/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.326 - (hide annotations) (download)
Wed Jul 21 12:47:12 2010 UTC (4 years, 3 months ago) by chainsaw
Branch: MAIN
Changes since 1.325: +5 -1 lines
This is madness. THIS IS HARDENED.
(Portage version: 2.1.8.3/cvs/Linux x86_64)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 robbat2 1.312 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
3 chainsaw 1.326 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.325 2010/07/21 11:31:11 jer Exp $
4    
5     21 Jul 2010; <chainsaw@gentoo.org> metadata.xml:
6     Address metadata concerns by Jeroen "rej" Roovers <rej@gentoo.org> raised
7     on gentoo-dev.
8 jer 1.325
9     21 Jul 2010; Jeroen Roovers <jer@gentoo.org> metadata.xml:
10     Correct mail address.
11 blueness 1.324
12     18 Jul 2010; Anthony G. Basile <blueness@gentoo.org>
13     -hardened-sources-2.6.25-r13.ebuild, -hardened-sources-2.6.26-r9.ebuild,
14     -hardened-sources-2.6.28-r7.ebuild, -hardened-sources-2.6.29.ebuild,
15     -hardened-sources-2.6.32-r8.ebuild:
16     Removing outdated releases
17 fauli 1.323
18     17 Jul 2010; Christian Faulhammer <fauli@gentoo.org>
19     hardened-sources-2.6.32-r9.ebuild:
20     stable x86, bug 326885
21 blueness 1.322
22     13 Jul 2010; Anthony G. Basile <blueness@gentoo.org>
23     -hardened-sources-2.6.32-r7.ebuild:
24     Removed for security. Bug #325573
25 blueness 1.321
26     *hardened-sources-2.6.34 (13 Jul 2010)
27    
28     13 Jul 2010; Anthony G. Basile <blueness@gentoo.org>
29     +hardened-sources-2.6.34.ebuild:
30     Initial commit based on mainline 2.6.34.1 and grsec-2.2.0.
31 blueness 1.320
32     *hardened-sources-2.6.32-r11 (13 Jul 2010)
33    
34     13 Jul 2010; Anthony G. Basile <blueness@gentoo.org>
35     +hardened-sources-2.6.32-r11.ebuild:
36     New patchset based on mainline 2.6.32.16 and grsec-2.2.0. Bug #327263
37 chainsaw 1.319
38     06 Jul 2010; <chainsaw@gentoo.org> hardened-sources-2.6.32-r9.ebuild:
39     Marked stable on AMD64 as requested by Anthony G. Basile
40     <blueness@gentoo.org> in bug #326885. Operational testing done for 1 week
41     on roughly two dozen HP Proliant DL365 G1 and DL385 G2 systems.
42 blueness 1.318
43     *hardened-sources-2.6.32-r10 (30 Jun 2010)
44    
45     30 Jun 2010; Anthony G. Basile <blueness@gentoo.org>
46     +hardened-sources-2.6.32-r10.ebuild:
47     New patchset based on mainline 2.6.32.15 and grsec-2.2.0. Bug #325227.
48 blueness 1.317
49     29 Jun 2010; Anthony G. Basile <blueness@gentoo.org> metadata.xml:
50     Added myself to the metadata.xml
51 chainsaw 1.316
52     *hardened-sources-2.6.32-r9 (11 Jun 2010)
53    
54     11 Jun 2010; <chainsaw@gentoo.org> +hardened-sources-2.6.32-r9.ebuild:
55     New patchset by Anthony G Basile, based on mainline 2.6.32.15 sources.
56 chainsaw 1.315
57     *hardened-sources-2.6.32-r8 (01 Jun 2010)
58    
59     01 Jun 2010; <chainsaw@gentoo.org> +hardened-sources-2.6.32-r8.ebuild:
60     New patchset by Anthony G Basile, based on mainline 2.6.32.14 sources.
61 chainsaw 1.314
62     27 May 2010; <chainsaw@gentoo.org> hardened-sources-2.6.32-r7.ebuild:
63     Update SRC_URI to point to mirror network now that the distfile has
64     propagated.
65 chainsaw 1.313
66     *hardened-sources-2.6.32-r7 (26 May 2010)
67    
68     26 May 2010; <chainsaw@gentoo.org> +hardened-sources-2.6.32-r7.ebuild,
69     metadata.xml:
70     New 2.6.32-based release by Anthony G Basile, Robin H. Johnson & Matthew
71     Summers.
72 robbat2 1.312
73     26 Apr 2010; Robin H. Johnson <robbat2@gentoo.org> metadata.xml:
74     Update Manifest for deblob support in kernel-2 eclass.
75 nixnut 1.311
76     31 May 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r9.ebuild:
77     ppc stable
78 gengor 1.310
79     29 May 2009; Gordon Malm <gengor@gentoo.org>
80     -hardened-sources-2.6.28-r6.ebuild, hardened-sources-2.6.28-r9.ebuild:
81     Stable amd64/x86 and remove old.
82 gengor 1.309
83     *hardened-sources-2.6.29 (25 May 2009)
84    
85     25 May 2009; Gordon Malm <gengor@gentoo.org>
86     +hardened-sources-2.6.29.ebuild:
87     Initial 2.6.29 release. Thanks to Kerin Millar for providing and testing
88     release candidates.
89 gengor 1.308
90     *hardened-sources-2.6.28-r9 (25 May 2009)
91    
92     25 May 2009; Gordon Malm <gengor@gentoo.org>
93     -hardened-sources-2.6.28-r8.ebuild, +hardened-sources-2.6.28-r9.ebuild:
94     Fix x86-32 boot failure (regression vs. 2.6.28-r7).
95 gengor 1.307
96     *hardened-sources-2.6.28-r8 (18 May 2009)
97    
98     18 May 2009; Gordon Malm <gengor@gentoo.org>
99     +hardened-sources-2.6.28-r8.ebuild:
100     Bump to Linux 2.6.28.10, latest genpatches, PaX updates. Fixes bug #256067
101     and #262862 among others.
102 gengor 1.306
103     01 May 2009; Gordon Malm <gengor@gentoo.org>
104     hardened-sources-2.6.25-r13.ebuild, hardened-sources-2.6.26-r9.ebuild,
105     hardened-sources-2.6.28-r6.ebuild, hardened-sources-2.6.28-r7.ebuild:
106     Remove unnecessary mirror://gentoo from SRC_URI.
107 nixnut 1.305
108     05 Apr 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r7.ebuild:
109     ppc stable
110 gengor 1.304
111     30 Mar 2009; Gordon Malm <gengor@gentoo.org>
112     -hardened-sources-2.6.28-r4.ebuild, hardened-sources-2.6.28-r7.ebuild:
113     Stable amd64/x86 and remove old.
114 gengor 1.303
115     *hardened-sources-2.6.28-r7 (27 Mar 2009)
116    
117     27 Mar 2009; Gordon Malm <gengor@gentoo.org>
118     +hardened-sources-2.6.28-r7.ebuild:
119     Add Linux 2.6.28.9. Fix bugs 263424, 263870.
120 gengor 1.302
121     22 Mar 2009; Gordon Malm <gengor@gentoo.org>
122     -hardened-sources-2.6.27-r7.ebuild, -hardened-sources-2.6.27-r8.ebuild,
123     -hardened-sources-2.6.28-r1.ebuild, -hardened-sources-2.6.28-r2.ebuild,
124     -hardened-sources-2.6.28-r3.ebuild, hardened-sources-2.6.28-r6.ebuild:
125     Stable amd64/x86 and remove old versions.
126 nixnut 1.301
127     22 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r6.ebuild:
128     ppc stable
129 gengor 1.300
130     *hardened-sources-2.6.28-r6 (21 Mar 2009)
131    
132     21 Mar 2009; Gordon Malm <gengor@gentoo.org>
133     -hardened-sources-2.6.28-r5.ebuild, +hardened-sources-2.6.28-r6.ebuild:
134     Minor fix to ensure RTC is properly selected when GRKERNSEC_IO is enabled.
135 gengor 1.299
136     *hardened-sources-2.6.28-r5 (20 Mar 2009)
137    
138     20 Mar 2009; Gordon Malm <gengor@gentoo.org>
139     +hardened-sources-2.6.28-r5.ebuild:
140     Bump genpatches. Grsecurity patch bump, fixes bug #262752.
141 gengor 1.298
142     20 Mar 2009; Gordon Malm <gengor@gentoo.org>
143     hardened-sources-2.6.28-r4.ebuild:
144     Stable amd64/x86.
145 gengor 1.297
146     *hardened-sources-2.6.28-r4 (18 Mar 2009)
147    
148     18 Mar 2009; Gordon Malm <gengor@gentoo.org>
149     +hardened-sources-2.6.28-r4.ebuild:
150     Bump to Linux 2.6.28.8. PaX update fixes oops in SANITIZE feature,
151     compilation with CPA_DEBUG and more.
