/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.267 - (hide annotations) (download)
Mon Dec 15 16:29:00 2008 UTC (5 years, 10 months ago) by nixnut
Branch: MAIN
Changes since 1.266: +5 -1 lines
Stable on ppc
(Portage version: 2.1.6.1/cvs/Linux 2.6.25-hardened-r11 ppc)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.267 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.266 2008/12/09 01:14:36 gengor Exp $
4    
5     15 Dec 2008; nixnut <nixnut@gentoo.org>
6     hardened-sources-2.6.25-r11.ebuild:
7     Stable on ppc
8 gengor 1.266
9     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
10     hardened-sources-2.6.25-r11.ebuild:
11     Stable amd64/x86.
12 gengor 1.265
13     *hardened-sources-2.6.27-r3 (07 Dec 2008)
14    
15     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
16     +hardened-sources-2.6.27-r3.ebuild:
17     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
18     Fixes bug #248754, #249729 and #246607.
19 gengor 1.264
20     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
21     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
22     Remove old versions.
23 gengor 1.262
24     *hardened-sources-2.6.26-r7 (03 Dec 2008)
25     *hardened-sources-2.6.25-r11 (03 Dec 2008)
26    
27 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
28     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
29 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
30     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
31     Both include many backports from 2.6.27.{6,7} -stable releases.
32 gengor 1.261
33     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
34     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
35     Remove versions broken on ARCHes != x86/amd64.
36 gengor 1.260
37     *hardened-sources-2.6.27-r2 (24 Nov 2008)
38    
39     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
40     +hardened-sources-2.6.27-r2.ebuild:
41     Bump to Linux 2.6.27.7 and latest grsecurity patch.
42 gengor 1.259
43     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
44     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
45     Remove old versions.
46 gengor 1.258
47     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
48     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
49     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
50 nixnut 1.257
51     16 Nov 2008; nixnut <nixnut@gentoo.org>
52     hardened-sources-2.6.25-r10.ebuild:
53     Stable on ppc
54 gengor 1.256
55     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
56     hardened-sources-2.6.25-r10.ebuild:
57     Stable amd64/x86.
58 gengor 1.255
59     *hardened-sources-2.6.26-r6 (12 Nov 2008)
60    
61     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
62     +hardened-sources-2.6.26-r6.ebuild:
63     Bump to Linux 2.6.26.8 and fix security bug #245650.
64 gengor 1.254
65     *hardened-sources-2.6.25-r10 (12 Nov 2008)
66    
67     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
68     +hardened-sources-2.6.25-r10.ebuild:
69     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
70 gengor 1.253
71     *hardened-sources-2.6.27-r1 (09 Nov 2008)
72    
73     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
74     +hardened-sources-2.6.27-r1.ebuild:
75     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
76 gengor 1.252
77     *hardened-sources-2.6.27 (04 Nov 2008)
78    
79     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
80     +hardened-sources-2.6.27.ebuild:
81     Initial 2.6.27 release.
82 gengor 1.251
83     *hardened-sources-2.6.26-r5 (03 Nov 2008)
84    
85     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
86     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
87     +hardened-sources-2.6.26-r5.ebuild:
88     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
89     Clean out some old versions.
90 nixnut 1.250
91     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
92     Stable on ppc
93 gengor 1.249
94     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
95     hardened-sources-2.6.25-r9.ebuild:
96     Stable on amd64/x86.
97 gengor 1.248
98     *hardened-sources-2.6.25-r9 (26 Oct 2008)
99    
100     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
101     +hardened-sources-2.6.25-r9.ebuild:
102     Update to Linux 2.6.25.19
103 nixnut 1.247
104     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
105     Stable on ppc
106 gengor 1.246
107     *hardened-sources-2.6.26-r4 (14 Oct 2008)
108    
109     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
110     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
111     Update to latest grsecurity patch, fixing building of non-modular kernels.
112 gengor 1.245
113     *hardened-sources-2.6.26-r3 (12 Oct 2008)
114    
115     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
116     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
117     +hardened-sources-2.6.26-r3.ebuild:
118     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
119     2.6.26-r1: Removed.
120     2.6.25-r8: Stable amd64/x86.
121 gengor 1.244
122     *hardened-sources-2.6.25-r8 (09 Oct 2008)
123    
124     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
125     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
126     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
127     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
128 nixnut 1.243
129     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
130     Stable on ppc
131 gengor 1.242
132     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
133     hardened-sources-2.6.25-r7.ebuild:
134     Stable amd64/x86.
135 gengor 1.241
136     *hardened-sources-2.6.26-r2 (13 Sep 2008)
137    
138     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
139     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
140     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
141     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
142 gengor 1.240
143     *hardened-sources-2.6.25-r7 (13 Sep 2008)
144    
145     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
146     +hardened-sources-2.6.25-r7.ebuild:
147     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
148 gengor 1.239
149     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
150     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
151     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
152     hardened-sources-2.6.26-r1.ebuild:
153     Update DESCRIPTION and HGPV_URI.
154 gengor 1.238
155     *hardened-sources-2.6.25-r6 (09 Sep 2008)
156    
157     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
158     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
159     2.6.25-r6: Update to Linux 2.6.25.17.
160     2.6.24-r3: Removed.
161 gengor 1.237
162     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
163     hardened-sources-2.6.25-r5.ebuild:
164     Stable on amd64/x86
165 gengor 1.236
166     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
167     Update my email address.
168 nixnut 1.235
169     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
170     stable on ppc
171 battousai 1.234
172     *hardened-sources-2.6.26-r1 (23 Aug 2008)
173     *hardened-sources-2.6.25-r5 (23 Aug 2008)
174    
175     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
176     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
177     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
178     +hardened-sources-2.6.26-r1.ebuild:
179     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
180     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
181     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
182     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
183     (gengor).
184 solar 1.233
185     *hardened-sources-2.6.26 (18 Aug 2008)
186     *hardened-sources-2.6.25-r4 (18 Aug 2008)
187    
188     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
189     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
190     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
191     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
192     2.6.25-r2: Removed.
193 tove 1.232
194     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
195     Remove phreak from metadata.xml (#96398)
196 solar 1.231
197     *hardened-sources-2.6.25-r3 (31 Jul 2008)
198    
199     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
200     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
201     +hardened-sources-2.6.25-r3.ebuild:
202     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
203     fixes, including security bug #231750.
204 nixnut 1.230
205     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
206     Stable on ppc
207 solar 1.229
208     *hardened-sources-2.6.25-r2 (05 Jul 2008)
209    
210     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
211     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
212     +hardened-sources-2.6.25-r2.ebuild:
213     2.6.23-r4: Stable x86/amd64
214     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
215     2.6.23-r{11,12}: Removed due to multiple vulns.
