/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.123 - (show annotations) (download)
Wed Dec 13 23:54:10 2006 UTC (7 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.122: +8 -1 lines
And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and Brad for providing that prompt update.
(Portage version: 2.1.2_rc3-r3)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.122 2006/12/13 22:10:00 phreak Exp $
4
5 *hardened-sources-2.6.19 (13 Dec 2006)
6
7 13 Dec 2006; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.19.ebuild:
9 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
10 Brad for providing that prompt update.
11
12 *hardened-sources-2.6.18-r3 (13 Dec 2006)
13
14 13 Dec 2006; Christian Heim <phreak@gentoo.org>
15 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
16 +hardened-sources-2.6.18-r3.ebuild:
17 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
18 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
19
20 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
21 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
22
23 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
24 Stable on ppc wrt bug 157356
25
26 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
27 hardened-sources-2.6.18.ebuild:
28 stable x86, bug #157356
29
30 *hardened-sources-2.6.18-r2 (06 Dec 2006)
31
32 06 Dec 2006; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.18-r2.ebuild:
34 Revision bump, including 2.6.18.5 (via genpatches) and
35 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
36 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
37 redesign.
38
39 06 Dec 2006; Christian Heim <phreak@gentoo.org>
40 hardened-sources-2.6.18.ebuild:
41 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
42 of Mike Doty).
43
44 *hardened-sources-2.6.18-r1 (23 Nov 2006)
45
46 23 Nov 2006; Christian Heim <phreak@gentoo.org>
47 +hardened-sources-2.6.18-r1.ebuild:
48 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
49
50 *hardened-sources-2.6.18 (11 Nov 2006)
51
52 11 Nov 2006; Christian Heim <phreak@gentoo.org>
53 +hardened-sources-2.6.18.ebuild:
54 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
55
56 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
57 - mark amd64 stable also. bug #151877
58
59 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
60 - mark 2.6.17-r1 stable
61
62 27 Aug 2006; Christian Heim <phreak@gentoo.org>
63 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
64 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
65
66 *hardened-sources-2.6.17-r1 (26 Aug 2006)
67
68 26 Aug 2006; Christian Heim <phreak@gentoo.org>
69 +hardened-sources-2.6.17-r1.ebuild:
70 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
71 grsecurity patch.
72
73 *hardened-sources-2.6.17 (17 Aug 2006)
74
75 17 Aug 2006; Christian Heim <phreak@gentoo.org>
76 +hardened-sources-2.6.17.ebuild:
77 Bumping the hardened-sources-2.6 series to 2.6.17, using
78 genpatches-2.6.17-6.base.
79
80 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
81 - stable on x86 and amd64
82
83 *hardened-sources-2.6.16-r11 (15 Jul 2006)
84
85 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
86 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
87 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
88 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
89 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
90 crusty ebuilds
91
92 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
93 hardened-sources-2.6.16-r10.ebuild:
94 marking stable on x86 and amd64
95
96 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
97 - 2.4.32-r6 stable on x86. RSBAC state unknown
98
99 *hardened-sources-2.4.32-r7 (10 Jul 2006)
100
101 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
102 +hardened-sources-2.4.32-r7.ebuild:
103 Bump PaX for RSBAC to test-17
104
105 *hardened-sources-2.6.16-r9 (03 Jul 2006)
106
107 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
108 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
109 hardened-sources-2.6.16 bump to latest -base.
