/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.281 - (hide annotations) (download)
Sun Jan 25 00:57:58 2009 UTC (5 years, 6 months ago) by gengor
Branch: MAIN
Changes since 1.280: +5 -1 lines
Stable sys-kernel/hardened-sources-2.6.26-r9 on amd64/x86
(Portage version: 2.1.6.4/cvs/Linux 2.6.27-hardened-r5-rc1-2009012401 i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.281 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.280 2009/01/24 22:48:04 gengor Exp $
4    
5     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
6     hardened-sources-2.6.26-r9.ebuild:
7     Stable amd64/x86.
8 gengor 1.280
9     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
10     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
11     -hardened-sources-2.6.27-r5.ebuild:
12     Remove problem versions.
13 gengor 1.279
14     *hardened-sources-2.6.27-r6 (24 Jan 2009)
15    
16     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
17     +hardened-sources-2.6.27-r6.ebuild:
18     Revert PaX test29 to test30 changes. Fixes bug 256226.
19 gengor 1.277
20     *hardened-sources-2.6.27-r5 (24 Jan 2009)
21    
22     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
23     +hardened-sources-2.6.27-r5.ebuild:
24 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
25 gengor 1.277 254843.
26 gengor 1.276
27     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
28     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
29     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
30     Remove problem versions.
31 nixnut 1.275
32     23 Jan 2009; nixnut <nixnut@gentoo.org>
33     hardened-sources-2.6.25-r13.ebuild:
34     ppc stable
35 gengor 1.274
36     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
37     hardened-sources-2.6.25-r13.ebuild:
38     Fasttrack stable amd64/x86.
39 gengor 1.273
40     *hardened-sources-2.6.26-r9 (21 Jan 2009)
41    
42     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
43     +hardened-sources-2.6.26-r9.ebuild:
44 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
45 gengor 1.272
46     *hardened-sources-2.6.25-r13 (20 Jan 2009)
47    
48     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
49     +hardened-sources-2.6.25-r13.ebuild:
50 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
51 nixnut 1.271
52     20 Jan 2009; nixnut <nixnut@gentoo.org>
53     hardened-sources-2.6.25-r12.ebuild:
54     ppc stable
55 gengor 1.270
56     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
57     hardened-sources-2.6.25-r12.ebuild:
58     Stable amd64/x86.
59 gengor 1.269
60     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
61     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
62     -hardened-sources-2.6.27-r2.ebuild:
63     Clean out old versions.
64 gengor 1.268
65     *hardened-sources-2.6.27-r4 (14 Jan 2009)
66     *hardened-sources-2.6.26-r8 (14 Jan 2009)
67     *hardened-sources-2.6.25-r12 (14 Jan 2009)
68    
69     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
70     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
71     +hardened-sources-2.6.27-r4.ebuild:
72     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
73     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
74     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
75     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
76 nixnut 1.267
77     15 Dec 2008; nixnut <nixnut@gentoo.org>
78     hardened-sources-2.6.25-r11.ebuild:
79     Stable on ppc
80 gengor 1.266
81     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
82     hardened-sources-2.6.25-r11.ebuild:
83     Stable amd64/x86.
84 gengor 1.265
85     *hardened-sources-2.6.27-r3 (07 Dec 2008)
86    
87     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
88     +hardened-sources-2.6.27-r3.ebuild:
89     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
90     Fixes bug #248754, #249729 and #246607.
91 gengor 1.264
92     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
93     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
94     Remove old versions.
95 gengor 1.262
96     *hardened-sources-2.6.26-r7 (03 Dec 2008)
97     *hardened-sources-2.6.25-r11 (03 Dec 2008)
98    
99 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
100     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
101 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
102     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
103     Both include many backports from 2.6.27.{6,7} -stable releases.
104 gengor 1.261
105     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
106     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
107     Remove versions broken on ARCHes != x86/amd64.
108 gengor 1.260
109     *hardened-sources-2.6.27-r2 (24 Nov 2008)
110    
111     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
112     +hardened-sources-2.6.27-r2.ebuild:
113     Bump to Linux 2.6.27.7 and latest grsecurity patch.
114 gengor 1.259
115     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
116     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
117     Remove old versions.
118 gengor 1.258
119     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
120     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
121     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
122 nixnut 1.257
123     16 Nov 2008; nixnut <nixnut@gentoo.org>
124     hardened-sources-2.6.25-r10.ebuild:
125     Stable on ppc
126 gengor 1.256
127     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
128     hardened-sources-2.6.25-r10.ebuild:
129     Stable amd64/x86.
130 gengor 1.255
131     *hardened-sources-2.6.26-r6 (12 Nov 2008)
132    
133     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
134     +hardened-sources-2.6.26-r6.ebuild:
135     Bump to Linux 2.6.26.8 and fix security bug #245650.
136 gengor 1.254
137     *hardened-sources-2.6.25-r10 (12 Nov 2008)
138    
139     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
140     +hardened-sources-2.6.25-r10.ebuild:
141     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
142 gengor 1.253
143     *hardened-sources-2.6.27-r1 (09 Nov 2008)
144    
145     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
146     +hardened-sources-2.6.27-r1.ebuild:
147     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
148 gengor 1.252
149     *hardened-sources-2.6.27 (04 Nov 2008)
150    
151     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
152     +hardened-sources-2.6.27.ebuild:
153     Initial 2.6.27 release.
154 gengor 1.251
155     *hardened-sources-2.6.26-r5 (03 Nov 2008)
156    
157     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
158     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
159     +hardened-sources-2.6.26-r5.ebuild:
160     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
161     Clean out some old versions.
162 nixnut 1.250
163     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
164     Stable on ppc
165 gengor 1.249
166     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
167     hardened-sources-2.6.25-r9.ebuild:
168     Stable on amd64/x86.
169 gengor 1.248
170     *hardened-sources-2.6.25-r9 (26 Oct 2008)
171    
172     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
173     +hardened-sources-2.6.25-r9.ebuild:
174     Update to Linux 2.6.25.19
175 nixnut 1.247
176     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
177     Stable on ppc
178 gengor 1.246
179     *hardened-sources-2.6.26-r4 (14 Oct 2008)
180    
181     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
182     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
183     Update to latest grsecurity patch, fixing building of non-modular kernels.
184 gengor 1.245
185     *hardened-sources-2.6.26-r3 (12 Oct 2008)
186    
187     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
188     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
189     +hardened-sources-2.6.26-r3.ebuild:
190     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
191     2.6.26-r1: Removed.
192     2.6.25-r8: Stable amd64/x86.
193 gengor 1.244
194     *hardened-sources-2.6.25-r8 (09 Oct 2008)
195    
196     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
197     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
198     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
199     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
200 nixnut 1.243
201     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
202     Stable on ppc
203 gengor 1.242
204     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
205     hardened-sources-2.6.25-r7.ebuild:
206     Stable amd64/x86.
207 gengor 1.241
208     *hardened-sources-2.6.26-r2 (13 Sep 2008)
209    
210     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
211     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
212     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
213     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
214 gengor 1.240
215     *hardened-sources-2.6.25-r7 (13 Sep 2008)
216    
217     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
218     +hardened-sources-2.6.25-r7.ebuild:
219     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
220 gengor 1.239
221     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
222     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
223     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
224     hardened-sources-2.6.26-r1.ebuild:
225     Update DESCRIPTION and HGPV_URI.
226 gengor 1.238
227     *hardened-sources-2.6.25-r6 (09 Sep 2008)
228    
229     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
230     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
231     2.6.25-r6: Update to Linux 2.6.25.17.