152 gengor 1.296
153     17 Mar 2009; Gordon Malm <gengor@gentoo.org>
154     hardened-sources-2.6.28-r3.ebuild:
155     Quick stable amd64/x86.
156 gengor 1.295
157     *hardened-sources-2.6.28-r3 (15 Mar 2009)
158    
159     15 Mar 2009; Gordon Malm <gengor@gentoo.org>
160     +hardened-sources-2.6.28-r3.ebuild:
161     Adds latest PaX changes fixing some boot issues, ext4 fixes for bug #262507.
162 nixnut 1.294
163     14 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r2.ebuild:
164     ppc stable
165 gengor 1.293
166     13 Mar 2009; Gordon Malm <gengor@gentoo.org>
167     hardened-sources-2.6.28-r2.ebuild:
168     Stable amd64/x86.
169 gengor 1.292
170     *hardened-sources-2.6.28-r2 (11 Mar 2009)
171    
172     11 Mar 2009; Gordon Malm <gengor@gentoo.org>
173     +hardened-sources-2.6.28-r2.ebuild:
174     Version bump bringing in latest grsecurity patch.
175 gengor 1.291
176     *hardened-sources-2.6.28-r1 (09 Mar 2009)
177    
178     09 Mar 2009; Gordon Malm <gengor@gentoo.org>
179     -hardened-sources-2.6.28.ebuild, +hardened-sources-2.6.28-r1.ebuild:
180     Version bump and remove old.
181 nixnut 1.290
182     07 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.27-r8.ebuild:
183     ppc stable
184 gengor 1.289
185     01 Mar 2009; Gordon Malm <gengor@gentoo.org>
186     hardened-sources-2.6.27-r8.ebuild:
187     Remove amd64 testing keyword, bug 256226.
188 gengor 1.288
189     01 Mar 2009; Gordon Malm <gengor@gentoo.org>
190     hardened-sources-2.6.27-r8.ebuild:
191     Revert amd64 stable, bug #256226.
192 gengor 1.287
193     01 Mar 2009; Gordon Malm <gengor@gentoo.org>
194     hardened-sources-2.6.27-r8.ebuild:
195     Stable on amd64/x86.
196 gengor 1.286
197     24 Feb 2009; Gordon Malm <gengor@gentoo.org>
198     -hardened-sources-2.6.27-r6.ebuild:
199     Remove old 2.6.27 release.
200 gengor 1.285
201     *hardened-sources-2.6.27-r8 (24 Feb 2009)
202    
203     24 Feb 2009; Gordon Malm <gengor@gentoo.org>
204     +hardened-sources-2.6.27-r8.ebuild:
205     Bump to latest genpatches, Linux 2.6.27.19, PaX updates. Fixes bug #256067
206     and probably more.
207 nixnut 1.284
208     04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
209     ppc stable
210 gengor 1.283
211     *hardened-sources-2.6.28 (25 Jan 2009)
212    
213     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
214     +hardened-sources-2.6.28.ebuild:
215     Initial 2.6.28 release.
216 gengor 1.282
217     *hardened-sources-2.6.27-r7 (25 Jan 2009)
218    
219     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
220     +hardened-sources-2.6.27-r7.ebuild:
221     Bump to Linux 2.6.27.13.
222 gengor 1.281
223     25 Jan 2009; Gordon Malm <gengor@gentoo.org>
224     hardened-sources-2.6.26-r9.ebuild:
225     Stable amd64/x86.
226 gengor 1.280
227     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
228     -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
229     -hardened-sources-2.6.27-r5.ebuild:
230     Remove problem versions.
231 gengor 1.279
232     *hardened-sources-2.6.27-r6 (24 Jan 2009)
233    
234     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
235     +hardened-sources-2.6.27-r6.ebuild:
236     Revert PaX test29 to test30 changes. Fixes bug 256226.
237 gengor 1.277
238     *hardened-sources-2.6.27-r5 (24 Jan 2009)
239    
240     24 Jan 2009; Gordon Malm <gengor@gentoo.org>
241     +hardened-sources-2.6.27-r5.ebuild:
242 gengor 1.278 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
243 gengor 1.277 254843.
244 gengor 1.276
245     23 Jan 2009; Gordon Malm <gengor@gentoo.org>
246     -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
247     -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
248     Remove problem versions.
249 nixnut 1.275
250     23 Jan 2009; nixnut <nixnut@gentoo.org>
251     hardened-sources-2.6.25-r13.ebuild:
252     ppc stable
253 gengor 1.274
254     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
255     hardened-sources-2.6.25-r13.ebuild:
256     Fasttrack stable amd64/x86.
257 gengor 1.273
258     *hardened-sources-2.6.26-r9 (21 Jan 2009)
259    
260     21 Jan 2009; Gordon Malm <gengor@gentoo.org>
261     +hardened-sources-2.6.26-r9.ebuild:
262 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
263 gengor 1.272
264     *hardened-sources-2.6.25-r13 (20 Jan 2009)
265    
266     20 Jan 2009; Gordon Malm <gengor@gentoo.org>
267     +hardened-sources-2.6.25-r13.ebuild:
268 gengor 1.278 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
269 nixnut 1.271
270     20 Jan 2009; nixnut <nixnut@gentoo.org>
271     hardened-sources-2.6.25-r12.ebuild:
272     ppc stable
273 gengor 1.270
274     17 Jan 2009; Gordon Malm <gengor@gentoo.org>
275     hardened-sources-2.6.25-r12.ebuild:
276     Stable amd64/x86.
277 gengor 1.269
278     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
279     -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
280     -hardened-sources-2.6.27-r2.ebuild:
281     Clean out old versions.
282 gengor 1.268
283     *hardened-sources-2.6.27-r4 (14 Jan 2009)
284     *hardened-sources-2.6.26-r8 (14 Jan 2009)
285     *hardened-sources-2.6.25-r12 (14 Jan 2009)
286    
287     14 Jan 2009; Gordon Malm <gengor@gentoo.org>
288     +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
289     +hardened-sources-2.6.27-r4.ebuild:
290     2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
291     2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
292     2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
293     grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
294 nixnut 1.267
295     15 Dec 2008; nixnut <nixnut@gentoo.org>
296     hardened-sources-2.6.25-r11.ebuild:
297     Stable on ppc
298 gengor 1.266
299     09 Dec 2008; Gordon Malm <gengor@gentoo.org>
300     hardened-sources-2.6.25-r11.ebuild:
301     Stable amd64/x86.
302 gengor 1.265
303     *hardened-sources-2.6.27-r3 (07 Dec 2008)
304    
305     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
306     +hardened-sources-2.6.27-r3.ebuild:
307     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
308     Fixes bug #248754, #249729 and #246607.
309 gengor 1.264
310     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
311     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
312     Remove old versions.
313 gengor 1.262
314     *hardened-sources-2.6.26-r7 (03 Dec 2008)
315     *hardened-sources-2.6.25-r11 (03 Dec 2008)
316    
317 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
318     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
319 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
320     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
321     Both include many backports from 2.6.27.{6,7} -stable releases.
322 gengor 1.261
323     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
324     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
325     Remove versions broken on ARCHes != x86/amd64.
326 gengor 1.260
327     *hardened-sources-2.6.27-r2 (24 Nov 2008)
328    
329     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
330     +hardened-sources-2.6.27-r2.ebuild:
331     Bump to Linux 2.6.27.7 and latest grsecurity patch.
332 gengor 1.259
333     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
334     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
335     Remove old versions.
336 gengor 1.258
337     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
338     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
339     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
340 nixnut 1.257
341     16 Nov 2008; nixnut <nixnut@gentoo.org>
342     hardened-sources-2.6.25-r10.ebuild:
343     Stable on ppc
344 gengor 1.256
345     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
346     hardened-sources-2.6.25-r10.ebuild:
347     Stable amd64/x86.
348 gengor 1.255
349     *hardened-sources-2.6.26-r6 (12 Nov 2008)
350    
351     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
352     +hardened-sources-2.6.26-r6.ebuild:
353     Bump to Linux 2.6.26.8 and fix security bug #245650.
354 gengor 1.254
355     *hardened-sources-2.6.25-r10 (12 Nov 2008)
356    
357     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
358     +hardened-sources-2.6.25-r10.ebuild:
359     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
360 gengor 1.253
361     *hardened-sources-2.6.27-r1 (09 Nov 2008)
362    
363     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
364     +hardened-sources-2.6.27-r1.ebuild:
365     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
366 gengor 1.252
367     *hardened-sources-2.6.27 (04 Nov 2008)
368    
369     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
370     +hardened-sources-2.6.27.ebuild:
371     Initial 2.6.27 release.
372 gengor 1.251
373     *hardened-sources-2.6.26-r5 (03 Nov 2008)
374    
375     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
376     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
377     +hardened-sources-2.6.26-r5.ebuild:
378     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
379     Clean out some old versions.
380 nixnut 1.250
381     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
382     Stable on ppc
383 gengor 1.249
384     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
385     hardened-sources-2.6.25-r9.ebuild:
386     Stable on amd64/x86.
387 gengor 1.248
388     *hardened-sources-2.6.25-r9 (26 Oct 2008)
389    
390     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
391     +hardened-sources-2.6.25-r9.ebuild:
392     Update to Linux 2.6.25.19
393 nixnut 1.247
394     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
395     Stable on ppc
396 gengor 1.246
397     *hardened-sources-2.6.26-r4 (14 Oct 2008)
398    
399     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
400     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
401     Update to latest grsecurity patch, fixing building of non-modular kernels.
402 gengor 1.245
403     *hardened-sources-2.6.26-r3 (12 Oct 2008)
404    
405     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
406     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
407     +hardened-sources-2.6.26-r3.ebuild:
408     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
409     2.6.26-r1: Removed.
