/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.266 - (hide annotations) (download)
Tue Dec 9 01:14:36 2008 UTC (5 years, 9 months ago) by gengor
Branch: MAIN
Changes since 1.265: +5 -1 lines
Stable hardened-sources-2.6.25-r11 on amd64/x86
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.266 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.265 2008/12/07 00:13:02 gengor Exp $
4    
5     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
6     hardened-sources-2.6.25-r11.ebuild:
7     Stable amd64/x86.
8 gengor 1.265
9     *hardened-sources-2.6.27-r3 (07 Dec 2008)
10    
11     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
12     +hardened-sources-2.6.27-r3.ebuild:
13     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
14     Fixes bug #248754, #249729 and #246607.
15 gengor 1.264
16     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
17     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
18     Remove old versions.
19 gengor 1.262
20     *hardened-sources-2.6.26-r7 (03 Dec 2008)
21     *hardened-sources-2.6.25-r11 (03 Dec 2008)
22    
23 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
24     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
25 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
26     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
27     Both include many backports from 2.6.27.{6,7} -stable releases.
28 gengor 1.261
29     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
30     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
31     Remove versions broken on ARCHes != x86/amd64.
32 gengor 1.260
33     *hardened-sources-2.6.27-r2 (24 Nov 2008)
34    
35     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
36     +hardened-sources-2.6.27-r2.ebuild:
37     Bump to Linux 2.6.27.7 and latest grsecurity patch.
38 gengor 1.259
39     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
40     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
41     Remove old versions.
42 gengor 1.258
43     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
44     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
45     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
46 nixnut 1.257
47     16 Nov 2008; nixnut <nixnut@gentoo.org>
48     hardened-sources-2.6.25-r10.ebuild:
49     Stable on ppc
50 gengor 1.256
51     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
52     hardened-sources-2.6.25-r10.ebuild:
53     Stable amd64/x86.
54 gengor 1.255
55     *hardened-sources-2.6.26-r6 (12 Nov 2008)
56    
57     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
58     +hardened-sources-2.6.26-r6.ebuild:
59     Bump to Linux 2.6.26.8 and fix security bug #245650.
60 gengor 1.254
61     *hardened-sources-2.6.25-r10 (12 Nov 2008)
62    
63     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
64     +hardened-sources-2.6.25-r10.ebuild:
65     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
66 gengor 1.253
67     *hardened-sources-2.6.27-r1 (09 Nov 2008)
68    
69     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
70     +hardened-sources-2.6.27-r1.ebuild:
71     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
72 gengor 1.252
73     *hardened-sources-2.6.27 (04 Nov 2008)
74    
75     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
76     +hardened-sources-2.6.27.ebuild:
77     Initial 2.6.27 release.
78 gengor 1.251
79     *hardened-sources-2.6.26-r5 (03 Nov 2008)
80    
81     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
82     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
83     +hardened-sources-2.6.26-r5.ebuild:
84     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
85     Clean out some old versions.
86 nixnut 1.250
87     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
88     Stable on ppc
89 gengor 1.249
90     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
91     hardened-sources-2.6.25-r9.ebuild:
92     Stable on amd64/x86.
93 gengor 1.248
94     *hardened-sources-2.6.25-r9 (26 Oct 2008)
95    
96     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
97     +hardened-sources-2.6.25-r9.ebuild:
98     Update to Linux 2.6.25.19
99 nixnut 1.247
100     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
101     Stable on ppc
102 gengor 1.246
103     *hardened-sources-2.6.26-r4 (14 Oct 2008)
104    
105     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
106     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
107     Update to latest grsecurity patch, fixing building of non-modular kernels.
108 gengor 1.245
109     *hardened-sources-2.6.26-r3 (12 Oct 2008)
110    
111     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
112     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
113     +hardened-sources-2.6.26-r3.ebuild:
114     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
115     2.6.26-r1: Removed.
116     2.6.25-r8: Stable amd64/x86.
117 gengor 1.244
118     *hardened-sources-2.6.25-r8 (09 Oct 2008)
119    
120     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
121     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
122     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
123     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
124 nixnut 1.243
125     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
126     Stable on ppc
127 gengor 1.242
128     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
129     hardened-sources-2.6.25-r7.ebuild:
130     Stable amd64/x86.
131 gengor 1.241
132     *hardened-sources-2.6.26-r2 (13 Sep 2008)
133    
134     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
135     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
136     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
137     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
138 gengor 1.240
139     *hardened-sources-2.6.25-r7 (13 Sep 2008)
140    
141     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
142     +hardened-sources-2.6.25-r7.ebuild:
143     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
144 gengor 1.239
145     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
146     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
147     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
148     hardened-sources-2.6.26-r1.ebuild:
149     Update DESCRIPTION and HGPV_URI.
150 gengor 1.238
151     *hardened-sources-2.6.25-r6 (09 Sep 2008)
152    
153     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
154     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
155     2.6.25-r6: Update to Linux 2.6.25.17.
156     2.6.24-r3: Removed.
157 gengor 1.237
158     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
159     hardened-sources-2.6.25-r5.ebuild:
160     Stable on amd64/x86
161 gengor 1.236
162     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
163     Update my email address.
164 nixnut 1.235
165     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
166     stable on ppc
167 battousai 1.234
168     *hardened-sources-2.6.26-r1 (23 Aug 2008)
169     *hardened-sources-2.6.25-r5 (23 Aug 2008)
170    
171     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
172     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
173     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
174     +hardened-sources-2.6.26-r1.ebuild:
175     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
176     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
177     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
178     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
179     (gengor).
180 solar 1.233
181     *hardened-sources-2.6.26 (18 Aug 2008)
182     *hardened-sources-2.6.25-r4 (18 Aug 2008)
183    
184     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
185     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
186     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
187     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
188     2.6.25-r2: Removed.
189 tove 1.232
190     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
191     Remove phreak from metadata.xml (#96398)
192 solar 1.231
193     *hardened-sources-2.6.25-r3 (31 Jul 2008)
194    
195     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
196     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
197     +hardened-sources-2.6.25-r3.ebuild:
198     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
199     fixes, including security bug #231750.
200 nixnut 1.230
201     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
202     Stable on ppc
203 solar 1.229
204     *hardened-sources-2.6.25-r2 (05 Jul 2008)
205    
206     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
207     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
208     +hardened-sources-2.6.25-r2.ebuild:
209     2.6.23-r4: Stable x86/amd64
210     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
211     2.6.23-r{11,12}: Removed due to multiple vulns.
