/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.261 - (hide annotations) (download)
Mon Nov 24 01:48:00 2008 UTC (5 years, 10 months ago) by gengor
Branch: MAIN
Changes since 1.260: +5 -1 lines
Remove 2.6.27/2.6.27-r1 - broken on ARCHes != x86/amd64
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.261 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.260 2008/11/24 01:35:38 gengor Exp $
4    
5     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
6     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
7     Remove versions broken on ARCHes != x86/amd64.
8 gengor 1.260
9     *hardened-sources-2.6.27-r2 (24 Nov 2008)
10    
11     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
12     +hardened-sources-2.6.27-r2.ebuild:
13     Bump to Linux 2.6.27.7 and latest grsecurity patch.
14 gengor 1.259
15     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
16     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
17     Remove old versions.
18 gengor 1.258
19     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
20     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
21     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
22 nixnut 1.257
23     16 Nov 2008; nixnut <nixnut@gentoo.org>
24     hardened-sources-2.6.25-r10.ebuild:
25     Stable on ppc
26 gengor 1.256
27     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
28     hardened-sources-2.6.25-r10.ebuild:
29     Stable amd64/x86.
30 gengor 1.255
31     *hardened-sources-2.6.26-r6 (12 Nov 2008)
32    
33     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
34     +hardened-sources-2.6.26-r6.ebuild:
35     Bump to Linux 2.6.26.8 and fix security bug #245650.
36 gengor 1.254
37     *hardened-sources-2.6.25-r10 (12 Nov 2008)
38    
39     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
40     +hardened-sources-2.6.25-r10.ebuild:
41     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
42 gengor 1.253
43     *hardened-sources-2.6.27-r1 (09 Nov 2008)
44    
45     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
46     +hardened-sources-2.6.27-r1.ebuild:
47     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
48 gengor 1.252
49     *hardened-sources-2.6.27 (04 Nov 2008)
50    
51     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
52     +hardened-sources-2.6.27.ebuild:
53     Initial 2.6.27 release.
54 gengor 1.251
55     *hardened-sources-2.6.26-r5 (03 Nov 2008)
56    
57     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
58     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
59     +hardened-sources-2.6.26-r5.ebuild:
60     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
61     Clean out some old versions.
62 nixnut 1.250
63     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
64     Stable on ppc
65 gengor 1.249
66     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
67     hardened-sources-2.6.25-r9.ebuild:
68     Stable on amd64/x86.
69 gengor 1.248
70     *hardened-sources-2.6.25-r9 (26 Oct 2008)
71    
72     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
73     +hardened-sources-2.6.25-r9.ebuild:
74     Update to Linux 2.6.25.19
75 nixnut 1.247
76     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
77     Stable on ppc
78 gengor 1.246
79     *hardened-sources-2.6.26-r4 (14 Oct 2008)
80    
81     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
82     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
83     Update to latest grsecurity patch, fixing building of non-modular kernels.
84 gengor 1.245
85     *hardened-sources-2.6.26-r3 (12 Oct 2008)
86    
87     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
88     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
89     +hardened-sources-2.6.26-r3.ebuild:
90     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
91     2.6.26-r1: Removed.
92     2.6.25-r8: Stable amd64/x86.
93 gengor 1.244
94     *hardened-sources-2.6.25-r8 (09 Oct 2008)
95    
96     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
97     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
98     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
99     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
100 nixnut 1.243
101     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
102     Stable on ppc
103 gengor 1.242
104     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
105     hardened-sources-2.6.25-r7.ebuild:
106     Stable amd64/x86.
107 gengor 1.241
108     *hardened-sources-2.6.26-r2 (13 Sep 2008)
109    
110     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
111     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
112     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
113     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
114 gengor 1.240
115     *hardened-sources-2.6.25-r7 (13 Sep 2008)
116    
117     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
118     +hardened-sources-2.6.25-r7.ebuild:
119     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
120 gengor 1.239
121     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
122     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
123     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
124     hardened-sources-2.6.26-r1.ebuild:
125     Update DESCRIPTION and HGPV_URI.
126 gengor 1.238
127     *hardened-sources-2.6.25-r6 (09 Sep 2008)
128    
129     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
130     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
131     2.6.25-r6: Update to Linux 2.6.25.17.
132     2.6.24-r3: Removed.
133 gengor 1.237
134     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
135     hardened-sources-2.6.25-r5.ebuild:
136     Stable on amd64/x86
137 gengor 1.236
138     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
139     Update my email address.
140 nixnut 1.235
141     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
142     stable on ppc
143 battousai 1.234
144     *hardened-sources-2.6.26-r1 (23 Aug 2008)
145     *hardened-sources-2.6.25-r5 (23 Aug 2008)
146    
147     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
148     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
149     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
150     +hardened-sources-2.6.26-r1.ebuild:
151     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
152     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
153     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
154     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
155     (gengor).
156 solar 1.233
157     *hardened-sources-2.6.26 (18 Aug 2008)
158     *hardened-sources-2.6.25-r4 (18 Aug 2008)
159    
160     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
161     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
162     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
163     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
164     2.6.25-r2: Removed.
165 tove 1.232
166     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
167     Remove phreak from metadata.xml (#96398)
168 solar 1.231
169     *hardened-sources-2.6.25-r3 (31 Jul 2008)
170    
171     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
172     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
173     +hardened-sources-2.6.25-r3.ebuild:
174     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
175     fixes, including security bug #231750.
176 nixnut 1.230
177     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
178     Stable on ppc
179 solar 1.229
180     *hardened-sources-2.6.25-r2 (05 Jul 2008)
181    
182     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
183     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
184     +hardened-sources-2.6.25-r2.ebuild:
185     2.6.23-r4: Stable x86/amd64
186     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
187     2.6.23-r{11,12}: Removed due to multiple vulns.
188     (gengor & kerframil)
189 nixnut 1.228
190     04 Jul 2008; nixnut <nixnut@gentoo.org>
191     hardened-sources-2.6.23-r13.ebuild:
192     Stable on ppc
193 solar 1.227
194     *hardened-sources-2.6.25-r1 (30 Jun 2008)
195    
196     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
197     +hardened-sources-2.6.25-r1.ebuild:
198     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
199     grsecurity release. 2.6.23-r13: x86/amd64 stable
200 solar 1.226
201     *hardened-sources-2.6.25 (17 Jun 2008)
202     *hardened-sources-2.6.24-r3 (17 Jun 2008)
203     *hardened-sources-2.6.23-r13 (17 Jun 2008)
204    
205     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
206     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
207     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
208     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
209     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
210     2.6.25: Initial 2.6.25 release.