232     2.6.24-r3: Removed.
233 gengor 1.237
234     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
235     hardened-sources-2.6.25-r5.ebuild:
236     Stable on amd64/x86
237 gengor 1.236
238     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
239     Update my email address.
240 nixnut 1.235
241     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
242     stable on ppc
243 battousai 1.234
244     *hardened-sources-2.6.26-r1 (23 Aug 2008)
245     *hardened-sources-2.6.25-r5 (23 Aug 2008)
246    
247     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
248     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
249     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
250     +hardened-sources-2.6.26-r1.ebuild:
251     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
252     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
253     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
254     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
255     (gengor).
256 solar 1.233
257     *hardened-sources-2.6.26 (18 Aug 2008)
258     *hardened-sources-2.6.25-r4 (18 Aug 2008)
259    
260     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
261     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
262     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
263     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
264     2.6.25-r2: Removed.
265 tove 1.232
266     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
267     Remove phreak from metadata.xml (#96398)
268 solar 1.231
269     *hardened-sources-2.6.25-r3 (31 Jul 2008)
270    
271     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
272     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
273     +hardened-sources-2.6.25-r3.ebuild:
274     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
275     fixes, including security bug #231750.
276 nixnut 1.230
277     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
278     Stable on ppc
279 solar 1.229
280     *hardened-sources-2.6.25-r2 (05 Jul 2008)
281    
282     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
283     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
284     +hardened-sources-2.6.25-r2.ebuild:
285     2.6.23-r4: Stable x86/amd64
286     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
287     2.6.23-r{11,12}: Removed due to multiple vulns.
288     (gengor & kerframil)
289 nixnut 1.228
290     04 Jul 2008; nixnut <nixnut@gentoo.org>
291     hardened-sources-2.6.23-r13.ebuild:
292     Stable on ppc
293 solar 1.227
294     *hardened-sources-2.6.25-r1 (30 Jun 2008)
295    
296     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
297     +hardened-sources-2.6.25-r1.ebuild:
298     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
299     grsecurity release. 2.6.23-r13: x86/amd64 stable
300 solar 1.226
301     *hardened-sources-2.6.25 (17 Jun 2008)
302     *hardened-sources-2.6.24-r3 (17 Jun 2008)
303     *hardened-sources-2.6.23-r13 (17 Jun 2008)
304    
305     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
306     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
307     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
308     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
309     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
310     2.6.25: Initial 2.6.25 release.
311 solar 1.225
312     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
313     - fasttrack to stable x86/amd64
314 swegener 1.224
315     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
316     Fix broken digest for linux-2.6.24.tar.bz2.
317 solar 1.223
318     *hardened-sources-2.6.24-r2 (11 May 2008)
319     *hardened-sources-2.6.23-r12 (11 May 2008)
320    
321     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
322     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
323     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
324     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
325     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
326     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
327     security bugs 219901, 220691, 220975, 220979, 221123. New
328     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
329     should be removed as far as I'm concerned, everything else remove due to
330     vulnerable to numerous security bugs or brokeness.
331 nixnut 1.222
332     10 May 2008; nixnut <nixnut@gentoo.org>
333     hardened-sources-2.6.23-r11.ebuild:
334     Stable on ppc
335 solar 1.221
336     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
337     - -r11 stable on x86/amd64
338 solar 1.220
339     *hardened-sources-2.6.23-r11 (01 May 2008)
340    
341     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
342     - version bump to fix ulgy linux bugs
343 phreak 1.219
344     *hardened-sources-2.6.24-r1 (30 Apr 2008)
345    
346     30 Apr 2008; Christian Heim <phreak@gentoo.org>
347     +hardened-sources-2.6.24-r1.ebuild:
348     Revision bump (thanks to Kerin and Gordon, again), pulling
349     genpatches-2.6.24-7, solving #219089. Additionally contains further security
350     fixes plus some minor updates.
351 phreak 1.218
352     *hardened-sources-2.6.23-r10 (30 Apr 2008)
353    
354     30 Apr 2008; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.23-r10.ebuild:
356     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
357     Additional contains "various other fixes".
358 phreak 1.217
359     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
360     Update the longdescription in metadata, thanks to Gordon Malm.
361 nixnut 1.216
362     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
363     Stable on ppc wrt bug #213255
364 solar 1.215
365     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
366     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
367     - stable on x86/amd64 per request. Removed obsolete ebuilds
368 phreak 1.214
369     *hardened-sources-2.6.24 (07 Apr 2008)
370    
371     07 Apr 2008; Christian Heim <phreak@gentoo.org>
372     +hardened-sources-2.6.24.ebuild:
373     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
374     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
375     for the many contributions and their continued effort in #216612) based on
376     2.6.24 and genpatches-2.6.24-5.
377    
378     The current ebuild/patchset contains these things:
379     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
380     * Introduces bespoke server and workstation oriented security levels
381     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
382 phreak 1.213
383     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
384     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
385     maintaining it).
386 phreak 1.212
387     24 Mar 2008; Christian Heim <phreak@gentoo.org>
388     hardened-sources-2.4.35-r2.ebuild:
389     Fixing SRC_URI for 2.4.35-r2.
390 phreak 1.211
391     *hardened-sources-2.6.23-r9 (22 Mar 2008)
392    
393     22 Mar 2008; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.23-r9.ebuild:
395     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
396     * Change the default GIDs for some grsecurity options
397     * Revamp the Hardened [Gentoo] security level and make it the default level
398     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
399     * Fix a recursive lock -- call to capable() within ptrace_attach()
400     * Fix bug that allows audit and iscsi operations to be controlled via netlink
401 solar 1.210
402     *hardened-sources-2.6.23-r8 (27 Feb 2008)
403    
404     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
405     - version bump from Kerin Millar bug 210026
406 solar 1.209
407     17 Feb 2008; <solar@gentoo.org> metadata.xml,
408     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
409     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
410     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
411     - stable on x86 and remove old ebuilds
412 solar 1.207
413     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
414 solar 1.208 - stable on amd64 per request of amd64 lead
415 solar 1.206
416     *hardened-sources-2.6.23-r7 (11 Feb 2008)
417    
418     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
419     - version bump from kerin.millar
420     Changes:
421    
422     * Bump to genpatches-base-2.6.23-9
423     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
424     * Disables COMPAT_VDSO in x86/defconfig
425     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
426 phreak 1.205
427     25 Jan 2008; Christian Heim <phreak@gentoo.org>
428     -hardened-sources-2.6.22-r8.ebuild:
429     Cleaning up old versions.
430 phreak 1.204
431     *hardened-sources-2.6.23-r6 (25 Jan 2008)