212     (gengor & kerframil)
213 nixnut 1.228
214     04 Jul 2008; nixnut <nixnut@gentoo.org>
215     hardened-sources-2.6.23-r13.ebuild:
216     Stable on ppc
217 solar 1.227
218     *hardened-sources-2.6.25-r1 (30 Jun 2008)
219    
220     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
221     +hardened-sources-2.6.25-r1.ebuild:
222     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
223     grsecurity release. 2.6.23-r13: x86/amd64 stable
224 solar 1.226
225     *hardened-sources-2.6.25 (17 Jun 2008)
226     *hardened-sources-2.6.24-r3 (17 Jun 2008)
227     *hardened-sources-2.6.23-r13 (17 Jun 2008)
228    
229     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
230     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
231     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
232     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
233     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
234     2.6.25: Initial 2.6.25 release.
235 solar 1.225
236     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
237     - fasttrack to stable x86/amd64
238 swegener 1.224
239     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
240     Fix broken digest for linux-2.6.24.tar.bz2.
241 solar 1.223
242     *hardened-sources-2.6.24-r2 (11 May 2008)
243     *hardened-sources-2.6.23-r12 (11 May 2008)
244    
245     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
246     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
247     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
248     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
249     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
250     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
251     security bugs 219901, 220691, 220975, 220979, 221123. New
252     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
253     should be removed as far as I'm concerned, everything else remove due to
254     vulnerable to numerous security bugs or brokeness.
255 nixnut 1.222
256     10 May 2008; nixnut <nixnut@gentoo.org>
257     hardened-sources-2.6.23-r11.ebuild:
258     Stable on ppc
259 solar 1.221
260     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
261     - -r11 stable on x86/amd64
262 solar 1.220
263     *hardened-sources-2.6.23-r11 (01 May 2008)
264    
265     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
266     - version bump to fix ulgy linux bugs
267 phreak 1.219
268     *hardened-sources-2.6.24-r1 (30 Apr 2008)
269    
270     30 Apr 2008; Christian Heim <phreak@gentoo.org>
271     +hardened-sources-2.6.24-r1.ebuild:
272     Revision bump (thanks to Kerin and Gordon, again), pulling
273     genpatches-2.6.24-7, solving #219089. Additionally contains further security
274     fixes plus some minor updates.
275 phreak 1.218
276     *hardened-sources-2.6.23-r10 (30 Apr 2008)
277    
278     30 Apr 2008; Christian Heim <phreak@gentoo.org>
279     +hardened-sources-2.6.23-r10.ebuild:
280     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
281     Additional contains "various other fixes".
282 phreak 1.217
283     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
284     Update the longdescription in metadata, thanks to Gordon Malm.
285 nixnut 1.216
286     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
287     Stable on ppc wrt bug #213255
288 solar 1.215
289     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
290     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
291     - stable on x86/amd64 per request. Removed obsolete ebuilds
292 phreak 1.214
293     *hardened-sources-2.6.24 (07 Apr 2008)
294    
295     07 Apr 2008; Christian Heim <phreak@gentoo.org>
296     +hardened-sources-2.6.24.ebuild:
297     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
298     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
299     for the many contributions and their continued effort in #216612) based on
300     2.6.24 and genpatches-2.6.24-5.
301    
302     The current ebuild/patchset contains these things:
303     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
304     * Introduces bespoke server and workstation oriented security levels
305     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
306 phreak 1.213
307     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
308     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
309     maintaining it).
310 phreak 1.212
311     24 Mar 2008; Christian Heim <phreak@gentoo.org>
312     hardened-sources-2.4.35-r2.ebuild:
313     Fixing SRC_URI for 2.4.35-r2.
314 phreak 1.211
315     *hardened-sources-2.6.23-r9 (22 Mar 2008)
316    
317     22 Mar 2008; Christian Heim <phreak@gentoo.org>
318     +hardened-sources-2.6.23-r9.ebuild:
319     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
320     * Change the default GIDs for some grsecurity options
321     * Revamp the Hardened [Gentoo] security level and make it the default level
322     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
323     * Fix a recursive lock -- call to capable() within ptrace_attach()
324     * Fix bug that allows audit and iscsi operations to be controlled via netlink
325 solar 1.210
326     *hardened-sources-2.6.23-r8 (27 Feb 2008)
327    
328     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
329     - version bump from Kerin Millar bug 210026
330 solar 1.209
331     17 Feb 2008; <solar@gentoo.org> metadata.xml,
332     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
333     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
334     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
335     - stable on x86 and remove old ebuilds
336 solar 1.207
337     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
338 solar 1.208 - stable on amd64 per request of amd64 lead
339 solar 1.206
340     *hardened-sources-2.6.23-r7 (11 Feb 2008)
341    
342     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
343     - version bump from kerin.millar
344     Changes:
345    
346     * Bump to genpatches-base-2.6.23-9
347     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
348     * Disables COMPAT_VDSO in x86/defconfig
349     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
350 phreak 1.205
351     25 Jan 2008; Christian Heim <phreak@gentoo.org>
352     -hardened-sources-2.6.22-r8.ebuild:
353     Cleaning up old versions.
354 phreak 1.204
355     *hardened-sources-2.6.23-r6 (25 Jan 2008)
356    
357     25 Jan 2008; Christian Heim <phreak@gentoo.org>
358     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
359     Revision bump, pulling in the latest genpatches.
360 phreak 1.203
361     *hardened-sources-2.6.23-r5 (24 Dec 2007)
362    
363     24 Dec 2007; Christian Heim <phreak@gentoo.org>
364     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
365     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
366     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
367     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
368 phreak 1.202
369     24 Dec 2007; Christian Heim <phreak@gentoo.org>
370     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
371     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
372     -hardened-sources-2.6.23-r3.ebuild:
373     Cleaning out some unused, old versions.
374 phreak 1.201
375     24 Dec 2007; Christian Heim <phreak@gentoo.org>
376     hardened-sources-2.6.23-r4.ebuild:
377     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
378     in the tree for long, but there isn't much of a difference between this and
379     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
380 phreak 1.200
381     *hardened-sources-2.6.23-r4 (23 Dec 2007)
382    
383     23 Dec 2007; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.23-r4.ebuild:
385     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
386 phreak 1.199
387     *hardened-sources-2.6.23-r3 (04 Dec 2007)
388    
389     04 Dec 2007; Christian Heim <phreak@gentoo.org>
390     +hardened-sources-2.6.23-r3.ebuild:
391     Revision bump, pulling in 2.6.23.9.
392 phreak 1.198
393     *hardened-sources-2.6.23-r2 (25 Nov 2007)
394    
395     25 Nov 2007; Christian Heim <phreak@gentoo.org>
396     +hardened-sources-2.6.23-r2.ebuild:
397     Updated patchset, thanks to solar.
398 phreak 1.197
399     *hardened-sources-2.6.23-r1 (31 Oct 2007)
400    
401     31 Oct 2007; Christian Heim <phreak@gentoo.org>
402     +hardened-sources-2.6.23-r1.ebuild:
403     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
404 solar 1.196
405     29 Oct 2007; <solar@gentoo.org> metadata.xml:
406     - update metadata.xml
407 phreak 1.195
408     25 Oct 2007; Christian Heim <phreak@gentoo.org>
409     hardened-sources-2.6.22-r8.ebuild:
410     Marking 2.6.22-r8 stable on amd64 and x86.
411 phreak 1.194
412     21 Oct 2007; Christian Heim <phreak@gentoo.org>
413     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
414     -hardened-sources-2.6.21-r4.ebuild:
415     Removing old ebuilds.
416 phreak 1.193
417     *hardened-sources-2.4.35-r2 (21 Oct 2007)
418    
419     21 Oct 2007; Christian Heim <phreak@gentoo.org>
420     +hardened-sources-2.4.35-r2.ebuild:
421     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
422     patches.
