/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.284 - (hide annotations) (download)
Wed Feb 4 17:22:30 2009 UTC (5 years, 5 months ago) by nixnut
Branch: MAIN
Changes since 1.283: +4 -1 lines
ppc stable
(Portage version: 2.1.6.7/cvs/Linux ppc)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 nixnut 1.284 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.283 2009/01/25 08:16:01 gengor Exp $
4    
5     04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
6     ppc stable
7 gengor 1.283
8     *hardened-sources-2.6.28 (25 Jan 2009)
9    
10     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
11     +hardened-sources-2.6.28.ebuild:
12     Initial 2.6.28 release.
13 gengor 1.282
14     *hardened-sources-2.6.27-r7 (25 Jan 2009)
15    
16     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
17     +hardened-sources-2.6.27-r7.ebuild:
18     Bump to Linux 2.6.27.13.
19 gengor 1.281
20     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
21     hardened-sources-2.6.26-r9.ebuild:
22     Stable amd64/x86.
23 gengor 1.280
24     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
25     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
26     -hardened-sources-2.6.27-r5.ebuild:
27     Remove problem versions.
28 gengor 1.279
29     *hardened-sources-2.6.27-r6 (24 Jan 2009)
30    
31     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
32     +hardened-sources-2.6.27-r6.ebuild:
33     Revert PaX test29 to test30 changes. Fixes bug 256226.
34 gengor 1.277
35     *hardened-sources-2.6.27-r5 (24 Jan 2009)
36    
37     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
38     +hardened-sources-2.6.27-r5.ebuild:
39 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
40 gengor 1.277 254843.
41 gengor 1.276
42     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
43     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
44     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
45     Remove problem versions.
46 nixnut 1.275
47     23 Jan 2009; nixnut <nixnut@gentoo.org>
48     hardened-sources-2.6.25-r13.ebuild:
49     ppc stable
50 gengor 1.274
51     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
52     hardened-sources-2.6.25-r13.ebuild:
53     Fasttrack stable amd64/x86.
54 gengor 1.273
55     *hardened-sources-2.6.26-r9 (21 Jan 2009)
56    
57     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
58     +hardened-sources-2.6.26-r9.ebuild:
59 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
60 gengor 1.272
61     *hardened-sources-2.6.25-r13 (20 Jan 2009)
62    
63     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
64     +hardened-sources-2.6.25-r13.ebuild:
65 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
66 nixnut 1.271
67     20 Jan 2009; nixnut <nixnut@gentoo.org>
68     hardened-sources-2.6.25-r12.ebuild:
69     ppc stable
70 gengor 1.270
71     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
72     hardened-sources-2.6.25-r12.ebuild:
73     Stable amd64/x86.
74 gengor 1.269
75     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
76     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
77     -hardened-sources-2.6.27-r2.ebuild:
78     Clean out old versions.
79 gengor 1.268
80     *hardened-sources-2.6.27-r4 (14 Jan 2009)
81     *hardened-sources-2.6.26-r8 (14 Jan 2009)
82     *hardened-sources-2.6.25-r12 (14 Jan 2009)
83    
84     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
85     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
86     +hardened-sources-2.6.27-r4.ebuild:
87     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
88     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
89     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
90     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
91 nixnut 1.267
92     15 Dec 2008; nixnut <nixnut@gentoo.org>
93     hardened-sources-2.6.25-r11.ebuild:
94     Stable on ppc
95 gengor 1.266
96     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
97     hardened-sources-2.6.25-r11.ebuild:
98     Stable amd64/x86.
99 gengor 1.265
100     *hardened-sources-2.6.27-r3 (07 Dec 2008)
101    
102     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
103     +hardened-sources-2.6.27-r3.ebuild:
104     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
105     Fixes bug #248754, #249729 and #246607.
106 gengor 1.264
107     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
108     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
109     Remove old versions.
110 gengor 1.262
111     *hardened-sources-2.6.26-r7 (03 Dec 2008)
112     *hardened-sources-2.6.25-r11 (03 Dec 2008)
113    
114 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
115     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
116 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
117     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
118     Both include many backports from 2.6.27.{6,7} -stable releases.
119 gengor 1.261
120     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
121     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
122     Remove versions broken on ARCHes != x86/amd64.
123 gengor 1.260
124     *hardened-sources-2.6.27-r2 (24 Nov 2008)
125    
126     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
127     +hardened-sources-2.6.27-r2.ebuild:
128     Bump to Linux 2.6.27.7 and latest grsecurity patch.
129 gengor 1.259
130     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
131     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
132     Remove old versions.
133 gengor 1.258
134     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
135     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
136     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
137 nixnut 1.257
138     16 Nov 2008; nixnut <nixnut@gentoo.org>
139     hardened-sources-2.6.25-r10.ebuild:
140     Stable on ppc
141 gengor 1.256
142     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
143     hardened-sources-2.6.25-r10.ebuild:
144     Stable amd64/x86.
145 gengor 1.255
146     *hardened-sources-2.6.26-r6 (12 Nov 2008)
147    
148     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
149     +hardened-sources-2.6.26-r6.ebuild:
150     Bump to Linux 2.6.26.8 and fix security bug #245650.
151 gengor 1.254
152     *hardened-sources-2.6.25-r10 (12 Nov 2008)
153    
154     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
155     +hardened-sources-2.6.25-r10.ebuild:
156     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
157 gengor 1.253
158     *hardened-sources-2.6.27-r1 (09 Nov 2008)
159    
160     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
161     +hardened-sources-2.6.27-r1.ebuild:
162     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
163 gengor 1.252
164     *hardened-sources-2.6.27 (04 Nov 2008)
165    
166     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
167     +hardened-sources-2.6.27.ebuild:
168     Initial 2.6.27 release.
169 gengor 1.251
170     *hardened-sources-2.6.26-r5 (03 Nov 2008)
171    
172     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
173     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
174     +hardened-sources-2.6.26-r5.ebuild:
175     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
176     Clean out some old versions.
177 nixnut 1.250
178     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
179     Stable on ppc
180 gengor 1.249
181     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
182     hardened-sources-2.6.25-r9.ebuild:
183     Stable on amd64/x86.
184 gengor 1.248
185     *hardened-sources-2.6.25-r9 (26 Oct 2008)
186    
187     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
188     +hardened-sources-2.6.25-r9.ebuild:
189     Update to Linux 2.6.25.19
190 nixnut 1.247
191     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
192     Stable on ppc
193 gengor 1.246
194     *hardened-sources-2.6.26-r4 (14 Oct 2008)
195    
196     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
197     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
198     Update to latest grsecurity patch, fixing building of non-modular kernels.
199 gengor 1.245
200     *hardened-sources-2.6.26-r3 (12 Oct 2008)
201    
202     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
203     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
204     +hardened-sources-2.6.26-r3.ebuild:
205     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
206     2.6.26-r1: Removed.
207     2.6.25-r8: Stable amd64/x86.
