/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.125 - (show annotations) (download)
Sun Dec 17 21:22:40 2006 UTC (7 years, 8 months ago) by pappy
Branch: MAIN
Changes since 1.124: +8 -1 lines
adding hardened-sources-2.4.33.4 with grsec, fixes and other features like proc config support etc
(Portage version: 2.1.1-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.124 2006/12/14 16:45:42 phreak Exp $
4
5 *hardened-sources-2.4.33.4 (17 Dec 2006)
6
7 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
8 +hardened-sources-2.4.33.4.ebuild:
9 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
10 and quilting
11
12 *hardened-sources-2.6.19-r1 (14 Dec 2006)
13
14 14 Dec 2006; Christian Heim <phreak@gentoo.org>
15 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
16 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
17 for reporting).
18
19 *hardened-sources-2.6.19 (13 Dec 2006)
20
21 13 Dec 2006; Christian Heim <phreak@gentoo.org>
22 +hardened-sources-2.6.19.ebuild:
23 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
24 Brad for providing that prompt update.
25
26 *hardened-sources-2.6.18-r3 (13 Dec 2006)
27
28 13 Dec 2006; Christian Heim <phreak@gentoo.org>
29 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
30 +hardened-sources-2.6.18-r3.ebuild:
31 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
32 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
33
34 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
35 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
36
37 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
38 Stable on ppc wrt bug 157356
39
40 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
41 hardened-sources-2.6.18.ebuild:
42 stable x86, bug #157356
43
44 *hardened-sources-2.6.18-r2 (06 Dec 2006)
45
46 06 Dec 2006; Christian Heim <phreak@gentoo.org>
47 +hardened-sources-2.6.18-r2.ebuild:
48 Revision bump, including 2.6.18.5 (via genpatches) and
49 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
50 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
51 redesign.
52
53 06 Dec 2006; Christian Heim <phreak@gentoo.org>
54 hardened-sources-2.6.18.ebuild:
55 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
56 of Mike Doty).
57
58 *hardened-sources-2.6.18-r1 (23 Nov 2006)
59
60 23 Nov 2006; Christian Heim <phreak@gentoo.org>
61 +hardened-sources-2.6.18-r1.ebuild:
62 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
63
64 *hardened-sources-2.6.18 (11 Nov 2006)
65
66 11 Nov 2006; Christian Heim <phreak@gentoo.org>
67 +hardened-sources-2.6.18.ebuild:
68 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
69
70 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
71 - mark amd64 stable also. bug #151877
72
73 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
74 - mark 2.6.17-r1 stable
75
76 27 Aug 2006; Christian Heim <phreak@gentoo.org>
77 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
78 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
79
80 *hardened-sources-2.6.17-r1 (26 Aug 2006)
81
82 26 Aug 2006; Christian Heim <phreak@gentoo.org>
83 +hardened-sources-2.6.17-r1.ebuild:
84 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
85 grsecurity patch.
86
87 *hardened-sources-2.6.17 (17 Aug 2006)
88
89 17 Aug 2006; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.17.ebuild:
91 Bumping the hardened-sources-2.6 series to 2.6.17, using
92 genpatches-2.6.17-6.base.
93
94 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
95 - stable on x86 and amd64
96
97 *hardened-sources-2.6.16-r11 (15 Jul 2006)
98
99 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
100 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
101 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
102 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
103 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
104 crusty ebuilds
105
106 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
107 hardened-sources-2.6.16-r10.ebuild:
108 marking stable on x86 and amd64
109
110 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
111 - 2.4.32-r6 stable on x86. RSBAC state unknown
112
113 *hardened-sources-2.4.32-r7 (10 Jul 2006)
114
115 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
116 +hardened-sources-2.4.32-r7.ebuild:
117 Bump PaX for RSBAC to test-17
118
119 *hardened-sources-2.6.16-r9 (03 Jul 2006)
120
121 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
122 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
123 hardened-sources-2.6.16 bump to latest -base.