216     (gengor & kerframil)
217 nixnut 1.228
218     04 Jul 2008; nixnut <nixnut@gentoo.org>
219     hardened-sources-2.6.23-r13.ebuild:
220     Stable on ppc
221 solar 1.227
222     *hardened-sources-2.6.25-r1 (30 Jun 2008)
223    
224     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
225     +hardened-sources-2.6.25-r1.ebuild:
226     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
227     grsecurity release. 2.6.23-r13: x86/amd64 stable
228 solar 1.226
229     *hardened-sources-2.6.25 (17 Jun 2008)
230     *hardened-sources-2.6.24-r3 (17 Jun 2008)
231     *hardened-sources-2.6.23-r13 (17 Jun 2008)
232    
233     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
234     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
235     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
236     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
237     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
238     2.6.25: Initial 2.6.25 release.
239 solar 1.225
240     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
241     - fasttrack to stable x86/amd64
242 swegener 1.224
243     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
244     Fix broken digest for linux-2.6.24.tar.bz2.
245 solar 1.223
246     *hardened-sources-2.6.24-r2 (11 May 2008)
247     *hardened-sources-2.6.23-r12 (11 May 2008)
248    
249     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
250     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
251     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
252     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
253     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
254     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
255     security bugs 219901, 220691, 220975, 220979, 221123. New
256     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
257     should be removed as far as I'm concerned, everything else remove due to
258     vulnerable to numerous security bugs or brokeness.
259 nixnut 1.222
260     10 May 2008; nixnut <nixnut@gentoo.org>
261     hardened-sources-2.6.23-r11.ebuild:
262     Stable on ppc
263 solar 1.221
264     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
265     - -r11 stable on x86/amd64
266 solar 1.220
267     *hardened-sources-2.6.23-r11 (01 May 2008)
268    
269     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
270     - version bump to fix ulgy linux bugs
271 phreak 1.219
272     *hardened-sources-2.6.24-r1 (30 Apr 2008)
273    
274     30 Apr 2008; Christian Heim <phreak@gentoo.org>
275     +hardened-sources-2.6.24-r1.ebuild:
276     Revision bump (thanks to Kerin and Gordon, again), pulling
277     genpatches-2.6.24-7, solving #219089. Additionally contains further security
278     fixes plus some minor updates.
279 phreak 1.218
280     *hardened-sources-2.6.23-r10 (30 Apr 2008)
281    
282     30 Apr 2008; Christian Heim <phreak@gentoo.org>
283     +hardened-sources-2.6.23-r10.ebuild:
284     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
285     Additional contains "various other fixes".
286 phreak 1.217
287     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
288     Update the longdescription in metadata, thanks to Gordon Malm.
289 nixnut 1.216
290     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
291     Stable on ppc wrt bug #213255
292 solar 1.215
293     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
294     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
295     - stable on x86/amd64 per request. Removed obsolete ebuilds
296 phreak 1.214
297     *hardened-sources-2.6.24 (07 Apr 2008)
298    
299     07 Apr 2008; Christian Heim <phreak@gentoo.org>
300     +hardened-sources-2.6.24.ebuild:
301     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
302     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
303     for the many contributions and their continued effort in #216612) based on
304     2.6.24 and genpatches-2.6.24-5.
305    
306     The current ebuild/patchset contains these things:
307     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
308     * Introduces bespoke server and workstation oriented security levels
309     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
310 phreak 1.213
311     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
312     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
313     maintaining it).
314 phreak 1.212
315     24 Mar 2008; Christian Heim <phreak@gentoo.org>
316     hardened-sources-2.4.35-r2.ebuild:
317     Fixing SRC_URI for 2.4.35-r2.
318 phreak 1.211
319     *hardened-sources-2.6.23-r9 (22 Mar 2008)
320    
321     22 Mar 2008; Christian Heim <phreak@gentoo.org>
322     +hardened-sources-2.6.23-r9.ebuild:
323     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
324     * Change the default GIDs for some grsecurity options
325     * Revamp the Hardened [Gentoo] security level and make it the default level
326     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
327     * Fix a recursive lock -- call to capable() within ptrace_attach()
328     * Fix bug that allows audit and iscsi operations to be controlled via netlink
329 solar 1.210
330     *hardened-sources-2.6.23-r8 (27 Feb 2008)
331    
332     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
333     - version bump from Kerin Millar bug 210026
334 solar 1.209
335     17 Feb 2008; <solar@gentoo.org> metadata.xml,
336     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
337     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
338     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
339     - stable on x86 and remove old ebuilds
340 solar 1.207
341     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
342 solar 1.208 - stable on amd64 per request of amd64 lead
343 solar 1.206
344     *hardened-sources-2.6.23-r7 (11 Feb 2008)
345    
346     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
347     - version bump from kerin.millar
348     Changes:
349    
350     * Bump to genpatches-base-2.6.23-9
351     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
352     * Disables COMPAT_VDSO in x86/defconfig
353     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
354 phreak 1.205
355     25 Jan 2008; Christian Heim <phreak@gentoo.org>
356     -hardened-sources-2.6.22-r8.ebuild:
357     Cleaning up old versions.
358 phreak 1.204
359     *hardened-sources-2.6.23-r6 (25 Jan 2008)
360    
361     25 Jan 2008; Christian Heim <phreak@gentoo.org>
362     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
363     Revision bump, pulling in the latest genpatches.
364 phreak 1.203
365     *hardened-sources-2.6.23-r5 (24 Dec 2007)
366    
367     24 Dec 2007; Christian Heim <phreak@gentoo.org>
368     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
369     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
370     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
371     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
372 phreak 1.202
373     24 Dec 2007; Christian Heim <phreak@gentoo.org>
374     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
375     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
376     -hardened-sources-2.6.23-r3.ebuild:
377     Cleaning out some unused, old versions.
378 phreak 1.201
379     24 Dec 2007; Christian Heim <phreak@gentoo.org>
380     hardened-sources-2.6.23-r4.ebuild:
381     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
382     in the tree for long, but there isn't much of a difference between this and
383     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
384 phreak 1.200
385     *hardened-sources-2.6.23-r4 (23 Dec 2007)
386    
387     23 Dec 2007; Christian Heim <phreak@gentoo.org>
388     +hardened-sources-2.6.23-r4.ebuild:
389     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
390 phreak 1.199
391     *hardened-sources-2.6.23-r3 (04 Dec 2007)
392    
393     04 Dec 2007; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.23-r3.ebuild:
395     Revision bump, pulling in 2.6.23.9.
396 phreak 1.198
397     *hardened-sources-2.6.23-r2 (25 Nov 2007)
398    
399     25 Nov 2007; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.23-r2.ebuild:
401     Updated patchset, thanks to solar.
402 phreak 1.197
403     *hardened-sources-2.6.23-r1 (31 Oct 2007)
404    
405     31 Oct 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.23-r1.ebuild:
407     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
408 solar 1.196
409     29 Oct 2007; <solar@gentoo.org> metadata.xml:
410     - update metadata.xml
411 phreak 1.195
412     25 Oct 2007; Christian Heim <phreak@gentoo.org>
413     hardened-sources-2.6.22-r8.ebuild:
414     Marking 2.6.22-r8 stable on amd64 and x86.
415 phreak 1.194
416     21 Oct 2007; Christian Heim <phreak@gentoo.org>
417     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
418     -hardened-sources-2.6.21-r4.ebuild:
419     Removing old ebuilds.
420 phreak 1.193
421     *hardened-sources-2.4.35-r2 (21 Oct 2007)
422    
423     21 Oct 2007; Christian Heim <phreak@gentoo.org>
424     +hardened-sources-2.4.35-r2.ebuild:
425     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
426     patches.
