/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.283 - (hide annotations) (download)
Sun Jan 25 08:16:01 2009 UTC (5 years, 7 months ago) by gengor
Branch: MAIN
Changes since 1.282: +7 -1 lines
Add initial 2.6.28 release
(Portage version: 2.1.6.4/cvs/Linux 2.6.28-hardened-rc1-2009012401 i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.283 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.282 2009/01/25 08:04:08 gengor Exp $
4    
5     *hardened-sources-2.6.28 (25 Jan 2009)
6    
7     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.28.ebuild:
9     Initial 2.6.28 release.
10 gengor 1.282
11     *hardened-sources-2.6.27-r7 (25 Jan 2009)
12    
13     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
14     +hardened-sources-2.6.27-r7.ebuild:
15     Bump to Linux 2.6.27.13.
16 gengor 1.281
17     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
18     hardened-sources-2.6.26-r9.ebuild:
19     Stable amd64/x86.
20 gengor 1.280
21     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
22     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
23     -hardened-sources-2.6.27-r5.ebuild:
24     Remove problem versions.
25 gengor 1.279
26     *hardened-sources-2.6.27-r6 (24 Jan 2009)
27    
28     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
29     +hardened-sources-2.6.27-r6.ebuild:
30     Revert PaX test29 to test30 changes. Fixes bug 256226.
31 gengor 1.277
32     *hardened-sources-2.6.27-r5 (24 Jan 2009)
33    
34     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
35     +hardened-sources-2.6.27-r5.ebuild:
36 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
37 gengor 1.277 254843.
38 gengor 1.276
39     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
40     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
41     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
42     Remove problem versions.
43 nixnut 1.275
44     23 Jan 2009; nixnut <nixnut@gentoo.org>
45     hardened-sources-2.6.25-r13.ebuild:
46     ppc stable
47 gengor 1.274
48     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
49     hardened-sources-2.6.25-r13.ebuild:
50     Fasttrack stable amd64/x86.
51 gengor 1.273
52     *hardened-sources-2.6.26-r9 (21 Jan 2009)
53    
54     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
55     +hardened-sources-2.6.26-r9.ebuild:
56 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
57 gengor 1.272
58     *hardened-sources-2.6.25-r13 (20 Jan 2009)
59    
60     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
61     +hardened-sources-2.6.25-r13.ebuild:
62 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
63 nixnut 1.271
64     20 Jan 2009; nixnut <nixnut@gentoo.org>
65     hardened-sources-2.6.25-r12.ebuild:
66     ppc stable
67 gengor 1.270
68     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
69     hardened-sources-2.6.25-r12.ebuild:
70     Stable amd64/x86.
71 gengor 1.269
72     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
73     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
74     -hardened-sources-2.6.27-r2.ebuild:
75     Clean out old versions.
76 gengor 1.268
77     *hardened-sources-2.6.27-r4 (14 Jan 2009)
78     *hardened-sources-2.6.26-r8 (14 Jan 2009)
79     *hardened-sources-2.6.25-r12 (14 Jan 2009)
80    
81     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
82     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
83     +hardened-sources-2.6.27-r4.ebuild:
84     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
85     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
86     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
87     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
88 nixnut 1.267
89     15 Dec 2008; nixnut <nixnut@gentoo.org>
90     hardened-sources-2.6.25-r11.ebuild:
91     Stable on ppc
92 gengor 1.266
93     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
94     hardened-sources-2.6.25-r11.ebuild:
95     Stable amd64/x86.
96 gengor 1.265
97     *hardened-sources-2.6.27-r3 (07 Dec 2008)
98    
99     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
100     +hardened-sources-2.6.27-r3.ebuild:
101     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
102     Fixes bug #248754, #249729 and #246607.
103 gengor 1.264
104     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
105     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
106     Remove old versions.
107 gengor 1.262
108     *hardened-sources-2.6.26-r7 (03 Dec 2008)
109     *hardened-sources-2.6.25-r11 (03 Dec 2008)
110    
111 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
112     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
113 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
114     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
115     Both include many backports from 2.6.27.{6,7} -stable releases.
116 gengor 1.261
117     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
118     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
119     Remove versions broken on ARCHes != x86/amd64.
120 gengor 1.260
121     *hardened-sources-2.6.27-r2 (24 Nov 2008)
122    
123     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
124     +hardened-sources-2.6.27-r2.ebuild:
125     Bump to Linux 2.6.27.7 and latest grsecurity patch.
126 gengor 1.259
127     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
128     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
129     Remove old versions.
130 gengor 1.258
131     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
132     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
133     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
134 nixnut 1.257
135     16 Nov 2008; nixnut <nixnut@gentoo.org>
136     hardened-sources-2.6.25-r10.ebuild:
137     Stable on ppc
138 gengor 1.256
139     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
140     hardened-sources-2.6.25-r10.ebuild:
141     Stable amd64/x86.
142 gengor 1.255
143     *hardened-sources-2.6.26-r6 (12 Nov 2008)
144    
145     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
146     +hardened-sources-2.6.26-r6.ebuild:
147     Bump to Linux 2.6.26.8 and fix security bug #245650.
148 gengor 1.254
149     *hardened-sources-2.6.25-r10 (12 Nov 2008)
150    
151     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
152     +hardened-sources-2.6.25-r10.ebuild:
153     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
154 gengor 1.253
155     *hardened-sources-2.6.27-r1 (09 Nov 2008)
156    
157     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
158     +hardened-sources-2.6.27-r1.ebuild:
159     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
160 gengor 1.252
161     *hardened-sources-2.6.27 (04 Nov 2008)
162    
163     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
164     +hardened-sources-2.6.27.ebuild:
165     Initial 2.6.27 release.
166 gengor 1.251
167     *hardened-sources-2.6.26-r5 (03 Nov 2008)
168    
169     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
170     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
171     +hardened-sources-2.6.26-r5.ebuild:
172     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
173     Clean out some old versions.
174 nixnut 1.250
175     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
176     Stable on ppc
177 gengor 1.249
178     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
179     hardened-sources-2.6.25-r9.ebuild:
180     Stable on amd64/x86.
181 gengor 1.248
182     *hardened-sources-2.6.25-r9 (26 Oct 2008)
183    
184     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
185     +hardened-sources-2.6.25-r9.ebuild:
186     Update to Linux 2.6.25.19
187 nixnut 1.247
188     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
189     Stable on ppc
190 gengor 1.246
191     *hardened-sources-2.6.26-r4 (14 Oct 2008)
192    
193     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
194     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
195     Update to latest grsecurity patch, fixing building of non-modular kernels.
196 gengor 1.245
197     *hardened-sources-2.6.26-r3 (12 Oct 2008)
198    
199     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
200     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
201     +hardened-sources-2.6.26-r3.ebuild:
202     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
203     2.6.26-r1: Removed.
204     2.6.25-r8: Stable amd64/x86.