110
111 *hardened-sources-2.4.32-r6 (30 Jun 2006)
112
113 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
114 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
115 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
116 sysctl controlable resource logging
117
118 *hardened-sources-2.6.16-r7 (05 Jun 2006)
119
120 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
121 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
122 push new 2.6.16 release in preparation for stable
123
124 22 May 2006; <solar@gentoo.org> :
125 - redigest bug 134002
126
127 *hardened-sources-2.4.32-r5 (16 May 2006)
128
129 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
130 +hardened-sources-2.4.32-r5.ebuild:
131 Fixes rsbac common patching (new patch in new -r5 patchset)
132
133 *hardened-sources-2.4.32-r4 (13 May 2006)
134
135 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
136 +hardened-sources-2.4.32-r4.ebuild:
137 - security bumps
138
139 *hardened-sources-2.6.16-r6 (03 May 2006)
140
141 03 May 2006; John Mylchreest <johnm@gentoo.org>
142 +hardened-sources-2.6.16-r6.ebuild:
143 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
144
145 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
146 hardened-sources-2.6.14-r8.ebuild:
147 fix x86_64 build problem, this will delay the digest issue again for a short
148 while but it will sort itself out
149
150 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
151 hardened-sources-2.6.14-r8.ebuild:
152 bump hardened patchset
153
154 27 Apr 2006; Alec Warner <antarus@gentoo.org>
155 files/digest-hardened-sources-2.4.32-r2,
156 files/digest-hardened-sources-2.4.32-r3,
157 files/digest-hardened-sources-2.6.14-r8, Manifest:
158 Fixing duff SHA256 digests: Bug # 131293
159
160 *hardened-sources-2.6.16-r5 (27 Apr 2006)
161
162 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
163 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
164 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
165 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
166 cleanup of old uneccessary sources
167
168 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
169 fix digest
170
171 *hardened-sources-2.6.14-r8 (20 Apr 2006)
172
173 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
174 +hardened-sources-2.6.14-r8.ebuild:
175 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
176
177 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
178 Turning on gpg-signing again, and recomitting
179
180 *hardened-sources-2.6.16-r4 (20 Apr 2006)
181
182 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
183 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
184 +hardened-sources-2.6.16-r4.ebuild:
185 Fix numerous security vulns
186
187 *hardened-sources-2.4.32-r3 (16 Apr 2006)
188
189 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
190 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
191 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
192 - security bump for bug #112791. Removed old ebuilds
193
194 *hardened-sources-2.6.16-r3 (15 Apr 2006)
195
196 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
197 +hardened-sources-2.6.16-r3.ebuild:
198 Removing silly localversion which I missed
199
200 *hardened-sources-2.6.14-r7 (14 Apr 2006)
201
202 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
203 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
204 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
205
206 *hardened-sources-2.6.16-r2 (13 Apr 2006)
207
208 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
209 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
210 +hardened-sources-2.6.16-r2.ebuild:
211 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
212 labels, dropping USERGROUP define fixes, since these were merged mainstream.
213
214 *hardened-sources-2.6.16-r1 (11 Apr 2006)
215
216 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
217 +hardened-sources-2.6.16-r1.ebuild:
218 Bumping to include ppc build fix and 2.6.16.3
219
220 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
221 hardened-sources-2.6.14-r6.ebuild:
222 Stable on x86; bug #127718
223
224 *hardened-sources-2.6.16 (31 Mar 2006)
225
226 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
227 +hardened-sources-2.6.16.ebuild:
228 Bumping to new version of grsec, and kernel base. New squashfs. Based on
229 2.6.16.1
230
231 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
232 hardened-sources-2.6.14-r6.ebuild:
233 Stable on amd64, bug 127718.
234
235 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
236 Stable on ppc. Bug #127718
237
238 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
239 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
240 -hardened-sources-2.6.14-r4.ebuild:
241 Cleanup.
242
243 *hardened-sources-2.6.14-r6 (15 Mar 2006)
244
245 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
246 +hardened-sources-2.6.14-r6.ebuild:
247 Fixes grsec policy recreation bug and adds a
248 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
249
250 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
251 - stable on x86
252
253 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
254 hardened-sources-2.6.14-r5.ebuild:
255 Stable on ppc.
256
257 *hardened-sources-2.6.14-r5 (01 Feb 2006)
258
259 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
260 +hardened-sources-2.6.14-r5.ebuild:
261 fixing every known exploit
262
263 *hardened-sources-2.4.32-r2 (26 Jan 2006)
264
265 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
266 +hardened-sources-2.4.32-r2.ebuild:
267 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
268
269 *hardened-sources-2.6.14-r4 (12 Jan 2006)
270
271 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
272 - version bump for new genpatches which fix up a few sec holes
273
274 *hardened-sources-2.4.32-r1 (05 Jan 2006)
275
276 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
277 - revision bump to add misc vital linux kernel security patches.