211 solar 1.225
212     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
213     - fasttrack to stable x86/amd64
214 swegener 1.224
215     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
216     Fix broken digest for linux-2.6.24.tar.bz2.
217 solar 1.223
218     *hardened-sources-2.6.24-r2 (11 May 2008)
219     *hardened-sources-2.6.23-r12 (11 May 2008)
220    
221     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
222     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
223     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
224     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
225     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
226     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
227     security bugs 219901, 220691, 220975, 220979, 221123. New
228     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
229     should be removed as far as I'm concerned, everything else remove due to
230     vulnerable to numerous security bugs or brokeness.
231 nixnut 1.222
232     10 May 2008; nixnut <nixnut@gentoo.org>
233     hardened-sources-2.6.23-r11.ebuild:
234     Stable on ppc
235 solar 1.221
236     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
237     - -r11 stable on x86/amd64
238 solar 1.220
239     *hardened-sources-2.6.23-r11 (01 May 2008)
240    
241     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
242     - version bump to fix ulgy linux bugs
243 phreak 1.219
244     *hardened-sources-2.6.24-r1 (30 Apr 2008)
245    
246     30 Apr 2008; Christian Heim <phreak@gentoo.org>
247     +hardened-sources-2.6.24-r1.ebuild:
248     Revision bump (thanks to Kerin and Gordon, again), pulling
249     genpatches-2.6.24-7, solving #219089. Additionally contains further security
250     fixes plus some minor updates.
251 phreak 1.218
252     *hardened-sources-2.6.23-r10 (30 Apr 2008)
253    
254     30 Apr 2008; Christian Heim <phreak@gentoo.org>
255     +hardened-sources-2.6.23-r10.ebuild:
256     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
257     Additional contains "various other fixes".
258 phreak 1.217
259     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
260     Update the longdescription in metadata, thanks to Gordon Malm.
261 nixnut 1.216
262     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
263     Stable on ppc wrt bug #213255
264 solar 1.215
265     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
266     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
267     - stable on x86/amd64 per request. Removed obsolete ebuilds
268 phreak 1.214
269     *hardened-sources-2.6.24 (07 Apr 2008)
270    
271     07 Apr 2008; Christian Heim <phreak@gentoo.org>
272     +hardened-sources-2.6.24.ebuild:
273     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
274     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
275     for the many contributions and their continued effort in #216612) based on
276     2.6.24 and genpatches-2.6.24-5.
277    
278     The current ebuild/patchset contains these things:
279     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
280     * Introduces bespoke server and workstation oriented security levels
281     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
282 phreak 1.213
283     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
284     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
285     maintaining it).
286 phreak 1.212
287     24 Mar 2008; Christian Heim <phreak@gentoo.org>
288     hardened-sources-2.4.35-r2.ebuild:
289     Fixing SRC_URI for 2.4.35-r2.
290 phreak 1.211
291     *hardened-sources-2.6.23-r9 (22 Mar 2008)
292    
293     22 Mar 2008; Christian Heim <phreak@gentoo.org>
294     +hardened-sources-2.6.23-r9.ebuild:
295     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
296     * Change the default GIDs for some grsecurity options
297     * Revamp the Hardened [Gentoo] security level and make it the default level
298     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
299     * Fix a recursive lock -- call to capable() within ptrace_attach()
300     * Fix bug that allows audit and iscsi operations to be controlled via netlink
301 solar 1.210
302     *hardened-sources-2.6.23-r8 (27 Feb 2008)
303    
304     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
305     - version bump from Kerin Millar bug 210026
306 solar 1.209
307     17 Feb 2008; <solar@gentoo.org> metadata.xml,
308     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
309     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
310     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
311     - stable on x86 and remove old ebuilds
312 solar 1.207
313     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
314 solar 1.208 - stable on amd64 per request of amd64 lead
315 solar 1.206
316     *hardened-sources-2.6.23-r7 (11 Feb 2008)
317    
318     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
319     - version bump from kerin.millar
320     Changes:
321    
322     * Bump to genpatches-base-2.6.23-9
323     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
324     * Disables COMPAT_VDSO in x86/defconfig
325     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
326 phreak 1.205
327     25 Jan 2008; Christian Heim <phreak@gentoo.org>
328     -hardened-sources-2.6.22-r8.ebuild:
329     Cleaning up old versions.
330 phreak 1.204
331     *hardened-sources-2.6.23-r6 (25 Jan 2008)
332    
333     25 Jan 2008; Christian Heim <phreak@gentoo.org>
334     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
335     Revision bump, pulling in the latest genpatches.
336 phreak 1.203
337     *hardened-sources-2.6.23-r5 (24 Dec 2007)
338    
339     24 Dec 2007; Christian Heim <phreak@gentoo.org>
340     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
341     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
342     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
343     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
344 phreak 1.202
345     24 Dec 2007; Christian Heim <phreak@gentoo.org>
346     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
347     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
348     -hardened-sources-2.6.23-r3.ebuild:
349     Cleaning out some unused, old versions.
350 phreak 1.201
351     24 Dec 2007; Christian Heim <phreak@gentoo.org>
352     hardened-sources-2.6.23-r4.ebuild:
353     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
354     in the tree for long, but there isn't much of a difference between this and
355     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
356 phreak 1.200
357     *hardened-sources-2.6.23-r4 (23 Dec 2007)
358    
359     23 Dec 2007; Christian Heim <phreak@gentoo.org>
360     +hardened-sources-2.6.23-r4.ebuild:
361     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
362 phreak 1.199
363     *hardened-sources-2.6.23-r3 (04 Dec 2007)
364    
365     04 Dec 2007; Christian Heim <phreak@gentoo.org>
366     +hardened-sources-2.6.23-r3.ebuild:
367     Revision bump, pulling in 2.6.23.9.
368 phreak 1.198
369     *hardened-sources-2.6.23-r2 (25 Nov 2007)
370    
371     25 Nov 2007; Christian Heim <phreak@gentoo.org>
372     +hardened-sources-2.6.23-r2.ebuild:
373     Updated patchset, thanks to solar.
374 phreak 1.197
375     *hardened-sources-2.6.23-r1 (31 Oct 2007)
376    
377     31 Oct 2007; Christian Heim <phreak@gentoo.org>
378     +hardened-sources-2.6.23-r1.ebuild:
379     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
380 solar 1.196
381     29 Oct 2007; <solar@gentoo.org> metadata.xml:
382     - update metadata.xml
383 phreak 1.195
384     25 Oct 2007; Christian Heim <phreak@gentoo.org>
385     hardened-sources-2.6.22-r8.ebuild:
386     Marking 2.6.22-r8 stable on amd64 and x86.
387 phreak 1.194
388     21 Oct 2007; Christian Heim <phreak@gentoo.org>
389     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
390     -hardened-sources-2.6.21-r4.ebuild:
391     Removing old ebuilds.
392 phreak 1.193
393     *hardened-sources-2.4.35-r2 (21 Oct 2007)
394    
395     21 Oct 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.4.35-r2.ebuild:
397     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
398     patches.
