/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.280 - (hide annotations) (download)
Sat Jan 24 22:48:04 2009 UTC (5 years, 10 months ago) by gengor
Branch: MAIN
Changes since 1.279: +6 -1 lines
Remove old/problematic 2.6.27 releases
(Portage version: 2.1.6.4/cvs/Linux 2.6.27-hardened-r5-rc1-2009012401 i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.280 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.279 2009/01/24 22:25:18 gengor Exp $
4    
5     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
6     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
7     -hardened-sources-2.6.27-r5.ebuild:
8     Remove problem versions.
9 gengor 1.279
10     *hardened-sources-2.6.27-r6 (24 Jan 2009)
11    
12     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
13     +hardened-sources-2.6.27-r6.ebuild:
14     Revert PaX test29 to test30 changes. Fixes bug 256226.
15 gengor 1.277
16     *hardened-sources-2.6.27-r5 (24 Jan 2009)
17    
18     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
19     +hardened-sources-2.6.27-r5.ebuild:
20 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
21 gengor 1.277 254843.
22 gengor 1.276
23     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
24     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
25     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
26     Remove problem versions.
27 nixnut 1.275
28     23 Jan 2009; nixnut <nixnut@gentoo.org>
29     hardened-sources-2.6.25-r13.ebuild:
30     ppc stable
31 gengor 1.274
32     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
33     hardened-sources-2.6.25-r13.ebuild:
34     Fasttrack stable amd64/x86.
35 gengor 1.273
36     *hardened-sources-2.6.26-r9 (21 Jan 2009)
37    
38     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
39     +hardened-sources-2.6.26-r9.ebuild:
40 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
41 gengor 1.272
42     *hardened-sources-2.6.25-r13 (20 Jan 2009)
43    
44     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
45     +hardened-sources-2.6.25-r13.ebuild:
46 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
47 nixnut 1.271
48     20 Jan 2009; nixnut <nixnut@gentoo.org>
49     hardened-sources-2.6.25-r12.ebuild:
50     ppc stable
51 gengor 1.270
52     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
53     hardened-sources-2.6.25-r12.ebuild:
54     Stable amd64/x86.
55 gengor 1.269
56     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
57     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
58     -hardened-sources-2.6.27-r2.ebuild:
59     Clean out old versions.
60 gengor 1.268
61     *hardened-sources-2.6.27-r4 (14 Jan 2009)
62     *hardened-sources-2.6.26-r8 (14 Jan 2009)
63     *hardened-sources-2.6.25-r12 (14 Jan 2009)
64    
65     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
66     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
67     +hardened-sources-2.6.27-r4.ebuild:
68     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
69     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
70     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
71     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
72 nixnut 1.267
73     15 Dec 2008; nixnut <nixnut@gentoo.org>
74     hardened-sources-2.6.25-r11.ebuild:
75     Stable on ppc
76 gengor 1.266
77     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
78     hardened-sources-2.6.25-r11.ebuild:
79     Stable amd64/x86.
80 gengor 1.265
81     *hardened-sources-2.6.27-r3 (07 Dec 2008)
82    
83     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
84     +hardened-sources-2.6.27-r3.ebuild:
85     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
86     Fixes bug #248754, #249729 and #246607.
87 gengor 1.264
88     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
89     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
90     Remove old versions.
91 gengor 1.262
92     *hardened-sources-2.6.26-r7 (03 Dec 2008)
93     *hardened-sources-2.6.25-r11 (03 Dec 2008)
94    
95 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
96     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
97 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
98     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
99     Both include many backports from 2.6.27.{6,7} -stable releases.
100 gengor 1.261
101     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
102     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
103     Remove versions broken on ARCHes != x86/amd64.
104 gengor 1.260
105     *hardened-sources-2.6.27-r2 (24 Nov 2008)
106    
107     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
108     +hardened-sources-2.6.27-r2.ebuild:
109     Bump to Linux 2.6.27.7 and latest grsecurity patch.
110 gengor 1.259
111     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
112     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
113     Remove old versions.
114 gengor 1.258
115     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
116     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
117     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
118 nixnut 1.257
119     16 Nov 2008; nixnut <nixnut@gentoo.org>
120     hardened-sources-2.6.25-r10.ebuild:
121     Stable on ppc
122 gengor 1.256
123     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
124     hardened-sources-2.6.25-r10.ebuild:
125     Stable amd64/x86.
126 gengor 1.255
127     *hardened-sources-2.6.26-r6 (12 Nov 2008)
128    
129     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
130     +hardened-sources-2.6.26-r6.ebuild:
131     Bump to Linux 2.6.26.8 and fix security bug #245650.
132 gengor 1.254
133     *hardened-sources-2.6.25-r10 (12 Nov 2008)
134    
135     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
136     +hardened-sources-2.6.25-r10.ebuild:
137     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
138 gengor 1.253
139     *hardened-sources-2.6.27-r1 (09 Nov 2008)
140    
141     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
142     +hardened-sources-2.6.27-r1.ebuild:
143     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
144 gengor 1.252
145     *hardened-sources-2.6.27 (04 Nov 2008)
146    
147     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
148     +hardened-sources-2.6.27.ebuild:
149     Initial 2.6.27 release.
150 gengor 1.251
151     *hardened-sources-2.6.26-r5 (03 Nov 2008)
152    
153     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
154     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
155     +hardened-sources-2.6.26-r5.ebuild:
156     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
157     Clean out some old versions.
158 nixnut 1.250
159     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
160     Stable on ppc
161 gengor 1.249
162     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
163     hardened-sources-2.6.25-r9.ebuild:
164     Stable on amd64/x86.
165 gengor 1.248
166     *hardened-sources-2.6.25-r9 (26 Oct 2008)
167    
168     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
169     +hardened-sources-2.6.25-r9.ebuild:
170     Update to Linux 2.6.25.19
171 nixnut 1.247
172     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
173     Stable on ppc
174 gengor 1.246
175     *hardened-sources-2.6.26-r4 (14 Oct 2008)
176    
177     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
178     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
179     Update to latest grsecurity patch, fixing building of non-modular kernels.
180 gengor 1.245
181     *hardened-sources-2.6.26-r3 (12 Oct 2008)
182    
183     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
184     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
185     +hardened-sources-2.6.26-r3.ebuild:
186     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
187     2.6.26-r1: Removed.
188     2.6.25-r8: Stable amd64/x86.
189 gengor 1.244
190     *hardened-sources-2.6.25-r8 (09 Oct 2008)
191    
192     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
193     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
194     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
195     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
196 nixnut 1.243
197     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
198     Stable on ppc
199 gengor 1.242
200     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
201     hardened-sources-2.6.25-r7.ebuild:
202     Stable amd64/x86.
203 gengor 1.241
204     *hardened-sources-2.6.26-r2 (13 Sep 2008)
205    
206     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
207     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
208     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
209     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
210 gengor 1.240
211     *hardened-sources-2.6.25-r7 (13 Sep 2008)
212    
213     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
214     +hardened-sources-2.6.25-r7.ebuild:
215     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
216 gengor 1.239
217     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
218     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
219     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
220     hardened-sources-2.6.26-r1.ebuild:
221     Update DESCRIPTION and HGPV_URI.
222 gengor 1.238
223     *hardened-sources-2.6.25-r6 (09 Sep 2008)
224    
225     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
226     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
227     2.6.25-r6: Update to Linux 2.6.25.17.