205 gengor 1.244
206     *hardened-sources-2.6.25-r8 (09 Oct 2008)
207    
208     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
209     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
210     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
211     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
212 nixnut 1.243
213     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
214     Stable on ppc
215 gengor 1.242
216     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
217     hardened-sources-2.6.25-r7.ebuild:
218     Stable amd64/x86.
219 gengor 1.241
220     *hardened-sources-2.6.26-r2 (13 Sep 2008)
221    
222     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
223     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
224     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
225     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
226 gengor 1.240
227     *hardened-sources-2.6.25-r7 (13 Sep 2008)
228    
229     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
230     +hardened-sources-2.6.25-r7.ebuild:
231     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
232 gengor 1.239
233     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
234     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
235     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
236     hardened-sources-2.6.26-r1.ebuild:
237     Update DESCRIPTION and HGPV_URI.
238 gengor 1.238
239     *hardened-sources-2.6.25-r6 (09 Sep 2008)
240    
241     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
242     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
243     2.6.25-r6: Update to Linux 2.6.25.17.
244     2.6.24-r3: Removed.
245 gengor 1.237
246     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
247     hardened-sources-2.6.25-r5.ebuild:
248     Stable on amd64/x86
249 gengor 1.236
250     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
251     Update my email address.
252 nixnut 1.235
253     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
254     stable on ppc
255 battousai 1.234
256     *hardened-sources-2.6.26-r1 (23 Aug 2008)
257     *hardened-sources-2.6.25-r5 (23 Aug 2008)
258    
259     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
260     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
261     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
262     +hardened-sources-2.6.26-r1.ebuild:
263     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
264     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
265     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
266     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
267     (gengor).
268 solar 1.233
269     *hardened-sources-2.6.26 (18 Aug 2008)
270     *hardened-sources-2.6.25-r4 (18 Aug 2008)
271    
272     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
273     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
274     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
275     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
276     2.6.25-r2: Removed.
277 tove 1.232
278     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
279     Remove phreak from metadata.xml (#96398)
280 solar 1.231
281     *hardened-sources-2.6.25-r3 (31 Jul 2008)
282    
283     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
284     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
285     +hardened-sources-2.6.25-r3.ebuild:
286     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
287     fixes, including security bug #231750.
288 nixnut 1.230
289     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
290     Stable on ppc
291 solar 1.229
292     *hardened-sources-2.6.25-r2 (05 Jul 2008)
293    
294     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
295     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
296     +hardened-sources-2.6.25-r2.ebuild:
297     2.6.23-r4: Stable x86/amd64
298     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
299     2.6.23-r{11,12}: Removed due to multiple vulns.
300     (gengor & kerframil)
301 nixnut 1.228
302     04 Jul 2008; nixnut <nixnut@gentoo.org>
303     hardened-sources-2.6.23-r13.ebuild:
304     Stable on ppc
305 solar 1.227
306     *hardened-sources-2.6.25-r1 (30 Jun 2008)
307    
308     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
309     +hardened-sources-2.6.25-r1.ebuild:
310     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
311     grsecurity release. 2.6.23-r13: x86/amd64 stable
312 solar 1.226
313     *hardened-sources-2.6.25 (17 Jun 2008)
314     *hardened-sources-2.6.24-r3 (17 Jun 2008)
315     *hardened-sources-2.6.23-r13 (17 Jun 2008)
316    
317     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
318     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
319     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
320     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
321     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
322     2.6.25: Initial 2.6.25 release.
323 solar 1.225
324     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
325     - fasttrack to stable x86/amd64
326 swegener 1.224
327     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
328     Fix broken digest for linux-2.6.24.tar.bz2.
329 solar 1.223
330     *hardened-sources-2.6.24-r2 (11 May 2008)
331     *hardened-sources-2.6.23-r12 (11 May 2008)
332    
333     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
334     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
335     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
336     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
337     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
338     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
339     security bugs 219901, 220691, 220975, 220979, 221123. New
340     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
341     should be removed as far as I'm concerned, everything else remove due to
342     vulnerable to numerous security bugs or brokeness.
343 nixnut 1.222
344     10 May 2008; nixnut <nixnut@gentoo.org>
345     hardened-sources-2.6.23-r11.ebuild:
346     Stable on ppc
347 solar 1.221
348     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
349     - -r11 stable on x86/amd64
350 solar 1.220
351     *hardened-sources-2.6.23-r11 (01 May 2008)
352    
353     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
354     - version bump to fix ulgy linux bugs
355 phreak 1.219
356     *hardened-sources-2.6.24-r1 (30 Apr 2008)
357    
358     30 Apr 2008; Christian Heim <phreak@gentoo.org>
359     +hardened-sources-2.6.24-r1.ebuild:
360     Revision bump (thanks to Kerin and Gordon, again), pulling
361     genpatches-2.6.24-7, solving #219089. Additionally contains further security
362     fixes plus some minor updates.
363 phreak 1.218
364     *hardened-sources-2.6.23-r10 (30 Apr 2008)
365    
366     30 Apr 2008; Christian Heim <phreak@gentoo.org>
367     +hardened-sources-2.6.23-r10.ebuild:
368     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
369     Additional contains "various other fixes".
370 phreak 1.217
371     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
372     Update the longdescription in metadata, thanks to Gordon Malm.
373 nixnut 1.216
374     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
375     Stable on ppc wrt bug #213255
376 solar 1.215
377     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
378     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
379     - stable on x86/amd64 per request. Removed obsolete ebuilds
380 phreak 1.214
381     *hardened-sources-2.6.24 (07 Apr 2008)
382    
383     07 Apr 2008; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.24.ebuild:
385     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
386     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
387     for the many contributions and their continued effort in #216612) based on
388     2.6.24 and genpatches-2.6.24-5.
389    
390     The current ebuild/patchset contains these things:
391     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
392     * Introduces bespoke server and workstation oriented security levels
393     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
394 phreak 1.213
395     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
396     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
397     maintaining it).
398 phreak 1.212
399     24 Mar 2008; Christian Heim <phreak@gentoo.org>
400     hardened-sources-2.4.35-r2.ebuild:
401     Fixing SRC_URI for 2.4.35-r2.
402 phreak 1.211
403     *hardened-sources-2.6.23-r9 (22 Mar 2008)
404    
405     22 Mar 2008; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.23-r9.ebuild:
407     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
408     * Change the default GIDs for some grsecurity options
409     * Revamp the Hardened [Gentoo] security level and make it the default level
410     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
411     * Fix a recursive lock -- call to capable() within ptrace_attach()
412     * Fix bug that allows audit and iscsi operations to be controlled via netlink
413 solar 1.210
414     *hardened-sources-2.6.23-r8 (27 Feb 2008)
415    
416     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
417     - version bump from Kerin Millar bug 210026
418 solar 1.209
419     17 Feb 2008; <solar@gentoo.org> metadata.xml,
420     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
421     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
422     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
423     - stable on x86 and remove old ebuilds
424 solar 1.207
425     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
426 solar 1.208 - stable on amd64 per request of amd64 lead
427 solar 1.206
428     *hardened-sources-2.6.23-r7 (11 Feb 2008)
429    
430     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
431     - version bump from kerin.millar
432     Changes:
433    
434     * Bump to genpatches-base-2.6.23-9
435     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
436     * Disables COMPAT_VDSO in x86/defconfig
437     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
438 phreak 1.205
439     25 Jan 2008; Christian Heim <phreak@gentoo.org>
440     -hardened-sources-2.6.22-r8.ebuild:
441     Cleaning up old versions.
442 phreak 1.204
443     *hardened-sources-2.6.23-r6 (25 Jan 2008)
444    
445     25 Jan 2008; Christian Heim <phreak@gentoo.org>
446     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
447     Revision bump, pulling in the latest genpatches.
448 phreak 1.203
449     *hardened-sources-2.6.23-r5 (24 Dec 2007)
450    
451     24 Dec 2007; Christian Heim <phreak@gentoo.org>
452     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
453     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
454     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
455     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
456 phreak 1.202
457     24 Dec 2007; Christian Heim <phreak@gentoo.org>
458     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
459     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
460     -hardened-sources-2.6.23-r3.ebuild:
461     Cleaning out some unused, old versions.
462 phreak 1.201
463     24 Dec 2007; Christian Heim <phreak@gentoo.org>
464     hardened-sources-2.6.23-r4.ebuild:
465     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
466     in the tree for long, but there isn't much of a difference between this and
467     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
468 phreak 1.200
469     *hardened-sources-2.6.23-r4 (23 Dec 2007)
470    
471     23 Dec 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.23-r4.ebuild:
473     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
474 phreak 1.199
475     *hardened-sources-2.6.23-r3 (04 Dec 2007)
476    
477     04 Dec 2007; Christian Heim <phreak@gentoo.org>
478     +hardened-sources-2.6.23-r3.ebuild:
479     Revision bump, pulling in 2.6.23.9.
480 phreak 1.198
481     *hardened-sources-2.6.23-r2 (25 Nov 2007)
482    
483     25 Nov 2007; Christian Heim <phreak@gentoo.org>
484     +hardened-sources-2.6.23-r2.ebuild:
485     Updated patchset, thanks to solar.
486 phreak 1.197
487     *hardened-sources-2.6.23-r1 (31 Oct 2007)
488    
489     31 Oct 2007; Christian Heim <phreak@gentoo.org>
490     +hardened-sources-2.6.23-r1.ebuild:
491     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
492 solar 1.196
493     29 Oct 2007; <solar@gentoo.org> metadata.xml:
494     - update metadata.xml
495 phreak 1.195
496     25 Oct 2007; Christian Heim <phreak@gentoo.org>
497     hardened-sources-2.6.22-r8.ebuild:
498     Marking 2.6.22-r8 stable on amd64 and x86.
499 phreak 1.194
500     21 Oct 2007; Christian Heim <phreak@gentoo.org>
501     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
502     -hardened-sources-2.6.21-r4.ebuild:
503     Removing old ebuilds.
504 phreak 1.193
505     *hardened-sources-2.4.35-r2 (21 Oct 2007)
506    
507     21 Oct 2007; Christian Heim <phreak@gentoo.org>
508     +hardened-sources-2.4.35-r2.ebuild:
509     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
510     patches.
511 phreak 1.192
512     *hardened-sources-2.6.22-r8 (21 Oct 2007)
513    
514     21 Oct 2007; Christian Heim <phreak@gentoo.org>
515     +hardened-sources-2.6.22-r8.ebuild:
516     Yet another new patch, hopefully fixing the remaining issues we had w/
517     2.6.22. Candidate for stabling.
518 phreak 1.191
519     *hardened-sources-2.6.23 (13 Oct 2007)
520    
521     13 Oct 2007; Christian Heim <phreak@gentoo.org>
522     +hardened-sources-2.6.23.ebuild:
523     Initial hardened-sources-2.6.23. If people still have problems w/ bug
524     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
525 phreak 1.190
526     11 Oct 2007; Christian Heim <phreak@gentoo.org>
527     hardened-sources-2.6.20-r10.ebuild:
528     Pulling in yet another new genpatches version, fixing the PWC bug for real.
529 phreak 1.189
530     04 Oct 2007; Christian Heim <phreak@gentoo.org>
531     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
532     Removing old versions.
533 phreak 1.188
534     *hardened-sources-2.6.22-r7 (01 Oct 2007)
535    
536     01 Oct 2007; Christian Heim <phreak@gentoo.org>
537     +hardened-sources-2.6.22-r7.ebuild:
538     Revision bump, pulling in a newer patch. Should fix #194276.
539 phreak 1.187
540     30 Sep 2007; Christian Heim <phreak@gentoo.org>
541     hardened-sources-2.6.20-r10.ebuild:
542     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
543     Mike Doty).
544 phreak 1.186
545     *hardened-sources-2.6.22-r6 (26 Sep 2007)
546    
547     26 Sep 2007; Christian Heim <phreak@gentoo.org>
548     +hardened-sources-2.6.22-r6.ebuild:
549     Revision bump, grabbing up till Linux 2.6.22.9.
550 phreak 1.185
551     24 Sep 2007; Christian Heim <phreak@gentoo.org>
552     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
553     Cleaning up further.
554 phreak 1.184
555     *hardened-sources-2.6.20-r10 (24 Sep 2007)
556    
557     24 Sep 2007; Christian Heim <phreak@gentoo.org>
558     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
559     +hardened-sources-2.6.20-r10.ebuild:
560     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
561     revisions.
562 phreak 1.183
563     *hardened-sources-2.6.22-r5 (22 Sep 2007)
564    
565     22 Sep 2007; Christian Heim <phreak@gentoo.org>
566     +hardened-sources-2.6.22-r5.ebuild:
567     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
568 phreak 1.182
569     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
570     Removing johnm from metadata.xml (see #186467 for reference).
571 phreak 1.181
572     *hardened-sources-2.6.22-r4 (17 Sep 2007)
573    
574     17 Sep 2007; Christian Heim <phreak@gentoo.org>
575     +hardened-sources-2.6.22-r4.ebuild:
576     Revision bump, hopefully fixing all those weird PAX failures.
577 phreak 1.180
578     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
579     Updating the metadata.xml.
580 phreak 1.179
581     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
582     Removing tocharian from metadata due to his retirement (see #71718 for
583     reference).
584 phreak 1.178
585     *hardened-sources-2.6.20-r9 (30 Aug 2007)
586    
587     30 Aug 2007; Christian Heim <phreak@gentoo.org>
588     +hardened-sources-2.6.20-r9.ebuild:
589     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
590 phreak 1.177
591     29 Aug 2007; Christian Heim <phreak@gentoo.org>
592     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
593     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
594     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
595     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
596     -hardened-sources-2.6.22-r2.ebuild:
597     Removing some redundant versions.
598 phreak 1.176
599     *hardened-sources-2.4.35-r1 (29 Aug 2007)
600    
601     29 Aug 2007; Christian Heim <phreak@gentoo.org>
602     +hardened-sources-2.4.35-r1.ebuild:
603     Revision bump, new grsecurity patch.
604 phreak 1.175
605     *hardened-sources-2.6.20-r8 (26 Aug 2007)
606    
607     26 Aug 2007; Christian Heim <phreak@gentoo.org>
608     +hardened-sources-2.6.20-r8.ebuild:
609     Revision bump for Linux 2.6.20.17.
610 phreak 1.174
611     *hardened-sources-2.6.22-r3 (22 Aug 2007)
612    
613     22 Aug 2007; Christian Heim <phreak@gentoo.org>
614     +hardened-sources-2.6.22-r3.ebuild:
615     Revision bump for Linux 2.6.22.4.
616 phreak 1.173
617     16 Aug 2007; Christian Heim <phreak@gentoo.org>
618     hardened-sources-2.6.22-r2.ebuild:
619     Updated patchset, to fix the alignment against 2.6.22.3.
620 phreak 1.172
621     *hardened-sources-2.6.22-r2 (16 Aug 2007)
622    
623     16 Aug 2007; Christian Heim <phreak@gentoo.org>
624     +hardened-sources-2.6.22-r2.ebuild:
625     Revision bump for Linux 2.6.22.3.
626 phreak 1.171
627     *hardened-sources-2.4.35 (16 Aug 2007)
628    
629     16 Aug 2007; Christian Heim <phreak@gentoo.org>
630     +hardened-sources-2.4.35.ebuild:
631     Version bump, initial version for Linux 2.4.35.
632 phreak 1.170
633     *hardened-sources-2.6.21-r4 (16 Aug 2007)
634    
635     16 Aug 2007; Christian Heim <phreak@gentoo.org>
636     +hardened-sources-2.6.21-r4.ebuild:
637     Revision bump for Linux 2.6.21.6.
638 phreak 1.169
639     *hardened-sources-2.6.20-r7 (16 Aug 2007)
640    
641     16 Aug 2007; Christian Heim <phreak@gentoo.org>
642     +hardened-sources-2.6.20-r7.ebuild:
643     Revision bump for Linux 2.6.20.16.
644 phreak 1.168
645     *hardened-sources-2.6.22-r1 (13 Aug 2007)
646    
647     13 Aug 2007; Christian Heim <phreak@gentoo.org>
648     +hardened-sources-2.6.22-r1.ebuild:
649     Yet another revision bump.
650 phreak 1.167
651     *hardened-sources-2.6.22 (10 Aug 2007)
652    
653     10 Aug 2007; Christian Heim <phreak@gentoo.org>
654     +hardened-sources-2.6.22.ebuild:
655     Initial release for 2.6.22. If you are using hardened-sources on a desktop
656     machine (P4 or newer), be aware you might need to disable
657     CONFIG_PAX_PAGEEXEC.
658 phreak 1.166
659     04 Aug 2007; Christian Heim <phreak@gentoo.org>
660     hardened-sources-2.6.20-r6.ebuild:
661     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
662     2.6.20.15.
663 phreak 1.165
664     10 Jul 2007; Christian Heim <phreak@gentoo.org>
665     hardened-sources-2.6.20-r5.ebuild:
666     Marking hardened-sources-2.6.20-r5 stable on ppc.
667 phreak 1.164
668     10 Jul 2007; Christian Heim <phreak@gentoo.org>
669     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
670     Cleanup.
671 phreak 1.163
672     *hardened-sources-2.6.20-r6 (08 Jul 2007)
673    
674     08 Jul 2007; Christian Heim <phreak@gentoo.org>
675     +hardened-sources-2.6.20-r6.ebuild:
676     Revision bump, grabbing yet another stable release.
677 phreak 1.162
678     17 Jun 2007; Christian Heim <phreak@gentoo.org>
679     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
680     -hardened-sources-2.6.21-r2.ebuild:
681     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
682     alpha stable KEYWORD by mistake.
683 phreak 1.161
684     17 Jun 2007; Christian Heim <phreak@gentoo.org>
685     hardened-sources-2.6.20-r5.ebuild:
686     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
687     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
688 phreak 1.160
689     *hardened-sources-2.6.21-r3 (12 Jun 2007)
690    
691     12 Jun 2007; Christian Heim <phreak@gentoo.org>
692     +hardened-sources-2.6.21-r3.ebuild:
693     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
694     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
695     love.
696 phreak 1.159
697     *hardened-sources-2.6.20-r5 (11 Jun 2007)
698    
699     11 Jun 2007; Christian Heim <phreak@gentoo.org>
700     +hardened-sources-2.6.20-r5.ebuild:
701     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
702     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
703     love.
704 pappy 1.158
705     *hardened-sources-2.4.34.5 (11 Jun 2007)
706    
707     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
708     +hardened-sources-2.4.34.5.ebuild:
709     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
710 phreak 1.157
711     30 May 2007; Christian Heim <phreak@gentoo.org>
712     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
713     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
714     stale ebuild(s).
715 phreak 1.156
716     30 May 2007; Christian Heim <phreak@gentoo.org>
717     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
718     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
719     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
720     Doing some cleanups, remove stale ebuilds.
721 phreak 1.155
722     26 May 2007; Christian Heim <phreak@gentoo.org>
723     hardened-sources-2.6.21-r2.ebuild:
724     Fixing the grsecurity patch, had one '};' too much.
725 phreak 1.154
726     *hardened-sources-2.6.21-r2 (26 May 2007)
727    
728     26 May 2007; Christian Heim <phreak@gentoo.org>
729     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
730     +hardened-sources-2.6.21-r2.ebuild:
731     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
732     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
733 phreak 1.153
734     *hardened-sources-2.6.20-r4 (26 May 2007)
735    
736     26 May 2007; Christian Heim <phreak@gentoo.org>
737     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
738     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
739 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
740 phreak 1.152
741     15 May 2007; Christian Heim <phreak@gentoo.org>
742     hardened-sources-2.6.20-r3.ebuild:
743     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
744     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
745     grsecurity patch fail in that exact same hunk.
746 phreak 1.151
747     *hardened-sources-2.6.20-r3 (15 May 2007)
748    
749     15 May 2007; Christian Heim <phreak@gentoo.org>
750     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
751     Revision bump, incorporating Linux 2.6.20.11.
752    
753     *hardened-sources-2.6.21-r1 (11 May 2007)
754    
755     11 May 2007; Christian Heim <phreak@gentoo.org>
756     +hardened-sources-2.6.21-r1.ebuild:
757     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
758     mentioned in #177234.
759 kevquinn 1.150
760     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
761     files/digest-hardened-sources-2.6.21, Manifest:
762     Fix Manifest/digest for linux-2.6.21.tar.bz2
763 phreak 1.149
764     06 May 2007; Christian Heim <phreak@gentoo.org>
765     hardened-sources-2.6.21.ebuild:
766     Bumping the hardened-patches version, needed for the fix for #177234.
767 phreak 1.148
768     *hardened-sources-2.6.21 (02 May 2007)
769    
770     02 May 2007; Christian Heim <phreak@gentoo.org>
771     +hardened-sources-2.6.21.ebuild:
772     Version bump, Linux 2.6.21-hardened.
773 phreak 1.147
774     29 Apr 2007; Christian Heim <phreak@gentoo.org>
775     hardened-sources-2.6.20-r2.ebuild:
776     Adding ~ia64 on Ned's request.
777 phreak 1.146
778     29 Apr 2007; Christian Heim <phreak@gentoo.org>
779     hardened-sources-2.6.20-r2.ebuild:
780     Fixing the included grsecurity patch, wasn't alligning due to the Index:
781     header line(s).
