/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.126 - (show annotations) (download)
Sun Dec 17 23:12:09 2006 UTC (7 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.125: +9 -1 lines
Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE, adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
(Portage version: 2.1.2_rc3-r6)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.125 2006/12/17 21:22:40 pappy Exp $
4
5 17 Dec 2006; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
7 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
8 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
9 hardened-sources-2.6.19-r1.ebuild:
10 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
11 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
12
13 *hardened-sources-2.4.33.4 (17 Dec 2006)
14
15 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
16 +hardened-sources-2.4.33.4.ebuild:
17 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
18 and quilting
19
20 *hardened-sources-2.6.19-r1 (14 Dec 2006)
21
22 14 Dec 2006; Christian Heim <phreak@gentoo.org>
23 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
24 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
25 for reporting).
26
27 *hardened-sources-2.6.19 (13 Dec 2006)
28
29 13 Dec 2006; Christian Heim <phreak@gentoo.org>
30 +hardened-sources-2.6.19.ebuild:
31 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
32 Brad for providing that prompt update.
33
34 *hardened-sources-2.6.18-r3 (13 Dec 2006)
35
36 13 Dec 2006; Christian Heim <phreak@gentoo.org>
37 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
38 +hardened-sources-2.6.18-r3.ebuild:
39 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
40 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
41
42 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
43 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
44
45 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
46 Stable on ppc wrt bug 157356
47
48 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
49 hardened-sources-2.6.18.ebuild:
50 stable x86, bug #157356
51
52 *hardened-sources-2.6.18-r2 (06 Dec 2006)
53
54 06 Dec 2006; Christian Heim <phreak@gentoo.org>
55 +hardened-sources-2.6.18-r2.ebuild:
56 Revision bump, including 2.6.18.5 (via genpatches) and
57 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
58 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
59 redesign.
60
61 06 Dec 2006; Christian Heim <phreak@gentoo.org>
62 hardened-sources-2.6.18.ebuild:
63 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
64 of Mike Doty).
65
66 *hardened-sources-2.6.18-r1 (23 Nov 2006)
67
68 23 Nov 2006; Christian Heim <phreak@gentoo.org>
69 +hardened-sources-2.6.18-r1.ebuild:
70 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
71
72 *hardened-sources-2.6.18 (11 Nov 2006)
73
74 11 Nov 2006; Christian Heim <phreak@gentoo.org>
75 +hardened-sources-2.6.18.ebuild:
76 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
77
78 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
79 - mark amd64 stable also. bug #151877
80
81 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
82 - mark 2.6.17-r1 stable
83
84 27 Aug 2006; Christian Heim <phreak@gentoo.org>
85 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
86 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
87
88 *hardened-sources-2.6.17-r1 (26 Aug 2006)
89
90 26 Aug 2006; Christian Heim <phreak@gentoo.org>
91 +hardened-sources-2.6.17-r1.ebuild:
92 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
93 grsecurity patch.
94
95 *hardened-sources-2.6.17 (17 Aug 2006)
96
97 17 Aug 2006; Christian Heim <phreak@gentoo.org>
98 +hardened-sources-2.6.17.ebuild:
99 Bumping the hardened-sources-2.6 series to 2.6.17, using
100 genpatches-2.6.17-6.base.
101
102 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
103 - stable on x86 and amd64
104
105 *hardened-sources-2.6.16-r11 (15 Jul 2006)
106
107 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
108 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
109 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
110 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
111 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
112 crusty ebuilds
113
114 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
115 hardened-sources-2.6.16-r10.ebuild:
116 marking stable on x86 and amd64
117
118 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
119 - 2.4.32-r6 stable on x86. RSBAC state unknown
120
121 *hardened-sources-2.4.32-r7 (10 Jul 2006)
122
123 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
124 +hardened-sources-2.4.32-r7.ebuild:
125 Bump PaX for RSBAC to test-17
126
127 *hardened-sources-2.6.16-r9 (03 Jul 2006)
128
129 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
130 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
131 hardened-sources-2.6.16 bump to latest -base.
