/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.285 - (hide annotations) (download)
Tue Feb 24 05:32:01 2009 UTC (6 years ago) by gengor
Branch: MAIN
Changes since 1.284: +8 -1 lines
Add sys-kernel/hardened-sources-2.6.27-r8 release
(Portage version: 2.1.6.7/cvs/Linux i686)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 gengor 1.268 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.285 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.284 2009/02/04 17:22:30 nixnut Exp $
4    
5     *hardened-sources-2.6.27-r8 (24 Feb 2009)
6    
7     24 Feb 2009; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.27-r8.ebuild:
9     Bump to latest genpatches, Linux 2.6.27.19, PaX updates. Fixes bug #256067
10     and probably more.
11 nixnut 1.284
12     04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
13     ppc stable
14 gengor 1.283
15     *hardened-sources-2.6.28 (25 Jan 2009)
16    
17     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
18     +hardened-sources-2.6.28.ebuild:
19     Initial 2.6.28 release.
20 gengor 1.282
21     *hardened-sources-2.6.27-r7 (25 Jan 2009)
22    
23     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
24     +hardened-sources-2.6.27-r7.ebuild:
25     Bump to Linux 2.6.27.13.
26 gengor 1.281
27     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
28     hardened-sources-2.6.26-r9.ebuild:
29     Stable amd64/x86.
30 gengor 1.280
31     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
32     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
33     -hardened-sources-2.6.27-r5.ebuild:
34     Remove problem versions.
35 gengor 1.279
36     *hardened-sources-2.6.27-r6 (24 Jan 2009)
37    
38     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
39     +hardened-sources-2.6.27-r6.ebuild:
40     Revert PaX test29 to test30 changes. Fixes bug 256226.
41 gengor 1.277
42     *hardened-sources-2.6.27-r5 (24 Jan 2009)
43    
44     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
45     +hardened-sources-2.6.27-r5.ebuild:
46 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
47 gengor 1.277 254843.
48 gengor 1.276
49     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
50     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
51     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
52     Remove problem versions.
53 nixnut 1.275
54     23 Jan 2009; nixnut <nixnut@gentoo.org>
55     hardened-sources-2.6.25-r13.ebuild:
56     ppc stable
57 gengor 1.274
58     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
59     hardened-sources-2.6.25-r13.ebuild:
60     Fasttrack stable amd64/x86.
61 gengor 1.273
62     *hardened-sources-2.6.26-r9 (21 Jan 2009)
63    
64     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
65     +hardened-sources-2.6.26-r9.ebuild:
66 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
67 gengor 1.272
68     *hardened-sources-2.6.25-r13 (20 Jan 2009)
69    
70     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
71     +hardened-sources-2.6.25-r13.ebuild:
72 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
73 nixnut 1.271
74     20 Jan 2009; nixnut <nixnut@gentoo.org>
75     hardened-sources-2.6.25-r12.ebuild:
76     ppc stable
77 gengor 1.270
78     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
79     hardened-sources-2.6.25-r12.ebuild:
80     Stable amd64/x86.
81 gengor 1.269
82     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
83     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
84     -hardened-sources-2.6.27-r2.ebuild:
85     Clean out old versions.
86 gengor 1.268
87     *hardened-sources-2.6.27-r4 (14 Jan 2009)
88     *hardened-sources-2.6.26-r8 (14 Jan 2009)
89     *hardened-sources-2.6.25-r12 (14 Jan 2009)
90    
91     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
92     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
93     +hardened-sources-2.6.27-r4.ebuild:
94     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
95     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
96     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
97     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
98 nixnut 1.267
99     15 Dec 2008; nixnut <nixnut@gentoo.org>
100     hardened-sources-2.6.25-r11.ebuild:
101     Stable on ppc
102 gengor 1.266
103     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
104     hardened-sources-2.6.25-r11.ebuild:
105     Stable amd64/x86.
106 gengor 1.265
107     *hardened-sources-2.6.27-r3 (07 Dec 2008)
108    
109     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
110     +hardened-sources-2.6.27-r3.ebuild:
111     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
112     Fixes bug #248754, #249729 and #246607.
113 gengor 1.264
114     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
115     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
116     Remove old versions.
117 gengor 1.262
118     *hardened-sources-2.6.26-r7 (03 Dec 2008)
119     *hardened-sources-2.6.25-r11 (03 Dec 2008)
120    
121 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
122     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
123 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
124     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
125     Both include many backports from 2.6.27.{6,7} -stable releases.
126 gengor 1.261
127     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
128     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
129     Remove versions broken on ARCHes != x86/amd64.
130 gengor 1.260
131     *hardened-sources-2.6.27-r2 (24 Nov 2008)
132    
133     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
134     +hardened-sources-2.6.27-r2.ebuild:
135     Bump to Linux 2.6.27.7 and latest grsecurity patch.
136 gengor 1.259
137     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
138     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
139     Remove old versions.
140 gengor 1.258
141     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
142     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
143     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
144 nixnut 1.257
145     16 Nov 2008; nixnut <nixnut@gentoo.org>
146     hardened-sources-2.6.25-r10.ebuild:
147     Stable on ppc
148 gengor 1.256
149     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
150     hardened-sources-2.6.25-r10.ebuild:
151     Stable amd64/x86.
152 gengor 1.255
153     *hardened-sources-2.6.26-r6 (12 Nov 2008)
154    
155     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
156     +hardened-sources-2.6.26-r6.ebuild:
157     Bump to Linux 2.6.26.8 and fix security bug #245650.
158 gengor 1.254
159     *hardened-sources-2.6.25-r10 (12 Nov 2008)
160    
161     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
162     +hardened-sources-2.6.25-r10.ebuild:
163     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
164 gengor 1.253
165     *hardened-sources-2.6.27-r1 (09 Nov 2008)
166    
167     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
168     +hardened-sources-2.6.27-r1.ebuild:
169     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
170 gengor 1.252
171     *hardened-sources-2.6.27 (04 Nov 2008)
172    
173     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
174     +hardened-sources-2.6.27.ebuild:
175     Initial 2.6.27 release.
176 gengor 1.251
177     *hardened-sources-2.6.26-r5 (03 Nov 2008)
178    
179     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
180     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
181     +hardened-sources-2.6.26-r5.ebuild:
182     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
183     Clean out some old versions.
184 nixnut 1.250
185     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
186     Stable on ppc
187 gengor 1.249
188     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
189     hardened-sources-2.6.25-r9.ebuild:
190     Stable on amd64/x86.
191 gengor 1.248
192     *hardened-sources-2.6.25-r9 (26 Oct 2008)
193    
194     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
195     +hardened-sources-2.6.25-r9.ebuild:
196     Update to Linux 2.6.25.19
197 nixnut 1.247
198     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
199     Stable on ppc
200 gengor 1.246
201     *hardened-sources-2.6.26-r4 (14 Oct 2008)
202    
203     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
204     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
205     Update to latest grsecurity patch, fixing building of non-modular kernels.
206 gengor 1.245
207     *hardened-sources-2.6.26-r3 (12 Oct 2008)
208    
209     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
210     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
211     +hardened-sources-2.6.26-r3.ebuild:
212     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
213     2.6.26-r1: Removed.
214     2.6.25-r8: Stable amd64/x86.