427 phreak 1.192
428     *hardened-sources-2.6.22-r8 (21 Oct 2007)
429    
430     21 Oct 2007; Christian Heim <phreak@gentoo.org>
431     +hardened-sources-2.6.22-r8.ebuild:
432     Yet another new patch, hopefully fixing the remaining issues we had w/
433     2.6.22. Candidate for stabling.
434 phreak 1.191
435     *hardened-sources-2.6.23 (13 Oct 2007)
436    
437     13 Oct 2007; Christian Heim <phreak@gentoo.org>
438     +hardened-sources-2.6.23.ebuild:
439     Initial hardened-sources-2.6.23. If people still have problems w/ bug
440     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
441 phreak 1.190
442     11 Oct 2007; Christian Heim <phreak@gentoo.org>
443     hardened-sources-2.6.20-r10.ebuild:
444     Pulling in yet another new genpatches version, fixing the PWC bug for real.
445 phreak 1.189
446     04 Oct 2007; Christian Heim <phreak@gentoo.org>
447     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
448     Removing old versions.
449 phreak 1.188
450     *hardened-sources-2.6.22-r7 (01 Oct 2007)
451    
452     01 Oct 2007; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.22-r7.ebuild:
454     Revision bump, pulling in a newer patch. Should fix #194276.
455 phreak 1.187
456     30 Sep 2007; Christian Heim <phreak@gentoo.org>
457     hardened-sources-2.6.20-r10.ebuild:
458     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
459     Mike Doty).
460 phreak 1.186
461     *hardened-sources-2.6.22-r6 (26 Sep 2007)
462    
463     26 Sep 2007; Christian Heim <phreak@gentoo.org>
464     +hardened-sources-2.6.22-r6.ebuild:
465     Revision bump, grabbing up till Linux 2.6.22.9.
466 phreak 1.185
467     24 Sep 2007; Christian Heim <phreak@gentoo.org>
468     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
469     Cleaning up further.
470 phreak 1.184
471     *hardened-sources-2.6.20-r10 (24 Sep 2007)
472    
473     24 Sep 2007; Christian Heim <phreak@gentoo.org>
474     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
475     +hardened-sources-2.6.20-r10.ebuild:
476     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
477     revisions.
478 phreak 1.183
479     *hardened-sources-2.6.22-r5 (22 Sep 2007)
480    
481     22 Sep 2007; Christian Heim <phreak@gentoo.org>
482     +hardened-sources-2.6.22-r5.ebuild:
483     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
484 phreak 1.182
485     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
486     Removing johnm from metadata.xml (see #186467 for reference).
487 phreak 1.181
488     *hardened-sources-2.6.22-r4 (17 Sep 2007)
489    
490     17 Sep 2007; Christian Heim <phreak@gentoo.org>
491     +hardened-sources-2.6.22-r4.ebuild:
492     Revision bump, hopefully fixing all those weird PAX failures.
493 phreak 1.180
494     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
495     Updating the metadata.xml.
496 phreak 1.179
497     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
498     Removing tocharian from metadata due to his retirement (see #71718 for
499     reference).
500 phreak 1.178
501     *hardened-sources-2.6.20-r9 (30 Aug 2007)
502    
503     30 Aug 2007; Christian Heim <phreak@gentoo.org>
504     +hardened-sources-2.6.20-r9.ebuild:
505     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
506 phreak 1.177
507     29 Aug 2007; Christian Heim <phreak@gentoo.org>
508     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
509     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
510     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
511     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
512     -hardened-sources-2.6.22-r2.ebuild:
513     Removing some redundant versions.
514 phreak 1.176
515     *hardened-sources-2.4.35-r1 (29 Aug 2007)
516    
517     29 Aug 2007; Christian Heim <phreak@gentoo.org>
518     +hardened-sources-2.4.35-r1.ebuild:
519     Revision bump, new grsecurity patch.
520 phreak 1.175
521     *hardened-sources-2.6.20-r8 (26 Aug 2007)
522    
523     26 Aug 2007; Christian Heim <phreak@gentoo.org>
524     +hardened-sources-2.6.20-r8.ebuild:
525     Revision bump for Linux 2.6.20.17.
526 phreak 1.174
527     *hardened-sources-2.6.22-r3 (22 Aug 2007)
528    
529     22 Aug 2007; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.6.22-r3.ebuild:
531     Revision bump for Linux 2.6.22.4.
532 phreak 1.173
533     16 Aug 2007; Christian Heim <phreak@gentoo.org>
534     hardened-sources-2.6.22-r2.ebuild:
535     Updated patchset, to fix the alignment against 2.6.22.3.
536 phreak 1.172
537     *hardened-sources-2.6.22-r2 (16 Aug 2007)
538    
539     16 Aug 2007; Christian Heim <phreak@gentoo.org>
540     +hardened-sources-2.6.22-r2.ebuild:
541     Revision bump for Linux 2.6.22.3.
542 phreak 1.171
543     *hardened-sources-2.4.35 (16 Aug 2007)
544    
545     16 Aug 2007; Christian Heim <phreak@gentoo.org>
546     +hardened-sources-2.4.35.ebuild:
547     Version bump, initial version for Linux 2.4.35.
548 phreak 1.170
549     *hardened-sources-2.6.21-r4 (16 Aug 2007)
550    
551     16 Aug 2007; Christian Heim <phreak@gentoo.org>
552     +hardened-sources-2.6.21-r4.ebuild:
553     Revision bump for Linux 2.6.21.6.
554 phreak 1.169
555     *hardened-sources-2.6.20-r7 (16 Aug 2007)
556    
557     16 Aug 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.20-r7.ebuild:
559     Revision bump for Linux 2.6.20.16.
560 phreak 1.168
561     *hardened-sources-2.6.22-r1 (13 Aug 2007)
562    
563     13 Aug 2007; Christian Heim <phreak@gentoo.org>
564     +hardened-sources-2.6.22-r1.ebuild:
565     Yet another revision bump.
566 phreak 1.167
567     *hardened-sources-2.6.22 (10 Aug 2007)
568    
569     10 Aug 2007; Christian Heim <phreak@gentoo.org>
570     +hardened-sources-2.6.22.ebuild:
571     Initial release for 2.6.22. If you are using hardened-sources on a desktop
572     machine (P4 or newer), be aware you might need to disable
573     CONFIG_PAX_PAGEEXEC.
574 phreak 1.166
575     04 Aug 2007; Christian Heim <phreak@gentoo.org>
576     hardened-sources-2.6.20-r6.ebuild:
577     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
578     2.6.20.15.
