/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.278 - (hide annotations) (download)
Sat Jan 24 16:36:28 2009 UTC (5 years, 6 months ago) by gengor
Branch: MAIN
Changes since 1.277: +4 -4 lines
Fix referenced bug in Changelog - 253733, not 253773.
(Portage version: 2.1.6.4/cvs/Linux 2.6.27-hardened-r5-rc1-2009012401 i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.278 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.277 2009/01/24 16:22:06 gengor Exp $
4 gengor 1.277
5     *hardened-sources-2.6.27-r5 (24 Jan 2009)
6    
7     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.27-r5.ebuild:
9 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
10 gengor 1.277 254843.
11 gengor 1.276
12     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
13     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
14     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
15     Remove problem versions.
16 nixnut 1.275
17     23 Jan 2009; nixnut <nixnut@gentoo.org>
18     hardened-sources-2.6.25-r13.ebuild:
19     ppc stable
20 gengor 1.274
21     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
22     hardened-sources-2.6.25-r13.ebuild:
23     Fasttrack stable amd64/x86.
24 gengor 1.273
25     *hardened-sources-2.6.26-r9 (21 Jan 2009)
26    
27     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
28     +hardened-sources-2.6.26-r9.ebuild:
29 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
30 gengor 1.272
31     *hardened-sources-2.6.25-r13 (20 Jan 2009)
32    
33     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
34     +hardened-sources-2.6.25-r13.ebuild:
35 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
36 nixnut 1.271
37     20 Jan 2009; nixnut <nixnut@gentoo.org>
38     hardened-sources-2.6.25-r12.ebuild:
39     ppc stable
40 gengor 1.270
41     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
42     hardened-sources-2.6.25-r12.ebuild:
43     Stable amd64/x86.
44 gengor 1.269
45     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
46     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
47     -hardened-sources-2.6.27-r2.ebuild:
48     Clean out old versions.
49 gengor 1.268
50     *hardened-sources-2.6.27-r4 (14 Jan 2009)
51     *hardened-sources-2.6.26-r8 (14 Jan 2009)
52     *hardened-sources-2.6.25-r12 (14 Jan 2009)
53    
54     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
55     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
56     +hardened-sources-2.6.27-r4.ebuild:
57     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
58     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
59     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
60     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
61 nixnut 1.267
62     15 Dec 2008; nixnut <nixnut@gentoo.org>
63     hardened-sources-2.6.25-r11.ebuild:
64     Stable on ppc
65 gengor 1.266
66     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
67     hardened-sources-2.6.25-r11.ebuild:
68     Stable amd64/x86.
69 gengor 1.265
70     *hardened-sources-2.6.27-r3 (07 Dec 2008)
71    
72     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
73     +hardened-sources-2.6.27-r3.ebuild:
74     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
75     Fixes bug #248754, #249729 and #246607.
76 gengor 1.264
77     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
78     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
79     Remove old versions.
80 gengor 1.262
81     *hardened-sources-2.6.26-r7 (03 Dec 2008)
82     *hardened-sources-2.6.25-r11 (03 Dec 2008)
83    
84 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
85     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
86 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
87     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
88     Both include many backports from 2.6.27.{6,7} -stable releases.
89 gengor 1.261
90     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
91     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
92     Remove versions broken on ARCHes != x86/amd64.
93 gengor 1.260
94     *hardened-sources-2.6.27-r2 (24 Nov 2008)
95    
96     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
97     +hardened-sources-2.6.27-r2.ebuild:
98     Bump to Linux 2.6.27.7 and latest grsecurity patch.
99 gengor 1.259
100     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
101     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
102     Remove old versions.
103 gengor 1.258
104     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
105     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
106     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
107 nixnut 1.257
108     16 Nov 2008; nixnut <nixnut@gentoo.org>
109     hardened-sources-2.6.25-r10.ebuild:
110     Stable on ppc
111 gengor 1.256
112     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
113     hardened-sources-2.6.25-r10.ebuild:
114     Stable amd64/x86.
115 gengor 1.255
116     *hardened-sources-2.6.26-r6 (12 Nov 2008)
117    
118     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
119     +hardened-sources-2.6.26-r6.ebuild:
120     Bump to Linux 2.6.26.8 and fix security bug #245650.
121 gengor 1.254
122     *hardened-sources-2.6.25-r10 (12 Nov 2008)
123    
124     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
125     +hardened-sources-2.6.25-r10.ebuild:
126     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
127 gengor 1.253
128     *hardened-sources-2.6.27-r1 (09 Nov 2008)
129    
130     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
131     +hardened-sources-2.6.27-r1.ebuild:
132     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
133 gengor 1.252
134     *hardened-sources-2.6.27 (04 Nov 2008)
135    
136     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
137     +hardened-sources-2.6.27.ebuild:
138     Initial 2.6.27 release.
139 gengor 1.251
140     *hardened-sources-2.6.26-r5 (03 Nov 2008)
141    
142     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
143     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
144     +hardened-sources-2.6.26-r5.ebuild:
145     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
146     Clean out some old versions.
147 nixnut 1.250
148     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
149     Stable on ppc
150 gengor 1.249
151     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
152     hardened-sources-2.6.25-r9.ebuild:
153     Stable on amd64/x86.
154 gengor 1.248
155     *hardened-sources-2.6.25-r9 (26 Oct 2008)
156    
157     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
158     +hardened-sources-2.6.25-r9.ebuild:
159     Update to Linux 2.6.25.19
160 nixnut 1.247
161     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
162     Stable on ppc
163 gengor 1.246
164     *hardened-sources-2.6.26-r4 (14 Oct 2008)
165    
166     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
167     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
168     Update to latest grsecurity patch, fixing building of non-modular kernels.
169 gengor 1.245
170     *hardened-sources-2.6.26-r3 (12 Oct 2008)
171    
172     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
173     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
174     +hardened-sources-2.6.26-r3.ebuild:
175     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
176     2.6.26-r1: Removed.
177     2.6.25-r8: Stable amd64/x86.
178 gengor 1.244
179     *hardened-sources-2.6.25-r8 (09 Oct 2008)
180    
181     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
182     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
183     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
184     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
185 nixnut 1.243
186     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
187     Stable on ppc
188 gengor 1.242
189     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
190     hardened-sources-2.6.25-r7.ebuild:
191     Stable amd64/x86.
192 gengor 1.241
193     *hardened-sources-2.6.26-r2 (13 Sep 2008)
194    
195     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
196     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
197     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
198     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
199 gengor 1.240
200     *hardened-sources-2.6.25-r7 (13 Sep 2008)
201    
202     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
203     +hardened-sources-2.6.25-r7.ebuild:
204     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
205 gengor 1.239
206     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
207     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
208     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
209     hardened-sources-2.6.26-r1.ebuild:
210     Update DESCRIPTION and HGPV_URI.
211 gengor 1.238
212     *hardened-sources-2.6.25-r6 (09 Sep 2008)
213    
214     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
215     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
216     2.6.25-r6: Update to Linux 2.6.25.17.
217     2.6.24-r3: Removed.