228     2.6.24-r3: Removed.
229 gengor 1.237
230     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
231     hardened-sources-2.6.25-r5.ebuild:
232     Stable on amd64/x86
233 gengor 1.236
234     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
235     Update my email address.
236 nixnut 1.235
237     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
238     stable on ppc
239 battousai 1.234
240     *hardened-sources-2.6.26-r1 (23 Aug 2008)
241     *hardened-sources-2.6.25-r5 (23 Aug 2008)
242    
243     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
244     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
245     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
246     +hardened-sources-2.6.26-r1.ebuild:
247     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
248     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
249     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
250     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
251     (gengor).
252 solar 1.233
253     *hardened-sources-2.6.26 (18 Aug 2008)
254     *hardened-sources-2.6.25-r4 (18 Aug 2008)
255    
256     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
257     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
258     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
259     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
260     2.6.25-r2: Removed.
261 tove 1.232
262     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
263     Remove phreak from metadata.xml (#96398)
264 solar 1.231
265     *hardened-sources-2.6.25-r3 (31 Jul 2008)
266    
267     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
268     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
269     +hardened-sources-2.6.25-r3.ebuild:
270     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
271     fixes, including security bug #231750.
272 nixnut 1.230
273     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
274     Stable on ppc
275 solar 1.229
276     *hardened-sources-2.6.25-r2 (05 Jul 2008)
277    
278     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
279     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
280     +hardened-sources-2.6.25-r2.ebuild:
281     2.6.23-r4: Stable x86/amd64
282     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
283     2.6.23-r{11,12}: Removed due to multiple vulns.
284     (gengor & kerframil)
285 nixnut 1.228
286     04 Jul 2008; nixnut <nixnut@gentoo.org>
287     hardened-sources-2.6.23-r13.ebuild:
288     Stable on ppc
289 solar 1.227
290     *hardened-sources-2.6.25-r1 (30 Jun 2008)
291    
292     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
293     +hardened-sources-2.6.25-r1.ebuild:
294     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
295     grsecurity release. 2.6.23-r13: x86/amd64 stable
296 solar 1.226
297     *hardened-sources-2.6.25 (17 Jun 2008)
298     *hardened-sources-2.6.24-r3 (17 Jun 2008)
299     *hardened-sources-2.6.23-r13 (17 Jun 2008)
300    
301     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
302     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
303     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
304     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
305     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
306     2.6.25: Initial 2.6.25 release.
307 solar 1.225
308     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
309     - fasttrack to stable x86/amd64
310 swegener 1.224
311     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
312     Fix broken digest for linux-2.6.24.tar.bz2.
313 solar 1.223
314     *hardened-sources-2.6.24-r2 (11 May 2008)
315     *hardened-sources-2.6.23-r12 (11 May 2008)
316    
317     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
318     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
319     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
320     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
321     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
322     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
323     security bugs 219901, 220691, 220975, 220979, 221123. New
324     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
325     should be removed as far as I'm concerned, everything else remove due to
326     vulnerable to numerous security bugs or brokeness.
327 nixnut 1.222
328     10 May 2008; nixnut <nixnut@gentoo.org>
329     hardened-sources-2.6.23-r11.ebuild:
330     Stable on ppc
331 solar 1.221
332     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
333     - -r11 stable on x86/amd64
334 solar 1.220
335     *hardened-sources-2.6.23-r11 (01 May 2008)
336    
337     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
338     - version bump to fix ulgy linux bugs
339 phreak 1.219
340     *hardened-sources-2.6.24-r1 (30 Apr 2008)
341    
342     30 Apr 2008; Christian Heim <phreak@gentoo.org>
343     +hardened-sources-2.6.24-r1.ebuild:
344     Revision bump (thanks to Kerin and Gordon, again), pulling
345     genpatches-2.6.24-7, solving #219089. Additionally contains further security
346     fixes plus some minor updates.
347 phreak 1.218
348     *hardened-sources-2.6.23-r10 (30 Apr 2008)
349    
350     30 Apr 2008; Christian Heim <phreak@gentoo.org>
351     +hardened-sources-2.6.23-r10.ebuild:
352     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
353     Additional contains "various other fixes".
354 phreak 1.217
355     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
356     Update the longdescription in metadata, thanks to Gordon Malm.
357 nixnut 1.216
358     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
359     Stable on ppc wrt bug #213255
360 solar 1.215
361     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
362     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
363     - stable on x86/amd64 per request. Removed obsolete ebuilds
364 phreak 1.214
365     *hardened-sources-2.6.24 (07 Apr 2008)
366    
367     07 Apr 2008; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.6.24.ebuild:
369     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
370     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
371     for the many contributions and their continued effort in #216612) based on
372     2.6.24 and genpatches-2.6.24-5.
373    
374     The current ebuild/patchset contains these things:
375     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
376     * Introduces bespoke server and workstation oriented security levels
377     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
378 phreak 1.213
379     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
380     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
381     maintaining it).
382 phreak 1.212
383     24 Mar 2008; Christian Heim <phreak@gentoo.org>
384     hardened-sources-2.4.35-r2.ebuild:
385     Fixing SRC_URI for 2.4.35-r2.
386 phreak 1.211
387     *hardened-sources-2.6.23-r9 (22 Mar 2008)
388    
389     22 Mar 2008; Christian Heim <phreak@gentoo.org>
390     +hardened-sources-2.6.23-r9.ebuild:
391     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
392     * Change the default GIDs for some grsecurity options
393     * Revamp the Hardened [Gentoo] security level and make it the default level
394     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
395     * Fix a recursive lock -- call to capable() within ptrace_attach()
396     * Fix bug that allows audit and iscsi operations to be controlled via netlink
397 solar 1.210
398     *hardened-sources-2.6.23-r8 (27 Feb 2008)
399    
400     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
401     - version bump from Kerin Millar bug 210026
402 solar 1.209
403     17 Feb 2008; <solar@gentoo.org> metadata.xml,
404     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
405     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
406     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
407     - stable on x86 and remove old ebuilds
408 solar 1.207
409     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
410 solar 1.208 - stable on amd64 per request of amd64 lead
411 solar 1.206
412     *hardened-sources-2.6.23-r7 (11 Feb 2008)
413    
414     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
415     - version bump from kerin.millar
416     Changes:
417    
418     * Bump to genpatches-base-2.6.23-9
419     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
420     * Disables COMPAT_VDSO in x86/defconfig
421     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
422 phreak 1.205
423     25 Jan 2008; Christian Heim <phreak@gentoo.org>
424     -hardened-sources-2.6.22-r8.ebuild:
425     Cleaning up old versions.
426 phreak 1.204
427     *hardened-sources-2.6.23-r6 (25 Jan 2008)
