/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.268 - (hide annotations) (download)
Wed Jan 14 16:28:01 2009 UTC (5 years, 8 months ago) by gengor
Branch: MAIN
Changes since 1.267: +14 -2 lines
Add hardened-sources 2.6.25-r12, 2.6.26-r8 and 2.6.27-r4
(Portage version: 2.1.6.4/cvs/Linux 2.6.27-hardened-r4-rc1-2009011401 i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3     # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.267 2008/12/15 16:29:00 nixnut Exp $
4    
5     *hardened-sources-2.6.27-r4 (14 Jan 2009)
6     *hardened-sources-2.6.26-r8 (14 Jan 2009)
7     *hardened-sources-2.6.25-r12 (14 Jan 2009)
8    
9     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
10     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
11     +hardened-sources-2.6.27-r4.ebuild:
12     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
13     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
14     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
15     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
16 nixnut 1.267
17     15 Dec 2008; nixnut <nixnut@gentoo.org>
18     hardened-sources-2.6.25-r11.ebuild:
19     Stable on ppc
20 gengor 1.266
21     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
22     hardened-sources-2.6.25-r11.ebuild:
23     Stable amd64/x86.
24 gengor 1.265
25     *hardened-sources-2.6.27-r3 (07 Dec 2008)
26    
27     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
28     +hardened-sources-2.6.27-r3.ebuild:
29     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
30     Fixes bug #248754, #249729 and #246607.
31 gengor 1.264
32     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
33     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
34     Remove old versions.
35 gengor 1.262
36     *hardened-sources-2.6.26-r7 (03 Dec 2008)
37     *hardened-sources-2.6.25-r11 (03 Dec 2008)
38    
39 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
40     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
41 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
42     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
43     Both include many backports from 2.6.27.{6,7} -stable releases.
44 gengor 1.261
45     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
46     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
47     Remove versions broken on ARCHes != x86/amd64.
48 gengor 1.260
49     *hardened-sources-2.6.27-r2 (24 Nov 2008)
50    
51     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
52     +hardened-sources-2.6.27-r2.ebuild:
53     Bump to Linux 2.6.27.7 and latest grsecurity patch.
54 gengor 1.259
55     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
56     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
57     Remove old versions.
58 gengor 1.258
59     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
60     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
61     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
62 nixnut 1.257
63     16 Nov 2008; nixnut <nixnut@gentoo.org>
64     hardened-sources-2.6.25-r10.ebuild:
65     Stable on ppc
66 gengor 1.256
67     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
68     hardened-sources-2.6.25-r10.ebuild:
69     Stable amd64/x86.
70 gengor 1.255
71     *hardened-sources-2.6.26-r6 (12 Nov 2008)
72    
73     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
74     +hardened-sources-2.6.26-r6.ebuild:
75     Bump to Linux 2.6.26.8 and fix security bug #245650.
76 gengor 1.254
77     *hardened-sources-2.6.25-r10 (12 Nov 2008)
78    
79     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
80     +hardened-sources-2.6.25-r10.ebuild:
81     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
82 gengor 1.253
83     *hardened-sources-2.6.27-r1 (09 Nov 2008)
84    
85     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
86     +hardened-sources-2.6.27-r1.ebuild:
87     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
88 gengor 1.252
89     *hardened-sources-2.6.27 (04 Nov 2008)
90    
91     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
92     +hardened-sources-2.6.27.ebuild:
93     Initial 2.6.27 release.
94 gengor 1.251
95     *hardened-sources-2.6.26-r5 (03 Nov 2008)
96    
97     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
98     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
99     +hardened-sources-2.6.26-r5.ebuild:
100     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
101     Clean out some old versions.
102 nixnut 1.250
103     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
104     Stable on ppc
105 gengor 1.249
106     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
107     hardened-sources-2.6.25-r9.ebuild:
108     Stable on amd64/x86.
109 gengor 1.248
110     *hardened-sources-2.6.25-r9 (26 Oct 2008)
111    
112     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
113     +hardened-sources-2.6.25-r9.ebuild:
114     Update to Linux 2.6.25.19
115 nixnut 1.247
116     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
117     Stable on ppc
118 gengor 1.246
119     *hardened-sources-2.6.26-r4 (14 Oct 2008)
120    
121     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
122     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
123     Update to latest grsecurity patch, fixing building of non-modular kernels.
124 gengor 1.245
125     *hardened-sources-2.6.26-r3 (12 Oct 2008)
126    
127     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
128     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
129     +hardened-sources-2.6.26-r3.ebuild:
130     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
131     2.6.26-r1: Removed.
132     2.6.25-r8: Stable amd64/x86.
133 gengor 1.244
134     *hardened-sources-2.6.25-r8 (09 Oct 2008)
135    
136     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
137     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
138     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
139     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
140 nixnut 1.243
141     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
142     Stable on ppc
143 gengor 1.242
144     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
145     hardened-sources-2.6.25-r7.ebuild:
146     Stable amd64/x86.
147 gengor 1.241
148     *hardened-sources-2.6.26-r2 (13 Sep 2008)
149    
150     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
151     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
152     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
153     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
154 gengor 1.240
155     *hardened-sources-2.6.25-r7 (13 Sep 2008)
156    
157     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
158     +hardened-sources-2.6.25-r7.ebuild:
159     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
160 gengor 1.239
161     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
162     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
163     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
164     hardened-sources-2.6.26-r1.ebuild:
165     Update DESCRIPTION and HGPV_URI.
166 gengor 1.238
167     *hardened-sources-2.6.25-r6 (09 Sep 2008)
168    
169     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
170     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
171     2.6.25-r6: Update to Linux 2.6.25.17.
172     2.6.24-r3: Removed.
173 gengor 1.237
174     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
175     hardened-sources-2.6.25-r5.ebuild:
176     Stable on amd64/x86
177 gengor 1.236
178     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
179     Update my email address.
180 nixnut 1.235
181     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
182     stable on ppc
183 battousai 1.234
184     *hardened-sources-2.6.26-r1 (23 Aug 2008)
185     *hardened-sources-2.6.25-r5 (23 Aug 2008)
186    
187     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
188     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
189     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
190     +hardened-sources-2.6.26-r1.ebuild:
191     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
192     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
193     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
194     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
195     (gengor).
196 solar 1.233
197     *hardened-sources-2.6.26 (18 Aug 2008)
198     *hardened-sources-2.6.25-r4 (18 Aug 2008)
199    
200     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
201     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
202     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
203     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
204     2.6.25-r2: Removed.
205 tove 1.232
206     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
207     Remove phreak from metadata.xml (#96398)
208 solar 1.231
209     *hardened-sources-2.6.25-r3 (31 Jul 2008)
210    
211     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
212     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
213     +hardened-sources-2.6.25-r3.ebuild:
214     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
215     fixes, including security bug #231750.