399 phreak 1.192
400     *hardened-sources-2.6.22-r8 (21 Oct 2007)
401    
402     21 Oct 2007; Christian Heim <phreak@gentoo.org>
403     +hardened-sources-2.6.22-r8.ebuild:
404     Yet another new patch, hopefully fixing the remaining issues we had w/
405     2.6.22. Candidate for stabling.
406 phreak 1.191
407     *hardened-sources-2.6.23 (13 Oct 2007)
408    
409     13 Oct 2007; Christian Heim <phreak@gentoo.org>
410     +hardened-sources-2.6.23.ebuild:
411     Initial hardened-sources-2.6.23. If people still have problems w/ bug
412     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
413 phreak 1.190
414     11 Oct 2007; Christian Heim <phreak@gentoo.org>
415     hardened-sources-2.6.20-r10.ebuild:
416     Pulling in yet another new genpatches version, fixing the PWC bug for real.
417 phreak 1.189
418     04 Oct 2007; Christian Heim <phreak@gentoo.org>
419     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
420     Removing old versions.
421 phreak 1.188
422     *hardened-sources-2.6.22-r7 (01 Oct 2007)
423    
424     01 Oct 2007; Christian Heim <phreak@gentoo.org>
425     +hardened-sources-2.6.22-r7.ebuild:
426     Revision bump, pulling in a newer patch. Should fix #194276.
427 phreak 1.187
428     30 Sep 2007; Christian Heim <phreak@gentoo.org>
429     hardened-sources-2.6.20-r10.ebuild:
430     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
431     Mike Doty).
432 phreak 1.186
433     *hardened-sources-2.6.22-r6 (26 Sep 2007)
434    
435     26 Sep 2007; Christian Heim <phreak@gentoo.org>
436     +hardened-sources-2.6.22-r6.ebuild:
437     Revision bump, grabbing up till Linux 2.6.22.9.
438 phreak 1.185
439     24 Sep 2007; Christian Heim <phreak@gentoo.org>
440     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
441     Cleaning up further.
442 phreak 1.184
443     *hardened-sources-2.6.20-r10 (24 Sep 2007)
444    
445     24 Sep 2007; Christian Heim <phreak@gentoo.org>
446     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
447     +hardened-sources-2.6.20-r10.ebuild:
448     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
449     revisions.
450 phreak 1.183
451     *hardened-sources-2.6.22-r5 (22 Sep 2007)
452    
453     22 Sep 2007; Christian Heim <phreak@gentoo.org>
454     +hardened-sources-2.6.22-r5.ebuild:
455     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
456 phreak 1.182
457     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
458     Removing johnm from metadata.xml (see #186467 for reference).
459 phreak 1.181
460     *hardened-sources-2.6.22-r4 (17 Sep 2007)
461    
462     17 Sep 2007; Christian Heim <phreak@gentoo.org>
463     +hardened-sources-2.6.22-r4.ebuild:
464     Revision bump, hopefully fixing all those weird PAX failures.
465 phreak 1.180
466     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
467     Updating the metadata.xml.
468 phreak 1.179
469     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
470     Removing tocharian from metadata due to his retirement (see #71718 for
471     reference).
472 phreak 1.178
473     *hardened-sources-2.6.20-r9 (30 Aug 2007)
474    
475     30 Aug 2007; Christian Heim <phreak@gentoo.org>
476     +hardened-sources-2.6.20-r9.ebuild:
477     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
478 phreak 1.177
479     29 Aug 2007; Christian Heim <phreak@gentoo.org>
480     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
481     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
482     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
483     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
484     -hardened-sources-2.6.22-r2.ebuild:
485     Removing some redundant versions.
486 phreak 1.176
487     *hardened-sources-2.4.35-r1 (29 Aug 2007)
488    
489     29 Aug 2007; Christian Heim <phreak@gentoo.org>
490     +hardened-sources-2.4.35-r1.ebuild:
491     Revision bump, new grsecurity patch.
492 phreak 1.175
493     *hardened-sources-2.6.20-r8 (26 Aug 2007)
494    
495     26 Aug 2007; Christian Heim <phreak@gentoo.org>
496     +hardened-sources-2.6.20-r8.ebuild:
497     Revision bump for Linux 2.6.20.17.
498 phreak 1.174
499     *hardened-sources-2.6.22-r3 (22 Aug 2007)
500    
501     22 Aug 2007; Christian Heim <phreak@gentoo.org>
502     +hardened-sources-2.6.22-r3.ebuild:
503     Revision bump for Linux 2.6.22.4.
504 phreak 1.173
505     16 Aug 2007; Christian Heim <phreak@gentoo.org>
506     hardened-sources-2.6.22-r2.ebuild:
507     Updated patchset, to fix the alignment against 2.6.22.3.
508 phreak 1.172
509     *hardened-sources-2.6.22-r2 (16 Aug 2007)
510    
511     16 Aug 2007; Christian Heim <phreak@gentoo.org>
512     +hardened-sources-2.6.22-r2.ebuild:
513     Revision bump for Linux 2.6.22.3.
514 phreak 1.171
515     *hardened-sources-2.4.35 (16 Aug 2007)
516    
517     16 Aug 2007; Christian Heim <phreak@gentoo.org>
518     +hardened-sources-2.4.35.ebuild:
519     Version bump, initial version for Linux 2.4.35.
520 phreak 1.170
521     *hardened-sources-2.6.21-r4 (16 Aug 2007)
522    
523     16 Aug 2007; Christian Heim <phreak@gentoo.org>
524     +hardened-sources-2.6.21-r4.ebuild:
525     Revision bump for Linux 2.6.21.6.
526 phreak 1.169
527     *hardened-sources-2.6.20-r7 (16 Aug 2007)
528    
529     16 Aug 2007; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.6.20-r7.ebuild:
531     Revision bump for Linux 2.6.20.16.
532 phreak 1.168
533     *hardened-sources-2.6.22-r1 (13 Aug 2007)
534    
535     13 Aug 2007; Christian Heim <phreak@gentoo.org>
536     +hardened-sources-2.6.22-r1.ebuild:
537     Yet another revision bump.
538 phreak 1.167
539     *hardened-sources-2.6.22 (10 Aug 2007)
540    
541     10 Aug 2007; Christian Heim <phreak@gentoo.org>
542     +hardened-sources-2.6.22.ebuild:
543     Initial release for 2.6.22. If you are using hardened-sources on a desktop
544     machine (P4 or newer), be aware you might need to disable
545     CONFIG_PAX_PAGEEXEC.
546 phreak 1.166
547     04 Aug 2007; Christian Heim <phreak@gentoo.org>
548     hardened-sources-2.6.20-r6.ebuild:
549     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
550     2.6.20.15.