218 gengor 1.237
219     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
220     hardened-sources-2.6.25-r5.ebuild:
221     Stable on amd64/x86
222 gengor 1.236
223     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
224     Update my email address.
225 nixnut 1.235
226     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
227     stable on ppc
228 battousai 1.234
229     *hardened-sources-2.6.26-r1 (23 Aug 2008)
230     *hardened-sources-2.6.25-r5 (23 Aug 2008)
231    
232     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
233     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
234     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
235     +hardened-sources-2.6.26-r1.ebuild:
236     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
237     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
238     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
239     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
240     (gengor).
241 solar 1.233
242     *hardened-sources-2.6.26 (18 Aug 2008)
243     *hardened-sources-2.6.25-r4 (18 Aug 2008)
244    
245     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
246     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
247     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
248     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
249     2.6.25-r2: Removed.
250 tove 1.232
251     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
252     Remove phreak from metadata.xml (#96398)
253 solar 1.231
254     *hardened-sources-2.6.25-r3 (31 Jul 2008)
255    
256     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
257     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
258     +hardened-sources-2.6.25-r3.ebuild:
259     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
260     fixes, including security bug #231750.
261 nixnut 1.230
262     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
263     Stable on ppc
264 solar 1.229
265     *hardened-sources-2.6.25-r2 (05 Jul 2008)
266    
267     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
268     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
269     +hardened-sources-2.6.25-r2.ebuild:
270     2.6.23-r4: Stable x86/amd64
271     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
272     2.6.23-r{11,12}: Removed due to multiple vulns.
273     (gengor & kerframil)
274 nixnut 1.228
275     04 Jul 2008; nixnut <nixnut@gentoo.org>
276     hardened-sources-2.6.23-r13.ebuild:
277     Stable on ppc
278 solar 1.227
279     *hardened-sources-2.6.25-r1 (30 Jun 2008)
280    
281     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
282     +hardened-sources-2.6.25-r1.ebuild:
283     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
284     grsecurity release. 2.6.23-r13: x86/amd64 stable
285 solar 1.226
286     *hardened-sources-2.6.25 (17 Jun 2008)
287     *hardened-sources-2.6.24-r3 (17 Jun 2008)
288     *hardened-sources-2.6.23-r13 (17 Jun 2008)
289    
290     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
291     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
292     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
293     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
294     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
295     2.6.25: Initial 2.6.25 release.
296 solar 1.225
297     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
298     - fasttrack to stable x86/amd64
299 swegener 1.224
300     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
301     Fix broken digest for linux-2.6.24.tar.bz2.
302 solar 1.223
303     *hardened-sources-2.6.24-r2 (11 May 2008)
304     *hardened-sources-2.6.23-r12 (11 May 2008)
305    
306     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
307     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
308     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
309     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
310     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
311     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
312     security bugs 219901, 220691, 220975, 220979, 221123. New
313     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
314     should be removed as far as I'm concerned, everything else remove due to
315     vulnerable to numerous security bugs or brokeness.
316 nixnut 1.222
317     10 May 2008; nixnut <nixnut@gentoo.org>
318     hardened-sources-2.6.23-r11.ebuild:
319     Stable on ppc
320 solar 1.221
321     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
322     - -r11 stable on x86/amd64
323 solar 1.220
324     *hardened-sources-2.6.23-r11 (01 May 2008)
325    
326     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
327     - version bump to fix ulgy linux bugs
328 phreak 1.219
329     *hardened-sources-2.6.24-r1 (30 Apr 2008)
330    
331     30 Apr 2008; Christian Heim <phreak@gentoo.org>
332     +hardened-sources-2.6.24-r1.ebuild:
333     Revision bump (thanks to Kerin and Gordon, again), pulling
334     genpatches-2.6.24-7, solving #219089. Additionally contains further security
335     fixes plus some minor updates.
336 phreak 1.218
337     *hardened-sources-2.6.23-r10 (30 Apr 2008)
338    
339     30 Apr 2008; Christian Heim <phreak@gentoo.org>
340     +hardened-sources-2.6.23-r10.ebuild:
341     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
342     Additional contains "various other fixes".
343 phreak 1.217
344     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
345     Update the longdescription in metadata, thanks to Gordon Malm.
346 nixnut 1.216
347     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
348     Stable on ppc wrt bug #213255
349 solar 1.215
350     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
351     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
352     - stable on x86/amd64 per request. Removed obsolete ebuilds
353 phreak 1.214
354     *hardened-sources-2.6.24 (07 Apr 2008)
355    
356     07 Apr 2008; Christian Heim <phreak@gentoo.org>
357     +hardened-sources-2.6.24.ebuild:
358     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
359     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
360     for the many contributions and their continued effort in #216612) based on
361     2.6.24 and genpatches-2.6.24-5.
362    
363     The current ebuild/patchset contains these things:
364     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
365     * Introduces bespoke server and workstation oriented security levels
366     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
367 phreak 1.213
368     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
369     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
370     maintaining it).
371 phreak 1.212
372     24 Mar 2008; Christian Heim <phreak@gentoo.org>
373     hardened-sources-2.4.35-r2.ebuild:
374     Fixing SRC_URI for 2.4.35-r2.
375 phreak 1.211
376     *hardened-sources-2.6.23-r9 (22 Mar 2008)
377    
378     22 Mar 2008; Christian Heim <phreak@gentoo.org>
379     +hardened-sources-2.6.23-r9.ebuild:
380     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
381     * Change the default GIDs for some grsecurity options
382     * Revamp the Hardened [Gentoo] security level and make it the default level
383     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
384     * Fix a recursive lock -- call to capable() within ptrace_attach()
385     * Fix bug that allows audit and iscsi operations to be controlled via netlink
386 solar 1.210
387     *hardened-sources-2.6.23-r8 (27 Feb 2008)
388    
389     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
390     - version bump from Kerin Millar bug 210026
391 solar 1.209
392     17 Feb 2008; <solar@gentoo.org> metadata.xml,
393     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
394     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
395     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
396     - stable on x86 and remove old ebuilds
397 solar 1.207
398     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
399 solar 1.208 - stable on amd64 per request of amd64 lead
400 solar 1.206
401     *hardened-sources-2.6.23-r7 (11 Feb 2008)
402    
403     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
404     - version bump from kerin.millar
405     Changes:
406    
407     * Bump to genpatches-base-2.6.23-9
408     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
409     * Disables COMPAT_VDSO in x86/defconfig
410     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
411 phreak 1.205
412     25 Jan 2008; Christian Heim <phreak@gentoo.org>
413     -hardened-sources-2.6.22-r8.ebuild:
414     Cleaning up old versions.
415 phreak 1.204
416     *hardened-sources-2.6.23-r6 (25 Jan 2008)
417    
418     25 Jan 2008; Christian Heim <phreak@gentoo.org>
419     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
420     Revision bump, pulling in the latest genpatches.
421 phreak 1.203
422     *hardened-sources-2.6.23-r5 (24 Dec 2007)
423    
424     24 Dec 2007; Christian Heim <phreak@gentoo.org>
425     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
426     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
427     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
428     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
429 phreak 1.202
430     24 Dec 2007; Christian Heim <phreak@gentoo.org>
431     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
432     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
433     -hardened-sources-2.6.23-r3.ebuild:
434     Cleaning out some unused, old versions.
435 phreak 1.201
436     24 Dec 2007; Christian Heim <phreak@gentoo.org>
437     hardened-sources-2.6.23-r4.ebuild:
438     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
439     in the tree for long, but there isn't much of a difference between this and
440     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
441 phreak 1.200
442     *hardened-sources-2.6.23-r4 (23 Dec 2007)
443    
444     23 Dec 2007; Christian Heim <phreak@gentoo.org>
445     +hardened-sources-2.6.23-r4.ebuild:
446     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
447 phreak 1.199
448     *hardened-sources-2.6.23-r3 (04 Dec 2007)
449    
450     04 Dec 2007; Christian Heim <phreak@gentoo.org>
451     +hardened-sources-2.6.23-r3.ebuild:
452     Revision bump, pulling in 2.6.23.9.
453 phreak 1.198
454     *hardened-sources-2.6.23-r2 (25 Nov 2007)
455    
456     25 Nov 2007; Christian Heim <phreak@gentoo.org>
457     +hardened-sources-2.6.23-r2.ebuild:
458     Updated patchset, thanks to solar.
459 phreak 1.197
460     *hardened-sources-2.6.23-r1 (31 Oct 2007)
461    
462     31 Oct 2007; Christian Heim <phreak@gentoo.org>
463     +hardened-sources-2.6.23-r1.ebuild:
464     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
465 solar 1.196
466     29 Oct 2007; <solar@gentoo.org> metadata.xml:
467     - update metadata.xml
468 phreak 1.195
469     25 Oct 2007; Christian Heim <phreak@gentoo.org>
470     hardened-sources-2.6.22-r8.ebuild:
471     Marking 2.6.22-r8 stable on amd64 and x86.
472 phreak 1.194
473     21 Oct 2007; Christian Heim <phreak@gentoo.org>
474     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
475     -hardened-sources-2.6.21-r4.ebuild:
476     Removing old ebuilds.
477 phreak 1.193
478     *hardened-sources-2.4.35-r2 (21 Oct 2007)
479    
480     21 Oct 2007; Christian Heim <phreak@gentoo.org>
481     +hardened-sources-2.4.35-r2.ebuild:
482     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
483     patches.
484 phreak 1.192
485     *hardened-sources-2.6.22-r8 (21 Oct 2007)
486    
487     21 Oct 2007; Christian Heim <phreak@gentoo.org>
488     +hardened-sources-2.6.22-r8.ebuild:
489     Yet another new patch, hopefully fixing the remaining issues we had w/
490     2.6.22. Candidate for stabling.
491 phreak 1.191
492     *hardened-sources-2.6.23 (13 Oct 2007)
493    
494     13 Oct 2007; Christian Heim <phreak@gentoo.org>
495     +hardened-sources-2.6.23.ebuild:
496     Initial hardened-sources-2.6.23. If people still have problems w/ bug
497     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
498 phreak 1.190
499     11 Oct 2007; Christian Heim <phreak@gentoo.org>
500     hardened-sources-2.6.20-r10.ebuild:
501     Pulling in yet another new genpatches version, fixing the PWC bug for real.
502 phreak 1.189
503     04 Oct 2007; Christian Heim <phreak@gentoo.org>
504     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
505     Removing old versions.
506 phreak 1.188
507     *hardened-sources-2.6.22-r7 (01 Oct 2007)
508    
509     01 Oct 2007; Christian Heim <phreak@gentoo.org>
510     +hardened-sources-2.6.22-r7.ebuild:
511     Revision bump, pulling in a newer patch. Should fix #194276.
512 phreak 1.187
513     30 Sep 2007; Christian Heim <phreak@gentoo.org>
514     hardened-sources-2.6.20-r10.ebuild:
515     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
516     Mike Doty).
517 phreak 1.186
518     *hardened-sources-2.6.22-r6 (26 Sep 2007)
519    
520     26 Sep 2007; Christian Heim <phreak@gentoo.org>
521     +hardened-sources-2.6.22-r6.ebuild:
522     Revision bump, grabbing up till Linux 2.6.22.9.
523 phreak 1.185
524     24 Sep 2007; Christian Heim <phreak@gentoo.org>
525     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
526     Cleaning up further.
527 phreak 1.184
528     *hardened-sources-2.6.20-r10 (24 Sep 2007)
529    
530     24 Sep 2007; Christian Heim <phreak@gentoo.org>
531     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
532     +hardened-sources-2.6.20-r10.ebuild:
533     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
534     revisions.
535 phreak 1.183
536     *hardened-sources-2.6.22-r5 (22 Sep 2007)
537    
538     22 Sep 2007; Christian Heim <phreak@gentoo.org>
539     +hardened-sources-2.6.22-r5.ebuild:
540     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
541 phreak 1.182
542     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
543     Removing johnm from metadata.xml (see #186467 for reference).
544 phreak 1.181
545     *hardened-sources-2.6.22-r4 (17 Sep 2007)
546    
547     17 Sep 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.22-r4.ebuild:
549     Revision bump, hopefully fixing all those weird PAX failures.
550 phreak 1.180
551     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
552     Updating the metadata.xml.
553 phreak 1.179
554     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
555     Removing tocharian from metadata due to his retirement (see #71718 for
556     reference).
557 phreak 1.178
558     *hardened-sources-2.6.20-r9 (30 Aug 2007)
559    
560     30 Aug 2007; Christian Heim <phreak@gentoo.org>
561     +hardened-sources-2.6.20-r9.ebuild:
562     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
563 phreak 1.177
564     29 Aug 2007; Christian Heim <phreak@gentoo.org>
565     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
566     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
567     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
568     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
569     -hardened-sources-2.6.22-r2.ebuild:
570     Removing some redundant versions.
571 phreak 1.176
572     *hardened-sources-2.4.35-r1 (29 Aug 2007)
573    
574     29 Aug 2007; Christian Heim <phreak@gentoo.org>
575     +hardened-sources-2.4.35-r1.ebuild:
576     Revision bump, new grsecurity patch.
577 phreak 1.175
578     *hardened-sources-2.6.20-r8 (26 Aug 2007)
579    
580     26 Aug 2007; Christian Heim <phreak@gentoo.org>
581     +hardened-sources-2.6.20-r8.ebuild:
582     Revision bump for Linux 2.6.20.17.
583 phreak 1.174
584     *hardened-sources-2.6.22-r3 (22 Aug 2007)
585    
586     22 Aug 2007; Christian Heim <phreak@gentoo.org>
587     +hardened-sources-2.6.22-r3.ebuild:
588     Revision bump for Linux 2.6.22.4.
589 phreak 1.173
590     16 Aug 2007; Christian Heim <phreak@gentoo.org>
591     hardened-sources-2.6.22-r2.ebuild:
592     Updated patchset, to fix the alignment against 2.6.22.3.
593 phreak 1.172
594     *hardened-sources-2.6.22-r2 (16 Aug 2007)
595    
596     16 Aug 2007; Christian Heim <phreak@gentoo.org>
597     +hardened-sources-2.6.22-r2.ebuild:
598     Revision bump for Linux 2.6.22.3.
599 phreak 1.171
600     *hardened-sources-2.4.35 (16 Aug 2007)
601    
602     16 Aug 2007; Christian Heim <phreak@gentoo.org>
603     +hardened-sources-2.4.35.ebuild:
604     Version bump, initial version for Linux 2.4.35.
605 phreak 1.170
606     *hardened-sources-2.6.21-r4 (16 Aug 2007)
607    
608     16 Aug 2007; Christian Heim <phreak@gentoo.org>
609     +hardened-sources-2.6.21-r4.ebuild:
610     Revision bump for Linux 2.6.21.6.
611 phreak 1.169
612     *hardened-sources-2.6.20-r7 (16 Aug 2007)
613    
614     16 Aug 2007; Christian Heim <phreak@gentoo.org>
615     +hardened-sources-2.6.20-r7.ebuild:
616     Revision bump for Linux 2.6.20.16.
617 phreak 1.168
618     *hardened-sources-2.6.22-r1 (13 Aug 2007)
619    
620     13 Aug 2007; Christian Heim <phreak@gentoo.org>
621     +hardened-sources-2.6.22-r1.ebuild:
622     Yet another revision bump.
623 phreak 1.167
624     *hardened-sources-2.6.22 (10 Aug 2007)
625    
626     10 Aug 2007; Christian Heim <phreak@gentoo.org>
627     +hardened-sources-2.6.22.ebuild:
628     Initial release for 2.6.22. If you are using hardened-sources on a desktop
629     machine (P4 or newer), be aware you might need to disable
630     CONFIG_PAX_PAGEEXEC.
631 phreak 1.166
632     04 Aug 2007; Christian Heim <phreak@gentoo.org>
633     hardened-sources-2.6.20-r6.ebuild:
634     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
635     2.6.20.15.
636 phreak 1.165
637     10 Jul 2007; Christian Heim <phreak@gentoo.org>
638     hardened-sources-2.6.20-r5.ebuild:
639     Marking hardened-sources-2.6.20-r5 stable on ppc.
640 phreak 1.164
641     10 Jul 2007; Christian Heim <phreak@gentoo.org>
642     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
643     Cleanup.
644 phreak 1.163
645     *hardened-sources-2.6.20-r6 (08 Jul 2007)
646    
647     08 Jul 2007; Christian Heim <phreak@gentoo.org>
648     +hardened-sources-2.6.20-r6.ebuild:
649     Revision bump, grabbing yet another stable release.
650 phreak 1.162
651     17 Jun 2007; Christian Heim <phreak@gentoo.org>
652     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
653     -hardened-sources-2.6.21-r2.ebuild:
654     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
655     alpha stable KEYWORD by mistake.
656 phreak 1.161
657     17 Jun 2007; Christian Heim <phreak@gentoo.org>
658     hardened-sources-2.6.20-r5.ebuild:
659     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
660     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
661 phreak 1.160
662     *hardened-sources-2.6.21-r3 (12 Jun 2007)
663    
664     12 Jun 2007; Christian Heim <phreak@gentoo.org>
665     +hardened-sources-2.6.21-r3.ebuild:
666     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
667     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
668     love.
669 phreak 1.159
670     *hardened-sources-2.6.20-r5 (11 Jun 2007)
671    
672     11 Jun 2007; Christian Heim <phreak@gentoo.org>
673     +hardened-sources-2.6.20-r5.ebuild:
674     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
675     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
676     love.
677 pappy 1.158
678     *hardened-sources-2.4.34.5 (11 Jun 2007)
679    
680     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
681     +hardened-sources-2.4.34.5.ebuild:
682     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
683 phreak 1.157
684     30 May 2007; Christian Heim <phreak@gentoo.org>
685     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
686     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
687     stale ebuild(s).
688 phreak 1.156
689     30 May 2007; Christian Heim <phreak@gentoo.org>
690     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
691     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
692     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
693     Doing some cleanups, remove stale ebuilds.
694 phreak 1.155
695     26 May 2007; Christian Heim <phreak@gentoo.org>
696     hardened-sources-2.6.21-r2.ebuild:
697     Fixing the grsecurity patch, had one '};' too much.
698 phreak 1.154
699     *hardened-sources-2.6.21-r2 (26 May 2007)
700    
701     26 May 2007; Christian Heim <phreak@gentoo.org>
702     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
703     +hardened-sources-2.6.21-r2.ebuild:
704     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
705     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
706 phreak 1.153
707     *hardened-sources-2.6.20-r4 (26 May 2007)
708    
709     26 May 2007; Christian Heim <phreak@gentoo.org>
710     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
711     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
712 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
713 phreak 1.152
714     15 May 2007; Christian Heim <phreak@gentoo.org>
715     hardened-sources-2.6.20-r3.ebuild:
716     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
717     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
718     grsecurity patch fail in that exact same hunk.
719 phreak 1.151
720     *hardened-sources-2.6.20-r3 (15 May 2007)
721    
722     15 May 2007; Christian Heim <phreak@gentoo.org>
723     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
724     Revision bump, incorporating Linux 2.6.20.11.
725    
726     *hardened-sources-2.6.21-r1 (11 May 2007)
727    
728     11 May 2007; Christian Heim <phreak@gentoo.org>
729     +hardened-sources-2.6.21-r1.ebuild:
730     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
731     mentioned in #177234.
732 kevquinn 1.150
733     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
734     files/digest-hardened-sources-2.6.21, Manifest:
735     Fix Manifest/digest for linux-2.6.21.tar.bz2
736 phreak 1.149
737     06 May 2007; Christian Heim <phreak@gentoo.org>
738     hardened-sources-2.6.21.ebuild:
739     Bumping the hardened-patches version, needed for the fix for #177234.
740 phreak 1.148
741     *hardened-sources-2.6.21 (02 May 2007)
742    
743     02 May 2007; Christian Heim <phreak@gentoo.org>
744     +hardened-sources-2.6.21.ebuild:
745     Version bump, Linux 2.6.21-hardened.
746 phreak 1.147
747     29 Apr 2007; Christian Heim <phreak@gentoo.org>
748     hardened-sources-2.6.20-r2.ebuild:
749     Adding ~ia64 on Ned's request.
750 phreak 1.146
751     29 Apr 2007; Christian Heim <phreak@gentoo.org>
752     hardened-sources-2.6.20-r2.ebuild:
753     Fixing the included grsecurity patch, wasn't alligning due to the Index:
754     header line(s).
755 phreak 1.145
756     29 Apr 2007; Christian Heim <phreak@gentoo.org>
757     hardened-sources-2.6.20-r2.ebuild:
758     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
759 armin76 1.144
760     *hardened-sources-2.6.20-r2 (10 Apr 2007)
761    
762     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
763     +hardened-sources-2.6.20-r2.ebuild:
764     Version bump, on behalf of phreak
765 phreak 1.143
766     *hardened-sources-2.6.20-r1 (04 Apr 2007)
767    
768     04 Apr 2007; Christian Heim <phreak@gentoo.org>
769     +hardened-sources-2.6.20-r1.ebuild:
770     Revision bump, grabbing a newer grsecurity snapshot.
771 phreak 1.142
772     *hardened-sources-2.6.20 (25 Mar 2007)
773    
774     25 Mar 2007; Christian Heim <phreak@gentoo.org>
775     +hardened-sources-2.6.20.ebuild:
776     Finally a hardened-sources version for 2.6.20; many people have been waiting
777     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
778     testbox.