216 nixnut 1.230
217     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
218     Stable on ppc
219 solar 1.229
220     *hardened-sources-2.6.25-r2 (05 Jul 2008)
221    
222     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
223     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
224     +hardened-sources-2.6.25-r2.ebuild:
225     2.6.23-r4: Stable x86/amd64
226     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
227     2.6.23-r{11,12}: Removed due to multiple vulns.
228     (gengor & kerframil)
229 nixnut 1.228
230     04 Jul 2008; nixnut <nixnut@gentoo.org>
231     hardened-sources-2.6.23-r13.ebuild:
232     Stable on ppc
233 solar 1.227
234     *hardened-sources-2.6.25-r1 (30 Jun 2008)
235    
236     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
237     +hardened-sources-2.6.25-r1.ebuild:
238     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
239     grsecurity release. 2.6.23-r13: x86/amd64 stable
240 solar 1.226
241     *hardened-sources-2.6.25 (17 Jun 2008)
242     *hardened-sources-2.6.24-r3 (17 Jun 2008)
243     *hardened-sources-2.6.23-r13 (17 Jun 2008)
244    
245     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
246     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
247     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
248     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
249     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
250     2.6.25: Initial 2.6.25 release.
251 solar 1.225
252     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
253     - fasttrack to stable x86/amd64
254 swegener 1.224
255     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
256     Fix broken digest for linux-2.6.24.tar.bz2.
257 solar 1.223
258     *hardened-sources-2.6.24-r2 (11 May 2008)
259     *hardened-sources-2.6.23-r12 (11 May 2008)
260    
261     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
262     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
263     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
264     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
265     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
266     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
267     security bugs 219901, 220691, 220975, 220979, 221123. New
268     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
269     should be removed as far as I'm concerned, everything else remove due to
270     vulnerable to numerous security bugs or brokeness.
271 nixnut 1.222
272     10 May 2008; nixnut <nixnut@gentoo.org>
273     hardened-sources-2.6.23-r11.ebuild:
274     Stable on ppc
275 solar 1.221
276     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
277     - -r11 stable on x86/amd64
278 solar 1.220
279     *hardened-sources-2.6.23-r11 (01 May 2008)
280    
281     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
282     - version bump to fix ulgy linux bugs
283 phreak 1.219
284     *hardened-sources-2.6.24-r1 (30 Apr 2008)
285    
286     30 Apr 2008; Christian Heim <phreak@gentoo.org>
287     +hardened-sources-2.6.24-r1.ebuild:
288     Revision bump (thanks to Kerin and Gordon, again), pulling
289     genpatches-2.6.24-7, solving #219089. Additionally contains further security
290     fixes plus some minor updates.
291 phreak 1.218
292     *hardened-sources-2.6.23-r10 (30 Apr 2008)
293    
294     30 Apr 2008; Christian Heim <phreak@gentoo.org>
295     +hardened-sources-2.6.23-r10.ebuild:
296     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
297     Additional contains "various other fixes".
298 phreak 1.217
299     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
300     Update the longdescription in metadata, thanks to Gordon Malm.
301 nixnut 1.216
302     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
303     Stable on ppc wrt bug #213255
304 solar 1.215
305     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
306     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
307     - stable on x86/amd64 per request. Removed obsolete ebuilds
308 phreak 1.214
309     *hardened-sources-2.6.24 (07 Apr 2008)
310    
311     07 Apr 2008; Christian Heim <phreak@gentoo.org>
312     +hardened-sources-2.6.24.ebuild:
313     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
314     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
315     for the many contributions and their continued effort in #216612) based on
316     2.6.24 and genpatches-2.6.24-5.
317    
318     The current ebuild/patchset contains these things:
319     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
320     * Introduces bespoke server and workstation oriented security levels
321     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
322 phreak 1.213
323     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
324     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
325     maintaining it).
326 phreak 1.212
327     24 Mar 2008; Christian Heim <phreak@gentoo.org>
328     hardened-sources-2.4.35-r2.ebuild:
329     Fixing SRC_URI for 2.4.35-r2.
330 phreak 1.211
331     *hardened-sources-2.6.23-r9 (22 Mar 2008)
332    
333     22 Mar 2008; Christian Heim <phreak@gentoo.org>
334     +hardened-sources-2.6.23-r9.ebuild:
335     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
336     * Change the default GIDs for some grsecurity options
337     * Revamp the Hardened [Gentoo] security level and make it the default level
338     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
339     * Fix a recursive lock -- call to capable() within ptrace_attach()
340     * Fix bug that allows audit and iscsi operations to be controlled via netlink
341 solar 1.210
342     *hardened-sources-2.6.23-r8 (27 Feb 2008)
343    
344     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
345     - version bump from Kerin Millar bug 210026
346 solar 1.209
347     17 Feb 2008; <solar@gentoo.org> metadata.xml,
348     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
349     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
350     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
351     - stable on x86 and remove old ebuilds
352 solar 1.207
353     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
354 solar 1.208 - stable on amd64 per request of amd64 lead
355 solar 1.206
356     *hardened-sources-2.6.23-r7 (11 Feb 2008)
357    
358     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
359     - version bump from kerin.millar
360     Changes:
361    
362     * Bump to genpatches-base-2.6.23-9
363     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
364     * Disables COMPAT_VDSO in x86/defconfig
365     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
366 phreak 1.205
367     25 Jan 2008; Christian Heim <phreak@gentoo.org>
368     -hardened-sources-2.6.22-r8.ebuild:
369     Cleaning up old versions.
370 phreak 1.204
371     *hardened-sources-2.6.23-r6 (25 Jan 2008)
372    
373     25 Jan 2008; Christian Heim <phreak@gentoo.org>
374     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
375     Revision bump, pulling in the latest genpatches.
376 phreak 1.203
377     *hardened-sources-2.6.23-r5 (24 Dec 2007)
378    
379     24 Dec 2007; Christian Heim <phreak@gentoo.org>
380     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
381     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
382     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
383     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
384 phreak 1.202
385     24 Dec 2007; Christian Heim <phreak@gentoo.org>
386     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
387     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
388     -hardened-sources-2.6.23-r3.ebuild:
389     Cleaning out some unused, old versions.
390 phreak 1.201
391     24 Dec 2007; Christian Heim <phreak@gentoo.org>
392     hardened-sources-2.6.23-r4.ebuild:
393     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
394     in the tree for long, but there isn't much of a difference between this and
395     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
396 phreak 1.200
397     *hardened-sources-2.6.23-r4 (23 Dec 2007)
398    
399     23 Dec 2007; Christian Heim <phreak@gentoo.org>
400     +hardened-sources-2.6.23-r4.ebuild:
401     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
402 phreak 1.199
403     *hardened-sources-2.6.23-r3 (04 Dec 2007)
404    
405     04 Dec 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.23-r3.ebuild:
407     Revision bump, pulling in 2.6.23.9.
408 phreak 1.198
409     *hardened-sources-2.6.23-r2 (25 Nov 2007)
410    
411     25 Nov 2007; Christian Heim <phreak@gentoo.org>
412     +hardened-sources-2.6.23-r2.ebuild:
413     Updated patchset, thanks to solar.
414 phreak 1.197
415     *hardened-sources-2.6.23-r1 (31 Oct 2007)
416    
417     31 Oct 2007; Christian Heim <phreak@gentoo.org>
418     +hardened-sources-2.6.23-r1.ebuild:
419     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
420 solar 1.196
421     29 Oct 2007; <solar@gentoo.org> metadata.xml:
422     - update metadata.xml
423 phreak 1.195
424     25 Oct 2007; Christian Heim <phreak@gentoo.org>
425     hardened-sources-2.6.22-r8.ebuild:
426     Marking 2.6.22-r8 stable on amd64 and x86.
427 phreak 1.194
428     21 Oct 2007; Christian Heim <phreak@gentoo.org>
429     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
430     -hardened-sources-2.6.21-r4.ebuild:
431     Removing old ebuilds.
432 phreak 1.193
433     *hardened-sources-2.4.35-r2 (21 Oct 2007)
434    
435     21 Oct 2007; Christian Heim <phreak@gentoo.org>
436     +hardened-sources-2.4.35-r2.ebuild:
437     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
438     patches.
439 phreak 1.192
440     *hardened-sources-2.6.22-r8 (21 Oct 2007)
441    
442     21 Oct 2007; Christian Heim <phreak@gentoo.org>
443     +hardened-sources-2.6.22-r8.ebuild:
444     Yet another new patch, hopefully fixing the remaining issues we had w/
445     2.6.22. Candidate for stabling.
446 phreak 1.191
447     *hardened-sources-2.6.23 (13 Oct 2007)
448    
449     13 Oct 2007; Christian Heim <phreak@gentoo.org>
450     +hardened-sources-2.6.23.ebuild:
451     Initial hardened-sources-2.6.23. If people still have problems w/ bug
452     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
453 phreak 1.190
454     11 Oct 2007; Christian Heim <phreak@gentoo.org>
455     hardened-sources-2.6.20-r10.ebuild:
456     Pulling in yet another new genpatches version, fixing the PWC bug for real.
457 phreak 1.189
458     04 Oct 2007; Christian Heim <phreak@gentoo.org>
459     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
460     Removing old versions.
461 phreak 1.188
462     *hardened-sources-2.6.22-r7 (01 Oct 2007)
463    
464     01 Oct 2007; Christian Heim <phreak@gentoo.org>
465     +hardened-sources-2.6.22-r7.ebuild:
466     Revision bump, pulling in a newer patch. Should fix #194276.
467 phreak 1.187
468     30 Sep 2007; Christian Heim <phreak@gentoo.org>
469     hardened-sources-2.6.20-r10.ebuild:
470     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
471     Mike Doty).
472 phreak 1.186
473     *hardened-sources-2.6.22-r6 (26 Sep 2007)
474    
475     26 Sep 2007; Christian Heim <phreak@gentoo.org>
476     +hardened-sources-2.6.22-r6.ebuild:
477     Revision bump, grabbing up till Linux 2.6.22.9.
478 phreak 1.185
479     24 Sep 2007; Christian Heim <phreak@gentoo.org>
480     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
481     Cleaning up further.
482 phreak 1.184
483     *hardened-sources-2.6.20-r10 (24 Sep 2007)
484    
485     24 Sep 2007; Christian Heim <phreak@gentoo.org>
486     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
487     +hardened-sources-2.6.20-r10.ebuild:
488     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
489     revisions.
490 phreak 1.183
491     *hardened-sources-2.6.22-r5 (22 Sep 2007)
492    
493     22 Sep 2007; Christian Heim <phreak@gentoo.org>
494     +hardened-sources-2.6.22-r5.ebuild:
495     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
496 phreak 1.182
497     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
498     Removing johnm from metadata.xml (see #186467 for reference).
499 phreak 1.181
500     *hardened-sources-2.6.22-r4 (17 Sep 2007)
501    
502     17 Sep 2007; Christian Heim <phreak@gentoo.org>
503     +hardened-sources-2.6.22-r4.ebuild:
504     Revision bump, hopefully fixing all those weird PAX failures.
505 phreak 1.180
506     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
507     Updating the metadata.xml.
508 phreak 1.179
509     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
510     Removing tocharian from metadata due to his retirement (see #71718 for
511     reference).
512 phreak 1.178
513     *hardened-sources-2.6.20-r9 (30 Aug 2007)
514    
515     30 Aug 2007; Christian Heim <phreak@gentoo.org>
516     +hardened-sources-2.6.20-r9.ebuild:
517     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
518 phreak 1.177
519     29 Aug 2007; Christian Heim <phreak@gentoo.org>
520     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
521     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
522     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
523     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
524     -hardened-sources-2.6.22-r2.ebuild:
525     Removing some redundant versions.
526 phreak 1.176
527     *hardened-sources-2.4.35-r1 (29 Aug 2007)
528    
529     29 Aug 2007; Christian Heim <phreak@gentoo.org>
530     +hardened-sources-2.4.35-r1.ebuild:
531     Revision bump, new grsecurity patch.
532 phreak 1.175
533     *hardened-sources-2.6.20-r8 (26 Aug 2007)
534    
535     26 Aug 2007; Christian Heim <phreak@gentoo.org>
536     +hardened-sources-2.6.20-r8.ebuild:
537     Revision bump for Linux 2.6.20.17.
538 phreak 1.174
539     *hardened-sources-2.6.22-r3 (22 Aug 2007)
540    
541     22 Aug 2007; Christian Heim <phreak@gentoo.org>
542     +hardened-sources-2.6.22-r3.ebuild:
543     Revision bump for Linux 2.6.22.4.
544 phreak 1.173
545     16 Aug 2007; Christian Heim <phreak@gentoo.org>
546     hardened-sources-2.6.22-r2.ebuild:
547     Updated patchset, to fix the alignment against 2.6.22.3.
548 phreak 1.172
549     *hardened-sources-2.6.22-r2 (16 Aug 2007)
550    
551     16 Aug 2007; Christian Heim <phreak@gentoo.org>
552     +hardened-sources-2.6.22-r2.ebuild:
553     Revision bump for Linux 2.6.22.3.
554 phreak 1.171
555     *hardened-sources-2.4.35 (16 Aug 2007)
556    
557     16 Aug 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.4.35.ebuild:
559     Version bump, initial version for Linux 2.4.35.
560 phreak 1.170
561     *hardened-sources-2.6.21-r4 (16 Aug 2007)
562    
563     16 Aug 2007; Christian Heim <phreak@gentoo.org>
564     +hardened-sources-2.6.21-r4.ebuild:
565     Revision bump for Linux 2.6.21.6.
566 phreak 1.169
567     *hardened-sources-2.6.20-r7 (16 Aug 2007)
568    
569     16 Aug 2007; Christian Heim <phreak@gentoo.org>
570     +hardened-sources-2.6.20-r7.ebuild:
571     Revision bump for Linux 2.6.20.16.
572 phreak 1.168
573     *hardened-sources-2.6.22-r1 (13 Aug 2007)
574    
575     13 Aug 2007; Christian Heim <phreak@gentoo.org>
576     +hardened-sources-2.6.22-r1.ebuild:
577     Yet another revision bump.
578 phreak 1.167
579     *hardened-sources-2.6.22 (10 Aug 2007)
580    
581     10 Aug 2007; Christian Heim <phreak@gentoo.org>
582     +hardened-sources-2.6.22.ebuild:
583     Initial release for 2.6.22. If you are using hardened-sources on a desktop
584     machine (P4 or newer), be aware you might need to disable
585     CONFIG_PAX_PAGEEXEC.
586 phreak 1.166
587     04 Aug 2007; Christian Heim <phreak@gentoo.org>
588     hardened-sources-2.6.20-r6.ebuild:
589     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
590     2.6.20.15.