579 phreak 1.165
580     10 Jul 2007; Christian Heim <phreak@gentoo.org>
581     hardened-sources-2.6.20-r5.ebuild:
582     Marking hardened-sources-2.6.20-r5 stable on ppc.
583 phreak 1.164
584     10 Jul 2007; Christian Heim <phreak@gentoo.org>
585     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
586     Cleanup.
587 phreak 1.163
588     *hardened-sources-2.6.20-r6 (08 Jul 2007)
589    
590     08 Jul 2007; Christian Heim <phreak@gentoo.org>
591     +hardened-sources-2.6.20-r6.ebuild:
592     Revision bump, grabbing yet another stable release.
593 phreak 1.162
594     17 Jun 2007; Christian Heim <phreak@gentoo.org>
595     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
596     -hardened-sources-2.6.21-r2.ebuild:
597     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
598     alpha stable KEYWORD by mistake.
599 phreak 1.161
600     17 Jun 2007; Christian Heim <phreak@gentoo.org>
601     hardened-sources-2.6.20-r5.ebuild:
602     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
603     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
604 phreak 1.160
605     *hardened-sources-2.6.21-r3 (12 Jun 2007)
606    
607     12 Jun 2007; Christian Heim <phreak@gentoo.org>
608     +hardened-sources-2.6.21-r3.ebuild:
609     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
610     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
611     love.
612 phreak 1.159
613     *hardened-sources-2.6.20-r5 (11 Jun 2007)
614    
615     11 Jun 2007; Christian Heim <phreak@gentoo.org>
616     +hardened-sources-2.6.20-r5.ebuild:
617     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
618     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
619     love.
620 pappy 1.158
621     *hardened-sources-2.4.34.5 (11 Jun 2007)
622    
623     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
624     +hardened-sources-2.4.34.5.ebuild:
625     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
626 phreak 1.157
627     30 May 2007; Christian Heim <phreak@gentoo.org>
628     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
629     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
630     stale ebuild(s).
631 phreak 1.156
632     30 May 2007; Christian Heim <phreak@gentoo.org>
633     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
634     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
635     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
636     Doing some cleanups, remove stale ebuilds.
637 phreak 1.155
638     26 May 2007; Christian Heim <phreak@gentoo.org>
639     hardened-sources-2.6.21-r2.ebuild:
640     Fixing the grsecurity patch, had one '};' too much.
641 phreak 1.154
642     *hardened-sources-2.6.21-r2 (26 May 2007)
643    
644     26 May 2007; Christian Heim <phreak@gentoo.org>
645     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
646     +hardened-sources-2.6.21-r2.ebuild:
647     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
648     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
649 phreak 1.153
650     *hardened-sources-2.6.20-r4 (26 May 2007)
651    
652     26 May 2007; Christian Heim <phreak@gentoo.org>
653     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
654     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
655 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
656 phreak 1.152
657     15 May 2007; Christian Heim <phreak@gentoo.org>
658     hardened-sources-2.6.20-r3.ebuild:
659     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
660     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
661     grsecurity patch fail in that exact same hunk.
662 phreak 1.151
663     *hardened-sources-2.6.20-r3 (15 May 2007)
664    
665     15 May 2007; Christian Heim <phreak@gentoo.org>
666     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
667     Revision bump, incorporating Linux 2.6.20.11.
668    
669     *hardened-sources-2.6.21-r1 (11 May 2007)
670    
671     11 May 2007; Christian Heim <phreak@gentoo.org>
672     +hardened-sources-2.6.21-r1.ebuild:
673     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
674     mentioned in #177234.
675 kevquinn 1.150
676     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
677     files/digest-hardened-sources-2.6.21, Manifest:
678     Fix Manifest/digest for linux-2.6.21.tar.bz2
679 phreak 1.149
680     06 May 2007; Christian Heim <phreak@gentoo.org>
681     hardened-sources-2.6.21.ebuild:
682     Bumping the hardened-patches version, needed for the fix for #177234.
683 phreak 1.148
684     *hardened-sources-2.6.21 (02 May 2007)
685    
686     02 May 2007; Christian Heim <phreak@gentoo.org>
687     +hardened-sources-2.6.21.ebuild:
688     Version bump, Linux 2.6.21-hardened.
689 phreak 1.147
690     29 Apr 2007; Christian Heim <phreak@gentoo.org>
691     hardened-sources-2.6.20-r2.ebuild:
692     Adding ~ia64 on Ned's request.
693 phreak 1.146
694     29 Apr 2007; Christian Heim <phreak@gentoo.org>
695     hardened-sources-2.6.20-r2.ebuild:
696     Fixing the included grsecurity patch, wasn't alligning due to the Index:
697     header line(s).
698 phreak 1.145
699     29 Apr 2007; Christian Heim <phreak@gentoo.org>
700     hardened-sources-2.6.20-r2.ebuild:
701     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
702 armin76 1.144
703     *hardened-sources-2.6.20-r2 (10 Apr 2007)
704    
705     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
706     +hardened-sources-2.6.20-r2.ebuild:
707     Version bump, on behalf of phreak
708 phreak 1.143
709     *hardened-sources-2.6.20-r1 (04 Apr 2007)
710    
711     04 Apr 2007; Christian Heim <phreak@gentoo.org>
712     +hardened-sources-2.6.20-r1.ebuild:
713     Revision bump, grabbing a newer grsecurity snapshot.
714 phreak 1.142
715     *hardened-sources-2.6.20 (25 Mar 2007)
716    
717     25 Mar 2007; Christian Heim <phreak@gentoo.org>
718     +hardened-sources-2.6.20.ebuild:
719     Finally a hardened-sources version for 2.6.20; many people have been waiting
720     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
721     testbox.
722 chainsaw 1.141
723     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
724     hardened-sources-2.6.18-r6.ebuild:
725     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
726 phreak 1.140
727     *hardened-sources-2.6.18-r6 (16 Mar 2007)
728    
729     16 Mar 2007; Christian Heim <phreak@gentoo.org>
730     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
731     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
732     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
733     supposed to be.
734 phreak 1.139
735     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
736     Fixing the Manifest, the previous one was broken (as in still had the
737     deleted ebuild in it).