124
125 *hardened-sources-2.4.32-r6 (30 Jun 2006)
126
127 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
128 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
129 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
130 sysctl controlable resource logging
131
132 *hardened-sources-2.6.16-r7 (05 Jun 2006)
133
134 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
135 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
136 push new 2.6.16 release in preparation for stable
137
138 22 May 2006; <solar@gentoo.org> :
139 - redigest bug 134002
140
141 *hardened-sources-2.4.32-r5 (16 May 2006)
142
143 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
144 +hardened-sources-2.4.32-r5.ebuild:
145 Fixes rsbac common patching (new patch in new -r5 patchset)
146
147 *hardened-sources-2.4.32-r4 (13 May 2006)
148
149 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
150 +hardened-sources-2.4.32-r4.ebuild:
151 - security bumps
152
153 *hardened-sources-2.6.16-r6 (03 May 2006)
154
155 03 May 2006; John Mylchreest <johnm@gentoo.org>
156 +hardened-sources-2.6.16-r6.ebuild:
157 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
158
159 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
160 hardened-sources-2.6.14-r8.ebuild:
161 fix x86_64 build problem, this will delay the digest issue again for a short
162 while but it will sort itself out
163
164 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
165 hardened-sources-2.6.14-r8.ebuild:
166 bump hardened patchset
167
168 27 Apr 2006; Alec Warner <antarus@gentoo.org>
169 files/digest-hardened-sources-2.4.32-r2,
170 files/digest-hardened-sources-2.4.32-r3,
171 files/digest-hardened-sources-2.6.14-r8, Manifest:
172 Fixing duff SHA256 digests: Bug # 131293
173
174 *hardened-sources-2.6.16-r5 (27 Apr 2006)
175
176 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
177 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
178 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
179 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
180 cleanup of old uneccessary sources
181
182 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
183 fix digest
184
185 *hardened-sources-2.6.14-r8 (20 Apr 2006)
186
187 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
188 +hardened-sources-2.6.14-r8.ebuild:
189 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
190
191 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
192 Turning on gpg-signing again, and recomitting
193
194 *hardened-sources-2.6.16-r4 (20 Apr 2006)
195
196 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
197 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
198 +hardened-sources-2.6.16-r4.ebuild:
199 Fix numerous security vulns
200
201 *hardened-sources-2.4.32-r3 (16 Apr 2006)
202
203 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
204 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
205 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
206 - security bump for bug #112791. Removed old ebuilds
207
208 *hardened-sources-2.6.16-r3 (15 Apr 2006)
209
210 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
211 +hardened-sources-2.6.16-r3.ebuild:
212 Removing silly localversion which I missed
213
214 *hardened-sources-2.6.14-r7 (14 Apr 2006)
215
216 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
217 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
218 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
219
220 *hardened-sources-2.6.16-r2 (13 Apr 2006)
221
222 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
223 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
224 +hardened-sources-2.6.16-r2.ebuild:
225 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
226 labels, dropping USERGROUP define fixes, since these were merged mainstream.
227
228 *hardened-sources-2.6.16-r1 (11 Apr 2006)
229
230 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
231 +hardened-sources-2.6.16-r1.ebuild:
232 Bumping to include ppc build fix and 2.6.16.3
233
234 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
235 hardened-sources-2.6.14-r6.ebuild:
236 Stable on x86; bug #127718
237
238 *hardened-sources-2.6.16 (31 Mar 2006)
239
240 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
241 +hardened-sources-2.6.16.ebuild:
242 Bumping to new version of grsec, and kernel base. New squashfs. Based on
243 2.6.16.1
244
245 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
246 hardened-sources-2.6.14-r6.ebuild:
247 Stable on amd64, bug 127718.
248
249 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
250 Stable on ppc. Bug #127718
251
252 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
253 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
254 -hardened-sources-2.6.14-r4.ebuild:
255 Cleanup.
256
257 *hardened-sources-2.6.14-r6 (15 Mar 2006)
258
259 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
260 +hardened-sources-2.6.14-r6.ebuild:
261 Fixes grsec policy recreation bug and adds a
262 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
263
264 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
265 - stable on x86
266
267 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
268 hardened-sources-2.6.14-r5.ebuild:
269 Stable on ppc.
270
271 *hardened-sources-2.6.14-r5 (01 Feb 2006)
272
273 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
274 +hardened-sources-2.6.14-r5.ebuild:
275 fixing every known exploit
276
277 *hardened-sources-2.4.32-r2 (26 Jan 2006)
278
279 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
280 +hardened-sources-2.4.32-r2.ebuild:
281 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
282
283 *hardened-sources-2.6.14-r4 (12 Jan 2006)
284
285 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
286 - version bump for new genpatches which fix up a few sec holes
287
288 *hardened-sources-2.4.32-r1 (05 Jan 2006)
289
290 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
291 - revision bump to add misc vital linux kernel security patches.
