/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.259 - (hide annotations) (download)
Wed Nov 19 10:04:30 2008 UTC (5 years, 4 months ago) by gengor
Branch: MAIN
Changes since 1.258: +5 -1 lines
Clean out 2.6.25-r8 and 2.6.26-r4 (old)
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.259 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.258 2008/11/19 09:59:17 gengor Exp $
4    
5     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
6     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
7     Remove old versions.
8 gengor 1.258
9     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
10     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
11     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
12 nixnut 1.257
13     16 Nov 2008; nixnut <nixnut@gentoo.org>
14     hardened-sources-2.6.25-r10.ebuild:
15     Stable on ppc
16 gengor 1.256
17     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
18     hardened-sources-2.6.25-r10.ebuild:
19     Stable amd64/x86.
20 gengor 1.255
21     *hardened-sources-2.6.26-r6 (12 Nov 2008)
22    
23     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
24     +hardened-sources-2.6.26-r6.ebuild:
25     Bump to Linux 2.6.26.8 and fix security bug #245650.
26 gengor 1.254
27     *hardened-sources-2.6.25-r10 (12 Nov 2008)
28    
29     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
30     +hardened-sources-2.6.25-r10.ebuild:
31     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
32 gengor 1.253
33     *hardened-sources-2.6.27-r1 (09 Nov 2008)
34    
35     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
36     +hardened-sources-2.6.27-r1.ebuild:
37     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
38 gengor 1.252
39     *hardened-sources-2.6.27 (04 Nov 2008)
40    
41     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
42     +hardened-sources-2.6.27.ebuild:
43     Initial 2.6.27 release.
44 gengor 1.251
45     *hardened-sources-2.6.26-r5 (03 Nov 2008)
46    
47     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
48     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
49     +hardened-sources-2.6.26-r5.ebuild:
50     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
51     Clean out some old versions.
52 nixnut 1.250
53     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
54     Stable on ppc
55 gengor 1.249
56     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
57     hardened-sources-2.6.25-r9.ebuild:
58     Stable on amd64/x86.
59 gengor 1.248
60     *hardened-sources-2.6.25-r9 (26 Oct 2008)
61    
62     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
63     +hardened-sources-2.6.25-r9.ebuild:
64     Update to Linux 2.6.25.19
65 nixnut 1.247
66     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
67     Stable on ppc
68 gengor 1.246
69     *hardened-sources-2.6.26-r4 (14 Oct 2008)
70    
71     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
72     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
73     Update to latest grsecurity patch, fixing building of non-modular kernels.
74 gengor 1.245
75     *hardened-sources-2.6.26-r3 (12 Oct 2008)
76    
77     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
78     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
79     +hardened-sources-2.6.26-r3.ebuild:
80     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
81     2.6.26-r1: Removed.
82     2.6.25-r8: Stable amd64/x86.
83 gengor 1.244
84     *hardened-sources-2.6.25-r8 (09 Oct 2008)
85    
86     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
87     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
88     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
89     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
90 nixnut 1.243
91     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
92     Stable on ppc
93 gengor 1.242
94     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
95     hardened-sources-2.6.25-r7.ebuild:
96     Stable amd64/x86.
97 gengor 1.241
98     *hardened-sources-2.6.26-r2 (13 Sep 2008)
99    
100     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
101     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
102     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
103     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
104 gengor 1.240
105     *hardened-sources-2.6.25-r7 (13 Sep 2008)
106    
107     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
108     +hardened-sources-2.6.25-r7.ebuild:
109     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
110 gengor 1.239
111     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
112     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
113     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
114     hardened-sources-2.6.26-r1.ebuild:
115     Update DESCRIPTION and HGPV_URI.
116 gengor 1.238
117     *hardened-sources-2.6.25-r6 (09 Sep 2008)
118    
119     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
120     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
121     2.6.25-r6: Update to Linux 2.6.25.17.
122     2.6.24-r3: Removed.
123 gengor 1.237
124     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
125     hardened-sources-2.6.25-r5.ebuild:
126     Stable on amd64/x86
127 gengor 1.236
128     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
129     Update my email address.
130 nixnut 1.235
131     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
132     stable on ppc
133 battousai 1.234
134     *hardened-sources-2.6.26-r1 (23 Aug 2008)
135     *hardened-sources-2.6.25-r5 (23 Aug 2008)
136    
137     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
138     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
139     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
140     +hardened-sources-2.6.26-r1.ebuild:
141     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
142     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
143     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
144     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
145     (gengor).
146 solar 1.233
147     *hardened-sources-2.6.26 (18 Aug 2008)
148     *hardened-sources-2.6.25-r4 (18 Aug 2008)
149    
150     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
151     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
152     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
153     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
154     2.6.25-r2: Removed.
155 tove 1.232
156     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
157     Remove phreak from metadata.xml (#96398)
158 solar 1.231
159     *hardened-sources-2.6.25-r3 (31 Jul 2008)
160    
161     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
162     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
163     +hardened-sources-2.6.25-r3.ebuild:
164     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
165     fixes, including security bug #231750.
166 nixnut 1.230
167     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
168     Stable on ppc
169 solar 1.229
170     *hardened-sources-2.6.25-r2 (05 Jul 2008)
171    
172     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
173     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
174     +hardened-sources-2.6.25-r2.ebuild:
175     2.6.23-r4: Stable x86/amd64
176     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
177     2.6.23-r{11,12}: Removed due to multiple vulns.
178     (gengor & kerframil)
179 nixnut 1.228
180     04 Jul 2008; nixnut <nixnut@gentoo.org>
181     hardened-sources-2.6.23-r13.ebuild:
182     Stable on ppc
183 solar 1.227
184     *hardened-sources-2.6.25-r1 (30 Jun 2008)
185    
186     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
187     +hardened-sources-2.6.25-r1.ebuild:
188     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
189     grsecurity release. 2.6.23-r13: x86/amd64 stable
190 solar 1.226
191     *hardened-sources-2.6.25 (17 Jun 2008)
192     *hardened-sources-2.6.24-r3 (17 Jun 2008)
193     *hardened-sources-2.6.23-r13 (17 Jun 2008)
194    
195     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
196     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
197     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
198     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
199     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
200     2.6.25: Initial 2.6.25 release.
201 solar 1.225
202     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
203     - fasttrack to stable x86/amd64
204 swegener 1.224
205     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
206     Fix broken digest for linux-2.6.24.tar.bz2.
207 solar 1.223
208     *hardened-sources-2.6.24-r2 (11 May 2008)
209     *hardened-sources-2.6.23-r12 (11 May 2008)
210    
211     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
212     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
213     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
214     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
215     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
216     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
217     security bugs 219901, 220691, 220975, 220979, 221123. New
218     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
219     should be removed as far as I'm concerned, everything else remove due to
220     vulnerable to numerous security bugs or brokeness.