738 phreak 1.138
739     06 Mar 2007; Christian Heim <phreak@gentoo.org>
740     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
741     +hardened-sources-2.6.18-r5.ebuild:
742     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
743     Linux 2.6.18.8. Also cleaning up the older version.
744    
745     *hardened-sources-2.6.18-r5 (06 Mar 2007)
746    
747     06 Mar 2007; Christian Heim <phreak@gentoo.org>
748     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
749     +hardened-sources-2.6.18-r5.ebuild:
750     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
751     Linux 2.6.18.8. Also cleaning up the older version.
752 phreak 1.137
753     24 Feb 2007; Christian Heim <phreak@gentoo.org>
754     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
755     -hardened-sources-2.6.19-r5.ebuild:
756     Removing some of the old version, that didn't work.
757 phreak 1.136
758     *hardened-sources-2.6.19-r6 (12 Feb 2007)
759    
760     12 Feb 2007; Christian Heim <phreak@gentoo.org>
761     +hardened-sources-2.6.19-r6.ebuild:
762     Revision bump, including a new grsec version fixing #166235.
763 pappy 1.134
764     *hardened-sources-2.4.34 (24 Jan 2007)
765    
766     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
767 pappy 1.135 Manifest:
768     updating Manifest with checksums of new tarball and ebuild
769    
770     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
771 pappy 1.134 +hardened-sources-2.4.34.ebuild:
772     I added new hardened sources 2.4 update, this is a critical path
773     security bugfix - all users of h-s are strongly advised
774     to update their existing hardened sources to this version.
775     It contains a fix for a kernel vulnerability that is pertaining
776     to the PaX changes to virtual memory management, possibly leading
777     to a local kernel exploit ... see grsecurity.net forums and homepage
778 phreak 1.133
779     23 Jan 2007; Christian Heim <phreak@gentoo.org>
780     files/digest-hardened-sources-2.6.19-r5, Manifest:
781     Fixing the patch-tarball digest.
782 phreak 1.132
783     *hardened-sources-2.6.19-r5 (23 Jan 2007)
784    
785     23 Jan 2007; Christian Heim <phreak@gentoo.org>
786     +hardened-sources-2.6.19-r5.ebuild:
787     Revision bump, closing the recently discovered PaX expand_stack()
788     vulnerability.
789 phreak 1.131
790     *hardened-sources-2.6.19-r4 (14 Jan 2007)
791    
792     14 Jan 2007; Christian Heim <phreak@gentoo.org>
793     +hardened-sources-2.6.19-r4.ebuild:
794     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
795     dropping the randomized PID feature.
796 opfer 1.130
797     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
798     hardened-sources-2.4.33.4.ebuild:
799     stable x86, bug #161171
800 phreak 1.129
801     *hardened-sources-2.6.19-r3 (27 Dec 2006)
802    
803     27 Dec 2006; Christian Heim <phreak@gentoo.org>
804     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
805     Revision bump for bug #157186 and #158786.
806 phreak 1.128
807     *hardened-sources-2.6.18-r4 (27 Dec 2006)
808    
809     27 Dec 2006; Christian Heim <phreak@gentoo.org>
810     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
811     Revision bump for bug #157186.
812 phreak 1.127
813     *hardened-sources-2.6.19-r2 (23 Dec 2006)
814    
815     23 Dec 2006; Christian Heim <phreak@gentoo.org>
816     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
817     Revision bump to pull in genpatches-2.6.19-3 for #157186.
818 phreak 1.126
819     17 Dec 2006; Christian Heim <phreak@gentoo.org>
820     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
821     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
822     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
823     hardened-sources-2.6.19-r1.ebuild:
824     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
825     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
826 pappy 1.125
827     *hardened-sources-2.4.33.4 (17 Dec 2006)
828    
829     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
830     +hardened-sources-2.4.33.4.ebuild:
831     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
832     and quilting
833 phreak 1.124
834     *hardened-sources-2.6.19-r1 (14 Dec 2006)
835    
836     14 Dec 2006; Christian Heim <phreak@gentoo.org>
837     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
838     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
839     for reporting).
840 phreak 1.123
841     *hardened-sources-2.6.19 (13 Dec 2006)
842    
843     13 Dec 2006; Christian Heim <phreak@gentoo.org>
844     +hardened-sources-2.6.19.ebuild:
845     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
846     Brad for providing that prompt update.
847 phreak 1.122
848     *hardened-sources-2.6.18-r3 (13 Dec 2006)
849    
850     13 Dec 2006; Christian Heim <phreak@gentoo.org>
851     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
852     +hardened-sources-2.6.18-r3.ebuild:
853     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
854     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
855 phreak 1.121
856     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
857     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
858 nixnut 1.120
859     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
860     Stable on ppc wrt bug 157356
861 opfer 1.119
862     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
863     hardened-sources-2.6.18.ebuild:
864     stable x86, bug #157356
865 phreak 1.118
866     *hardened-sources-2.6.18-r2 (06 Dec 2006)
867    
868     06 Dec 2006; Christian Heim <phreak@gentoo.org>
869     +hardened-sources-2.6.18-r2.ebuild:
870     Revision bump, including 2.6.18.5 (via genpatches) and
871     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
872     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
873     redesign.
874 phreak 1.117
875     06 Dec 2006; Christian Heim <phreak@gentoo.org>
876     hardened-sources-2.6.18.ebuild:
877     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
878     of Mike Doty).
879 phreak 1.116
880     *hardened-sources-2.6.18-r1 (23 Nov 2006)
881    
882     23 Nov 2006; Christian Heim <phreak@gentoo.org>
883     +hardened-sources-2.6.18-r1.ebuild:
884     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
885 phreak 1.115
886     *hardened-sources-2.6.18 (11 Nov 2006)
887    
888     11 Nov 2006; Christian Heim <phreak@gentoo.org>
889     +hardened-sources-2.6.18.ebuild:
890     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
891 solar 1.114
892     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
893     - mark amd64 stable also. bug #151877
894 solar 1.113
895     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
896     - mark 2.6.17-r1 stable
897 phreak 1.112
898     27 Aug 2006; Christian Heim <phreak@gentoo.org>
899     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
900     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
901 phreak 1.111
902     *hardened-sources-2.6.17-r1 (26 Aug 2006)
903    
904     26 Aug 2006; Christian Heim <phreak@gentoo.org>
905     +hardened-sources-2.6.17-r1.ebuild:
906     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
907     grsecurity patch.
908 phreak 1.110
909     *hardened-sources-2.6.17 (17 Aug 2006)
910    
911     17 Aug 2006; Christian Heim <phreak@gentoo.org>
912     +hardened-sources-2.6.17.ebuild:
913     Bumping the hardened-sources-2.6 series to 2.6.17, using
914     genpatches-2.6.17-6.base.