432    
433     25 Jan 2008; Christian Heim <phreak@gentoo.org>
434     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
435     Revision bump, pulling in the latest genpatches.
436 phreak 1.203
437     *hardened-sources-2.6.23-r5 (24 Dec 2007)
438    
439     24 Dec 2007; Christian Heim <phreak@gentoo.org>
440     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
441     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
442     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
443     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
444 phreak 1.202
445     24 Dec 2007; Christian Heim <phreak@gentoo.org>
446     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
447     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
448     -hardened-sources-2.6.23-r3.ebuild:
449     Cleaning out some unused, old versions.
450 phreak 1.201
451     24 Dec 2007; Christian Heim <phreak@gentoo.org>
452     hardened-sources-2.6.23-r4.ebuild:
453     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
454     in the tree for long, but there isn't much of a difference between this and
455     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
456 phreak 1.200
457     *hardened-sources-2.6.23-r4 (23 Dec 2007)
458    
459     23 Dec 2007; Christian Heim <phreak@gentoo.org>
460     +hardened-sources-2.6.23-r4.ebuild:
461     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
462 phreak 1.199
463     *hardened-sources-2.6.23-r3 (04 Dec 2007)
464    
465     04 Dec 2007; Christian Heim <phreak@gentoo.org>
466     +hardened-sources-2.6.23-r3.ebuild:
467     Revision bump, pulling in 2.6.23.9.
468 phreak 1.198
469     *hardened-sources-2.6.23-r2 (25 Nov 2007)
470    
471     25 Nov 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.23-r2.ebuild:
473     Updated patchset, thanks to solar.
474 phreak 1.197
475     *hardened-sources-2.6.23-r1 (31 Oct 2007)
476    
477     31 Oct 2007; Christian Heim <phreak@gentoo.org>
478     +hardened-sources-2.6.23-r1.ebuild:
479     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
480 solar 1.196
481     29 Oct 2007; <solar@gentoo.org> metadata.xml:
482     - update metadata.xml
483 phreak 1.195
484     25 Oct 2007; Christian Heim <phreak@gentoo.org>
485     hardened-sources-2.6.22-r8.ebuild:
486     Marking 2.6.22-r8 stable on amd64 and x86.
487 phreak 1.194
488     21 Oct 2007; Christian Heim <phreak@gentoo.org>
489     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
490     -hardened-sources-2.6.21-r4.ebuild:
491     Removing old ebuilds.
492 phreak 1.193
493     *hardened-sources-2.4.35-r2 (21 Oct 2007)
494    
495     21 Oct 2007; Christian Heim <phreak@gentoo.org>
496     +hardened-sources-2.4.35-r2.ebuild:
497     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
498     patches.
499 phreak 1.192
500     *hardened-sources-2.6.22-r8 (21 Oct 2007)
501    
502     21 Oct 2007; Christian Heim <phreak@gentoo.org>
503     +hardened-sources-2.6.22-r8.ebuild:
504     Yet another new patch, hopefully fixing the remaining issues we had w/
505     2.6.22. Candidate for stabling.
506 phreak 1.191
507     *hardened-sources-2.6.23 (13 Oct 2007)
508    
509     13 Oct 2007; Christian Heim <phreak@gentoo.org>
510     +hardened-sources-2.6.23.ebuild:
511     Initial hardened-sources-2.6.23. If people still have problems w/ bug
512     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
513 phreak 1.190
514     11 Oct 2007; Christian Heim <phreak@gentoo.org>
515     hardened-sources-2.6.20-r10.ebuild:
516     Pulling in yet another new genpatches version, fixing the PWC bug for real.
517 phreak 1.189
518     04 Oct 2007; Christian Heim <phreak@gentoo.org>
519     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
520     Removing old versions.
521 phreak 1.188
522     *hardened-sources-2.6.22-r7 (01 Oct 2007)
523    
524     01 Oct 2007; Christian Heim <phreak@gentoo.org>
525     +hardened-sources-2.6.22-r7.ebuild:
526     Revision bump, pulling in a newer patch. Should fix #194276.
527 phreak 1.187
528     30 Sep 2007; Christian Heim <phreak@gentoo.org>
529     hardened-sources-2.6.20-r10.ebuild:
530     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
531     Mike Doty).
532 phreak 1.186
533     *hardened-sources-2.6.22-r6 (26 Sep 2007)
534    
535     26 Sep 2007; Christian Heim <phreak@gentoo.org>
536     +hardened-sources-2.6.22-r6.ebuild:
537     Revision bump, grabbing up till Linux 2.6.22.9.
538 phreak 1.185
539     24 Sep 2007; Christian Heim <phreak@gentoo.org>
540     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
541     Cleaning up further.
542 phreak 1.184
543     *hardened-sources-2.6.20-r10 (24 Sep 2007)
544    
545     24 Sep 2007; Christian Heim <phreak@gentoo.org>
546     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
547     +hardened-sources-2.6.20-r10.ebuild:
548     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
549     revisions.
550 phreak 1.183
551     *hardened-sources-2.6.22-r5 (22 Sep 2007)
552    
553     22 Sep 2007; Christian Heim <phreak@gentoo.org>
554     +hardened-sources-2.6.22-r5.ebuild:
555     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
556 phreak 1.182
557     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
558     Removing johnm from metadata.xml (see #186467 for reference).
559 phreak 1.181
560     *hardened-sources-2.6.22-r4 (17 Sep 2007)
561    
562     17 Sep 2007; Christian Heim <phreak@gentoo.org>
563     +hardened-sources-2.6.22-r4.ebuild:
564     Revision bump, hopefully fixing all those weird PAX failures.
565 phreak 1.180
566     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
567     Updating the metadata.xml.
568 phreak 1.179
569     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
570     Removing tocharian from metadata due to his retirement (see #71718 for
571     reference).
572 phreak 1.178
573     *hardened-sources-2.6.20-r9 (30 Aug 2007)
574    
575     30 Aug 2007; Christian Heim <phreak@gentoo.org>
576     +hardened-sources-2.6.20-r9.ebuild:
577     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
578 phreak 1.177
579     29 Aug 2007; Christian Heim <phreak@gentoo.org>
580     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
581     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
582     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
583     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
584     -hardened-sources-2.6.22-r2.ebuild:
585     Removing some redundant versions.
586 phreak 1.176
587     *hardened-sources-2.4.35-r1 (29 Aug 2007)
588    
589     29 Aug 2007; Christian Heim <phreak@gentoo.org>
590     +hardened-sources-2.4.35-r1.ebuild:
591     Revision bump, new grsecurity patch.
592 phreak 1.175
593     *hardened-sources-2.6.20-r8 (26 Aug 2007)
594    
595     26 Aug 2007; Christian Heim <phreak@gentoo.org>
596     +hardened-sources-2.6.20-r8.ebuild:
597     Revision bump for Linux 2.6.20.17.
598 phreak 1.174
599     *hardened-sources-2.6.22-r3 (22 Aug 2007)
600    
601     22 Aug 2007; Christian Heim <phreak@gentoo.org>
602     +hardened-sources-2.6.22-r3.ebuild:
603     Revision bump for Linux 2.6.22.4.
604 phreak 1.173
605     16 Aug 2007; Christian Heim <phreak@gentoo.org>
606     hardened-sources-2.6.22-r2.ebuild:
607     Updated patchset, to fix the alignment against 2.6.22.3.
608 phreak 1.172
609     *hardened-sources-2.6.22-r2 (16 Aug 2007)
610    
611     16 Aug 2007; Christian Heim <phreak@gentoo.org>
612     +hardened-sources-2.6.22-r2.ebuild:
613     Revision bump for Linux 2.6.22.3.
614 phreak 1.171
615     *hardened-sources-2.4.35 (16 Aug 2007)
616    
617     16 Aug 2007; Christian Heim <phreak@gentoo.org>
618     +hardened-sources-2.4.35.ebuild:
619     Version bump, initial version for Linux 2.4.35.
620 phreak 1.170
621     *hardened-sources-2.6.21-r4 (16 Aug 2007)
622    
623     16 Aug 2007; Christian Heim <phreak@gentoo.org>
624     +hardened-sources-2.6.21-r4.ebuild:
625     Revision bump for Linux 2.6.21.6.
626 phreak 1.169
627     *hardened-sources-2.6.20-r7 (16 Aug 2007)
628    
629     16 Aug 2007; Christian Heim <phreak@gentoo.org>
630     +hardened-sources-2.6.20-r7.ebuild:
631     Revision bump for Linux 2.6.20.16.
632 phreak 1.168
633     *hardened-sources-2.6.22-r1 (13 Aug 2007)
634    
635     13 Aug 2007; Christian Heim <phreak@gentoo.org>
636     +hardened-sources-2.6.22-r1.ebuild:
637     Yet another revision bump.
638 phreak 1.167
639     *hardened-sources-2.6.22 (10 Aug 2007)
640    
641     10 Aug 2007; Christian Heim <phreak@gentoo.org>
642     +hardened-sources-2.6.22.ebuild:
643     Initial release for 2.6.22. If you are using hardened-sources on a desktop
644     machine (P4 or newer), be aware you might need to disable
645     CONFIG_PAX_PAGEEXEC.
646 phreak 1.166
647     04 Aug 2007; Christian Heim <phreak@gentoo.org>
648     hardened-sources-2.6.20-r6.ebuild:
649     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
650     2.6.20.15.
651 phreak 1.165
652     10 Jul 2007; Christian Heim <phreak@gentoo.org>
653     hardened-sources-2.6.20-r5.ebuild:
654     Marking hardened-sources-2.6.20-r5 stable on ppc.
655 phreak 1.164
656     10 Jul 2007; Christian Heim <phreak@gentoo.org>
657     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
658     Cleanup.
659 phreak 1.163
660     *hardened-sources-2.6.20-r6 (08 Jul 2007)
661    
662     08 Jul 2007; Christian Heim <phreak@gentoo.org>
663     +hardened-sources-2.6.20-r6.ebuild:
664     Revision bump, grabbing yet another stable release.
665 phreak 1.162
666     17 Jun 2007; Christian Heim <phreak@gentoo.org>
667     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
668     -hardened-sources-2.6.21-r2.ebuild:
669     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
670     alpha stable KEYWORD by mistake.
671 phreak 1.161
672     17 Jun 2007; Christian Heim <phreak@gentoo.org>
673     hardened-sources-2.6.20-r5.ebuild:
674     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
675     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
676 phreak 1.160
677     *hardened-sources-2.6.21-r3 (12 Jun 2007)
678    
679     12 Jun 2007; Christian Heim <phreak@gentoo.org>
680     +hardened-sources-2.6.21-r3.ebuild:
681     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
682     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
683     love.
684 phreak 1.159
685     *hardened-sources-2.6.20-r5 (11 Jun 2007)
686    
687     11 Jun 2007; Christian Heim <phreak@gentoo.org>
688     +hardened-sources-2.6.20-r5.ebuild:
689     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
690     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
691     love.
692 pappy 1.158
693     *hardened-sources-2.4.34.5 (11 Jun 2007)
694    
695     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
696     +hardened-sources-2.4.34.5.ebuild:
697     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
698 phreak 1.157
699     30 May 2007; Christian Heim <phreak@gentoo.org>
700     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
701     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
702     stale ebuild(s).
703 phreak 1.156
704     30 May 2007; Christian Heim <phreak@gentoo.org>
705     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
706     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
707     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
708     Doing some cleanups, remove stale ebuilds.
709 phreak 1.155
710     26 May 2007; Christian Heim <phreak@gentoo.org>
711     hardened-sources-2.6.21-r2.ebuild:
712     Fixing the grsecurity patch, had one '};' too much.
713 phreak 1.154
714     *hardened-sources-2.6.21-r2 (26 May 2007)
715    
716     26 May 2007; Christian Heim <phreak@gentoo.org>
717     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
718     +hardened-sources-2.6.21-r2.ebuild:
719     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
720     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
721 phreak 1.153
722     *hardened-sources-2.6.20-r4 (26 May 2007)
723    
724     26 May 2007; Christian Heim <phreak@gentoo.org>
725     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
726     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
727 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
728 phreak 1.152
729     15 May 2007; Christian Heim <phreak@gentoo.org>
730     hardened-sources-2.6.20-r3.ebuild:
731     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
732     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
733     grsecurity patch fail in that exact same hunk.
734 phreak 1.151
735     *hardened-sources-2.6.20-r3 (15 May 2007)
736    
737     15 May 2007; Christian Heim <phreak@gentoo.org>
738     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
739     Revision bump, incorporating Linux 2.6.20.11.
740    
741     *hardened-sources-2.6.21-r1 (11 May 2007)
742    
743     11 May 2007; Christian Heim <phreak@gentoo.org>
744     +hardened-sources-2.6.21-r1.ebuild:
745     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
746     mentioned in #177234.
747 kevquinn 1.150
748     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
749     files/digest-hardened-sources-2.6.21, Manifest:
750     Fix Manifest/digest for linux-2.6.21.tar.bz2
751 phreak 1.149
752     06 May 2007; Christian Heim <phreak@gentoo.org>
753     hardened-sources-2.6.21.ebuild:
754     Bumping the hardened-patches version, needed for the fix for #177234.
755 phreak 1.148
756     *hardened-sources-2.6.21 (02 May 2007)
757    
758     02 May 2007; Christian Heim <phreak@gentoo.org>
759     +hardened-sources-2.6.21.ebuild:
760     Version bump, Linux 2.6.21-hardened.
761 phreak 1.147
762     29 Apr 2007; Christian Heim <phreak@gentoo.org>
763     hardened-sources-2.6.20-r2.ebuild:
764     Adding ~ia64 on Ned's request.
765 phreak 1.146
766     29 Apr 2007; Christian Heim <phreak@gentoo.org>
767     hardened-sources-2.6.20-r2.ebuild:
768     Fixing the included grsecurity patch, wasn't alligning due to the Index:
769     header line(s).