132
133 *hardened-sources-2.4.32-r6 (30 Jun 2006)
134
135 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
136 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
137 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
138 sysctl controlable resource logging
139
140 *hardened-sources-2.6.16-r7 (05 Jun 2006)
141
142 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
143 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
144 push new 2.6.16 release in preparation for stable
145
146 22 May 2006; <solar@gentoo.org> :
147 - redigest bug 134002
148
149 *hardened-sources-2.4.32-r5 (16 May 2006)
150
151 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
152 +hardened-sources-2.4.32-r5.ebuild:
153 Fixes rsbac common patching (new patch in new -r5 patchset)
154
155 *hardened-sources-2.4.32-r4 (13 May 2006)
156
157 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
158 +hardened-sources-2.4.32-r4.ebuild:
159 - security bumps
160
161 *hardened-sources-2.6.16-r6 (03 May 2006)
162
163 03 May 2006; John Mylchreest <johnm@gentoo.org>
164 +hardened-sources-2.6.16-r6.ebuild:
165 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
166
167 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
168 hardened-sources-2.6.14-r8.ebuild:
169 fix x86_64 build problem, this will delay the digest issue again for a short
170 while but it will sort itself out
171
172 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
173 hardened-sources-2.6.14-r8.ebuild:
174 bump hardened patchset
175
176 27 Apr 2006; Alec Warner <antarus@gentoo.org>
177 files/digest-hardened-sources-2.4.32-r2,
178 files/digest-hardened-sources-2.4.32-r3,
179 files/digest-hardened-sources-2.6.14-r8, Manifest:
180 Fixing duff SHA256 digests: Bug # 131293
181
182 *hardened-sources-2.6.16-r5 (27 Apr 2006)
183
184 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
185 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
186 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
187 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
188 cleanup of old uneccessary sources
189
190 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
191 fix digest
192
193 *hardened-sources-2.6.14-r8 (20 Apr 2006)
194
195 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
196 +hardened-sources-2.6.14-r8.ebuild:
197 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
198
199 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
200 Turning on gpg-signing again, and recomitting
201
202 *hardened-sources-2.6.16-r4 (20 Apr 2006)
203
204 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
205 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
206 +hardened-sources-2.6.16-r4.ebuild:
207 Fix numerous security vulns
208
209 *hardened-sources-2.4.32-r3 (16 Apr 2006)
210
211 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
212 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
213 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
214 - security bump for bug #112791. Removed old ebuilds
215
216 *hardened-sources-2.6.16-r3 (15 Apr 2006)
217
218 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
219 +hardened-sources-2.6.16-r3.ebuild:
220 Removing silly localversion which I missed
221
222 *hardened-sources-2.6.14-r7 (14 Apr 2006)
223
224 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
225 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
226 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
227
228 *hardened-sources-2.6.16-r2 (13 Apr 2006)
229
230 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
231 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
232 +hardened-sources-2.6.16-r2.ebuild:
233 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
234 labels, dropping USERGROUP define fixes, since these were merged mainstream.
235
236 *hardened-sources-2.6.16-r1 (11 Apr 2006)
237
238 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
239 +hardened-sources-2.6.16-r1.ebuild:
240 Bumping to include ppc build fix and 2.6.16.3
241
242 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
243 hardened-sources-2.6.14-r6.ebuild:
244 Stable on x86; bug #127718
245
246 *hardened-sources-2.6.16 (31 Mar 2006)
247
248 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
249 +hardened-sources-2.6.16.ebuild:
250 Bumping to new version of grsec, and kernel base. New squashfs. Based on
251 2.6.16.1
252
253 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
254 hardened-sources-2.6.14-r6.ebuild:
255 Stable on amd64, bug 127718.
256
257 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
258 Stable on ppc. Bug #127718
259
260 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
261 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
262 -hardened-sources-2.6.14-r4.ebuild:
263 Cleanup.
264
265 *hardened-sources-2.6.14-r6 (15 Mar 2006)
266
267 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
268 +hardened-sources-2.6.14-r6.ebuild:
269 Fixes grsec policy recreation bug and adds a
270 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
271
272 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
273 - stable on x86
274
275 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
276 hardened-sources-2.6.14-r5.ebuild:
277 Stable on ppc.
278
279 *hardened-sources-2.6.14-r5 (01 Feb 2006)
280
281 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
282 +hardened-sources-2.6.14-r5.ebuild:
283 fixing every known exploit
284
285 *hardened-sources-2.4.32-r2 (26 Jan 2006)
286
287 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
288 +hardened-sources-2.4.32-r2.ebuild:
289 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
290
291 *hardened-sources-2.6.14-r4 (12 Jan 2006)
292
293 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
294 - version bump for new genpatches which fix up a few sec holes
295
296 *hardened-sources-2.4.32-r1 (05 Jan 2006)
297
298 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
299 - revision bump to add misc vital linux kernel security patches.