215 gengor 1.244
216     *hardened-sources-2.6.25-r8 (09 Oct 2008)
217    
218     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
219     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
220     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
221     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
222 nixnut 1.243
223     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
224     Stable on ppc
225 gengor 1.242
226     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
227     hardened-sources-2.6.25-r7.ebuild:
228     Stable amd64/x86.
229 gengor 1.241
230     *hardened-sources-2.6.26-r2 (13 Sep 2008)
231    
232     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
233     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
234     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
235     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
236 gengor 1.240
237     *hardened-sources-2.6.25-r7 (13 Sep 2008)
238    
239     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
240     +hardened-sources-2.6.25-r7.ebuild:
241     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
242 gengor 1.239
243     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
244     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
245     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
246     hardened-sources-2.6.26-r1.ebuild:
247     Update DESCRIPTION and HGPV_URI.
248 gengor 1.238
249     *hardened-sources-2.6.25-r6 (09 Sep 2008)
250    
251     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
252     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
253     2.6.25-r6: Update to Linux 2.6.25.17.
254     2.6.24-r3: Removed.
255 gengor 1.237
256     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
257     hardened-sources-2.6.25-r5.ebuild:
258     Stable on amd64/x86
259 gengor 1.236
260     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
261     Update my email address.
262 nixnut 1.235
263     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
264     stable on ppc
265 battousai 1.234
266     *hardened-sources-2.6.26-r1 (23 Aug 2008)
267     *hardened-sources-2.6.25-r5 (23 Aug 2008)
268    
269     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
270     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
271     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
272     +hardened-sources-2.6.26-r1.ebuild:
273     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
274     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
275     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
276     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
277     (gengor).
278 solar 1.233
279     *hardened-sources-2.6.26 (18 Aug 2008)
280     *hardened-sources-2.6.25-r4 (18 Aug 2008)
281    
282     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
283     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
284     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
285     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
286     2.6.25-r2: Removed.
287 tove 1.232
288     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
289     Remove phreak from metadata.xml (#96398)
290 solar 1.231
291     *hardened-sources-2.6.25-r3 (31 Jul 2008)
292    
293     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
294     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
295     +hardened-sources-2.6.25-r3.ebuild:
296     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
297     fixes, including security bug #231750.
298 nixnut 1.230
299     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
300     Stable on ppc
301 solar 1.229
302     *hardened-sources-2.6.25-r2 (05 Jul 2008)
303    
304     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
305     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
306     +hardened-sources-2.6.25-r2.ebuild:
307     2.6.23-r4: Stable x86/amd64
308     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
309     2.6.23-r{11,12}: Removed due to multiple vulns.
310     (gengor & kerframil)
311 nixnut 1.228
312     04 Jul 2008; nixnut <nixnut@gentoo.org>
313     hardened-sources-2.6.23-r13.ebuild:
314     Stable on ppc
315 solar 1.227
316     *hardened-sources-2.6.25-r1 (30 Jun 2008)
317    
318     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
319     +hardened-sources-2.6.25-r1.ebuild:
320     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
321     grsecurity release. 2.6.23-r13: x86/amd64 stable
322 solar 1.226
323     *hardened-sources-2.6.25 (17 Jun 2008)
324     *hardened-sources-2.6.24-r3 (17 Jun 2008)
325     *hardened-sources-2.6.23-r13 (17 Jun 2008)
326    
327     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
328     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
329     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
330     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
331     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
332     2.6.25: Initial 2.6.25 release.
333 solar 1.225
334     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
335     - fasttrack to stable x86/amd64
336 swegener 1.224
337     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
338     Fix broken digest for linux-2.6.24.tar.bz2.
339 solar 1.223
340     *hardened-sources-2.6.24-r2 (11 May 2008)
341     *hardened-sources-2.6.23-r12 (11 May 2008)
342    
343     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
344     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
345     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
346     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
347     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
348     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
349     security bugs 219901, 220691, 220975, 220979, 221123. New
350     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
351     should be removed as far as I'm concerned, everything else remove due to
352     vulnerable to numerous security bugs or brokeness.
353 nixnut 1.222
354     10 May 2008; nixnut <nixnut@gentoo.org>
355     hardened-sources-2.6.23-r11.ebuild:
356     Stable on ppc
357 solar 1.221
358     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
359     - -r11 stable on x86/amd64
360 solar 1.220
361     *hardened-sources-2.6.23-r11 (01 May 2008)
362    
363     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
364     - version bump to fix ulgy linux bugs
365 phreak 1.219
366     *hardened-sources-2.6.24-r1 (30 Apr 2008)
367    
368     30 Apr 2008; Christian Heim <phreak@gentoo.org>
369     +hardened-sources-2.6.24-r1.ebuild:
370     Revision bump (thanks to Kerin and Gordon, again), pulling
371     genpatches-2.6.24-7, solving #219089. Additionally contains further security
372     fixes plus some minor updates.
373 phreak 1.218
374     *hardened-sources-2.6.23-r10 (30 Apr 2008)
375    
376     30 Apr 2008; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.23-r10.ebuild:
378     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
379     Additional contains "various other fixes".
380 phreak 1.217
381     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
382     Update the longdescription in metadata, thanks to Gordon Malm.
383 nixnut 1.216
384     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
385     Stable on ppc wrt bug #213255
386 solar 1.215
387     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
388     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
389     - stable on x86/amd64 per request. Removed obsolete ebuilds
390 phreak 1.214
391     *hardened-sources-2.6.24 (07 Apr 2008)
392    
393     07 Apr 2008; Christian Heim <phreak@gentoo.org>
394     +hardened-sources-2.6.24.ebuild:
395     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
396     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
397     for the many contributions and their continued effort in #216612) based on
398     2.6.24 and genpatches-2.6.24-5.
399    
400     The current ebuild/patchset contains these things:
401     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
402     * Introduces bespoke server and workstation oriented security levels
403     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
404 phreak 1.213
405     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
406     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
407     maintaining it).
408 phreak 1.212
409     24 Mar 2008; Christian Heim <phreak@gentoo.org>
410     hardened-sources-2.4.35-r2.ebuild:
411     Fixing SRC_URI for 2.4.35-r2.
412 phreak 1.211
413     *hardened-sources-2.6.23-r9 (22 Mar 2008)
414    
415     22 Mar 2008; Christian Heim <phreak@gentoo.org>
416     +hardened-sources-2.6.23-r9.ebuild:
417     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
418     * Change the default GIDs for some grsecurity options
419     * Revamp the Hardened [Gentoo] security level and make it the default level
420     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
421     * Fix a recursive lock -- call to capable() within ptrace_attach()
422     * Fix bug that allows audit and iscsi operations to be controlled via netlink
423 solar 1.210
424     *hardened-sources-2.6.23-r8 (27 Feb 2008)
425    
426     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
427     - version bump from Kerin Millar bug 210026
428 solar 1.209
429     17 Feb 2008; <solar@gentoo.org> metadata.xml,
430     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
431     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
432     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
433     - stable on x86 and remove old ebuilds
434 solar 1.207
435     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
436 solar 1.208 - stable on amd64 per request of amd64 lead
437 solar 1.206
438     *hardened-sources-2.6.23-r7 (11 Feb 2008)
439    
440     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
441     - version bump from kerin.millar
442     Changes:
443    
444     * Bump to genpatches-base-2.6.23-9
445     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
446     * Disables COMPAT_VDSO in x86/defconfig
447     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
448 phreak 1.205
449     25 Jan 2008; Christian Heim <phreak@gentoo.org>
450     -hardened-sources-2.6.22-r8.ebuild:
451     Cleaning up old versions.
452 phreak 1.204
453     *hardened-sources-2.6.23-r6 (25 Jan 2008)
454    
455     25 Jan 2008; Christian Heim <phreak@gentoo.org>
456     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
457     Revision bump, pulling in the latest genpatches.
458 phreak 1.203
459     *hardened-sources-2.6.23-r5 (24 Dec 2007)
460    
461     24 Dec 2007; Christian Heim <phreak@gentoo.org>
462     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
463     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
464     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
465     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
466 phreak 1.202
467     24 Dec 2007; Christian Heim <phreak@gentoo.org>
468     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
469     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
470     -hardened-sources-2.6.23-r3.ebuild:
471     Cleaning out some unused, old versions.
472 phreak 1.201
473     24 Dec 2007; Christian Heim <phreak@gentoo.org>
474     hardened-sources-2.6.23-r4.ebuild:
475     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
476     in the tree for long, but there isn't much of a difference between this and
477     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
478 phreak 1.200
479     *hardened-sources-2.6.23-r4 (23 Dec 2007)
480    
481     23 Dec 2007; Christian Heim <phreak@gentoo.org>
482     +hardened-sources-2.6.23-r4.ebuild:
483     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
484 phreak 1.199
485     *hardened-sources-2.6.23-r3 (04 Dec 2007)
486    
487     04 Dec 2007; Christian Heim <phreak@gentoo.org>
488     +hardened-sources-2.6.23-r3.ebuild:
489     Revision bump, pulling in 2.6.23.9.
490 phreak 1.198
491     *hardened-sources-2.6.23-r2 (25 Nov 2007)
492    
493     25 Nov 2007; Christian Heim <phreak@gentoo.org>
494     +hardened-sources-2.6.23-r2.ebuild:
495     Updated patchset, thanks to solar.
496 phreak 1.197
497     *hardened-sources-2.6.23-r1 (31 Oct 2007)
498    
499     31 Oct 2007; Christian Heim <phreak@gentoo.org>
500     +hardened-sources-2.6.23-r1.ebuild:
501     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
502 solar 1.196
503     29 Oct 2007; <solar@gentoo.org> metadata.xml:
504     - update metadata.xml
505 phreak 1.195
506     25 Oct 2007; Christian Heim <phreak@gentoo.org>
507     hardened-sources-2.6.22-r8.ebuild:
508     Marking 2.6.22-r8 stable on amd64 and x86.
509 phreak 1.194
510     21 Oct 2007; Christian Heim <phreak@gentoo.org>
511     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
512     -hardened-sources-2.6.21-r4.ebuild:
513     Removing old ebuilds.
514 phreak 1.193
515     *hardened-sources-2.4.35-r2 (21 Oct 2007)
516    
517     21 Oct 2007; Christian Heim <phreak@gentoo.org>
518     +hardened-sources-2.4.35-r2.ebuild:
519     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
520     patches.
521 phreak 1.192
522     *hardened-sources-2.6.22-r8 (21 Oct 2007)
523    
524     21 Oct 2007; Christian Heim <phreak@gentoo.org>
525     +hardened-sources-2.6.22-r8.ebuild:
526     Yet another new patch, hopefully fixing the remaining issues we had w/
527     2.6.22. Candidate for stabling.
528 phreak 1.191
529     *hardened-sources-2.6.23 (13 Oct 2007)
530    
531     13 Oct 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.23.ebuild:
533     Initial hardened-sources-2.6.23. If people still have problems w/ bug
534     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
535 phreak 1.190
536     11 Oct 2007; Christian Heim <phreak@gentoo.org>
537     hardened-sources-2.6.20-r10.ebuild:
538     Pulling in yet another new genpatches version, fixing the PWC bug for real.
539 phreak 1.189
540     04 Oct 2007; Christian Heim <phreak@gentoo.org>
541     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
542     Removing old versions.
543 phreak 1.188
544     *hardened-sources-2.6.22-r7 (01 Oct 2007)
545    
546     01 Oct 2007; Christian Heim <phreak@gentoo.org>
547     +hardened-sources-2.6.22-r7.ebuild:
548     Revision bump, pulling in a newer patch. Should fix #194276.
549 phreak 1.187
550     30 Sep 2007; Christian Heim <phreak@gentoo.org>
551     hardened-sources-2.6.20-r10.ebuild:
552     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
553     Mike Doty).
554 phreak 1.186
555     *hardened-sources-2.6.22-r6 (26 Sep 2007)
556    
557     26 Sep 2007; Christian Heim <phreak@gentoo.org>
558     +hardened-sources-2.6.22-r6.ebuild:
559     Revision bump, grabbing up till Linux 2.6.22.9.
560 phreak 1.185
561     24 Sep 2007; Christian Heim <phreak@gentoo.org>
562     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
563     Cleaning up further.
564 phreak 1.184
565     *hardened-sources-2.6.20-r10 (24 Sep 2007)
566    
567     24 Sep 2007; Christian Heim <phreak@gentoo.org>
568     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
569     +hardened-sources-2.6.20-r10.ebuild:
570     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
571     revisions.
572 phreak 1.183
573     *hardened-sources-2.6.22-r5 (22 Sep 2007)
574    
575     22 Sep 2007; Christian Heim <phreak@gentoo.org>
576     +hardened-sources-2.6.22-r5.ebuild:
577     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
578 phreak 1.182
579     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
580     Removing johnm from metadata.xml (see #186467 for reference).
581 phreak 1.181
582     *hardened-sources-2.6.22-r4 (17 Sep 2007)
583    
584     17 Sep 2007; Christian Heim <phreak@gentoo.org>
585     +hardened-sources-2.6.22-r4.ebuild:
586     Revision bump, hopefully fixing all those weird PAX failures.
587 phreak 1.180
588     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
589     Updating the metadata.xml.
590 phreak 1.179
591     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
592     Removing tocharian from metadata due to his retirement (see #71718 for
593     reference).