591 phreak 1.165
592     10 Jul 2007; Christian Heim <phreak@gentoo.org>
593     hardened-sources-2.6.20-r5.ebuild:
594     Marking hardened-sources-2.6.20-r5 stable on ppc.
595 phreak 1.164
596     10 Jul 2007; Christian Heim <phreak@gentoo.org>
597     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
598     Cleanup.
599 phreak 1.163
600     *hardened-sources-2.6.20-r6 (08 Jul 2007)
601    
602     08 Jul 2007; Christian Heim <phreak@gentoo.org>
603     +hardened-sources-2.6.20-r6.ebuild:
604     Revision bump, grabbing yet another stable release.
605 phreak 1.162
606     17 Jun 2007; Christian Heim <phreak@gentoo.org>
607     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
608     -hardened-sources-2.6.21-r2.ebuild:
609     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
610     alpha stable KEYWORD by mistake.
611 phreak 1.161
612     17 Jun 2007; Christian Heim <phreak@gentoo.org>
613     hardened-sources-2.6.20-r5.ebuild:
614     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
615     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
616 phreak 1.160
617     *hardened-sources-2.6.21-r3 (12 Jun 2007)
618    
619     12 Jun 2007; Christian Heim <phreak@gentoo.org>
620     +hardened-sources-2.6.21-r3.ebuild:
621     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
622     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
623     love.
624 phreak 1.159
625     *hardened-sources-2.6.20-r5 (11 Jun 2007)
626    
627     11 Jun 2007; Christian Heim <phreak@gentoo.org>
628     +hardened-sources-2.6.20-r5.ebuild:
629     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
630     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
631     love.
632 pappy 1.158
633     *hardened-sources-2.4.34.5 (11 Jun 2007)
634    
635     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
636     +hardened-sources-2.4.34.5.ebuild:
637     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
638 phreak 1.157
639     30 May 2007; Christian Heim <phreak@gentoo.org>
640     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
641     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
642     stale ebuild(s).
643 phreak 1.156
644     30 May 2007; Christian Heim <phreak@gentoo.org>
645     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
646     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
647     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
648     Doing some cleanups, remove stale ebuilds.
649 phreak 1.155
650     26 May 2007; Christian Heim <phreak@gentoo.org>
651     hardened-sources-2.6.21-r2.ebuild:
652     Fixing the grsecurity patch, had one '};' too much.
653 phreak 1.154
654     *hardened-sources-2.6.21-r2 (26 May 2007)
655    
656     26 May 2007; Christian Heim <phreak@gentoo.org>
657     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
658     +hardened-sources-2.6.21-r2.ebuild:
659     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
660     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
661 phreak 1.153
662     *hardened-sources-2.6.20-r4 (26 May 2007)
663    
664     26 May 2007; Christian Heim <phreak@gentoo.org>
665     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
666     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
667 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
668 phreak 1.152
669     15 May 2007; Christian Heim <phreak@gentoo.org>
670     hardened-sources-2.6.20-r3.ebuild:
671     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
672     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
673     grsecurity patch fail in that exact same hunk.
674 phreak 1.151
675     *hardened-sources-2.6.20-r3 (15 May 2007)
676    
677     15 May 2007; Christian Heim <phreak@gentoo.org>
678     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
679     Revision bump, incorporating Linux 2.6.20.11.
680    
681     *hardened-sources-2.6.21-r1 (11 May 2007)
682    
683     11 May 2007; Christian Heim <phreak@gentoo.org>
684     +hardened-sources-2.6.21-r1.ebuild:
685     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
686     mentioned in #177234.
687 kevquinn 1.150
688     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
689     files/digest-hardened-sources-2.6.21, Manifest:
690     Fix Manifest/digest for linux-2.6.21.tar.bz2
691 phreak 1.149
692     06 May 2007; Christian Heim <phreak@gentoo.org>
693     hardened-sources-2.6.21.ebuild:
694     Bumping the hardened-patches version, needed for the fix for #177234.
695 phreak 1.148
696     *hardened-sources-2.6.21 (02 May 2007)
697    
698     02 May 2007; Christian Heim <phreak@gentoo.org>
699     +hardened-sources-2.6.21.ebuild:
700     Version bump, Linux 2.6.21-hardened.
701 phreak 1.147
702     29 Apr 2007; Christian Heim <phreak@gentoo.org>
703     hardened-sources-2.6.20-r2.ebuild:
704     Adding ~ia64 on Ned's request.
705 phreak 1.146
706     29 Apr 2007; Christian Heim <phreak@gentoo.org>
707     hardened-sources-2.6.20-r2.ebuild:
708     Fixing the included grsecurity patch, wasn't alligning due to the Index:
709     header line(s).
710 phreak 1.145
711     29 Apr 2007; Christian Heim <phreak@gentoo.org>
712     hardened-sources-2.6.20-r2.ebuild:
713     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
714 armin76 1.144
715     *hardened-sources-2.6.20-r2 (10 Apr 2007)
716    
717     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
718     +hardened-sources-2.6.20-r2.ebuild:
719     Version bump, on behalf of phreak
720 phreak 1.143
721     *hardened-sources-2.6.20-r1 (04 Apr 2007)
722    
723     04 Apr 2007; Christian Heim <phreak@gentoo.org>
724     +hardened-sources-2.6.20-r1.ebuild:
725     Revision bump, grabbing a newer grsecurity snapshot.
726 phreak 1.142
727     *hardened-sources-2.6.20 (25 Mar 2007)
728    
729     25 Mar 2007; Christian Heim <phreak@gentoo.org>
730     +hardened-sources-2.6.20.ebuild:
731     Finally a hardened-sources version for 2.6.20; many people have been waiting
732     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
733     testbox.
734 chainsaw 1.141
735     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
736     hardened-sources-2.6.18-r6.ebuild:
737     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
738 phreak 1.140
739     *hardened-sources-2.6.18-r6 (16 Mar 2007)
740    
741     16 Mar 2007; Christian Heim <phreak@gentoo.org>
742     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
743     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
744     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
745     supposed to be.