300
301 *hardened-sources-2.6.14-r3 (30 Dec 2005)
302
303 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
304 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
305 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
306
307 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
308 hardened-sources-2.6.14-r2.ebuild:
309 making x86 & amd64 stable following testing.
310
311 *hardened-sources-2.6.14-r2 (27 Dec 2005)
312
313 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
314 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
315 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
316 network hooks.
317
318 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
319 hardened-sources-2.6.14-r1.ebuild:
320 bumping to stable early for sec fix on x86 & amd64
321
322 *hardened-sources-2.6.14-r1 (05 Dec 2005)
323
324 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
325 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
326 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
327
328 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
329 - stable on x86 security bug #114227 CAN-2005-3257
330
331 *hardened-sources-2.4.32 (19 Nov 2005)
332
333 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
334 +hardened-sources-2.4.32.ebuild:
335 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
336 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
337 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
338 rsbac >> /etc/portage/package.use)
339
340 *hardened-sources-2.6.14 (14 Nov 2005)
341
342 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
343 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
344 Bumping 2.6 series to 2.6.14.2
345
346 *hardened-sources-2.6.13-r2 (20 Oct 2005)
347
348 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
349 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
350 +hardened-sources-2.6.13-r2.ebuild:
351 Fixes minor build error in ppc.
352
353 *hardened-sources-2.6.13-r1 (17 Oct 2005)
354
355 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
356 +hardened-sources-2.6.13-r1.ebuild:
357 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
358 2.6.13.4, fixes some major amd64 stability problems.
359
360 *hardened-sources-2.6.13 (16 Sep 2005)
361
362 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
363 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
364 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
365 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
366 users should test this thoroughly.
367
368 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
369 - stable on x86
370
371 *hardened-sources-2.6.11-r15 (27 Jun 2005)
372
373 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
374 +hardened-sources-2.6.11-r15.ebuild:
375 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
376 grsec redefining curr_ip struct.
377
378 *hardened-sources-2.4.31 (20 Jun 2005)
379
380 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
381 initial import of 2.4.31 tree
382
383 *hardened-sources-2.6.11-r14 (14 Jun 2005)
384
385 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
386 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
387 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
388 naming scheme to abide by genpatches
389
390 *hardened-sources-2.6.11-r13 (18 May 2005)
391
392 18 May 2005; John Mylchreest <johnm@gentoo.org>
393 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
394 Managed to mangle the Makefile patch from grsec, to miss out the grsec
395 target. sorry about that. Fixes bug #93022
396
397 *hardened-sources-2.6.11-r12 (17 May 2005)
398
399 17 May 2005; John Mylchreest <johnm@gentoo.org>
400 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
401 +hardened-sources-2.6.11-r12.ebuild:
402 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
403 merges in genpatches-base
404
405 *hardened-sources-2.6.11-r12 (17 May 2005)
406
407 17 May 2005; John Mylchreest <johnm@gentoo.org>
408 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
409 +hardened-sources-2.6.11-r12.ebuild:
410 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
411 merges in genpatches-base
412
413 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
414 -files/2.4.27-cmdline-race.patch,
415 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
416 -files/2.4.28-grsec-binfmt_a.out.patch,
417 -files/2.4.28-grsec-cmdline-race.patch,
418 -files/2.4.28-selinux-binfmt_a.out.patch,
419 -files/2.4.28-selinux-cmdline-race.patch,
420 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
421 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
422 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
423 cleanup..