278
279 *hardened-sources-2.6.14-r3 (30 Dec 2005)
280
281 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
282 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
283 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
284
285 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
286 hardened-sources-2.6.14-r2.ebuild:
287 making x86 & amd64 stable following testing.
288
289 *hardened-sources-2.6.14-r2 (27 Dec 2005)
290
291 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
292 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
293 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
294 network hooks.
295
296 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
297 hardened-sources-2.6.14-r1.ebuild:
298 bumping to stable early for sec fix on x86 & amd64
299
300 *hardened-sources-2.6.14-r1 (05 Dec 2005)
301
302 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
303 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
304 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
305
306 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
307 - stable on x86 security bug #114227 CAN-2005-3257
308
309 *hardened-sources-2.4.32 (19 Nov 2005)
310
311 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
312 +hardened-sources-2.4.32.ebuild:
313 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
314 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
315 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
316 rsbac >> /etc/portage/package.use)
317
318 *hardened-sources-2.6.14 (14 Nov 2005)
319
320 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
321 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
322 Bumping 2.6 series to 2.6.14.2
323
324 *hardened-sources-2.6.13-r2 (20 Oct 2005)
325
326 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
327 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
328 +hardened-sources-2.6.13-r2.ebuild:
329 Fixes minor build error in ppc.
330
331 *hardened-sources-2.6.13-r1 (17 Oct 2005)
332
333 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
334 +hardened-sources-2.6.13-r1.ebuild:
335 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
336 2.6.13.4, fixes some major amd64 stability problems.
337
338 *hardened-sources-2.6.13 (16 Sep 2005)
339
340 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
341 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
342 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
343 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
344 users should test this thoroughly.
345
346 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
347 - stable on x86
348
349 *hardened-sources-2.6.11-r15 (27 Jun 2005)
350
351 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
352 +hardened-sources-2.6.11-r15.ebuild:
353 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
354 grsec redefining curr_ip struct.
355
356 *hardened-sources-2.4.31 (20 Jun 2005)
357
358 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
359 initial import of 2.4.31 tree
360
361 *hardened-sources-2.6.11-r14 (14 Jun 2005)
362
363 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
364 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
365 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
366 naming scheme to abide by genpatches
367
368 *hardened-sources-2.6.11-r13 (18 May 2005)
369
370 18 May 2005; John Mylchreest <johnm@gentoo.org>
371 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
372 Managed to mangle the Makefile patch from grsec, to miss out the grsec
373 target. sorry about that. Fixes bug #93022
374
375 *hardened-sources-2.6.11-r12 (17 May 2005)
376
377 17 May 2005; John Mylchreest <johnm@gentoo.org>
378 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
379 +hardened-sources-2.6.11-r12.ebuild:
380 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
381 merges in genpatches-base
382
383 *hardened-sources-2.6.11-r12 (17 May 2005)
384
385 17 May 2005; John Mylchreest <johnm@gentoo.org>
386 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
387 +hardened-sources-2.6.11-r12.ebuild:
388 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
389 merges in genpatches-base
390
391 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
392 -files/2.4.27-cmdline-race.patch,
393 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
394 -files/2.4.28-grsec-binfmt_a.out.patch,
395 -files/2.4.28-grsec-cmdline-race.patch,
396 -files/2.4.28-selinux-binfmt_a.out.patch,
397 -files/2.4.28-selinux-cmdline-race.patch,
398 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
399 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
400 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
401 cleanup..
402
403 *hardened-sources-2.4.30-r1 (21 Apr 2005)
404
405 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
406 - disable aout by default
407
408 *hardened-sources-2.4.30 (18 Apr 2005)
409
410 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
411 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
412 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
413 use
414
415 *hardened-sources-2.4.29 (30 Mar 2005)
416
417 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
418 +hardened-sources-2.4.29.ebuild:
419 New hardened-patches-2.4-29.0 patchball.
420 Removed SELinux support, upgraded GRSecurity to 2.1.4.
421
422 *hardened-sources-2.4.28-r5 (06 Mar 2005)
423
424 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
425 +hardened-sources-2.4.28-r5.ebuild:
426 Added a fix for a PaX vulnerability.
427
428 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
429 hardened-sources-2.4.28-r4.ebuild:
430 Stable on x86
431
432 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
433 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
434 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
435 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
436 - fixed/added RDEPEND= in all kernel-2 ebuilds
437
438 *hardened-sources-2.4.28-r4 (21 Jan 2005)
439
440 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
441 +hardened-sources-2.4.28-r4.ebuild:
442 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
443 backport of neighbour hash updates.