208 gengor 1.244
209     *hardened-sources-2.6.25-r8 (09 Oct 2008)
210    
211     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
212     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
213     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
214     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
215 nixnut 1.243
216     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
217     Stable on ppc
218 gengor 1.242
219     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
220     hardened-sources-2.6.25-r7.ebuild:
221     Stable amd64/x86.
222 gengor 1.241
223     *hardened-sources-2.6.26-r2 (13 Sep 2008)
224    
225     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
226     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
227     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
228     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
229 gengor 1.240
230     *hardened-sources-2.6.25-r7 (13 Sep 2008)
231    
232     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
233     +hardened-sources-2.6.25-r7.ebuild:
234     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
235 gengor 1.239
236     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
237     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
238     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
239     hardened-sources-2.6.26-r1.ebuild:
240     Update DESCRIPTION and HGPV_URI.
241 gengor 1.238
242     *hardened-sources-2.6.25-r6 (09 Sep 2008)
243    
244     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
245     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
246     2.6.25-r6: Update to Linux 2.6.25.17.
247     2.6.24-r3: Removed.
248 gengor 1.237
249     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
250     hardened-sources-2.6.25-r5.ebuild:
251     Stable on amd64/x86
252 gengor 1.236
253     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
254     Update my email address.
255 nixnut 1.235
256     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
257     stable on ppc
258 battousai 1.234
259     *hardened-sources-2.6.26-r1 (23 Aug 2008)
260     *hardened-sources-2.6.25-r5 (23 Aug 2008)
261    
262     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
263     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
264     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
265     +hardened-sources-2.6.26-r1.ebuild:
266     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
267     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
268     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
269     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
270     (gengor).
271 solar 1.233
272     *hardened-sources-2.6.26 (18 Aug 2008)
273     *hardened-sources-2.6.25-r4 (18 Aug 2008)
274    
275     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
276     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
277     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
278     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
279     2.6.25-r2: Removed.
280 tove 1.232
281     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
282     Remove phreak from metadata.xml (#96398)
283 solar 1.231
284     *hardened-sources-2.6.25-r3 (31 Jul 2008)
285    
286     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
287     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
288     +hardened-sources-2.6.25-r3.ebuild:
289     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
290     fixes, including security bug #231750.
291 nixnut 1.230
292     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
293     Stable on ppc
294 solar 1.229
295     *hardened-sources-2.6.25-r2 (05 Jul 2008)
296    
297     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
298     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
299     +hardened-sources-2.6.25-r2.ebuild:
300     2.6.23-r4: Stable x86/amd64
301     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
302     2.6.23-r{11,12}: Removed due to multiple vulns.
303     (gengor & kerframil)
304 nixnut 1.228
305     04 Jul 2008; nixnut <nixnut@gentoo.org>
306     hardened-sources-2.6.23-r13.ebuild:
307     Stable on ppc
308 solar 1.227
309     *hardened-sources-2.6.25-r1 (30 Jun 2008)
310    
311     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
312     +hardened-sources-2.6.25-r1.ebuild:
313     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
314     grsecurity release. 2.6.23-r13: x86/amd64 stable
315 solar 1.226
316     *hardened-sources-2.6.25 (17 Jun 2008)
317     *hardened-sources-2.6.24-r3 (17 Jun 2008)
318     *hardened-sources-2.6.23-r13 (17 Jun 2008)
319    
320     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
321     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
322     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
323     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
324     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
325     2.6.25: Initial 2.6.25 release.
326 solar 1.225
327     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
328     - fasttrack to stable x86/amd64
329 swegener 1.224
330     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
331     Fix broken digest for linux-2.6.24.tar.bz2.
332 solar 1.223
333     *hardened-sources-2.6.24-r2 (11 May 2008)
334     *hardened-sources-2.6.23-r12 (11 May 2008)
335    
336     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
337     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
338     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
339     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
340     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
341     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
342     security bugs 219901, 220691, 220975, 220979, 221123. New
343     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
344     should be removed as far as I'm concerned, everything else remove due to
345     vulnerable to numerous security bugs or brokeness.
346 nixnut 1.222
347     10 May 2008; nixnut <nixnut@gentoo.org>
348     hardened-sources-2.6.23-r11.ebuild:
349     Stable on ppc
350 solar 1.221
351     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
352     - -r11 stable on x86/amd64
353 solar 1.220
354     *hardened-sources-2.6.23-r11 (01 May 2008)
355    
356     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
357     - version bump to fix ulgy linux bugs
358 phreak 1.219
359     *hardened-sources-2.6.24-r1 (30 Apr 2008)
360    
361     30 Apr 2008; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.24-r1.ebuild:
363     Revision bump (thanks to Kerin and Gordon, again), pulling
364     genpatches-2.6.24-7, solving #219089. Additionally contains further security
365     fixes plus some minor updates.
366 phreak 1.218
367     *hardened-sources-2.6.23-r10 (30 Apr 2008)
368    
369     30 Apr 2008; Christian Heim <phreak@gentoo.org>
370     +hardened-sources-2.6.23-r10.ebuild:
371     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
372     Additional contains "various other fixes".
373 phreak 1.217
374     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
375     Update the longdescription in metadata, thanks to Gordon Malm.
376 nixnut 1.216
377     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
378     Stable on ppc wrt bug #213255
379 solar 1.215
380     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
381     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
382     - stable on x86/amd64 per request. Removed obsolete ebuilds
383 phreak 1.214
384     *hardened-sources-2.6.24 (07 Apr 2008)
385    
386     07 Apr 2008; Christian Heim <phreak@gentoo.org>
387     +hardened-sources-2.6.24.ebuild:
388     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
389     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
390     for the many contributions and their continued effort in #216612) based on
391     2.6.24 and genpatches-2.6.24-5.
392    
393     The current ebuild/patchset contains these things:
394     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
395     * Introduces bespoke server and workstation oriented security levels
396     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
397 phreak 1.213
398     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
399     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
400     maintaining it).
401 phreak 1.212
402     24 Mar 2008; Christian Heim <phreak@gentoo.org>
403     hardened-sources-2.4.35-r2.ebuild:
404     Fixing SRC_URI for 2.4.35-r2.
405 phreak 1.211
406     *hardened-sources-2.6.23-r9 (22 Mar 2008)
407    
408     22 Mar 2008; Christian Heim <phreak@gentoo.org>
409     +hardened-sources-2.6.23-r9.ebuild:
410     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
411     * Change the default GIDs for some grsecurity options
412     * Revamp the Hardened [Gentoo] security level and make it the default level
413     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
414     * Fix a recursive lock -- call to capable() within ptrace_attach()
415     * Fix bug that allows audit and iscsi operations to be controlled via netlink
416 solar 1.210
417     *hardened-sources-2.6.23-r8 (27 Feb 2008)
418    
419     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
420     - version bump from Kerin Millar bug 210026
421 solar 1.209
422     17 Feb 2008; <solar@gentoo.org> metadata.xml,
423     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
424     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
425     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
426     - stable on x86 and remove old ebuilds
427 solar 1.207
428     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
429 solar 1.208 - stable on amd64 per request of amd64 lead
430 solar 1.206
431     *hardened-sources-2.6.23-r7 (11 Feb 2008)
432    
433     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
434     - version bump from kerin.millar
435     Changes:
436    
437     * Bump to genpatches-base-2.6.23-9
438     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
439     * Disables COMPAT_VDSO in x86/defconfig
440     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
441 phreak 1.205
442     25 Jan 2008; Christian Heim <phreak@gentoo.org>
443     -hardened-sources-2.6.22-r8.ebuild:
444     Cleaning up old versions.
445 phreak 1.204
446     *hardened-sources-2.6.23-r6 (25 Jan 2008)
447    
448     25 Jan 2008; Christian Heim <phreak@gentoo.org>
449     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
450     Revision bump, pulling in the latest genpatches.
451 phreak 1.203
452     *hardened-sources-2.6.23-r5 (24 Dec 2007)
453    
454     24 Dec 2007; Christian Heim <phreak@gentoo.org>
455     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
456     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
457     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
458     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
459 phreak 1.202
460     24 Dec 2007; Christian Heim <phreak@gentoo.org>
461     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
462     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
463     -hardened-sources-2.6.23-r3.ebuild:
464     Cleaning out some unused, old versions.
465 phreak 1.201
466     24 Dec 2007; Christian Heim <phreak@gentoo.org>
467     hardened-sources-2.6.23-r4.ebuild:
468     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
469     in the tree for long, but there isn't much of a difference between this and
470     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
471 phreak 1.200
472     *hardened-sources-2.6.23-r4 (23 Dec 2007)
473    
474     23 Dec 2007; Christian Heim <phreak@gentoo.org>
475     +hardened-sources-2.6.23-r4.ebuild:
476     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
477 phreak 1.199
478     *hardened-sources-2.6.23-r3 (04 Dec 2007)
479    
480     04 Dec 2007; Christian Heim <phreak@gentoo.org>
481     +hardened-sources-2.6.23-r3.ebuild:
482     Revision bump, pulling in 2.6.23.9.
483 phreak 1.198
484     *hardened-sources-2.6.23-r2 (25 Nov 2007)
485    
486     25 Nov 2007; Christian Heim <phreak@gentoo.org>
487     +hardened-sources-2.6.23-r2.ebuild:
488     Updated patchset, thanks to solar.
489 phreak 1.197
490     *hardened-sources-2.6.23-r1 (31 Oct 2007)
491    
492     31 Oct 2007; Christian Heim <phreak@gentoo.org>
493     +hardened-sources-2.6.23-r1.ebuild:
494     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
495 solar 1.196
496     29 Oct 2007; <solar@gentoo.org> metadata.xml:
497     - update metadata.xml
498 phreak 1.195
499     25 Oct 2007; Christian Heim <phreak@gentoo.org>
500     hardened-sources-2.6.22-r8.ebuild:
501     Marking 2.6.22-r8 stable on amd64 and x86.
502 phreak 1.194
503     21 Oct 2007; Christian Heim <phreak@gentoo.org>
504     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
505     -hardened-sources-2.6.21-r4.ebuild:
506     Removing old ebuilds.
507 phreak 1.193
508     *hardened-sources-2.4.35-r2 (21 Oct 2007)
509    
510     21 Oct 2007; Christian Heim <phreak@gentoo.org>
511     +hardened-sources-2.4.35-r2.ebuild:
512     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
513     patches.
514 phreak 1.192
515     *hardened-sources-2.6.22-r8 (21 Oct 2007)
516    
517     21 Oct 2007; Christian Heim <phreak@gentoo.org>
518     +hardened-sources-2.6.22-r8.ebuild:
519     Yet another new patch, hopefully fixing the remaining issues we had w/
520     2.6.22. Candidate for stabling.
521 phreak 1.191
522     *hardened-sources-2.6.23 (13 Oct 2007)
523    
524     13 Oct 2007; Christian Heim <phreak@gentoo.org>
525     +hardened-sources-2.6.23.ebuild:
526     Initial hardened-sources-2.6.23. If people still have problems w/ bug
527     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
528 phreak 1.190
529     11 Oct 2007; Christian Heim <phreak@gentoo.org>
530     hardened-sources-2.6.20-r10.ebuild:
531     Pulling in yet another new genpatches version, fixing the PWC bug for real.
532 phreak 1.189
533     04 Oct 2007; Christian Heim <phreak@gentoo.org>
534     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
535     Removing old versions.
536 phreak 1.188
537     *hardened-sources-2.6.22-r7 (01 Oct 2007)
538    
539     01 Oct 2007; Christian Heim <phreak@gentoo.org>
540     +hardened-sources-2.6.22-r7.ebuild:
541     Revision bump, pulling in a newer patch. Should fix #194276.
542 phreak 1.187
543     30 Sep 2007; Christian Heim <phreak@gentoo.org>
544     hardened-sources-2.6.20-r10.ebuild:
545     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
546     Mike Doty).
547 phreak 1.186
548     *hardened-sources-2.6.22-r6 (26 Sep 2007)
549    
550     26 Sep 2007; Christian Heim <phreak@gentoo.org>
551     +hardened-sources-2.6.22-r6.ebuild:
552     Revision bump, grabbing up till Linux 2.6.22.9.
553 phreak 1.185
554     24 Sep 2007; Christian Heim <phreak@gentoo.org>
555     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
556     Cleaning up further.
557 phreak 1.184
558     *hardened-sources-2.6.20-r10 (24 Sep 2007)
559    
560     24 Sep 2007; Christian Heim <phreak@gentoo.org>
561     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
562     +hardened-sources-2.6.20-r10.ebuild:
563     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
564     revisions.
565 phreak 1.183
566     *hardened-sources-2.6.22-r5 (22 Sep 2007)
567    
568     22 Sep 2007; Christian Heim <phreak@gentoo.org>
569     +hardened-sources-2.6.22-r5.ebuild:
570     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
571 phreak 1.182
572     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
573     Removing johnm from metadata.xml (see #186467 for reference).
574 phreak 1.181
575     *hardened-sources-2.6.22-r4 (17 Sep 2007)
576    
577     17 Sep 2007; Christian Heim <phreak@gentoo.org>
578     +hardened-sources-2.6.22-r4.ebuild:
579     Revision bump, hopefully fixing all those weird PAX failures.
580 phreak 1.180
581     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
582     Updating the metadata.xml.
583 phreak 1.179
584     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
585     Removing tocharian from metadata due to his retirement (see #71718 for
586     reference).
587 phreak 1.178
588     *hardened-sources-2.6.20-r9 (30 Aug 2007)
589    
590     30 Aug 2007; Christian Heim <phreak@gentoo.org>
591     +hardened-sources-2.6.20-r9.ebuild:
592     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
593 phreak 1.177
594     29 Aug 2007; Christian Heim <phreak@gentoo.org>
595     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
596     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
597     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
598     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
599     -hardened-sources-2.6.22-r2.ebuild:
600     Removing some redundant versions.
601 phreak 1.176
602     *hardened-sources-2.4.35-r1 (29 Aug 2007)
603    
604     29 Aug 2007; Christian Heim <phreak@gentoo.org>
605     +hardened-sources-2.4.35-r1.ebuild:
606     Revision bump, new grsecurity patch.
607 phreak 1.175
608     *hardened-sources-2.6.20-r8 (26 Aug 2007)
609    
610     26 Aug 2007; Christian Heim <phreak@gentoo.org>
611     +hardened-sources-2.6.20-r8.ebuild:
612     Revision bump for Linux 2.6.20.17.
613 phreak 1.174
614     *hardened-sources-2.6.22-r3 (22 Aug 2007)
615    
616     22 Aug 2007; Christian Heim <phreak@gentoo.org>
617     +hardened-sources-2.6.22-r3.ebuild:
618     Revision bump for Linux 2.6.22.4.
619 phreak 1.173
620     16 Aug 2007; Christian Heim <phreak@gentoo.org>
621     hardened-sources-2.6.22-r2.ebuild:
622     Updated patchset, to fix the alignment against 2.6.22.3.
623 phreak 1.172
624     *hardened-sources-2.6.22-r2 (16 Aug 2007)
625    
626     16 Aug 2007; Christian Heim <phreak@gentoo.org>
627     +hardened-sources-2.6.22-r2.ebuild:
628     Revision bump for Linux 2.6.22.3.
629 phreak 1.171
630     *hardened-sources-2.4.35 (16 Aug 2007)
631    
632     16 Aug 2007; Christian Heim <phreak@gentoo.org>
633     +hardened-sources-2.4.35.ebuild:
634     Version bump, initial version for Linux 2.4.35.
635 phreak 1.170
636     *hardened-sources-2.6.21-r4 (16 Aug 2007)
637    
638     16 Aug 2007; Christian Heim <phreak@gentoo.org>
639     +hardened-sources-2.6.21-r4.ebuild:
640     Revision bump for Linux 2.6.21.6.
641 phreak 1.169
642     *hardened-sources-2.6.20-r7 (16 Aug 2007)
643    
644     16 Aug 2007; Christian Heim <phreak@gentoo.org>
645     +hardened-sources-2.6.20-r7.ebuild:
646     Revision bump for Linux 2.6.20.16.
647 phreak 1.168
648     *hardened-sources-2.6.22-r1 (13 Aug 2007)
649    
650     13 Aug 2007; Christian Heim <phreak@gentoo.org>
651     +hardened-sources-2.6.22-r1.ebuild:
652     Yet another revision bump.
653 phreak 1.167
654     *hardened-sources-2.6.22 (10 Aug 2007)
655    
656     10 Aug 2007; Christian Heim <phreak@gentoo.org>
657     +hardened-sources-2.6.22.ebuild:
658     Initial release for 2.6.22. If you are using hardened-sources on a desktop
659     machine (P4 or newer), be aware you might need to disable
660     CONFIG_PAX_PAGEEXEC.
661 phreak 1.166
662     04 Aug 2007; Christian Heim <phreak@gentoo.org>
663     hardened-sources-2.6.20-r6.ebuild:
664     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
665     2.6.20.15.
666 phreak 1.165
667     10 Jul 2007; Christian Heim <phreak@gentoo.org>
668     hardened-sources-2.6.20-r5.ebuild:
669     Marking hardened-sources-2.6.20-r5 stable on ppc.
670 phreak 1.164
671     10 Jul 2007; Christian Heim <phreak@gentoo.org>
672     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
673     Cleanup.
674 phreak 1.163
675     *hardened-sources-2.6.20-r6 (08 Jul 2007)
676    
677     08 Jul 2007; Christian Heim <phreak@gentoo.org>
678     +hardened-sources-2.6.20-r6.ebuild:
679     Revision bump, grabbing yet another stable release.
680 phreak 1.162
681     17 Jun 2007; Christian Heim <phreak@gentoo.org>
682     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
683     -hardened-sources-2.6.21-r2.ebuild:
684     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
685     alpha stable KEYWORD by mistake.
686 phreak 1.161
687     17 Jun 2007; Christian Heim <phreak@gentoo.org>
688     hardened-sources-2.6.20-r5.ebuild:
689     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
690     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
691 phreak 1.160
692     *hardened-sources-2.6.21-r3 (12 Jun 2007)
693    
694     12 Jun 2007; Christian Heim <phreak@gentoo.org>
695     +hardened-sources-2.6.21-r3.ebuild:
696     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
697     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
698     love.
699 phreak 1.159
700     *hardened-sources-2.6.20-r5 (11 Jun 2007)
701    
702     11 Jun 2007; Christian Heim <phreak@gentoo.org>
703     +hardened-sources-2.6.20-r5.ebuild:
704     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
705     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
706     love.
707 pappy 1.158
708     *hardened-sources-2.4.34.5 (11 Jun 2007)
709    
710     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
711     +hardened-sources-2.4.34.5.ebuild:
712     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
713 phreak 1.157
714     30 May 2007; Christian Heim <phreak@gentoo.org>
715     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
716     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
717     stale ebuild(s).
718 phreak 1.156
719     30 May 2007; Christian Heim <phreak@gentoo.org>
720     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
721     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
722     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
723     Doing some cleanups, remove stale ebuilds.
724 phreak 1.155
725     26 May 2007; Christian Heim <phreak@gentoo.org>
726     hardened-sources-2.6.21-r2.ebuild:
727     Fixing the grsecurity patch, had one '};' too much.
728 phreak 1.154
729     *hardened-sources-2.6.21-r2 (26 May 2007)
730    
731     26 May 2007; Christian Heim <phreak@gentoo.org>
732     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
733     +hardened-sources-2.6.21-r2.ebuild:
734     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
735     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
736 phreak 1.153
737     *hardened-sources-2.6.20-r4 (26 May 2007)
738    
739     26 May 2007; Christian Heim <phreak@gentoo.org>
740     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
741     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
742 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
743 phreak 1.152
744     15 May 2007; Christian Heim <phreak@gentoo.org>
745     hardened-sources-2.6.20-r3.ebuild:
746     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
747     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
748     grsecurity patch fail in that exact same hunk.
749 phreak 1.151
750     *hardened-sources-2.6.20-r3 (15 May 2007)
751    
752     15 May 2007; Christian Heim <phreak@gentoo.org>
753     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
754     Revision bump, incorporating Linux 2.6.20.11.
755    
756     *hardened-sources-2.6.21-r1 (11 May 2007)
757    
758     11 May 2007; Christian Heim <phreak@gentoo.org>
759     +hardened-sources-2.6.21-r1.ebuild:
760     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
761     mentioned in #177234.
762 kevquinn 1.150
763     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
764     files/digest-hardened-sources-2.6.21, Manifest:
765     Fix Manifest/digest for linux-2.6.21.tar.bz2
766 phreak 1.149
767     06 May 2007; Christian Heim <phreak@gentoo.org>
768     hardened-sources-2.6.21.ebuild:
769     Bumping the hardened-patches version, needed for the fix for #177234.
770 phreak 1.148
771     *hardened-sources-2.6.21 (02 May 2007)
772    
773     02 May 2007; Christian Heim <phreak@gentoo.org>
774     +hardened-sources-2.6.21.ebuild:
775     Version bump, Linux 2.6.21-hardened.
776 phreak 1.147
777     29 Apr 2007; Christian Heim <phreak@gentoo.org>
778     hardened-sources-2.6.20-r2.ebuild:
779     Adding ~ia64 on Ned's request.
780 phreak 1.146
781     29 Apr 2007; Christian Heim <phreak@gentoo.org>
782     hardened-sources-2.6.20-r2.ebuild:
783     Fixing the included grsecurity patch, wasn't alligning due to the Index:
784     header line(s).