746 phreak 1.139
747     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
748     Fixing the Manifest, the previous one was broken (as in still had the
749     deleted ebuild in it).
750 phreak 1.138
751     06 Mar 2007; Christian Heim <phreak@gentoo.org>
752     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
753     +hardened-sources-2.6.18-r5.ebuild:
754     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
755     Linux 2.6.18.8. Also cleaning up the older version.
756    
757     *hardened-sources-2.6.18-r5 (06 Mar 2007)
758    
759     06 Mar 2007; Christian Heim <phreak@gentoo.org>
760     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
761     +hardened-sources-2.6.18-r5.ebuild:
762     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
763     Linux 2.6.18.8. Also cleaning up the older version.
764 phreak 1.137
765     24 Feb 2007; Christian Heim <phreak@gentoo.org>
766     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
767     -hardened-sources-2.6.19-r5.ebuild:
768     Removing some of the old version, that didn't work.
769 phreak 1.136
770     *hardened-sources-2.6.19-r6 (12 Feb 2007)
771    
772     12 Feb 2007; Christian Heim <phreak@gentoo.org>
773     +hardened-sources-2.6.19-r6.ebuild:
774     Revision bump, including a new grsec version fixing #166235.
775 pappy 1.134
776     *hardened-sources-2.4.34 (24 Jan 2007)
777    
778     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
779 pappy 1.135 Manifest:
780     updating Manifest with checksums of new tarball and ebuild
781    
782     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
783 pappy 1.134 +hardened-sources-2.4.34.ebuild:
784     I added new hardened sources 2.4 update, this is a critical path
785     security bugfix - all users of h-s are strongly advised
786     to update their existing hardened sources to this version.
787     It contains a fix for a kernel vulnerability that is pertaining
788     to the PaX changes to virtual memory management, possibly leading
789     to a local kernel exploit ... see grsecurity.net forums and homepage
790 phreak 1.133
791     23 Jan 2007; Christian Heim <phreak@gentoo.org>
792     files/digest-hardened-sources-2.6.19-r5, Manifest:
793     Fixing the patch-tarball digest.
794 phreak 1.132
795     *hardened-sources-2.6.19-r5 (23 Jan 2007)
796    
797     23 Jan 2007; Christian Heim <phreak@gentoo.org>
798     +hardened-sources-2.6.19-r5.ebuild:
799     Revision bump, closing the recently discovered PaX expand_stack()
800     vulnerability.
801 phreak 1.131
802     *hardened-sources-2.6.19-r4 (14 Jan 2007)
803    
804     14 Jan 2007; Christian Heim <phreak@gentoo.org>
805     +hardened-sources-2.6.19-r4.ebuild:
806     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
807     dropping the randomized PID feature.
808 opfer 1.130
809     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
810     hardened-sources-2.4.33.4.ebuild:
811     stable x86, bug #161171
812 phreak 1.129
813     *hardened-sources-2.6.19-r3 (27 Dec 2006)
814    
815     27 Dec 2006; Christian Heim <phreak@gentoo.org>
816     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
817     Revision bump for bug #157186 and #158786.
818 phreak 1.128
819     *hardened-sources-2.6.18-r4 (27 Dec 2006)
820    
821     27 Dec 2006; Christian Heim <phreak@gentoo.org>
822     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
823     Revision bump for bug #157186.
824 phreak 1.127
825     *hardened-sources-2.6.19-r2 (23 Dec 2006)
826    
827     23 Dec 2006; Christian Heim <phreak@gentoo.org>
828     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
829     Revision bump to pull in genpatches-2.6.19-3 for #157186.
830 phreak 1.126
831     17 Dec 2006; Christian Heim <phreak@gentoo.org>
832     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
833     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
834     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
835     hardened-sources-2.6.19-r1.ebuild:
836     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
837     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
838 pappy 1.125
839     *hardened-sources-2.4.33.4 (17 Dec 2006)
840    
841     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
842     +hardened-sources-2.4.33.4.ebuild:
843     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
844     and quilting
845 phreak 1.124
846     *hardened-sources-2.6.19-r1 (14 Dec 2006)
847    
848     14 Dec 2006; Christian Heim <phreak@gentoo.org>
849     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
850     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
851     for reporting).
852 phreak 1.123
853     *hardened-sources-2.6.19 (13 Dec 2006)
854    
855     13 Dec 2006; Christian Heim <phreak@gentoo.org>
856     +hardened-sources-2.6.19.ebuild:
857     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
858     Brad for providing that prompt update.
859 phreak 1.122
860     *hardened-sources-2.6.18-r3 (13 Dec 2006)
861    
862     13 Dec 2006; Christian Heim <phreak@gentoo.org>
863     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
864     +hardened-sources-2.6.18-r3.ebuild:
865     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
866     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
867 phreak 1.121
868     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
869     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
870 nixnut 1.120
871     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
872     Stable on ppc wrt bug 157356
873 opfer 1.119
874     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
875     hardened-sources-2.6.18.ebuild:
876     stable x86, bug #157356
877 phreak 1.118
878     *hardened-sources-2.6.18-r2 (06 Dec 2006)
879    
880     06 Dec 2006; Christian Heim <phreak@gentoo.org>
881     +hardened-sources-2.6.18-r2.ebuild:
882     Revision bump, including 2.6.18.5 (via genpatches) and
883     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
884     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
885     redesign.
886 phreak 1.117
887     06 Dec 2006; Christian Heim <phreak@gentoo.org>
888     hardened-sources-2.6.18.ebuild:
889     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
890     of Mike Doty).
891 phreak 1.116
892     *hardened-sources-2.6.18-r1 (23 Nov 2006)
893    
894     23 Nov 2006; Christian Heim <phreak@gentoo.org>
895     +hardened-sources-2.6.18-r1.ebuild:
896     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
897 phreak 1.115
898     *hardened-sources-2.6.18 (11 Nov 2006)
899    
900     11 Nov 2006; Christian Heim <phreak@gentoo.org>
901     +hardened-sources-2.6.18.ebuild:
902     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
903 solar 1.114
904     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
905     - mark amd64 stable also. bug #151877
906 solar 1.113
907     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
908     - mark 2.6.17-r1 stable
909 phreak 1.112
910     27 Aug 2006; Christian Heim <phreak@gentoo.org>
911     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
912     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
913 phreak 1.111
914     *hardened-sources-2.6.17-r1 (26 Aug 2006)
915    
916     26 Aug 2006; Christian Heim <phreak@gentoo.org>
917     +hardened-sources-2.6.17-r1.ebuild:
918     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
919     grsecurity patch.
920 phreak 1.110
921     *hardened-sources-2.6.17 (17 Aug 2006)
922    
923     17 Aug 2006; Christian Heim <phreak@gentoo.org>
924     +hardened-sources-2.6.17.ebuild:
925     Bumping the hardened-sources-2.6 series to 2.6.17, using
926     genpatches-2.6.17-6.base.