428    
429     25 Jan 2008; Christian Heim <phreak@gentoo.org>
430     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
431     Revision bump, pulling in the latest genpatches.
432 phreak 1.203
433     *hardened-sources-2.6.23-r5 (24 Dec 2007)
434    
435     24 Dec 2007; Christian Heim <phreak@gentoo.org>
436     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
437     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
438     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
439     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
440 phreak 1.202
441     24 Dec 2007; Christian Heim <phreak@gentoo.org>
442     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
443     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
444     -hardened-sources-2.6.23-r3.ebuild:
445     Cleaning out some unused, old versions.
446 phreak 1.201
447     24 Dec 2007; Christian Heim <phreak@gentoo.org>
448     hardened-sources-2.6.23-r4.ebuild:
449     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
450     in the tree for long, but there isn't much of a difference between this and
451     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
452 phreak 1.200
453     *hardened-sources-2.6.23-r4 (23 Dec 2007)
454    
455     23 Dec 2007; Christian Heim <phreak@gentoo.org>
456     +hardened-sources-2.6.23-r4.ebuild:
457     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
458 phreak 1.199
459     *hardened-sources-2.6.23-r3 (04 Dec 2007)
460    
461     04 Dec 2007; Christian Heim <phreak@gentoo.org>
462     +hardened-sources-2.6.23-r3.ebuild:
463     Revision bump, pulling in 2.6.23.9.
464 phreak 1.198
465     *hardened-sources-2.6.23-r2 (25 Nov 2007)
466    
467     25 Nov 2007; Christian Heim <phreak@gentoo.org>
468     +hardened-sources-2.6.23-r2.ebuild:
469     Updated patchset, thanks to solar.
470 phreak 1.197
471     *hardened-sources-2.6.23-r1 (31 Oct 2007)
472    
473     31 Oct 2007; Christian Heim <phreak@gentoo.org>
474     +hardened-sources-2.6.23-r1.ebuild:
475     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
476 solar 1.196
477     29 Oct 2007; <solar@gentoo.org> metadata.xml:
478     - update metadata.xml
479 phreak 1.195
480     25 Oct 2007; Christian Heim <phreak@gentoo.org>
481     hardened-sources-2.6.22-r8.ebuild:
482     Marking 2.6.22-r8 stable on amd64 and x86.
483 phreak 1.194
484     21 Oct 2007; Christian Heim <phreak@gentoo.org>
485     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
486     -hardened-sources-2.6.21-r4.ebuild:
487     Removing old ebuilds.
488 phreak 1.193
489     *hardened-sources-2.4.35-r2 (21 Oct 2007)
490    
491     21 Oct 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.4.35-r2.ebuild:
493     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
494     patches.
495 phreak 1.192
496     *hardened-sources-2.6.22-r8 (21 Oct 2007)
497    
498     21 Oct 2007; Christian Heim <phreak@gentoo.org>
499     +hardened-sources-2.6.22-r8.ebuild:
500     Yet another new patch, hopefully fixing the remaining issues we had w/
501     2.6.22. Candidate for stabling.
502 phreak 1.191
503     *hardened-sources-2.6.23 (13 Oct 2007)
504    
505     13 Oct 2007; Christian Heim <phreak@gentoo.org>
506     +hardened-sources-2.6.23.ebuild:
507     Initial hardened-sources-2.6.23. If people still have problems w/ bug
508     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
509 phreak 1.190
510     11 Oct 2007; Christian Heim <phreak@gentoo.org>
511     hardened-sources-2.6.20-r10.ebuild:
512     Pulling in yet another new genpatches version, fixing the PWC bug for real.
513 phreak 1.189
514     04 Oct 2007; Christian Heim <phreak@gentoo.org>
515     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
516     Removing old versions.
517 phreak 1.188
518     *hardened-sources-2.6.22-r7 (01 Oct 2007)
519    
520     01 Oct 2007; Christian Heim <phreak@gentoo.org>
521     +hardened-sources-2.6.22-r7.ebuild:
522     Revision bump, pulling in a newer patch. Should fix #194276.
523 phreak 1.187
524     30 Sep 2007; Christian Heim <phreak@gentoo.org>
525     hardened-sources-2.6.20-r10.ebuild:
526     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
527     Mike Doty).
528 phreak 1.186
529     *hardened-sources-2.6.22-r6 (26 Sep 2007)
530    
531     26 Sep 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.22-r6.ebuild:
533     Revision bump, grabbing up till Linux 2.6.22.9.
534 phreak 1.185
535     24 Sep 2007; Christian Heim <phreak@gentoo.org>
536     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
537     Cleaning up further.
538 phreak 1.184
539     *hardened-sources-2.6.20-r10 (24 Sep 2007)
540    
541     24 Sep 2007; Christian Heim <phreak@gentoo.org>
542     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
543     +hardened-sources-2.6.20-r10.ebuild:
544     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
545     revisions.
546 phreak 1.183
547     *hardened-sources-2.6.22-r5 (22 Sep 2007)
548    
549     22 Sep 2007; Christian Heim <phreak@gentoo.org>
550     +hardened-sources-2.6.22-r5.ebuild:
551     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
552 phreak 1.182
553     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
554     Removing johnm from metadata.xml (see #186467 for reference).
555 phreak 1.181
556     *hardened-sources-2.6.22-r4 (17 Sep 2007)
557    
558     17 Sep 2007; Christian Heim <phreak@gentoo.org>
559     +hardened-sources-2.6.22-r4.ebuild:
560     Revision bump, hopefully fixing all those weird PAX failures.
561 phreak 1.180
562     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
563     Updating the metadata.xml.
564 phreak 1.179
565     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
566     Removing tocharian from metadata due to his retirement (see #71718 for
567     reference).
568 phreak 1.178
569     *hardened-sources-2.6.20-r9 (30 Aug 2007)
570    
571     30 Aug 2007; Christian Heim <phreak@gentoo.org>
572     +hardened-sources-2.6.20-r9.ebuild:
573     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
574 phreak 1.177
575     29 Aug 2007; Christian Heim <phreak@gentoo.org>
576     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
577     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
578     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
579     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
580     -hardened-sources-2.6.22-r2.ebuild:
581     Removing some redundant versions.
582 phreak 1.176
583     *hardened-sources-2.4.35-r1 (29 Aug 2007)
584    
585     29 Aug 2007; Christian Heim <phreak@gentoo.org>
586     +hardened-sources-2.4.35-r1.ebuild:
587     Revision bump, new grsecurity patch.
588 phreak 1.175
589     *hardened-sources-2.6.20-r8 (26 Aug 2007)
590    
591     26 Aug 2007; Christian Heim <phreak@gentoo.org>
592     +hardened-sources-2.6.20-r8.ebuild:
593     Revision bump for Linux 2.6.20.17.
594 phreak 1.174
595     *hardened-sources-2.6.22-r3 (22 Aug 2007)
596    
597     22 Aug 2007; Christian Heim <phreak@gentoo.org>
598     +hardened-sources-2.6.22-r3.ebuild:
599     Revision bump for Linux 2.6.22.4.
600 phreak 1.173
601     16 Aug 2007; Christian Heim <phreak@gentoo.org>
602     hardened-sources-2.6.22-r2.ebuild:
603     Updated patchset, to fix the alignment against 2.6.22.3.
604 phreak 1.172
605     *hardened-sources-2.6.22-r2 (16 Aug 2007)
606    
607     16 Aug 2007; Christian Heim <phreak@gentoo.org>
608     +hardened-sources-2.6.22-r2.ebuild:
609     Revision bump for Linux 2.6.22.3.
610 phreak 1.171
611     *hardened-sources-2.4.35 (16 Aug 2007)
612    
613     16 Aug 2007; Christian Heim <phreak@gentoo.org>
614     +hardened-sources-2.4.35.ebuild:
615     Version bump, initial version for Linux 2.4.35.
616 phreak 1.170
617     *hardened-sources-2.6.21-r4 (16 Aug 2007)
618    
619     16 Aug 2007; Christian Heim <phreak@gentoo.org>
620     +hardened-sources-2.6.21-r4.ebuild:
621     Revision bump for Linux 2.6.21.6.
622 phreak 1.169
623     *hardened-sources-2.6.20-r7 (16 Aug 2007)
624    
625     16 Aug 2007; Christian Heim <phreak@gentoo.org>
626     +hardened-sources-2.6.20-r7.ebuild:
627     Revision bump for Linux 2.6.20.16.
628 phreak 1.168
629     *hardened-sources-2.6.22-r1 (13 Aug 2007)
630    
631     13 Aug 2007; Christian Heim <phreak@gentoo.org>
632     +hardened-sources-2.6.22-r1.ebuild:
633     Yet another revision bump.
634 phreak 1.167
635     *hardened-sources-2.6.22 (10 Aug 2007)
636    
637     10 Aug 2007; Christian Heim <phreak@gentoo.org>
638     +hardened-sources-2.6.22.ebuild:
639     Initial release for 2.6.22. If you are using hardened-sources on a desktop
640     machine (P4 or newer), be aware you might need to disable
641     CONFIG_PAX_PAGEEXEC.
642 phreak 1.166
643     04 Aug 2007; Christian Heim <phreak@gentoo.org>
644     hardened-sources-2.6.20-r6.ebuild:
645     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
646     2.6.20.15.
647 phreak 1.165
648     10 Jul 2007; Christian Heim <phreak@gentoo.org>
649     hardened-sources-2.6.20-r5.ebuild:
650     Marking hardened-sources-2.6.20-r5 stable on ppc.
651 phreak 1.164
652     10 Jul 2007; Christian Heim <phreak@gentoo.org>
653     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
654     Cleanup.
655 phreak 1.163
656     *hardened-sources-2.6.20-r6 (08 Jul 2007)
657    
658     08 Jul 2007; Christian Heim <phreak@gentoo.org>
659     +hardened-sources-2.6.20-r6.ebuild:
660     Revision bump, grabbing yet another stable release.
661 phreak 1.162
662     17 Jun 2007; Christian Heim <phreak@gentoo.org>
663     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
664     -hardened-sources-2.6.21-r2.ebuild:
665     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
666     alpha stable KEYWORD by mistake.
667 phreak 1.161
668     17 Jun 2007; Christian Heim <phreak@gentoo.org>
669     hardened-sources-2.6.20-r5.ebuild:
670     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
671     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
672 phreak 1.160
673     *hardened-sources-2.6.21-r3 (12 Jun 2007)
674    
675     12 Jun 2007; Christian Heim <phreak@gentoo.org>
676     +hardened-sources-2.6.21-r3.ebuild:
677     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
678     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
679     love.
680 phreak 1.159
681     *hardened-sources-2.6.20-r5 (11 Jun 2007)
682    
683     11 Jun 2007; Christian Heim <phreak@gentoo.org>
684     +hardened-sources-2.6.20-r5.ebuild:
685     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
686     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
687     love.
688 pappy 1.158
689     *hardened-sources-2.4.34.5 (11 Jun 2007)
690    
691     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
692     +hardened-sources-2.4.34.5.ebuild:
693     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
694 phreak 1.157
695     30 May 2007; Christian Heim <phreak@gentoo.org>
696     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
697     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
698     stale ebuild(s).
699 phreak 1.156
700     30 May 2007; Christian Heim <phreak@gentoo.org>
701     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
702     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
703     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
704     Doing some cleanups, remove stale ebuilds.
705 phreak 1.155
706     26 May 2007; Christian Heim <phreak@gentoo.org>
707     hardened-sources-2.6.21-r2.ebuild:
708     Fixing the grsecurity patch, had one '};' too much.
709 phreak 1.154
710     *hardened-sources-2.6.21-r2 (26 May 2007)
711    
712     26 May 2007; Christian Heim <phreak@gentoo.org>
713     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
714     +hardened-sources-2.6.21-r2.ebuild:
715     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
716     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
717 phreak 1.153
718     *hardened-sources-2.6.20-r4 (26 May 2007)
719    
720     26 May 2007; Christian Heim <phreak@gentoo.org>
721     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
722     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
723 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
724 phreak 1.152
725     15 May 2007; Christian Heim <phreak@gentoo.org>
726     hardened-sources-2.6.20-r3.ebuild:
727     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
728     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
729     grsecurity patch fail in that exact same hunk.
730 phreak 1.151
731     *hardened-sources-2.6.20-r3 (15 May 2007)
732    
733     15 May 2007; Christian Heim <phreak@gentoo.org>
734     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
735     Revision bump, incorporating Linux 2.6.20.11.
736    
737     *hardened-sources-2.6.21-r1 (11 May 2007)
738    
739     11 May 2007; Christian Heim <phreak@gentoo.org>
740     +hardened-sources-2.6.21-r1.ebuild:
741     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
742     mentioned in #177234.
743 kevquinn 1.150
744     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
745     files/digest-hardened-sources-2.6.21, Manifest:
746     Fix Manifest/digest for linux-2.6.21.tar.bz2
747 phreak 1.149
748     06 May 2007; Christian Heim <phreak@gentoo.org>
749     hardened-sources-2.6.21.ebuild:
750     Bumping the hardened-patches version, needed for the fix for #177234.
751 phreak 1.148
752     *hardened-sources-2.6.21 (02 May 2007)
753    
754     02 May 2007; Christian Heim <phreak@gentoo.org>
755     +hardened-sources-2.6.21.ebuild:
756     Version bump, Linux 2.6.21-hardened.
757 phreak 1.147
758     29 Apr 2007; Christian Heim <phreak@gentoo.org>
759     hardened-sources-2.6.20-r2.ebuild:
760     Adding ~ia64 on Ned's request.
761 phreak 1.146
762     29 Apr 2007; Christian Heim <phreak@gentoo.org>
763     hardened-sources-2.6.20-r2.ebuild:
764     Fixing the included grsecurity patch, wasn't alligning due to the Index:
765     header line(s).