785 phreak 1.145
786     29 Apr 2007; Christian Heim <phreak@gentoo.org>
787     hardened-sources-2.6.20-r2.ebuild:
788     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
789 armin76 1.144
790     *hardened-sources-2.6.20-r2 (10 Apr 2007)
791    
792     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
793     +hardened-sources-2.6.20-r2.ebuild:
794     Version bump, on behalf of phreak
795 phreak 1.143
796     *hardened-sources-2.6.20-r1 (04 Apr 2007)
797    
798     04 Apr 2007; Christian Heim <phreak@gentoo.org>
799     +hardened-sources-2.6.20-r1.ebuild:
800     Revision bump, grabbing a newer grsecurity snapshot.
801 phreak 1.142
802     *hardened-sources-2.6.20 (25 Mar 2007)
803    
804     25 Mar 2007; Christian Heim <phreak@gentoo.org>
805     +hardened-sources-2.6.20.ebuild:
806     Finally a hardened-sources version for 2.6.20; many people have been waiting
807     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
808     testbox.
809 chainsaw 1.141
810     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
811     hardened-sources-2.6.18-r6.ebuild:
812     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
813 phreak 1.140
814     *hardened-sources-2.6.18-r6 (16 Mar 2007)
815    
816     16 Mar 2007; Christian Heim <phreak@gentoo.org>
817     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
818     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
819     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
820     supposed to be.
821 phreak 1.139
822     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
823     Fixing the Manifest, the previous one was broken (as in still had the
824     deleted ebuild in it).
825 phreak 1.138
826     06 Mar 2007; Christian Heim <phreak@gentoo.org>
827     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
828     +hardened-sources-2.6.18-r5.ebuild:
829     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
830     Linux 2.6.18.8. Also cleaning up the older version.
831    
832     *hardened-sources-2.6.18-r5 (06 Mar 2007)
833    
834     06 Mar 2007; Christian Heim <phreak@gentoo.org>
835     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
836     +hardened-sources-2.6.18-r5.ebuild:
837     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
838     Linux 2.6.18.8. Also cleaning up the older version.
839 phreak 1.137
840     24 Feb 2007; Christian Heim <phreak@gentoo.org>
841     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
842     -hardened-sources-2.6.19-r5.ebuild:
843     Removing some of the old version, that didn't work.
844 phreak 1.136
845     *hardened-sources-2.6.19-r6 (12 Feb 2007)
846    
847     12 Feb 2007; Christian Heim <phreak@gentoo.org>
848     +hardened-sources-2.6.19-r6.ebuild:
849     Revision bump, including a new grsec version fixing #166235.
850 pappy 1.134
851     *hardened-sources-2.4.34 (24 Jan 2007)
852    
853     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
854 pappy 1.135 Manifest:
855     updating Manifest with checksums of new tarball and ebuild
856    
857     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
858 pappy 1.134 +hardened-sources-2.4.34.ebuild:
859     I added new hardened sources 2.4 update, this is a critical path
860     security bugfix - all users of h-s are strongly advised
861     to update their existing hardened sources to this version.
862     It contains a fix for a kernel vulnerability that is pertaining
863     to the PaX changes to virtual memory management, possibly leading
864     to a local kernel exploit ... see grsecurity.net forums and homepage
865 phreak 1.133
866     23 Jan 2007; Christian Heim <phreak@gentoo.org>
867     files/digest-hardened-sources-2.6.19-r5, Manifest:
868     Fixing the patch-tarball digest.
869 phreak 1.132
870     *hardened-sources-2.6.19-r5 (23 Jan 2007)
871    
872     23 Jan 2007; Christian Heim <phreak@gentoo.org>
873     +hardened-sources-2.6.19-r5.ebuild:
874     Revision bump, closing the recently discovered PaX expand_stack()
875     vulnerability.
876 phreak 1.131
877     *hardened-sources-2.6.19-r4 (14 Jan 2007)
878    
879     14 Jan 2007; Christian Heim <phreak@gentoo.org>
880     +hardened-sources-2.6.19-r4.ebuild:
881     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
882     dropping the randomized PID feature.
883 opfer 1.130
884     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
885     hardened-sources-2.4.33.4.ebuild:
886     stable x86, bug #161171
887 phreak 1.129
888     *hardened-sources-2.6.19-r3 (27 Dec 2006)
889    
890     27 Dec 2006; Christian Heim <phreak@gentoo.org>
891     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
892     Revision bump for bug #157186 and #158786.
893 phreak 1.128
894     *hardened-sources-2.6.18-r4 (27 Dec 2006)
895    
896     27 Dec 2006; Christian Heim <phreak@gentoo.org>
897     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
898     Revision bump for bug #157186.
899 phreak 1.127
900     *hardened-sources-2.6.19-r2 (23 Dec 2006)
901    
902     23 Dec 2006; Christian Heim <phreak@gentoo.org>
903     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
904     Revision bump to pull in genpatches-2.6.19-3 for #157186.
905 phreak 1.126
906     17 Dec 2006; Christian Heim <phreak@gentoo.org>
907     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
908     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
909     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
910     hardened-sources-2.6.19-r1.ebuild:
911     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
912     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
913 pappy 1.125
914     *hardened-sources-2.4.33.4 (17 Dec 2006)
915    
916     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
917     +hardened-sources-2.4.33.4.ebuild:
918     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
919     and quilting
920 phreak 1.124
921     *hardened-sources-2.6.19-r1 (14 Dec 2006)
922    
923     14 Dec 2006; Christian Heim <phreak@gentoo.org>
924     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
925     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
926     for reporting).
927 phreak 1.123
928     *hardened-sources-2.6.19 (13 Dec 2006)
929    
930     13 Dec 2006; Christian Heim <phreak@gentoo.org>
931     +hardened-sources-2.6.19.ebuild:
932     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
933     Brad for providing that prompt update.
934 phreak 1.122
935     *hardened-sources-2.6.18-r3 (13 Dec 2006)
936    
937     13 Dec 2006; Christian Heim <phreak@gentoo.org>
938     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
939     +hardened-sources-2.6.18-r3.ebuild:
940     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
941     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
942 phreak 1.121
943     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
944     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
945 nixnut 1.120
946     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
947     Stable on ppc wrt bug 157356
948 opfer 1.119
949     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
950     hardened-sources-2.6.18.ebuild:
951     stable x86, bug #157356
952 phreak 1.118
953     *hardened-sources-2.6.18-r2 (06 Dec 2006)
954    
955     06 Dec 2006; Christian Heim <phreak@gentoo.org>
956     +hardened-sources-2.6.18-r2.ebuild:
957     Revision bump, including 2.6.18.5 (via genpatches) and
958     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
959     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
960     redesign.
961 phreak 1.117
962     06 Dec 2006; Christian Heim <phreak@gentoo.org>
963     hardened-sources-2.6.18.ebuild:
964     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
965     of Mike Doty).