423 phreak 1.192
424     *hardened-sources-2.6.22-r8 (21 Oct 2007)
425    
426     21 Oct 2007; Christian Heim <phreak@gentoo.org>
427     +hardened-sources-2.6.22-r8.ebuild:
428     Yet another new patch, hopefully fixing the remaining issues we had w/
429     2.6.22. Candidate for stabling.
430 phreak 1.191
431     *hardened-sources-2.6.23 (13 Oct 2007)
432    
433     13 Oct 2007; Christian Heim <phreak@gentoo.org>
434     +hardened-sources-2.6.23.ebuild:
435     Initial hardened-sources-2.6.23. If people still have problems w/ bug
436     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
437 phreak 1.190
438     11 Oct 2007; Christian Heim <phreak@gentoo.org>
439     hardened-sources-2.6.20-r10.ebuild:
440     Pulling in yet another new genpatches version, fixing the PWC bug for real.
441 phreak 1.189
442     04 Oct 2007; Christian Heim <phreak@gentoo.org>
443     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
444     Removing old versions.
445 phreak 1.188
446     *hardened-sources-2.6.22-r7 (01 Oct 2007)
447    
448     01 Oct 2007; Christian Heim <phreak@gentoo.org>
449     +hardened-sources-2.6.22-r7.ebuild:
450     Revision bump, pulling in a newer patch. Should fix #194276.
451 phreak 1.187
452     30 Sep 2007; Christian Heim <phreak@gentoo.org>
453     hardened-sources-2.6.20-r10.ebuild:
454     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
455     Mike Doty).
456 phreak 1.186
457     *hardened-sources-2.6.22-r6 (26 Sep 2007)
458    
459     26 Sep 2007; Christian Heim <phreak@gentoo.org>
460     +hardened-sources-2.6.22-r6.ebuild:
461     Revision bump, grabbing up till Linux 2.6.22.9.
462 phreak 1.185
463     24 Sep 2007; Christian Heim <phreak@gentoo.org>
464     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
465     Cleaning up further.
466 phreak 1.184
467     *hardened-sources-2.6.20-r10 (24 Sep 2007)
468    
469     24 Sep 2007; Christian Heim <phreak@gentoo.org>
470     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
471     +hardened-sources-2.6.20-r10.ebuild:
472     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
473     revisions.
474 phreak 1.183
475     *hardened-sources-2.6.22-r5 (22 Sep 2007)
476    
477     22 Sep 2007; Christian Heim <phreak@gentoo.org>
478     +hardened-sources-2.6.22-r5.ebuild:
479     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
480 phreak 1.182
481     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
482     Removing johnm from metadata.xml (see #186467 for reference).
483 phreak 1.181
484     *hardened-sources-2.6.22-r4 (17 Sep 2007)
485    
486     17 Sep 2007; Christian Heim <phreak@gentoo.org>
487     +hardened-sources-2.6.22-r4.ebuild:
488     Revision bump, hopefully fixing all those weird PAX failures.
489 phreak 1.180
490     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
491     Updating the metadata.xml.
492 phreak 1.179
493     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
494     Removing tocharian from metadata due to his retirement (see #71718 for
495     reference).
496 phreak 1.178
497     *hardened-sources-2.6.20-r9 (30 Aug 2007)
498    
499     30 Aug 2007; Christian Heim <phreak@gentoo.org>
500     +hardened-sources-2.6.20-r9.ebuild:
501     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
502 phreak 1.177
503     29 Aug 2007; Christian Heim <phreak@gentoo.org>
504     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
505     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
506     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
507     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
508     -hardened-sources-2.6.22-r2.ebuild:
509     Removing some redundant versions.
510 phreak 1.176
511     *hardened-sources-2.4.35-r1 (29 Aug 2007)
512    
513     29 Aug 2007; Christian Heim <phreak@gentoo.org>
514     +hardened-sources-2.4.35-r1.ebuild:
515     Revision bump, new grsecurity patch.
516 phreak 1.175
517     *hardened-sources-2.6.20-r8 (26 Aug 2007)
518    
519     26 Aug 2007; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.20-r8.ebuild:
521     Revision bump for Linux 2.6.20.17.
522 phreak 1.174
523     *hardened-sources-2.6.22-r3 (22 Aug 2007)
524    
525     22 Aug 2007; Christian Heim <phreak@gentoo.org>
526     +hardened-sources-2.6.22-r3.ebuild:
527     Revision bump for Linux 2.6.22.4.
528 phreak 1.173
529     16 Aug 2007; Christian Heim <phreak@gentoo.org>
530     hardened-sources-2.6.22-r2.ebuild:
531     Updated patchset, to fix the alignment against 2.6.22.3.
532 phreak 1.172
533     *hardened-sources-2.6.22-r2 (16 Aug 2007)
534    
535     16 Aug 2007; Christian Heim <phreak@gentoo.org>
536     +hardened-sources-2.6.22-r2.ebuild:
537     Revision bump for Linux 2.6.22.3.
538 phreak 1.171
539     *hardened-sources-2.4.35 (16 Aug 2007)
540    
541     16 Aug 2007; Christian Heim <phreak@gentoo.org>
542     +hardened-sources-2.4.35.ebuild:
543     Version bump, initial version for Linux 2.4.35.
544 phreak 1.170
545     *hardened-sources-2.6.21-r4 (16 Aug 2007)
546    
547     16 Aug 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.21-r4.ebuild:
549     Revision bump for Linux 2.6.21.6.
550 phreak 1.169
551     *hardened-sources-2.6.20-r7 (16 Aug 2007)
552    
553     16 Aug 2007; Christian Heim <phreak@gentoo.org>
554     +hardened-sources-2.6.20-r7.ebuild:
555     Revision bump for Linux 2.6.20.16.
556 phreak 1.168
557     *hardened-sources-2.6.22-r1 (13 Aug 2007)
558    
559     13 Aug 2007; Christian Heim <phreak@gentoo.org>
560     +hardened-sources-2.6.22-r1.ebuild:
561     Yet another revision bump.
562 phreak 1.167
563     *hardened-sources-2.6.22 (10 Aug 2007)
564    
565     10 Aug 2007; Christian Heim <phreak@gentoo.org>
566     +hardened-sources-2.6.22.ebuild:
567     Initial release for 2.6.22. If you are using hardened-sources on a desktop
568     machine (P4 or newer), be aware you might need to disable
569     CONFIG_PAX_PAGEEXEC.
570 phreak 1.166
571     04 Aug 2007; Christian Heim <phreak@gentoo.org>
572     hardened-sources-2.6.20-r6.ebuild:
573     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
574     2.6.20.15.