292
293 *hardened-sources-2.6.14-r3 (30 Dec 2005)
294
295 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
296 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
297 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
298
299 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
300 hardened-sources-2.6.14-r2.ebuild:
301 making x86 & amd64 stable following testing.
302
303 *hardened-sources-2.6.14-r2 (27 Dec 2005)
304
305 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
306 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
307 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
308 network hooks.
309
310 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
311 hardened-sources-2.6.14-r1.ebuild:
312 bumping to stable early for sec fix on x86 & amd64
313
314 *hardened-sources-2.6.14-r1 (05 Dec 2005)
315
316 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
317 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
318 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
319
320 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
321 - stable on x86 security bug #114227 CAN-2005-3257
322
323 *hardened-sources-2.4.32 (19 Nov 2005)
324
325 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
326 +hardened-sources-2.4.32.ebuild:
327 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
328 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
329 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
330 rsbac >> /etc/portage/package.use)
331
332 *hardened-sources-2.6.14 (14 Nov 2005)
333
334 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
335 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
336 Bumping 2.6 series to 2.6.14.2
337
338 *hardened-sources-2.6.13-r2 (20 Oct 2005)
339
340 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
341 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
342 +hardened-sources-2.6.13-r2.ebuild:
343 Fixes minor build error in ppc.
344
345 *hardened-sources-2.6.13-r1 (17 Oct 2005)
346
347 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
348 +hardened-sources-2.6.13-r1.ebuild:
349 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
350 2.6.13.4, fixes some major amd64 stability problems.
351
352 *hardened-sources-2.6.13 (16 Sep 2005)
353
354 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
355 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
356 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
357 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
358 users should test this thoroughly.
359
360 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
361 - stable on x86
362
363 *hardened-sources-2.6.11-r15 (27 Jun 2005)
364
365 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
366 +hardened-sources-2.6.11-r15.ebuild:
367 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
368 grsec redefining curr_ip struct.
369
370 *hardened-sources-2.4.31 (20 Jun 2005)
371
372 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
373 initial import of 2.4.31 tree
374
375 *hardened-sources-2.6.11-r14 (14 Jun 2005)
376
377 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
378 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
379 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
380 naming scheme to abide by genpatches
381
382 *hardened-sources-2.6.11-r13 (18 May 2005)
383
384 18 May 2005; John Mylchreest <johnm@gentoo.org>
385 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
386 Managed to mangle the Makefile patch from grsec, to miss out the grsec
387 target. sorry about that. Fixes bug #93022
388
389 *hardened-sources-2.6.11-r12 (17 May 2005)
390
391 17 May 2005; John Mylchreest <johnm@gentoo.org>
392 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
393 +hardened-sources-2.6.11-r12.ebuild:
394 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
395 merges in genpatches-base
396
397 *hardened-sources-2.6.11-r12 (17 May 2005)
398
399 17 May 2005; John Mylchreest <johnm@gentoo.org>
400 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
401 +hardened-sources-2.6.11-r12.ebuild:
402 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
403 merges in genpatches-base
404
405 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
406 -files/2.4.27-cmdline-race.patch,
407 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
408 -files/2.4.28-grsec-binfmt_a.out.patch,
409 -files/2.4.28-grsec-cmdline-race.patch,
410 -files/2.4.28-selinux-binfmt_a.out.patch,
411 -files/2.4.28-selinux-cmdline-race.patch,
412 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
413 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
414 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
415 cleanup..