966 phreak 1.116
967     *hardened-sources-2.6.18-r1 (23 Nov 2006)
968    
969     23 Nov 2006; Christian Heim <phreak@gentoo.org>
970     +hardened-sources-2.6.18-r1.ebuild:
971     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
972 phreak 1.115
973     *hardened-sources-2.6.18 (11 Nov 2006)
974    
975     11 Nov 2006; Christian Heim <phreak@gentoo.org>
976     +hardened-sources-2.6.18.ebuild:
977     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
978 solar 1.114
979     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
980     - mark amd64 stable also. bug #151877
981 solar 1.113
982     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
983     - mark 2.6.17-r1 stable
984 phreak 1.112
985     27 Aug 2006; Christian Heim <phreak@gentoo.org>
986     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
987     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
988 phreak 1.111
989     *hardened-sources-2.6.17-r1 (26 Aug 2006)
990    
991     26 Aug 2006; Christian Heim <phreak@gentoo.org>
992     +hardened-sources-2.6.17-r1.ebuild:
993     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
994     grsecurity patch.
995 phreak 1.110
996     *hardened-sources-2.6.17 (17 Aug 2006)
997    
998     17 Aug 2006; Christian Heim <phreak@gentoo.org>
999     +hardened-sources-2.6.17.ebuild:
1000     Bumping the hardened-sources-2.6 series to 2.6.17, using
1001     genpatches-2.6.17-6.base.
1002 solar 1.109
1003     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1004     - stable on x86 and amd64
1005 solar 1.108
1006     *hardened-sources-2.6.16-r11 (15 Jul 2006)
1007    
1008     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1009     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1010     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1011     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1012     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1013     crusty ebuilds
1014 johnm 1.107
1015     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1016     hardened-sources-2.6.16-r10.ebuild:
1017     marking stable on x86 and amd64
1018 solar 1.106
1019     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1020     - 2.4.32-r6 stable on x86. RSBAC state unknown
1021 kang 1.105
1022     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1023    
1024     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1025     +hardened-sources-2.4.32-r7.ebuild:
1026     Bump PaX for RSBAC to test-17
1027 johnm 1.104
1028     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1029    
1030     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1031     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1032     hardened-sources-2.6.16 bump to latest -base.
1033 solar 1.103
1034     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1035    
1036     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1037     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1038     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1039     sysctl controlable resource logging
1040 johnm 1.102
1041     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1042    
1043     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1044     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1045     push new 2.6.16 release in preparation for stable
1046 solar 1.101
1047     22 May 2006; <solar@gentoo.org> :
1048     - redigest bug 134002
1049 kang 1.100
1050     *hardened-sources-2.4.32-r5 (16 May 2006)
1051    
1052     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1053     +hardened-sources-2.4.32-r5.ebuild:
1054     Fixes rsbac common patching (new patch in new -r5 patchset)
1055 solar 1.99
1056     *hardened-sources-2.4.32-r4 (13 May 2006)
1057    
1058     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1059     +hardened-sources-2.4.32-r4.ebuild:
1060     - security bumps
1061 johnm 1.98
1062     *hardened-sources-2.6.16-r6 (03 May 2006)
1063    
1064     03 May 2006; John Mylchreest <johnm@gentoo.org>
1065     +hardened-sources-2.6.16-r6.ebuild:
1066     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1067 johnm 1.97
1068     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1069     hardened-sources-2.6.14-r8.ebuild:
1070     fix x86_64 build problem, this will delay the digest issue again for a short
1071     while but it will sort itself out
1072 johnm 1.96
1073     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1074     hardened-sources-2.6.14-r8.ebuild:
1075     bump hardened patchset
1076 antarus 1.94
1077     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1078     files/digest-hardened-sources-2.4.32-r2,
1079     files/digest-hardened-sources-2.4.32-r3,
1080     files/digest-hardened-sources-2.6.14-r8, Manifest:
1081     Fixing duff SHA256 digests: Bug # 131293
1082 johnm 1.93
1083 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1084    
1085     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1086     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1087     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1088     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1089     cleanup of old uneccessary sources
1090    
1091 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1092     fix digest
1093 johnm 1.92
1094     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1095    
1096     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1097     +hardened-sources-2.6.14-r8.ebuild:
1098     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1099 johnm 1.91
1100     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1101     Turning on gpg-signing again, and recomitting
1102 johnm 1.90
1103     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1104    
1105     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1106     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1107     +hardened-sources-2.6.16-r4.ebuild:
1108     Fix numerous security vulns
1109 solar 1.89
1110     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1111    
1112     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1113     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1114     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1115     - security bump for bug #112791. Removed old ebuilds
1116 johnm 1.88
1117     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1118    
1119     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1120     +hardened-sources-2.6.16-r3.ebuild:
1121     Removing silly localversion which I missed
1122 johnm 1.87
1123     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1124    
1125     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1126     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1127     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1128 johnm 1.86
1129     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1130    
1131     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1132     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1133     +hardened-sources-2.6.16-r2.ebuild:
1134     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1135     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1136 johnm 1.85
1137     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1138    
1139     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1140     +hardened-sources-2.6.16-r1.ebuild:
1141     Bumping to include ppc build fix and 2.6.16.3
1142 tsunam 1.84
1143     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1144     hardened-sources-2.6.14-r6.ebuild:
1145     Stable on x86; bug #127718
1146 johnm 1.83
1147     *hardened-sources-2.6.16 (31 Mar 2006)
1148    
1149     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1150     +hardened-sources-2.6.16.ebuild:
1151     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1152     2.6.16.1
1153 cryos 1.82
1154     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1155     hardened-sources-2.6.14-r6.ebuild:
1156     Stable on amd64, bug 127718.
1157 nixnut 1.81
1158     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1159     Stable on ppc. Bug #127718
1160 johnm 1.80
1161     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1162     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1163     -hardened-sources-2.6.14-r4.ebuild:
1164     Cleanup.
1165 johnm 1.79
1166     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1167    
1168     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1169     +hardened-sources-2.6.14-r6.ebuild:
1170     Fixes grsec policy recreation bug and adds a
1171     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1172 solar 1.78
1173     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1174     - stable on x86
1175 hansmi 1.77
1176     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1177     hardened-sources-2.6.14-r5.ebuild:
1178     Stable on ppc.
1179 johnm 1.76
1180     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1181    
1182     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1183     +hardened-sources-2.6.14-r5.ebuild:
1184     fixing every known exploit
1185 solar 1.75
1186     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1187    
1188     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1189     +hardened-sources-2.4.32-r2.ebuild:
1190     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1191 solar 1.74
1192     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1193    
1194     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1195     - version bump for new genpatches which fix up a few sec holes
1196 solar 1.73
1197     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1198    
1199     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1200     - revision bump to add misc vital linux kernel security patches.
1201 johnm 1.72
1202     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1203    
1204     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1205     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1206     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1207 johnm 1.71
1208     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1209     hardened-sources-2.6.14-r2.ebuild:
1210     making x86 & amd64 stable following testing.
1211 johnm 1.70
1212     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1213    
1214     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1215     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1216     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1217     network hooks.