444
445 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
446 hardened-sources-2.4.28-r3.ebuild:
447 Stable on x86
448
449 *hardened-sources-2.6.10-r3 (20 Jan 2005)
450
451 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
452 +hardened-sources-2.6.10-r3.ebuild:
453 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
454 in 2005.0
455
456 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
457 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
458 hardened-sources-2.4.28-r2.ebuild:
459 Mark stable on x86
460
461 *hardened-sources-2.4.28-r3 (17 Jan 2005)
462
463 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
464 +hardened-sources-2.4.28-r3.ebuild:
465 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
466
467 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
468 hardened-sources-2.4.28.ebuild:
469 Mark stable on x86.
470
471 *hardened-sources-2.4.28-r2 (13 Jan 2005)
472
473 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
474 +hardened-sources-2.4.28-r2.ebuild:
475 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
476 Mazinger for grsecurity patches as well.
477
478 *hardened-sources-2.4.28-r1 (23 Dec 2004)
479
480 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
481 Security bump. Thank tocharian for rolling a new patchset...
482
483 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
484 +files/2.4.28-grsec-cmdline-race.patch,
485 +files/2.4.28-selinux-binfmt_a.out.patch,
486 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
487 - Round up remaining security patches that appear to be missing in 2.4.28. -
488 PaX standalone updated to current. hgpv=28.1
489
490 *hardened-sources-2.4.28 (28 Nov 2004)
491
492 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
493 security bump. Thank tocharian for rolling a new patchset
494
495 *hardened-sources-2.4.27-r3 (08 Sep 2004)
496
497 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
498 +hardened-sources-2.4.27-r3.ebuild:
499 Applies the new 2.4-27.2 patchball which updates
500 GRSecurity to the 2.0.1 version.
501
502 *hardened-sources-2.4.27-r2 (31 Aug 2004)
503
504 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
505 +hardened-sources-2.4.27-r2.ebuild:
506 Version bump.
507 This version uses the new 2.4-27.1 patchball which updates
508 both the SELinux PaX hooks patch and the SELinux headers.
509
510 *hardened-sources-2.4.27-r1 (09 Aug 2004)
511
512 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
513 +hardened-sources-2.4.27-r1.ebuild,
514 -hardened-sources-2.4.27.ebuild,
515 +files/2.4.27-cmdline-race.patch:
516 Version bump, fix for cmdline race. See bug #59905.
517
518 *hardened-sources-2.4.26-r6 (09 Aug 2004)
519
520 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
521 +hardened-sources-2.4.26-r6.ebuild,
522 -hardened-sources-2.4.26-r5.ebuild,
523 -hardened-sources-2.4.26-r4.ebuild,
524 +files/2.4.26-cmdline-race.patch:
525 Version bump, fix for cmdline race. See bug #59905.
526
527 *hardened-sources-2.4.27 (08 Aug 2004)
528
529 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
530 +hardened-sources-2.4.27.ebuild,
531 +files/2.4.27-CAN-2004-0394.patch:
532 Ported the patchball to the 2.4.27 kernel version.
533
534 *hardened-sources-2.4.26-r5 (07 Aug 2004)
535
536 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
537 +hardened-sources-2.4.26-r5.ebuild:
538 Updated to use the new hardened-patches-2.4-26.1 patchball.
539 It adds the following features:
540 - Squashfs
541 - Ebtables
542 - Netdev random (core+drivers)
543 - Watchdog Timer (WDT) fix.