779 chainsaw 1.141
780     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
781     hardened-sources-2.6.18-r6.ebuild:
782     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
783 phreak 1.140
784     *hardened-sources-2.6.18-r6 (16 Mar 2007)
785    
786     16 Mar 2007; Christian Heim <phreak@gentoo.org>
787     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
788     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
789     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
790     supposed to be.
791 phreak 1.139
792     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
793     Fixing the Manifest, the previous one was broken (as in still had the
794     deleted ebuild in it).
795 phreak 1.138
796     06 Mar 2007; Christian Heim <phreak@gentoo.org>
797     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
798     +hardened-sources-2.6.18-r5.ebuild:
799     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
800     Linux 2.6.18.8. Also cleaning up the older version.
801    
802     *hardened-sources-2.6.18-r5 (06 Mar 2007)
803    
804     06 Mar 2007; Christian Heim <phreak@gentoo.org>
805     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
806     +hardened-sources-2.6.18-r5.ebuild:
807     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
808     Linux 2.6.18.8. Also cleaning up the older version.
809 phreak 1.137
810     24 Feb 2007; Christian Heim <phreak@gentoo.org>
811     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
812     -hardened-sources-2.6.19-r5.ebuild:
813     Removing some of the old version, that didn't work.
814 phreak 1.136
815     *hardened-sources-2.6.19-r6 (12 Feb 2007)
816    
817     12 Feb 2007; Christian Heim <phreak@gentoo.org>
818     +hardened-sources-2.6.19-r6.ebuild:
819     Revision bump, including a new grsec version fixing #166235.
820 pappy 1.134
821     *hardened-sources-2.4.34 (24 Jan 2007)
822    
823     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
824 pappy 1.135 Manifest:
825     updating Manifest with checksums of new tarball and ebuild
826    
827     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
828 pappy 1.134 +hardened-sources-2.4.34.ebuild:
829     I added new hardened sources 2.4 update, this is a critical path
830     security bugfix - all users of h-s are strongly advised
831     to update their existing hardened sources to this version.
832     It contains a fix for a kernel vulnerability that is pertaining
833     to the PaX changes to virtual memory management, possibly leading
834     to a local kernel exploit ... see grsecurity.net forums and homepage
835 phreak 1.133
836     23 Jan 2007; Christian Heim <phreak@gentoo.org>
837     files/digest-hardened-sources-2.6.19-r5, Manifest:
838     Fixing the patch-tarball digest.
839 phreak 1.132
840     *hardened-sources-2.6.19-r5 (23 Jan 2007)
841    
842     23 Jan 2007; Christian Heim <phreak@gentoo.org>
843     +hardened-sources-2.6.19-r5.ebuild:
844     Revision bump, closing the recently discovered PaX expand_stack()
845     vulnerability.
846 phreak 1.131
847     *hardened-sources-2.6.19-r4 (14 Jan 2007)
848    
849     14 Jan 2007; Christian Heim <phreak@gentoo.org>
850     +hardened-sources-2.6.19-r4.ebuild:
851     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
852     dropping the randomized PID feature.
853 opfer 1.130
854     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
855     hardened-sources-2.4.33.4.ebuild:
856     stable x86, bug #161171
857 phreak 1.129
858     *hardened-sources-2.6.19-r3 (27 Dec 2006)
859    
860     27 Dec 2006; Christian Heim <phreak@gentoo.org>
861     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
862     Revision bump for bug #157186 and #158786.
863 phreak 1.128
864     *hardened-sources-2.6.18-r4 (27 Dec 2006)
865    
866     27 Dec 2006; Christian Heim <phreak@gentoo.org>
867     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
868     Revision bump for bug #157186.
869 phreak 1.127
870     *hardened-sources-2.6.19-r2 (23 Dec 2006)
871    
872     23 Dec 2006; Christian Heim <phreak@gentoo.org>
873     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
874     Revision bump to pull in genpatches-2.6.19-3 for #157186.
875 phreak 1.126
876     17 Dec 2006; Christian Heim <phreak@gentoo.org>
877     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
878     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
879     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
880     hardened-sources-2.6.19-r1.ebuild:
881     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
882     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
883 pappy 1.125
884     *hardened-sources-2.4.33.4 (17 Dec 2006)
885    
886     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
887     +hardened-sources-2.4.33.4.ebuild:
888     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
889     and quilting
890 phreak 1.124
891     *hardened-sources-2.6.19-r1 (14 Dec 2006)
892    
893     14 Dec 2006; Christian Heim <phreak@gentoo.org>
894     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
895     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
896     for reporting).
897 phreak 1.123
898     *hardened-sources-2.6.19 (13 Dec 2006)
899    
900     13 Dec 2006; Christian Heim <phreak@gentoo.org>
901     +hardened-sources-2.6.19.ebuild:
902     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
903     Brad for providing that prompt update.
904 phreak 1.122
905     *hardened-sources-2.6.18-r3 (13 Dec 2006)
906    
907     13 Dec 2006; Christian Heim <phreak@gentoo.org>
908     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
909     +hardened-sources-2.6.18-r3.ebuild:
910     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
911     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
912 phreak 1.121
913     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
914     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
915 nixnut 1.120
916     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
917     Stable on ppc wrt bug 157356
918 opfer 1.119
919     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
920     hardened-sources-2.6.18.ebuild:
921     stable x86, bug #157356
922 phreak 1.118
923     *hardened-sources-2.6.18-r2 (06 Dec 2006)
924    
925     06 Dec 2006; Christian Heim <phreak@gentoo.org>
926     +hardened-sources-2.6.18-r2.ebuild:
927     Revision bump, including 2.6.18.5 (via genpatches) and
928     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
929     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
930     redesign.
931 phreak 1.117
932     06 Dec 2006; Christian Heim <phreak@gentoo.org>
933     hardened-sources-2.6.18.ebuild:
934     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
935     of Mike Doty).
936 phreak 1.116
937     *hardened-sources-2.6.18-r1 (23 Nov 2006)
938    
939     23 Nov 2006; Christian Heim <phreak@gentoo.org>
940     +hardened-sources-2.6.18-r1.ebuild:
941     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
942 phreak 1.115
943     *hardened-sources-2.6.18 (11 Nov 2006)
944    
945     11 Nov 2006; Christian Heim <phreak@gentoo.org>
946     +hardened-sources-2.6.18.ebuild:
947     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
948 solar 1.114
949     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
950     - mark amd64 stable also. bug #151877
951 solar 1.113
952     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
953     - mark 2.6.17-r1 stable
954 phreak 1.112
955     27 Aug 2006; Christian Heim <phreak@gentoo.org>
956     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
957     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
958 phreak 1.111
959     *hardened-sources-2.6.17-r1 (26 Aug 2006)
960    
961     26 Aug 2006; Christian Heim <phreak@gentoo.org>
962     +hardened-sources-2.6.17-r1.ebuild:
963     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
964     grsecurity patch.