594 phreak 1.178
595     *hardened-sources-2.6.20-r9 (30 Aug 2007)
596    
597     30 Aug 2007; Christian Heim <phreak@gentoo.org>
598     +hardened-sources-2.6.20-r9.ebuild:
599     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
600 phreak 1.177
601     29 Aug 2007; Christian Heim <phreak@gentoo.org>
602     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
603     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
604     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
605     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
606     -hardened-sources-2.6.22-r2.ebuild:
607     Removing some redundant versions.
608 phreak 1.176
609     *hardened-sources-2.4.35-r1 (29 Aug 2007)
610    
611     29 Aug 2007; Christian Heim <phreak@gentoo.org>
612     +hardened-sources-2.4.35-r1.ebuild:
613     Revision bump, new grsecurity patch.
614 phreak 1.175
615     *hardened-sources-2.6.20-r8 (26 Aug 2007)
616    
617     26 Aug 2007; Christian Heim <phreak@gentoo.org>
618     +hardened-sources-2.6.20-r8.ebuild:
619     Revision bump for Linux 2.6.20.17.
620 phreak 1.174
621     *hardened-sources-2.6.22-r3 (22 Aug 2007)
622    
623     22 Aug 2007; Christian Heim <phreak@gentoo.org>
624     +hardened-sources-2.6.22-r3.ebuild:
625     Revision bump for Linux 2.6.22.4.
626 phreak 1.173
627     16 Aug 2007; Christian Heim <phreak@gentoo.org>
628     hardened-sources-2.6.22-r2.ebuild:
629     Updated patchset, to fix the alignment against 2.6.22.3.
630 phreak 1.172
631     *hardened-sources-2.6.22-r2 (16 Aug 2007)
632    
633     16 Aug 2007; Christian Heim <phreak@gentoo.org>
634     +hardened-sources-2.6.22-r2.ebuild:
635     Revision bump for Linux 2.6.22.3.
636 phreak 1.171
637     *hardened-sources-2.4.35 (16 Aug 2007)
638    
639     16 Aug 2007; Christian Heim <phreak@gentoo.org>
640     +hardened-sources-2.4.35.ebuild:
641     Version bump, initial version for Linux 2.4.35.
642 phreak 1.170
643     *hardened-sources-2.6.21-r4 (16 Aug 2007)
644    
645     16 Aug 2007; Christian Heim <phreak@gentoo.org>
646     +hardened-sources-2.6.21-r4.ebuild:
647     Revision bump for Linux 2.6.21.6.
648 phreak 1.169
649     *hardened-sources-2.6.20-r7 (16 Aug 2007)
650    
651     16 Aug 2007; Christian Heim <phreak@gentoo.org>
652     +hardened-sources-2.6.20-r7.ebuild:
653     Revision bump for Linux 2.6.20.16.
654 phreak 1.168
655     *hardened-sources-2.6.22-r1 (13 Aug 2007)
656    
657     13 Aug 2007; Christian Heim <phreak@gentoo.org>
658     +hardened-sources-2.6.22-r1.ebuild:
659     Yet another revision bump.
660 phreak 1.167
661     *hardened-sources-2.6.22 (10 Aug 2007)
662    
663     10 Aug 2007; Christian Heim <phreak@gentoo.org>
664     +hardened-sources-2.6.22.ebuild:
665     Initial release for 2.6.22. If you are using hardened-sources on a desktop
666     machine (P4 or newer), be aware you might need to disable
667     CONFIG_PAX_PAGEEXEC.
668 phreak 1.166
669     04 Aug 2007; Christian Heim <phreak@gentoo.org>
670     hardened-sources-2.6.20-r6.ebuild:
671     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
672     2.6.20.15.
673 phreak 1.165
674     10 Jul 2007; Christian Heim <phreak@gentoo.org>
675     hardened-sources-2.6.20-r5.ebuild:
676     Marking hardened-sources-2.6.20-r5 stable on ppc.
677 phreak 1.164
678     10 Jul 2007; Christian Heim <phreak@gentoo.org>
679     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
680     Cleanup.
681 phreak 1.163
682     *hardened-sources-2.6.20-r6 (08 Jul 2007)
683    
684     08 Jul 2007; Christian Heim <phreak@gentoo.org>
685     +hardened-sources-2.6.20-r6.ebuild:
686     Revision bump, grabbing yet another stable release.
687 phreak 1.162
688     17 Jun 2007; Christian Heim <phreak@gentoo.org>
689     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
690     -hardened-sources-2.6.21-r2.ebuild:
691     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
692     alpha stable KEYWORD by mistake.
693 phreak 1.161
694     17 Jun 2007; Christian Heim <phreak@gentoo.org>
695     hardened-sources-2.6.20-r5.ebuild:
696     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
697     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
698 phreak 1.160
699     *hardened-sources-2.6.21-r3 (12 Jun 2007)
700    
701     12 Jun 2007; Christian Heim <phreak@gentoo.org>
702     +hardened-sources-2.6.21-r3.ebuild:
703     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
704     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
705     love.
706 phreak 1.159
707     *hardened-sources-2.6.20-r5 (11 Jun 2007)
708    
709     11 Jun 2007; Christian Heim <phreak@gentoo.org>
710     +hardened-sources-2.6.20-r5.ebuild:
711     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
712     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
713     love.
714 pappy 1.158
715     *hardened-sources-2.4.34.5 (11 Jun 2007)
716    
717     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
718     +hardened-sources-2.4.34.5.ebuild:
719     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
720 phreak 1.157
721     30 May 2007; Christian Heim <phreak@gentoo.org>
722     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
723     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
724     stale ebuild(s).
725 phreak 1.156
726     30 May 2007; Christian Heim <phreak@gentoo.org>
727     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
728     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
729     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
730     Doing some cleanups, remove stale ebuilds.
731 phreak 1.155
732     26 May 2007; Christian Heim <phreak@gentoo.org>
733     hardened-sources-2.6.21-r2.ebuild:
734     Fixing the grsecurity patch, had one '};' too much.
735 phreak 1.154
736     *hardened-sources-2.6.21-r2 (26 May 2007)
737    
738     26 May 2007; Christian Heim <phreak@gentoo.org>
739     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
740     +hardened-sources-2.6.21-r2.ebuild:
741     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
742     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
743 phreak 1.153
744     *hardened-sources-2.6.20-r4 (26 May 2007)
745    
746     26 May 2007; Christian Heim <phreak@gentoo.org>
747     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
748     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
749 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
750 phreak 1.152
751     15 May 2007; Christian Heim <phreak@gentoo.org>
752     hardened-sources-2.6.20-r3.ebuild:
753     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
754     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
755     grsecurity patch fail in that exact same hunk.
756 phreak 1.151
757     *hardened-sources-2.6.20-r3 (15 May 2007)
758    
759     15 May 2007; Christian Heim <phreak@gentoo.org>
760     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
761     Revision bump, incorporating Linux 2.6.20.11.
762    
763     *hardened-sources-2.6.21-r1 (11 May 2007)
764    
765     11 May 2007; Christian Heim <phreak@gentoo.org>
766     +hardened-sources-2.6.21-r1.ebuild:
767     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
768     mentioned in #177234.
769 kevquinn 1.150
770     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
771     files/digest-hardened-sources-2.6.21, Manifest:
772     Fix Manifest/digest for linux-2.6.21.tar.bz2
773 phreak 1.149
774     06 May 2007; Christian Heim <phreak@gentoo.org>
775     hardened-sources-2.6.21.ebuild:
776     Bumping the hardened-patches version, needed for the fix for #177234.
777 phreak 1.148
778     *hardened-sources-2.6.21 (02 May 2007)
779    
780     02 May 2007; Christian Heim <phreak@gentoo.org>
781     +hardened-sources-2.6.21.ebuild:
782     Version bump, Linux 2.6.21-hardened.
783 phreak 1.147
784     29 Apr 2007; Christian Heim <phreak@gentoo.org>
785     hardened-sources-2.6.20-r2.ebuild:
786     Adding ~ia64 on Ned's request.
787 phreak 1.146
788     29 Apr 2007; Christian Heim <phreak@gentoo.org>
789     hardened-sources-2.6.20-r2.ebuild:
790     Fixing the included grsecurity patch, wasn't alligning due to the Index:
791     header line(s).