915 solar 1.109
916     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
917     - stable on x86 and amd64
918 solar 1.108
919     *hardened-sources-2.6.16-r11 (15 Jul 2006)
920    
921     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
922     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
923     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
924     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
925     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
926     crusty ebuilds
927 johnm 1.107
928     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
929     hardened-sources-2.6.16-r10.ebuild:
930     marking stable on x86 and amd64
931 solar 1.106
932     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
933     - 2.4.32-r6 stable on x86. RSBAC state unknown
934 kang 1.105
935     *hardened-sources-2.4.32-r7 (10 Jul 2006)
936    
937     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
938     +hardened-sources-2.4.32-r7.ebuild:
939     Bump PaX for RSBAC to test-17
940 johnm 1.104
941     *hardened-sources-2.6.16-r9 (03 Jul 2006)
942    
943     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
944     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
945     hardened-sources-2.6.16 bump to latest -base.
946 solar 1.103
947     *hardened-sources-2.4.32-r6 (30 Jun 2006)
948    
949     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
950     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
951     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
952     sysctl controlable resource logging
953 johnm 1.102
954     *hardened-sources-2.6.16-r7 (05 Jun 2006)
955    
956     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
957     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
958     push new 2.6.16 release in preparation for stable
959 solar 1.101
960     22 May 2006; <solar@gentoo.org> :
961     - redigest bug 134002
962 kang 1.100
963     *hardened-sources-2.4.32-r5 (16 May 2006)
964    
965     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
966     +hardened-sources-2.4.32-r5.ebuild:
967     Fixes rsbac common patching (new patch in new -r5 patchset)
968 solar 1.99
969     *hardened-sources-2.4.32-r4 (13 May 2006)
970    
971     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
972     +hardened-sources-2.4.32-r4.ebuild:
973     - security bumps
974 johnm 1.98
975     *hardened-sources-2.6.16-r6 (03 May 2006)
976    
977     03 May 2006; John Mylchreest <johnm@gentoo.org>
978     +hardened-sources-2.6.16-r6.ebuild:
979     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
980 johnm 1.97
981     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
982     hardened-sources-2.6.14-r8.ebuild:
983     fix x86_64 build problem, this will delay the digest issue again for a short
984     while but it will sort itself out
985 johnm 1.96
986     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
987     hardened-sources-2.6.14-r8.ebuild:
988     bump hardened patchset
989 antarus 1.94
990     27 Apr 2006; Alec Warner <antarus@gentoo.org>
991     files/digest-hardened-sources-2.4.32-r2,
992     files/digest-hardened-sources-2.4.32-r3,
993     files/digest-hardened-sources-2.6.14-r8, Manifest:
994     Fixing duff SHA256 digests: Bug # 131293
995 johnm 1.93
996 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
997    
998     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
999     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1000     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1001     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1002     cleanup of old uneccessary sources
1003    
1004 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1005     fix digest
1006 johnm 1.92
1007     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1008    
1009     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1010     +hardened-sources-2.6.14-r8.ebuild:
1011     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1012 johnm 1.91
1013     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1014     Turning on gpg-signing again, and recomitting
1015 johnm 1.90
1016     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1017    
1018     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1019     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1020     +hardened-sources-2.6.16-r4.ebuild:
1021     Fix numerous security vulns
1022 solar 1.89
1023     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1024    
1025     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1026     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1027     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1028     - security bump for bug #112791. Removed old ebuilds
1029 johnm 1.88
1030     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1031    
1032     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1033     +hardened-sources-2.6.16-r3.ebuild:
1034     Removing silly localversion which I missed
1035 johnm 1.87
1036     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1037    
1038     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1039     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1040     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1041 johnm 1.86
1042     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1043    
1044     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1045     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1046     +hardened-sources-2.6.16-r2.ebuild:
1047     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1048     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1049 johnm 1.85
1050     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1051    
1052     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1053     +hardened-sources-2.6.16-r1.ebuild:
1054     Bumping to include ppc build fix and 2.6.16.3
1055 tsunam 1.84
1056     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1057     hardened-sources-2.6.14-r6.ebuild:
1058     Stable on x86; bug #127718
1059 johnm 1.83
1060     *hardened-sources-2.6.16 (31 Mar 2006)
1061    
1062     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1063     +hardened-sources-2.6.16.ebuild:
1064     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1065     2.6.16.1
1066 cryos 1.82
1067     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1068     hardened-sources-2.6.14-r6.ebuild:
1069     Stable on amd64, bug 127718.
1070 nixnut 1.81
1071     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1072     Stable on ppc. Bug #127718
1073 johnm 1.80
1074     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1075     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1076     -hardened-sources-2.6.14-r4.ebuild:
1077     Cleanup.
1078 johnm 1.79
1079     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1080    
1081     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1082     +hardened-sources-2.6.14-r6.ebuild:
1083     Fixes grsec policy recreation bug and adds a
1084     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1085 solar 1.78
1086     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1087     - stable on x86
1088 hansmi 1.77
1089     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1090     hardened-sources-2.6.14-r5.ebuild:
1091     Stable on ppc.
1092 johnm 1.76
1093     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1094    
1095     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1096     +hardened-sources-2.6.14-r5.ebuild:
1097     fixing every known exploit
1098 solar 1.75
1099     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1100    
1101     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1102     +hardened-sources-2.4.32-r2.ebuild:
1103     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1104 solar 1.74
1105     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1106    
1107     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1108     - version bump for new genpatches which fix up a few sec holes
1109 solar 1.73
1110     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1111    
1112     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1113     - revision bump to add misc vital linux kernel security patches.
1114 johnm 1.72
1115     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1116    
1117     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1118     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1119     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1120 johnm 1.71
1121     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1122     hardened-sources-2.6.14-r2.ebuild:
1123     making x86 & amd64 stable following testing.
1124 johnm 1.70
1125     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1126    
1127     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1128     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1129     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1130     network hooks.
1131 johnm 1.69
1132     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1133     hardened-sources-2.6.14-r1.ebuild:
1134     bumping to stable early for sec fix on x86 & amd64
1135 johnm 1.68
1136     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1137    
1138     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1139     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1140     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1141 solar 1.67
1142     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1143     - stable on x86 security bug #114227 CAN-2005-3257
1144 kang 1.66
1145     *hardened-sources-2.4.32 (19 Nov 2005)
1146    
1147     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1148     +hardened-sources-2.4.32.ebuild:
1149     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1150     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1151     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1152     rsbac >> /etc/portage/package.use)
1153 johnm 1.65
1154     *hardened-sources-2.6.14 (14 Nov 2005)
1155    
1156     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1157     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1158     Bumping 2.6 series to 2.6.14.2
1159 johnm 1.64
1160     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1161    
1162     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1163     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1164     +hardened-sources-2.6.13-r2.ebuild:
1165     Fixes minor build error in ppc.
1166 johnm 1.63
1167     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1168    
1169     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1170     +hardened-sources-2.6.13-r1.ebuild:
1171     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1172     2.6.13.4, fixes some major amd64 stability problems.
1173 johnm 1.62
1174     *hardened-sources-2.6.13 (16 Sep 2005)
1175    
1176     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1177     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1178     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1179     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1180     users should test this thoroughly.