575 phreak 1.165
576     10 Jul 2007; Christian Heim <phreak@gentoo.org>
577     hardened-sources-2.6.20-r5.ebuild:
578     Marking hardened-sources-2.6.20-r5 stable on ppc.
579 phreak 1.164
580     10 Jul 2007; Christian Heim <phreak@gentoo.org>
581     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
582     Cleanup.
583 phreak 1.163
584     *hardened-sources-2.6.20-r6 (08 Jul 2007)
585    
586     08 Jul 2007; Christian Heim <phreak@gentoo.org>
587     +hardened-sources-2.6.20-r6.ebuild:
588     Revision bump, grabbing yet another stable release.
589 phreak 1.162
590     17 Jun 2007; Christian Heim <phreak@gentoo.org>
591     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
592     -hardened-sources-2.6.21-r2.ebuild:
593     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
594     alpha stable KEYWORD by mistake.
595 phreak 1.161
596     17 Jun 2007; Christian Heim <phreak@gentoo.org>
597     hardened-sources-2.6.20-r5.ebuild:
598     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
599     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
600 phreak 1.160
601     *hardened-sources-2.6.21-r3 (12 Jun 2007)
602    
603     12 Jun 2007; Christian Heim <phreak@gentoo.org>
604     +hardened-sources-2.6.21-r3.ebuild:
605     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
606     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
607     love.
608 phreak 1.159
609     *hardened-sources-2.6.20-r5 (11 Jun 2007)
610    
611     11 Jun 2007; Christian Heim <phreak@gentoo.org>
612     +hardened-sources-2.6.20-r5.ebuild:
613     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
614     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
615     love.
616 pappy 1.158
617     *hardened-sources-2.4.34.5 (11 Jun 2007)
618    
619     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
620     +hardened-sources-2.4.34.5.ebuild:
621     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
622 phreak 1.157
623     30 May 2007; Christian Heim <phreak@gentoo.org>
624     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
625     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
626     stale ebuild(s).
627 phreak 1.156
628     30 May 2007; Christian Heim <phreak@gentoo.org>
629     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
630     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
631     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
632     Doing some cleanups, remove stale ebuilds.
633 phreak 1.155
634     26 May 2007; Christian Heim <phreak@gentoo.org>
635     hardened-sources-2.6.21-r2.ebuild:
636     Fixing the grsecurity patch, had one '};' too much.
637 phreak 1.154
638     *hardened-sources-2.6.21-r2 (26 May 2007)
639    
640     26 May 2007; Christian Heim <phreak@gentoo.org>
641     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
642     +hardened-sources-2.6.21-r2.ebuild:
643     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
644     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
645 phreak 1.153
646     *hardened-sources-2.6.20-r4 (26 May 2007)
647    
648     26 May 2007; Christian Heim <phreak@gentoo.org>
649     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
650     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
651 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
652 phreak 1.152
653     15 May 2007; Christian Heim <phreak@gentoo.org>
654     hardened-sources-2.6.20-r3.ebuild:
655     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
656     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
657     grsecurity patch fail in that exact same hunk.
658 phreak 1.151
659     *hardened-sources-2.6.20-r3 (15 May 2007)
660    
661     15 May 2007; Christian Heim <phreak@gentoo.org>
662     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
663     Revision bump, incorporating Linux 2.6.20.11.
664    
665     *hardened-sources-2.6.21-r1 (11 May 2007)
666    
667     11 May 2007; Christian Heim <phreak@gentoo.org>
668     +hardened-sources-2.6.21-r1.ebuild:
669     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
670     mentioned in #177234.
671 kevquinn 1.150
672     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
673     files/digest-hardened-sources-2.6.21, Manifest:
674     Fix Manifest/digest for linux-2.6.21.tar.bz2
675 phreak 1.149
676     06 May 2007; Christian Heim <phreak@gentoo.org>
677     hardened-sources-2.6.21.ebuild:
678     Bumping the hardened-patches version, needed for the fix for #177234.
679 phreak 1.148
680     *hardened-sources-2.6.21 (02 May 2007)
681    
682     02 May 2007; Christian Heim <phreak@gentoo.org>
683     +hardened-sources-2.6.21.ebuild:
684     Version bump, Linux 2.6.21-hardened.
685 phreak 1.147
686     29 Apr 2007; Christian Heim <phreak@gentoo.org>
687     hardened-sources-2.6.20-r2.ebuild:
688     Adding ~ia64 on Ned's request.
689 phreak 1.146
690     29 Apr 2007; Christian Heim <phreak@gentoo.org>
691     hardened-sources-2.6.20-r2.ebuild:
692     Fixing the included grsecurity patch, wasn't alligning due to the Index:
693     header line(s).
694 phreak 1.145
695     29 Apr 2007; Christian Heim <phreak@gentoo.org>
696     hardened-sources-2.6.20-r2.ebuild:
697     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
698 armin76 1.144
699     *hardened-sources-2.6.20-r2 (10 Apr 2007)
700    
701     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
702     +hardened-sources-2.6.20-r2.ebuild:
703     Version bump, on behalf of phreak
704 phreak 1.143
705     *hardened-sources-2.6.20-r1 (04 Apr 2007)
706    
707     04 Apr 2007; Christian Heim <phreak@gentoo.org>
708     +hardened-sources-2.6.20-r1.ebuild:
709     Revision bump, grabbing a newer grsecurity snapshot.
710 phreak 1.142
711     *hardened-sources-2.6.20 (25 Mar 2007)
712    
713     25 Mar 2007; Christian Heim <phreak@gentoo.org>
714     +hardened-sources-2.6.20.ebuild:
715     Finally a hardened-sources version for 2.6.20; many people have been waiting
716     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
717     testbox.
718 chainsaw 1.141
719     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
720     hardened-sources-2.6.18-r6.ebuild:
721     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
722 phreak 1.140
723     *hardened-sources-2.6.18-r6 (16 Mar 2007)
724    
725     16 Mar 2007; Christian Heim <phreak@gentoo.org>
726     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
727     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
728     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
729     supposed to be.
730 phreak 1.139
731     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
732     Fixing the Manifest, the previous one was broken (as in still had the
733     deleted ebuild in it).