770 phreak 1.145
771     29 Apr 2007; Christian Heim <phreak@gentoo.org>
772     hardened-sources-2.6.20-r2.ebuild:
773     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
774 armin76 1.144
775     *hardened-sources-2.6.20-r2 (10 Apr 2007)
776    
777     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
778     +hardened-sources-2.6.20-r2.ebuild:
779     Version bump, on behalf of phreak
780 phreak 1.143
781     *hardened-sources-2.6.20-r1 (04 Apr 2007)
782    
783     04 Apr 2007; Christian Heim <phreak@gentoo.org>
784     +hardened-sources-2.6.20-r1.ebuild:
785     Revision bump, grabbing a newer grsecurity snapshot.
786 phreak 1.142
787     *hardened-sources-2.6.20 (25 Mar 2007)
788    
789     25 Mar 2007; Christian Heim <phreak@gentoo.org>
790     +hardened-sources-2.6.20.ebuild:
791     Finally a hardened-sources version for 2.6.20; many people have been waiting
792     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
793     testbox.
794 chainsaw 1.141
795     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
796     hardened-sources-2.6.18-r6.ebuild:
797     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
798 phreak 1.140
799     *hardened-sources-2.6.18-r6 (16 Mar 2007)
800    
801     16 Mar 2007; Christian Heim <phreak@gentoo.org>
802     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
803     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
804     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
805     supposed to be.
806 phreak 1.139
807     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
808     Fixing the Manifest, the previous one was broken (as in still had the
809     deleted ebuild in it).
810 phreak 1.138
811     06 Mar 2007; Christian Heim <phreak@gentoo.org>
812     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
813     +hardened-sources-2.6.18-r5.ebuild:
814     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
815     Linux 2.6.18.8. Also cleaning up the older version.
816    
817     *hardened-sources-2.6.18-r5 (06 Mar 2007)
818    
819     06 Mar 2007; Christian Heim <phreak@gentoo.org>
820     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
821     +hardened-sources-2.6.18-r5.ebuild:
822     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
823     Linux 2.6.18.8. Also cleaning up the older version.
824 phreak 1.137
825     24 Feb 2007; Christian Heim <phreak@gentoo.org>
826     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
827     -hardened-sources-2.6.19-r5.ebuild:
828     Removing some of the old version, that didn't work.
829 phreak 1.136
830     *hardened-sources-2.6.19-r6 (12 Feb 2007)
831    
832     12 Feb 2007; Christian Heim <phreak@gentoo.org>
833     +hardened-sources-2.6.19-r6.ebuild:
834     Revision bump, including a new grsec version fixing #166235.
835 pappy 1.134
836     *hardened-sources-2.4.34 (24 Jan 2007)
837    
838     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
839 pappy 1.135 Manifest:
840     updating Manifest with checksums of new tarball and ebuild
841    
842     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
843 pappy 1.134 +hardened-sources-2.4.34.ebuild:
844     I added new hardened sources 2.4 update, this is a critical path
845     security bugfix - all users of h-s are strongly advised
846     to update their existing hardened sources to this version.
847     It contains a fix for a kernel vulnerability that is pertaining
848     to the PaX changes to virtual memory management, possibly leading
849     to a local kernel exploit ... see grsecurity.net forums and homepage
850 phreak 1.133
851     23 Jan 2007; Christian Heim <phreak@gentoo.org>
852     files/digest-hardened-sources-2.6.19-r5, Manifest:
853     Fixing the patch-tarball digest.
854 phreak 1.132
855     *hardened-sources-2.6.19-r5 (23 Jan 2007)
856    
857     23 Jan 2007; Christian Heim <phreak@gentoo.org>
858     +hardened-sources-2.6.19-r5.ebuild:
859     Revision bump, closing the recently discovered PaX expand_stack()
860     vulnerability.
861 phreak 1.131
862     *hardened-sources-2.6.19-r4 (14 Jan 2007)
863    
864     14 Jan 2007; Christian Heim <phreak@gentoo.org>
865     +hardened-sources-2.6.19-r4.ebuild:
866     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
867     dropping the randomized PID feature.
868 opfer 1.130
869     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
870     hardened-sources-2.4.33.4.ebuild:
871     stable x86, bug #161171
872 phreak 1.129
873     *hardened-sources-2.6.19-r3 (27 Dec 2006)
874    
875     27 Dec 2006; Christian Heim <phreak@gentoo.org>
876     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
877     Revision bump for bug #157186 and #158786.
878 phreak 1.128
879     *hardened-sources-2.6.18-r4 (27 Dec 2006)
880    
881     27 Dec 2006; Christian Heim <phreak@gentoo.org>
882     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
883     Revision bump for bug #157186.
884 phreak 1.127
885     *hardened-sources-2.6.19-r2 (23 Dec 2006)
886    
887     23 Dec 2006; Christian Heim <phreak@gentoo.org>
888     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
889     Revision bump to pull in genpatches-2.6.19-3 for #157186.
890 phreak 1.126
891     17 Dec 2006; Christian Heim <phreak@gentoo.org>
892     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
893     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
894     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
895     hardened-sources-2.6.19-r1.ebuild:
896     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
897     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
898 pappy 1.125
899     *hardened-sources-2.4.33.4 (17 Dec 2006)
900    
901     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
902     +hardened-sources-2.4.33.4.ebuild:
903     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
904     and quilting
905 phreak 1.124
906     *hardened-sources-2.6.19-r1 (14 Dec 2006)
907    
908     14 Dec 2006; Christian Heim <phreak@gentoo.org>
909     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
910     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
911     for reporting).
912 phreak 1.123
913     *hardened-sources-2.6.19 (13 Dec 2006)
914    
915     13 Dec 2006; Christian Heim <phreak@gentoo.org>
916     +hardened-sources-2.6.19.ebuild:
917     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
918     Brad for providing that prompt update.
919 phreak 1.122
920     *hardened-sources-2.6.18-r3 (13 Dec 2006)
921    
922     13 Dec 2006; Christian Heim <phreak@gentoo.org>
923     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
924     +hardened-sources-2.6.18-r3.ebuild:
925     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
926     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
927 phreak 1.121
928     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
929     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
930 nixnut 1.120
931     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
932     Stable on ppc wrt bug 157356
933 opfer 1.119
934     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
935     hardened-sources-2.6.18.ebuild:
936     stable x86, bug #157356
937 phreak 1.118
938     *hardened-sources-2.6.18-r2 (06 Dec 2006)
939    
940     06 Dec 2006; Christian Heim <phreak@gentoo.org>
941     +hardened-sources-2.6.18-r2.ebuild:
942     Revision bump, including 2.6.18.5 (via genpatches) and
943     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
944     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
945     redesign.
946 phreak 1.117
947     06 Dec 2006; Christian Heim <phreak@gentoo.org>
948     hardened-sources-2.6.18.ebuild:
949     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
950     of Mike Doty).
951 phreak 1.116
952     *hardened-sources-2.6.18-r1 (23 Nov 2006)
953    
954     23 Nov 2006; Christian Heim <phreak@gentoo.org>
955     +hardened-sources-2.6.18-r1.ebuild:
956     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
957 phreak 1.115
958     *hardened-sources-2.6.18 (11 Nov 2006)
959    
960     11 Nov 2006; Christian Heim <phreak@gentoo.org>
961     +hardened-sources-2.6.18.ebuild:
962     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
963 solar 1.114
964     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
965     - mark amd64 stable also. bug #151877
966 solar 1.113
967     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
968     - mark 2.6.17-r1 stable
969 phreak 1.112
970     27 Aug 2006; Christian Heim <phreak@gentoo.org>
971     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
972     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
973 phreak 1.111
974     *hardened-sources-2.6.17-r1 (26 Aug 2006)
975    
976     26 Aug 2006; Christian Heim <phreak@gentoo.org>
977     +hardened-sources-2.6.17-r1.ebuild:
978     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
979     grsecurity patch.