410     2.6.25-r8: Stable amd64/x86.
411 gengor 1.244
412     *hardened-sources-2.6.25-r8 (09 Oct 2008)
413    
414     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
415     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
416     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
417     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
418 nixnut 1.243
419     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
420     Stable on ppc
421 gengor 1.242
422     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
423     hardened-sources-2.6.25-r7.ebuild:
424     Stable amd64/x86.
425 gengor 1.241
426     *hardened-sources-2.6.26-r2 (13 Sep 2008)
427    
428     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
429     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
430     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
431     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
432 gengor 1.240
433     *hardened-sources-2.6.25-r7 (13 Sep 2008)
434    
435     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
436     +hardened-sources-2.6.25-r7.ebuild:
437     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
438 gengor 1.239
439     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
440     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
441     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
442     hardened-sources-2.6.26-r1.ebuild:
443     Update DESCRIPTION and HGPV_URI.
444 gengor 1.238
445     *hardened-sources-2.6.25-r6 (09 Sep 2008)
446    
447     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
448     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
449     2.6.25-r6: Update to Linux 2.6.25.17.
450     2.6.24-r3: Removed.
451 gengor 1.237
452     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
453     hardened-sources-2.6.25-r5.ebuild:
454     Stable on amd64/x86
455 gengor 1.236
456     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
457     Update my email address.
458 nixnut 1.235
459     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
460     stable on ppc
461 battousai 1.234
462     *hardened-sources-2.6.26-r1 (23 Aug 2008)
463     *hardened-sources-2.6.25-r5 (23 Aug 2008)
464    
465     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
466     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
467     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
468     +hardened-sources-2.6.26-r1.ebuild:
469     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
470     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
471     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
472     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
473     (gengor).
474 solar 1.233
475     *hardened-sources-2.6.26 (18 Aug 2008)
476     *hardened-sources-2.6.25-r4 (18 Aug 2008)
477    
478     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
479     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
480     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
481     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
482     2.6.25-r2: Removed.
483 tove 1.232
484     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
485     Remove phreak from metadata.xml (#96398)
486 solar 1.231
487     *hardened-sources-2.6.25-r3 (31 Jul 2008)
488    
489     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
490     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
491     +hardened-sources-2.6.25-r3.ebuild:
492     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
493     fixes, including security bug #231750.
494 nixnut 1.230
495     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
496     Stable on ppc
497 solar 1.229
498     *hardened-sources-2.6.25-r2 (05 Jul 2008)
499    
500     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
501     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
502     +hardened-sources-2.6.25-r2.ebuild:
503     2.6.23-r4: Stable x86/amd64
504     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
505     2.6.23-r{11,12}: Removed due to multiple vulns.
506     (gengor & kerframil)
507 nixnut 1.228
508     04 Jul 2008; nixnut <nixnut@gentoo.org>
509     hardened-sources-2.6.23-r13.ebuild:
510     Stable on ppc
511 solar 1.227
512     *hardened-sources-2.6.25-r1 (30 Jun 2008)
513    
514     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
515     +hardened-sources-2.6.25-r1.ebuild:
516     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
517     grsecurity release. 2.6.23-r13: x86/amd64 stable
518 solar 1.226
519     *hardened-sources-2.6.25 (17 Jun 2008)
520     *hardened-sources-2.6.24-r3 (17 Jun 2008)
521     *hardened-sources-2.6.23-r13 (17 Jun 2008)
522    
523     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
524     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
525     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
526     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
527     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
528     2.6.25: Initial 2.6.25 release.
529 solar 1.225
530     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
531     - fasttrack to stable x86/amd64
532 swegener 1.224
533     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
534     Fix broken digest for linux-2.6.24.tar.bz2.
535 solar 1.223
536     *hardened-sources-2.6.24-r2 (11 May 2008)
537     *hardened-sources-2.6.23-r12 (11 May 2008)
538    
539     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
540     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
541     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
542     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
543     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
544     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
545     security bugs 219901, 220691, 220975, 220979, 221123. New
546     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
547     should be removed as far as I'm concerned, everything else remove due to
548     vulnerable to numerous security bugs or brokeness.
549 nixnut 1.222
550     10 May 2008; nixnut <nixnut@gentoo.org>
551     hardened-sources-2.6.23-r11.ebuild:
552     Stable on ppc
553 solar 1.221
554     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
555     - -r11 stable on x86/amd64
556 solar 1.220
557     *hardened-sources-2.6.23-r11 (01 May 2008)
558    
559     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
560     - version bump to fix ulgy linux bugs
561 phreak 1.219
562     *hardened-sources-2.6.24-r1 (30 Apr 2008)
563    
564     30 Apr 2008; Christian Heim <phreak@gentoo.org>
565     +hardened-sources-2.6.24-r1.ebuild:
566     Revision bump (thanks to Kerin and Gordon, again), pulling
567     genpatches-2.6.24-7, solving #219089. Additionally contains further security
568     fixes plus some minor updates.
569 phreak 1.218
570     *hardened-sources-2.6.23-r10 (30 Apr 2008)
571    
572     30 Apr 2008; Christian Heim <phreak@gentoo.org>
573     +hardened-sources-2.6.23-r10.ebuild:
574     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
575     Additional contains "various other fixes".
576 phreak 1.217
577     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
578     Update the longdescription in metadata, thanks to Gordon Malm.
579 nixnut 1.216
580     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
581     Stable on ppc wrt bug #213255
582 solar 1.215
583     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
584     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
585     - stable on x86/amd64 per request. Removed obsolete ebuilds
586 phreak 1.214
587     *hardened-sources-2.6.24 (07 Apr 2008)
588    
589     07 Apr 2008; Christian Heim <phreak@gentoo.org>
590     +hardened-sources-2.6.24.ebuild:
591     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
592     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
593     for the many contributions and their continued effort in #216612) based on
594     2.6.24 and genpatches-2.6.24-5.
595    
596     The current ebuild/patchset contains these things:
597     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
598     * Introduces bespoke server and workstation oriented security levels
599     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
600 phreak 1.213
601     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
602     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
603     maintaining it).
604 phreak 1.212
605     24 Mar 2008; Christian Heim <phreak@gentoo.org>
606     hardened-sources-2.4.35-r2.ebuild:
607     Fixing SRC_URI for 2.4.35-r2.
608 phreak 1.211
609     *hardened-sources-2.6.23-r9 (22 Mar 2008)
610    
611     22 Mar 2008; Christian Heim <phreak@gentoo.org>
612     +hardened-sources-2.6.23-r9.ebuild:
613     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
614     * Change the default GIDs for some grsecurity options
615     * Revamp the Hardened [Gentoo] security level and make it the default level
616     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
617     * Fix a recursive lock -- call to capable() within ptrace_attach()
618     * Fix bug that allows audit and iscsi operations to be controlled via netlink
619 solar 1.210
620     *hardened-sources-2.6.23-r8 (27 Feb 2008)
621    
622     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
623     - version bump from Kerin Millar bug 210026
624 solar 1.209
625     17 Feb 2008; <solar@gentoo.org> metadata.xml,
626     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
627     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
628     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
629     - stable on x86 and remove old ebuilds
630 solar 1.207
631     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
632 solar 1.208 - stable on amd64 per request of amd64 lead
633 solar 1.206
634     *hardened-sources-2.6.23-r7 (11 Feb 2008)
635    
636     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
637     - version bump from kerin.millar
638     Changes:
639    
640     * Bump to genpatches-base-2.6.23-9
641     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
642     * Disables COMPAT_VDSO in x86/defconfig
643     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
644 phreak 1.205
645     25 Jan 2008; Christian Heim <phreak@gentoo.org>
646     -hardened-sources-2.6.22-r8.ebuild:
647     Cleaning up old versions.
648 phreak 1.204
649     *hardened-sources-2.6.23-r6 (25 Jan 2008)
650    
651     25 Jan 2008; Christian Heim <phreak@gentoo.org>
652     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
653     Revision bump, pulling in the latest genpatches.
654 phreak 1.203
655     *hardened-sources-2.6.23-r5 (24 Dec 2007)
656    
657     24 Dec 2007; Christian Heim <phreak@gentoo.org>
658     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
659     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
660     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
661     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
662 phreak 1.202
663     24 Dec 2007; Christian Heim <phreak@gentoo.org>
664     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
665     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
666     -hardened-sources-2.6.23-r3.ebuild:
667     Cleaning out some unused, old versions.
668 phreak 1.201
669     24 Dec 2007; Christian Heim <phreak@gentoo.org>
670     hardened-sources-2.6.23-r4.ebuild:
671     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
672     in the tree for long, but there isn't much of a difference between this and
673     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
674 phreak 1.200
675     *hardened-sources-2.6.23-r4 (23 Dec 2007)
676    
677     23 Dec 2007; Christian Heim <phreak@gentoo.org>
678     +hardened-sources-2.6.23-r4.ebuild:
679     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
680 phreak 1.199
681     *hardened-sources-2.6.23-r3 (04 Dec 2007)
682    
683     04 Dec 2007; Christian Heim <phreak@gentoo.org>
684     +hardened-sources-2.6.23-r3.ebuild:
685     Revision bump, pulling in 2.6.23.9.
686 phreak 1.198
687     *hardened-sources-2.6.23-r2 (25 Nov 2007)
688    
689     25 Nov 2007; Christian Heim <phreak@gentoo.org>
690     +hardened-sources-2.6.23-r2.ebuild:
691     Updated patchset, thanks to solar.
692 phreak 1.197
693     *hardened-sources-2.6.23-r1 (31 Oct 2007)
694    
695     31 Oct 2007; Christian Heim <phreak@gentoo.org>
696     +hardened-sources-2.6.23-r1.ebuild:
697     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
698 solar 1.196
699     29 Oct 2007; <solar@gentoo.org> metadata.xml:
700     - update metadata.xml
701 phreak 1.195
702     25 Oct 2007; Christian Heim <phreak@gentoo.org>
703     hardened-sources-2.6.22-r8.ebuild:
704     Marking 2.6.22-r8 stable on amd64 and x86.
705 phreak 1.194
706     21 Oct 2007; Christian Heim <phreak@gentoo.org>
707     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
708     -hardened-sources-2.6.21-r4.ebuild:
709     Removing old ebuilds.
710 phreak 1.193
711     *hardened-sources-2.4.35-r2 (21 Oct 2007)
712    
713     21 Oct 2007; Christian Heim <phreak@gentoo.org>
714     +hardened-sources-2.4.35-r2.ebuild:
715     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
716     patches.
717 phreak 1.192
718     *hardened-sources-2.6.22-r8 (21 Oct 2007)
719    
720     21 Oct 2007; Christian Heim <phreak@gentoo.org>
721     +hardened-sources-2.6.22-r8.ebuild:
722     Yet another new patch, hopefully fixing the remaining issues we had w/
723     2.6.22. Candidate for stabling.
724 phreak 1.191
725     *hardened-sources-2.6.23 (13 Oct 2007)
726    
727     13 Oct 2007; Christian Heim <phreak@gentoo.org>
728     +hardened-sources-2.6.23.ebuild:
729     Initial hardened-sources-2.6.23. If people still have problems w/ bug
730     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
731 phreak 1.190
732     11 Oct 2007; Christian Heim <phreak@gentoo.org>
733     hardened-sources-2.6.20-r10.ebuild:
734     Pulling in yet another new genpatches version, fixing the PWC bug for real.
735 phreak 1.189
736     04 Oct 2007; Christian Heim <phreak@gentoo.org>
737     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
738     Removing old versions.
739 phreak 1.188
740     *hardened-sources-2.6.22-r7 (01 Oct 2007)
741    
742     01 Oct 2007; Christian Heim <phreak@gentoo.org>
743     +hardened-sources-2.6.22-r7.ebuild:
744     Revision bump, pulling in a newer patch. Should fix #194276.
745 phreak 1.187
746     30 Sep 2007; Christian Heim <phreak@gentoo.org>
747     hardened-sources-2.6.20-r10.ebuild:
748     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
749     Mike Doty).
750 phreak 1.186
751     *hardened-sources-2.6.22-r6 (26 Sep 2007)
752    
753     26 Sep 2007; Christian Heim <phreak@gentoo.org>
754     +hardened-sources-2.6.22-r6.ebuild:
755     Revision bump, grabbing up till Linux 2.6.22.9.
756 phreak 1.185
757     24 Sep 2007; Christian Heim <phreak@gentoo.org>
758     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
759     Cleaning up further.
760 phreak 1.184
761     *hardened-sources-2.6.20-r10 (24 Sep 2007)
762    
763     24 Sep 2007; Christian Heim <phreak@gentoo.org>
764     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
765     +hardened-sources-2.6.20-r10.ebuild:
766     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
767     revisions.
768 phreak 1.183
769     *hardened-sources-2.6.22-r5 (22 Sep 2007)
770    
771     22 Sep 2007; Christian Heim <phreak@gentoo.org>
772     +hardened-sources-2.6.22-r5.ebuild:
773     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
774 phreak 1.182
775     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
776     Removing johnm from metadata.xml (see #186467 for reference).
777 phreak 1.181
778     *hardened-sources-2.6.22-r4 (17 Sep 2007)
779    
780     17 Sep 2007; Christian Heim <phreak@gentoo.org>
781     +hardened-sources-2.6.22-r4.ebuild:
782     Revision bump, hopefully fixing all those weird PAX failures.
783 phreak 1.180
784     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
785     Updating the metadata.xml.
786 phreak 1.179
787     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
788     Removing tocharian from metadata due to his retirement (see #71718 for
789     reference).
790 phreak 1.178
791     *hardened-sources-2.6.20-r9 (30 Aug 2007)
792    
793     30 Aug 2007; Christian Heim <phreak@gentoo.org>
794     +hardened-sources-2.6.20-r9.ebuild:
795     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
796 phreak 1.177
797     29 Aug 2007; Christian Heim <phreak@gentoo.org>
798     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
799     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
800     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
801     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
802     -hardened-sources-2.6.22-r2.ebuild:
803     Removing some redundant versions.
804 phreak 1.176
805     *hardened-sources-2.4.35-r1 (29 Aug 2007)
806    
807     29 Aug 2007; Christian Heim <phreak@gentoo.org>
808     +hardened-sources-2.4.35-r1.ebuild:
809     Revision bump, new grsecurity patch.
810 phreak 1.175
811     *hardened-sources-2.6.20-r8 (26 Aug 2007)
812    
813     26 Aug 2007; Christian Heim <phreak@gentoo.org>
814     +hardened-sources-2.6.20-r8.ebuild:
815     Revision bump for Linux 2.6.20.17.
816 phreak 1.174
817     *hardened-sources-2.6.22-r3 (22 Aug 2007)
818    
819     22 Aug 2007; Christian Heim <phreak@gentoo.org>
820     +hardened-sources-2.6.22-r3.ebuild:
821     Revision bump for Linux 2.6.22.4.
822 phreak 1.173
823     16 Aug 2007; Christian Heim <phreak@gentoo.org>
824     hardened-sources-2.6.22-r2.ebuild:
825     Updated patchset, to fix the alignment against 2.6.22.3.
826 phreak 1.172
827     *hardened-sources-2.6.22-r2 (16 Aug 2007)
828    
829     16 Aug 2007; Christian Heim <phreak@gentoo.org>
830     +hardened-sources-2.6.22-r2.ebuild:
831     Revision bump for Linux 2.6.22.3.
832 phreak 1.171
833     *hardened-sources-2.4.35 (16 Aug 2007)
834    
835     16 Aug 2007; Christian Heim <phreak@gentoo.org>
836     +hardened-sources-2.4.35.ebuild:
837     Version bump, initial version for Linux 2.4.35.
838 phreak 1.170
839     *hardened-sources-2.6.21-r4 (16 Aug 2007)
840    
841     16 Aug 2007; Christian Heim <phreak@gentoo.org>
842     +hardened-sources-2.6.21-r4.ebuild:
843     Revision bump for Linux 2.6.21.6.
844 phreak 1.169
845     *hardened-sources-2.6.20-r7 (16 Aug 2007)
846    
847     16 Aug 2007; Christian Heim <phreak@gentoo.org>
848     +hardened-sources-2.6.20-r7.ebuild:
849     Revision bump for Linux 2.6.20.16.
850 phreak 1.168
851     *hardened-sources-2.6.22-r1 (13 Aug 2007)
852    
853     13 Aug 2007; Christian Heim <phreak@gentoo.org>
854     +hardened-sources-2.6.22-r1.ebuild:
855     Yet another revision bump.
856 phreak 1.167
857     *hardened-sources-2.6.22 (10 Aug 2007)
858    
859     10 Aug 2007; Christian Heim <phreak@gentoo.org>
860     +hardened-sources-2.6.22.ebuild:
861     Initial release for 2.6.22. If you are using hardened-sources on a desktop
862     machine (P4 or newer), be aware you might need to disable
863     CONFIG_PAX_PAGEEXEC.
864 phreak 1.166
865     04 Aug 2007; Christian Heim <phreak@gentoo.org>
866     hardened-sources-2.6.20-r6.ebuild:
867     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
868     2.6.20.15.