792 phreak 1.145
793     29 Apr 2007; Christian Heim <phreak@gentoo.org>
794     hardened-sources-2.6.20-r2.ebuild:
795     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
796 armin76 1.144
797     *hardened-sources-2.6.20-r2 (10 Apr 2007)
798    
799     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
800     +hardened-sources-2.6.20-r2.ebuild:
801     Version bump, on behalf of phreak
802 phreak 1.143
803     *hardened-sources-2.6.20-r1 (04 Apr 2007)
804    
805     04 Apr 2007; Christian Heim <phreak@gentoo.org>
806     +hardened-sources-2.6.20-r1.ebuild:
807     Revision bump, grabbing a newer grsecurity snapshot.
808 phreak 1.142
809     *hardened-sources-2.6.20 (25 Mar 2007)
810    
811     25 Mar 2007; Christian Heim <phreak@gentoo.org>
812     +hardened-sources-2.6.20.ebuild:
813     Finally a hardened-sources version for 2.6.20; many people have been waiting
814     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
815     testbox.
816 chainsaw 1.141
817     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
818     hardened-sources-2.6.18-r6.ebuild:
819     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
820 phreak 1.140
821     *hardened-sources-2.6.18-r6 (16 Mar 2007)
822    
823     16 Mar 2007; Christian Heim <phreak@gentoo.org>
824     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
825     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
826     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
827     supposed to be.
828 phreak 1.139
829     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
830     Fixing the Manifest, the previous one was broken (as in still had the
831     deleted ebuild in it).
832 phreak 1.138
833     06 Mar 2007; Christian Heim <phreak@gentoo.org>
834     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
835     +hardened-sources-2.6.18-r5.ebuild:
836     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
837     Linux 2.6.18.8. Also cleaning up the older version.
838    
839     *hardened-sources-2.6.18-r5 (06 Mar 2007)
840    
841     06 Mar 2007; Christian Heim <phreak@gentoo.org>
842     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
843     +hardened-sources-2.6.18-r5.ebuild:
844     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
845     Linux 2.6.18.8. Also cleaning up the older version.
846 phreak 1.137
847     24 Feb 2007; Christian Heim <phreak@gentoo.org>
848     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
849     -hardened-sources-2.6.19-r5.ebuild:
850     Removing some of the old version, that didn't work.
851 phreak 1.136
852     *hardened-sources-2.6.19-r6 (12 Feb 2007)
853    
854     12 Feb 2007; Christian Heim <phreak@gentoo.org>
855     +hardened-sources-2.6.19-r6.ebuild:
856     Revision bump, including a new grsec version fixing #166235.
857 pappy 1.134
858     *hardened-sources-2.4.34 (24 Jan 2007)
859    
860     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
861 pappy 1.135 Manifest:
862     updating Manifest with checksums of new tarball and ebuild
863    
864     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
865 pappy 1.134 +hardened-sources-2.4.34.ebuild:
866     I added new hardened sources 2.4 update, this is a critical path
867     security bugfix - all users of h-s are strongly advised
868     to update their existing hardened sources to this version.
869     It contains a fix for a kernel vulnerability that is pertaining
870     to the PaX changes to virtual memory management, possibly leading
871     to a local kernel exploit ... see grsecurity.net forums and homepage
872 phreak 1.133
873     23 Jan 2007; Christian Heim <phreak@gentoo.org>
874     files/digest-hardened-sources-2.6.19-r5, Manifest:
875     Fixing the patch-tarball digest.
876 phreak 1.132
877     *hardened-sources-2.6.19-r5 (23 Jan 2007)
878    
879     23 Jan 2007; Christian Heim <phreak@gentoo.org>
880     +hardened-sources-2.6.19-r5.ebuild:
881     Revision bump, closing the recently discovered PaX expand_stack()
882     vulnerability.
883 phreak 1.131
884     *hardened-sources-2.6.19-r4 (14 Jan 2007)
885    
886     14 Jan 2007; Christian Heim <phreak@gentoo.org>
887     +hardened-sources-2.6.19-r4.ebuild:
888     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
889     dropping the randomized PID feature.
890 opfer 1.130
891     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
892     hardened-sources-2.4.33.4.ebuild:
893     stable x86, bug #161171
894 phreak 1.129
895     *hardened-sources-2.6.19-r3 (27 Dec 2006)
896    
897     27 Dec 2006; Christian Heim <phreak@gentoo.org>
898     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
899     Revision bump for bug #157186 and #158786.
900 phreak 1.128
901     *hardened-sources-2.6.18-r4 (27 Dec 2006)
902    
903     27 Dec 2006; Christian Heim <phreak@gentoo.org>
904     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
905     Revision bump for bug #157186.
906 phreak 1.127
907     *hardened-sources-2.6.19-r2 (23 Dec 2006)
908    
909     23 Dec 2006; Christian Heim <phreak@gentoo.org>
910     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
911     Revision bump to pull in genpatches-2.6.19-3 for #157186.
912 phreak 1.126
913     17 Dec 2006; Christian Heim <phreak@gentoo.org>
914     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
915     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
916     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
917     hardened-sources-2.6.19-r1.ebuild:
918     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
919     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
920 pappy 1.125
921     *hardened-sources-2.4.33.4 (17 Dec 2006)
922    
923     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
924     +hardened-sources-2.4.33.4.ebuild:
925     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
926     and quilting
927 phreak 1.124
928     *hardened-sources-2.6.19-r1 (14 Dec 2006)
929    
930     14 Dec 2006; Christian Heim <phreak@gentoo.org>
931     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
932     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
933     for reporting).
934 phreak 1.123
935     *hardened-sources-2.6.19 (13 Dec 2006)
936    
937     13 Dec 2006; Christian Heim <phreak@gentoo.org>
938     +hardened-sources-2.6.19.ebuild:
939     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
940     Brad for providing that prompt update.
941 phreak 1.122
942     *hardened-sources-2.6.18-r3 (13 Dec 2006)
943    
944     13 Dec 2006; Christian Heim <phreak@gentoo.org>
945     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
946     +hardened-sources-2.6.18-r3.ebuild:
947     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
948     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
949 phreak 1.121
950     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
951     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
952 nixnut 1.120
953     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
954     Stable on ppc wrt bug 157356
955 opfer 1.119
956     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
957     hardened-sources-2.6.18.ebuild:
958     stable x86, bug #157356
959 phreak 1.118
960     *hardened-sources-2.6.18-r2 (06 Dec 2006)
961    
962     06 Dec 2006; Christian Heim <phreak@gentoo.org>
963     +hardened-sources-2.6.18-r2.ebuild:
964     Revision bump, including 2.6.18.5 (via genpatches) and
965     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
966     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
967     redesign.
968 phreak 1.117
969     06 Dec 2006; Christian Heim <phreak@gentoo.org>
970     hardened-sources-2.6.18.ebuild:
971     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
972     of Mike Doty).
