0394.patch,
1361     +files/2.4.26-signal-race.patch,
1362     -hardened-sources-2.4.26.ebuild,
1363     -hardened-sources-2.4.24-r3.ebuild:
1364     Version bump for the CAN-2004-0394 issue and bug #53804
1365     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1366    
1367    
1368 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1369     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1370     Masked hardened-sources-2.4.26.ebuild broken for ppc
1371    
1372     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1373     hardened-sources-2.4.24-r3.ebuild:
1374     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1375 plasmaroo 1.25
1376 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1377    
1378     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1379     +hardened-sources-2.4.26.ebuild:
1380     Updated hardened-sources for the 2.4.26 kernel
1381     Removed broken components, updated almost everything.
1382    
1383 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1384    
1385     17 Apr 2004; <plasmaroo@gentoo.org>
1386     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1387     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1388     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1389     +hardened-sources-2.4.24-r3.ebuild:
1390     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1391     vulnerabilities. Old revisions removed.
1392 plasmaroo 1.24
1393     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1394    
1395     15 Apr 2004; <plasmaroo@gentoo.org>
1396     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1397     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1398     Version bump for the CAN-2004-0109 issue; bug #47881.
1399 aliz 1.23
1400     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1401     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1402     Add eutils to inherit.
1403 plasmaroo 1.22
1404     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1405    
1406     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1407     files/hardened-sources-2.4.24.munmap.patch:
1408     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1409 scox 1.19
1410 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1411 scox 1.26
1412 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1413     hardened-sources-2.4.24.ebuild:
1414     Version bump, updated most of the components.
1415     This release includes the following:
1416    
1417     - Hardened security
1418     - Netfilter patch-o-matic 20031219
1419     - FreeSWAN 2.04 & x509 1.4.8
1420     - EVMS 2.2.2
1421     - XFS 1.3.1
1422     - cryptoloop jari
1423     - grsecurity 2.0-rc4
1424     - SELinux
1425     - PaX 200402060000
1426     - PaX Obscurity 200308302223
1427     - Others...
1428    
1429     Neither -ck nor systrace are included anymore.
1430    
1431 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1432    
1433     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1434     hardened-sources-2.4.22-r2.ebuild:
1435 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1436 scox 1.19
1437     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1438 iggy 1.17
1439     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1440 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1441 iggy 1.16
1442     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1443 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1444     Version bump for the 'do_brk' vulnerability.
1445 iggy 1.15
1446     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1447     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1448     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1449     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1450 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1451 frogger 1.14
1452     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1453     hardened-sources-2.4.22.ebuild:
1454 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1455     components. These are no longer handled in the kernel
1456     so this code was not necessary.
1457 frogger 1.13
1458     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1459     New 2.4.22 based hardened-sources thanks to
1460     Phil West <p.west@computer.org>.
1461    
1462     These sources include:
1463 plasmaroo 1.18 - New SELinux API
1464     - Updated CK-base
1465     - Updated GRSec
1466     - Systrace
1467     - SuperFreeS/WAN 1.99.8
1468     - Propolice kernel build support
1469     - EVMS
1470     - Other various security related patches
1471 frogger 1.11
1472 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1473    
1474     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1475     Updated hardened-sources based on the 2.4.21 Linux kernel.
1476     This includes updates to most major components such as:
1477 plasmaroo 1.18 - ck-base-0306300059
1478     - selinux-2.4-2003071106
1479     - grsecurity-2.0-rc1
1480     - Updated IPTables patch-o-matic
1481     - Updated SuperFreeS/WAN
1482    
1483 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1484     updated patch set ready for the 2.4.21 based kernel.
1485    
1486 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1487     Initial import of hardened-sources-2.4.20-r4. This revision
1488     includes only a few changes, but one of these is an important
1489     security fix. It is recommended all users of hardened-sources
1490     upgrade to this release.
1491 plasmaroo 1.18
1492 frogger 1.11 - ioperm bug fix
1493     - fixed compilation failure when building without GRSec
1494 plasmaroo 1.18
1495 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1496     due to time constraints, but is planned for inclusion in the near
1497     future.
1498 msterret 1.10
1499     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1500    
1501     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1502     hardened-sources-2.4.20-r3.ebuild:
1503 plasmaroo 1.18 Add Header...
1504 frogger 1.9
1505     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1506     hardened-sources-2.4.20-r3.ebuild:
1507     Removed warnings from ebuild. This kernel should be safe to
1508     use at this point.
1509 frogger 1.8
1510     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1511    
1512     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1513     hardened-sources-2.4.20-r3.ebuild:
1514     New revision. Includes the following changes over -r2:
1515 plasmaroo 1.18
1516 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1517     - Super FreeS/WAN 1.99.7rc2
1518     - PaX for the LSM/SELinux branch
1519     - GRSecurity 2.0-pre4 (role based access control)
1520     - Systrace 1.3
1521     - EXT3 fixes
1522     - EVMS 2.0.1
1523     - GCC 3.1+ compile optimizations
1524     - ProPolice kernel build support
1525     - Hashing table security fixes
1526 frogger 1.3
1527     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1528 frogger 1.7
1529     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1530     Initial import of hardened-sources-r2. This new
1531     ebuild includes many new performance and security
1532     related patches. As in -r1, it will patch in
1533     LSM/SELinux if "selinux" is in USE, otherwise it
1534     will patch in GRSecurity. The following patches
1535     are included in this revision:
1536 plasmaroo 1.18
1537 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1538     (pulled from the base CK patch)
1539     - ptrace exploit patch for the LSM kernel
1540     (the GRSec patch already fixes this)
1541     - LSM 2.4-2003040709
1542     - SELinux 2.4-2003040709
1543     - Systrace v1.2
1544     - IPTables patch-o-matic base patches - 20030107
1545     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1546     - Super FreeS/WAN 1.99.6.1
1547     - GRSecurity 1.9.9g
1548     - MPPE
1549     - EXT3 data journal fix
1550     - CIPE 1.5.4
1551 frogger 1.6
1552     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1553     hardened-sources-2.4.20-r1.ebuild, manifest:
1554 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1555 frogger 1.5
1556     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1557     hardened-sources-2.4.20-r1.ebuild:
1558     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1559     is patched in instead. Ptrace patches for selinux have also been added. In
1560     either case, systrace support will be patched in as well.
1561 frogger 1.3
1562     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1563     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1564 plasmaroo 1.18 Revision bump for new sources.
1565 frogger 1.4
1566 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1567 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1568 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1569 method 1.1
1570 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1571    
1572 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1573     hardened-sources-2.4.20.ebuild:
1574 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20