927 solar 1.109
928     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
929     - stable on x86 and amd64
930 solar 1.108
931     *hardened-sources-2.6.16-r11 (15 Jul 2006)
932    
933     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
934     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
935     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
936     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
937     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
938     crusty ebuilds
939 johnm 1.107
940     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
941     hardened-sources-2.6.16-r10.ebuild:
942     marking stable on x86 and amd64
943 solar 1.106
944     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
945     - 2.4.32-r6 stable on x86. RSBAC state unknown
946 kang 1.105
947     *hardened-sources-2.4.32-r7 (10 Jul 2006)
948    
949     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
950     +hardened-sources-2.4.32-r7.ebuild:
951     Bump PaX for RSBAC to test-17
952 johnm 1.104
953     *hardened-sources-2.6.16-r9 (03 Jul 2006)
954    
955     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
956     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
957     hardened-sources-2.6.16 bump to latest -base.
958 solar 1.103
959     *hardened-sources-2.4.32-r6 (30 Jun 2006)
960    
961     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
962     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
963     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
964     sysctl controlable resource logging
965 johnm 1.102
966     *hardened-sources-2.6.16-r7 (05 Jun 2006)
967    
968     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
969     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
970     push new 2.6.16 release in preparation for stable
971 solar 1.101
972     22 May 2006; <solar@gentoo.org> :
973     - redigest bug 134002
974 kang 1.100
975     *hardened-sources-2.4.32-r5 (16 May 2006)
976    
977     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
978     +hardened-sources-2.4.32-r5.ebuild:
979     Fixes rsbac common patching (new patch in new -r5 patchset)
980 solar 1.99
981     *hardened-sources-2.4.32-r4 (13 May 2006)
982    
983     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
984     +hardened-sources-2.4.32-r4.ebuild:
985     - security bumps
986 johnm 1.98
987     *hardened-sources-2.6.16-r6 (03 May 2006)
988    
989     03 May 2006; John Mylchreest <johnm@gentoo.org>
990     +hardened-sources-2.6.16-r6.ebuild:
991     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
992 johnm 1.97
993     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
994     hardened-sources-2.6.14-r8.ebuild:
995     fix x86_64 build problem, this will delay the digest issue again for a short
996     while but it will sort itself out
997 johnm 1.96
998     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
999     hardened-sources-2.6.14-r8.ebuild:
1000     bump hardened patchset
1001 antarus 1.94
1002     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1003     files/digest-hardened-sources-2.4.32-r2,
1004     files/digest-hardened-sources-2.4.32-r3,
1005     files/digest-hardened-sources-2.6.14-r8, Manifest:
1006     Fixing duff SHA256 digests: Bug # 131293
1007 johnm 1.93
1008 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1009    
1010     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1011     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1012     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1013     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1014     cleanup of old uneccessary sources
1015    
1016 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1017     fix digest
1018 johnm 1.92
1019     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1020    
1021     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1022     +hardened-sources-2.6.14-r8.ebuild:
1023     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1024 johnm 1.91
1025     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1026     Turning on gpg-signing again, and recomitting
1027 johnm 1.90
1028     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1029    
1030     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1031     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1032     +hardened-sources-2.6.16-r4.ebuild:
1033     Fix numerous security vulns
1034 solar 1.89
1035     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1036    
1037     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1038     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1039     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1040     - security bump for bug #112791. Removed old ebuilds
1041 johnm 1.88
1042     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1043    
1044     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1045     +hardened-sources-2.6.16-r3.ebuild:
1046     Removing silly localversion which I missed
1047 johnm 1.87
1048     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1049    
1050     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1051     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1052     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1053 johnm 1.86
1054     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1055    
1056     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1057     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1058     +hardened-sources-2.6.16-r2.ebuild:
1059     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1060     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1061 johnm 1.85
1062     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1063    
1064     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1065     +hardened-sources-2.6.16-r1.ebuild:
1066     Bumping to include ppc build fix and 2.6.16.3
1067 tsunam 1.84
1068     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1069     hardened-sources-2.6.14-r6.ebuild:
1070     Stable on x86; bug #127718
1071 johnm 1.83
1072     *hardened-sources-2.6.16 (31 Mar 2006)
1073    
1074     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1075     +hardened-sources-2.6.16.ebuild:
1076     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1077     2.6.16.1
1078 cryos 1.82
1079     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1080     hardened-sources-2.6.14-r6.ebuild:
1081     Stable on amd64, bug 127718.
1082 nixnut 1.81
1083     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1084     Stable on ppc. Bug #127718
1085 johnm 1.80
1086     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1087     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1088     -hardened-sources-2.6.14-r4.ebuild:
1089     Cleanup.
1090 johnm 1.79
1091     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1092    
1093     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1094     +hardened-sources-2.6.14-r6.ebuild:
1095     Fixes grsec policy recreation bug and adds a
1096     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1097 solar 1.78
1098     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1099     - stable on x86
1100 hansmi 1.77
1101     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1102     hardened-sources-2.6.14-r5.ebuild:
1103     Stable on ppc.
1104 johnm 1.76
1105     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1106    
1107     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1108     +hardened-sources-2.6.14-r5.ebuild:
1109     fixing every known exploit
1110 solar 1.75
1111     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1112    
1113     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1114     +hardened-sources-2.4.32-r2.ebuild:
1115     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1116 solar 1.74
1117     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1118    
1119     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1120     - version bump for new genpatches which fix up a few sec holes
1121 solar 1.73
1122     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1123    
1124     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1125     - revision bump to add misc vital linux kernel security patches.
1126 johnm 1.72
1127     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1128    
1129     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1130     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1131     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1132 johnm 1.71
1133     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1134     hardened-sources-2.6.14-r2.ebuild:
1135     making x86 & amd64 stable following testing.
1136 johnm 1.70
1137     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1138    
1139     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1140     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1141     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1142     network hooks.
1143 johnm 1.69
1144     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1145     hardened-sources-2.6.14-r1.ebuild:
1146     bumping to stable early for sec fix on x86 & amd64
1147 johnm 1.68
1148     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1149    
1150     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1151     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1152     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1153 solar 1.67
1154     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1155     - stable on x86 security bug #114227 CAN-2005-3257
1156 kang 1.66
1157     *hardened-sources-2.4.32 (19 Nov 2005)
1158    
1159     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1160     +hardened-sources-2.4.32.ebuild:
1161     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1162     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1163     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1164     rsbac >> /etc/portage/package.use)
1165 johnm 1.65
1166     *hardened-sources-2.6.14 (14 Nov 2005)
1167    
1168     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1169     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1170     Bumping 2.6 series to 2.6.14.2
1171 johnm 1.64
1172     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1173    
1174     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1175     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1176     +hardened-sources-2.6.13-r2.ebuild:
1177     Fixes minor build error in ppc.
1178 johnm 1.63
1179     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1180    
1181     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1182     +hardened-sources-2.6.13-r1.ebuild:
1183     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1184     2.6.13.4, fixes some major amd64 stability problems.