869 phreak 1.165
870     10 Jul 2007; Christian Heim <phreak@gentoo.org>
871     hardened-sources-2.6.20-r5.ebuild:
872     Marking hardened-sources-2.6.20-r5 stable on ppc.
873 phreak 1.164
874     10 Jul 2007; Christian Heim <phreak@gentoo.org>
875     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
876     Cleanup.
877 phreak 1.163
878     *hardened-sources-2.6.20-r6 (08 Jul 2007)
879    
880     08 Jul 2007; Christian Heim <phreak@gentoo.org>
881     +hardened-sources-2.6.20-r6.ebuild:
882     Revision bump, grabbing yet another stable release.
883 phreak 1.162
884     17 Jun 2007; Christian Heim <phreak@gentoo.org>
885     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
886     -hardened-sources-2.6.21-r2.ebuild:
887     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
888     alpha stable KEYWORD by mistake.
889 phreak 1.161
890     17 Jun 2007; Christian Heim <phreak@gentoo.org>
891     hardened-sources-2.6.20-r5.ebuild:
892     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
893     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
894 phreak 1.160
895     *hardened-sources-2.6.21-r3 (12 Jun 2007)
896    
897     12 Jun 2007; Christian Heim <phreak@gentoo.org>
898     +hardened-sources-2.6.21-r3.ebuild:
899     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
900     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
901     love.
902 phreak 1.159
903     *hardened-sources-2.6.20-r5 (11 Jun 2007)
904    
905     11 Jun 2007; Christian Heim <phreak@gentoo.org>
906     +hardened-sources-2.6.20-r5.ebuild:
907     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
908     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
909     love.
910 pappy 1.158
911     *hardened-sources-2.4.34.5 (11 Jun 2007)
912    
913     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
914     +hardened-sources-2.4.34.5.ebuild:
915     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
916 phreak 1.157
917     30 May 2007; Christian Heim <phreak@gentoo.org>
918     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
919     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
920     stale ebuild(s).
921 phreak 1.156
922     30 May 2007; Christian Heim <phreak@gentoo.org>
923     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
924     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
925     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
926     Doing some cleanups, remove stale ebuilds.
927 phreak 1.155
928     26 May 2007; Christian Heim <phreak@gentoo.org>
929     hardened-sources-2.6.21-r2.ebuild:
930     Fixing the grsecurity patch, had one '};' too much.
931 phreak 1.154
932     *hardened-sources-2.6.21-r2 (26 May 2007)
933    
934     26 May 2007; Christian Heim <phreak@gentoo.org>
935     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
936     +hardened-sources-2.6.21-r2.ebuild:
937     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
938     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
939 phreak 1.153
940     *hardened-sources-2.6.20-r4 (26 May 2007)
941    
942     26 May 2007; Christian Heim <phreak@gentoo.org>
943     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
944     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
945 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
946 phreak 1.152
947     15 May 2007; Christian Heim <phreak@gentoo.org>
948     hardened-sources-2.6.20-r3.ebuild:
949     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
950     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
951     grsecurity patch fail in that exact same hunk.
952 phreak 1.151
953     *hardened-sources-2.6.20-r3 (15 May 2007)
954    
955     15 May 2007; Christian Heim <phreak@gentoo.org>
956     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
957     Revision bump, incorporating Linux 2.6.20.11.
958    
959     *hardened-sources-2.6.21-r1 (11 May 2007)
960    
961     11 May 2007; Christian Heim <phreak@gentoo.org>
962     +hardened-sources-2.6.21-r1.ebuild:
963     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
964     mentioned in #177234.
965 kevquinn 1.150
966     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
967     files/digest-hardened-sources-2.6.21, Manifest:
968     Fix Manifest/digest for linux-2.6.21.tar.bz2
969 phreak 1.149
970     06 May 2007; Christian Heim <phreak@gentoo.org>
971     hardened-sources-2.6.21.ebuild:
972     Bumping the hardened-patches version, needed for the fix for #177234.
973 phreak 1.148
974     *hardened-sources-2.6.21 (02 May 2007)
975    
976     02 May 2007; Christian Heim <phreak@gentoo.org>
977     +hardened-sources-2.6.21.ebuild:
978     Version bump, Linux 2.6.21-hardened.
979 phreak 1.147
980     29 Apr 2007; Christian Heim <phreak@gentoo.org>
981     hardened-sources-2.6.20-r2.ebuild:
982     Adding ~ia64 on Ned's request.
983 phreak 1.146
984     29 Apr 2007; Christian Heim <phreak@gentoo.org>
985     hardened-sources-2.6.20-r2.ebuild:
986     Fixing the included grsecurity patch, wasn't alligning due to the Index:
987     header line(s).
988 phreak 1.145
989     29 Apr 2007; Christian Heim <phreak@gentoo.org>
990     hardened-sources-2.6.20-r2.ebuild:
991     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
992 armin76 1.144
993     *hardened-sources-2.6.20-r2 (10 Apr 2007)
994    
995     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
996     +hardened-sources-2.6.20-r2.ebuild:
997     Version bump, on behalf of phreak
998 phreak 1.143
999     *hardened-sources-2.6.20-r1 (04 Apr 2007)
1000    
1001     04 Apr 2007; Christian Heim <phreak@gentoo.org>
1002     +hardened-sources-2.6.20-r1.ebuild:
1003     Revision bump, grabbing a newer grsecurity snapshot.
1004 phreak 1.142
1005     *hardened-sources-2.6.20 (25 Mar 2007)
1006    
1007     25 Mar 2007; Christian Heim <phreak@gentoo.org>
1008     +hardened-sources-2.6.20.ebuild:
1009     Finally a hardened-sources version for 2.6.20; many people have been waiting
1010     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
1011     testbox.
1012 chainsaw 1.141
1013     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
1014     hardened-sources-2.6.18-r6.ebuild:
1015     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
1016 phreak 1.140
1017     *hardened-sources-2.6.18-r6 (16 Mar 2007)
1018    
1019     16 Mar 2007; Christian Heim <phreak@gentoo.org>
1020     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
1021     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
1022     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
1023     supposed to be.
1024 phreak 1.139
1025     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
1026     Fixing the Manifest, the previous one was broken (as in still had the
1027     deleted ebuild in it).
1028 phreak 1.138
1029     06 Mar 2007; Christian Heim <phreak@gentoo.org>
1030     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
1031     +hardened-sources-2.6.18-r5.ebuild:
1032     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
1033     Linux 2.6.18.8. Also cleaning up the older version.
1034    
1035     *hardened-sources-2.6.18-r5 (06 Mar 2007)
1036    
1037     06 Mar 2007; Christian Heim <phreak@gentoo.org>
1038     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
1039     +hardened-sources-2.6.18-r5.ebuild:
1040     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
1041     Linux 2.6.18.8. Also cleaning up the older version.
1042 phreak 1.137
1043     24 Feb 2007; Christian Heim <phreak@gentoo.org>
1044     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
1045     -hardened-sources-2.6.19-r5.ebuild:
1046     Removing some of the old version, that didn't work.
1047 phreak 1.136
1048     *hardened-sources-2.6.19-r6 (12 Feb 2007)
1049    
1050     12 Feb 2007; Christian Heim <phreak@gentoo.org>
1051     +hardened-sources-2.6.19-r6.ebuild:
1052     Revision bump, including a new grsec version fixing #166235.
1053 pappy 1.134
1054     *hardened-sources-2.4.34 (24 Jan 2007)
1055    
1056     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
1057 pappy 1.135 Manifest:
1058     updating Manifest with checksums of new tarball and ebuild
1059    
1060     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
1061 pappy 1.134 +hardened-sources-2.4.34.ebuild:
1062     I added new hardened sources 2.4 update, this is a critical path
1063     security bugfix - all users of h-s are strongly advised
1064     to update their existing hardened sources to this version.