965 phreak 1.110
966     *hardened-sources-2.6.17 (17 Aug 2006)
967    
968     17 Aug 2006; Christian Heim <phreak@gentoo.org>
969     +hardened-sources-2.6.17.ebuild:
970     Bumping the hardened-sources-2.6 series to 2.6.17, using
971     genpatches-2.6.17-6.base.
972 solar 1.109
973     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
974     - stable on x86 and amd64
975 solar 1.108
976     *hardened-sources-2.6.16-r11 (15 Jul 2006)
977    
978     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
979     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
980     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
981     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
982     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
983     crusty ebuilds
984 johnm 1.107
985     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
986     hardened-sources-2.6.16-r10.ebuild:
987     marking stable on x86 and amd64
988 solar 1.106
989     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
990     - 2.4.32-r6 stable on x86. RSBAC state unknown
991 kang 1.105
992     *hardened-sources-2.4.32-r7 (10 Jul 2006)
993    
994     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
995     +hardened-sources-2.4.32-r7.ebuild:
996     Bump PaX for RSBAC to test-17
997 johnm 1.104
998     *hardened-sources-2.6.16-r9 (03 Jul 2006)
999    
1000     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1001     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1002     hardened-sources-2.6.16 bump to latest -base.
1003 solar 1.103
1004     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1005    
1006     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1007     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1008     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1009     sysctl controlable resource logging
1010 johnm 1.102
1011     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1012    
1013     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1014     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1015     push new 2.6.16 release in preparation for stable
1016 solar 1.101
1017     22 May 2006; <solar@gentoo.org> :
1018     - redigest bug 134002
1019 kang 1.100
1020     *hardened-sources-2.4.32-r5 (16 May 2006)
1021    
1022     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1023     +hardened-sources-2.4.32-r5.ebuild:
1024     Fixes rsbac common patching (new patch in new -r5 patchset)
1025 solar 1.99
1026     *hardened-sources-2.4.32-r4 (13 May 2006)
1027    
1028     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1029     +hardened-sources-2.4.32-r4.ebuild:
1030     - security bumps
1031 johnm 1.98
1032     *hardened-sources-2.6.16-r6 (03 May 2006)
1033    
1034     03 May 2006; John Mylchreest <johnm@gentoo.org>
1035     +hardened-sources-2.6.16-r6.ebuild:
1036     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1037 johnm 1.97
1038     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1039     hardened-sources-2.6.14-r8.ebuild:
1040     fix x86_64 build problem, this will delay the digest issue again for a short
1041     while but it will sort itself out
1042 johnm 1.96
1043     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1044     hardened-sources-2.6.14-r8.ebuild:
1045     bump hardened patchset
1046 antarus 1.94
1047     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1048     files/digest-hardened-sources-2.4.32-r2,
1049     files/digest-hardened-sources-2.4.32-r3,
1050     files/digest-hardened-sources-2.6.14-r8, Manifest:
1051     Fixing duff SHA256 digests: Bug # 131293
1052 johnm 1.93
1053 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1054    
1055     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1056     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1057     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1058     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1059     cleanup of old uneccessary sources
1060    
1061 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1062     fix digest
1063 johnm 1.92
1064     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1065    
1066     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1067     +hardened-sources-2.6.14-r8.ebuild:
1068     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1069 johnm 1.91
1070     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1071     Turning on gpg-signing again, and recomitting
1072 johnm 1.90
1073     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1074    
1075     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1076     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1077     +hardened-sources-2.6.16-r4.ebuild:
1078     Fix numerous security vulns
1079 solar 1.89
1080     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1081    
1082     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1083     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1084     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1085     - security bump for bug #112791. Removed old ebuilds
1086 johnm 1.88
1087     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1088    
1089     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1090     +hardened-sources-2.6.16-r3.ebuild:
1091     Removing silly localversion which I missed
1092 johnm 1.87
1093     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1094    
1095     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1096     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1097     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1098 johnm 1.86
1099     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1100    
1101     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1102     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1103     +hardened-sources-2.6.16-r2.ebuild:
1104     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1105     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1106 johnm 1.85
1107     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1108    
1109     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1110     +hardened-sources-2.6.16-r1.ebuild:
1111     Bumping to include ppc build fix and 2.6.16.3
1112 tsunam 1.84
1113     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1114     hardened-sources-2.6.14-r6.ebuild:
1115     Stable on x86; bug #127718
1116 johnm 1.83
1117     *hardened-sources-2.6.16 (31 Mar 2006)
1118    
1119     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1120     +hardened-sources-2.6.16.ebuild:
1121     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1122     2.6.16.1
1123 cryos 1.82
1124     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1125     hardened-sources-2.6.14-r6.ebuild:
1126     Stable on amd64, bug 127718.
1127 nixnut 1.81
1128     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1129     Stable on ppc. Bug #127718
1130 johnm 1.80
1131     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1132     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1133     -hardened-sources-2.6.14-r4.ebuild:
1134     Cleanup.
1135 johnm 1.79
1136     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1137    
1138     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1139     +hardened-sources-2.6.14-r6.ebuild:
1140     Fixes grsec policy recreation bug and adds a
1141     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1142 solar 1.78
1143     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1144     - stable on x86
1145 hansmi 1.77
1146     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1147     hardened-sources-2.6.14-r5.ebuild:
1148     Stable on ppc.
1149 johnm 1.76
1150     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1151    
1152     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1153     +hardened-sources-2.6.14-r5.ebuild:
1154     fixing every known exploit
1155 solar 1.75
1156     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1157    
1158     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1159     +hardened-sources-2.4.32-r2.ebuild:
1160     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1161 solar 1.74
1162     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1163    
1164     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1165     - version bump for new genpatches which fix up a few sec holes
1166 solar 1.73
1167     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1168    
1169     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1170     - revision bump to add misc vital linux kernel security patches.
1171 johnm 1.72
1172     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1173    
1174     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1175     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1176     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1177 johnm 1.71
1178     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1179     hardened-sources-2.6.14-r2.ebuild:
1180     making x86 & amd64 stable following testing.
1181 johnm 1.70
1182     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1183    
1184     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1185     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1186     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1187     network hooks.
1188 johnm 1.69
1189     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1190     hardened-sources-2.6.14-r1.ebuild:
1191     bumping to stable early for sec fix on x86 & amd64
1192 johnm 1.68
1193     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1194    
1195     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1196     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1197     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1198 solar 1.67
1199     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1200     - stable on x86 security bug #114227 CAN-2005-3257
1201 kang 1.66
1202     *hardened-sources-2.4.32 (19 Nov 2005)
1203    
1204     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1205     +hardened-sources-2.4.32.ebuild:
1206     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1207     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1208     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1209     rsbac >> /etc/portage/package.use)
1210 johnm 1.65
1211     *hardened-sources-2.6.14 (14 Nov 2005)
1212    
1213     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1214     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1215     Bumping 2.6 series to 2.6.14.2
1216 johnm 1.64
1217     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1218    
1219     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1220     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1221     +hardened-sources-2.6.13-r2.ebuild:
1222     Fixes minor build error in ppc.
1223 johnm 1.63
1224     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1225    
1226     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1227     +hardened-sources-2.6.13-r1.ebuild:
1228     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1229     2.6.13.4, fixes some major amd64 stability problems.