973 phreak 1.116
974     *hardened-sources-2.6.18-r1 (23 Nov 2006)
975    
976     23 Nov 2006; Christian Heim <phreak@gentoo.org>
977     +hardened-sources-2.6.18-r1.ebuild:
978     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
979 phreak 1.115
980     *hardened-sources-2.6.18 (11 Nov 2006)
981    
982     11 Nov 2006; Christian Heim <phreak@gentoo.org>
983     +hardened-sources-2.6.18.ebuild:
984     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
985 solar 1.114
986     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
987     - mark amd64 stable also. bug #151877
988 solar 1.113
989     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
990     - mark 2.6.17-r1 stable
991 phreak 1.112
992     27 Aug 2006; Christian Heim <phreak@gentoo.org>
993     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
994     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
995 phreak 1.111
996     *hardened-sources-2.6.17-r1 (26 Aug 2006)
997    
998     26 Aug 2006; Christian Heim <phreak@gentoo.org>
999     +hardened-sources-2.6.17-r1.ebuild:
1000     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
1001     grsecurity patch.
1002 phreak 1.110
1003     *hardened-sources-2.6.17 (17 Aug 2006)
1004    
1005     17 Aug 2006; Christian Heim <phreak@gentoo.org>
1006     +hardened-sources-2.6.17.ebuild:
1007     Bumping the hardened-sources-2.6 series to 2.6.17, using
1008     genpatches-2.6.17-6.base.
1009 solar 1.109
1010     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1011     - stable on x86 and amd64
1012 solar 1.108
1013     *hardened-sources-2.6.16-r11 (15 Jul 2006)
1014    
1015     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1016     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1017     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1018     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1019     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1020     crusty ebuilds
1021 johnm 1.107
1022     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1023     hardened-sources-2.6.16-r10.ebuild:
1024     marking stable on x86 and amd64
1025 solar 1.106
1026     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1027     - 2.4.32-r6 stable on x86. RSBAC state unknown
1028 kang 1.105
1029     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1030    
1031     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1032     +hardened-sources-2.4.32-r7.ebuild:
1033     Bump PaX for RSBAC to test-17
1034 johnm 1.104
1035     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1036    
1037     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1038     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1039     hardened-sources-2.6.16 bump to latest -base.
1040 solar 1.103
1041     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1042    
1043     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1044     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1045     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1046     sysctl controlable resource logging
1047 johnm 1.102
1048     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1049    
1050     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1051     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1052     push new 2.6.16 release in preparation for stable
1053 solar 1.101
1054     22 May 2006; <solar@gentoo.org> :
1055     - redigest bug 134002
1056 kang 1.100
1057     *hardened-sources-2.4.32-r5 (16 May 2006)
1058    
1059     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1060     +hardened-sources-2.4.32-r5.ebuild:
1061     Fixes rsbac common patching (new patch in new -r5 patchset)
1062 solar 1.99
1063     *hardened-sources-2.4.32-r4 (13 May 2006)
1064    
1065     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1066     +hardened-sources-2.4.32-r4.ebuild:
1067     - security bumps
1068 johnm 1.98
1069     *hardened-sources-2.6.16-r6 (03 May 2006)
1070    
1071     03 May 2006; John Mylchreest <johnm@gentoo.org>
1072     +hardened-sources-2.6.16-r6.ebuild:
1073     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1074 johnm 1.97
1075     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1076     hardened-sources-2.6.14-r8.ebuild:
1077     fix x86_64 build problem, this will delay the digest issue again for a short
1078     while but it will sort itself out
1079 johnm 1.96
1080     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1081     hardened-sources-2.6.14-r8.ebuild:
1082     bump hardened patchset
1083 antarus 1.94
1084     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1085     files/digest-hardened-sources-2.4.32-r2,
1086     files/digest-hardened-sources-2.4.32-r3,
1087     files/digest-hardened-sources-2.6.14-r8, Manifest:
1088     Fixing duff SHA256 digests: Bug # 131293
1089 johnm 1.93
1090 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1091    
1092     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1093     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1094     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1095     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1096     cleanup of old uneccessary sources
1097    
1098 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1099     fix digest
1100 johnm 1.92
1101     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1102    
1103     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1104     +hardened-sources-2.6.14-r8.ebuild:
1105     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1106 johnm 1.91
1107     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1108     Turning on gpg-signing again, and recomitting
1109 johnm 1.90
1110     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1111    
1112     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1113     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1114     +hardened-sources-2.6.16-r4.ebuild:
1115     Fix numerous security vulns
1116 solar 1.89
1117     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1118    
1119     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1120     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1121     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1122     - security bump for bug #112791. Removed old ebuilds
1123 johnm 1.88
1124     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1125    
1126     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1127     +hardened-sources-2.6.16-r3.ebuild:
1128     Removing silly localversion which I missed
1129 johnm 1.87
1130     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1131    
1132     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1133     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1134     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1135 johnm 1.86
1136     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1137    
1138     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1139     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1140     +hardened-sources-2.6.16-r2.ebuild:
1141     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1142     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1143 johnm 1.85
1144     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1145    
1146     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1147     +hardened-sources-2.6.16-r1.ebuild:
1148     Bumping to include ppc build fix and 2.6.16.3
1149 tsunam 1.84
1150     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1151     hardened-sources-2.6.14-r6.ebuild:
1152     Stable on x86; bug #127718
1153 johnm 1.83
1154     *hardened-sources-2.6.16 (31 Mar 2006)
1155    
1156     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1157     +hardened-sources-2.6.16.ebuild:
1158     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1159     2.6.16.1
1160 cryos 1.82
1161     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1162     hardened-sources-2.6.14-r6.ebuild:
1163     Stable on amd64, bug 127718.
1164 nixnut 1.81
1165     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1166     Stable on ppc. Bug #127718
1167 johnm 1.80
1168     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1169     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1170     -hardened-sources-2.6.14-r4.ebuild:
1171     Cleanup.
1172 johnm 1.79
1173     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1174    
1175     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1176     +hardened-sources-2.6.14-r6.ebuild:
1177     Fixes grsec policy recreation bug and adds a
1178     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1179 solar 1.78
1180     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1181     - stable on x86
1182 hansmi 1.77
1183     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1184     hardened-sources-2.6.14-r5.ebuild:
1185     Stable on ppc.
1186 johnm 1.76
1187     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1188    
1189     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1190     +hardened-sources-2.6.14-r5.ebuild:
1191     fixing every known exploit
1192 solar 1.75
1193     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1194    
1195     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1196     +hardened-sources-2.4.32-r2.ebuild:
1197     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1198 solar 1.74
1199     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1200    
1201     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1202     - version bump for new genpatches which fix up a few sec holes
1203 solar 1.73
1204     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1205    
1206     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1207     - revision bump to add misc vital linux kernel security patches.
1208 johnm 1.72
1209     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1210    
1211     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1212     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1213     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1214 johnm 1.71
1215     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1216     hardened-sources-2.6.14-r2.ebuild:
1217     making x86 & amd64 stable following testing.
1218 johnm 1.70
1219     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1220    
1221     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1222     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1223     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1224     network hooks.