782 phreak 1.145
783     29 Apr 2007; Christian Heim <phreak@gentoo.org>
784     hardened-sources-2.6.20-r2.ebuild:
785     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
786 armin76 1.144
787     *hardened-sources-2.6.20-r2 (10 Apr 2007)
788    
789     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
790     +hardened-sources-2.6.20-r2.ebuild:
791     Version bump, on behalf of phreak
792 phreak 1.143
793     *hardened-sources-2.6.20-r1 (04 Apr 2007)
794    
795     04 Apr 2007; Christian Heim <phreak@gentoo.org>
796     +hardened-sources-2.6.20-r1.ebuild:
797     Revision bump, grabbing a newer grsecurity snapshot.
798 phreak 1.142
799     *hardened-sources-2.6.20 (25 Mar 2007)
800    
801     25 Mar 2007; Christian Heim <phreak@gentoo.org>
802     +hardened-sources-2.6.20.ebuild:
803     Finally a hardened-sources version for 2.6.20; many people have been waiting
804     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
805     testbox.
806 chainsaw 1.141
807     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
808     hardened-sources-2.6.18-r6.ebuild:
809     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
810 phreak 1.140
811     *hardened-sources-2.6.18-r6 (16 Mar 2007)
812    
813     16 Mar 2007; Christian Heim <phreak@gentoo.org>
814     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
815     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
816     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
817     supposed to be.
818 phreak 1.139
819     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
820     Fixing the Manifest, the previous one was broken (as in still had the
821     deleted ebuild in it).
822 phreak 1.138
823     06 Mar 2007; Christian Heim <phreak@gentoo.org>
824     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
825     +hardened-sources-2.6.18-r5.ebuild:
826     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
827     Linux 2.6.18.8. Also cleaning up the older version.
828    
829     *hardened-sources-2.6.18-r5 (06 Mar 2007)
830    
831     06 Mar 2007; Christian Heim <phreak@gentoo.org>
832     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
833     +hardened-sources-2.6.18-r5.ebuild:
834     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
835     Linux 2.6.18.8. Also cleaning up the older version.
836 phreak 1.137
837     24 Feb 2007; Christian Heim <phreak@gentoo.org>
838     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
839     -hardened-sources-2.6.19-r5.ebuild:
840     Removing some of the old version, that didn't work.
841 phreak 1.136
842     *hardened-sources-2.6.19-r6 (12 Feb 2007)
843    
844     12 Feb 2007; Christian Heim <phreak@gentoo.org>
845     +hardened-sources-2.6.19-r6.ebuild:
846     Revision bump, including a new grsec version fixing #166235.
847 pappy 1.134
848     *hardened-sources-2.4.34 (24 Jan 2007)
849    
850     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
851 pappy 1.135 Manifest:
852     updating Manifest with checksums of new tarball and ebuild
853    
854     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
855 pappy 1.134 +hardened-sources-2.4.34.ebuild:
856     I added new hardened sources 2.4 update, this is a critical path
857     security bugfix - all users of h-s are strongly advised
858     to update their existing hardened sources to this version.
859     It contains a fix for a kernel vulnerability that is pertaining
860     to the PaX changes to virtual memory management, possibly leading
861     to a local kernel exploit ... see grsecurity.net forums and homepage
862 phreak 1.133
863     23 Jan 2007; Christian Heim <phreak@gentoo.org>
864     files/digest-hardened-sources-2.6.19-r5, Manifest:
865     Fixing the patch-tarball digest.
866 phreak 1.132
867     *hardened-sources-2.6.19-r5 (23 Jan 2007)
868    
869     23 Jan 2007; Christian Heim <phreak@gentoo.org>
870     +hardened-sources-2.6.19-r5.ebuild:
871     Revision bump, closing the recently discovered PaX expand_stack()
872     vulnerability.
873 phreak 1.131
874     *hardened-sources-2.6.19-r4 (14 Jan 2007)
875    
876     14 Jan 2007; Christian Heim <phreak@gentoo.org>
877     +hardened-sources-2.6.19-r4.ebuild:
878     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
879     dropping the randomized PID feature.
880 opfer 1.130
881     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
882     hardened-sources-2.4.33.4.ebuild:
883     stable x86, bug #161171
884 phreak 1.129
885     *hardened-sources-2.6.19-r3 (27 Dec 2006)
886    
887     27 Dec 2006; Christian Heim <phreak@gentoo.org>
888     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
889     Revision bump for bug #157186 and #158786.
890 phreak 1.128
891     *hardened-sources-2.6.18-r4 (27 Dec 2006)
892    
893     27 Dec 2006; Christian Heim <phreak@gentoo.org>
894     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
895     Revision bump for bug #157186.
896 phreak 1.127
897     *hardened-sources-2.6.19-r2 (23 Dec 2006)
898    
899     23 Dec 2006; Christian Heim <phreak@gentoo.org>
900     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
901     Revision bump to pull in genpatches-2.6.19-3 for #157186.
902 phreak 1.126
903     17 Dec 2006; Christian Heim <phreak@gentoo.org>
904     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
905     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
906     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
907     hardened-sources-2.6.19-r1.ebuild:
908     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
909     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
910 pappy 1.125
911     *hardened-sources-2.4.33.4 (17 Dec 2006)
912    
913     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
914     +hardened-sources-2.4.33.4.ebuild:
915     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
916     and quilting
917 phreak 1.124
918     *hardened-sources-2.6.19-r1 (14 Dec 2006)
919    
920     14 Dec 2006; Christian Heim <phreak@gentoo.org>
921     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
922     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
923     for reporting).
924 phreak 1.123
925     *hardened-sources-2.6.19 (13 Dec 2006)
926    
927     13 Dec 2006; Christian Heim <phreak@gentoo.org>
928     +hardened-sources-2.6.19.ebuild:
929     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
930     Brad for providing that prompt update.
931 phreak 1.122
932     *hardened-sources-2.6.18-r3 (13 Dec 2006)
933    
934     13 Dec 2006; Christian Heim <phreak@gentoo.org>
935     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
936     +hardened-sources-2.6.18-r3.ebuild:
937     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
938     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
939 phreak 1.121
940     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
941     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
942 nixnut 1.120
943     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
944     Stable on ppc wrt bug 157356
945 opfer 1.119
946     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
947     hardened-sources-2.6.18.ebuild:
948     stable x86, bug #157356
949 phreak 1.118
950     *hardened-sources-2.6.18-r2 (06 Dec 2006)
951    
952     06 Dec 2006; Christian Heim <phreak@gentoo.org>
953     +hardened-sources-2.6.18-r2.ebuild:
954     Revision bump, including 2.6.18.5 (via genpatches) and
955     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
956     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
957     redesign.
958 phreak 1.117
959     06 Dec 2006; Christian Heim <phreak@gentoo.org>
960     hardened-sources-2.6.18.ebuild:
961     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
962     of Mike Doty).