1218 johnm 1.69
1219     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1220     hardened-sources-2.6.14-r1.ebuild:
1221     bumping to stable early for sec fix on x86 & amd64
1222 johnm 1.68
1223     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1224    
1225     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1226     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1227     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1228 solar 1.67
1229     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1230     - stable on x86 security bug #114227 CAN-2005-3257
1231 kang 1.66
1232     *hardened-sources-2.4.32 (19 Nov 2005)
1233    
1234     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1235     +hardened-sources-2.4.32.ebuild:
1236     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1237     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1238     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1239     rsbac >> /etc/portage/package.use)
1240 johnm 1.65
1241     *hardened-sources-2.6.14 (14 Nov 2005)
1242    
1243     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1244     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1245     Bumping 2.6 series to 2.6.14.2
1246 johnm 1.64
1247     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1248    
1249     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1250     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1251     +hardened-sources-2.6.13-r2.ebuild:
1252     Fixes minor build error in ppc.
1253 johnm 1.63
1254     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1255    
1256     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1257     +hardened-sources-2.6.13-r1.ebuild:
1258     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1259     2.6.13.4, fixes some major amd64 stability problems.
1260 johnm 1.62
1261     *hardened-sources-2.6.13 (16 Sep 2005)
1262    
1263     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1264     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1265     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1266     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1267     users should test this thoroughly.
1268 solar 1.61
1269     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1270     - stable on x86
1271 johnm 1.60
1272     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1273    
1274     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1275     +hardened-sources-2.6.11-r15.ebuild:
1276     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1277     grsec redefining curr_ip struct.
1278 solar 1.59
1279     *hardened-sources-2.4.31 (20 Jun 2005)
1280    
1281     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1282     initial import of 2.4.31 tree
1283 johnm 1.58
1284     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1285    
1286     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1287     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1288     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1289     naming scheme to abide by genpatches
1290 johnm 1.57
1291     *hardened-sources-2.6.11-r13 (18 May 2005)
1292    
1293     18 May 2005; John Mylchreest <johnm@gentoo.org>
1294     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1295     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1296     target. sorry about that. Fixes bug #93022
1297 johnm 1.56
1298     *hardened-sources-2.6.11-r12 (17 May 2005)
1299    
1300     17 May 2005; John Mylchreest <johnm@gentoo.org>
1301     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1302     +hardened-sources-2.6.11-r12.ebuild:
1303     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1304     merges in genpatches-base
1305 johnm 1.55
1306     *hardened-sources-2.6.11-r12 (17 May 2005)
1307    
1308     17 May 2005; John Mylchreest <johnm@gentoo.org>
1309     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1310     +hardened-sources-2.6.11-r12.ebuild:
1311     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1312     merges in genpatches-base
1313 solar 1.54
1314     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1315     -files/2.4.27-cmdline-race.patch,
1316     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1317     -files/2.4.28-grsec-binfmt_a.out.patch,
1318     -files/2.4.28-grsec-cmdline-race.patch,
1319     -files/2.4.28-selinux-binfmt_a.out.patch,
1320     -files/2.4.28-selinux-cmdline-race.patch,
1321     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1322     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1323     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1324     cleanup..
1325 solar 1.53
1326     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1327    
1328     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1329     - disable aout by default
1330 solar 1.52
1331     *hardened-sources-2.4.30 (18 Apr 2005)
1332    
1333     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1334     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1335     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1336     use
1337 tocharian 1.50
1338 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1339    
1340     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1341     +hardened-sources-2.4.29.ebuild:
1342     New hardened-patches-2.4-29.0 patchball.
1343     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1344    
1345     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1346    
1347     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1348     +hardened-sources-2.4.28-r5.ebuild:
1349     Added a fix for a PaX vulnerability.
1350    
1351     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1352 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1353     Stable on x86
1354 solar 1.49
1355     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1356     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1357     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1358     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1359     - fixed/added RDEPEND= in all kernel-2 ebuilds
1360 tocharian 1.48
1361     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1362    
1363     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1364     +hardened-sources-2.4.28-r4.ebuild:
1365     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1366     backport of neighbour hash updates.
1367 tocharian 1.47
1368     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1369     hardened-sources-2.4.28-r3.ebuild:
1370     Stable on x86
1371 tseng 1.46
1372     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1373    
1374     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1375     +hardened-sources-2.6.10-r3.ebuild:
1376     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1377     in 2005.0
1378 tocharian 1.45
1379     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1380     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1381     hardened-sources-2.4.28-r2.ebuild:
1382     Mark stable on x86
1383 tocharian 1.44
1384     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1385    
1386     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1387     +hardened-sources-2.4.28-r3.ebuild:
1388     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1389 tocharian 1.43
1390     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1391     hardened-sources-2.4.28.ebuild:
1392     Mark stable on x86.
1393 tocharian 1.42
1394     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1395    
1396     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1397     +hardened-sources-2.4.28-r2.ebuild:
1398     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1399     Mazinger for grsecurity patches as well.
1400 plasmaroo 1.41
1401     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1402    
1403     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1404     Security bump. Thank tocharian for rolling a new patchset...
1405 solar 1.40
1406     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1407     +files/2.4.28-grsec-cmdline-race.patch,
1408     +files/2.4.28-selinux-binfmt_a.out.patch,
1409     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1410     - Round up remaining security patches that appear to be missing in 2.4.28. -
1411     PaX standalone updated to current. hgpv=28.1
1412 solar 1.39
1413     *hardened-sources-2.4.28 (28 Nov 2004)
1414    
1415     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1416     security bump. Thank tocharian for rolling a new patchset
1417 scox 1.31
1418 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1419    
1420     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1421     +hardened-sources-2.4.27-r3.ebuild:
1422     Applies the new 2.4-27.2 patchball which updates
1423     GRSecurity to the 2.0.1 version.
1424    
1425 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1426    
1427     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1428     +hardened-sources-2.4.27-r2.ebuild:
1429     Version bump.
1430     This version uses the new 2.4-27.1 patchball which updates
1431     both the SELinux PaX hooks patch and the SELinux headers.
1432    
1433 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1434    
1435     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1436     +hardened-sources-2.4.27-r1.ebuild,
1437     -hardened-sources-2.4.27.ebuild,
1438     +files/2.4.27-cmdline-race.patch:
1439     Version bump, fix for cmdline race. See bug #59905.
1440    
1441     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1442    
1443     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1444     +hardened-sources-2.4.26-r6.ebuild,
1445     -hardened-sources-2.4.26-r5.ebuild,
1446     -hardened-sources-2.4.26-r4.ebuild,
1447     +files/2.4.26-cmdline-race.patch:
1448     Version bump, fix for cmdline race. See bug #59905.
1449    
1450 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1451    
1452     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1453     +hardened-sources-2.4.27.ebuild,
1454     +files/2.4.27-CAN-2004-0394.patch:
1455     Ported the patchball to the 2.4.27 kernel version.
1456    
1457 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1458    
1459     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1460     +hardened-sources-2.4.26-r5.ebuild:
1461 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1462 scox 1.34 It adds the following features:
1463     - Squashfs
1464     - Ebtables
1465     - Netdev random (core+drivers)
1466     - Watchdog Timer (WDT) fix.