1225 johnm 1.69
1226     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1227     hardened-sources-2.6.14-r1.ebuild:
1228     bumping to stable early for sec fix on x86 & amd64
1229 johnm 1.68
1230     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1231    
1232     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1233     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1234     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1235 solar 1.67
1236     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1237     - stable on x86 security bug #114227 CAN-2005-3257
1238 kang 1.66
1239     *hardened-sources-2.4.32 (19 Nov 2005)
1240    
1241     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1242     +hardened-sources-2.4.32.ebuild:
1243     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1244     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1245     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1246     rsbac >> /etc/portage/package.use)
1247 johnm 1.65
1248     *hardened-sources-2.6.14 (14 Nov 2005)
1249    
1250     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1251     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1252     Bumping 2.6 series to 2.6.14.2
1253 johnm 1.64
1254     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1255    
1256     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1257     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1258     +hardened-sources-2.6.13-r2.ebuild:
1259     Fixes minor build error in ppc.
1260 johnm 1.63
1261     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1262    
1263     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1264     +hardened-sources-2.6.13-r1.ebuild:
1265     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1266     2.6.13.4, fixes some major amd64 stability problems.
1267 johnm 1.62
1268     *hardened-sources-2.6.13 (16 Sep 2005)
1269    
1270     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1271     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1272     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1273     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1274     users should test this thoroughly.
1275 solar 1.61
1276     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1277     - stable on x86
1278 johnm 1.60
1279     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1280    
1281     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1282     +hardened-sources-2.6.11-r15.ebuild:
1283     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1284     grsec redefining curr_ip struct.
1285 solar 1.59
1286     *hardened-sources-2.4.31 (20 Jun 2005)
1287    
1288     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1289     initial import of 2.4.31 tree
1290 johnm 1.58
1291     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1292    
1293     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1294     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1295     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1296     naming scheme to abide by genpatches
1297 johnm 1.57
1298     *hardened-sources-2.6.11-r13 (18 May 2005)
1299    
1300     18 May 2005; John Mylchreest <johnm@gentoo.org>
1301     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1302     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1303     target. sorry about that. Fixes bug #93022
1304 johnm 1.56
1305     *hardened-sources-2.6.11-r12 (17 May 2005)
1306    
1307     17 May 2005; John Mylchreest <johnm@gentoo.org>
1308     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1309     +hardened-sources-2.6.11-r12.ebuild:
1310     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1311     merges in genpatches-base
1312 johnm 1.55
1313     *hardened-sources-2.6.11-r12 (17 May 2005)
1314    
1315     17 May 2005; John Mylchreest <johnm@gentoo.org>
1316     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1317     +hardened-sources-2.6.11-r12.ebuild:
1318     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1319     merges in genpatches-base
1320 solar 1.54
1321     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1322     -files/2.4.27-cmdline-race.patch,
1323     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1324     -files/2.4.28-grsec-binfmt_a.out.patch,
1325     -files/2.4.28-grsec-cmdline-race.patch,
1326     -files/2.4.28-selinux-binfmt_a.out.patch,
1327     -files/2.4.28-selinux-cmdline-race.patch,
1328     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1329     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1330     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1331     cleanup..
1332 solar 1.53
1333     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1334    
1335     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1336     - disable aout by default
1337 solar 1.52
1338     *hardened-sources-2.4.30 (18 Apr 2005)
1339    
1340     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1341     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1342     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1343     use
1344 tocharian 1.50
1345 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1346    
1347     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1348     +hardened-sources-2.4.29.ebuild:
1349     New hardened-patches-2.4-29.0 patchball.
1350     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1351    
1352     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1353    
1354     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1355     +hardened-sources-2.4.28-r5.ebuild:
1356     Added a fix for a PaX vulnerability.
1357    
1358     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1359 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1360     Stable on x86
1361 solar 1.49
1362     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1363     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1364     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1365     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1366     - fixed/added RDEPEND= in all kernel-2 ebuilds
1367 tocharian 1.48
1368     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1369    
1370     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1371     +hardened-sources-2.4.28-r4.ebuild:
1372     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1373     backport of neighbour hash updates.
1374 tocharian 1.47
1375     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1376     hardened-sources-2.4.28-r3.ebuild:
1377     Stable on x86
1378 tseng 1.46
1379     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1380    
1381     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1382     +hardened-sources-2.6.10-r3.ebuild:
1383     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1384     in 2005.0
1385 tocharian 1.45
1386     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1387     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1388     hardened-sources-2.4.28-r2.ebuild:
1389     Mark stable on x86
1390 tocharian 1.44
1391     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1392    
1393     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1394     +hardened-sources-2.4.28-r3.ebuild:
1395     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1396 tocharian 1.43
1397     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1398     hardened-sources-2.4.28.ebuild:
1399     Mark stable on x86.
1400 tocharian 1.42
1401     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1402    
1403     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1404     +hardened-sources-2.4.28-r2.ebuild:
1405     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1406     Mazinger for grsecurity patches as well.
1407 plasmaroo 1.41
1408     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1409    
1410     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1411     Security bump. Thank tocharian for rolling a new patchset...
1412 solar 1.40
1413     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1414     +files/2.4.28-grsec-cmdline-race.patch,
1415     +files/2.4.28-selinux-binfmt_a.out.patch,
1416     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1417     - Round up remaining security patches that appear to be missing in 2.4.28. -
1418     PaX standalone updated to current. hgpv=28.1
1419 solar 1.39
1420     *hardened-sources-2.4.28 (28 Nov 2004)
1421    
1422     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1423     security bump. Thank tocharian for rolling a new patchset
1424 scox 1.31
1425 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1426    
1427     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1428     +hardened-sources-2.4.27-r3.ebuild:
1429     Applies the new 2.4-27.2 patchball which updates
1430     GRSecurity to the 2.0.1 version.
1431    
1432 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1433    
1434     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1435     +hardened-sources-2.4.27-r2.ebuild:
1436     Version bump.
1437     This version uses the new 2.4-27.1 patchball which updates
1438     both the SELinux PaX hooks patch and the SELinux headers.
1439    
1440 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1441    
1442     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1443     +hardened-sources-2.4.27-r1.ebuild,
1444     -hardened-sources-2.4.27.ebuild,
1445     +files/2.4.27-cmdline-race.patch:
1446     Version bump, fix for cmdline race. See bug #59905.
1447    
1448     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1449    
1450     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1451     +hardened-sources-2.4.26-r6.ebuild,
1452     -hardened-sources-2.4.26-r5.ebuild,
1453     -hardened-sources-2.4.26-r4.ebuild,
1454     +files/2.4.26-cmdline-race.patch:
1455     Version bump, fix for cmdline race. See bug #59905.
1456    
1457 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1458    
1459     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1460     +hardened-sources-2.4.27.ebuild,
1461     +files/2.4.27-CAN-2004-0394.patch:
1462     Ported the patchball to the 2.4.27 kernel version.
1463    
1464 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1465    
1466     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1467     +hardened-sources-2.4.26-r5.ebuild:
1468 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1469 scox 1.34 It adds the following features:
1470     - Squashfs
1471     - Ebtables
1472     - Netdev random (core+drivers)
1473     - Watchdog Timer (WDT) fix.