980 phreak 1.110
981     *hardened-sources-2.6.17 (17 Aug 2006)
982    
983     17 Aug 2006; Christian Heim <phreak@gentoo.org>
984     +hardened-sources-2.6.17.ebuild:
985     Bumping the hardened-sources-2.6 series to 2.6.17, using
986     genpatches-2.6.17-6.base.
987 solar 1.109
988     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
989     - stable on x86 and amd64
990 solar 1.108
991     *hardened-sources-2.6.16-r11 (15 Jul 2006)
992    
993     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
994     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
995     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
996     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
997     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
998     crusty ebuilds
999 johnm 1.107
1000     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1001     hardened-sources-2.6.16-r10.ebuild:
1002     marking stable on x86 and amd64
1003 solar 1.106
1004     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1005     - 2.4.32-r6 stable on x86. RSBAC state unknown
1006 kang 1.105
1007     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1008    
1009     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1010     +hardened-sources-2.4.32-r7.ebuild:
1011     Bump PaX for RSBAC to test-17
1012 johnm 1.104
1013     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1014    
1015     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1016     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1017     hardened-sources-2.6.16 bump to latest -base.
1018 solar 1.103
1019     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1020    
1021     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1022     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1023     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1024     sysctl controlable resource logging
1025 johnm 1.102
1026     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1027    
1028     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1029     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1030     push new 2.6.16 release in preparation for stable
1031 solar 1.101
1032     22 May 2006; <solar@gentoo.org> :
1033     - redigest bug 134002
1034 kang 1.100
1035     *hardened-sources-2.4.32-r5 (16 May 2006)
1036    
1037     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1038     +hardened-sources-2.4.32-r5.ebuild:
1039     Fixes rsbac common patching (new patch in new -r5 patchset)
1040 solar 1.99
1041     *hardened-sources-2.4.32-r4 (13 May 2006)
1042    
1043     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1044     +hardened-sources-2.4.32-r4.ebuild:
1045     - security bumps
1046 johnm 1.98
1047     *hardened-sources-2.6.16-r6 (03 May 2006)
1048    
1049     03 May 2006; John Mylchreest <johnm@gentoo.org>
1050     +hardened-sources-2.6.16-r6.ebuild:
1051     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1052 johnm 1.97
1053     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1054     hardened-sources-2.6.14-r8.ebuild:
1055     fix x86_64 build problem, this will delay the digest issue again for a short
1056     while but it will sort itself out
1057 johnm 1.96
1058     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1059     hardened-sources-2.6.14-r8.ebuild:
1060     bump hardened patchset
1061 antarus 1.94
1062     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1063     files/digest-hardened-sources-2.4.32-r2,
1064     files/digest-hardened-sources-2.4.32-r3,
1065     files/digest-hardened-sources-2.6.14-r8, Manifest:
1066     Fixing duff SHA256 digests: Bug # 131293
1067 johnm 1.93
1068 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1069    
1070     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1071     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1072     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1073     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1074     cleanup of old uneccessary sources
1075    
1076 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1077     fix digest
1078 johnm 1.92
1079     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1080    
1081     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1082     +hardened-sources-2.6.14-r8.ebuild:
1083     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1084 johnm 1.91
1085     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1086     Turning on gpg-signing again, and recomitting
1087 johnm 1.90
1088     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1089    
1090     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1091     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1092     +hardened-sources-2.6.16-r4.ebuild:
1093     Fix numerous security vulns
1094 solar 1.89
1095     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1096    
1097     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1098     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1099     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1100     - security bump for bug #112791. Removed old ebuilds
1101 johnm 1.88
1102     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1103    
1104     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1105     +hardened-sources-2.6.16-r3.ebuild:
1106     Removing silly localversion which I missed
1107 johnm 1.87
1108     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1109    
1110     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1111     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1112     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1113 johnm 1.86
1114     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1115    
1116     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1117     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1118     +hardened-sources-2.6.16-r2.ebuild:
1119     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1120     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1121 johnm 1.85
1122     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1123    
1124     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1125     +hardened-sources-2.6.16-r1.ebuild:
1126     Bumping to include ppc build fix and 2.6.16.3
1127 tsunam 1.84
1128     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1129     hardened-sources-2.6.14-r6.ebuild:
1130     Stable on x86; bug #127718
1131 johnm 1.83
1132     *hardened-sources-2.6.16 (31 Mar 2006)
1133    
1134     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1135     +hardened-sources-2.6.16.ebuild:
1136     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1137     2.6.16.1
1138 cryos 1.82
1139     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1140     hardened-sources-2.6.14-r6.ebuild:
1141     Stable on amd64, bug 127718.
1142 nixnut 1.81
1143     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1144     Stable on ppc. Bug #127718
1145 johnm 1.80
1146     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1147     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1148     -hardened-sources-2.6.14-r4.ebuild:
1149     Cleanup.
1150 johnm 1.79
1151     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1152    
1153     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1154     +hardened-sources-2.6.14-r6.ebuild:
1155     Fixes grsec policy recreation bug and adds a
1156     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1157 solar 1.78
1158     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1159     - stable on x86
1160 hansmi 1.77
1161     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1162     hardened-sources-2.6.14-r5.ebuild:
1163     Stable on ppc.
1164 johnm 1.76
1165     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1166    
1167     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1168     +hardened-sources-2.6.14-r5.ebuild:
1169     fixing every known exploit
1170 solar 1.75
1171     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1172    
1173     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1174     +hardened-sources-2.4.32-r2.ebuild:
1175     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1176 solar 1.74
1177     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1178    
1179     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1180     - version bump for new genpatches which fix up a few sec holes
1181 solar 1.73
1182     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1183    
1184     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1185     - revision bump to add misc vital linux kernel security patches.
1186 johnm 1.72
1187     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1188    
1189     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1190     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1191     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1192 johnm 1.71
1193     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1194     hardened-sources-2.6.14-r2.ebuild:
1195     making x86 & amd64 stable following testing.
1196 johnm 1.70
1197     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1198    
1199     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1200     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1201     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1202     network hooks.
1203 johnm 1.69
1204     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1205     hardened-sources-2.6.14-r1.ebuild:
1206     bumping to stable early for sec fix on x86 & amd64
1207 johnm 1.68
1208     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1209    
1210     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1211     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1212     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1213 solar 1.67
1214     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1215     - stable on x86 security bug #114227 CAN-2005-3257
1216 kang 1.66
1217     *hardened-sources-2.4.32 (19 Nov 2005)
1218    
1219     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1220     +hardened-sources-2.4.32.ebuild:
1221     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1222     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1223     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1224     rsbac >> /etc/portage/package.use)
1225 johnm 1.65
1226     *hardened-sources-2.6.14 (14 Nov 2005)
1227    
1228     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1229     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1230     Bumping 2.6 series to 2.6.14.2
1231 johnm 1.64
1232     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1233    
1234     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1235     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1236     +hardened-sources-2.6.13-r2.ebuild:
1237     Fixes minor build error in ppc.
1238 johnm 1.63
1239     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1240    
1241     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1242     +hardened-sources-2.6.13-r1.ebuild:
1243     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1244     2.6.13.4, fixes some major amd64 stability problems.