766 phreak 1.145
767     29 Apr 2007; Christian Heim <phreak@gentoo.org>
768     hardened-sources-2.6.20-r2.ebuild:
769     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
770 armin76 1.144
771     *hardened-sources-2.6.20-r2 (10 Apr 2007)
772    
773     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
774     +hardened-sources-2.6.20-r2.ebuild:
775     Version bump, on behalf of phreak
776 phreak 1.143
777     *hardened-sources-2.6.20-r1 (04 Apr 2007)
778    
779     04 Apr 2007; Christian Heim <phreak@gentoo.org>
780     +hardened-sources-2.6.20-r1.ebuild:
781     Revision bump, grabbing a newer grsecurity snapshot.
782 phreak 1.142
783     *hardened-sources-2.6.20 (25 Mar 2007)
784    
785     25 Mar 2007; Christian Heim <phreak@gentoo.org>
786     +hardened-sources-2.6.20.ebuild:
787     Finally a hardened-sources version for 2.6.20; many people have been waiting
788     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
789     testbox.
790 chainsaw 1.141
791     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
792     hardened-sources-2.6.18-r6.ebuild:
793     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
794 phreak 1.140
795     *hardened-sources-2.6.18-r6 (16 Mar 2007)
796    
797     16 Mar 2007; Christian Heim <phreak@gentoo.org>
798     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
799     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
800     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
801     supposed to be.
802 phreak 1.139
803     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
804     Fixing the Manifest, the previous one was broken (as in still had the
805     deleted ebuild in it).
806 phreak 1.138
807     06 Mar 2007; Christian Heim <phreak@gentoo.org>
808     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
809     +hardened-sources-2.6.18-r5.ebuild:
810     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
811     Linux 2.6.18.8. Also cleaning up the older version.
812    
813     *hardened-sources-2.6.18-r5 (06 Mar 2007)
814    
815     06 Mar 2007; Christian Heim <phreak@gentoo.org>
816     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
817     +hardened-sources-2.6.18-r5.ebuild:
818     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
819     Linux 2.6.18.8. Also cleaning up the older version.
820 phreak 1.137
821     24 Feb 2007; Christian Heim <phreak@gentoo.org>
822     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
823     -hardened-sources-2.6.19-r5.ebuild:
824     Removing some of the old version, that didn't work.
825 phreak 1.136
826     *hardened-sources-2.6.19-r6 (12 Feb 2007)
827    
828     12 Feb 2007; Christian Heim <phreak@gentoo.org>
829     +hardened-sources-2.6.19-r6.ebuild:
830     Revision bump, including a new grsec version fixing #166235.
831 pappy 1.134
832     *hardened-sources-2.4.34 (24 Jan 2007)
833    
834     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
835 pappy 1.135 Manifest:
836     updating Manifest with checksums of new tarball and ebuild
837    
838     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
839 pappy 1.134 +hardened-sources-2.4.34.ebuild:
840     I added new hardened sources 2.4 update, this is a critical path
841     security bugfix - all users of h-s are strongly advised
842     to update their existing hardened sources to this version.
843     It contains a fix for a kernel vulnerability that is pertaining
844     to the PaX changes to virtual memory management, possibly leading
845     to a local kernel exploit ... see grsecurity.net forums and homepage
846 phreak 1.133
847     23 Jan 2007; Christian Heim <phreak@gentoo.org>
848     files/digest-hardened-sources-2.6.19-r5, Manifest:
849     Fixing the patch-tarball digest.
850 phreak 1.132
851     *hardened-sources-2.6.19-r5 (23 Jan 2007)
852    
853     23 Jan 2007; Christian Heim <phreak@gentoo.org>
854     +hardened-sources-2.6.19-r5.ebuild:
855     Revision bump, closing the recently discovered PaX expand_stack()
856     vulnerability.
857 phreak 1.131
858     *hardened-sources-2.6.19-r4 (14 Jan 2007)
859    
860     14 Jan 2007; Christian Heim <phreak@gentoo.org>
861     +hardened-sources-2.6.19-r4.ebuild:
862     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
863     dropping the randomized PID feature.
864 opfer 1.130
865     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
866     hardened-sources-2.4.33.4.ebuild:
867     stable x86, bug #161171
868 phreak 1.129
869     *hardened-sources-2.6.19-r3 (27 Dec 2006)
870    
871     27 Dec 2006; Christian Heim <phreak@gentoo.org>
872     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
873     Revision bump for bug #157186 and #158786.
874 phreak 1.128
875     *hardened-sources-2.6.18-r4 (27 Dec 2006)
876    
877     27 Dec 2006; Christian Heim <phreak@gentoo.org>
878     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
879     Revision bump for bug #157186.
880 phreak 1.127
881     *hardened-sources-2.6.19-r2 (23 Dec 2006)
882    
883     23 Dec 2006; Christian Heim <phreak@gentoo.org>
884     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
885     Revision bump to pull in genpatches-2.6.19-3 for #157186.
886 phreak 1.126
887     17 Dec 2006; Christian Heim <phreak@gentoo.org>
888     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
889     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
890     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
891     hardened-sources-2.6.19-r1.ebuild:
892     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
893     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
894 pappy 1.125
895     *hardened-sources-2.4.33.4 (17 Dec 2006)
896    
897     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
898     +hardened-sources-2.4.33.4.ebuild:
899     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
900     and quilting
901 phreak 1.124
902     *hardened-sources-2.6.19-r1 (14 Dec 2006)
903    
904     14 Dec 2006; Christian Heim <phreak@gentoo.org>
905     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
906     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
907     for reporting).
908 phreak 1.123
909     *hardened-sources-2.6.19 (13 Dec 2006)
910    
911     13 Dec 2006; Christian Heim <phreak@gentoo.org>
912     +hardened-sources-2.6.19.ebuild:
913     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
914     Brad for providing that prompt update.
915 phreak 1.122
916     *hardened-sources-2.6.18-r3 (13 Dec 2006)
917    
918     13 Dec 2006; Christian Heim <phreak@gentoo.org>
919     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
920     +hardened-sources-2.6.18-r3.ebuild:
921     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
922     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
923 phreak 1.121
924     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
925     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
926 nixnut 1.120
927     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
928     Stable on ppc wrt bug 157356
929 opfer 1.119
930     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
931     hardened-sources-2.6.18.ebuild:
932     stable x86, bug #157356
933 phreak 1.118
934     *hardened-sources-2.6.18-r2 (06 Dec 2006)
935    
936     06 Dec 2006; Christian Heim <phreak@gentoo.org>
937     +hardened-sources-2.6.18-r2.ebuild:
938     Revision bump, including 2.6.18.5 (via genpatches) and
939     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
940     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
941     redesign.
942 phreak 1.117
943     06 Dec 2006; Christian Heim <phreak@gentoo.org>
944     hardened-sources-2.6.18.ebuild:
945     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
946     of Mike Doty).
947 phreak 1.116
948     *hardened-sources-2.6.18-r1 (23 Nov 2006)
949    
950     23 Nov 2006; Christian Heim <phreak@gentoo.org>
951     +hardened-sources-2.6.18-r1.ebuild:
952     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
953 phreak 1.115
954     *hardened-sources-2.6.18 (11 Nov 2006)
955    
956     11 Nov 2006; Christian Heim <phreak@gentoo.org>
957     +hardened-sources-2.6.18.ebuild:
958     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
959 solar 1.114
960     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
961     - mark amd64 stable also. bug #151877
962 solar 1.113
963     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
964     - mark 2.6.17-r1 stable
965 phreak 1.112
966     27 Aug 2006; Christian Heim <phreak@gentoo.org>
967     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
968     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
969 phreak 1.111
970     *hardened-sources-2.6.17-r1 (26 Aug 2006)
971    
972     26 Aug 2006; Christian Heim <phreak@gentoo.org>
973     +hardened-sources-2.6.17-r1.ebuild:
974     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
975     grsecurity patch.