963 phreak 1.116
964     *hardened-sources-2.6.18-r1 (23 Nov 2006)
965    
966     23 Nov 2006; Christian Heim <phreak@gentoo.org>
967     +hardened-sources-2.6.18-r1.ebuild:
968     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
969 phreak 1.115
970     *hardened-sources-2.6.18 (11 Nov 2006)
971    
972     11 Nov 2006; Christian Heim <phreak@gentoo.org>
973     +hardened-sources-2.6.18.ebuild:
974     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
975 solar 1.114
976     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
977     - mark amd64 stable also. bug #151877
978 solar 1.113
979     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
980     - mark 2.6.17-r1 stable
981 phreak 1.112
982     27 Aug 2006; Christian Heim <phreak@gentoo.org>
983     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
984     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
985 phreak 1.111
986     *hardened-sources-2.6.17-r1 (26 Aug 2006)
987    
988     26 Aug 2006; Christian Heim <phreak@gentoo.org>
989     +hardened-sources-2.6.17-r1.ebuild:
990     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
991     grsecurity patch.
992 phreak 1.110
993     *hardened-sources-2.6.17 (17 Aug 2006)
994    
995     17 Aug 2006; Christian Heim <phreak@gentoo.org>
996     +hardened-sources-2.6.17.ebuild:
997     Bumping the hardened-sources-2.6 series to 2.6.17, using
998     genpatches-2.6.17-6.base.
999 solar 1.109
1000     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1001     - stable on x86 and amd64
1002 solar 1.108
1003     *hardened-sources-2.6.16-r11 (15 Jul 2006)
1004    
1005     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1006     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1007     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1008     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1009     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1010     crusty ebuilds
1011 johnm 1.107
1012     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1013     hardened-sources-2.6.16-r10.ebuild:
1014     marking stable on x86 and amd64
1015 solar 1.106
1016     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1017     - 2.4.32-r6 stable on x86. RSBAC state unknown
1018 kang 1.105
1019     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1020    
1021     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1022     +hardened-sources-2.4.32-r7.ebuild:
1023     Bump PaX for RSBAC to test-17
1024 johnm 1.104
1025     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1026    
1027     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1028     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1029     hardened-sources-2.6.16 bump to latest -base.
1030 solar 1.103
1031     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1032    
1033     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1034     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1035     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1036     sysctl controlable resource logging
1037 johnm 1.102
1038     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1039    
1040     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1041     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1042     push new 2.6.16 release in preparation for stable
1043 solar 1.101
1044     22 May 2006; <solar@gentoo.org> :
1045     - redigest bug 134002
1046 kang 1.100
1047     *hardened-sources-2.4.32-r5 (16 May 2006)
1048    
1049     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1050     +hardened-sources-2.4.32-r5.ebuild:
1051     Fixes rsbac common patching (new patch in new -r5 patchset)
1052 solar 1.99
1053     *hardened-sources-2.4.32-r4 (13 May 2006)
1054    
1055     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1056     +hardened-sources-2.4.32-r4.ebuild:
1057     - security bumps
1058 johnm 1.98
1059     *hardened-sources-2.6.16-r6 (03 May 2006)
1060    
1061     03 May 2006; John Mylchreest <johnm@gentoo.org>
1062     +hardened-sources-2.6.16-r6.ebuild:
1063     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1064 johnm 1.97
1065     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1066     hardened-sources-2.6.14-r8.ebuild:
1067     fix x86_64 build problem, this will delay the digest issue again for a short
1068     while but it will sort itself out
1069 johnm 1.96
1070     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1071     hardened-sources-2.6.14-r8.ebuild:
1072     bump hardened patchset
1073 antarus 1.94
1074     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1075     files/digest-hardened-sources-2.4.32-r2,
1076     files/digest-hardened-sources-2.4.32-r3,
1077     files/digest-hardened-sources-2.6.14-r8, Manifest:
1078     Fixing duff SHA256 digests: Bug # 131293
1079 johnm 1.93
1080 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1081    
1082     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1083     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1084     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1085     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1086     cleanup of old uneccessary sources
1087    
1088 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1089     fix digest
1090 johnm 1.92
1091     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1092    
1093     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1094     +hardened-sources-2.6.14-r8.ebuild:
1095     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1096 johnm 1.91
1097     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1098     Turning on gpg-signing again, and recomitting
1099 johnm 1.90
1100     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1101    
1102     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1103     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1104     +hardened-sources-2.6.16-r4.ebuild:
1105     Fix numerous security vulns
1106 solar 1.89
1107     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1108    
1109     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1110     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1111     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1112     - security bump for bug #112791. Removed old ebuilds
1113 johnm 1.88
1114     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1115    
1116     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1117     +hardened-sources-2.6.16-r3.ebuild:
1118     Removing silly localversion which I missed
1119 johnm 1.87
1120     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1121    
1122     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1123     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1124     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1125 johnm 1.86
1126     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1127    
1128     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1129     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1130     +hardened-sources-2.6.16-r2.ebuild:
1131     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1132     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1133 johnm 1.85
1134     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1135    
1136     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1137     +hardened-sources-2.6.16-r1.ebuild:
1138     Bumping to include ppc build fix and 2.6.16.3
1139 tsunam 1.84
1140     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1141     hardened-sources-2.6.14-r6.ebuild:
1142     Stable on x86; bug #127718
1143 johnm 1.83
1144     *hardened-sources-2.6.16 (31 Mar 2006)
1145    
1146     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1147     +hardened-sources-2.6.16.ebuild:
1148     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1149     2.6.16.1
1150 cryos 1.82
1151     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1152     hardened-sources-2.6.14-r6.ebuild:
1153     Stable on amd64, bug 127718.
1154 nixnut 1.81
1155     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1156     Stable on ppc. Bug #127718
1157 johnm 1.80
1158     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1159     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1160     -hardened-sources-2.6.14-r4.ebuild:
1161     Cleanup.
1162 johnm 1.79
1163     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1164    
1165     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1166     +hardened-sources-2.6.14-r6.ebuild:
1167     Fixes grsec policy recreation bug and adds a
1168     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1169 solar 1.78
1170     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1171     - stable on x86
1172 hansmi 1.77
1173     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1174     hardened-sources-2.6.14-r5.ebuild:
1175     Stable on ppc.
1176 johnm 1.76
1177     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1178    
1179     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1180     +hardened-sources-2.6.14-r5.ebuild:
1181     fixing every known exploit
1182 solar 1.75
1183     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1184    
1185     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1186     +hardened-sources-2.4.32-r2.ebuild:
1187     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1188 solar 1.74
1189     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1190    
1191     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1192     - version bump for new genpatches which fix up a few sec holes
1193 solar 1.73
1194     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1195    
1196     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1197     - revision bump to add misc vital linux kernel security patches.
1198 johnm 1.72
1199     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1200    
1201     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1202     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1203     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1204 johnm 1.71
1205     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1206     hardened-sources-2.6.14-r2.ebuild:
1207     making x86 & amd64 stable following testing.
1208 johnm 1.70
1209     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1210    
1211     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1212     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1213     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1214     network hooks.
1215 johnm 1.69
1216     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1217     hardened-sources-2.6.14-r1.ebuild:
1218     bumping to stable early for sec fix on x86 & amd64
1219 johnm 1.68
1220     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1221    
1222     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1223     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1224     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1225 solar 1.67
1226     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1227     - stable on x86 security bug #114227 CAN-2005-3257
1228 kang 1.66
1229     *hardened-sources-2.4.32 (19 Nov 2005)
1230    
1231     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1232     +hardened-sources-2.4.32.ebuild:
1233     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1234     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1235     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1236     rsbac >> /etc/portage/package.use)
1237 johnm 1.65
1238     *hardened-sources-2.6.14 (14 Nov 2005)
1239    
1240     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1241     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1242     Bumping 2.6 series to 2.6.14.2
1243 johnm 1.64
1244     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1245    
1246     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1247     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1248     +hardened-sources-2.6.13-r2.ebuild:
1249     Fixes minor build error in ppc.
1250 johnm 1.63
1251     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1252    
1253     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1254     +hardened-sources-2.6.13-r1.ebuild:
1255     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1256     2.6.13.4, fixes some major amd64 stability problems.