1245 johnm 1.62
1246     *hardened-sources-2.6.13 (16 Sep 2005)
1247    
1248     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1249     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1250     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1251     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1252     users should test this thoroughly.
1253 solar 1.61
1254     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1255     - stable on x86
1256 johnm 1.60
1257     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1258    
1259     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1260     +hardened-sources-2.6.11-r15.ebuild:
1261     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1262     grsec redefining curr_ip struct.
1263 solar 1.59
1264     *hardened-sources-2.4.31 (20 Jun 2005)
1265    
1266     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1267     initial import of 2.4.31 tree
1268 johnm 1.58
1269     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1270    
1271     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1272     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1273     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1274     naming scheme to abide by genpatches
1275 johnm 1.57
1276     *hardened-sources-2.6.11-r13 (18 May 2005)
1277    
1278     18 May 2005; John Mylchreest <johnm@gentoo.org>
1279     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1280     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1281     target. sorry about that. Fixes bug #93022
1282 johnm 1.56
1283     *hardened-sources-2.6.11-r12 (17 May 2005)
1284    
1285     17 May 2005; John Mylchreest <johnm@gentoo.org>
1286     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1287     +hardened-sources-2.6.11-r12.ebuild:
1288     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1289     merges in genpatches-base
1290 johnm 1.55
1291     *hardened-sources-2.6.11-r12 (17 May 2005)
1292    
1293     17 May 2005; John Mylchreest <johnm@gentoo.org>
1294     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1295     +hardened-sources-2.6.11-r12.ebuild:
1296     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1297     merges in genpatches-base
1298 solar 1.54
1299     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1300     -files/2.4.27-cmdline-race.patch,
1301     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1302     -files/2.4.28-grsec-binfmt_a.out.patch,
1303     -files/2.4.28-grsec-cmdline-race.patch,
1304     -files/2.4.28-selinux-binfmt_a.out.patch,
1305     -files/2.4.28-selinux-cmdline-race.patch,
1306     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1307     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1308     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1309     cleanup..
1310 solar 1.53
1311     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1312    
1313     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1314     - disable aout by default
1315 solar 1.52
1316     *hardened-sources-2.4.30 (18 Apr 2005)
1317    
1318     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1319     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1320     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1321     use
1322 tocharian 1.50
1323 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1324    
1325     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1326     +hardened-sources-2.4.29.ebuild:
1327     New hardened-patches-2.4-29.0 patchball.
1328     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1329    
1330     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1331    
1332     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1333     +hardened-sources-2.4.28-r5.ebuild:
1334     Added a fix for a PaX vulnerability.
1335    
1336     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1337 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1338     Stable on x86
1339 solar 1.49
1340     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1341     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1342     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1343     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1344     - fixed/added RDEPEND= in all kernel-2 ebuilds
1345 tocharian 1.48
1346     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1347    
1348     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1349     +hardened-sources-2.4.28-r4.ebuild:
1350     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1351     backport of neighbour hash updates.
1352 tocharian 1.47
1353     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1354     hardened-sources-2.4.28-r3.ebuild:
1355     Stable on x86
1356 tseng 1.46
1357     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1358    
1359     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1360     +hardened-sources-2.6.10-r3.ebuild:
1361     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1362     in 2005.0
1363 tocharian 1.45
1364     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1365     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1366     hardened-sources-2.4.28-r2.ebuild:
1367     Mark stable on x86
1368 tocharian 1.44
1369     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1370    
1371     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1372     +hardened-sources-2.4.28-r3.ebuild:
1373     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1374 tocharian 1.43
1375     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1376     hardened-sources-2.4.28.ebuild:
1377     Mark stable on x86.
1378 tocharian 1.42
1379     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1380    
1381     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1382     +hardened-sources-2.4.28-r2.ebuild:
1383     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1384     Mazinger for grsecurity patches as well.
1385 plasmaroo 1.41
1386     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1387    
1388     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1389     Security bump. Thank tocharian for rolling a new patchset...
1390 solar 1.40
1391     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1392     +files/2.4.28-grsec-cmdline-race.patch,
1393     +files/2.4.28-selinux-binfmt_a.out.patch,
1394     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1395     - Round up remaining security patches that appear to be missing in 2.4.28. -
1396     PaX standalone updated to current. hgpv=28.1
1397 solar 1.39
1398     *hardened-sources-2.4.28 (28 Nov 2004)
1399    
1400     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1401     security bump. Thank tocharian for rolling a new patchset
1402 scox 1.31
1403 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1404    
1405     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1406     +hardened-sources-2.4.27-r3.ebuild:
1407     Applies the new 2.4-27.2 patchball which updates
1408     GRSecurity to the 2.0.1 version.
1409    
1410 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1411    
1412     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1413     +hardened-sources-2.4.27-r2.ebuild:
1414     Version bump.
1415     This version uses the new 2.4-27.1 patchball which updates
1416     both the SELinux PaX hooks patch and the SELinux headers.
1417    
1418 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1419    
1420     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1421     +hardened-sources-2.4.27-r1.ebuild,
1422     -hardened-sources-2.4.27.ebuild,
1423     +files/2.4.27-cmdline-race.patch:
1424     Version bump, fix for cmdline race. See bug #59905.
1425    
1426     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1427    
1428     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1429     +hardened-sources-2.4.26-r6.ebuild,
1430     -hardened-sources-2.4.26-r5.ebuild,
1431     -hardened-sources-2.4.26-r4.ebuild,
1432     +files/2.4.26-cmdline-race.patch:
1433     Version bump, fix for cmdline race. See bug #59905.
1434    
1435 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1436    
1437     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1438     +hardened-sources-2.4.27.ebuild,
1439     +files/2.4.27-CAN-2004-0394.patch:
1440     Ported the patchball to the 2.4.27 kernel version.
1441    
1442 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1443    
1444     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1445     +hardened-sources-2.4.26-r5.ebuild:
1446 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1447 scox 1.34 It adds the following features:
1448     - Squashfs
1449     - Ebtables
1450     - Netdev random (core+drivers)
1451     - Watchdog Timer (WDT) fix.