976 phreak 1.110
977     *hardened-sources-2.6.17 (17 Aug 2006)
978    
979     17 Aug 2006; Christian Heim <phreak@gentoo.org>
980     +hardened-sources-2.6.17.ebuild:
981     Bumping the hardened-sources-2.6 series to 2.6.17, using
982     genpatches-2.6.17-6.base.
983 solar 1.109
984     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
985     - stable on x86 and amd64
986 solar 1.108
987     *hardened-sources-2.6.16-r11 (15 Jul 2006)
988    
989     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
990     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
991     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
992     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
993     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
994     crusty ebuilds
995 johnm 1.107
996     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
997     hardened-sources-2.6.16-r10.ebuild:
998     marking stable on x86 and amd64
999 solar 1.106
1000     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1001     - 2.4.32-r6 stable on x86. RSBAC state unknown
1002 kang 1.105
1003     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1004    
1005     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1006     +hardened-sources-2.4.32-r7.ebuild:
1007     Bump PaX for RSBAC to test-17
1008 johnm 1.104
1009     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1010    
1011     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1012     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1013     hardened-sources-2.6.16 bump to latest -base.
1014 solar 1.103
1015     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1016    
1017     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1018     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1019     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1020     sysctl controlable resource logging
1021 johnm 1.102
1022     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1023    
1024     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1025     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1026     push new 2.6.16 release in preparation for stable
1027 solar 1.101
1028     22 May 2006; <solar@gentoo.org> :
1029     - redigest bug 134002
1030 kang 1.100
1031     *hardened-sources-2.4.32-r5 (16 May 2006)
1032    
1033     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1034     +hardened-sources-2.4.32-r5.ebuild:
1035     Fixes rsbac common patching (new patch in new -r5 patchset)
1036 solar 1.99
1037     *hardened-sources-2.4.32-r4 (13 May 2006)
1038    
1039     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1040     +hardened-sources-2.4.32-r4.ebuild:
1041     - security bumps
1042 johnm 1.98
1043     *hardened-sources-2.6.16-r6 (03 May 2006)
1044    
1045     03 May 2006; John Mylchreest <johnm@gentoo.org>
1046     +hardened-sources-2.6.16-r6.ebuild:
1047     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1048 johnm 1.97
1049     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1050     hardened-sources-2.6.14-r8.ebuild:
1051     fix x86_64 build problem, this will delay the digest issue again for a short
1052     while but it will sort itself out
1053 johnm 1.96
1054     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1055     hardened-sources-2.6.14-r8.ebuild:
1056     bump hardened patchset
1057 antarus 1.94
1058     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1059     files/digest-hardened-sources-2.4.32-r2,
1060     files/digest-hardened-sources-2.4.32-r3,
1061     files/digest-hardened-sources-2.6.14-r8, Manifest:
1062     Fixing duff SHA256 digests: Bug # 131293
1063 johnm 1.93
1064 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1065    
1066     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1067     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1068     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1069     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1070     cleanup of old uneccessary sources
1071    
1072 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1073     fix digest
1074 johnm 1.92
1075     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1076    
1077     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1078     +hardened-sources-2.6.14-r8.ebuild:
1079     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1080 johnm 1.91
1081     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1082     Turning on gpg-signing again, and recomitting
1083 johnm 1.90
1084     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1085    
1086     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1087     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1088     +hardened-sources-2.6.16-r4.ebuild:
1089     Fix numerous security vulns
1090 solar 1.89
1091     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1092    
1093     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1094     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1095     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1096     - security bump for bug #112791. Removed old ebuilds
1097 johnm 1.88
1098     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1099    
1100     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1101     +hardened-sources-2.6.16-r3.ebuild:
1102     Removing silly localversion which I missed
1103 johnm 1.87
1104     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1105    
1106     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1107     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1108     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1109 johnm 1.86
1110     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1111    
1112     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1113     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1114     +hardened-sources-2.6.16-r2.ebuild:
1115     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1116     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1117 johnm 1.85
1118     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1119    
1120     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1121     +hardened-sources-2.6.16-r1.ebuild:
1122     Bumping to include ppc build fix and 2.6.16.3
1123 tsunam 1.84
1124     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1125     hardened-sources-2.6.14-r6.ebuild:
1126     Stable on x86; bug #127718
1127 johnm 1.83
1128     *hardened-sources-2.6.16 (31 Mar 2006)
1129    
1130     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1131     +hardened-sources-2.6.16.ebuild:
1132     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1133     2.6.16.1
1134 cryos 1.82
1135     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1136     hardened-sources-2.6.14-r6.ebuild:
1137     Stable on amd64, bug 127718.
1138 nixnut 1.81
1139     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1140     Stable on ppc. Bug #127718
1141 johnm 1.80
1142     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1143     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1144     -hardened-sources-2.6.14-r4.ebuild:
1145     Cleanup.
1146 johnm 1.79
1147     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1148    
1149     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1150     +hardened-sources-2.6.14-r6.ebuild:
1151     Fixes grsec policy recreation bug and adds a
1152     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1153 solar 1.78
1154     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1155     - stable on x86
1156 hansmi 1.77
1157     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1158     hardened-sources-2.6.14-r5.ebuild:
1159     Stable on ppc.
1160 johnm 1.76
1161     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1162    
1163     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1164     +hardened-sources-2.6.14-r5.ebuild:
1165     fixing every known exploit
1166 solar 1.75
1167     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1168    
1169     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1170     +hardened-sources-2.4.32-r2.ebuild:
1171     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1172 solar 1.74
1173     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1174    
1175     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1176     - version bump for new genpatches which fix up a few sec holes
1177 solar 1.73
1178     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1179    
1180     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1181     - revision bump to add misc vital linux kernel security patches.
1182 johnm 1.72
1183     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1184    
1185     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1186     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1187     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1188 johnm 1.71
1189     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1190     hardened-sources-2.6.14-r2.ebuild:
1191     making x86 & amd64 stable following testing.
1192 johnm 1.70
1193     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1194    
1195     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1196     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1197     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1198     network hooks.
1199 johnm 1.69
1200     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1201     hardened-sources-2.6.14-r1.ebuild:
1202     bumping to stable early for sec fix on x86 & amd64
1203 johnm 1.68
1204     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1205    
1206     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1207     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1208     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1209 solar 1.67
1210     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1211     - stable on x86 security bug #114227 CAN-2005-3257
1212 kang 1.66
1213     *hardened-sources-2.4.32 (19 Nov 2005)
1214    
1215     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1216     +hardened-sources-2.4.32.ebuild:
1217     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1218     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1219     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1220     rsbac >> /etc/portage/package.use)
1221 johnm 1.65
1222     *hardened-sources-2.6.14 (14 Nov 2005)
1223    
1224     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1225     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1226     Bumping 2.6 series to 2.6.14.2
1227 johnm 1.64
1228     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1229    
1230     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1231     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1232     +hardened-sources-2.6.13-r2.ebuild:
1233     Fixes minor build error in ppc.
1234 johnm 1.63
1235     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1236    
1237     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1238     +hardened-sources-2.6.13-r1.ebuild:
1239     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1240     2.6.13.4, fixes some major amd64 stability problems.