1257 johnm 1.62
1258     *hardened-sources-2.6.13 (16 Sep 2005)
1259    
1260     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1261     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1262     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1263     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1264     users should test this thoroughly.
1265 solar 1.61
1266     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1267     - stable on x86
1268 johnm 1.60
1269     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1270    
1271     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1272     +hardened-sources-2.6.11-r15.ebuild:
1273     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1274     grsec redefining curr_ip struct.
1275 solar 1.59
1276     *hardened-sources-2.4.31 (20 Jun 2005)
1277    
1278     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1279     initial import of 2.4.31 tree
1280 johnm 1.58
1281     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1282    
1283     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1284     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1285     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1286     naming scheme to abide by genpatches
1287 johnm 1.57
1288     *hardened-sources-2.6.11-r13 (18 May 2005)
1289    
1290     18 May 2005; John Mylchreest <johnm@gentoo.org>
1291     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1292     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1293     target. sorry about that. Fixes bug #93022
1294 johnm 1.56
1295     *hardened-sources-2.6.11-r12 (17 May 2005)
1296    
1297     17 May 2005; John Mylchreest <johnm@gentoo.org>
1298     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1299     +hardened-sources-2.6.11-r12.ebuild:
1300     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1301     merges in genpatches-base
1302 johnm 1.55
1303     *hardened-sources-2.6.11-r12 (17 May 2005)
1304    
1305     17 May 2005; John Mylchreest <johnm@gentoo.org>
1306     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1307     +hardened-sources-2.6.11-r12.ebuild:
1308     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1309     merges in genpatches-base
1310 solar 1.54
1311     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1312     -files/2.4.27-cmdline-race.patch,
1313     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1314     -files/2.4.28-grsec-binfmt_a.out.patch,
1315     -files/2.4.28-grsec-cmdline-race.patch,
1316     -files/2.4.28-selinux-binfmt_a.out.patch,
1317     -files/2.4.28-selinux-cmdline-race.patch,
1318     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1319     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1320     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1321     cleanup..
1322 solar 1.53
1323     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1324    
1325     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1326     - disable aout by default
1327 solar 1.52
1328     *hardened-sources-2.4.30 (18 Apr 2005)
1329    
1330     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1331     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1332     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1333     use
1334 tocharian 1.50
1335 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1336    
1337     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1338     +hardened-sources-2.4.29.ebuild:
1339     New hardened-patches-2.4-29.0 patchball.
1340     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1341    
1342     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1343    
1344     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1345     +hardened-sources-2.4.28-r5.ebuild:
1346     Added a fix for a PaX vulnerability.
1347    
1348     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1349 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1350     Stable on x86
1351 solar 1.49
1352     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1353     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1354     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1355     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1356     - fixed/added RDEPEND= in all kernel-2 ebuilds
1357 tocharian 1.48
1358     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1359    
1360     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1361     +hardened-sources-2.4.28-r4.ebuild:
1362     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1363     backport of neighbour hash updates.
1364 tocharian 1.47
1365     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1366     hardened-sources-2.4.28-r3.ebuild:
1367     Stable on x86
1368 tseng 1.46
1369     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1370    
1371     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1372     +hardened-sources-2.6.10-r3.ebuild:
1373     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1374     in 2005.0
1375 tocharian 1.45
1376     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1377     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1378     hardened-sources-2.4.28-r2.ebuild:
1379     Mark stable on x86
1380 tocharian 1.44
1381     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1382    
1383     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1384     +hardened-sources-2.4.28-r3.ebuild:
1385     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1386 tocharian 1.43
1387     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1388     hardened-sources-2.4.28.ebuild:
1389     Mark stable on x86.
1390 tocharian 1.42
1391     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1392    
1393     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1394     +hardened-sources-2.4.28-r2.ebuild:
1395     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1396     Mazinger for grsecurity patches as well.
1397 plasmaroo 1.41
1398     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1399    
1400     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1401     Security bump. Thank tocharian for rolling a new patchset...
1402 solar 1.40
1403     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1404     +files/2.4.28-grsec-cmdline-race.patch,
1405     +files/2.4.28-selinux-binfmt_a.out.patch,
1406     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1407     - Round up remaining security patches that appear to be missing in 2.4.28. -
1408     PaX standalone updated to current. hgpv=28.1
1409 solar 1.39
1410     *hardened-sources-2.4.28 (28 Nov 2004)
1411    
1412     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1413     security bump. Thank tocharian for rolling a new patchset
1414 scox 1.31
1415 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1416    
1417     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1418     +hardened-sources-2.4.27-r3.ebuild:
1419     Applies the new 2.4-27.2 patchball which updates
1420     GRSecurity to the 2.0.1 version.
1421    
1422 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1423    
1424     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1425     +hardened-sources-2.4.27-r2.ebuild:
1426     Version bump.
1427     This version uses the new 2.4-27.1 patchball which updates
1428     both the SELinux PaX hooks patch and the SELinux headers.
1429    
1430 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1431    
1432     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1433     +hardened-sources-2.4.27-r1.ebuild,
1434     -hardened-sources-2.4.27.ebuild,
1435     +files/2.4.27-cmdline-race.patch:
1436     Version bump, fix for cmdline race. See bug #59905.
1437    
1438     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1439    
1440     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1441     +hardened-sources-2.4.26-r6.ebuild,
1442     -hardened-sources-2.4.26-r5.ebuild,
1443     -hardened-sources-2.4.26-r4.ebuild,
1444     +files/2.4.26-cmdline-race.patch:
1445     Version bump, fix for cmdline race. See bug #59905.
1446    
1447 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1448    
1449     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1450     +hardened-sources-2.4.27.ebuild,
1451     +files/2.4.27-CAN-2004-0394.patch:
1452     Ported the patchball to the 2.4.27 kernel version.
1453    
1454 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1455    
1456     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1457     +hardened-sources-2.4.26-r5.ebuild:
1458 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1459 scox 1.34 It adds the following features:
1460     - Squashfs
1461     - Ebtables
1462     - Netdev random (core+drivers)
1463     - Watchdog Timer (WDT) fix.