551 phreak 1.165
552     10 Jul 2007; Christian Heim <phreak@gentoo.org>
553     hardened-sources-2.6.20-r5.ebuild:
554     Marking hardened-sources-2.6.20-r5 stable on ppc.
555 phreak 1.164
556     10 Jul 2007; Christian Heim <phreak@gentoo.org>
557     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
558     Cleanup.
559 phreak 1.163
560     *hardened-sources-2.6.20-r6 (08 Jul 2007)
561    
562     08 Jul 2007; Christian Heim <phreak@gentoo.org>
563     +hardened-sources-2.6.20-r6.ebuild:
564     Revision bump, grabbing yet another stable release.
565 phreak 1.162
566     17 Jun 2007; Christian Heim <phreak@gentoo.org>
567     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
568     -hardened-sources-2.6.21-r2.ebuild:
569     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
570     alpha stable KEYWORD by mistake.
571 phreak 1.161
572     17 Jun 2007; Christian Heim <phreak@gentoo.org>
573     hardened-sources-2.6.20-r5.ebuild:
574     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
575     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
576 phreak 1.160
577     *hardened-sources-2.6.21-r3 (12 Jun 2007)
578    
579     12 Jun 2007; Christian Heim <phreak@gentoo.org>
580     +hardened-sources-2.6.21-r3.ebuild:
581     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
582     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
583     love.
584 phreak 1.159
585     *hardened-sources-2.6.20-r5 (11 Jun 2007)
586    
587     11 Jun 2007; Christian Heim <phreak@gentoo.org>
588     +hardened-sources-2.6.20-r5.ebuild:
589     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
590     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
591     love.
592 pappy 1.158
593     *hardened-sources-2.4.34.5 (11 Jun 2007)
594    
595     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
596     +hardened-sources-2.4.34.5.ebuild:
597     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
598 phreak 1.157
599     30 May 2007; Christian Heim <phreak@gentoo.org>
600     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
601     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
602     stale ebuild(s).
603 phreak 1.156
604     30 May 2007; Christian Heim <phreak@gentoo.org>
605     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
606     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
607     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
608     Doing some cleanups, remove stale ebuilds.
609 phreak 1.155
610     26 May 2007; Christian Heim <phreak@gentoo.org>
611     hardened-sources-2.6.21-r2.ebuild:
612     Fixing the grsecurity patch, had one '};' too much.
613 phreak 1.154
614     *hardened-sources-2.6.21-r2 (26 May 2007)
615    
616     26 May 2007; Christian Heim <phreak@gentoo.org>
617     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
618     +hardened-sources-2.6.21-r2.ebuild:
619     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
620     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
621 phreak 1.153
622     *hardened-sources-2.6.20-r4 (26 May 2007)
623    
624     26 May 2007; Christian Heim <phreak@gentoo.org>
625     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
626     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
627 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
628 phreak 1.152
629     15 May 2007; Christian Heim <phreak@gentoo.org>
630     hardened-sources-2.6.20-r3.ebuild:
631     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
632     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
633     grsecurity patch fail in that exact same hunk.
634 phreak 1.151
635     *hardened-sources-2.6.20-r3 (15 May 2007)
636    
637     15 May 2007; Christian Heim <phreak@gentoo.org>
638     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
639     Revision bump, incorporating Linux 2.6.20.11.
640    
641     *hardened-sources-2.6.21-r1 (11 May 2007)
642    
643     11 May 2007; Christian Heim <phreak@gentoo.org>
644     +hardened-sources-2.6.21-r1.ebuild:
645     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
646     mentioned in #177234.
647 kevquinn 1.150
648     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
649     files/digest-hardened-sources-2.6.21, Manifest:
650     Fix Manifest/digest for linux-2.6.21.tar.bz2
651 phreak 1.149
652     06 May 2007; Christian Heim <phreak@gentoo.org>
653     hardened-sources-2.6.21.ebuild:
654     Bumping the hardened-patches version, needed for the fix for #177234.
655 phreak 1.148
656     *hardened-sources-2.6.21 (02 May 2007)
657    
658     02 May 2007; Christian Heim <phreak@gentoo.org>
659     +hardened-sources-2.6.21.ebuild:
660     Version bump, Linux 2.6.21-hardened.
661 phreak 1.147
662     29 Apr 2007; Christian Heim <phreak@gentoo.org>
663     hardened-sources-2.6.20-r2.ebuild:
664     Adding ~ia64 on Ned's request.
665 phreak 1.146
666     29 Apr 2007; Christian Heim <phreak@gentoo.org>
667     hardened-sources-2.6.20-r2.ebuild:
668     Fixing the included grsecurity patch, wasn't alligning due to the Index:
669     header line(s).
670 phreak 1.145
671     29 Apr 2007; Christian Heim <phreak@gentoo.org>
672     hardened-sources-2.6.20-r2.ebuild:
673     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
674 armin76 1.144
675     *hardened-sources-2.6.20-r2 (10 Apr 2007)
676    
677     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
678     +hardened-sources-2.6.20-r2.ebuild:
679     Version bump, on behalf of phreak
680 phreak 1.143
681     *hardened-sources-2.6.20-r1 (04 Apr 2007)
682    
683     04 Apr 2007; Christian Heim <phreak@gentoo.org>
684     +hardened-sources-2.6.20-r1.ebuild:
685     Revision bump, grabbing a newer grsecurity snapshot.
686 phreak 1.142
687     *hardened-sources-2.6.20 (25 Mar 2007)
688    
689     25 Mar 2007; Christian Heim <phreak@gentoo.org>
690     +hardened-sources-2.6.20.ebuild:
691     Finally a hardened-sources version for 2.6.20; many people have been waiting
692     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
693     testbox.
694 chainsaw 1.141
695     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
696     hardened-sources-2.6.18-r6.ebuild:
697     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
698 phreak 1.140
699     *hardened-sources-2.6.18-r6 (16 Mar 2007)
700    
701     16 Mar 2007; Christian Heim <phreak@gentoo.org>
702     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
703     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
704     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
705     supposed to be.
706 phreak 1.139
707     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
708     Fixing the Manifest, the previous one was broken (as in still had the
709     deleted ebuild in it).