424
425 *hardened-sources-2.4.30-r1 (21 Apr 2005)
426
427 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
428 - disable aout by default
429
430 *hardened-sources-2.4.30 (18 Apr 2005)
431
432 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
433 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
434 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
435 use
436
437 *hardened-sources-2.4.29 (30 Mar 2005)
438
439 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
440 +hardened-sources-2.4.29.ebuild:
441 New hardened-patches-2.4-29.0 patchball.
442 Removed SELinux support, upgraded GRSecurity to 2.1.4.
443
444 *hardened-sources-2.4.28-r5 (06 Mar 2005)
445
446 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
447 +hardened-sources-2.4.28-r5.ebuild:
448 Added a fix for a PaX vulnerability.
449
450 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
451 hardened-sources-2.4.28-r4.ebuild:
452 Stable on x86
453
454 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
455 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
456 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
457 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
458 - fixed/added RDEPEND= in all kernel-2 ebuilds
459
460 *hardened-sources-2.4.28-r4 (21 Jan 2005)
461
462 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
463 +hardened-sources-2.4.28-r4.ebuild:
464 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
465 backport of neighbour hash updates.
466
467 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
468 hardened-sources-2.4.28-r3.ebuild:
469 Stable on x86
470
471 *hardened-sources-2.6.10-r3 (20 Jan 2005)
472
473 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
474 +hardened-sources-2.6.10-r3.ebuild:
475 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
476 in 2005.0
477
478 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
479 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
480 hardened-sources-2.4.28-r2.ebuild:
481 Mark stable on x86
482
483 *hardened-sources-2.4.28-r3 (17 Jan 2005)
484
485 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
486 +hardened-sources-2.4.28-r3.ebuild:
487 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
488
489 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
490 hardened-sources-2.4.28.ebuild:
491 Mark stable on x86.
492
493 *hardened-sources-2.4.28-r2 (13 Jan 2005)
494
495 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
496 +hardened-sources-2.4.28-r2.ebuild:
497 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
498 Mazinger for grsecurity patches as well.
499
500 *hardened-sources-2.4.28-r1 (23 Dec 2004)
501
502 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
503 Security bump. Thank tocharian for rolling a new patchset...
504
505 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
506 +files/2.4.28-grsec-cmdline-race.patch,
507 +files/2.4.28-selinux-binfmt_a.out.patch,
508 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
509 - Round up remaining security patches that appear to be missing in 2.4.28. -
510 PaX standalone updated to current. hgpv=28.1
511
512 *hardened-sources-2.4.28 (28 Nov 2004)
513
514 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
515 security bump. Thank tocharian for rolling a new patchset
516
517 *hardened-sources-2.4.27-r3 (08 Sep 2004)
518
519 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
520 +hardened-sources-2.4.27-r3.ebuild:
521 Applies the new 2.4-27.2 patchball which updates
522 GRSecurity to the 2.0.1 version.
523
524 *hardened-sources-2.4.27-r2 (31 Aug 2004)
525
526 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
527 +hardened-sources-2.4.27-r2.ebuild:
528 Version bump.
529 This version uses the new 2.4-27.1 patchball which updates
530 both the SELinux PaX hooks patch and the SELinux headers.
531
532 *hardened-sources-2.4.27-r1 (09 Aug 2004)
533
534 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
535 +hardened-sources-2.4.27-r1.ebuild,
536 -hardened-sources-2.4.27.ebuild,
537 +files/2.4.27-cmdline-race.patch:
538 Version bump, fix for cmdline race. See bug #59905.
539
540 *hardened-sources-2.4.26-r6 (09 Aug 2004)
541
542 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
543 +hardened-sources-2.4.26-r6.ebuild,
544 -hardened-sources-2.4.26-r5.ebuild,
545 -hardened-sources-2.4.26-r4.ebuild,
546 +files/2.4.26-cmdline-race.patch:
547 Version bump, fix for cmdline race. See bug #59905.
548
549 *hardened-sources-2.4.27 (08 Aug 2004)
550
551 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
552 +hardened-sources-2.4.27.ebuild,
553 +files/2.4.27-CAN-2004-0394.patch:
554 Ported the patchball to the 2.4.27 kernel version.
555
556 *hardened-sources-2.4.26-r5 (07 Aug 2004)
557
558 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
559 +hardened-sources-2.4.26-r5.ebuild:
560 Updated to use the new hardened-patches-2.4-26.1 patchball.
561 It adds the following features:
562 - Squashfs
563 - Ebtables
564 - Netdev random (core+drivers)
565 - Watchdog Timer (WDT) fix.