544
545 *hardened-sources-2.4.26-r4 (04 Aug 2004)
546
547 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
548 +hardened-sources-2.4.26-r4.ebuild,
549 +files/2.4.26-CAN-2004-0415.patch,
550 -hardened-sources-2.4.26-3:
551 Version bump, fix for CAN 0415, see bug #59378.
552
553 *hardened-sources-2.4.26-r3 (22 Jul 2004)
554
555 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
556 +hardened-sources-2.4.26-r3.ebuild,
557 +files/2.4.26-CAN-2004-0497.patch,
558 -hardened-sources-2.4.26-r2.ebuild:
559 Version bump, fixed CAN 0497, see bug #56171.
560
561 *hardened-sources-2.4.26-r2 (29 Jun 2004)
562
563 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
564 +hardened-sources-2.4.26-r2.ebuild,
565 +files/2.4.26-CAN-2004-0495.patch,
566 +files/2.4.26-CAN-2004-0535.patch,
567 -hardened-sources-2.4.26-r1.ebuild:
568 Fixes for both CAN 0495 and 0535, see bug #54976
569
570 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
571 hardened-sources-2.4.26-r1.ebuild:
572 QA - fix use invocation
573
574 *hardened-sources-2.4.26-r1 (22 June 2004)
575
576 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
577 +hardened-sources-2.4.26-r1.ebuild,
578 +files/2.4.26-CAN-2004-0394.patch,
579 +files/2.4.26-signal-race.patch,
580 -hardened-sources-2.4.26.ebuild,
581 -hardened-sources-2.4.24-r3.ebuild:
582 Version bump for the CAN-2004-0394 issue and bug #53804
583 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
584
585
586 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
587 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
588 Masked hardened-sources-2.4.26.ebuild broken for ppc
589
590 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
591 hardened-sources-2.4.24-r3.ebuild:
592 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
593
594 *hardened-sources-2.4.26 (29 May 2004)
595
596 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
597 +hardened-sources-2.4.26.ebuild:
598 Updated hardened-sources for the 2.4.26 kernel
599 Removed broken components, updated almost everything.
600
601 *hardened-sources-2.4.24-r3 (17 Apr 2004)
602
603 17 Apr 2004; <plasmaroo@gentoo.org>
604 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
605 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
606 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
607 +hardened-sources-2.4.24-r3.ebuild:
608 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
609 vulnerabilities. Old revisions removed.
610
611 *hardened-sources-2.4.24-r2 (15 Apr 2004)
612
613 15 Apr 2004; <plasmaroo@gentoo.org>
614 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
615 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
616 Version bump for the CAN-2004-0109 issue; bug #47881.
617
618 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
619 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
620 Add eutils to inherit.
621
622 *hardened-sources-2.4.24-r1 (19 Feb 2004)
623
624 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
625 files/hardened-sources-2.4.24.munmap.patch:
626 Added the patch for the mremap/munmap vulnerability. Bug #42024.
627
628 *hardened-sources-2.4.24 (06 Feb 2004)
629
630 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
631 hardened-sources-2.4.24.ebuild:
632 Version bump, updated most of the components.
633 This release includes the following:
634
635 - Hardened security
636 - Netfilter patch-o-matic 20031219
637 - FreeSWAN 2.04 & x509 1.4.8
638 - EVMS 2.2.2
639 - XFS 1.3.1
640 - cryptoloop jari
641 - grsecurity 2.0-rc4
642 - SELinux
643 - PaX 200402060000
644 - PaX Obscurity 200308302223
645 - Others...
646
647 Neither -ck nor systrace are included anymore.
648
649 *hardened-sources-2.4.22-r2 (05 Jan 2004)
650
651 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
652 hardened-sources-2.4.22-r2.ebuild:
653 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
654
655 *hardened-sources-2.4.22-r1 (02 Dec 2003)
656
657 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
658 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
659
660 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
661 hardened-sources-2.4.22-r1.ebuild:
662 Version bump for the 'do_brk' vulnerability.
663
664 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
665 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
666 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
667 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
668 Fix the 'do_brk' vulnerability.
669
670 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
671 hardened-sources-2.4.22.ebuild:
672 - Removed the src_install() portion for SELinux flask
673 components. These are no longer handled in the kernel
674 so this code was not necessary.