710 phreak 1.138
711     06 Mar 2007; Christian Heim <phreak@gentoo.org>
712     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
713     +hardened-sources-2.6.18-r5.ebuild:
714     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
715     Linux 2.6.18.8. Also cleaning up the older version.
716    
717     *hardened-sources-2.6.18-r5 (06 Mar 2007)
718    
719     06 Mar 2007; Christian Heim <phreak@gentoo.org>
720     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
721     +hardened-sources-2.6.18-r5.ebuild:
722     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
723     Linux 2.6.18.8. Also cleaning up the older version.
724 phreak 1.137
725     24 Feb 2007; Christian Heim <phreak@gentoo.org>
726     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
727     -hardened-sources-2.6.19-r5.ebuild:
728     Removing some of the old version, that didn't work.
729 phreak 1.136
730     *hardened-sources-2.6.19-r6 (12 Feb 2007)
731    
732     12 Feb 2007; Christian Heim <phreak@gentoo.org>
733     +hardened-sources-2.6.19-r6.ebuild:
734     Revision bump, including a new grsec version fixing #166235.
735 pappy 1.134
736     *hardened-sources-2.4.34 (24 Jan 2007)
737    
738     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
739 pappy 1.135 Manifest:
740     updating Manifest with checksums of new tarball and ebuild
741    
742     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
743 pappy 1.134 +hardened-sources-2.4.34.ebuild:
744     I added new hardened sources 2.4 update, this is a critical path
745     security bugfix - all users of h-s are strongly advised
746     to update their existing hardened sources to this version.
747     It contains a fix for a kernel vulnerability that is pertaining
748     to the PaX changes to virtual memory management, possibly leading
749     to a local kernel exploit ... see grsecurity.net forums and homepage
750 phreak 1.133
751     23 Jan 2007; Christian Heim <phreak@gentoo.org>
752     files/digest-hardened-sources-2.6.19-r5, Manifest:
753     Fixing the patch-tarball digest.
754 phreak 1.132
755     *hardened-sources-2.6.19-r5 (23 Jan 2007)
756    
757     23 Jan 2007; Christian Heim <phreak@gentoo.org>
758     +hardened-sources-2.6.19-r5.ebuild:
759     Revision bump, closing the recently discovered PaX expand_stack()
760     vulnerability.
761 phreak 1.131
762     *hardened-sources-2.6.19-r4 (14 Jan 2007)
763    
764     14 Jan 2007; Christian Heim <phreak@gentoo.org>
765     +hardened-sources-2.6.19-r4.ebuild:
766     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
767     dropping the randomized PID feature.
768 opfer 1.130
769     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
770     hardened-sources-2.4.33.4.ebuild:
771     stable x86, bug #161171
772 phreak 1.129
773     *hardened-sources-2.6.19-r3 (27 Dec 2006)
774    
775     27 Dec 2006; Christian Heim <phreak@gentoo.org>
776     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
777     Revision bump for bug #157186 and #158786.
778 phreak 1.128
779     *hardened-sources-2.6.18-r4 (27 Dec 2006)
780    
781     27 Dec 2006; Christian Heim <phreak@gentoo.org>
782     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
783     Revision bump for bug #157186.
784 phreak 1.127
785     *hardened-sources-2.6.19-r2 (23 Dec 2006)
786    
787     23 Dec 2006; Christian Heim <phreak@gentoo.org>
788     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
789     Revision bump to pull in genpatches-2.6.19-3 for #157186.
790 phreak 1.126
791     17 Dec 2006; Christian Heim <phreak@gentoo.org>
792     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
793     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
794     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
795     hardened-sources-2.6.19-r1.ebuild:
796     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
797     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
798 pappy 1.125
799     *hardened-sources-2.4.33.4 (17 Dec 2006)
800    
801     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
802     +hardened-sources-2.4.33.4.ebuild:
803     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
804     and quilting
805 phreak 1.124
806     *hardened-sources-2.6.19-r1 (14 Dec 2006)
807    
808     14 Dec 2006; Christian Heim <phreak@gentoo.org>
809     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
810     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
811     for reporting).
812 phreak 1.123
813     *hardened-sources-2.6.19 (13 Dec 2006)
814    
815     13 Dec 2006; Christian Heim <phreak@gentoo.org>
816     +hardened-sources-2.6.19.ebuild:
817     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
818     Brad for providing that prompt update.
819 phreak 1.122
820     *hardened-sources-2.6.18-r3 (13 Dec 2006)
821    
822     13 Dec 2006; Christian Heim <phreak@gentoo.org>
823     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
824     +hardened-sources-2.6.18-r3.ebuild:
825     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
826     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
827 phreak 1.121
828     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
829     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
830 nixnut 1.120
831     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
832     Stable on ppc wrt bug 157356
833 opfer 1.119
834     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
835     hardened-sources-2.6.18.ebuild:
836     stable x86, bug #157356
837 phreak 1.118
838     *hardened-sources-2.6.18-r2 (06 Dec 2006)
839    
840     06 Dec 2006; Christian Heim <phreak@gentoo.org>
841     +hardened-sources-2.6.18-r2.ebuild:
842     Revision bump, including 2.6.18.5 (via genpatches) and
843     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
844     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
845     redesign.
846 phreak 1.117
847     06 Dec 2006; Christian Heim <phreak@gentoo.org>
848     hardened-sources-2.6.18.ebuild:
849     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
850     of Mike Doty).
851 phreak 1.116
852     *hardened-sources-2.6.18-r1 (23 Nov 2006)
853    
854     23 Nov 2006; Christian Heim <phreak@gentoo.org>
855     +hardened-sources-2.6.18-r1.ebuild:
856     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
857 phreak 1.115
858     *hardened-sources-2.6.18 (11 Nov 2006)
859    
860     11 Nov 2006; Christian Heim <phreak@gentoo.org>
861     +hardened-sources-2.6.18.ebuild:
862     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
863 solar 1.114
864     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
865     - mark amd64 stable also. bug #151877
866 solar 1.113
867     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
868     - mark 2.6.17-r1 stable
869 phreak 1.112
870     27 Aug 2006; Christian Heim <phreak@gentoo.org>
871     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
872     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
873 phreak 1.111
874     *hardened-sources-2.6.17-r1 (26 Aug 2006)
875    
876     26 Aug 2006; Christian Heim <phreak@gentoo.org>
877     +hardened-sources-2.6.17-r1.ebuild:
878     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
879     grsecurity patch.
880 phreak 1.110
881     *hardened-sources-2.6.17 (17 Aug 2006)
882    
883     17 Aug 2006; Christian Heim <phreak@gentoo.org>
884     +hardened-sources-2.6.17.ebuild:
885     Bumping the hardened-sources-2.6 series to 2.6.17, using
886     genpatches-2.6.17-6.base.
887 solar 1.109
888     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
889     - stable on x86 and amd64
890 solar 1.108
891     *hardened-sources-2.6.16-r11 (15 Jul 2006)
892    
893     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
894     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
895     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
896     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
897     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
898     crusty ebuilds
899 johnm 1.107
900     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
901     hardened-sources-2.6.16-r10.ebuild:
902     marking stable on x86 and amd64
903 solar 1.106
904     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
905     - 2.4.32-r6 stable on x86. RSBAC state unknown
906 kang 1.105
907     *hardened-sources-2.4.32-r7 (10 Jul 2006)
908    
909     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
910     +hardened-sources-2.4.32-r7.ebuild:
911     Bump PaX for RSBAC to test-17
912 johnm 1.104
913     *hardened-sources-2.6.16-r9 (03 Jul 2006)
914    
915     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
916     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
917     hardened-sources-2.6.16 bump to latest -base.