1185 johnm 1.62
1186     *hardened-sources-2.6.13 (16 Sep 2005)
1187    
1188     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1189     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1190     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1191     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1192     users should test this thoroughly.
1193 solar 1.61
1194     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1195     - stable on x86
1196 johnm 1.60
1197     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1198    
1199     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1200     +hardened-sources-2.6.11-r15.ebuild:
1201     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1202     grsec redefining curr_ip struct.
1203 solar 1.59
1204     *hardened-sources-2.4.31 (20 Jun 2005)
1205    
1206     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1207     initial import of 2.4.31 tree
1208 johnm 1.58
1209     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1210    
1211     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1212     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1213     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1214     naming scheme to abide by genpatches
1215 johnm 1.57
1216     *hardened-sources-2.6.11-r13 (18 May 2005)
1217    
1218     18 May 2005; John Mylchreest <johnm@gentoo.org>
1219     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1220     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1221     target. sorry about that. Fixes bug #93022
1222 johnm 1.56
1223     *hardened-sources-2.6.11-r12 (17 May 2005)
1224    
1225     17 May 2005; John Mylchreest <johnm@gentoo.org>
1226     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1227     +hardened-sources-2.6.11-r12.ebuild:
1228     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1229     merges in genpatches-base
1230 johnm 1.55
1231     *hardened-sources-2.6.11-r12 (17 May 2005)
1232    
1233     17 May 2005; John Mylchreest <johnm@gentoo.org>
1234     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1235     +hardened-sources-2.6.11-r12.ebuild:
1236     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1237     merges in genpatches-base
1238 solar 1.54
1239     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1240     -files/2.4.27-cmdline-race.patch,
1241     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1242     -files/2.4.28-grsec-binfmt_a.out.patch,
1243     -files/2.4.28-grsec-cmdline-race.patch,
1244     -files/2.4.28-selinux-binfmt_a.out.patch,
1245     -files/2.4.28-selinux-cmdline-race.patch,
1246     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1247     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1248     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1249     cleanup..
1250 solar 1.53
1251     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1252    
1253     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1254     - disable aout by default
1255 solar 1.52
1256     *hardened-sources-2.4.30 (18 Apr 2005)
1257    
1258     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1259     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1260     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1261     use
1262 tocharian 1.50
1263 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1264    
1265     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1266     +hardened-sources-2.4.29.ebuild:
1267     New hardened-patches-2.4-29.0 patchball.
1268     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1269    
1270     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1271    
1272     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1273     +hardened-sources-2.4.28-r5.ebuild:
1274     Added a fix for a PaX vulnerability.
1275    
1276     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1277 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1278     Stable on x86
1279 solar 1.49
1280     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1281     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1282     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1283     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1284     - fixed/added RDEPEND= in all kernel-2 ebuilds
1285 tocharian 1.48
1286     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1287    
1288     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1289     +hardened-sources-2.4.28-r4.ebuild:
1290     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1291     backport of neighbour hash updates.
1292 tocharian 1.47
1293     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1294     hardened-sources-2.4.28-r3.ebuild:
1295     Stable on x86
1296 tseng 1.46
1297     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1298    
1299     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1300     +hardened-sources-2.6.10-r3.ebuild:
1301     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1302     in 2005.0
1303 tocharian 1.45
1304     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1305     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1306     hardened-sources-2.4.28-r2.ebuild:
1307     Mark stable on x86
1308 tocharian 1.44
1309     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1310    
1311     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1312     +hardened-sources-2.4.28-r3.ebuild:
1313     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1314 tocharian 1.43
1315     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1316     hardened-sources-2.4.28.ebuild:
1317     Mark stable on x86.
1318 tocharian 1.42
1319     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1320    
1321     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1322     +hardened-sources-2.4.28-r2.ebuild:
1323     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1324     Mazinger for grsecurity patches as well.
1325 plasmaroo 1.41
1326     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1327    
1328     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1329     Security bump. Thank tocharian for rolling a new patchset...
1330 solar 1.40
1331     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1332     +files/2.4.28-grsec-cmdline-race.patch,
1333     +files/2.4.28-selinux-binfmt_a.out.patch,
1334     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1335     - Round up remaining security patches that appear to be missing in 2.4.28. -
1336     PaX standalone updated to current. hgpv=28.1
1337 solar 1.39
1338     *hardened-sources-2.4.28 (28 Nov 2004)
1339    
1340     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1341     security bump. Thank tocharian for rolling a new patchset
1342 scox 1.31
1343 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1344    
1345     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1346     +hardened-sources-2.4.27-r3.ebuild:
1347     Applies the new 2.4-27.2 patchball which updates
1348     GRSecurity to the 2.0.1 version.
1349    
1350 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1351    
1352     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1353     +hardened-sources-2.4.27-r2.ebuild:
1354     Version bump.
1355     This version uses the new 2.4-27.1 patchball which updates
1356     both the SELinux PaX hooks patch and the SELinux headers.
1357    
1358 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1359    
1360     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1361     +hardened-sources-2.4.27-r1.ebuild,
1362     -hardened-sources-2.4.27.ebuild,
1363     +files/2.4.27-cmdline-race.patch:
1364     Version bump, fix for cmdline race. See bug #59905.
1365    
1366     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1367    
1368     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1369     +hardened-sources-2.4.26-r6.ebuild,
1370     -hardened-sources-2.4.26-r5.ebuild,
1371     -hardened-sources-2.4.26-r4.ebuild,
1372     +files/2.4.26-cmdline-race.patch:
1373     Version bump, fix for cmdline race. See bug #59905.
1374    
1375 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1376    
1377     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1378     +hardened-sources-2.4.27.ebuild,
1379     +files/2.4.27-CAN-2004-0394.patch:
1380     Ported the patchball to the 2.4.27 kernel version.
1381    
1382 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1383    
1384     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1385     +hardened-sources-2.4.26-r5.ebuild:
1386 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1387 scox 1.34 It adds the following features:
1388     - Squashfs
1389     - Ebtables
1390     - Netdev random (core+drivers)
1391     - Watchdog Timer (WDT) fix.