1230 johnm 1.62
1231     *hardened-sources-2.6.13 (16 Sep 2005)
1232    
1233     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1234     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1235     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1236     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1237     users should test this thoroughly.
1238 solar 1.61
1239     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1240     - stable on x86
1241 johnm 1.60
1242     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1243    
1244     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1245     +hardened-sources-2.6.11-r15.ebuild:
1246     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1247     grsec redefining curr_ip struct.
1248 solar 1.59
1249     *hardened-sources-2.4.31 (20 Jun 2005)
1250    
1251     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1252     initial import of 2.4.31 tree
1253 johnm 1.58
1254     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1255    
1256     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1257     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1258     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1259     naming scheme to abide by genpatches
1260 johnm 1.57
1261     *hardened-sources-2.6.11-r13 (18 May 2005)
1262    
1263     18 May 2005; John Mylchreest <johnm@gentoo.org>
1264     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1265     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1266     target. sorry about that. Fixes bug #93022
1267 johnm 1.56
1268     *hardened-sources-2.6.11-r12 (17 May 2005)
1269    
1270     17 May 2005; John Mylchreest <johnm@gentoo.org>
1271     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1272     +hardened-sources-2.6.11-r12.ebuild:
1273     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1274     merges in genpatches-base
1275 johnm 1.55
1276     *hardened-sources-2.6.11-r12 (17 May 2005)
1277    
1278     17 May 2005; John Mylchreest <johnm@gentoo.org>
1279     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1280     +hardened-sources-2.6.11-r12.ebuild:
1281     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1282     merges in genpatches-base
1283 solar 1.54
1284     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1285     -files/2.4.27-cmdline-race.patch,
1286     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1287     -files/2.4.28-grsec-binfmt_a.out.patch,
1288     -files/2.4.28-grsec-cmdline-race.patch,
1289     -files/2.4.28-selinux-binfmt_a.out.patch,
1290     -files/2.4.28-selinux-cmdline-race.patch,
1291     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1292     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1293     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1294     cleanup..
1295 solar 1.53
1296     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1297    
1298     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1299     - disable aout by default
1300 solar 1.52
1301     *hardened-sources-2.4.30 (18 Apr 2005)
1302    
1303     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1304     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1305     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1306     use
1307 tocharian 1.50
1308 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1309    
1310     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1311     +hardened-sources-2.4.29.ebuild:
1312     New hardened-patches-2.4-29.0 patchball.
1313     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1314    
1315     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1316    
1317     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1318     +hardened-sources-2.4.28-r5.ebuild:
1319     Added a fix for a PaX vulnerability.
1320    
1321     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1322 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1323     Stable on x86
1324 solar 1.49
1325     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1326     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1327     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1328     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1329     - fixed/added RDEPEND= in all kernel-2 ebuilds
1330 tocharian 1.48
1331     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1332    
1333     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1334     +hardened-sources-2.4.28-r4.ebuild:
1335     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1336     backport of neighbour hash updates.
1337 tocharian 1.47
1338     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1339     hardened-sources-2.4.28-r3.ebuild:
1340     Stable on x86
1341 tseng 1.46
1342     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1343    
1344     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1345     +hardened-sources-2.6.10-r3.ebuild:
1346     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1347     in 2005.0
1348 tocharian 1.45
1349     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1350     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1351     hardened-sources-2.4.28-r2.ebuild:
1352     Mark stable on x86
1353 tocharian 1.44
1354     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1355    
1356     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1357     +hardened-sources-2.4.28-r3.ebuild:
1358     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1359 tocharian 1.43
1360     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1361     hardened-sources-2.4.28.ebuild:
1362     Mark stable on x86.
1363 tocharian 1.42
1364     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1365    
1366     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1367     +hardened-sources-2.4.28-r2.ebuild:
1368     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1369     Mazinger for grsecurity patches as well.
1370 plasmaroo 1.41
1371     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1372    
1373     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1374     Security bump. Thank tocharian for rolling a new patchset...
1375 solar 1.40
1376     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1377     +files/2.4.28-grsec-cmdline-race.patch,
1378     +files/2.4.28-selinux-binfmt_a.out.patch,
1379     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1380     - Round up remaining security patches that appear to be missing in 2.4.28. -
1381     PaX standalone updated to current. hgpv=28.1
1382 solar 1.39
1383     *hardened-sources-2.4.28 (28 Nov 2004)
1384    
1385     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1386     security bump. Thank tocharian for rolling a new patchset
1387 scox 1.31
1388 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1389    
1390     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1391     +hardened-sources-2.4.27-r3.ebuild:
1392     Applies the new 2.4-27.2 patchball which updates
1393     GRSecurity to the 2.0.1 version.
1394    
1395 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1396    
1397     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1398     +hardened-sources-2.4.27-r2.ebuild:
1399     Version bump.
1400     This version uses the new 2.4-27.1 patchball which updates
1401     both the SELinux PaX hooks patch and the SELinux headers.
1402    
1403 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1404    
1405     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1406     +hardened-sources-2.4.27-r1.ebuild,
1407     -hardened-sources-2.4.27.ebuild,
1408     +files/2.4.27-cmdline-race.patch:
1409     Version bump, fix for cmdline race. See bug #59905.
1410    
1411     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1412    
1413     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1414     +hardened-sources-2.4.26-r6.ebuild,
1415     -hardened-sources-2.4.26-r5.ebuild,
1416     -hardened-sources-2.4.26-r4.ebuild,
1417     +files/2.4.26-cmdline-race.patch:
1418     Version bump, fix for cmdline race. See bug #59905.
1419    
1420 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1421    
1422     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1423     +hardened-sources-2.4.27.ebuild,
1424     +files/2.4.27-CAN-2004-0394.patch:
1425     Ported the patchball to the 2.4.27 kernel version.
1426    
1427 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1428    
1429     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1430     +hardened-sources-2.4.26-r5.ebuild:
1431 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1432 scox 1.34 It adds the following features:
1433     - Squashfs
1434     - Ebtables
1435     - Netdev random (core+drivers)
1436     - Watchdog Timer (WDT) fix.