1065     It contains a fix for a kernel vulnerability that is pertaining
1066     to the PaX changes to virtual memory management, possibly leading
1067     to a local kernel exploit ... see grsecurity.net forums and homepage
1068 phreak 1.133
1069     23 Jan 2007; Christian Heim <phreak@gentoo.org>
1070     files/digest-hardened-sources-2.6.19-r5, Manifest:
1071     Fixing the patch-tarball digest.
1072 phreak 1.132
1073     *hardened-sources-2.6.19-r5 (23 Jan 2007)
1074    
1075     23 Jan 2007; Christian Heim <phreak@gentoo.org>
1076     +hardened-sources-2.6.19-r5.ebuild:
1077     Revision bump, closing the recently discovered PaX expand_stack()
1078     vulnerability.
1079 phreak 1.131
1080     *hardened-sources-2.6.19-r4 (14 Jan 2007)
1081    
1082     14 Jan 2007; Christian Heim <phreak@gentoo.org>
1083     +hardened-sources-2.6.19-r4.ebuild:
1084     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
1085     dropping the randomized PID feature.
1086 opfer 1.130
1087     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
1088     hardened-sources-2.4.33.4.ebuild:
1089     stable x86, bug #161171
1090 phreak 1.129
1091     *hardened-sources-2.6.19-r3 (27 Dec 2006)
1092    
1093     27 Dec 2006; Christian Heim <phreak@gentoo.org>
1094     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
1095     Revision bump for bug #157186 and #158786.
1096 phreak 1.128
1097     *hardened-sources-2.6.18-r4 (27 Dec 2006)
1098    
1099     27 Dec 2006; Christian Heim <phreak@gentoo.org>
1100     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
1101     Revision bump for bug #157186.
1102 phreak 1.127
1103     *hardened-sources-2.6.19-r2 (23 Dec 2006)
1104    
1105     23 Dec 2006; Christian Heim <phreak@gentoo.org>
1106     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
1107     Revision bump to pull in genpatches-2.6.19-3 for #157186.
1108 phreak 1.126
1109     17 Dec 2006; Christian Heim <phreak@gentoo.org>
1110     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
1111     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
1112     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
1113     hardened-sources-2.6.19-r1.ebuild:
1114     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
1115     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
1116 pappy 1.125
1117     *hardened-sources-2.4.33.4 (17 Dec 2006)
1118    
1119     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
1120     +hardened-sources-2.4.33.4.ebuild:
1121     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
1122     and quilting
1123 phreak 1.124
1124     *hardened-sources-2.6.19-r1 (14 Dec 2006)
1125    
1126     14 Dec 2006; Christian Heim <phreak@gentoo.org>
1127     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
1128     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
1129     for reporting).
1130 phreak 1.123
1131     *hardened-sources-2.6.19 (13 Dec 2006)
1132    
1133     13 Dec 2006; Christian Heim <phreak@gentoo.org>
1134     +hardened-sources-2.6.19.ebuild:
1135     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
1136     Brad for providing that prompt update.
1137 phreak 1.122
1138     *hardened-sources-2.6.18-r3 (13 Dec 2006)
1139    
1140     13 Dec 2006; Christian Heim <phreak@gentoo.org>
1141     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
1142     +hardened-sources-2.6.18-r3.ebuild:
1143     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
1144     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
1145 phreak 1.121
1146     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
1147     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
1148 nixnut 1.120
1149     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
1150     Stable on ppc wrt bug 157356
1151 opfer 1.119
1152     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
1153     hardened-sources-2.6.18.ebuild:
1154     stable x86, bug #157356
1155 phreak 1.118
1156     *hardened-sources-2.6.18-r2 (06 Dec 2006)
1157    
1158     06 Dec 2006; Christian Heim <phreak@gentoo.org>
1159     +hardened-sources-2.6.18-r2.ebuild:
1160     Revision bump, including 2.6.18.5 (via genpatches) and
1161     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
1162     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
1163     redesign.
1164 phreak 1.117
1165     06 Dec 2006; Christian Heim <phreak@gentoo.org>
1166     hardened-sources-2.6.18.ebuild:
1167     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
1168     of Mike Doty).
1169 phreak 1.116
1170     *hardened-sources-2.6.18-r1 (23 Nov 2006)
1171    
1172     23 Nov 2006; Christian Heim <phreak@gentoo.org>
1173     +hardened-sources-2.6.18-r1.ebuild:
1174     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
1175 phreak 1.115
1176     *hardened-sources-2.6.18 (11 Nov 2006)
1177    
1178     11 Nov 2006; Christian Heim <phreak@gentoo.org>
1179     +hardened-sources-2.6.18.ebuild:
1180     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
1181 solar 1.114
1182     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1183     - mark amd64 stable also. bug #151877
1184 solar 1.113
1185     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1186     - mark 2.6.17-r1 stable
1187 phreak 1.112
1188     27 Aug 2006; Christian Heim <phreak@gentoo.org>
1189     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
1190     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
1191 phreak 1.111
1192     *hardened-sources-2.6.17-r1 (26 Aug 2006)
1193    
1194     26 Aug 2006; Christian Heim <phreak@gentoo.org>
1195     +hardened-sources-2.6.17-r1.ebuild:
1196     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
1197     grsecurity patch.
1198 phreak 1.110
1199     *hardened-sources-2.6.17 (17 Aug 2006)
1200    
1201     17 Aug 2006; Christian Heim <phreak@gentoo.org>
1202     +hardened-sources-2.6.17.ebuild:
1203     Bumping the hardened-sources-2.6 series to 2.6.17, using
1204     genpatches-2.6.17-6.base.
1205 solar 1.109
1206     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1207     - stable on x86 and amd64
1208 solar 1.108
1209     *hardened-sources-2.6.16-r11 (15 Jul 2006)
1210    
1211     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1212     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1213     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1214     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1215     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1216     crusty ebuilds
1217 johnm 1.107
1218     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1219     hardened-sources-2.6.16-r10.ebuild:
1220     marking stable on x86 and amd64
1221 solar 1.106
1222     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1223     - 2.4.32-r6 stable on x86. RSBAC state unknown
1224 kang 1.105
1225     *hardened-sources-2.4.32-r7 (10 Jul 2006)
1226    
1227     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1228     +hardened-sources-2.4.32-r7.ebuild:
1229     Bump PaX for RSBAC to test-17
1230 johnm 1.104
1231     *hardened-sources-2.6.16-r9 (03 Jul 2006)
1232    
1233     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1234     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1235     hardened-sources-2.6.16 bump to latest -base.
1236 solar 1.103
1237     *hardened-sources-2.4.32-r6 (30 Jun 2006)
1238    
1239     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1240     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1241     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1242     sysctl controlable resource logging
1243 johnm 1.102
1244     *hardened-sources-2.6.16-r7 (05 Jun 2006)
1245    
1246     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1247     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1248     push new 2.6.16 release in preparation for stable
1249 solar 1.101
1250     22 May 2006; <solar@gentoo.org> :
1251     - redigest bug 134002
1252 kang 1.100
1253     *hardened-sources-2.4.32-r5 (16 May 2006)
1254    
1255     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1256     +hardened-sources-2.4.32-r5.ebuild:
1257     Fixes rsbac common patching (new patch in new -r5 patchset)
1258 solar 1.99
1259     *hardened-sources-2.4.32-r4 (13 May 2006)
1260    
1261     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1262     +hardened-sources-2.4.32-r4.ebuild:
1263     - security bumps
1264 johnm 1.98
1265     *hardened-sources-2.6.16-r6 (03 May 2006)
1266    
1267     03 May 2006; John Mylchreest <johnm@gentoo.org>
1268     +hardened-sources-2.6.16-r6.ebuild:
1269     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1270 johnm 1.97
1271     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1272     hardened-sources-2.6.14-r8.ebuild:
1273     fix x86_64 build problem, this will delay the digest issue again for a short
1274     while but it will sort itself out
1275 johnm 1.96
1276     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1277     hardened-sources-2.6.14-r8.ebuild:
1278     bump hardened patchset
1279 antarus 1.94
1280     27 Apr 2006; Alec Warner <antarus@gentoo.org>
1281     files/digest-hardened-sources-2.4.32-r2,
1282     files/digest-hardened-sources-2.4.32-r3,
1283     files/digest-hardened-sources-2.6.14-r8, Manifest:
1284     Fixing duff SHA256 digests: Bug # 131293
1285 johnm 1.93
1286 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1287    
1288     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1289     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1290     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1291     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1292     cleanup of old uneccessary sources
1293    
1294 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1295     fix digest
1296 johnm 1.92
1297     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1298    
1299     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1300     +hardened-sources-2.6.14-r8.ebuild:
1301     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1302 johnm 1.91
1303     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1304     Turning on gpg-signing again, and recomitting
1305 johnm 1.90
1306     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1307    
1308     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1309     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1310     +hardened-sources-2.6.16-r4.ebuild:
1311     Fix numerous security vulns
1312 solar 1.89
1313     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1314    
1315     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1316     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1317     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1318     - security bump for bug #112791. Removed old ebuilds
1319 johnm 1.88
1320     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1321    
1322     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1323     +hardened-sources-2.6.16-r3.ebuild:
1324     Removing silly localversion which I missed
1325 johnm 1.87
1326     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1327    
1328     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1329     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1330     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1331 johnm 1.86
1332     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1333    
1334     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1335     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1336     +hardened-sources-2.6.16-r2.ebuild:
1337     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1338     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1339 johnm 1.85
1340     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1341    
1342     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1343     +hardened-sources-2.6.16-r1.ebuild:
1344     Bumping to include ppc build fix and 2.6.16.3
1345 tsunam 1.84
1346     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1347     hardened-sources-2.6.14-r6.ebuild:
1348     Stable on x86; bug #127718
1349 johnm 1.83
1350     *hardened-sources-2.6.16 (31 Mar 2006)
1351    
1352     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1353     +hardened-sources-2.6.16.ebuild:
1354     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1355     2.6.16.1
1356 cryos 1.82
1357     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1358     hardened-sources-2.6.14-r6.ebuild:
1359     Stable on amd64, bug 127718.
1360 nixnut 1.81
1361     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1362     Stable on ppc. Bug #127718
1363 johnm 1.80
1364     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1365     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1366     -hardened-sources-2.6.14-r4.ebuild:
1367     Cleanup.
1368 johnm 1.79
1369     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1370    
1371     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1372     +hardened-sources-2.6.14-r6.ebuild:
1373     Fixes grsec policy recreation bug and adds a
1374     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1375 solar 1.78
1376     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1377     - stable on x86
1378 hansmi 1.77
1379     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1380     hardened-sources-2.6.14-r5.ebuild:
1381     Stable on ppc.
1382 johnm 1.76
1383     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1384    
1385     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1386     +hardened-sources-2.6.14-r5.ebuild:
1387     fixing every known exploit
1388 solar 1.75
1389     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1390    
1391     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1392     +hardened-sources-2.4.32-r2.ebuild:
1393     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1394 solar 1.74
1395     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1396    
1397     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1398     - version bump for new genpatches which fix up a few sec holes
1399 solar 1.73
1400     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1401    
1402     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1403     - revision bump to add misc vital linux kernel security patches.
1404 johnm 1.72
1405     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1406    
1407     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1408     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1409     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1410 johnm 1.71
1411     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1412     hardened-sources-2.6.14-r2.ebuild:
1413     making x86 & amd64 stable following testing.
1414 johnm 1.70
1415     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1416    
1417     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1418     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1419     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1420     network hooks.
1421 johnm 1.69
1422     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1423     hardened-sources-2.6.14-r1.ebuild:
1424     bumping to stable early for sec fix on x86 & amd64
1425 johnm 1.68
1426     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1427    
1428     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1429     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1430     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1431 solar 1.67
1432     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1433     - stable on x86 security bug #114227 CAN-2005-3257
1434 kang 1.66
1435     *hardened-sources-2.4.32 (19 Nov 2005)
1436    
1437     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1438     +hardened-sources-2.4.32.ebuild:
1439     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1440     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1441     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1442     rsbac >> /etc/portage/package.use)
1443 johnm 1.65
1444     *hardened-sources-2.6.14 (14 Nov 2005)
1445    
1446     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1447     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1448     Bumping 2.6 series to 2.6.14.2
1449 johnm 1.64
1450     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1451    
1452     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1453     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1454     +hardened-sources-2.6.13-r2.ebuild:
1455     Fixes minor build error in ppc.
1456 johnm 1.63
1457     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1458    
1459     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1460     +hardened-sources-2.6.13-r1.ebuild:
1461     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1462     2.6.13.4, fixes some major amd64 stability problems.
1463 johnm 1.62
1464     *hardened-sources-2.6.13 (16 Sep 2005)
1465    
1466     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1467     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1468     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1469     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1470     users should test this thoroughly.
1471 solar 1.61
1472     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1473     - stable on x86
1474 johnm 1.60
1475     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1476    
1477     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1478     +hardened-sources-2.6.11-r15.ebuild:
1479     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1480     grsec redefining curr_ip struct.
1481 solar 1.59
1482     *hardened-sources-2.4.31 (20 Jun 2005)
1483    
1484     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1485     initial import of 2.4.31 tree
1486 johnm 1.58
1487     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1488    
1489     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1490     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1491     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1492     naming scheme to abide by genpatches
1493 johnm 1.57
1494     *hardened-sources-2.6.11-r13 (18 May 2005)
1495    
1496     18 May 2005; John Mylchreest <johnm@gentoo.org>
1497     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1498     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1499     target. sorry about that. Fixes bug #93022
1500 johnm 1.56
1501     *hardened-sources-2.6.11-r12 (17 May 2005)
1502    
1503     17 May 2005; John Mylchreest <johnm@gentoo.org>
1504     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1505     +hardened-sources-2.6.11-r12.ebuild:
1506     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1507     merges in genpatches-base
1508 johnm 1.55
1509     *hardened-sources-2.6.11-r12 (17 May 2005)
1510    
1511     17 May 2005; John Mylchreest <johnm@gentoo.org>
1512     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1513     +hardened-sources-2.6.11-r12.ebuild:
1514     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1515     merges in genpatches-base
1516 solar 1.54
1517     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1518     -files/2.4.27-cmdline-race.patch,
1519     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1520     -files/2.4.28-grsec-binfmt_a.out.patch,
1521     -files/2.4.28-grsec-cmdline-race.patch,
1522     -files/2.4.28-selinux-binfmt_a.out.patch,
1523     -files/2.4.28-selinux-cmdline-race.patch,
1524     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1525     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1526     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1527     cleanup..
1528 solar 1.53
1529     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1530    
1531     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1532     - disable aout by default
1533 solar 1.52
1534     *hardened-sources-2.4.30 (18 Apr 2005)
1535    
1536     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1537     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1538     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1539     use
1540 tocharian 1.50
1541 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1542    
1543     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1544     +hardened-sources-2.4.29.ebuild:
1545     New hardened-patches-2.4-29.0 patchball.
1546     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1547    
1548     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1549    
1550     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1551     +hardened-sources-2.4.28-r5.ebuild:
1552     Added a fix for a PaX vulnerability.
1553    
1554     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1555 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1556     Stable on x86
1557 solar 1.49
1558     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1559     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1560     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1561     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1562     - fixed/added RDEPEND= in all kernel-2 ebuilds
1563 tocharian 1.48
1564     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1565    
1566     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1567     +hardened-sources-2.4.28-r4.ebuild:
1568     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1569     backport of neighbour hash updates.
1570 tocharian 1.47
1571     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1572     hardened-sources-2.4.28-r3.ebuild:
1573     Stable on x86
1574 tseng 1.46
1575     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1576    
1577     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1578     +hardened-sources-2.6.10-r3.ebuild:
1579     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1580     in 2005.0
1581 tocharian 1.45
1582     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1583     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1584     hardened-sources-2.4.28-r2.ebuild:
1585     Mark stable on x86
1586 tocharian 1.44
1587     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1588    
1589     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1590     +hardened-sources-2.4.28-r3.ebuild:
1591     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1592 tocharian 1.43
1593     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1594     hardened-sources-2.4.28.ebuild:
1595     Mark stable on x86.
1596 tocharian 1.42
1597     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1598    
1599     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1600     +hardened-sources-2.4.28-r2.ebuild:
1601     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1602     Mazinger for grsecurity patches as well.
1603 plasmaroo 1.41
1604     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1605    
1606     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1607     Security bump. Thank tocharian for rolling a new patchset...
1608 solar 1.40
1609     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1610     +files/2.4.28-grsec-cmdline-race.patch,
1611     +files/2.4.28-selinux-binfmt_a.out.patch,
1612     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1613     - Round up remaining security patches that appear to be missing in 2.4.28. -
1614     PaX standalone updated to current. hgpv=28.1
1615 solar 1.39
1616     *hardened-sources-2.4.28 (28 Nov 2004)
1617    
1618     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1619     security bump. Thank tocharian for rolling a new patchset
1620 scox 1.31
1621 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1622    
1623     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1624     +hardened-sources-2.4.27-r3.ebuild:
1625     Applies the new 2.4-27.2 patchball which updates
1626     GRSecurity to the 2.0.1 version.
1627    
1628 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1629    
1630     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1631     +hardened-sources-2.4.27-r2.ebuild:
1632     Version bump.
1633     This version uses the new 2.4-27.1 patchball which updates
1634     both the SELinux PaX hooks patch and the SELinux headers.