416
417 *hardened-sources-2.4.30-r1 (21 Apr 2005)
418
419 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
420 - disable aout by default
421
422 *hardened-sources-2.4.30 (18 Apr 2005)
423
424 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
425 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
426 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
427 use
428
429 *hardened-sources-2.4.29 (30 Mar 2005)
430
431 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
432 +hardened-sources-2.4.29.ebuild:
433 New hardened-patches-2.4-29.0 patchball.
434 Removed SELinux support, upgraded GRSecurity to 2.1.4.
435
436 *hardened-sources-2.4.28-r5 (06 Mar 2005)
437
438 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
439 +hardened-sources-2.4.28-r5.ebuild:
440 Added a fix for a PaX vulnerability.
441
442 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
443 hardened-sources-2.4.28-r4.ebuild:
444 Stable on x86
445
446 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
447 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
448 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
449 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
450 - fixed/added RDEPEND= in all kernel-2 ebuilds
451
452 *hardened-sources-2.4.28-r4 (21 Jan 2005)
453
454 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
455 +hardened-sources-2.4.28-r4.ebuild:
456 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
457 backport of neighbour hash updates.
458
459 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
460 hardened-sources-2.4.28-r3.ebuild:
461 Stable on x86
462
463 *hardened-sources-2.6.10-r3 (20 Jan 2005)
464
465 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
466 +hardened-sources-2.6.10-r3.ebuild:
467 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
468 in 2005.0
469
470 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
471 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
472 hardened-sources-2.4.28-r2.ebuild:
473 Mark stable on x86
474
475 *hardened-sources-2.4.28-r3 (17 Jan 2005)
476
477 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
478 +hardened-sources-2.4.28-r3.ebuild:
479 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
480
481 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
482 hardened-sources-2.4.28.ebuild:
483 Mark stable on x86.
484
485 *hardened-sources-2.4.28-r2 (13 Jan 2005)
486
487 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
488 +hardened-sources-2.4.28-r2.ebuild:
489 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
490 Mazinger for grsecurity patches as well.
491
492 *hardened-sources-2.4.28-r1 (23 Dec 2004)
493
494 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
495 Security bump. Thank tocharian for rolling a new patchset...
496
497 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
498 +files/2.4.28-grsec-cmdline-race.patch,
499 +files/2.4.28-selinux-binfmt_a.out.patch,
500 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
501 - Round up remaining security patches that appear to be missing in 2.4.28. -
502 PaX standalone updated to current. hgpv=28.1
503
504 *hardened-sources-2.4.28 (28 Nov 2004)
505
506 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
507 security bump. Thank tocharian for rolling a new patchset
508
509 *hardened-sources-2.4.27-r3 (08 Sep 2004)
510
511 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
512 +hardened-sources-2.4.27-r3.ebuild:
513 Applies the new 2.4-27.2 patchball which updates
514 GRSecurity to the 2.0.1 version.
515
516 *hardened-sources-2.4.27-r2 (31 Aug 2004)
517
518 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
519 +hardened-sources-2.4.27-r2.ebuild:
520 Version bump.
521 This version uses the new 2.4-27.1 patchball which updates
522 both the SELinux PaX hooks patch and the SELinux headers.
523
524 *hardened-sources-2.4.27-r1 (09 Aug 2004)
525
526 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
527 +hardened-sources-2.4.27-r1.ebuild,
528 -hardened-sources-2.4.27.ebuild,
529 +files/2.4.27-cmdline-race.patch:
530 Version bump, fix for cmdline race. See bug #59905.
531
532 *hardened-sources-2.4.26-r6 (09 Aug 2004)
533
534 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
535 +hardened-sources-2.4.26-r6.ebuild,
536 -hardened-sources-2.4.26-r5.ebuild,
537 -hardened-sources-2.4.26-r4.ebuild,
538 +files/2.4.26-cmdline-race.patch:
539 Version bump, fix for cmdline race. See bug #59905.
540
541 *hardened-sources-2.4.27 (08 Aug 2004)
542
543 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
544 +hardened-sources-2.4.27.ebuild,
545 +files/2.4.27-CAN-2004-0394.patch:
546 Ported the patchball to the 2.4.27 kernel version.
547
548 *hardened-sources-2.4.26-r5 (07 Aug 2004)
549
550 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
551 +hardened-sources-2.4.26-r5.ebuild:
552 Updated to use the new hardened-patches-2.4-26.1 patchball.
553 It adds the following features:
554 - Squashfs
555 - Ebtables
556 - Netdev random (core+drivers)
557 - Watchdog Timer (WDT) fix.