1437    
1438 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1439    
1440     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1441     +hardened-sources-2.4.26-r4.ebuild,
1442     +files/2.4.26-CAN-2004-0415.patch,
1443     -hardened-sources-2.4.26-3:
1444     Version bump, fix for CAN 0415, see bug #59378.
1445    
1446 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1447    
1448     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1449     +hardened-sources-2.4.26-r3.ebuild,
1450     +files/2.4.26-CAN-2004-0497.patch,
1451     -hardened-sources-2.4.26-r2.ebuild:
1452     Version bump, fixed CAN 0497, see bug #56171.
1453    
1454 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1455    
1456     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1457 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1458 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1459     +files/2.4.26-CAN-2004-0535.patch,
1460     -hardened-sources-2.4.26-r1.ebuild:
1461     Fixes for both CAN 0495 and 0535, see bug #54976
1462 pvdabeel 1.27
1463 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1464     hardened-sources-2.4.26-r1.ebuild:
1465     QA - fix use invocation
1466 scox 1.28
1467     *hardened-sources-2.4.26-r1 (22 June 2004)
1468    
1469     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1470     +hardened-sources-2.4.26-r1.ebuild,
1471     +files/2.4.26-CAN-2004-0394.patch,
1472     +files/2.4.26-signal-race.patch,
1473     -hardened-sources-2.4.26.ebuild,
1474     -hardened-sources-2.4.24-r3.ebuild:
1475     Version bump for the CAN-2004-0394 issue and bug #53804
1476     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1477    
1478    
1479 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1480     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1481     Masked hardened-sources-2.4.26.ebuild broken for ppc
1482    
1483     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1484     hardened-sources-2.4.24-r3.ebuild:
1485     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1486 plasmaroo 1.25
1487 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1488    
1489     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1490     +hardened-sources-2.4.26.ebuild:
1491     Updated hardened-sources for the 2.4.26 kernel
1492     Removed broken components, updated almost everything.
1493    
1494 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1495    
1496     17 Apr 2004; <plasmaroo@gentoo.org>
1497     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1498     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1499     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1500     +hardened-sources-2.4.24-r3.ebuild:
1501     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1502     vulnerabilities. Old revisions removed.
1503 plasmaroo 1.24
1504     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1505    
1506     15 Apr 2004; <plasmaroo@gentoo.org>
1507     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1508     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1509     Version bump for the CAN-2004-0109 issue; bug #47881.
1510 aliz 1.23
1511     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1512     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1513     Add eutils to inherit.
1514 plasmaroo 1.22
1515     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1516    
1517     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1518     files/hardened-sources-2.4.24.munmap.patch:
1519     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1520 scox 1.19
1521 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1522 scox 1.26
1523 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1524     hardened-sources-2.4.24.ebuild:
1525     Version bump, updated most of the components.
1526     This release includes the following:
1527    
1528     - Hardened security
1529     - Netfilter patch-o-matic 20031219
1530     - FreeSWAN 2.04 & x509 1.4.8
1531     - EVMS 2.2.2
1532     - XFS 1.3.1
1533     - cryptoloop jari
1534     - grsecurity 2.0-rc4
1535     - SELinux
1536     - PaX 200402060000
1537     - PaX Obscurity 200308302223
1538     - Others...
1539    
1540     Neither -ck nor systrace are included anymore.
1541    
1542 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1543    
1544     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1545     hardened-sources-2.4.22-r2.ebuild:
1546 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1547 scox 1.19
1548     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1549 iggy 1.17
1550     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1551 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1552 iggy 1.16
1553     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1554 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1555     Version bump for the 'do_brk' vulnerability.
1556 iggy 1.15
1557     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1558     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1559     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1560     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1561 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1562 frogger 1.14
1563     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1564     hardened-sources-2.4.22.ebuild:
1565 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1566     components. These are no longer handled in the kernel
1567     so this code was not necessary.
1568 frogger 1.13
1569     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1570     New 2.4.22 based hardened-sources thanks to
1571     Phil West <p.west@computer.org>.
1572    
1573     These sources include:
1574 plasmaroo 1.18 - New SELinux API
1575     - Updated CK-base
1576     - Updated GRSec
1577     - Systrace
1578     - SuperFreeS/WAN 1.99.8
1579     - Propolice kernel build support
1580     - EVMS
1581     - Other various security related patches
1582 frogger 1.11
1583 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1584    
1585     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1586     Updated hardened-sources based on the 2.4.21 Linux kernel.
1587     This includes updates to most major components such as:
1588 plasmaroo 1.18 - ck-base-0306300059
1589     - selinux-2.4-2003071106
1590     - grsecurity-2.0-rc1
1591     - Updated IPTables patch-o-matic
1592     - Updated SuperFreeS/WAN
1593    
1594 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1595     updated patch set ready for the 2.4.21 based kernel.
1596    
1597 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1598     Initial import of hardened-sources-2.4.20-r4. This revision
1599     includes only a few changes, but one of these is an important
1600     security fix. It is recommended all users of hardened-sources
1601     upgrade to this release.
1602 plasmaroo 1.18
1603 frogger 1.11 - ioperm bug fix
1604     - fixed compilation failure when building without GRSec
1605 plasmaroo 1.18
1606 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1607     due to time constraints, but is planned for inclusion in the near
1608     future.
1609 msterret 1.10
1610     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1611    
1612     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1613     hardened-sources-2.4.20-r3.ebuild:
1614 plasmaroo 1.18 Add Header...
1615 frogger 1.9
1616     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1617     hardened-sources-2.4.20-r3.ebuild:
1618     Removed warnings from ebuild. This kernel should be safe to
1619     use at this point.
1620 frogger 1.8
1621     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1622    
1623     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1624     hardened-sources-2.4.20-r3.ebuild:
1625     New revision. Includes the following changes over -r2:
1626 plasmaroo 1.18
1627 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1628     - Super FreeS/WAN 1.99.7rc2
1629     - PaX for the LSM/SELinux branch
1630     - GRSecurity 2.0-pre4 (role based access control)
1631     - Systrace 1.3
1632     - EXT3 fixes
1633     - EVMS 2.0.1
1634     - GCC 3.1+ compile optimizations
1635     - ProPolice kernel build support
1636     - Hashing table security fixes
1637 frogger 1.3
1638     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1639 frogger 1.7
1640     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1641     Initial import of hardened-sources-r2. This new
1642     ebuild includes many new performance and security
1643     related patches. As in -r1, it will patch in
1644     LSM/SELinux if "selinux" is in USE, otherwise it
1645     will patch in GRSecurity. The following patches
1646     are included in this revision:
1647 plasmaroo 1.18
1648 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1649     (pulled from the base CK patch)
1650     - ptrace exploit patch for the LSM kernel
1651     (the GRSec patch already fixes this)
1652     - LSM 2.4-2003040709
1653     - SELinux 2.4-2003040709
1654     - Systrace v1.2
1655     - IPTables patch-o-matic base patches - 20030107
1656     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1657     - Super FreeS/WAN 1.99.6.1
1658     - GRSecurity 1.9.9g
1659     - MPPE
1660     - EXT3 data journal fix
1661     - CIPE 1.5.4
1662 frogger 1.6
1663     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1664     hardened-sources-2.4.20-r1.ebuild, manifest:
1665 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1666 frogger 1.5
1667     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1668     hardened-sources-2.4.20-r1.ebuild:
1669     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1670     is patched in instead. Ptrace patches for selinux have also been added. In
1671     either case, systrace support will be patched in as well.
1672 frogger 1.3
1673     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1674     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1675 plasmaroo 1.18 Revision bump for new sources.
1676 frogger 1.4
1677 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1678 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1679 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1680 method 1.1
1681 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1682    
1683 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1684     hardened-sources-2.4.20.ebuild:
1685 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20