221 nixnut 1.222
222     10 May 2008; nixnut <nixnut@gentoo.org>
223     hardened-sources-2.6.23-r11.ebuild:
224     Stable on ppc
225 solar 1.221
226     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
227     - -r11 stable on x86/amd64
228 solar 1.220
229     *hardened-sources-2.6.23-r11 (01 May 2008)
230    
231     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
232     - version bump to fix ulgy linux bugs
233 phreak 1.219
234     *hardened-sources-2.6.24-r1 (30 Apr 2008)
235    
236     30 Apr 2008; Christian Heim <phreak@gentoo.org>
237     +hardened-sources-2.6.24-r1.ebuild:
238     Revision bump (thanks to Kerin and Gordon, again), pulling
239     genpatches-2.6.24-7, solving #219089. Additionally contains further security
240     fixes plus some minor updates.
241 phreak 1.218
242     *hardened-sources-2.6.23-r10 (30 Apr 2008)
243    
244     30 Apr 2008; Christian Heim <phreak@gentoo.org>
245     +hardened-sources-2.6.23-r10.ebuild:
246     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
247     Additional contains "various other fixes".
248 phreak 1.217
249     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
250     Update the longdescription in metadata, thanks to Gordon Malm.
251 nixnut 1.216
252     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
253     Stable on ppc wrt bug #213255
254 solar 1.215
255     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
256     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
257     - stable on x86/amd64 per request. Removed obsolete ebuilds
258 phreak 1.214
259     *hardened-sources-2.6.24 (07 Apr 2008)
260    
261     07 Apr 2008; Christian Heim <phreak@gentoo.org>
262     +hardened-sources-2.6.24.ebuild:
263     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
264     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
265     for the many contributions and their continued effort in #216612) based on
266     2.6.24 and genpatches-2.6.24-5.
267    
268     The current ebuild/patchset contains these things:
269     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
270     * Introduces bespoke server and workstation oriented security levels
271     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
272 phreak 1.213
273     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
274     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
275     maintaining it).
276 phreak 1.212
277     24 Mar 2008; Christian Heim <phreak@gentoo.org>
278     hardened-sources-2.4.35-r2.ebuild:
279     Fixing SRC_URI for 2.4.35-r2.
280 phreak 1.211
281     *hardened-sources-2.6.23-r9 (22 Mar 2008)
282    
283     22 Mar 2008; Christian Heim <phreak@gentoo.org>
284     +hardened-sources-2.6.23-r9.ebuild:
285     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
286     * Change the default GIDs for some grsecurity options
287     * Revamp the Hardened [Gentoo] security level and make it the default level
288     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
289     * Fix a recursive lock -- call to capable() within ptrace_attach()
290     * Fix bug that allows audit and iscsi operations to be controlled via netlink
291 solar 1.210
292     *hardened-sources-2.6.23-r8 (27 Feb 2008)
293    
294     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
295     - version bump from Kerin Millar bug 210026
296 solar 1.209
297     17 Feb 2008; <solar@gentoo.org> metadata.xml,
298     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
299     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
300     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
301     - stable on x86 and remove old ebuilds
302 solar 1.207
303     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
304 solar 1.208 - stable on amd64 per request of amd64 lead
305 solar 1.206
306     *hardened-sources-2.6.23-r7 (11 Feb 2008)
307    
308     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
309     - version bump from kerin.millar
310     Changes:
311    
312     * Bump to genpatches-base-2.6.23-9
313     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
314     * Disables COMPAT_VDSO in x86/defconfig
315     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
316 phreak 1.205
317     25 Jan 2008; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.6.22-r8.ebuild:
319     Cleaning up old versions.
320 phreak 1.204
321     *hardened-sources-2.6.23-r6 (25 Jan 2008)
322    
323     25 Jan 2008; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
325     Revision bump, pulling in the latest genpatches.
326 phreak 1.203
327     *hardened-sources-2.6.23-r5 (24 Dec 2007)
328    
329     24 Dec 2007; Christian Heim <phreak@gentoo.org>
330     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
331     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
332     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
333     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
334 phreak 1.202
335     24 Dec 2007; Christian Heim <phreak@gentoo.org>
336     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
337     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
338     -hardened-sources-2.6.23-r3.ebuild:
339     Cleaning out some unused, old versions.
340 phreak 1.201
341     24 Dec 2007; Christian Heim <phreak@gentoo.org>
342     hardened-sources-2.6.23-r4.ebuild:
343     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
344     in the tree for long, but there isn't much of a difference between this and
345     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
346 phreak 1.200
347     *hardened-sources-2.6.23-r4 (23 Dec 2007)
348    
349     23 Dec 2007; Christian Heim <phreak@gentoo.org>
350     +hardened-sources-2.6.23-r4.ebuild:
351     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
352 phreak 1.199
353     *hardened-sources-2.6.23-r3 (04 Dec 2007)
354    
355     04 Dec 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.23-r3.ebuild:
357     Revision bump, pulling in 2.6.23.9.
358 phreak 1.198
359     *hardened-sources-2.6.23-r2 (25 Nov 2007)
360    
361     25 Nov 2007; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.23-r2.ebuild:
363     Updated patchset, thanks to solar.
364 phreak 1.197
365     *hardened-sources-2.6.23-r1 (31 Oct 2007)
366    
367     31 Oct 2007; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.6.23-r1.ebuild:
369     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
370 solar 1.196
371     29 Oct 2007; <solar@gentoo.org> metadata.xml:
372     - update metadata.xml
373 phreak 1.195
374     25 Oct 2007; Christian Heim <phreak@gentoo.org>
375     hardened-sources-2.6.22-r8.ebuild:
376     Marking 2.6.22-r8 stable on amd64 and x86.
377 phreak 1.194
378     21 Oct 2007; Christian Heim <phreak@gentoo.org>
379     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
380     -hardened-sources-2.6.21-r4.ebuild:
381     Removing old ebuilds.
382 phreak 1.193
383     *hardened-sources-2.4.35-r2 (21 Oct 2007)
384    
385     21 Oct 2007; Christian Heim <phreak@gentoo.org>
386     +hardened-sources-2.4.35-r2.ebuild:
387     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
388     patches.
389 phreak 1.192
390     *hardened-sources-2.6.22-r8 (21 Oct 2007)
391    
392     21 Oct 2007; Christian Heim <phreak@gentoo.org>
393     +hardened-sources-2.6.22-r8.ebuild:
394     Yet another new patch, hopefully fixing the remaining issues we had w/
395     2.6.22. Candidate for stabling.