1474    
1475 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1476    
1477     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1478     +hardened-sources-2.4.26-r4.ebuild,
1479     +files/2.4.26-CAN-2004-0415.patch,
1480     -hardened-sources-2.4.26-3:
1481     Version bump, fix for CAN 0415, see bug #59378.
1482    
1483 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1484    
1485     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1486     +hardened-sources-2.4.26-r3.ebuild,
1487     +files/2.4.26-CAN-2004-0497.patch,
1488     -hardened-sources-2.4.26-r2.ebuild:
1489     Version bump, fixed CAN 0497, see bug #56171.
1490    
1491 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1492    
1493     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1494 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1495 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1496     +files/2.4.26-CAN-2004-0535.patch,
1497     -hardened-sources-2.4.26-r1.ebuild:
1498     Fixes for both CAN 0495 and 0535, see bug #54976
1499 pvdabeel 1.27
1500 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1501     hardened-sources-2.4.26-r1.ebuild:
1502     QA - fix use invocation
1503 scox 1.28
1504     *hardened-sources-2.4.26-r1 (22 June 2004)
1505    
1506     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1507     +hardened-sources-2.4.26-r1.ebuild,
1508     +files/2.4.26-CAN-2004-0394.patch,
1509     +files/2.4.26-signal-race.patch,
1510     -hardened-sources-2.4.26.ebuild,
1511     -hardened-sources-2.4.24-r3.ebuild:
1512     Version bump for the CAN-2004-0394 issue and bug #53804
1513     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1514    
1515    
1516 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1517     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1518     Masked hardened-sources-2.4.26.ebuild broken for ppc
1519    
1520     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1521     hardened-sources-2.4.24-r3.ebuild:
1522     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1523 plasmaroo 1.25
1524 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1525    
1526     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1527     +hardened-sources-2.4.26.ebuild:
1528     Updated hardened-sources for the 2.4.26 kernel
1529     Removed broken components, updated almost everything.
1530    
1531 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1532    
1533     17 Apr 2004; <plasmaroo@gentoo.org>
1534     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1535     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1536     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1537     +hardened-sources-2.4.24-r3.ebuild:
1538     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1539     vulnerabilities. Old revisions removed.
1540 plasmaroo 1.24
1541     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1542    
1543     15 Apr 2004; <plasmaroo@gentoo.org>
1544     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1545     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1546     Version bump for the CAN-2004-0109 issue; bug #47881.
1547 aliz 1.23
1548     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1549     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1550     Add eutils to inherit.
1551 plasmaroo 1.22
1552     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1553    
1554     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1555     files/hardened-sources-2.4.24.munmap.patch:
1556     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1557 scox 1.19
1558 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1559 scox 1.26
1560 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1561     hardened-sources-2.4.24.ebuild:
1562     Version bump, updated most of the components.
1563     This release includes the following:
1564    
1565     - Hardened security
1566     - Netfilter patch-o-matic 20031219
1567     - FreeSWAN 2.04 & x509 1.4.8
1568     - EVMS 2.2.2
1569     - XFS 1.3.1
1570     - cryptoloop jari
1571     - grsecurity 2.0-rc4
1572     - SELinux
1573     - PaX 200402060000
1574     - PaX Obscurity 200308302223
1575     - Others...
1576    
1577     Neither -ck nor systrace are included anymore.
1578    
1579 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1580    
1581     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1582     hardened-sources-2.4.22-r2.ebuild:
1583 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1584 scox 1.19
1585     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1586 iggy 1.17
1587     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1588 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1589 iggy 1.16
1590     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1591 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1592     Version bump for the 'do_brk' vulnerability.
1593 iggy 1.15
1594     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1595     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1596     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1597     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1598 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1599 frogger 1.14
1600     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1601     hardened-sources-2.4.22.ebuild:
1602 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1603     components. These are no longer handled in the kernel
1604     so this code was not necessary.
1605 frogger 1.13
1606     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1607     New 2.4.22 based hardened-sources thanks to
1608     Phil West <p.west@computer.org>.
1609    
1610     These sources include:
1611 plasmaroo 1.18 - New SELinux API
1612     - Updated CK-base
1613     - Updated GRSec
1614     - Systrace
1615     - SuperFreeS/WAN 1.99.8
1616     - Propolice kernel build support
1617     - EVMS
1618     - Other various security related patches
1619 frogger 1.11
1620 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1621    
1622     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1623     Updated hardened-sources based on the 2.4.21 Linux kernel.
1624     This includes updates to most major components such as:
1625 plasmaroo 1.18 - ck-base-0306300059
1626     - selinux-2.4-2003071106
1627     - grsecurity-2.0-rc1
1628     - Updated IPTables patch-o-matic
1629     - Updated SuperFreeS/WAN
1630    
1631 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1632     updated patch set ready for the 2.4.21 based kernel.
1633    
1634 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1635     Initial import of hardened-sources-2.4.20-r4. This revision
1636     includes only a few changes, but one of these is an important
1637     security fix. It is recommended all users of hardened-sources
1638     upgrade to this release.
1639 plasmaroo 1.18
1640 frogger 1.11 - ioperm bug fix
1641     - fixed compilation failure when building without GRSec
1642 plasmaroo 1.18
1643 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1644     due to time constraints, but is planned for inclusion in the near
1645     future.
1646 msterret 1.10
1647     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1648    
1649     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1650     hardened-sources-2.4.20-r3.ebuild:
1651 plasmaroo 1.18 Add Header...
1652 frogger 1.9
1653     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1654     hardened-sources-2.4.20-r3.ebuild:
1655     Removed warnings from ebuild. This kernel should be safe to
1656     use at this point.
1657 frogger 1.8
1658     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1659    
1660     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1661     hardened-sources-2.4.20-r3.ebuild:
1662     New revision. Includes the following changes over -r2:
1663 plasmaroo 1.18
1664 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1665     - Super FreeS/WAN 1.99.7rc2
1666     - PaX for the LSM/SELinux branch
1667     - GRSecurity 2.0-pre4 (role based access control)
1668     - Systrace 1.3
1669     - EXT3 fixes
1670     - EVMS 2.0.1
1671     - GCC 3.1+ compile optimizations
1672     - ProPolice kernel build support
1673     - Hashing table security fixes
1674 frogger 1.3
1675     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1676 frogger 1.7
1677     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1678     Initial import of hardened-sources-r2. This new
1679     ebuild includes many new performance and security
1680     related patches. As in -r1, it will patch in
1681     LSM/SELinux if "selinux" is in USE, otherwise it
1682     will patch in GRSecurity. The following patches
1683     are included in this revision:
1684 plasmaroo 1.18
1685 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1686     (pulled from the base CK patch)
1687     - ptrace exploit patch for the LSM kernel
1688     (the GRSec patch already fixes this)
1689     - LSM 2.4-2003040709
1690     - SELinux 2.4-2003040709
1691     - Systrace v1.2
1692     - IPTables patch-o-matic base patches - 20030107
1693     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1694     - Super FreeS/WAN 1.99.6.1
1695     - GRSecurity 1.9.9g
1696     - MPPE
1697     - EXT3 data journal fix
1698     - CIPE 1.5.4
1699 frogger 1.6
1700     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1701     hardened-sources-2.4.20-r1.ebuild, manifest:
1702 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1703 frogger 1.5
1704     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1705     hardened-sources-2.4.20-r1.ebuild:
1706     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1707     is patched in instead. Ptrace patches for selinux have also been added. In
1708     either case, systrace support will be patched in as well.
1709 frogger 1.3
1710     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1711     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1712 plasmaroo 1.18 Revision bump for new sources.
1713 frogger 1.4
1714 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1715 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1716 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1717 method 1.1
1718 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1719    
1720 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1721     hardened-sources-2.4.20.ebuild:
1722 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20