566
567 *hardened-sources-2.4.26-r4 (04 Aug 2004)
568
569 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
570 +hardened-sources-2.4.26-r4.ebuild,
571 +files/2.4.26-CAN-2004-0415.patch,
572 -hardened-sources-2.4.26-3:
573 Version bump, fix for CAN 0415, see bug #59378.
574
575 *hardened-sources-2.4.26-r3 (22 Jul 2004)
576
577 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
578 +hardened-sources-2.4.26-r3.ebuild,
579 +files/2.4.26-CAN-2004-0497.patch,
580 -hardened-sources-2.4.26-r2.ebuild:
581 Version bump, fixed CAN 0497, see bug #56171.
582
583 *hardened-sources-2.4.26-r2 (29 Jun 2004)
584
585 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
586 +hardened-sources-2.4.26-r2.ebuild,
587 +files/2.4.26-CAN-2004-0495.patch,
588 +files/2.4.26-CAN-2004-0535.patch,
589 -hardened-sources-2.4.26-r1.ebuild:
590 Fixes for both CAN 0495 and 0535, see bug #54976
591
592 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
593 hardened-sources-2.4.26-r1.ebuild:
594 QA - fix use invocation
595
596 *hardened-sources-2.4.26-r1 (22 June 2004)
597
598 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
599 +hardened-sources-2.4.26-r1.ebuild,
600 +files/2.4.26-CAN-2004-0394.patch,
601 +files/2.4.26-signal-race.patch,
602 -hardened-sources-2.4.26.ebuild,
603 -hardened-sources-2.4.24-r3.ebuild:
604 Version bump for the CAN-2004-0394 issue and bug #53804
605 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
606
607
608 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
609 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
610 Masked hardened-sources-2.4.26.ebuild broken for ppc
611
612 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
613 hardened-sources-2.4.24-r3.ebuild:
614 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
615
616 *hardened-sources-2.4.26 (29 May 2004)
617
618 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
619 +hardened-sources-2.4.26.ebuild:
620 Updated hardened-sources for the 2.4.26 kernel
621 Removed broken components, updated almost everything.
622
623 *hardened-sources-2.4.24-r3 (17 Apr 2004)
624
625 17 Apr 2004; <plasmaroo@gentoo.org>
626 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
627 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
628 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
629 +hardened-sources-2.4.24-r3.ebuild:
630 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
631 vulnerabilities. Old revisions removed.
632
633 *hardened-sources-2.4.24-r2 (15 Apr 2004)
634
635 15 Apr 2004; <plasmaroo@gentoo.org>
636 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
637 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
638 Version bump for the CAN-2004-0109 issue; bug #47881.
639
640 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
641 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
642 Add eutils to inherit.
643
644 *hardened-sources-2.4.24-r1 (19 Feb 2004)
645
646 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
647 files/hardened-sources-2.4.24.munmap.patch:
648 Added the patch for the mremap/munmap vulnerability. Bug #42024.
649
650 *hardened-sources-2.4.24 (06 Feb 2004)
651
652 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
653 hardened-sources-2.4.24.ebuild:
654 Version bump, updated most of the components.
655 This release includes the following:
656
657 - Hardened security
658 - Netfilter patch-o-matic 20031219
659 - FreeSWAN 2.04 & x509 1.4.8
660 - EVMS 2.2.2
661 - XFS 1.3.1
662 - cryptoloop jari
663 - grsecurity 2.0-rc4
664 - SELinux
665 - PaX 200402060000
666 - PaX Obscurity 200308302223
667 - Others...
668
669 Neither -ck nor systrace are included anymore.
670
671 *hardened-sources-2.4.22-r2 (05 Jan 2004)
672
673 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
674 hardened-sources-2.4.22-r2.ebuild:
675 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
676
677 *hardened-sources-2.4.22-r1 (02 Dec 2003)
678
679 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
680 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
681
682 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
683 hardened-sources-2.4.22-r1.ebuild:
684 Version bump for the 'do_brk' vulnerability.
685
686 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
687 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
688 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
689 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
690 Fix the 'do_brk' vulnerability.
691
692 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
693 hardened-sources-2.4.22.ebuild:
694 - Removed the src_install() portion for SELinux flask
695 components. These are no longer handled in the kernel
696 so this code was not necessary.