1467    
1468 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1469    
1470     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1471     +hardened-sources-2.4.26-r4.ebuild,
1472     +files/2.4.26-CAN-2004-0415.patch,
1473     -hardened-sources-2.4.26-3:
1474     Version bump, fix for CAN 0415, see bug #59378.
1475    
1476 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1477    
1478     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1479     +hardened-sources-2.4.26-r3.ebuild,
1480     +files/2.4.26-CAN-2004-0497.patch,
1481     -hardened-sources-2.4.26-r2.ebuild:
1482     Version bump, fixed CAN 0497, see bug #56171.
1483    
1484 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1485    
1486     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1487 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1488 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1489     +files/2.4.26-CAN-2004-0535.patch,
1490     -hardened-sources-2.4.26-r1.ebuild:
1491     Fixes for both CAN 0495 and 0535, see bug #54976
1492 pvdabeel 1.27
1493 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1494     hardened-sources-2.4.26-r1.ebuild:
1495     QA - fix use invocation
1496 scox 1.28
1497     *hardened-sources-2.4.26-r1 (22 June 2004)
1498    
1499     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1500     +hardened-sources-2.4.26-r1.ebuild,
1501     +files/2.4.26-CAN-2004-0394.patch,
1502     +files/2.4.26-signal-race.patch,
1503     -hardened-sources-2.4.26.ebuild,
1504     -hardened-sources-2.4.24-r3.ebuild:
1505     Version bump for the CAN-2004-0394 issue and bug #53804
1506     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1507    
1508    
1509 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1510     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1511     Masked hardened-sources-2.4.26.ebuild broken for ppc
1512    
1513     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1514     hardened-sources-2.4.24-r3.ebuild:
1515     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1516 plasmaroo 1.25
1517 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1518    
1519     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1520     +hardened-sources-2.4.26.ebuild:
1521     Updated hardened-sources for the 2.4.26 kernel
1522     Removed broken components, updated almost everything.
1523    
1524 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1525    
1526     17 Apr 2004; <plasmaroo@gentoo.org>
1527     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1528     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1529     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1530     +hardened-sources-2.4.24-r3.ebuild:
1531     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1532     vulnerabilities. Old revisions removed.
1533 plasmaroo 1.24
1534     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1535    
1536     15 Apr 2004; <plasmaroo@gentoo.org>
1537     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1538     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1539     Version bump for the CAN-2004-0109 issue; bug #47881.
1540 aliz 1.23
1541     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1542     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1543     Add eutils to inherit.
1544 plasmaroo 1.22
1545     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1546    
1547     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1548     files/hardened-sources-2.4.24.munmap.patch:
1549     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1550 scox 1.19
1551 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1552 scox 1.26
1553 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1554     hardened-sources-2.4.24.ebuild:
1555     Version bump, updated most of the components.
1556     This release includes the following:
1557    
1558     - Hardened security
1559     - Netfilter patch-o-matic 20031219
1560     - FreeSWAN 2.04 & x509 1.4.8
1561     - EVMS 2.2.2
1562     - XFS 1.3.1
1563     - cryptoloop jari
1564     - grsecurity 2.0-rc4
1565     - SELinux
1566     - PaX 200402060000
1567     - PaX Obscurity 200308302223
1568     - Others...
1569    
1570     Neither -ck nor systrace are included anymore.
1571    
1572 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1573    
1574     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1575     hardened-sources-2.4.22-r2.ebuild:
1576 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1577 scox 1.19
1578     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1579 iggy 1.17
1580     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1581 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1582 iggy 1.16
1583     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1584 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1585     Version bump for the 'do_brk' vulnerability.
1586 iggy 1.15
1587     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1588     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1589     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1590     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1591 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1592 frogger 1.14
1593     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1594     hardened-sources-2.4.22.ebuild:
1595 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1596     components. These are no longer handled in the kernel
1597     so this code was not necessary.
1598 frogger 1.13
1599     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1600     New 2.4.22 based hardened-sources thanks to
1601     Phil West <p.west@computer.org>.
1602    
1603     These sources include:
1604 plasmaroo 1.18 - New SELinux API
1605     - Updated CK-base
1606     - Updated GRSec
1607     - Systrace
1608     - SuperFreeS/WAN 1.99.8
1609     - Propolice kernel build support
1610     - EVMS
1611     - Other various security related patches
1612 frogger 1.11
1613 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1614    
1615     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1616     Updated hardened-sources based on the 2.4.21 Linux kernel.
1617     This includes updates to most major components such as:
1618 plasmaroo 1.18 - ck-base-0306300059
1619     - selinux-2.4-2003071106
1620     - grsecurity-2.0-rc1
1621     - Updated IPTables patch-o-matic
1622     - Updated SuperFreeS/WAN
1623    
1624 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1625     updated patch set ready for the 2.4.21 based kernel.
1626    
1627 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1628     Initial import of hardened-sources-2.4.20-r4. This revision
1629     includes only a few changes, but one of these is an important
1630     security fix. It is recommended all users of hardened-sources
1631     upgrade to this release.
1632 plasmaroo 1.18
1633 frogger 1.11 - ioperm bug fix
1634     - fixed compilation failure when building without GRSec
1635 plasmaroo 1.18
1636 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1637     due to time constraints, but is planned for inclusion in the near
1638     future.
1639 msterret 1.10
1640     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1641    
1642     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1643     hardened-sources-2.4.20-r3.ebuild:
1644 plasmaroo 1.18 Add Header...
1645 frogger 1.9
1646     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1647     hardened-sources-2.4.20-r3.ebuild:
1648     Removed warnings from ebuild. This kernel should be safe to
1649     use at this point.
1650 frogger 1.8
1651     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1652    
1653     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1654     hardened-sources-2.4.20-r3.ebuild:
1655     New revision. Includes the following changes over -r2:
1656 plasmaroo 1.18
1657 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1658     - Super FreeS/WAN 1.99.7rc2
1659     - PaX for the LSM/SELinux branch
1660     - GRSecurity 2.0-pre4 (role based access control)
1661     - Systrace 1.3
1662     - EXT3 fixes
1663     - EVMS 2.0.1
1664     - GCC 3.1+ compile optimizations
1665     - ProPolice kernel build support
1666     - Hashing table security fixes
1667 frogger 1.3
1668     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1669 frogger 1.7
1670     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1671     Initial import of hardened-sources-r2. This new
1672     ebuild includes many new performance and security
1673     related patches. As in -r1, it will patch in
1674     LSM/SELinux if "selinux" is in USE, otherwise it
1675     will patch in GRSecurity. The following patches
1676     are included in this revision:
1677 plasmaroo 1.18
1678 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1679     (pulled from the base CK patch)
1680     - ptrace exploit patch for the LSM kernel
1681     (the GRSec patch already fixes this)
1682     - LSM 2.4-2003040709
1683     - SELinux 2.4-2003040709
1684     - Systrace v1.2
1685     - IPTables patch-o-matic base patches - 20030107
1686     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1687     - Super FreeS/WAN 1.99.6.1
1688     - GRSecurity 1.9.9g
1689     - MPPE
1690     - EXT3 data journal fix
1691     - CIPE 1.5.4
1692 frogger 1.6
1693     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1694     hardened-sources-2.4.20-r1.ebuild, manifest:
1695 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1696 frogger 1.5
1697     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1698     hardened-sources-2.4.20-r1.ebuild:
1699     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1700     is patched in instead. Ptrace patches for selinux have also been added. In
1701     either case, systrace support will be patched in as well.
1702 frogger 1.3
1703     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1704     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1705 plasmaroo 1.18 Revision bump for new sources.
1706 frogger 1.4
1707 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1708 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1709 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1710 method 1.1
1711 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1712    
1713 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1714     hardened-sources-2.4.20.ebuild:
1715 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20