675
676 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
677 New 2.4.22 based hardened-sources thanks to
678 Phil West <p.west@computer.org>.
679
680 These sources include:
681 - New SELinux API
682 - Updated CK-base
683 - Updated GRSec
684 - Systrace
685 - SuperFreeS/WAN 1.99.8
686 - Propolice kernel build support
687 - EVMS
688 - Other various security related patches
689
690 *hardened-sources-2.4.21 (14 Sep 2003)
691
692 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
693 Updated hardened-sources based on the 2.4.21 Linux kernel.
694 This includes updates to most major components such as:
695 - ck-base-0306300059
696 - selinux-2.4-2003071106
697 - grsecurity-2.0-rc1
698 - Updated IPTables patch-o-matic
699 - Updated SuperFreeS/WAN
700
701 Thanks to Phil West <pwest@computer.org> for his work in getting this
702 updated patch set ready for the 2.4.21 based kernel.
703
704 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
705 Initial import of hardened-sources-2.4.20-r4. This revision
706 includes only a few changes, but one of these is an important
707 security fix. It is recommended all users of hardened-sources
708 upgrade to this release.
709
710 - ioperm bug fix
711 - fixed compilation failure when building without GRSec
712
713 SAL (Secure Auditing for Linux) is NOT included in this revision
714 due to time constraints, but is planned for inclusion in the near
715 future.
716
717 *hardened-sources-2.4.20-r2 (12 Jun 2003)
718
719 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
720 hardened-sources-2.4.20-r3.ebuild:
721 Add Header...
722
723 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
724 hardened-sources-2.4.20-r3.ebuild:
725 Removed warnings from ebuild. This kernel should be safe to
726 use at this point.
727
728 *hardened-sources-2.4.20-r3 (08 Jun 2003)
729
730 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
731 hardened-sources-2.4.20-r3.ebuild:
732 New revision. Includes the following changes over -r2:
733
734 - ck7-base (O(1), preempt, low latency)
735 - Super FreeS/WAN 1.99.7rc2
736 - PaX for the LSM/SELinux branch
737 - GRSecurity 2.0-pre4 (role based access control)
738 - Systrace 1.3
739 - EXT3 fixes
740 - EVMS 2.0.1
741 - GCC 3.1+ compile optimizations
742 - ProPolice kernel build support
743 - Hashing table security fixes
744
745 *hardened-sources-2.4.20-r1 (09 Apr 2003)
746
747 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
748 Initial import of hardened-sources-r2. This new
749 ebuild includes many new performance and security
750 related patches. As in -r1, it will patch in
751 LSM/SELinux if "selinux" is in USE, otherwise it
752 will patch in GRSecurity. The following patches
753 are included in this revision:
754
755 - O(1) Scheduler, Low Latency, and Preempt
756 (pulled from the base CK patch)
757 - ptrace exploit patch for the LSM kernel
758 (the GRSec patch already fixes this)
759 - LSM 2.4-2003040709
760 - SELinux 2.4-2003040709
761 - Systrace v1.2
762 - IPTables patch-o-matic base patches - 20030107
763 - CryptoAPI 2.4.20.1 w/ loop-jari patch
764 - Super FreeS/WAN 1.99.6.1
765 - GRSecurity 1.9.9g
766 - MPPE
767 - EXT3 data journal fix
768 - CIPE 1.5.4
769
770 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
771 hardened-sources-2.4.20-r1.ebuild, manifest:
772 Updated to install flask components correctly for selinux.
773
774 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
775 hardened-sources-2.4.20-r1.ebuild:
776 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
777 is patched in instead. Ptrace patches for selinux have also been added. In
778 either case, systrace support will be patched in as well.
779
780 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
781 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
782 Revision bump for new sources.
783
784 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
785 hardened-sources-2.4.20-r1.ebuild:
786 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
787
788 *hardened-sources-2.4.20 (30 Mar 2003)
789
790 30 Mar 2003; Joshua Brindle <method@gentoo.org>
791 hardened-sources-2.4.20.ebuild:
792 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20