396 phreak 1.191
397     *hardened-sources-2.6.23 (13 Oct 2007)
398    
399     13 Oct 2007; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.23.ebuild:
401     Initial hardened-sources-2.6.23. If people still have problems w/ bug
402     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
403 phreak 1.190
404     11 Oct 2007; Christian Heim <phreak@gentoo.org>
405     hardened-sources-2.6.20-r10.ebuild:
406     Pulling in yet another new genpatches version, fixing the PWC bug for real.
407 phreak 1.189
408     04 Oct 2007; Christian Heim <phreak@gentoo.org>
409     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
410     Removing old versions.
411 phreak 1.188
412     *hardened-sources-2.6.22-r7 (01 Oct 2007)
413    
414     01 Oct 2007; Christian Heim <phreak@gentoo.org>
415     +hardened-sources-2.6.22-r7.ebuild:
416     Revision bump, pulling in a newer patch. Should fix #194276.
417 phreak 1.187
418     30 Sep 2007; Christian Heim <phreak@gentoo.org>
419     hardened-sources-2.6.20-r10.ebuild:
420     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
421     Mike Doty).
422 phreak 1.186
423     *hardened-sources-2.6.22-r6 (26 Sep 2007)
424    
425     26 Sep 2007; Christian Heim <phreak@gentoo.org>
426     +hardened-sources-2.6.22-r6.ebuild:
427     Revision bump, grabbing up till Linux 2.6.22.9.
428 phreak 1.185
429     24 Sep 2007; Christian Heim <phreak@gentoo.org>
430     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
431     Cleaning up further.
432 phreak 1.184
433     *hardened-sources-2.6.20-r10 (24 Sep 2007)
434    
435     24 Sep 2007; Christian Heim <phreak@gentoo.org>
436     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
437     +hardened-sources-2.6.20-r10.ebuild:
438     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
439     revisions.
440 phreak 1.183
441     *hardened-sources-2.6.22-r5 (22 Sep 2007)
442    
443     22 Sep 2007; Christian Heim <phreak@gentoo.org>
444     +hardened-sources-2.6.22-r5.ebuild:
445     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
446 phreak 1.182
447     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
448     Removing johnm from metadata.xml (see #186467 for reference).
449 phreak 1.181
450     *hardened-sources-2.6.22-r4 (17 Sep 2007)
451    
452     17 Sep 2007; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.22-r4.ebuild:
454     Revision bump, hopefully fixing all those weird PAX failures.
455 phreak 1.180
456     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
457     Updating the metadata.xml.
458 phreak 1.179
459     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
460     Removing tocharian from metadata due to his retirement (see #71718 for
461     reference).
462 phreak 1.178
463     *hardened-sources-2.6.20-r9 (30 Aug 2007)
464    
465     30 Aug 2007; Christian Heim <phreak@gentoo.org>
466     +hardened-sources-2.6.20-r9.ebuild:
467     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
468 phreak 1.177
469     29 Aug 2007; Christian Heim <phreak@gentoo.org>
470     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
471     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
472     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
473     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
474     -hardened-sources-2.6.22-r2.ebuild:
475     Removing some redundant versions.
476 phreak 1.176
477     *hardened-sources-2.4.35-r1 (29 Aug 2007)
478    
479     29 Aug 2007; Christian Heim <phreak@gentoo.org>
480     +hardened-sources-2.4.35-r1.ebuild:
481     Revision bump, new grsecurity patch.
482 phreak 1.175
483     *hardened-sources-2.6.20-r8 (26 Aug 2007)
484    
485     26 Aug 2007; Christian Heim <phreak@gentoo.org>
486     +hardened-sources-2.6.20-r8.ebuild:
487     Revision bump for Linux 2.6.20.17.
488 phreak 1.174
489     *hardened-sources-2.6.22-r3 (22 Aug 2007)
490    
491     22 Aug 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.22-r3.ebuild:
493     Revision bump for Linux 2.6.22.4.
494 phreak 1.173
495     16 Aug 2007; Christian Heim <phreak@gentoo.org>
496     hardened-sources-2.6.22-r2.ebuild:
497     Updated patchset, to fix the alignment against 2.6.22.3.
498 phreak 1.172
499     *hardened-sources-2.6.22-r2 (16 Aug 2007)
500    
501     16 Aug 2007; Christian Heim <phreak@gentoo.org>
502     +hardened-sources-2.6.22-r2.ebuild:
503     Revision bump for Linux 2.6.22.3.
504 phreak 1.171
505     *hardened-sources-2.4.35 (16 Aug 2007)
506    
507     16 Aug 2007; Christian Heim <phreak@gentoo.org>
508     +hardened-sources-2.4.35.ebuild:
509     Version bump, initial version for Linux 2.4.35.
510 phreak 1.170
511     *hardened-sources-2.6.21-r4 (16 Aug 2007)
512    
513     16 Aug 2007; Christian Heim <phreak@gentoo.org>
514     +hardened-sources-2.6.21-r4.ebuild:
515     Revision bump for Linux 2.6.21.6.
516 phreak 1.169
517     *hardened-sources-2.6.20-r7 (16 Aug 2007)
518    
519     16 Aug 2007; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.20-r7.ebuild:
521     Revision bump for Linux 2.6.20.16.
522 phreak 1.168
523     *hardened-sources-2.6.22-r1 (13 Aug 2007)
524    
525     13 Aug 2007; Christian Heim <phreak@gentoo.org>
526     +hardened-sources-2.6.22-r1.ebuild:
527     Yet another revision bump.
528 phreak 1.167
529     *hardened-sources-2.6.22 (10 Aug 2007)
530    
531     10 Aug 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.22.ebuild:
533     Initial release for 2.6.22. If you are using hardened-sources on a desktop
534     machine (P4 or newer), be aware you might need to disable
535     CONFIG_PAX_PAGEEXEC.
536 phreak 1.166
537     04 Aug 2007; Christian Heim <phreak@gentoo.org>
538     hardened-sources-2.6.20-r6.ebuild:
539     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
540     2.6.20.15.
541 phreak 1.165
542     10 Jul 2007; Christian Heim <phreak@gentoo.org>
543     hardened-sources-2.6.20-r5.ebuild:
544     Marking hardened-sources-2.6.20-r5 stable on ppc.
545 phreak 1.164
546     10 Jul 2007; Christian Heim <phreak@gentoo.org>
547     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
548     Cleanup.
549 phreak 1.163
550     *hardened-sources-2.6.20-r6 (08 Jul 2007)
551    
552     08 Jul 2007; Christian Heim <phreak@gentoo.org>
553     +hardened-sources-2.6.20-r6.ebuild:
554     Revision bump, grabbing yet another stable release.
555 phreak 1.162
556     17 Jun 2007; Christian Heim <phreak@gentoo.org>
557     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
558     -hardened-sources-2.6.21-r2.ebuild:
559     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
560     alpha stable KEYWORD by mistake.