1452    
1453 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1454    
1455     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1456     +hardened-sources-2.4.26-r4.ebuild,
1457     +files/2.4.26-CAN-2004-0415.patch,
1458     -hardened-sources-2.4.26-3:
1459     Version bump, fix for CAN 0415, see bug #59378.
1460    
1461 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1462    
1463     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1464     +hardened-sources-2.4.26-r3.ebuild,
1465     +files/2.4.26-CAN-2004-0497.patch,
1466     -hardened-sources-2.4.26-r2.ebuild:
1467     Version bump, fixed CAN 0497, see bug #56171.
1468    
1469 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1470    
1471     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1472 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1473 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1474     +files/2.4.26-CAN-2004-0535.patch,
1475     -hardened-sources-2.4.26-r1.ebuild:
1476     Fixes for both CAN 0495 and 0535, see bug #54976
1477 pvdabeel 1.27
1478 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1479     hardened-sources-2.4.26-r1.ebuild:
1480     QA - fix use invocation
1481 scox 1.28
1482     *hardened-sources-2.4.26-r1 (22 June 2004)
1483    
1484     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1485     +hardened-sources-2.4.26-r1.ebuild,
1486     +files/2.4.26-CAN-2004-0394.patch,
1487     +files/2.4.26-signal-race.patch,
1488     -hardened-sources-2.4.26.ebuild,
1489     -hardened-sources-2.4.24-r3.ebuild:
1490     Version bump for the CAN-2004-0394 issue and bug #53804
1491     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1492    
1493    
1494 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1495     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1496     Masked hardened-sources-2.4.26.ebuild broken for ppc
1497    
1498     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1499     hardened-sources-2.4.24-r3.ebuild:
1500     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1501 plasmaroo 1.25
1502 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1503    
1504     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1505     +hardened-sources-2.4.26.ebuild:
1506     Updated hardened-sources for the 2.4.26 kernel
1507     Removed broken components, updated almost everything.
1508    
1509 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1510    
1511     17 Apr 2004; <plasmaroo@gentoo.org>
1512     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1513     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1514     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1515     +hardened-sources-2.4.24-r3.ebuild:
1516     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1517     vulnerabilities. Old revisions removed.
1518 plasmaroo 1.24
1519     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1520    
1521     15 Apr 2004; <plasmaroo@gentoo.org>
1522     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1523     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1524     Version bump for the CAN-2004-0109 issue; bug #47881.
1525 aliz 1.23
1526     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1527     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1528     Add eutils to inherit.
1529 plasmaroo 1.22
1530     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1531    
1532     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1533     files/hardened-sources-2.4.24.munmap.patch:
1534     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1535 scox 1.19
1536 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1537 scox 1.26
1538 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1539     hardened-sources-2.4.24.ebuild:
1540     Version bump, updated most of the components.
1541     This release includes the following:
1542    
1543     - Hardened security
1544     - Netfilter patch-o-matic 20031219
1545     - FreeSWAN 2.04 & x509 1.4.8
1546     - EVMS 2.2.2
1547     - XFS 1.3.1
1548     - cryptoloop jari
1549     - grsecurity 2.0-rc4
1550     - SELinux
1551     - PaX 200402060000
1552     - PaX Obscurity 200308302223
1553     - Others...
1554    
1555     Neither -ck nor systrace are included anymore.
1556    
1557 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1558    
1559     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1560     hardened-sources-2.4.22-r2.ebuild:
1561 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1562 scox 1.19
1563     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1564 iggy 1.17
1565     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1566 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1567 iggy 1.16
1568     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1569 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1570     Version bump for the 'do_brk' vulnerability.
1571 iggy 1.15
1572     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1573     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1574     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1575     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1576 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1577 frogger 1.14
1578     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1579     hardened-sources-2.4.22.ebuild:
1580 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1581     components. These are no longer handled in the kernel
1582     so this code was not necessary.
1583 frogger 1.13
1584     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1585     New 2.4.22 based hardened-sources thanks to
1586     Phil West <p.west@computer.org>.
1587    
1588     These sources include:
1589 plasmaroo 1.18 - New SELinux API
1590     - Updated CK-base
1591     - Updated GRSec
1592     - Systrace
1593     - SuperFreeS/WAN 1.99.8
1594     - Propolice kernel build support
1595     - EVMS
1596     - Other various security related patches
1597 frogger 1.11
1598 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1599    
1600     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1601     Updated hardened-sources based on the 2.4.21 Linux kernel.
1602     This includes updates to most major components such as:
1603 plasmaroo 1.18 - ck-base-0306300059
1604     - selinux-2.4-2003071106
1605     - grsecurity-2.0-rc1
1606     - Updated IPTables patch-o-matic
1607     - Updated SuperFreeS/WAN
1608    
1609 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1610     updated patch set ready for the 2.4.21 based kernel.
1611    
1612 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1613     Initial import of hardened-sources-2.4.20-r4. This revision
1614     includes only a few changes, but one of these is an important
1615     security fix. It is recommended all users of hardened-sources
1616     upgrade to this release.
1617 plasmaroo 1.18
1618 frogger 1.11 - ioperm bug fix
1619     - fixed compilation failure when building without GRSec
1620 plasmaroo 1.18
1621 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1622     due to time constraints, but is planned for inclusion in the near
1623     future.
1624 msterret 1.10
1625     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1626    
1627     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1628     hardened-sources-2.4.20-r3.ebuild:
1629 plasmaroo 1.18 Add Header...
1630 frogger 1.9
1631     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1632     hardened-sources-2.4.20-r3.ebuild:
1633     Removed warnings from ebuild. This kernel should be safe to
1634     use at this point.
1635 frogger 1.8
1636     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1637    
1638     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1639     hardened-sources-2.4.20-r3.ebuild:
1640     New revision. Includes the following changes over -r2:
1641 plasmaroo 1.18
1642 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1643     - Super FreeS/WAN 1.99.7rc2
1644     - PaX for the LSM/SELinux branch
1645     - GRSecurity 2.0-pre4 (role based access control)
1646     - Systrace 1.3
1647     - EXT3 fixes
1648     - EVMS 2.0.1
1649     - GCC 3.1+ compile optimizations
1650     - ProPolice kernel build support
1651     - Hashing table security fixes
1652 frogger 1.3
1653     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1654 frogger 1.7
1655     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1656     Initial import of hardened-sources-r2. This new
1657     ebuild includes many new performance and security
1658     related patches. As in -r1, it will patch in
1659     LSM/SELinux if "selinux" is in USE, otherwise it
1660     will patch in GRSecurity. The following patches
1661     are included in this revision:
1662 plasmaroo 1.18
1663 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1664     (pulled from the base CK patch)
1665     - ptrace exploit patch for the LSM kernel
1666     (the GRSec patch already fixes this)
1667     - LSM 2.4-2003040709
1668     - SELinux 2.4-2003040709
1669     - Systrace v1.2
1670     - IPTables patch-o-matic base patches - 20030107
1671     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1672     - Super FreeS/WAN 1.99.6.1
1673     - GRSecurity 1.9.9g
1674     - MPPE
1675     - EXT3 data journal fix
1676     - CIPE 1.5.4
1677 frogger 1.6
1678     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1679     hardened-sources-2.4.20-r1.ebuild, manifest:
1680 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1681 frogger 1.5
1682     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1683     hardened-sources-2.4.20-r1.ebuild:
1684     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1685     is patched in instead. Ptrace patches for selinux have also been added. In
1686     either case, systrace support will be patched in as well.
1687 frogger 1.3
1688     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1689     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1690 plasmaroo 1.18 Revision bump for new sources.
1691 frogger 1.4
1692 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1693 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1694 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1695 method 1.1
1696 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1697    
1698 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1699     hardened-sources-2.4.20.ebuild:
1700 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20