558
559 *hardened-sources-2.4.26-r4 (04 Aug 2004)
560
561 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
562 +hardened-sources-2.4.26-r4.ebuild,
563 +files/2.4.26-CAN-2004-0415.patch,
564 -hardened-sources-2.4.26-3:
565 Version bump, fix for CAN 0415, see bug #59378.
566
567 *hardened-sources-2.4.26-r3 (22 Jul 2004)
568
569 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
570 +hardened-sources-2.4.26-r3.ebuild,
571 +files/2.4.26-CAN-2004-0497.patch,
572 -hardened-sources-2.4.26-r2.ebuild:
573 Version bump, fixed CAN 0497, see bug #56171.
574
575 *hardened-sources-2.4.26-r2 (29 Jun 2004)
576
577 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
578 +hardened-sources-2.4.26-r2.ebuild,
579 +files/2.4.26-CAN-2004-0495.patch,
580 +files/2.4.26-CAN-2004-0535.patch,
581 -hardened-sources-2.4.26-r1.ebuild:
582 Fixes for both CAN 0495 and 0535, see bug #54976
583
584 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
585 hardened-sources-2.4.26-r1.ebuild:
586 QA - fix use invocation
587
588 *hardened-sources-2.4.26-r1 (22 June 2004)
589
590 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
591 +hardened-sources-2.4.26-r1.ebuild,
592 +files/2.4.26-CAN-2004-0394.patch,
593 +files/2.4.26-signal-race.patch,
594 -hardened-sources-2.4.26.ebuild,
595 -hardened-sources-2.4.24-r3.ebuild:
596 Version bump for the CAN-2004-0394 issue and bug #53804
597 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
598
599
600 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
601 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
602 Masked hardened-sources-2.4.26.ebuild broken for ppc
603
604 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
605 hardened-sources-2.4.24-r3.ebuild:
606 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
607
608 *hardened-sources-2.4.26 (29 May 2004)
609
610 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
611 +hardened-sources-2.4.26.ebuild:
612 Updated hardened-sources for the 2.4.26 kernel
613 Removed broken components, updated almost everything.
614
615 *hardened-sources-2.4.24-r3 (17 Apr 2004)
616
617 17 Apr 2004; <plasmaroo@gentoo.org>
618 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
619 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
620 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
621 +hardened-sources-2.4.24-r3.ebuild:
622 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
623 vulnerabilities. Old revisions removed.
624
625 *hardened-sources-2.4.24-r2 (15 Apr 2004)
626
627 15 Apr 2004; <plasmaroo@gentoo.org>
628 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
629 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
630 Version bump for the CAN-2004-0109 issue; bug #47881.
631
632 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
633 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
634 Add eutils to inherit.
635
636 *hardened-sources-2.4.24-r1 (19 Feb 2004)
637
638 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
639 files/hardened-sources-2.4.24.munmap.patch:
640 Added the patch for the mremap/munmap vulnerability. Bug #42024.
641
642 *hardened-sources-2.4.24 (06 Feb 2004)
643
644 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
645 hardened-sources-2.4.24.ebuild:
646 Version bump, updated most of the components.
647 This release includes the following:
648
649 - Hardened security
650 - Netfilter patch-o-matic 20031219
651 - FreeSWAN 2.04 & x509 1.4.8
652 - EVMS 2.2.2
653 - XFS 1.3.1
654 - cryptoloop jari
655 - grsecurity 2.0-rc4
656 - SELinux
657 - PaX 200402060000
658 - PaX Obscurity 200308302223
659 - Others...
660
661 Neither -ck nor systrace are included anymore.
662
663 *hardened-sources-2.4.22-r2 (05 Jan 2004)
664
665 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
666 hardened-sources-2.4.22-r2.ebuild:
667 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
668
669 *hardened-sources-2.4.22-r1 (02 Dec 2003)
670
671 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
672 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
673
674 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
675 hardened-sources-2.4.22-r1.ebuild:
676 Version bump for the 'do_brk' vulnerability.
677
678 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
679 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
680 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
681 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
682 Fix the 'do_brk' vulnerability.
683
684 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
685 hardened-sources-2.4.22.ebuild:
686 - Removed the src_install() portion for SELinux flask
687 components. These are no longer handled in the kernel
688 so this code was not necessary.