1635    
1636 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1637    
1638     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1639     +hardened-sources-2.4.27-r1.ebuild,
1640     -hardened-sources-2.4.27.ebuild,
1641     +files/2.4.27-cmdline-race.patch:
1642     Version bump, fix for cmdline race. See bug #59905.
1643    
1644     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1645    
1646     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1647     +hardened-sources-2.4.26-r6.ebuild,
1648     -hardened-sources-2.4.26-r5.ebuild,
1649     -hardened-sources-2.4.26-r4.ebuild,
1650     +files/2.4.26-cmdline-race.patch:
1651     Version bump, fix for cmdline race. See bug #59905.
1652    
1653 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1654    
1655     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1656     +hardened-sources-2.4.27.ebuild,
1657     +files/2.4.27-CAN-2004-0394.patch:
1658     Ported the patchball to the 2.4.27 kernel version.
1659    
1660 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1661    
1662     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1663     +hardened-sources-2.4.26-r5.ebuild:
1664 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1665 scox 1.34 It adds the following features:
1666     - Squashfs
1667     - Ebtables
1668     - Netdev random (core+drivers)
1669     - Watchdog Timer (WDT) fix.
1670    
1671 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1672    
1673     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1674     +hardened-sources-2.4.26-r4.ebuild,
1675     +files/2.4.26-CAN-2004-0415.patch,
1676     -hardened-sources-2.4.26-3:
1677     Version bump, fix for CAN 0415, see bug #59378.
1678    
1679 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1680    
1681     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1682     +hardened-sources-2.4.26-r3.ebuild,
1683     +files/2.4.26-CAN-2004-0497.patch,
1684     -hardened-sources-2.4.26-r2.ebuild:
1685     Version bump, fixed CAN 0497, see bug #56171.
1686    
1687 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1688    
1689     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1690 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1691 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1692     +files/2.4.26-CAN-2004-0535.patch,
1693     -hardened-sources-2.4.26-r1.ebuild:
1694     Fixes for both CAN 0495 and 0535, see bug #54976
1695 pvdabeel 1.27
1696 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1697     hardened-sources-2.4.26-r1.ebuild:
1698     QA - fix use invocation
1699 scox 1.28
1700     *hardened-sources-2.4.26-r1 (22 June 2004)
1701    
1702     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1703     +hardened-sources-2.4.26-r1.ebuild,
1704     +files/2.4.26-CAN-2004-0394.patch,
1705     +files/2.4.26-signal-race.patch,
1706     -hardened-sources-2.4.26.ebuild,
1707     -hardened-sources-2.4.24-r3.ebuild:
1708     Version bump for the CAN-2004-0394 issue and bug #53804
1709     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1710    
1711    
1712 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1713     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1714     Masked hardened-sources-2.4.26.ebuild broken for ppc
1715    
1716     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1717     hardened-sources-2.4.24-r3.ebuild:
1718     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1719 plasmaroo 1.25
1720 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1721    
1722     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1723     +hardened-sources-2.4.26.ebuild:
1724     Updated hardened-sources for the 2.4.26 kernel
1725     Removed broken components, updated almost everything.
1726    
1727 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1728    
1729     17 Apr 2004; <plasmaroo@gentoo.org>
1730     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1731     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1732     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1733     +hardened-sources-2.4.24-r3.ebuild:
1734     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1735     vulnerabilities. Old revisions removed.
1736 plasmaroo 1.24
1737     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1738    
1739     15 Apr 2004; <plasmaroo@gentoo.org>
1740     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1741     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1742     Version bump for the CAN-2004-0109 issue; bug #47881.
1743 aliz 1.23
1744     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1745     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1746     Add eutils to inherit.
1747 plasmaroo 1.22
1748     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1749    
1750     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1751     files/hardened-sources-2.4.24.munmap.patch:
1752     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1753 scox 1.19
1754 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1755 scox 1.26
1756 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1757     hardened-sources-2.4.24.ebuild:
1758     Version bump, updated most of the components.
1759     This release includes the following:
1760    
1761     - Hardened security
1762     - Netfilter patch-o-matic 20031219
1763     - FreeSWAN 2.04 & x509 1.4.8
1764     - EVMS 2.2.2
1765     - XFS 1.3.1
1766     - cryptoloop jari
1767     - grsecurity 2.0-rc4
1768     - SELinux
1769     - PaX 200402060000
1770     - PaX Obscurity 200308302223
1771     - Others...
1772    
1773     Neither -ck nor systrace are included anymore.
1774    
1775 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1776    
1777     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1778     hardened-sources-2.4.22-r2.ebuild:
1779 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1780 scox 1.19
1781     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1782 iggy 1.17
1783     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1784 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1785 iggy 1.16
1786     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1787 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1788     Version bump for the 'do_brk' vulnerability.
1789 iggy 1.15
1790     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1791     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1792     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1793     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1794 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1795 frogger 1.14
1796     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1797     hardened-sources-2.4.22.ebuild:
1798 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1799     components. These are no longer handled in the kernel
1800     so this code was not necessary.
1801 frogger 1.13
1802     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1803     New 2.4.22 based hardened-sources thanks to
1804     Phil West <p.west@computer.org>.
1805    
1806     These sources include:
1807 plasmaroo 1.18 - New SELinux API
1808     - Updated CK-base
1809     - Updated GRSec
1810     - Systrace
1811     - SuperFreeS/WAN 1.99.8
1812     - Propolice kernel build support
1813     - EVMS
1814     - Other various security related patches
1815 frogger 1.11
1816 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1817    
1818     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1819     Updated hardened-sources based on the 2.4.21 Linux kernel.
1820     This includes updates to most major components such as:
1821 plasmaroo 1.18 - ck-base-0306300059
1822     - selinux-2.4-2003071106
1823     - grsecurity-2.0-rc1
1824     - Updated IPTables patch-o-matic
1825     - Updated SuperFreeS/WAN
1826    
1827 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1828     updated patch set ready for the 2.4.21 based kernel.
1829    
1830 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1831     Initial import of hardened-sources-2.4.20-r4. This revision
1832     includes only a few changes, but one of these is an important
1833     security fix. It is recommended all users of hardened-sources
1834     upgrade to this release.
1835 plasmaroo 1.18
1836 frogger 1.11 - ioperm bug fix
1837     - fixed compilation failure when building without GRSec
1838 plasmaroo 1.18
1839 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1840     due to time constraints, but is planned for inclusion in the near
1841     future.
1842 msterret 1.10
1843     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1844    
1845     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1846     hardened-sources-2.4.20-r3.ebuild:
1847 plasmaroo 1.18 Add Header...
1848 frogger 1.9
1849     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1850     hardened-sources-2.4.20-r3.ebuild:
1851     Removed warnings from ebuild. This kernel should be safe to
1852     use at this point.
1853 frogger 1.8
1854     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1855    
1856     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1857     hardened-sources-2.4.20-r3.ebuild:
1858     New revision. Includes the following changes over -r2:
1859 plasmaroo 1.18
1860 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1861     - Super FreeS/WAN 1.99.7rc2
1862     - PaX for the LSM/SELinux branch
1863     - GRSecurity 2.0-pre4 (role based access control)
1864     - Systrace 1.3
1865     - EXT3 fixes
1866     - EVMS 2.0.1
1867     - GCC 3.1+ compile optimizations
1868     - ProPolice kernel build support
1869     - Hashing table security fixes
1870 frogger 1.3
1871     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1872 frogger 1.7
1873     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1874     Initial import of hardened-sources-r2. This new
1875     ebuild includes many new performance and security
1876     related patches. As in -r1, it will patch in
1877     LSM/SELinux if "selinux" is in USE, otherwise it
1878     will patch in GRSecurity. The following patches
1879     are included in this revision:
1880 plasmaroo 1.18
1881 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1882     (pulled from the base CK patch)
1883     - ptrace exploit patch for the LSM kernel
1884     (the GRSec patch already fixes this)
1885     - LSM 2.4-2003040709
1886     - SELinux 2.4-2003040709
1887     - Systrace v1.2
1888     - IPTables patch-o-matic base patches - 20030107
1889     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1890     - Super FreeS/WAN 1.99.6.1
1891     - GRSecurity 1.9.9g
1892     - MPPE
1893     - EXT3 data journal fix
1894     - CIPE 1.5.4
1895 frogger 1.6
1896     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1897     hardened-sources-2.4.20-r1.ebuild, manifest:
1898 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1899 frogger 1.5
1900     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1901     hardened-sources-2.4.20-r1.ebuild:
1902     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1903     is patched in instead. Ptrace patches for selinux have also been added. In
1904     either case, systrace support will be patched in as well.
1905 frogger 1.3
1906     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1907     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1908 plasmaroo 1.18 Revision bump for new sources.
1909 frogger 1.4
1910 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1911 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1912 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1913 method 1.1
1914 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1915    
1916 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1917     hardened-sources-2.4.20.ebuild:
1918 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20