918 solar 1.103
919     *hardened-sources-2.4.32-r6 (30 Jun 2006)
920    
921     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
922     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
923     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
924     sysctl controlable resource logging
925 johnm 1.102
926     *hardened-sources-2.6.16-r7 (05 Jun 2006)
927    
928     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
929     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
930     push new 2.6.16 release in preparation for stable
931 solar 1.101
932     22 May 2006; <solar@gentoo.org> :
933     - redigest bug 134002
934 kang 1.100
935     *hardened-sources-2.4.32-r5 (16 May 2006)
936    
937     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
938     +hardened-sources-2.4.32-r5.ebuild:
939     Fixes rsbac common patching (new patch in new -r5 patchset)
940 solar 1.99
941     *hardened-sources-2.4.32-r4 (13 May 2006)
942    
943     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
944     +hardened-sources-2.4.32-r4.ebuild:
945     - security bumps
946 johnm 1.98
947     *hardened-sources-2.6.16-r6 (03 May 2006)
948    
949     03 May 2006; John Mylchreest <johnm@gentoo.org>
950     +hardened-sources-2.6.16-r6.ebuild:
951     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
952 johnm 1.97
953     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
954     hardened-sources-2.6.14-r8.ebuild:
955     fix x86_64 build problem, this will delay the digest issue again for a short
956     while but it will sort itself out
957 johnm 1.96
958     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
959     hardened-sources-2.6.14-r8.ebuild:
960     bump hardened patchset
961 antarus 1.94
962     27 Apr 2006; Alec Warner <antarus@gentoo.org>
963     files/digest-hardened-sources-2.4.32-r2,
964     files/digest-hardened-sources-2.4.32-r3,
965     files/digest-hardened-sources-2.6.14-r8, Manifest:
966     Fixing duff SHA256 digests: Bug # 131293
967 johnm 1.93
968 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
969    
970     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
971     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
972     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
973     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
974     cleanup of old uneccessary sources
975    
976 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
977     fix digest
978 johnm 1.92
979     *hardened-sources-2.6.14-r8 (20 Apr 2006)
980    
981     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
982     +hardened-sources-2.6.14-r8.ebuild:
983     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
984 johnm 1.91
985     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
986     Turning on gpg-signing again, and recomitting
987 johnm 1.90
988     *hardened-sources-2.6.16-r4 (20 Apr 2006)
989    
990     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
991     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
992     +hardened-sources-2.6.16-r4.ebuild:
993     Fix numerous security vulns
994 solar 1.89
995     *hardened-sources-2.4.32-r3 (16 Apr 2006)
996    
997     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
998     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
999     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1000     - security bump for bug #112791. Removed old ebuilds
1001 johnm 1.88
1002     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1003    
1004     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1005     +hardened-sources-2.6.16-r3.ebuild:
1006     Removing silly localversion which I missed
1007 johnm 1.87
1008     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1009    
1010     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1011     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1012     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1013 johnm 1.86
1014     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1015    
1016     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1017     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1018     +hardened-sources-2.6.16-r2.ebuild:
1019     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1020     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1021 johnm 1.85
1022     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1023    
1024     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1025     +hardened-sources-2.6.16-r1.ebuild:
1026     Bumping to include ppc build fix and 2.6.16.3
1027 tsunam 1.84
1028     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1029     hardened-sources-2.6.14-r6.ebuild:
1030     Stable on x86; bug #127718
1031 johnm 1.83
1032     *hardened-sources-2.6.16 (31 Mar 2006)
1033    
1034     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1035     +hardened-sources-2.6.16.ebuild:
1036     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1037     2.6.16.1
1038 cryos 1.82
1039     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1040     hardened-sources-2.6.14-r6.ebuild:
1041     Stable on amd64, bug 127718.
1042 nixnut 1.81
1043     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1044     Stable on ppc. Bug #127718
1045 johnm 1.80
1046     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1047     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1048     -hardened-sources-2.6.14-r4.ebuild:
1049     Cleanup.
1050 johnm 1.79
1051     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1052    
1053     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1054     +hardened-sources-2.6.14-r6.ebuild:
1055     Fixes grsec policy recreation bug and adds a
1056     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1057 solar 1.78
1058     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1059     - stable on x86
1060 hansmi 1.77
1061     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1062     hardened-sources-2.6.14-r5.ebuild:
1063     Stable on ppc.
1064 johnm 1.76
1065     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1066    
1067     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1068     +hardened-sources-2.6.14-r5.ebuild:
1069     fixing every known exploit
1070 solar 1.75
1071     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1072    
1073     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1074     +hardened-sources-2.4.32-r2.ebuild:
1075     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1076 solar 1.74
1077     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1078    
1079     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1080     - version bump for new genpatches which fix up a few sec holes
1081 solar 1.73
1082     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1083    
1084     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1085     - revision bump to add misc vital linux kernel security patches.
1086 johnm 1.72
1087     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1088    
1089     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1090     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1091     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1092 johnm 1.71
1093     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1094     hardened-sources-2.6.14-r2.ebuild:
1095     making x86 & amd64 stable following testing.
1096 johnm 1.70
1097     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1098    
1099     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1100     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1101     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1102     network hooks.
1103 johnm 1.69
1104     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1105     hardened-sources-2.6.14-r1.ebuild:
1106     bumping to stable early for sec fix on x86 & amd64
1107 johnm 1.68
1108     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1109    
1110     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1111     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1112     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1113 solar 1.67
1114     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1115     - stable on x86 security bug #114227 CAN-2005-3257
1116 kang 1.66
1117     *hardened-sources-2.4.32 (19 Nov 2005)
1118    
1119     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1120     +hardened-sources-2.4.32.ebuild:
1121     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1122     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1123     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1124     rsbac >> /etc/portage/package.use)
1125 johnm 1.65
1126     *hardened-sources-2.6.14 (14 Nov 2005)
1127    
1128     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1129     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1130     Bumping 2.6 series to 2.6.14.2
1131 johnm 1.64
1132     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1133    
1134     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1135     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1136     +hardened-sources-2.6.13-r2.ebuild:
1137     Fixes minor build error in ppc.
1138 johnm 1.63
1139     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1140    
1141     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1142     +hardened-sources-2.6.13-r1.ebuild:
1143     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1144     2.6.13.4, fixes some major amd64 stability problems.
1145 johnm 1.62
1146     *hardened-sources-2.6.13 (16 Sep 2005)
1147    
1148     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1149     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1150     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1151     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1152     users should test this thoroughly.