697
698 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
699 New 2.4.22 based hardened-sources thanks to
700 Phil West <p.west@computer.org>.
701
702 These sources include:
703 - New SELinux API
704 - Updated CK-base
705 - Updated GRSec
706 - Systrace
707 - SuperFreeS/WAN 1.99.8
708 - Propolice kernel build support
709 - EVMS
710 - Other various security related patches
711
712 *hardened-sources-2.4.21 (14 Sep 2003)
713
714 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
715 Updated hardened-sources based on the 2.4.21 Linux kernel.
716 This includes updates to most major components such as:
717 - ck-base-0306300059
718 - selinux-2.4-2003071106
719 - grsecurity-2.0-rc1
720 - Updated IPTables patch-o-matic
721 - Updated SuperFreeS/WAN
722
723 Thanks to Phil West <pwest@computer.org> for his work in getting this
724 updated patch set ready for the 2.4.21 based kernel.
725
726 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
727 Initial import of hardened-sources-2.4.20-r4. This revision
728 includes only a few changes, but one of these is an important
729 security fix. It is recommended all users of hardened-sources
730 upgrade to this release.
731
732 - ioperm bug fix
733 - fixed compilation failure when building without GRSec
734
735 SAL (Secure Auditing for Linux) is NOT included in this revision
736 due to time constraints, but is planned for inclusion in the near
737 future.
738
739 *hardened-sources-2.4.20-r2 (12 Jun 2003)
740
741 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
742 hardened-sources-2.4.20-r3.ebuild:
743 Add Header...
744
745 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
746 hardened-sources-2.4.20-r3.ebuild:
747 Removed warnings from ebuild. This kernel should be safe to
748 use at this point.
749
750 *hardened-sources-2.4.20-r3 (08 Jun 2003)
751
752 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
753 hardened-sources-2.4.20-r3.ebuild:
754 New revision. Includes the following changes over -r2:
755
756 - ck7-base (O(1), preempt, low latency)
757 - Super FreeS/WAN 1.99.7rc2
758 - PaX for the LSM/SELinux branch
759 - GRSecurity 2.0-pre4 (role based access control)
760 - Systrace 1.3
761 - EXT3 fixes
762 - EVMS 2.0.1
763 - GCC 3.1+ compile optimizations
764 - ProPolice kernel build support
765 - Hashing table security fixes
766
767 *hardened-sources-2.4.20-r1 (09 Apr 2003)
768
769 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
770 Initial import of hardened-sources-r2. This new
771 ebuild includes many new performance and security
772 related patches. As in -r1, it will patch in
773 LSM/SELinux if "selinux" is in USE, otherwise it
774 will patch in GRSecurity. The following patches
775 are included in this revision:
776
777 - O(1) Scheduler, Low Latency, and Preempt
778 (pulled from the base CK patch)
779 - ptrace exploit patch for the LSM kernel
780 (the GRSec patch already fixes this)
781 - LSM 2.4-2003040709
782 - SELinux 2.4-2003040709
783 - Systrace v1.2
784 - IPTables patch-o-matic base patches - 20030107
785 - CryptoAPI 2.4.20.1 w/ loop-jari patch
786 - Super FreeS/WAN 1.99.6.1
787 - GRSecurity 1.9.9g
788 - MPPE
789 - EXT3 data journal fix
790 - CIPE 1.5.4
791
792 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
793 hardened-sources-2.4.20-r1.ebuild, manifest:
794 Updated to install flask components correctly for selinux.
795
796 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
797 hardened-sources-2.4.20-r1.ebuild:
798 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
799 is patched in instead. Ptrace patches for selinux have also been added. In
800 either case, systrace support will be patched in as well.
801
802 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
803 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
804 Revision bump for new sources.
805
806 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
807 hardened-sources-2.4.20-r1.ebuild:
808 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
809
810 *hardened-sources-2.4.20 (30 Mar 2003)
811
812 30 Mar 2003; Joshua Brindle <method@gentoo.org>
813 hardened-sources-2.4.20.ebuild:
814 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20