1181 solar 1.61
1182     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1183     - stable on x86
1184 johnm 1.60
1185     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1186    
1187     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1188     +hardened-sources-2.6.11-r15.ebuild:
1189     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1190     grsec redefining curr_ip struct.
1191 solar 1.59
1192     *hardened-sources-2.4.31 (20 Jun 2005)
1193    
1194     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1195     initial import of 2.4.31 tree
1196 johnm 1.58
1197     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1198    
1199     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1200     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1201     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1202     naming scheme to abide by genpatches
1203 johnm 1.57
1204     *hardened-sources-2.6.11-r13 (18 May 2005)
1205    
1206     18 May 2005; John Mylchreest <johnm@gentoo.org>
1207     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1208     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1209     target. sorry about that. Fixes bug #93022
1210 johnm 1.56
1211     *hardened-sources-2.6.11-r12 (17 May 2005)
1212    
1213     17 May 2005; John Mylchreest <johnm@gentoo.org>
1214     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1215     +hardened-sources-2.6.11-r12.ebuild:
1216     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1217     merges in genpatches-base
1218 johnm 1.55
1219     *hardened-sources-2.6.11-r12 (17 May 2005)
1220    
1221     17 May 2005; John Mylchreest <johnm@gentoo.org>
1222     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1223     +hardened-sources-2.6.11-r12.ebuild:
1224     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1225     merges in genpatches-base
1226 solar 1.54
1227     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1228     -files/2.4.27-cmdline-race.patch,
1229     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1230     -files/2.4.28-grsec-binfmt_a.out.patch,
1231     -files/2.4.28-grsec-cmdline-race.patch,
1232     -files/2.4.28-selinux-binfmt_a.out.patch,
1233     -files/2.4.28-selinux-cmdline-race.patch,
1234     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1235     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1236     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1237     cleanup..
1238 solar 1.53
1239     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1240    
1241     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1242     - disable aout by default
1243 solar 1.52
1244     *hardened-sources-2.4.30 (18 Apr 2005)
1245    
1246     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1247     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1248     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1249     use
1250 tocharian 1.50
1251 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1252    
1253     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1254     +hardened-sources-2.4.29.ebuild:
1255     New hardened-patches-2.4-29.0 patchball.
1256     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1257    
1258     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1259    
1260     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1261     +hardened-sources-2.4.28-r5.ebuild:
1262     Added a fix for a PaX vulnerability.
1263    
1264     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1265 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1266     Stable on x86
1267 solar 1.49
1268     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1269     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1270     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1271     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1272     - fixed/added RDEPEND= in all kernel-2 ebuilds
1273 tocharian 1.48
1274     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1275    
1276     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1277     +hardened-sources-2.4.28-r4.ebuild:
1278     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1279     backport of neighbour hash updates.
1280 tocharian 1.47
1281     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1282     hardened-sources-2.4.28-r3.ebuild:
1283     Stable on x86
1284 tseng 1.46
1285     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1286    
1287     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1288     +hardened-sources-2.6.10-r3.ebuild:
1289     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1290     in 2005.0
1291 tocharian 1.45
1292     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1293     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1294     hardened-sources-2.4.28-r2.ebuild:
1295     Mark stable on x86
1296 tocharian 1.44
1297     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1298    
1299     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1300     +hardened-sources-2.4.28-r3.ebuild:
1301     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1302 tocharian 1.43
1303     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1304     hardened-sources-2.4.28.ebuild:
1305     Mark stable on x86.
1306 tocharian 1.42
1307     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1308    
1309     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1310     +hardened-sources-2.4.28-r2.ebuild:
1311     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1312     Mazinger for grsecurity patches as well.
1313 plasmaroo 1.41
1314     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1315    
1316     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1317     Security bump. Thank tocharian for rolling a new patchset...
1318 solar 1.40
1319     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1320     +files/2.4.28-grsec-cmdline-race.patch,
1321     +files/2.4.28-selinux-binfmt_a.out.patch,
1322     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1323     - Round up remaining security patches that appear to be missing in 2.4.28. -
1324     PaX standalone updated to current. hgpv=28.1
1325 solar 1.39
1326     *hardened-sources-2.4.28 (28 Nov 2004)
1327    
1328     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1329     security bump. Thank tocharian for rolling a new patchset
1330 scox 1.31
1331 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1332    
1333     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1334     +hardened-sources-2.4.27-r3.ebuild:
1335     Applies the new 2.4-27.2 patchball which updates
1336     GRSecurity to the 2.0.1 version.
1337    
1338 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1339    
1340     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1341     +hardened-sources-2.4.27-r2.ebuild:
1342     Version bump.
1343     This version uses the new 2.4-27.1 patchball which updates
1344     both the SELinux PaX hooks patch and the SELinux headers.
1345    
1346 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1347    
1348     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1349     +hardened-sources-2.4.27-r1.ebuild,
1350     -hardened-sources-2.4.27.ebuild,
1351     +files/2.4.27-cmdline-race.patch:
1352     Version bump, fix for cmdline race. See bug #59905.
1353    
1354     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1355    
1356     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1357     +hardened-sources-2.4.26-r6.ebuild,
1358     -hardened-sources-2.4.26-r5.ebuild,
1359     -hardened-sources-2.4.26-r4.ebuild,
1360     +files/2.4.26-cmdline-race.patch:
1361     Version bump, fix for cmdline race. See bug #59905.
1362    
1363 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1364    
1365     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1366     +hardened-sources-2.4.27.ebuild,
1367     +files/2.4.27-CAN-2004-0394.patch:
1368     Ported the patchball to the 2.4.27 kernel version.
1369    
1370 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1371    
1372     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1373     +hardened-sources-2.4.26-r5.ebuild:
1374 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1375 scox 1.34 It adds the following features:
1376     - Squashfs
1377     - Ebtables
1378     - Netdev random (core+drivers)
1379     - Watchdog Timer (WDT) fix.