561 phreak 1.161
562     17 Jun 2007; Christian Heim <phreak@gentoo.org>
563     hardened-sources-2.6.20-r5.ebuild:
564     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
565     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
566 phreak 1.160
567     *hardened-sources-2.6.21-r3 (12 Jun 2007)
568    
569     12 Jun 2007; Christian Heim <phreak@gentoo.org>
570     +hardened-sources-2.6.21-r3.ebuild:
571     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
572     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
573     love.
574 phreak 1.159
575     *hardened-sources-2.6.20-r5 (11 Jun 2007)
576    
577     11 Jun 2007; Christian Heim <phreak@gentoo.org>
578     +hardened-sources-2.6.20-r5.ebuild:
579     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
580     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
581     love.
582 pappy 1.158
583     *hardened-sources-2.4.34.5 (11 Jun 2007)
584    
585     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
586     +hardened-sources-2.4.34.5.ebuild:
587     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
588 phreak 1.157
589     30 May 2007; Christian Heim <phreak@gentoo.org>
590     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
591     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
592     stale ebuild(s).
593 phreak 1.156
594     30 May 2007; Christian Heim <phreak@gentoo.org>
595     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
596     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
597     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
598     Doing some cleanups, remove stale ebuilds.
599 phreak 1.155
600     26 May 2007; Christian Heim <phreak@gentoo.org>
601     hardened-sources-2.6.21-r2.ebuild:
602     Fixing the grsecurity patch, had one '};' too much.
603 phreak 1.154
604     *hardened-sources-2.6.21-r2 (26 May 2007)
605    
606     26 May 2007; Christian Heim <phreak@gentoo.org>
607     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
608     +hardened-sources-2.6.21-r2.ebuild:
609     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
610     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
611 phreak 1.153
612     *hardened-sources-2.6.20-r4 (26 May 2007)
613    
614     26 May 2007; Christian Heim <phreak@gentoo.org>
615     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
616     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
617 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
618 phreak 1.152
619     15 May 2007; Christian Heim <phreak@gentoo.org>
620     hardened-sources-2.6.20-r3.ebuild:
621     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
622     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
623     grsecurity patch fail in that exact same hunk.
624 phreak 1.151
625     *hardened-sources-2.6.20-r3 (15 May 2007)
626    
627     15 May 2007; Christian Heim <phreak@gentoo.org>
628     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
629     Revision bump, incorporating Linux 2.6.20.11.
630    
631     *hardened-sources-2.6.21-r1 (11 May 2007)
632    
633     11 May 2007; Christian Heim <phreak@gentoo.org>
634     +hardened-sources-2.6.21-r1.ebuild:
635     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
636     mentioned in #177234.
637 kevquinn 1.150
638     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
639     files/digest-hardened-sources-2.6.21, Manifest:
640     Fix Manifest/digest for linux-2.6.21.tar.bz2
641 phreak 1.149
642     06 May 2007; Christian Heim <phreak@gentoo.org>
643     hardened-sources-2.6.21.ebuild:
644     Bumping the hardened-patches version, needed for the fix for #177234.
645 phreak 1.148
646     *hardened-sources-2.6.21 (02 May 2007)
647    
648     02 May 2007; Christian Heim <phreak@gentoo.org>
649     +hardened-sources-2.6.21.ebuild:
650     Version bump, Linux 2.6.21-hardened.
651 phreak 1.147
652     29 Apr 2007; Christian Heim <phreak@gentoo.org>
653     hardened-sources-2.6.20-r2.ebuild:
654     Adding ~ia64 on Ned's request.
655 phreak 1.146
656     29 Apr 2007; Christian Heim <phreak@gentoo.org>
657     hardened-sources-2.6.20-r2.ebuild:
658     Fixing the included grsecurity patch, wasn't alligning due to the Index:
659     header line(s).
660 phreak 1.145
661     29 Apr 2007; Christian Heim <phreak@gentoo.org>
662     hardened-sources-2.6.20-r2.ebuild:
663     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
664 armin76 1.144
665     *hardened-sources-2.6.20-r2 (10 Apr 2007)
666    
667     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
668     +hardened-sources-2.6.20-r2.ebuild:
669     Version bump, on behalf of phreak
670 phreak 1.143
671     *hardened-sources-2.6.20-r1 (04 Apr 2007)
672    
673     04 Apr 2007; Christian Heim <phreak@gentoo.org>
674     +hardened-sources-2.6.20-r1.ebuild:
675     Revision bump, grabbing a newer grsecurity snapshot.
676 phreak 1.142
677     *hardened-sources-2.6.20 (25 Mar 2007)
678    
679     25 Mar 2007; Christian Heim <phreak@gentoo.org>
680     +hardened-sources-2.6.20.ebuild:
681     Finally a hardened-sources version for 2.6.20; many people have been waiting
682     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
683     testbox.
684 chainsaw 1.141
685     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
686     hardened-sources-2.6.18-r6.ebuild:
687     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
688 phreak 1.140
689     *hardened-sources-2.6.18-r6 (16 Mar 2007)
690    
691     16 Mar 2007; Christian Heim <phreak@gentoo.org>
692     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
693     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
694     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
695     supposed to be.
696 phreak 1.139
697     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
698     Fixing the Manifest, the previous one was broken (as in still had the
699     deleted ebuild in it).
700 phreak 1.138
701     06 Mar 2007; Christian Heim <phreak@gentoo.org>
702     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
703     +hardened-sources-2.6.18-r5.ebuild:
704     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
705     Linux 2.6.18.8. Also cleaning up the older version.
706    
707     *hardened-sources-2.6.18-r5 (06 Mar 2007)
708    
709     06 Mar 2007; Christian Heim <phreak@gentoo.org>
710     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
711     +hardened-sources-2.6.18-r5.ebuild:
712     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
713     Linux 2.6.18.8. Also cleaning up the older version.
714 phreak 1.137
715     24 Feb 2007; Christian Heim <phreak@gentoo.org>
716     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
717     -hardened-sources-2.6.19-r5.ebuild:
718     Removing some of the old version, that didn't work.
719 phreak 1.136
720     *hardened-sources-2.6.19-r6 (12 Feb 2007)
721    
722     12 Feb 2007; Christian Heim <phreak@gentoo.org>
723     +hardened-sources-2.6.19-r6.ebuild:
724     Revision bump, including a new grsec version fixing #166235.
725 pappy 1.134
726     *hardened-sources-2.4.34 (24 Jan 2007)
727    
728     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
729 pappy 1.135 Manifest:
730     updating Manifest with checksums of new tarball and ebuild
731    
732     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
733 pappy 1.134 +hardened-sources-2.4.34.ebuild:
734     I added new hardened sources 2.4 update, this is a critical path
735     security bugfix - all users of h-s are strongly advised
736     to update their existing hardened sources to this version.