1464    
1465 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1466    
1467     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1468     +hardened-sources-2.4.26-r4.ebuild,
1469     +files/2.4.26-CAN-2004-0415.patch,
1470     -hardened-sources-2.4.26-3:
1471     Version bump, fix for CAN 0415, see bug #59378.
1472    
1473 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1474    
1475     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1476     +hardened-sources-2.4.26-r3.ebuild,
1477     +files/2.4.26-CAN-2004-0497.patch,
1478     -hardened-sources-2.4.26-r2.ebuild:
1479     Version bump, fixed CAN 0497, see bug #56171.
1480    
1481 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1482    
1483     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1484 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1485 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1486     +files/2.4.26-CAN-2004-0535.patch,
1487     -hardened-sources-2.4.26-r1.ebuild:
1488     Fixes for both CAN 0495 and 0535, see bug #54976
1489 pvdabeel 1.27
1490 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1491     hardened-sources-2.4.26-r1.ebuild:
1492     QA - fix use invocation
1493 scox 1.28
1494     *hardened-sources-2.4.26-r1 (22 June 2004)
1495    
1496     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1497     +hardened-sources-2.4.26-r1.ebuild,
1498     +files/2.4.26-CAN-2004-0394.patch,
1499     +files/2.4.26-signal-race.patch,
1500     -hardened-sources-2.4.26.ebuild,
1501     -hardened-sources-2.4.24-r3.ebuild:
1502     Version bump for the CAN-2004-0394 issue and bug #53804
1503     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1504    
1505    
1506 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1507     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1508     Masked hardened-sources-2.4.26.ebuild broken for ppc
1509    
1510     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1511     hardened-sources-2.4.24-r3.ebuild:
1512     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1513 plasmaroo 1.25
1514 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1515    
1516     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1517     +hardened-sources-2.4.26.ebuild:
1518     Updated hardened-sources for the 2.4.26 kernel
1519     Removed broken components, updated almost everything.
1520    
1521 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1522    
1523     17 Apr 2004; <plasmaroo@gentoo.org>
1524     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1525     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1526     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1527     +hardened-sources-2.4.24-r3.ebuild:
1528     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1529     vulnerabilities. Old revisions removed.
1530 plasmaroo 1.24
1531     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1532    
1533     15 Apr 2004; <plasmaroo@gentoo.org>
1534     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1535     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1536     Version bump for the CAN-2004-0109 issue; bug #47881.
1537 aliz 1.23
1538     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1539     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1540     Add eutils to inherit.
1541 plasmaroo 1.22
1542     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1543    
1544     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1545     files/hardened-sources-2.4.24.munmap.patch:
1546     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1547 scox 1.19
1548 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1549 scox 1.26
1550 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1551     hardened-sources-2.4.24.ebuild:
1552     Version bump, updated most of the components.
1553     This release includes the following:
1554    
1555     - Hardened security
1556     - Netfilter patch-o-matic 20031219
1557     - FreeSWAN 2.04 & x509 1.4.8
1558     - EVMS 2.2.2
1559     - XFS 1.3.1
1560     - cryptoloop jari
1561     - grsecurity 2.0-rc4
1562     - SELinux
1563     - PaX 200402060000
1564     - PaX Obscurity 200308302223
1565     - Others...
1566    
1567     Neither -ck nor systrace are included anymore.
1568    
1569 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1570    
1571     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1572     hardened-sources-2.4.22-r2.ebuild:
1573 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1574 scox 1.19
1575     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1576 iggy 1.17
1577     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1578 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1579 iggy 1.16
1580     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1581 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1582     Version bump for the 'do_brk' vulnerability.
1583 iggy 1.15
1584     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1585     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1586     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1587     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1588 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1589 frogger 1.14
1590     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1591     hardened-sources-2.4.22.ebuild:
1592 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1593     components. These are no longer handled in the kernel
1594     so this code was not necessary.
1595 frogger 1.13
1596     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1597     New 2.4.22 based hardened-sources thanks to
1598     Phil West <p.west@computer.org>.
1599    
1600     These sources include:
1601 plasmaroo 1.18 - New SELinux API
1602     - Updated CK-base
1603     - Updated GRSec
1604     - Systrace
1605     - SuperFreeS/WAN 1.99.8
1606     - Propolice kernel build support
1607     - EVMS
1608     - Other various security related patches
1609 frogger 1.11
1610 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1611    
1612     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1613     Updated hardened-sources based on the 2.4.21 Linux kernel.
1614     This includes updates to most major components such as:
1615 plasmaroo 1.18 - ck-base-0306300059
1616     - selinux-2.4-2003071106
1617     - grsecurity-2.0-rc1
1618     - Updated IPTables patch-o-matic
1619     - Updated SuperFreeS/WAN
1620    
1621 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1622     updated patch set ready for the 2.4.21 based kernel.
1623    
1624 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1625     Initial import of hardened-sources-2.4.20-r4. This revision
1626     includes only a few changes, but one of these is an important
1627     security fix. It is recommended all users of hardened-sources
1628     upgrade to this release.
1629 plasmaroo 1.18
1630 frogger 1.11 - ioperm bug fix
1631     - fixed compilation failure when building without GRSec
1632 plasmaroo 1.18
1633 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1634     due to time constraints, but is planned for inclusion in the near
1635     future.
1636 msterret 1.10
1637     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1638    
1639     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1640     hardened-sources-2.4.20-r3.ebuild:
1641 plasmaroo 1.18 Add Header...
1642 frogger 1.9
1643     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1644     hardened-sources-2.4.20-r3.ebuild:
1645     Removed warnings from ebuild. This kernel should be safe to
1646     use at this point.
1647 frogger 1.8
1648     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1649    
1650     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1651     hardened-sources-2.4.20-r3.ebuild:
1652     New revision. Includes the following changes over -r2:
1653 plasmaroo 1.18
1654 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1655     - Super FreeS/WAN 1.99.7rc2
1656     - PaX for the LSM/SELinux branch
1657     - GRSecurity 2.0-pre4 (role based access control)
1658     - Systrace 1.3
1659     - EXT3 fixes
1660     - EVMS 2.0.1
1661     - GCC 3.1+ compile optimizations
1662     - ProPolice kernel build support
1663     - Hashing table security fixes
1664 frogger 1.3
1665     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1666 frogger 1.7
1667     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1668     Initial import of hardened-sources-r2. This new
1669     ebuild includes many new performance and security
1670     related patches. As in -r1, it will patch in
1671     LSM/SELinux if "selinux" is in USE, otherwise it
1672     will patch in GRSecurity. The following patches
1673     are included in this revision:
1674 plasmaroo 1.18
1675 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1676     (pulled from the base CK patch)
1677     - ptrace exploit patch for the LSM kernel
1678     (the GRSec patch already fixes this)
1679     - LSM 2.4-2003040709
1680     - SELinux 2.4-2003040709
1681     - Systrace v1.2
1682     - IPTables patch-o-matic base patches - 20030107
1683     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1684     - Super FreeS/WAN 1.99.6.1
1685     - GRSecurity 1.9.9g
1686     - MPPE
1687     - EXT3 data journal fix
1688     - CIPE 1.5.4
1689 frogger 1.6
1690     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1691     hardened-sources-2.4.20-r1.ebuild, manifest:
1692 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1693 frogger 1.5
1694     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1695     hardened-sources-2.4.20-r1.ebuild:
1696     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1697     is patched in instead. Ptrace patches for selinux have also been added. In
1698     either case, systrace support will be patched in as well.
1699 frogger 1.3
1700     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1701     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1702 plasmaroo 1.18 Revision bump for new sources.
1703 frogger 1.4
1704 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1705 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1706 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1707 method 1.1
1708 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1709    
1710 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1711     hardened-sources-2.4.20.ebuild:
1712 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20