689
690 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
691 New 2.4.22 based hardened-sources thanks to
692 Phil West <p.west@computer.org>.
693
694 These sources include:
695 - New SELinux API
696 - Updated CK-base
697 - Updated GRSec
698 - Systrace
699 - SuperFreeS/WAN 1.99.8
700 - Propolice kernel build support
701 - EVMS
702 - Other various security related patches
703
704 *hardened-sources-2.4.21 (14 Sep 2003)
705
706 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
707 Updated hardened-sources based on the 2.4.21 Linux kernel.
708 This includes updates to most major components such as:
709 - ck-base-0306300059
710 - selinux-2.4-2003071106
711 - grsecurity-2.0-rc1
712 - Updated IPTables patch-o-matic
713 - Updated SuperFreeS/WAN
714
715 Thanks to Phil West <pwest@computer.org> for his work in getting this
716 updated patch set ready for the 2.4.21 based kernel.
717
718 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
719 Initial import of hardened-sources-2.4.20-r4. This revision
720 includes only a few changes, but one of these is an important
721 security fix. It is recommended all users of hardened-sources
722 upgrade to this release.
723
724 - ioperm bug fix
725 - fixed compilation failure when building without GRSec
726
727 SAL (Secure Auditing for Linux) is NOT included in this revision
728 due to time constraints, but is planned for inclusion in the near
729 future.
730
731 *hardened-sources-2.4.20-r2 (12 Jun 2003)
732
733 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
734 hardened-sources-2.4.20-r3.ebuild:
735 Add Header...
736
737 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
738 hardened-sources-2.4.20-r3.ebuild:
739 Removed warnings from ebuild. This kernel should be safe to
740 use at this point.
741
742 *hardened-sources-2.4.20-r3 (08 Jun 2003)
743
744 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
745 hardened-sources-2.4.20-r3.ebuild:
746 New revision. Includes the following changes over -r2:
747
748 - ck7-base (O(1), preempt, low latency)
749 - Super FreeS/WAN 1.99.7rc2
750 - PaX for the LSM/SELinux branch
751 - GRSecurity 2.0-pre4 (role based access control)
752 - Systrace 1.3
753 - EXT3 fixes
754 - EVMS 2.0.1
755 - GCC 3.1+ compile optimizations
756 - ProPolice kernel build support
757 - Hashing table security fixes
758
759 *hardened-sources-2.4.20-r1 (09 Apr 2003)
760
761 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
762 Initial import of hardened-sources-r2. This new
763 ebuild includes many new performance and security
764 related patches. As in -r1, it will patch in
765 LSM/SELinux if "selinux" is in USE, otherwise it
766 will patch in GRSecurity. The following patches
767 are included in this revision:
768
769 - O(1) Scheduler, Low Latency, and Preempt
770 (pulled from the base CK patch)
771 - ptrace exploit patch for the LSM kernel
772 (the GRSec patch already fixes this)
773 - LSM 2.4-2003040709
774 - SELinux 2.4-2003040709
775 - Systrace v1.2
776 - IPTables patch-o-matic base patches - 20030107
777 - CryptoAPI 2.4.20.1 w/ loop-jari patch
778 - Super FreeS/WAN 1.99.6.1
779 - GRSecurity 1.9.9g
780 - MPPE
781 - EXT3 data journal fix
782 - CIPE 1.5.4
783
784 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
785 hardened-sources-2.4.20-r1.ebuild, manifest:
786 Updated to install flask components correctly for selinux.
787
788 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
789 hardened-sources-2.4.20-r1.ebuild:
790 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
791 is patched in instead. Ptrace patches for selinux have also been added. In
792 either case, systrace support will be patched in as well.
793
794 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
795 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
796 Revision bump for new sources.
797
798 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
799 hardened-sources-2.4.20-r1.ebuild:
800 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
801
802 *hardened-sources-2.4.20 (30 Mar 2003)
803
804 30 Mar 2003; Joshua Brindle <method@gentoo.org>
805 hardened-sources-2.4.20.ebuild:
806 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20