737     It contains a fix for a kernel vulnerability that is pertaining
738     to the PaX changes to virtual memory management, possibly leading
739     to a local kernel exploit ... see grsecurity.net forums and homepage
740 phreak 1.133
741     23 Jan 2007; Christian Heim <phreak@gentoo.org>
742     files/digest-hardened-sources-2.6.19-r5, Manifest:
743     Fixing the patch-tarball digest.
744 phreak 1.132
745     *hardened-sources-2.6.19-r5 (23 Jan 2007)
746    
747     23 Jan 2007; Christian Heim <phreak@gentoo.org>
748     +hardened-sources-2.6.19-r5.ebuild:
749     Revision bump, closing the recently discovered PaX expand_stack()
750     vulnerability.
751 phreak 1.131
752     *hardened-sources-2.6.19-r4 (14 Jan 2007)
753    
754     14 Jan 2007; Christian Heim <phreak@gentoo.org>
755     +hardened-sources-2.6.19-r4.ebuild:
756     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
757     dropping the randomized PID feature.
758 opfer 1.130
759     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
760     hardened-sources-2.4.33.4.ebuild:
761     stable x86, bug #161171
762 phreak 1.129
763     *hardened-sources-2.6.19-r3 (27 Dec 2006)
764    
765     27 Dec 2006; Christian Heim <phreak@gentoo.org>
766     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
767     Revision bump for bug #157186 and #158786.
768 phreak 1.128
769     *hardened-sources-2.6.18-r4 (27 Dec 2006)
770    
771     27 Dec 2006; Christian Heim <phreak@gentoo.org>
772     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
773     Revision bump for bug #157186.
774 phreak 1.127
775     *hardened-sources-2.6.19-r2 (23 Dec 2006)
776    
777     23 Dec 2006; Christian Heim <phreak@gentoo.org>
778     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
779     Revision bump to pull in genpatches-2.6.19-3 for #157186.
780 phreak 1.126
781     17 Dec 2006; Christian Heim <phreak@gentoo.org>
782     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
783     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
784     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
785     hardened-sources-2.6.19-r1.ebuild:
786     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
787     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
788 pappy 1.125
789     *hardened-sources-2.4.33.4 (17 Dec 2006)
790    
791     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
792     +hardened-sources-2.4.33.4.ebuild:
793     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
794     and quilting
795 phreak 1.124
796     *hardened-sources-2.6.19-r1 (14 Dec 2006)
797    
798     14 Dec 2006; Christian Heim <phreak@gentoo.org>
799     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
800     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
801     for reporting).
802 phreak 1.123
803     *hardened-sources-2.6.19 (13 Dec 2006)
804    
805     13 Dec 2006; Christian Heim <phreak@gentoo.org>
806     +hardened-sources-2.6.19.ebuild:
807     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
808     Brad for providing that prompt update.
809 phreak 1.122
810     *hardened-sources-2.6.18-r3 (13 Dec 2006)
811    
812     13 Dec 2006; Christian Heim <phreak@gentoo.org>
813     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
814     +hardened-sources-2.6.18-r3.ebuild:
815     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
816     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
817 phreak 1.121
818     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
819     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
820 nixnut 1.120
821     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
822     Stable on ppc wrt bug 157356
823 opfer 1.119
824     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
825     hardened-sources-2.6.18.ebuild:
826     stable x86, bug #157356
827 phreak 1.118
828     *hardened-sources-2.6.18-r2 (06 Dec 2006)
829    
830     06 Dec 2006; Christian Heim <phreak@gentoo.org>
831     +hardened-sources-2.6.18-r2.ebuild:
832     Revision bump, including 2.6.18.5 (via genpatches) and
833     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
834     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
835     redesign.
836 phreak 1.117
837     06 Dec 2006; Christian Heim <phreak@gentoo.org>
838     hardened-sources-2.6.18.ebuild:
839     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
840     of Mike Doty).
841 phreak 1.116
842     *hardened-sources-2.6.18-r1 (23 Nov 2006)
843    
844     23 Nov 2006; Christian Heim <phreak@gentoo.org>
845     +hardened-sources-2.6.18-r1.ebuild:
846     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
847 phreak 1.115
848     *hardened-sources-2.6.18 (11 Nov 2006)
849    
850     11 Nov 2006; Christian Heim <phreak@gentoo.org>
851     +hardened-sources-2.6.18.ebuild:
852     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
853 solar 1.114
854     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
855     - mark amd64 stable also. bug #151877
856 solar 1.113
857     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
858     - mark 2.6.17-r1 stable
859 phreak 1.112
860     27 Aug 2006; Christian Heim <phreak@gentoo.org>
861     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
862     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
863 phreak 1.111
864     *hardened-sources-2.6.17-r1 (26 Aug 2006)
865    
866     26 Aug 2006; Christian Heim <phreak@gentoo.org>
867     +hardened-sources-2.6.17-r1.ebuild:
868     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
869     grsecurity patch.
870 phreak 1.110
871     *hardened-sources-2.6.17 (17 Aug 2006)
872    
873     17 Aug 2006; Christian Heim <phreak@gentoo.org>
874     +hardened-sources-2.6.17.ebuild:
875     Bumping the hardened-sources-2.6 series to 2.6.17, using
876     genpatches-2.6.17-6.base.
877 solar 1.109
878     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
879     - stable on x86 and amd64
880 solar 1.108
881     *hardened-sources-2.6.16-r11 (15 Jul 2006)
882    
883     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
884     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
885     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
886     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
887     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
888     crusty ebuilds
889 johnm 1.107
890     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
891     hardened-sources-2.6.16-r10.ebuild:
892     marking stable on x86 and amd64
893 solar 1.106
894     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
895     - 2.4.32-r6 stable on x86. RSBAC state unknown
896 kang 1.105
897     *hardened-sources-2.4.32-r7 (10 Jul 2006)
898    
899     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
900     +hardened-sources-2.4.32-r7.ebuild:
901     Bump PaX for RSBAC to test-17
902 johnm 1.104
903     *hardened-sources-2.6.16-r9 (03 Jul 2006)
904    
905     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
906     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
907     hardened-sources-2.6.16 bump to latest -base.