1241 johnm 1.62
1242     *hardened-sources-2.6.13 (16 Sep 2005)
1243    
1244     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1245     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1246     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1247     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1248     users should test this thoroughly.
1249 solar 1.61
1250     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1251     - stable on x86
1252 johnm 1.60
1253     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1254    
1255     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1256     +hardened-sources-2.6.11-r15.ebuild:
1257     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1258     grsec redefining curr_ip struct.
1259 solar 1.59
1260     *hardened-sources-2.4.31 (20 Jun 2005)
1261    
1262     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1263     initial import of 2.4.31 tree
1264 johnm 1.58
1265     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1266    
1267     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1268     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1269     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1270     naming scheme to abide by genpatches
1271 johnm 1.57
1272     *hardened-sources-2.6.11-r13 (18 May 2005)
1273    
1274     18 May 2005; John Mylchreest <johnm@gentoo.org>
1275     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1276     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1277     target. sorry about that. Fixes bug #93022
1278 johnm 1.56
1279     *hardened-sources-2.6.11-r12 (17 May 2005)
1280    
1281     17 May 2005; John Mylchreest <johnm@gentoo.org>
1282     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1283     +hardened-sources-2.6.11-r12.ebuild:
1284     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1285     merges in genpatches-base
1286 johnm 1.55
1287     *hardened-sources-2.6.11-r12 (17 May 2005)
1288    
1289     17 May 2005; John Mylchreest <johnm@gentoo.org>
1290     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1291     +hardened-sources-2.6.11-r12.ebuild:
1292     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1293     merges in genpatches-base
1294 solar 1.54
1295     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1296     -files/2.4.27-cmdline-race.patch,
1297     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1298     -files/2.4.28-grsec-binfmt_a.out.patch,
1299     -files/2.4.28-grsec-cmdline-race.patch,
1300     -files/2.4.28-selinux-binfmt_a.out.patch,
1301     -files/2.4.28-selinux-cmdline-race.patch,
1302     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1303     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1304     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1305     cleanup..
1306 solar 1.53
1307     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1308    
1309     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1310     - disable aout by default
1311 solar 1.52
1312     *hardened-sources-2.4.30 (18 Apr 2005)
1313    
1314     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1315     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1316     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1317     use
1318 tocharian 1.50
1319 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1320    
1321     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1322     +hardened-sources-2.4.29.ebuild:
1323     New hardened-patches-2.4-29.0 patchball.
1324     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1325    
1326     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1327    
1328     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1329     +hardened-sources-2.4.28-r5.ebuild:
1330     Added a fix for a PaX vulnerability.
1331    
1332     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1333 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1334     Stable on x86
1335 solar 1.49
1336     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1337     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1338     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1339     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1340     - fixed/added RDEPEND= in all kernel-2 ebuilds
1341 tocharian 1.48
1342     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1343    
1344     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1345     +hardened-sources-2.4.28-r4.ebuild:
1346     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1347     backport of neighbour hash updates.
1348 tocharian 1.47
1349     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1350     hardened-sources-2.4.28-r3.ebuild:
1351     Stable on x86
1352 tseng 1.46
1353     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1354    
1355     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1356     +hardened-sources-2.6.10-r3.ebuild:
1357     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1358     in 2005.0
1359 tocharian 1.45
1360     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1361     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1362     hardened-sources-2.4.28-r2.ebuild:
1363     Mark stable on x86
1364 tocharian 1.44
1365     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1366    
1367     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1368     +hardened-sources-2.4.28-r3.ebuild:
1369     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1370 tocharian 1.43
1371     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1372     hardened-sources-2.4.28.ebuild:
1373     Mark stable on x86.
1374 tocharian 1.42
1375     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1376    
1377     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1378     +hardened-sources-2.4.28-r2.ebuild:
1379     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1380     Mazinger for grsecurity patches as well.
1381 plasmaroo 1.41
1382     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1383    
1384     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1385     Security bump. Thank tocharian for rolling a new patchset...
1386 solar 1.40
1387     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1388     +files/2.4.28-grsec-cmdline-race.patch,
1389     +files/2.4.28-selinux-binfmt_a.out.patch,
1390     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1391     - Round up remaining security patches that appear to be missing in 2.4.28. -
1392     PaX standalone updated to current. hgpv=28.1
1393 solar 1.39
1394     *hardened-sources-2.4.28 (28 Nov 2004)
1395    
1396     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1397     security bump. Thank tocharian for rolling a new patchset
1398 scox 1.31
1399 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1400    
1401     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1402     +hardened-sources-2.4.27-r3.ebuild:
1403     Applies the new 2.4-27.2 patchball which updates
1404     GRSecurity to the 2.0.1 version.
1405    
1406 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1407    
1408     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1409     +hardened-sources-2.4.27-r2.ebuild:
1410     Version bump.
1411     This version uses the new 2.4-27.1 patchball which updates
1412     both the SELinux PaX hooks patch and the SELinux headers.
1413    
1414 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1415    
1416     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1417     +hardened-sources-2.4.27-r1.ebuild,
1418     -hardened-sources-2.4.27.ebuild,
1419     +files/2.4.27-cmdline-race.patch:
1420     Version bump, fix for cmdline race. See bug #59905.
1421    
1422     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1423    
1424     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1425     +hardened-sources-2.4.26-r6.ebuild,
1426     -hardened-sources-2.4.26-r5.ebuild,
1427     -hardened-sources-2.4.26-r4.ebuild,
1428     +files/2.4.26-cmdline-race.patch:
1429     Version bump, fix for cmdline race. See bug #59905.
1430    
1431 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1432    
1433     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1434     +hardened-sources-2.4.27.ebuild,
1435     +files/2.4.27-CAN-2004-0394.patch:
1436     Ported the patchball to the 2.4.27 kernel version.
1437    
1438 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1439    
1440     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1441     +hardened-sources-2.4.26-r5.ebuild:
1442 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1443 scox 1.34 It adds the following features:
1444     - Squashfs
1445     - Ebtables
1446     - Netdev random (core+drivers)
1447     - Watchdog Timer (WDT) fix.