1153 solar 1.61
1154     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1155     - stable on x86
1156 johnm 1.60
1157     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1158    
1159     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1160     +hardened-sources-2.6.11-r15.ebuild:
1161     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1162     grsec redefining curr_ip struct.
1163 solar 1.59
1164     *hardened-sources-2.4.31 (20 Jun 2005)
1165    
1166     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1167     initial import of 2.4.31 tree
1168 johnm 1.58
1169     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1170    
1171     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1172     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1173     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1174     naming scheme to abide by genpatches
1175 johnm 1.57
1176     *hardened-sources-2.6.11-r13 (18 May 2005)
1177    
1178     18 May 2005; John Mylchreest <johnm@gentoo.org>
1179     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1180     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1181     target. sorry about that. Fixes bug #93022
1182 johnm 1.56
1183     *hardened-sources-2.6.11-r12 (17 May 2005)
1184    
1185     17 May 2005; John Mylchreest <johnm@gentoo.org>
1186     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1187     +hardened-sources-2.6.11-r12.ebuild:
1188     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1189     merges in genpatches-base
1190 johnm 1.55
1191     *hardened-sources-2.6.11-r12 (17 May 2005)
1192    
1193     17 May 2005; John Mylchreest <johnm@gentoo.org>
1194     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1195     +hardened-sources-2.6.11-r12.ebuild:
1196     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1197     merges in genpatches-base
1198 solar 1.54
1199     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1200     -files/2.4.27-cmdline-race.patch,
1201     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1202     -files/2.4.28-grsec-binfmt_a.out.patch,
1203     -files/2.4.28-grsec-cmdline-race.patch,
1204     -files/2.4.28-selinux-binfmt_a.out.patch,
1205     -files/2.4.28-selinux-cmdline-race.patch,
1206     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1207     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1208     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1209     cleanup..
1210 solar 1.53
1211     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1212    
1213     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1214     - disable aout by default
1215 solar 1.52
1216     *hardened-sources-2.4.30 (18 Apr 2005)
1217    
1218     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1219     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1220     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1221     use
1222 tocharian 1.50
1223 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1224    
1225     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1226     +hardened-sources-2.4.29.ebuild:
1227     New hardened-patches-2.4-29.0 patchball.
1228     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1229    
1230     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1231    
1232     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1233     +hardened-sources-2.4.28-r5.ebuild:
1234     Added a fix for a PaX vulnerability.
1235    
1236     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1237 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1238     Stable on x86
1239 solar 1.49
1240     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1241     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1242     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1243     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1244     - fixed/added RDEPEND= in all kernel-2 ebuilds
1245 tocharian 1.48
1246     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1247    
1248     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1249     +hardened-sources-2.4.28-r4.ebuild:
1250     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1251     backport of neighbour hash updates.
1252 tocharian 1.47
1253     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1254     hardened-sources-2.4.28-r3.ebuild:
1255     Stable on x86
1256 tseng 1.46
1257     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1258    
1259     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1260     +hardened-sources-2.6.10-r3.ebuild:
1261     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1262     in 2005.0
1263 tocharian 1.45
1264     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1265     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1266     hardened-sources-2.4.28-r2.ebuild:
1267     Mark stable on x86
1268 tocharian 1.44
1269     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1270    
1271     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1272     +hardened-sources-2.4.28-r3.ebuild:
1273     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1274 tocharian 1.43
1275     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1276     hardened-sources-2.4.28.ebuild:
1277     Mark stable on x86.
1278 tocharian 1.42
1279     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1280    
1281     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1282     +hardened-sources-2.4.28-r2.ebuild:
1283     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1284     Mazinger for grsecurity patches as well.
1285 plasmaroo 1.41
1286     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1287    
1288     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1289     Security bump. Thank tocharian for rolling a new patchset...
1290 solar 1.40
1291     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1292     +files/2.4.28-grsec-cmdline-race.patch,
1293     +files/2.4.28-selinux-binfmt_a.out.patch,
1294     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1295     - Round up remaining security patches that appear to be missing in 2.4.28. -
1296     PaX standalone updated to current. hgpv=28.1
1297 solar 1.39
1298     *hardened-sources-2.4.28 (28 Nov 2004)
1299    
1300     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1301     security bump. Thank tocharian for rolling a new patchset
1302 scox 1.31
1303 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1304    
1305     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1306     +hardened-sources-2.4.27-r3.ebuild:
1307     Applies the new 2.4-27.2 patchball which updates
1308     GRSecurity to the 2.0.1 version.
1309    
1310 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1311    
1312     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1313     +hardened-sources-2.4.27-r2.ebuild:
1314     Version bump.
1315     This version uses the new 2.4-27.1 patchball which updates
1316     both the SELinux PaX hooks patch and the SELinux headers.
1317    
1318 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1319    
1320     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1321     +hardened-sources-2.4.27-r1.ebuild,
1322     -hardened-sources-2.4.27.ebuild,
1323     +files/2.4.27-cmdline-race.patch:
1324     Version bump, fix for cmdline race. See bug #59905.
1325    
1326     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1327    
1328     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1329     +hardened-sources-2.4.26-r6.ebuild,
1330     -hardened-sources-2.4.26-r5.ebuild,
1331     -hardened-sources-2.4.26-r4.ebuild,
1332     +files/2.4.26-cmdline-race.patch:
1333     Version bump, fix for cmdline race. See bug #59905.
1334    
1335 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1336    
1337     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1338     +hardened-sources-2.4.27.ebuild,
1339     +files/2.4.27-CAN-2004-0394.patch:
1340     Ported the patchball to the 2.4.27 kernel version.
1341    
1342 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1343    
1344     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1345     +hardened-sources-2.4.26-r5.ebuild:
1346 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1347 scox 1.34 It adds the following features:
1348     - Squashfs
1349     - Ebtables
1350     - Netdev random (core+drivers)
1351     - Watchdog Timer (WDT) fix.