908 solar 1.103
909     *hardened-sources-2.4.32-r6 (30 Jun 2006)
910    
911     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
912     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
913     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
914     sysctl controlable resource logging
915 johnm 1.102
916     *hardened-sources-2.6.16-r7 (05 Jun 2006)
917    
918     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
919     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
920     push new 2.6.16 release in preparation for stable
921 solar 1.101
922     22 May 2006; <solar@gentoo.org> :
923     - redigest bug 134002
924 kang 1.100
925     *hardened-sources-2.4.32-r5 (16 May 2006)
926    
927     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
928     +hardened-sources-2.4.32-r5.ebuild:
929     Fixes rsbac common patching (new patch in new -r5 patchset)
930 solar 1.99
931     *hardened-sources-2.4.32-r4 (13 May 2006)
932    
933     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
934     +hardened-sources-2.4.32-r4.ebuild:
935     - security bumps
936 johnm 1.98
937     *hardened-sources-2.6.16-r6 (03 May 2006)
938    
939     03 May 2006; John Mylchreest <johnm@gentoo.org>
940     +hardened-sources-2.6.16-r6.ebuild:
941     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
942 johnm 1.97
943     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
944     hardened-sources-2.6.14-r8.ebuild:
945     fix x86_64 build problem, this will delay the digest issue again for a short
946     while but it will sort itself out
947 johnm 1.96
948     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
949     hardened-sources-2.6.14-r8.ebuild:
950     bump hardened patchset
951 antarus 1.94
952     27 Apr 2006; Alec Warner <antarus@gentoo.org>
953     files/digest-hardened-sources-2.4.32-r2,
954     files/digest-hardened-sources-2.4.32-r3,
955     files/digest-hardened-sources-2.6.14-r8, Manifest:
956     Fixing duff SHA256 digests: Bug # 131293
957 johnm 1.93
958 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
959    
960     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
961     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
962     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
963     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
964     cleanup of old uneccessary sources
965    
966 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
967     fix digest
968 johnm 1.92
969     *hardened-sources-2.6.14-r8 (20 Apr 2006)
970    
971     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
972     +hardened-sources-2.6.14-r8.ebuild:
973     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
974 johnm 1.91
975     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
976     Turning on gpg-signing again, and recomitting
977 johnm 1.90
978     *hardened-sources-2.6.16-r4 (20 Apr 2006)
979    
980     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
981     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
982     +hardened-sources-2.6.16-r4.ebuild:
983     Fix numerous security vulns
984 solar 1.89
985     *hardened-sources-2.4.32-r3 (16 Apr 2006)
986    
987     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
988     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
989     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
990     - security bump for bug #112791. Removed old ebuilds
991 johnm 1.88
992     *hardened-sources-2.6.16-r3 (15 Apr 2006)
993    
994     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
995     +hardened-sources-2.6.16-r3.ebuild:
996     Removing silly localversion which I missed
997 johnm 1.87
998     *hardened-sources-2.6.14-r7 (14 Apr 2006)
999    
1000     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1001     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1002     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1003 johnm 1.86
1004     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1005    
1006     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1007     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1008     +hardened-sources-2.6.16-r2.ebuild:
1009     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1010     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1011 johnm 1.85
1012     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1013    
1014     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1015     +hardened-sources-2.6.16-r1.ebuild:
1016     Bumping to include ppc build fix and 2.6.16.3
1017 tsunam 1.84
1018     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1019     hardened-sources-2.6.14-r6.ebuild:
1020     Stable on x86; bug #127718
1021 johnm 1.83
1022     *hardened-sources-2.6.16 (31 Mar 2006)
1023    
1024     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1025     +hardened-sources-2.6.16.ebuild:
1026     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1027     2.6.16.1
1028 cryos 1.82
1029     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1030     hardened-sources-2.6.14-r6.ebuild:
1031     Stable on amd64, bug 127718.
1032 nixnut 1.81
1033     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1034     Stable on ppc. Bug #127718
1035 johnm 1.80
1036     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1037     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1038     -hardened-sources-2.6.14-r4.ebuild:
1039     Cleanup.
1040 johnm 1.79
1041     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1042    
1043     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1044     +hardened-sources-2.6.14-r6.ebuild:
1045     Fixes grsec policy recreation bug and adds a
1046     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1047 solar 1.78
1048     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1049     - stable on x86
1050 hansmi 1.77
1051     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1052     hardened-sources-2.6.14-r5.ebuild:
1053     Stable on ppc.
1054 johnm 1.76
1055     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1056    
1057     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1058     +hardened-sources-2.6.14-r5.ebuild:
1059     fixing every known exploit
1060 solar 1.75
1061     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1062    
1063     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1064     +hardened-sources-2.4.32-r2.ebuild:
1065     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1066 solar 1.74
1067     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1068    
1069     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1070     - version bump for new genpatches which fix up a few sec holes
1071 solar 1.73
1072     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1073    
1074     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1075     - revision bump to add misc vital linux kernel security patches.
1076 johnm 1.72
1077     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1078    
1079     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1080     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1081     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1082 johnm 1.71
1083     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1084     hardened-sources-2.6.14-r2.ebuild:
1085     making x86 & amd64 stable following testing.
1086 johnm 1.70
1087     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1088    
1089     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1090     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1091     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1092     network hooks.
1093 johnm 1.69
1094     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1095     hardened-sources-2.6.14-r1.ebuild:
1096     bumping to stable early for sec fix on x86 & amd64
1097 johnm 1.68
1098     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1099    
1100     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1101     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1102     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1103 solar 1.67
1104     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1105     - stable on x86 security bug #114227 CAN-2005-3257
1106 kang 1.66
1107     *hardened-sources-2.4.32 (19 Nov 2005)
1108    
1109     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1110     +hardened-sources-2.4.32.ebuild:
1111     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1112     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1113     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1114     rsbac >> /etc/portage/package.use)
1115 johnm 1.65
1116     *hardened-sources-2.6.14 (14 Nov 2005)
1117    
1118     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1119     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1120     Bumping 2.6 series to 2.6.14.2
1121 johnm 1.64
1122     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1123    
1124     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1125     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1126     +hardened-sources-2.6.13-r2.ebuild:
1127     Fixes minor build error in ppc.
1128 johnm 1.63
1129     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1130    
1131     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1132     +hardened-sources-2.6.13-r1.ebuild:
1133     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1134     2.6.13.4, fixes some major amd64 stability problems.
1135 johnm 1.62
1136     *hardened-sources-2.6.13 (16 Sep 2005)
1137    
1138     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1139     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1140     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1141     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1142     users should test this thoroughly.
1143 solar 1.61
1144     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1145     - stable on x86
1146 johnm 1.60
1147     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1148    
1149     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1150     +hardened-sources-2.6.11-r15.ebuild:
1151     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1152     grsec redefining curr_ip struct.