734 phreak 1.138
735     06 Mar 2007; Christian Heim <phreak@gentoo.org>
736     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
737     +hardened-sources-2.6.18-r5.ebuild:
738     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
739     Linux 2.6.18.8. Also cleaning up the older version.
740    
741     *hardened-sources-2.6.18-r5 (06 Mar 2007)
742    
743     06 Mar 2007; Christian Heim <phreak@gentoo.org>
744     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
745     +hardened-sources-2.6.18-r5.ebuild:
746     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
747     Linux 2.6.18.8. Also cleaning up the older version.
748 phreak 1.137
749     24 Feb 2007; Christian Heim <phreak@gentoo.org>
750     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
751     -hardened-sources-2.6.19-r5.ebuild:
752     Removing some of the old version, that didn't work.
753 phreak 1.136
754     *hardened-sources-2.6.19-r6 (12 Feb 2007)
755    
756     12 Feb 2007; Christian Heim <phreak@gentoo.org>
757     +hardened-sources-2.6.19-r6.ebuild:
758     Revision bump, including a new grsec version fixing #166235.
759 pappy 1.134
760     *hardened-sources-2.4.34 (24 Jan 2007)
761    
762     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
763 pappy 1.135 Manifest:
764     updating Manifest with checksums of new tarball and ebuild
765    
766     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
767 pappy 1.134 +hardened-sources-2.4.34.ebuild:
768     I added new hardened sources 2.4 update, this is a critical path
769     security bugfix - all users of h-s are strongly advised
770     to update their existing hardened sources to this version.
771     It contains a fix for a kernel vulnerability that is pertaining
772     to the PaX changes to virtual memory management, possibly leading
773     to a local kernel exploit ... see grsecurity.net forums and homepage
774 phreak 1.133
775     23 Jan 2007; Christian Heim <phreak@gentoo.org>
776     files/digest-hardened-sources-2.6.19-r5, Manifest:
777     Fixing the patch-tarball digest.
778 phreak 1.132
779     *hardened-sources-2.6.19-r5 (23 Jan 2007)
780    
781     23 Jan 2007; Christian Heim <phreak@gentoo.org>
782     +hardened-sources-2.6.19-r5.ebuild:
783     Revision bump, closing the recently discovered PaX expand_stack()
784     vulnerability.
785 phreak 1.131
786     *hardened-sources-2.6.19-r4 (14 Jan 2007)
787    
788     14 Jan 2007; Christian Heim <phreak@gentoo.org>
789     +hardened-sources-2.6.19-r4.ebuild:
790     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
791     dropping the randomized PID feature.
792 opfer 1.130
793     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
794     hardened-sources-2.4.33.4.ebuild:
795     stable x86, bug #161171
796 phreak 1.129
797     *hardened-sources-2.6.19-r3 (27 Dec 2006)
798    
799     27 Dec 2006; Christian Heim <phreak@gentoo.org>
800     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
801     Revision bump for bug #157186 and #158786.
802 phreak 1.128
803     *hardened-sources-2.6.18-r4 (27 Dec 2006)
804    
805     27 Dec 2006; Christian Heim <phreak@gentoo.org>
806     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
807     Revision bump for bug #157186.
808 phreak 1.127
809     *hardened-sources-2.6.19-r2 (23 Dec 2006)
810    
811     23 Dec 2006; Christian Heim <phreak@gentoo.org>
812     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
813     Revision bump to pull in genpatches-2.6.19-3 for #157186.
814 phreak 1.126
815     17 Dec 2006; Christian Heim <phreak@gentoo.org>
816     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
817     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
818     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
819     hardened-sources-2.6.19-r1.ebuild:
820     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
821     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
822 pappy 1.125
823     *hardened-sources-2.4.33.4 (17 Dec 2006)
824    
825     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
826     +hardened-sources-2.4.33.4.ebuild:
827     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
828     and quilting
829 phreak 1.124
830     *hardened-sources-2.6.19-r1 (14 Dec 2006)
831    
832     14 Dec 2006; Christian Heim <phreak@gentoo.org>
833     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
834     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
835     for reporting).
836 phreak 1.123
837     *hardened-sources-2.6.19 (13 Dec 2006)
838    
839     13 Dec 2006; Christian Heim <phreak@gentoo.org>
840     +hardened-sources-2.6.19.ebuild:
841     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
842     Brad for providing that prompt update.
843 phreak 1.122
844     *hardened-sources-2.6.18-r3 (13 Dec 2006)
845    
846     13 Dec 2006; Christian Heim <phreak@gentoo.org>
847     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
848     +hardened-sources-2.6.18-r3.ebuild:
849     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
850     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
851 phreak 1.121
852     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
853     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
854 nixnut 1.120
855     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
856     Stable on ppc wrt bug 157356
857 opfer 1.119
858     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
859     hardened-sources-2.6.18.ebuild:
860     stable x86, bug #157356
861 phreak 1.118
862     *hardened-sources-2.6.18-r2 (06 Dec 2006)
863    
864     06 Dec 2006; Christian Heim <phreak@gentoo.org>
865     +hardened-sources-2.6.18-r2.ebuild:
866     Revision bump, including 2.6.18.5 (via genpatches) and
867     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
868     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
869     redesign.
870 phreak 1.117
871     06 Dec 2006; Christian Heim <phreak@gentoo.org>
872     hardened-sources-2.6.18.ebuild:
873     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
874     of Mike Doty).
875 phreak 1.116
876     *hardened-sources-2.6.18-r1 (23 Nov 2006)
877    
878     23 Nov 2006; Christian Heim <phreak@gentoo.org>
879     +hardened-sources-2.6.18-r1.ebuild:
880     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
881 phreak 1.115
882     *hardened-sources-2.6.18 (11 Nov 2006)
883    
884     11 Nov 2006; Christian Heim <phreak@gentoo.org>
885     +hardened-sources-2.6.18.ebuild:
886     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
887 solar 1.114
888     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
889     - mark amd64 stable also. bug #151877
890 solar 1.113
891     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
892     - mark 2.6.17-r1 stable
893 phreak 1.112
894     27 Aug 2006; Christian Heim <phreak@gentoo.org>
895     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
896     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
897 phreak 1.111
898     *hardened-sources-2.6.17-r1 (26 Aug 2006)
899    
900     26 Aug 2006; Christian Heim <phreak@gentoo.org>
901     +hardened-sources-2.6.17-r1.ebuild:
902     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
903     grsecurity patch.
904 phreak 1.110
905     *hardened-sources-2.6.17 (17 Aug 2006)
906    
907     17 Aug 2006; Christian Heim <phreak@gentoo.org>
908     +hardened-sources-2.6.17.ebuild:
909     Bumping the hardened-sources-2.6 series to 2.6.17, using
910     genpatches-2.6.17-6.base.