1352    
1353 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1354    
1355     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1356     +hardened-sources-2.4.26-r4.ebuild,
1357     +files/2.4.26-CAN-2004-0415.patch,
1358     -hardened-sources-2.4.26-3:
1359     Version bump, fix for CAN 0415, see bug #59378.
1360    
1361 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1362    
1363     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1364     +hardened-sources-2.4.26-r3.ebuild,
1365     +files/2.4.26-CAN-2004-0497.patch,
1366     -hardened-sources-2.4.26-r2.ebuild:
1367     Version bump, fixed CAN 0497, see bug #56171.
1368    
1369 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1370    
1371     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1372 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1373 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1374     +files/2.4.26-CAN-2004-0535.patch,
1375     -hardened-sources-2.4.26-r1.ebuild:
1376     Fixes for both CAN 0495 and 0535, see bug #54976
1377 pvdabeel 1.27
1378 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1379     hardened-sources-2.4.26-r1.ebuild:
1380     QA - fix use invocation
1381 scox 1.28
1382     *hardened-sources-2.4.26-r1 (22 June 2004)
1383    
1384     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1385     +hardened-sources-2.4.26-r1.ebuild,
1386     +files/2.4.26-CAN-2004-0394.patch,
1387     +files/2.4.26-signal-race.patch,
1388     -hardened-sources-2.4.26.ebuild,
1389     -hardened-sources-2.4.24-r3.ebuild:
1390     Version bump for the CAN-2004-0394 issue and bug #53804
1391     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1392    
1393    
1394 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1395     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1396     Masked hardened-sources-2.4.26.ebuild broken for ppc
1397    
1398     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1399     hardened-sources-2.4.24-r3.ebuild:
1400     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1401 plasmaroo 1.25
1402 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1403    
1404     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1405     +hardened-sources-2.4.26.ebuild:
1406     Updated hardened-sources for the 2.4.26 kernel
1407     Removed broken components, updated almost everything.
1408    
1409 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1410    
1411     17 Apr 2004; <plasmaroo@gentoo.org>
1412     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1413     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1414     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1415     +hardened-sources-2.4.24-r3.ebuild:
1416     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1417     vulnerabilities. Old revisions removed.
1418 plasmaroo 1.24
1419     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1420    
1421     15 Apr 2004; <plasmaroo@gentoo.org>
1422     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1423     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1424     Version bump for the CAN-2004-0109 issue; bug #47881.
1425 aliz 1.23
1426     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1427     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1428     Add eutils to inherit.
1429 plasmaroo 1.22
1430     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1431    
1432     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1433     files/hardened-sources-2.4.24.munmap.patch:
1434     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1435 scox 1.19
1436 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1437 scox 1.26
1438 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1439     hardened-sources-2.4.24.ebuild:
1440     Version bump, updated most of the components.
1441     This release includes the following:
1442    
1443     - Hardened security
1444     - Netfilter patch-o-matic 20031219
1445     - FreeSWAN 2.04 & x509 1.4.8
1446     - EVMS 2.2.2
1447     - XFS 1.3.1
1448     - cryptoloop jari
1449     - grsecurity 2.0-rc4
1450     - SELinux
1451     - PaX 200402060000
1452     - PaX Obscurity 200308302223
1453     - Others...
1454    
1455     Neither -ck nor systrace are included anymore.
1456    
1457 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1458    
1459     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1460     hardened-sources-2.4.22-r2.ebuild:
1461 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1462 scox 1.19
1463     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1464 iggy 1.17
1465     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1466 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1467 iggy 1.16
1468     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1469 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1470     Version bump for the 'do_brk' vulnerability.
1471 iggy 1.15
1472     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1473     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1474     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1475     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1476 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1477 frogger 1.14
1478     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1479     hardened-sources-2.4.22.ebuild:
1480 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1481     components. These are no longer handled in the kernel
1482     so this code was not necessary.
1483 frogger 1.13
1484     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1485     New 2.4.22 based hardened-sources thanks to
1486     Phil West <p.west@computer.org>.
1487    
1488     These sources include:
1489 plasmaroo 1.18 - New SELinux API
1490     - Updated CK-base
1491     - Updated GRSec
1492     - Systrace
1493     - SuperFreeS/WAN 1.99.8
1494     - Propolice kernel build support
1495     - EVMS
1496     - Other various security related patches
1497 frogger 1.11
1498 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1499    
1500     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1501     Updated hardened-sources based on the 2.4.21 Linux kernel.
1502     This includes updates to most major components such as:
1503 plasmaroo 1.18 - ck-base-0306300059
1504     - selinux-2.4-2003071106
1505     - grsecurity-2.0-rc1
1506     - Updated IPTables patch-o-matic
1507     - Updated SuperFreeS/WAN
1508    
1509 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1510     updated patch set ready for the 2.4.21 based kernel.
1511    
1512 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1513     Initial import of hardened-sources-2.4.20-r4. This revision
1514     includes only a few changes, but one of these is an important
1515     security fix. It is recommended all users of hardened-sources
1516     upgrade to this release.
1517 plasmaroo 1.18
1518 frogger 1.11 - ioperm bug fix
1519     - fixed compilation failure when building without GRSec
1520 plasmaroo 1.18
1521 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1522     due to time constraints, but is planned for inclusion in the near
1523     future.
1524 msterret 1.10
1525     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1526    
1527     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1528     hardened-sources-2.4.20-r3.ebuild:
1529 plasmaroo 1.18 Add Header...
1530 frogger 1.9
1531     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1532     hardened-sources-2.4.20-r3.ebuild:
1533     Removed warnings from ebuild. This kernel should be safe to
1534     use at this point.
1535 frogger 1.8
1536     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1537    
1538     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1539     hardened-sources-2.4.20-r3.ebuild:
1540     New revision. Includes the following changes over -r2:
1541 plasmaroo 1.18
1542 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1543     - Super FreeS/WAN 1.99.7rc2
1544     - PaX for the LSM/SELinux branch
1545     - GRSecurity 2.0-pre4 (role based access control)
1546     - Systrace 1.3
1547     - EXT3 fixes
1548     - EVMS 2.0.1
1549     - GCC 3.1+ compile optimizations
1550     - ProPolice kernel build support
1551     - Hashing table security fixes
1552 frogger 1.3
1553     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1554 frogger 1.7
1555     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1556     Initial import of hardened-sources-r2. This new
1557     ebuild includes many new performance and security
1558     related patches. As in -r1, it will patch in
1559     LSM/SELinux if "selinux" is in USE, otherwise it
1560     will patch in GRSecurity. The following patches
1561     are included in this revision:
1562 plasmaroo 1.18
1563 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1564     (pulled from the base CK patch)
1565     - ptrace exploit patch for the LSM kernel
1566     (the GRSec patch already fixes this)
1567     - LSM 2.4-2003040709
1568     - SELinux 2.4-2003040709
1569     - Systrace v1.2
1570     - IPTables patch-o-matic base patches - 20030107
1571     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1572     - Super FreeS/WAN 1.99.6.1
1573     - GRSecurity 1.9.9g
1574     - MPPE
1575     - EXT3 data journal fix
1576     - CIPE 1.5.4
1577 frogger 1.6
1578     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1579     hardened-sources-2.4.20-r1.ebuild, manifest:
1580 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1581 frogger 1.5
1582     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1583     hardened-sources-2.4.20-r1.ebuild:
1584     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1585     is patched in instead. Ptrace patches for selinux have also been added. In
1586     either case, systrace support will be patched in as well.
1587 frogger 1.3
1588     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1589     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1590 plasmaroo 1.18 Revision bump for new sources.
1591 frogger 1.4
1592 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1593 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1594 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1595 method 1.1
1596 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1597    
1598 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1599     hardened-sources-2.4.20.ebuild:
1600 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20