1153 solar 1.59
1154     *hardened-sources-2.4.31 (20 Jun 2005)
1155    
1156     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1157     initial import of 2.4.31 tree
1158 johnm 1.58
1159     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1160    
1161     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1162     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1163     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1164     naming scheme to abide by genpatches
1165 johnm 1.57
1166     *hardened-sources-2.6.11-r13 (18 May 2005)
1167    
1168     18 May 2005; John Mylchreest <johnm@gentoo.org>
1169     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1170     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1171     target. sorry about that. Fixes bug #93022
1172 johnm 1.56
1173     *hardened-sources-2.6.11-r12 (17 May 2005)
1174    
1175     17 May 2005; John Mylchreest <johnm@gentoo.org>
1176     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1177     +hardened-sources-2.6.11-r12.ebuild:
1178     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1179     merges in genpatches-base
1180 johnm 1.55
1181     *hardened-sources-2.6.11-r12 (17 May 2005)
1182    
1183     17 May 2005; John Mylchreest <johnm@gentoo.org>
1184     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1185     +hardened-sources-2.6.11-r12.ebuild:
1186     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1187     merges in genpatches-base
1188 solar 1.54
1189     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1190     -files/2.4.27-cmdline-race.patch,
1191     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1192     -files/2.4.28-grsec-binfmt_a.out.patch,
1193     -files/2.4.28-grsec-cmdline-race.patch,
1194     -files/2.4.28-selinux-binfmt_a.out.patch,
1195     -files/2.4.28-selinux-cmdline-race.patch,
1196     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1197     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1198     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1199     cleanup..
1200 solar 1.53
1201     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1202    
1203     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1204     - disable aout by default
1205 solar 1.52
1206     *hardened-sources-2.4.30 (18 Apr 2005)
1207    
1208     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1209     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1210     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1211     use
1212 tocharian 1.50
1213 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1214    
1215     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1216     +hardened-sources-2.4.29.ebuild:
1217     New hardened-patches-2.4-29.0 patchball.
1218     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1219    
1220     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1221    
1222     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1223     +hardened-sources-2.4.28-r5.ebuild:
1224     Added a fix for a PaX vulnerability.
1225    
1226     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1227 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1228     Stable on x86
1229 solar 1.49
1230     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1231     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1232     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1233     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1234     - fixed/added RDEPEND= in all kernel-2 ebuilds
1235 tocharian 1.48
1236     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1237    
1238     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1239     +hardened-sources-2.4.28-r4.ebuild:
1240     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1241     backport of neighbour hash updates.
1242 tocharian 1.47
1243     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1244     hardened-sources-2.4.28-r3.ebuild:
1245     Stable on x86
1246 tseng 1.46
1247     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1248    
1249     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1250     +hardened-sources-2.6.10-r3.ebuild:
1251     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1252     in 2005.0
1253 tocharian 1.45
1254     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1255     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1256     hardened-sources-2.4.28-r2.ebuild:
1257     Mark stable on x86
1258 tocharian 1.44
1259     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1260    
1261     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1262     +hardened-sources-2.4.28-r3.ebuild:
1263     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1264 tocharian 1.43
1265     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1266     hardened-sources-2.4.28.ebuild:
1267     Mark stable on x86.
1268 tocharian 1.42
1269     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1270    
1271     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1272     +hardened-sources-2.4.28-r2.ebuild:
1273     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1274     Mazinger for grsecurity patches as well.
1275 plasmaroo 1.41
1276     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1277    
1278     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1279     Security bump. Thank tocharian for rolling a new patchset...
1280 solar 1.40
1281     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1282     +files/2.4.28-grsec-cmdline-race.patch,
1283     +files/2.4.28-selinux-binfmt_a.out.patch,
1284     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1285     - Round up remaining security patches that appear to be missing in 2.4.28. -
1286     PaX standalone updated to current. hgpv=28.1
1287 solar 1.39
1288     *hardened-sources-2.4.28 (28 Nov 2004)
1289    
1290     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1291     security bump. Thank tocharian for rolling a new patchset
1292 scox 1.31
1293 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1294    
1295     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1296     +hardened-sources-2.4.27-r3.ebuild:
1297     Applies the new 2.4-27.2 patchball which updates
1298     GRSecurity to the 2.0.1 version.
1299    
1300 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1301    
1302     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1303     +hardened-sources-2.4.27-r2.ebuild:
1304     Version bump.
1305     This version uses the new 2.4-27.1 patchball which updates
1306     both the SELinux PaX hooks patch and the SELinux headers.
1307    
1308 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1309    
1310     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1311     +hardened-sources-2.4.27-r1.ebuild,
1312     -hardened-sources-2.4.27.ebuild,
1313     +files/2.4.27-cmdline-race.patch:
1314     Version bump, fix for cmdline race. See bug #59905.
1315    
1316     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1317    
1318     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1319     +hardened-sources-2.4.26-r6.ebuild,
1320     -hardened-sources-2.4.26-r5.ebuild,
1321     -hardened-sources-2.4.26-r4.ebuild,
1322     +files/2.4.26-cmdline-race.patch:
1323     Version bump, fix for cmdline race. See bug #59905.
1324    
1325 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1326    
1327     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1328     +hardened-sources-2.4.27.ebuild,
1329     +files/2.4.27-CAN-2004-0394.patch:
1330     Ported the patchball to the 2.4.27 kernel version.
1331    
1332 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1333    
1334     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1335     +hardened-sources-2.4.26-r5.ebuild:
1336 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1337 scox 1.34 It adds the following features:
1338     - Squashfs
1339     - Ebtables
1340     - Netdev random (core+drivers)
1341     - Watchdog Timer (WDT) fix.
1342    
1343 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1344    
1345     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1346     +hardened-sources-2.4.26-r4.ebuild,
1347     +files/2.4.26-CAN-2004-0415.patch,
1348     -hardened-sources-2.4.26-3:
1349     Version bump, fix for CAN 0415, see bug #59378.
1350    
1351 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1352    
1353     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1354     +hardened-sources-2.4.26-r3.ebuild,
1355     +files/2.4.26-CAN-2004-0497.patch,
1356     -hardened-sources-2.4.26-r2.ebuild:
1357     Version bump, fixed CAN 0497, see bug #56171.
1358    
1359 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1360    
1361     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1362 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1363 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1364     +files/2.4.26-CAN-2004-0535.patch,
1365     -hardened-sources-2.4.26-r1.ebuild:
1366     Fixes for both CAN 0495 and 0535, see bug #54976
1367 pvdabeel 1.27
1368 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1369     hardened-sources-2.4.26-r1.ebuild:
1370     QA - fix use invocation
1371 scox 1.28
1372     *hardened-sources-2.4.26-r1 (22 June 2004)
1373    
1374     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1375     +hardened-sources-2.4.26-r1.ebuild,
1376     +files/2.4.26-CAN-2004-0394.patch,
1377     +files/2.4.26-signal-race.patch,
1378     -hardened-sources-2.4.26.ebuild,
1379     -hardened-sources-2.4.24-r3.ebuild:
1380     Version bump for the CAN-2004-0394 issue and bug #53804
1381     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1382    
1383    
1384 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1385     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1386     Masked hardened-sources-2.4.26.ebuild broken for ppc
1387    
1388     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1389     hardened-sources-2.4.24-r3.ebuild:
1390     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1391 plasmaroo 1.25
1392 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1393    
1394     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1395     +hardened-sources-2.4.26.ebuild:
1396     Updated hardened-sources for the 2.4.26 kernel
1397     Removed broken components, updated almost everything.
1398    
1399 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1400    
1401     17 Apr 2004; <plasmaroo@gentoo.org>
1402     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1403     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1404     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1405     +hardened-sources-2.4.24-r3.ebuild:
1406     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1407     vulnerabilities. Old revisions removed.
1408 plasmaroo 1.24
1409     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1410    
1411     15 Apr 2004; <plasmaroo@gentoo.org>
1412     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1413     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1414     Version bump for the CAN-2004-0109 issue; bug #47881.
1415 aliz 1.23
1416     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1417     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1418     Add eutils to inherit.
1419 plasmaroo 1.22
1420     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1421    
1422     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1423     files/hardened-sources-2.4.24.munmap.patch:
1424     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1425 scox 1.19
1426 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1427 scox 1.26
1428 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1429     hardened-sources-2.4.24.ebuild:
1430     Version bump, updated most of the components.
1431     This release includes the following:
1432    
1433     - Hardened security
1434     - Netfilter patch-o-matic 20031219
1435     - FreeSWAN 2.04 & x509 1.4.8
1436     - EVMS 2.2.2
1437     - XFS 1.3.1
1438     - cryptoloop jari
1439     - grsecurity 2.0-rc4
1440     - SELinux
1441     - PaX 200402060000
1442     - PaX Obscurity 200308302223
1443     - Others...
1444    
1445     Neither -ck nor systrace are included anymore.
1446    
1447 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1448    
1449     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1450     hardened-sources-2.4.22-r2.ebuild:
1451 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1452 scox 1.19
1453     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1454 iggy 1.17
1455     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1456 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1457 iggy 1.16
1458     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1459 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1460     Version bump for the 'do_brk' vulnerability.
1461 iggy 1.15
1462     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1463     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1464     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1465     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1466 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1467 frogger 1.14
1468     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1469     hardened-sources-2.4.22.ebuild:
1470 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1471     components. These are no longer handled in the kernel
1472     so this code was not necessary.
1473 frogger 1.13
1474     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1475     New 2.4.22 based hardened-sources thanks to
1476     Phil West <p.west@computer.org>.
1477    
1478     These sources include:
1479 plasmaroo 1.18 - New SELinux API
1480     - Updated CK-base
1481     - Updated GRSec
1482     - Systrace
1483     - SuperFreeS/WAN 1.99.8
1484     - Propolice kernel build support
1485     - EVMS
1486     - Other various security related patches
1487 frogger 1.11
1488 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1489    
1490     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1491     Updated hardened-sources based on the 2.4.21 Linux kernel.
1492     This includes updates to most major components such as:
1493 plasmaroo 1.18 - ck-base-0306300059
1494     - selinux-2.4-2003071106
1495     - grsecurity-2.0-rc1
1496     - Updated IPTables patch-o-matic
1497     - Updated SuperFreeS/WAN
1498    
1499 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1500     updated patch set ready for the 2.4.21 based kernel.
1501    
1502 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1503     Initial import of hardened-sources-2.4.20-r4. This revision
1504     includes only a few changes, but one of these is an important
1505     security fix. It is recommended all users of hardened-sources
1506     upgrade to this release.
1507 plasmaroo 1.18
1508 frogger 1.11 - ioperm bug fix
1509     - fixed compilation failure when building without GRSec
1510 plasmaroo 1.18
1511 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1512     due to time constraints, but is planned for inclusion in the near
1513     future.
1514 msterret 1.10
1515     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1516    
1517     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1518     hardened-sources-2.4.20-r3.ebuild:
1519 plasmaroo 1.18 Add Header...
1520 frogger 1.9
1521     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1522     hardened-sources-2.4.20-r3.ebuild:
1523     Removed warnings from ebuild. This kernel should be safe to
1524     use at this point.
1525 frogger 1.8
1526     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1527    
1528     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1529     hardened-sources-2.4.20-r3.ebuild:
1530     New revision. Includes the following changes over -r2:
1531 plasmaroo 1.18
1532 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1533     - Super FreeS/WAN 1.99.7rc2
1534     - PaX for the LSM/SELinux branch
1535     - GRSecurity 2.0-pre4 (role based access control)
1536     - Systrace 1.3
1537     - EXT3 fixes
1538     - EVMS 2.0.1
1539     - GCC 3.1+ compile optimizations
1540     - ProPolice kernel build support
1541     - Hashing table security fixes
1542 frogger 1.3
1543     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1544 frogger 1.7
1545     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1546     Initial import of hardened-sources-r2. This new
1547     ebuild includes many new performance and security
1548     related patches. As in -r1, it will patch in
1549     LSM/SELinux if "selinux" is in USE, otherwise it
1550     will patch in GRSecurity. The following patches
1551     are included in this revision:
1552 plasmaroo 1.18
1553 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1554     (pulled from the base CK patch)
1555     - ptrace exploit patch for the LSM kernel
1556     (the GRSec patch already fixes this)
1557     - LSM 2.4-2003040709
1558     - SELinux 2.4-2003040709
1559     - Systrace v1.2
1560     - IPTables patch-o-matic base patches - 20030107
1561     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1562     - Super FreeS/WAN 1.99.6.1
1563     - GRSecurity 1.9.9g
1564     - MPPE
1565     - EXT3 data journal fix
1566     - CIPE 1.5.4
1567 frogger 1.6
1568     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1569     hardened-sources-2.4.20-r1.ebuild, manifest:
1570 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1571 frogger 1.5
1572     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1573     hardened-sources-2.4.20-r1.ebuild:
1574     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1575     is patched in instead. Ptrace patches for selinux have also been added. In
1576     either case, systrace support will be patched in as well.
1577 frogger 1.3
1578     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1579     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1580 plasmaroo 1.18 Revision bump for new sources.
1581 frogger 1.4
1582 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1583 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1584 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1585 method 1.1
1586 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1587    
1588 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1589     hardened-sources-2.4.20.ebuild:
1590 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20