911 solar 1.109
912     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
913     - stable on x86 and amd64
914 solar 1.108
915     *hardened-sources-2.6.16-r11 (15 Jul 2006)
916    
917     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
918     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
919     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
920     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
921     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
922     crusty ebuilds
923 johnm 1.107
924     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
925     hardened-sources-2.6.16-r10.ebuild:
926     marking stable on x86 and amd64
927 solar 1.106
928     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
929     - 2.4.32-r6 stable on x86. RSBAC state unknown
930 kang 1.105
931     *hardened-sources-2.4.32-r7 (10 Jul 2006)
932    
933     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
934     +hardened-sources-2.4.32-r7.ebuild:
935     Bump PaX for RSBAC to test-17
936 johnm 1.104
937     *hardened-sources-2.6.16-r9 (03 Jul 2006)
938    
939     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
940     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
941     hardened-sources-2.6.16 bump to latest -base.
942 solar 1.103
943     *hardened-sources-2.4.32-r6 (30 Jun 2006)
944    
945     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
946     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
947     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
948     sysctl controlable resource logging
949 johnm 1.102
950     *hardened-sources-2.6.16-r7 (05 Jun 2006)
951    
952     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
953     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
954     push new 2.6.16 release in preparation for stable
955 solar 1.101
956     22 May 2006; <solar@gentoo.org> :
957     - redigest bug 134002
958 kang 1.100
959     *hardened-sources-2.4.32-r5 (16 May 2006)
960    
961     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
962     +hardened-sources-2.4.32-r5.ebuild:
963     Fixes rsbac common patching (new patch in new -r5 patchset)
964 solar 1.99
965     *hardened-sources-2.4.32-r4 (13 May 2006)
966    
967     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
968     +hardened-sources-2.4.32-r4.ebuild:
969     - security bumps
970 johnm 1.98
971     *hardened-sources-2.6.16-r6 (03 May 2006)
972    
973     03 May 2006; John Mylchreest <johnm@gentoo.org>
974     +hardened-sources-2.6.16-r6.ebuild:
975     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
976 johnm 1.97
977     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
978     hardened-sources-2.6.14-r8.ebuild:
979     fix x86_64 build problem, this will delay the digest issue again for a short
980     while but it will sort itself out
981 johnm 1.96
982     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
983     hardened-sources-2.6.14-r8.ebuild:
984     bump hardened patchset
985 antarus 1.94
986     27 Apr 2006; Alec Warner <antarus@gentoo.org>
987     files/digest-hardened-sources-2.4.32-r2,
988     files/digest-hardened-sources-2.4.32-r3,
989     files/digest-hardened-sources-2.6.14-r8, Manifest:
990     Fixing duff SHA256 digests: Bug # 131293
991 johnm 1.93
992 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
993    
994     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
995     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
996     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
997     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
998     cleanup of old uneccessary sources
999    
1000 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1001     fix digest
1002 johnm 1.92
1003     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1004    
1005     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1006     +hardened-sources-2.6.14-r8.ebuild:
1007     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1008 johnm 1.91
1009     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1010     Turning on gpg-signing again, and recomitting
1011 johnm 1.90
1012     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1013    
1014     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1015     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1016     +hardened-sources-2.6.16-r4.ebuild:
1017     Fix numerous security vulns
1018 solar 1.89
1019     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1020    
1021     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1022     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1023     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1024     - security bump for bug #112791. Removed old ebuilds
1025 johnm 1.88
1026     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1027    
1028     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1029     +hardened-sources-2.6.16-r3.ebuild:
1030     Removing silly localversion which I missed
1031 johnm 1.87
1032     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1033    
1034     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1035     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1036     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1037 johnm 1.86
1038     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1039    
1040     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1041     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1042     +hardened-sources-2.6.16-r2.ebuild:
1043     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1044     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1045 johnm 1.85
1046     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1047    
1048     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1049     +hardened-sources-2.6.16-r1.ebuild:
1050     Bumping to include ppc build fix and 2.6.16.3
1051 tsunam 1.84
1052     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1053     hardened-sources-2.6.14-r6.ebuild:
1054     Stable on x86; bug #127718
1055 johnm 1.83
1056     *hardened-sources-2.6.16 (31 Mar 2006)
1057    
1058     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1059     +hardened-sources-2.6.16.ebuild:
1060     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1061     2.6.16.1
1062 cryos 1.82
1063     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1064     hardened-sources-2.6.14-r6.ebuild:
1065     Stable on amd64, bug 127718.
1066 nixnut 1.81
1067     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1068     Stable on ppc. Bug #127718
1069 johnm 1.80
1070     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1071     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1072     -hardened-sources-2.6.14-r4.ebuild:
1073     Cleanup.
1074 johnm 1.79
1075     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1076    
1077     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1078     +hardened-sources-2.6.14-r6.ebuild:
1079     Fixes grsec policy recreation bug and adds a
1080     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1081 solar 1.78
1082     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1083     - stable on x86
1084 hansmi 1.77
1085     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1086     hardened-sources-2.6.14-r5.ebuild:
1087     Stable on ppc.
1088 johnm 1.76
1089     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1090    
1091     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1092     +hardened-sources-2.6.14-r5.ebuild:
1093     fixing every known exploit
1094 solar 1.75
1095     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1096    
1097     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1098     +hardened-sources-2.4.32-r2.ebuild:
1099     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1100 solar 1.74
1101     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1102    
1103     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1104     - version bump for new genpatches which fix up a few sec holes
1105 solar 1.73
1106     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1107    
1108     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1109     - revision bump to add misc vital linux kernel security patches.
1110 johnm 1.72
1111     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1112    
1113     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1114     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1115     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1116 johnm 1.71
1117     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1118     hardened-sources-2.6.14-r2.ebuild:
1119     making x86 & amd64 stable following testing.
1120 johnm 1.70
1121     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1122    
1123     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1124     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1125     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1126     network hooks.
1127 johnm 1.69
1128     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1129     hardened-sources-2.6.14-r1.ebuild:
1130     bumping to stable early for sec fix on x86 & amd64
1131 johnm 1.68
1132     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1133    
1134     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1135     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1136     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1137 solar 1.67
1138     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1139     - stable on x86 security bug #114227 CAN-2005-3257
1140 kang 1.66
1141     *hardened-sources-2.4.32 (19 Nov 2005)
1142    
1143     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1144     +hardened-sources-2.4.32.ebuild:
1145     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1146     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1147     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1148     rsbac >> /etc/portage/package.use)
1149 johnm 1.65
1150     *hardened-sources-2.6.14 (14 Nov 2005)
1151    
1152     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1153     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1154     Bumping 2.6 series to 2.6.14.2
1155 johnm 1.64
1156     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1157    
1158     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1159     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1160     +hardened-sources-2.6.13-r2.ebuild:
1161     Fixes minor build error in ppc.
1162 johnm 1.63
1163     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1164    
1165     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1166     +hardened-sources-2.6.13-r1.ebuild:
1167     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1168     2.6.13.4, fixes some major amd64 stability problems.
1169 johnm 1.62
1170     *hardened-sources-2.6.13 (16 Sep 2005)
1171    
1172     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1173     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1174     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1175     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1176     users should test this thoroughly.