1380    
1381 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1382    
1383     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1384     +hardened-sources-2.4.26-r4.ebuild,
1385     +files/2.4.26-CAN-2004-0415.patch,
1386     -hardened-sources-2.4.26-3:
1387     Version bump, fix for CAN 0415, see bug #59378.
1388    
1389 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1390    
1391     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1392     +hardened-sources-2.4.26-r3.ebuild,
1393     +files/2.4.26-CAN-2004-0497.patch,
1394     -hardened-sources-2.4.26-r2.ebuild:
1395     Version bump, fixed CAN 0497, see bug #56171.
1396    
1397 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1398    
1399     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1400 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1401 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1402     +files/2.4.26-CAN-2004-0535.patch,
1403     -hardened-sources-2.4.26-r1.ebuild:
1404     Fixes for both CAN 0495 and 0535, see bug #54976
1405 pvdabeel 1.27
1406 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1407     hardened-sources-2.4.26-r1.ebuild:
1408     QA - fix use invocation
1409 scox 1.28
1410     *hardened-sources-2.4.26-r1 (22 June 2004)
1411    
1412     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1413     +hardened-sources-2.4.26-r1.ebuild,
1414     +files/2.4.26-CAN-2004-0394.patch,
1415     +files/2.4.26-signal-race.patch,
1416     -hardened-sources-2.4.26.ebuild,
1417     -hardened-sources-2.4.24-r3.ebuild:
1418     Version bump for the CAN-2004-0394 issue and bug #53804
1419     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1420    
1421    
1422 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1423     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1424     Masked hardened-sources-2.4.26.ebuild broken for ppc
1425    
1426     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1427     hardened-sources-2.4.24-r3.ebuild:
1428     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1429 plasmaroo 1.25
1430 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1431    
1432     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1433     +hardened-sources-2.4.26.ebuild:
1434     Updated hardened-sources for the 2.4.26 kernel
1435     Removed broken components, updated almost everything.
1436    
1437 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1438    
1439     17 Apr 2004; <plasmaroo@gentoo.org>
1440     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1441     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1442     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1443     +hardened-sources-2.4.24-r3.ebuild:
1444     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1445     vulnerabilities. Old revisions removed.
1446 plasmaroo 1.24
1447     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1448    
1449     15 Apr 2004; <plasmaroo@gentoo.org>
1450     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1451     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1452     Version bump for the CAN-2004-0109 issue; bug #47881.
1453 aliz 1.23
1454     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1455     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1456     Add eutils to inherit.
1457 plasmaroo 1.22
1458     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1459    
1460     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1461     files/hardened-sources-2.4.24.munmap.patch:
1462     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1463 scox 1.19
1464 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1465 scox 1.26
1466 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1467     hardened-sources-2.4.24.ebuild:
1468     Version bump, updated most of the components.
1469     This release includes the following:
1470    
1471     - Hardened security
1472     - Netfilter patch-o-matic 20031219
1473     - FreeSWAN 2.04 & x509 1.4.8
1474     - EVMS 2.2.2
1475     - XFS 1.3.1
1476     - cryptoloop jari
1477     - grsecurity 2.0-rc4
1478     - SELinux
1479     - PaX 200402060000
1480     - PaX Obscurity 200308302223
1481     - Others...
1482    
1483     Neither -ck nor systrace are included anymore.
1484    
1485 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1486    
1487     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1488     hardened-sources-2.4.22-r2.ebuild:
1489 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1490 scox 1.19
1491     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1492 iggy 1.17
1493     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1494 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1495 iggy 1.16
1496     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1497 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1498     Version bump for the 'do_brk' vulnerability.
1499 iggy 1.15
1500     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1501     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1502     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1503     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1504 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1505 frogger 1.14
1506     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1507     hardened-sources-2.4.22.ebuild:
1508 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1509     components. These are no longer handled in the kernel
1510     so this code was not necessary.
1511 frogger 1.13
1512     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1513     New 2.4.22 based hardened-sources thanks to
1514     Phil West <p.west@computer.org>.
1515    
1516     These sources include:
1517 plasmaroo 1.18 - New SELinux API
1518     - Updated CK-base
1519     - Updated GRSec
1520     - Systrace
1521     - SuperFreeS/WAN 1.99.8
1522     - Propolice kernel build support
1523     - EVMS
1524     - Other various security related patches
1525 frogger 1.11
1526 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1527    
1528     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1529     Updated hardened-sources based on the 2.4.21 Linux kernel.
1530     This includes updates to most major components such as:
1531 plasmaroo 1.18 - ck-base-0306300059
1532     - selinux-2.4-2003071106
1533     - grsecurity-2.0-rc1
1534     - Updated IPTables patch-o-matic
1535     - Updated SuperFreeS/WAN
1536    
1537 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1538     updated patch set ready for the 2.4.21 based kernel.
1539    
1540 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1541     Initial import of hardened-sources-2.4.20-r4. This revision
1542     includes only a few changes, but one of these is an important
1543     security fix. It is recommended all users of hardened-sources
1544     upgrade to this release.
1545 plasmaroo 1.18
1546 frogger 1.11 - ioperm bug fix
1547     - fixed compilation failure when building without GRSec
1548 plasmaroo 1.18
1549 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1550     due to time constraints, but is planned for inclusion in the near
1551     future.
1552 msterret 1.10
1553     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1554    
1555     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1556     hardened-sources-2.4.20-r3.ebuild:
1557 plasmaroo 1.18 Add Header...
1558 frogger 1.9
1559     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1560     hardened-sources-2.4.20-r3.ebuild:
1561     Removed warnings from ebuild. This kernel should be safe to
1562     use at this point.
1563 frogger 1.8
1564     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1565    
1566     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1567     hardened-sources-2.4.20-r3.ebuild:
1568     New revision. Includes the following changes over -r2:
1569 plasmaroo 1.18
1570 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1571     - Super FreeS/WAN 1.99.7rc2
1572     - PaX for the LSM/SELinux branch
1573     - GRSecurity 2.0-pre4 (role based access control)
1574     - Systrace 1.3
1575     - EXT3 fixes
1576     - EVMS 2.0.1
1577     - GCC 3.1+ compile optimizations
1578     - ProPolice kernel build support
1579     - Hashing table security fixes
1580 frogger 1.3
1581     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1582 frogger 1.7
1583     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1584     Initial import of hardened-sources-r2. This new
1585     ebuild includes many new performance and security
1586     related patches. As in -r1, it will patch in
1587     LSM/SELinux if "selinux" is in USE, otherwise it
1588     will patch in GRSecurity. The following patches
1589     are included in this revision:
1590 plasmaroo 1.18
1591 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1592     (pulled from the base CK patch)
1593     - ptrace exploit patch for the LSM kernel
1594     (the GRSec patch already fixes this)
1595     - LSM 2.4-2003040709
1596     - SELinux 2.4-2003040709
1597     - Systrace v1.2
1598     - IPTables patch-o-matic base patches - 20030107
1599     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1600     - Super FreeS/WAN 1.99.6.1
1601     - GRSecurity 1.9.9g
1602     - MPPE
1603     - EXT3 data journal fix
1604     - CIPE 1.5.4
1605 frogger 1.6
1606     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1607     hardened-sources-2.4.20-r1.ebuild, manifest:
1608 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1609 frogger 1.5
1610     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1611     hardened-sources-2.4.20-r1.ebuild:
1612     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1613     is patched in instead. Ptrace patches for selinux have also been added. In
1614     either case, systrace support will be patched in as well.
1615 frogger 1.3
1616     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1617     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1618 plasmaroo 1.18 Revision bump for new sources.
1619 frogger 1.4
1620 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1621 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1622 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1623 method 1.1
1624 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1625    
1626 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1627     hardened-sources-2.4.20.ebuild:
1628 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20