1448    
1449 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1450    
1451     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1452     +hardened-sources-2.4.26-r4.ebuild,
1453     +files/2.4.26-CAN-2004-0415.patch,
1454     -hardened-sources-2.4.26-3:
1455     Version bump, fix for CAN 0415, see bug #59378.
1456    
1457 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1458    
1459     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1460     +hardened-sources-2.4.26-r3.ebuild,
1461     +files/2.4.26-CAN-2004-0497.patch,
1462     -hardened-sources-2.4.26-r2.ebuild:
1463     Version bump, fixed CAN 0497, see bug #56171.
1464    
1465 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1466    
1467     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1468 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1469 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1470     +files/2.4.26-CAN-2004-0535.patch,
1471     -hardened-sources-2.4.26-r1.ebuild:
1472     Fixes for both CAN 0495 and 0535, see bug #54976
1473 pvdabeel 1.27
1474 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1475     hardened-sources-2.4.26-r1.ebuild:
1476     QA - fix use invocation
1477 scox 1.28
1478     *hardened-sources-2.4.26-r1 (22 June 2004)
1479    
1480     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1481     +hardened-sources-2.4.26-r1.ebuild,
1482     +files/2.4.26-CAN-2004-0394.patch,
1483     +files/2.4.26-signal-race.patch,
1484     -hardened-sources-2.4.26.ebuild,
1485     -hardened-sources-2.4.24-r3.ebuild:
1486     Version bump for the CAN-2004-0394 issue and bug #53804
1487     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1488    
1489    
1490 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1491     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1492     Masked hardened-sources-2.4.26.ebuild broken for ppc
1493    
1494     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1495     hardened-sources-2.4.24-r3.ebuild:
1496     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1497 plasmaroo 1.25
1498 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1499    
1500     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1501     +hardened-sources-2.4.26.ebuild:
1502     Updated hardened-sources for the 2.4.26 kernel
1503     Removed broken components, updated almost everything.
1504    
1505 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1506    
1507     17 Apr 2004; <plasmaroo@gentoo.org>
1508     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1509     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1510     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1511     +hardened-sources-2.4.24-r3.ebuild:
1512     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1513     vulnerabilities. Old revisions removed.
1514 plasmaroo 1.24
1515     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1516    
1517     15 Apr 2004; <plasmaroo@gentoo.org>
1518     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1519     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1520     Version bump for the CAN-2004-0109 issue; bug #47881.
1521 aliz 1.23
1522     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1523     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1524     Add eutils to inherit.
1525 plasmaroo 1.22
1526     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1527    
1528     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1529     files/hardened-sources-2.4.24.munmap.patch:
1530     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1531 scox 1.19
1532 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1533 scox 1.26
1534 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1535     hardened-sources-2.4.24.ebuild:
1536     Version bump, updated most of the components.
1537     This release includes the following:
1538    
1539     - Hardened security
1540     - Netfilter patch-o-matic 20031219
1541     - FreeSWAN 2.04 & x509 1.4.8
1542     - EVMS 2.2.2
1543     - XFS 1.3.1
1544     - cryptoloop jari
1545     - grsecurity 2.0-rc4
1546     - SELinux
1547     - PaX 200402060000
1548     - PaX Obscurity 200308302223
1549     - Others...
1550    
1551     Neither -ck nor systrace are included anymore.
1552    
1553 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1554    
1555     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1556     hardened-sources-2.4.22-r2.ebuild:
1557 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1558 scox 1.19
1559     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1560 iggy 1.17
1561     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1562 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1563 iggy 1.16
1564     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1565 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1566     Version bump for the 'do_brk' vulnerability.
1567 iggy 1.15
1568     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1569     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1570     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1571     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1572 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1573 frogger 1.14
1574     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1575     hardened-sources-2.4.22.ebuild:
1576 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1577     components. These are no longer handled in the kernel
1578     so this code was not necessary.
1579 frogger 1.13
1580     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1581     New 2.4.22 based hardened-sources thanks to
1582     Phil West <p.west@computer.org>.
1583    
1584     These sources include:
1585 plasmaroo 1.18 - New SELinux API
1586     - Updated CK-base
1587     - Updated GRSec
1588     - Systrace
1589     - SuperFreeS/WAN 1.99.8
1590     - Propolice kernel build support
1591     - EVMS
1592     - Other various security related patches
1593 frogger 1.11
1594 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1595    
1596     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1597     Updated hardened-sources based on the 2.4.21 Linux kernel.
1598     This includes updates to most major components such as:
1599 plasmaroo 1.18 - ck-base-0306300059
1600     - selinux-2.4-2003071106
1601     - grsecurity-2.0-rc1
1602     - Updated IPTables patch-o-matic
1603     - Updated SuperFreeS/WAN
1604    
1605 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1606     updated patch set ready for the 2.4.21 based kernel.
1607    
1608 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1609     Initial import of hardened-sources-2.4.20-r4. This revision
1610     includes only a few changes, but one of these is an important
1611     security fix. It is recommended all users of hardened-sources
1612     upgrade to this release.
1613 plasmaroo 1.18
1614 frogger 1.11 - ioperm bug fix
1615     - fixed compilation failure when building without GRSec
1616 plasmaroo 1.18
1617 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1618     due to time constraints, but is planned for inclusion in the near
1619     future.
1620 msterret 1.10
1621     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1622    
1623     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1624     hardened-sources-2.4.20-r3.ebuild:
1625 plasmaroo 1.18 Add Header...
1626 frogger 1.9
1627     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1628     hardened-sources-2.4.20-r3.ebuild:
1629     Removed warnings from ebuild. This kernel should be safe to
1630     use at this point.
1631 frogger 1.8
1632     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1633    
1634     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1635     hardened-sources-2.4.20-r3.ebuild:
1636     New revision. Includes the following changes over -r2:
1637 plasmaroo 1.18
1638 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1639     - Super FreeS/WAN 1.99.7rc2
1640     - PaX for the LSM/SELinux branch
1641     - GRSecurity 2.0-pre4 (role based access control)
1642     - Systrace 1.3
1643     - EXT3 fixes
1644     - EVMS 2.0.1
1645     - GCC 3.1+ compile optimizations
1646     - ProPolice kernel build support
1647     - Hashing table security fixes
1648 frogger 1.3
1649     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1650 frogger 1.7
1651     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1652     Initial import of hardened-sources-r2. This new
1653     ebuild includes many new performance and security
1654     related patches. As in -r1, it will patch in
1655     LSM/SELinux if "selinux" is in USE, otherwise it
1656     will patch in GRSecurity. The following patches
1657     are included in this revision:
1658 plasmaroo 1.18
1659 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1660     (pulled from the base CK patch)
1661     - ptrace exploit patch for the LSM kernel
1662     (the GRSec patch already fixes this)
1663     - LSM 2.4-2003040709
1664     - SELinux 2.4-2003040709
1665     - Systrace v1.2
1666     - IPTables patch-o-matic base patches - 20030107
1667     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1668     - Super FreeS/WAN 1.99.6.1
1669     - GRSecurity 1.9.9g
1670     - MPPE
1671     - EXT3 data journal fix
1672     - CIPE 1.5.4
1673 frogger 1.6
1674     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1675     hardened-sources-2.4.20-r1.ebuild, manifest:
1676 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1677 frogger 1.5
1678     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1679     hardened-sources-2.4.20-r1.ebuild:
1680     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1681     is patched in instead. Ptrace patches for selinux have also been added. In
1682     either case, systrace support will be patched in as well.
1683 frogger 1.3
1684     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1685     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1686 plasmaroo 1.18 Revision bump for new sources.
1687 frogger 1.4
1688 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1689 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1690 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1691 method 1.1
1692 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1693    
1694 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1695     hardened-sources-2.4.20.ebuild:
1696 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20