1177 solar 1.61
1178     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1179     - stable on x86
1180 johnm 1.60
1181     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1182    
1183     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1184     +hardened-sources-2.6.11-r15.ebuild:
1185     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1186     grsec redefining curr_ip struct.
1187 solar 1.59
1188     *hardened-sources-2.4.31 (20 Jun 2005)
1189    
1190     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1191     initial import of 2.4.31 tree
1192 johnm 1.58
1193     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1194    
1195     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1196     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1197     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1198     naming scheme to abide by genpatches
1199 johnm 1.57
1200     *hardened-sources-2.6.11-r13 (18 May 2005)
1201    
1202     18 May 2005; John Mylchreest <johnm@gentoo.org>
1203     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1204     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1205     target. sorry about that. Fixes bug #93022
1206 johnm 1.56
1207     *hardened-sources-2.6.11-r12 (17 May 2005)
1208    
1209     17 May 2005; John Mylchreest <johnm@gentoo.org>
1210     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1211     +hardened-sources-2.6.11-r12.ebuild:
1212     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1213     merges in genpatches-base
1214 johnm 1.55
1215     *hardened-sources-2.6.11-r12 (17 May 2005)
1216    
1217     17 May 2005; John Mylchreest <johnm@gentoo.org>
1218     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1219     +hardened-sources-2.6.11-r12.ebuild:
1220     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1221     merges in genpatches-base
1222 solar 1.54
1223     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1224     -files/2.4.27-cmdline-race.patch,
1225     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1226     -files/2.4.28-grsec-binfmt_a.out.patch,
1227     -files/2.4.28-grsec-cmdline-race.patch,
1228     -files/2.4.28-selinux-binfmt_a.out.patch,
1229     -files/2.4.28-selinux-cmdline-race.patch,
1230     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1231     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1232     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1233     cleanup..
1234 solar 1.53
1235     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1236    
1237     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1238     - disable aout by default
1239 solar 1.52
1240     *hardened-sources-2.4.30 (18 Apr 2005)
1241    
1242     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1243     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1244     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1245     use
1246 tocharian 1.50
1247 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1248    
1249     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1250     +hardened-sources-2.4.29.ebuild:
1251     New hardened-patches-2.4-29.0 patchball.
1252     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1253    
1254     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1255    
1256     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1257     +hardened-sources-2.4.28-r5.ebuild:
1258     Added a fix for a PaX vulnerability.
1259    
1260     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1261 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1262     Stable on x86
1263 solar 1.49
1264     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1265     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1266     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1267     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1268     - fixed/added RDEPEND= in all kernel-2 ebuilds
1269 tocharian 1.48
1270     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1271    
1272     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1273     +hardened-sources-2.4.28-r4.ebuild:
1274     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1275     backport of neighbour hash updates.
1276 tocharian 1.47
1277     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1278     hardened-sources-2.4.28-r3.ebuild:
1279     Stable on x86
1280 tseng 1.46
1281     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1282    
1283     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1284     +hardened-sources-2.6.10-r3.ebuild:
1285     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1286     in 2005.0
1287 tocharian 1.45
1288     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1289     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1290     hardened-sources-2.4.28-r2.ebuild:
1291     Mark stable on x86
1292 tocharian 1.44
1293     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1294    
1295     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1296     +hardened-sources-2.4.28-r3.ebuild:
1297     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1298 tocharian 1.43
1299     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1300     hardened-sources-2.4.28.ebuild:
1301     Mark stable on x86.
1302 tocharian 1.42
1303     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1304    
1305     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1306     +hardened-sources-2.4.28-r2.ebuild:
1307     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1308     Mazinger for grsecurity patches as well.
1309 plasmaroo 1.41
1310     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1311    
1312     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1313     Security bump. Thank tocharian for rolling a new patchset...
1314 solar 1.40
1315     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1316     +files/2.4.28-grsec-cmdline-race.patch,
1317     +files/2.4.28-selinux-binfmt_a.out.patch,
1318     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1319     - Round up remaining security patches that appear to be missing in 2.4.28. -
1320     PaX standalone updated to current. hgpv=28.1
1321 solar 1.39
1322     *hardened-sources-2.4.28 (28 Nov 2004)
1323    
1324     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1325     security bump. Thank tocharian for rolling a new patchset
1326 scox 1.31
1327 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1328    
1329     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1330     +hardened-sources-2.4.27-r3.ebuild:
1331     Applies the new 2.4-27.2 patchball which updates
1332     GRSecurity to the 2.0.1 version.
1333    
1334 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1335    
1336     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1337     +hardened-sources-2.4.27-r2.ebuild:
1338     Version bump.
1339     This version uses the new 2.4-27.1 patchball which updates
1340     both the SELinux PaX hooks patch and the SELinux headers.
1341    
1342 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1343    
1344     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1345     +hardened-sources-2.4.27-r1.ebuild,
1346     -hardened-sources-2.4.27.ebuild,
1347     +files/2.4.27-cmdline-race.patch:
1348     Version bump, fix for cmdline race. See bug #59905.
1349    
1350     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1351    
1352     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1353     +hardened-sources-2.4.26-r6.ebuild,
1354     -hardened-sources-2.4.26-r5.ebuild,
1355     -hardened-sources-2.4.26-r4.ebuild,
1356     +files/2.4.26-cmdline-race.patch:
1357     Version bump, fix for cmdline race. See bug #59905.
1358    
1359 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1360    
1361     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1362     +hardened-sources-2.4.27.ebuild,
1363     +files/2.4.27-CAN-2004-0394.patch:
1364     Ported the patchball to the 2.4.27 kernel version.
1365    
1366 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1367    
1368     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1369     +hardened-sources-2.4.26-r5.ebuild:
1370 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1371 scox 1.34 It adds the following features:
1372     - Squashfs
1373     - Ebtables
1374     - Netdev random (core+drivers)
1375     - Watchdog Timer (WDT) fix.