1392    
1393 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1394    
1395     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1396     +hardened-sources-2.4.26-r4.ebuild,
1397     +files/2.4.26-CAN-2004-0415.patch,
1398     -hardened-sources-2.4.26-3:
1399     Version bump, fix for CAN 0415, see bug #59378.
1400    
1401 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1402    
1403     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1404     +hardened-sources-2.4.26-r3.ebuild,
1405     +files/2.4.26-CAN-2004-0497.patch,
1406     -hardened-sources-2.4.26-r2.ebuild:
1407     Version bump, fixed CAN 0497, see bug #56171.
1408    
1409 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1410    
1411     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1412 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1413 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1414     +files/2.4.26-CAN-2004-0535.patch,
1415     -hardened-sources-2.4.26-r1.ebuild:
1416     Fixes for both CAN 0495 and 0535, see bug #54976
1417 pvdabeel 1.27
1418 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1419     hardened-sources-2.4.26-r1.ebuild:
1420     QA - fix use invocation
1421 scox 1.28
1422     *hardened-sources-2.4.26-r1 (22 June 2004)
1423    
1424     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1425     +hardened-sources-2.4.26-r1.ebuild,
1426     +files/2.4.26-CAN-2004-0394.patch,
1427     +files/2.4.26-signal-race.patch,
1428     -hardened-sources-2.4.26.ebuild,
1429     -hardened-sources-2.4.24-r3.ebuild:
1430     Version bump for the CAN-2004-0394 issue and bug #53804
1431     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1432    
1433    
1434 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1435     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1436     Masked hardened-sources-2.4.26.ebuild broken for ppc
1437    
1438     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1439     hardened-sources-2.4.24-r3.ebuild:
1440     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1441 plasmaroo 1.25
1442 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1443    
1444     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1445     +hardened-sources-2.4.26.ebuild:
1446     Updated hardened-sources for the 2.4.26 kernel
1447     Removed broken components, updated almost everything.
1448    
1449 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1450    
1451     17 Apr 2004; <plasmaroo@gentoo.org>
1452     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1453     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1454     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1455     +hardened-sources-2.4.24-r3.ebuild:
1456     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1457     vulnerabilities. Old revisions removed.
1458 plasmaroo 1.24
1459     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1460    
1461     15 Apr 2004; <plasmaroo@gentoo.org>
1462     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1463     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1464     Version bump for the CAN-2004-0109 issue; bug #47881.
1465 aliz 1.23
1466     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1467     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1468     Add eutils to inherit.
1469 plasmaroo 1.22
1470     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1471    
1472     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1473     files/hardened-sources-2.4.24.munmap.patch:
1474     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1475 scox 1.19
1476 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1477 scox 1.26
1478 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1479     hardened-sources-2.4.24.ebuild:
1480     Version bump, updated most of the components.
1481     This release includes the following:
1482    
1483     - Hardened security
1484     - Netfilter patch-o-matic 20031219
1485     - FreeSWAN 2.04 & x509 1.4.8
1486     - EVMS 2.2.2
1487     - XFS 1.3.1
1488     - cryptoloop jari
1489     - grsecurity 2.0-rc4
1490     - SELinux
1491     - PaX 200402060000
1492     - PaX Obscurity 200308302223
1493     - Others...
1494    
1495     Neither -ck nor systrace are included anymore.
1496    
1497 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1498    
1499     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1500     hardened-sources-2.4.22-r2.ebuild:
1501 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1502 scox 1.19
1503     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1504 iggy 1.17
1505     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1506 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1507 iggy 1.16
1508     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1509 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1510     Version bump for the 'do_brk' vulnerability.
1511 iggy 1.15
1512     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1513     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1514     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1515     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1516 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1517 frogger 1.14
1518     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1519     hardened-sources-2.4.22.ebuild:
1520 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1521     components. These are no longer handled in the kernel
1522     so this code was not necessary.
1523 frogger 1.13
1524     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1525     New 2.4.22 based hardened-sources thanks to
1526     Phil West <p.west@computer.org>.
1527    
1528     These sources include:
1529 plasmaroo 1.18 - New SELinux API
1530     - Updated CK-base
1531     - Updated GRSec
1532     - Systrace
1533     - SuperFreeS/WAN 1.99.8
1534     - Propolice kernel build support
1535     - EVMS
1536     - Other various security related patches
1537 frogger 1.11
1538 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1539    
1540     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1541     Updated hardened-sources based on the 2.4.21 Linux kernel.
1542     This includes updates to most major components such as:
1543 plasmaroo 1.18 - ck-base-0306300059
1544     - selinux-2.4-2003071106
1545     - grsecurity-2.0-rc1
1546     - Updated IPTables patch-o-matic
1547     - Updated SuperFreeS/WAN
1548    
1549 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1550     updated patch set ready for the 2.4.21 based kernel.
1551    
1552 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1553     Initial import of hardened-sources-2.4.20-r4. This revision
1554     includes only a few changes, but one of these is an important
1555     security fix. It is recommended all users of hardened-sources
1556     upgrade to this release.
1557 plasmaroo 1.18
1558 frogger 1.11 - ioperm bug fix
1559     - fixed compilation failure when building without GRSec
1560 plasmaroo 1.18
1561 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1562     due to time constraints, but is planned for inclusion in the near
1563     future.
1564 msterret 1.10
1565     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1566    
1567     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1568     hardened-sources-2.4.20-r3.ebuild:
1569 plasmaroo 1.18 Add Header...
1570 frogger 1.9
1571     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1572     hardened-sources-2.4.20-r3.ebuild:
1573     Removed warnings from ebuild. This kernel should be safe to
1574     use at this point.
1575 frogger 1.8
1576     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1577    
1578     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1579     hardened-sources-2.4.20-r3.ebuild:
1580     New revision. Includes the following changes over -r2:
1581 plasmaroo 1.18
1582 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1583     - Super FreeS/WAN 1.99.7rc2
1584     - PaX for the LSM/SELinux branch
1585     - GRSecurity 2.0-pre4 (role based access control)
1586     - Systrace 1.3
1587     - EXT3 fixes
1588     - EVMS 2.0.1
1589     - GCC 3.1+ compile optimizations
1590     - ProPolice kernel build support
1591     - Hashing table security fixes
1592 frogger 1.3
1593     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1594 frogger 1.7
1595     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1596     Initial import of hardened-sources-r2. This new
1597     ebuild includes many new performance and security
1598     related patches. As in -r1, it will patch in
1599     LSM/SELinux if "selinux" is in USE, otherwise it
1600     will patch in GRSecurity. The following patches
1601     are included in this revision:
1602 plasmaroo 1.18
1603 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1604     (pulled from the base CK patch)
1605     - ptrace exploit patch for the LSM kernel
1606     (the GRSec patch already fixes this)
1607     - LSM 2.4-2003040709
1608     - SELinux 2.4-2003040709
1609     - Systrace v1.2
1610     - IPTables patch-o-matic base patches - 20030107
1611     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1612     - Super FreeS/WAN 1.99.6.1
1613     - GRSecurity 1.9.9g
1614     - MPPE
1615     - EXT3 data journal fix
1616     - CIPE 1.5.4
1617 frogger 1.6
1618     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1619     hardened-sources-2.4.20-r1.ebuild, manifest:
1620 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1621 frogger 1.5
1622     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1623     hardened-sources-2.4.20-r1.ebuild:
1624     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1625     is patched in instead. Ptrace patches for selinux have also been added. In
1626     either case, systrace support will be patched in as well.
1627 frogger 1.3
1628     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1629     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1630 plasmaroo 1.18 Revision bump for new sources.
1631 frogger 1.4
1632 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1633 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1634 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1635 method 1.1
1636 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1637    
1638 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1639     hardened-sources-2.4.20.ebuild:
1640 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20