1376    
1377 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1378    
1379     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1380     +hardened-sources-2.4.26-r4.ebuild,
1381     +files/2.4.26-CAN-2004-0415.patch,
1382     -hardened-sources-2.4.26-3:
1383     Version bump, fix for CAN 0415, see bug #59378.
1384    
1385 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1386    
1387     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1388     +hardened-sources-2.4.26-r3.ebuild,
1389     +files/2.4.26-CAN-2004-0497.patch,
1390     -hardened-sources-2.4.26-r2.ebuild:
1391     Version bump, fixed CAN 0497, see bug #56171.
1392    
1393 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1394    
1395     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1396 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1397 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1398     +files/2.4.26-CAN-2004-0535.patch,
1399     -hardened-sources-2.4.26-r1.ebuild:
1400     Fixes for both CAN 0495 and 0535, see bug #54976
1401 pvdabeel 1.27
1402 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1403     hardened-sources-2.4.26-r1.ebuild:
1404     QA - fix use invocation
1405 scox 1.28
1406     *hardened-sources-2.4.26-r1 (22 June 2004)
1407    
1408     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1409     +hardened-sources-2.4.26-r1.ebuild,
1410     +files/2.4.26-CAN-2004-0394.patch,
1411     +files/2.4.26-signal-race.patch,
1412     -hardened-sources-2.4.26.ebuild,
1413     -hardened-sources-2.4.24-r3.ebuild:
1414     Version bump for the CAN-2004-0394 issue and bug #53804
1415     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1416    
1417    
1418 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1419     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1420     Masked hardened-sources-2.4.26.ebuild broken for ppc
1421    
1422     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1423     hardened-sources-2.4.24-r3.ebuild:
1424     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1425 plasmaroo 1.25
1426 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1427    
1428     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1429     +hardened-sources-2.4.26.ebuild:
1430     Updated hardened-sources for the 2.4.26 kernel
1431     Removed broken components, updated almost everything.
1432    
1433 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1434    
1435     17 Apr 2004; <plasmaroo@gentoo.org>
1436     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1437     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1438     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1439     +hardened-sources-2.4.24-r3.ebuild:
1440     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1441     vulnerabilities. Old revisions removed.
1442 plasmaroo 1.24
1443     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1444    
1445     15 Apr 2004; <plasmaroo@gentoo.org>
1446     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1447     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1448     Version bump for the CAN-2004-0109 issue; bug #47881.
1449 aliz 1.23
1450     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1451     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1452     Add eutils to inherit.
1453 plasmaroo 1.22
1454     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1455    
1456     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1457     files/hardened-sources-2.4.24.munmap.patch:
1458     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1459 scox 1.19
1460 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1461 scox 1.26
1462 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1463     hardened-sources-2.4.24.ebuild:
1464     Version bump, updated most of the components.
1465     This release includes the following:
1466    
1467     - Hardened security
1468     - Netfilter patch-o-matic 20031219
1469     - FreeSWAN 2.04 & x509 1.4.8
1470     - EVMS 2.2.2
1471     - XFS 1.3.1
1472     - cryptoloop jari
1473     - grsecurity 2.0-rc4
1474     - SELinux
1475     - PaX 200402060000
1476     - PaX Obscurity 200308302223
1477     - Others...
1478    
1479     Neither -ck nor systrace are included anymore.
1480    
1481 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1482    
1483     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1484     hardened-sources-2.4.22-r2.ebuild:
1485 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1486 scox 1.19
1487     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1488 iggy 1.17
1489     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1490 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1491 iggy 1.16
1492     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1493 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1494     Version bump for the 'do_brk' vulnerability.
1495 iggy 1.15
1496     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1497     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1498     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1499     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1500 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1501 frogger 1.14
1502     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1503     hardened-sources-2.4.22.ebuild:
1504 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1505     components. These are no longer handled in the kernel
1506     so this code was not necessary.
1507 frogger 1.13
1508     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1509     New 2.4.22 based hardened-sources thanks to
1510     Phil West <p.west@computer.org>.
1511    
1512     These sources include:
1513 plasmaroo 1.18 - New SELinux API
1514     - Updated CK-base
1515     - Updated GRSec
1516     - Systrace
1517     - SuperFreeS/WAN 1.99.8
1518     - Propolice kernel build support
1519     - EVMS
1520     - Other various security related patches
1521 frogger 1.11
1522 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1523    
1524     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1525     Updated hardened-sources based on the 2.4.21 Linux kernel.
1526     This includes updates to most major components such as:
1527 plasmaroo 1.18 - ck-base-0306300059
1528     - selinux-2.4-2003071106
1529     - grsecurity-2.0-rc1
1530     - Updated IPTables patch-o-matic
1531     - Updated SuperFreeS/WAN
1532    
1533 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1534     updated patch set ready for the 2.4.21 based kernel.
1535    
1536 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1537     Initial import of hardened-sources-2.4.20-r4. This revision
1538     includes only a few changes, but one of these is an important
1539     security fix. It is recommended all users of hardened-sources
1540     upgrade to this release.
1541 plasmaroo 1.18
1542 frogger 1.11 - ioperm bug fix
1543     - fixed compilation failure when building without GRSec
1544 plasmaroo 1.18
1545 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1546     due to time constraints, but is planned for inclusion in the near
1547     future.
1548 msterret 1.10
1549     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1550    
1551     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1552     hardened-sources-2.4.20-r3.ebuild:
1553 plasmaroo 1.18 Add Header...
1554 frogger 1.9
1555     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1556     hardened-sources-2.4.20-r3.ebuild:
1557     Removed warnings from ebuild. This kernel should be safe to
1558     use at this point.
1559 frogger 1.8
1560     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1561    
1562     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1563     hardened-sources-2.4.20-r3.ebuild:
1564     New revision. Includes the following changes over -r2:
1565 plasmaroo 1.18
1566 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1567     - Super FreeS/WAN 1.99.7rc2
1568     - PaX for the LSM/SELinux branch
1569     - GRSecurity 2.0-pre4 (role based access control)
1570     - Systrace 1.3
1571     - EXT3 fixes
1572     - EVMS 2.0.1
1573     - GCC 3.1+ compile optimizations
1574     - ProPolice kernel build support
1575     - Hashing table security fixes
1576 frogger 1.3
1577     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1578 frogger 1.7
1579     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1580     Initial import of hardened-sources-r2. This new
1581     ebuild includes many new performance and security
1582     related patches. As in -r1, it will patch in
1583     LSM/SELinux if "selinux" is in USE, otherwise it
1584     will patch in GRSecurity. The following patches
1585     are included in this revision:
1586 plasmaroo 1.18
1587 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1588     (pulled from the base CK patch)
1589     - ptrace exploit patch for the LSM kernel
1590     (the GRSec patch already fixes this)
1591     - LSM 2.4-2003040709
1592     - SELinux 2.4-2003040709
1593     - Systrace v1.2
1594     - IPTables patch-o-matic base patches - 20030107
1595     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1596     - Super FreeS/WAN 1.99.6.1
1597     - GRSecurity 1.9.9g
1598     - MPPE
1599     - EXT3 data journal fix
1600     - CIPE 1.5.4
1601 frogger 1.6
1602     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1603     hardened-sources-2.4.20-r1.ebuild, manifest:
1604 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1605 frogger 1.5
1606     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1607     hardened-sources-2.4.20-r1.ebuild:
1608     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1609     is patched in instead. Ptrace patches for selinux have also been added. In
1610     either case, systrace support will be patched in as well.
1611 frogger 1.3
1612     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1613     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1614 plasmaroo 1.18 Revision bump for new sources.
1615 frogger 1.4
1616 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1617 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1618 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1619 method 1.1
1620 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1621    
1622 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1623     hardened-sources-2.4.20.ebuild:
1624 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20