/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.127 - (show annotations) (download)
Sat Dec 23 19:08:24 2006 UTC (7 years, 10 months ago) by phreak
Branch: MAIN
Changes since 1.126: +7 -1 lines
Revision bump to pull in genpatches-2.6.19-3 for #157186.
(Portage version: 2.1.2_rc3-r9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.126 2006/12/17 23:12:09 phreak Exp $
4
5 *hardened-sources-2.6.19-r2 (23 Dec 2006)
6
7 23 Dec 2006; Christian Heim <phreak@gentoo.org>
8 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
9 Revision bump to pull in genpatches-2.6.19-3 for #157186.
10
11 17 Dec 2006; Christian Heim <phreak@gentoo.org>
12 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
13 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
14 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
15 hardened-sources-2.6.19-r1.ebuild:
16 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
17 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
18
19 *hardened-sources-2.4.33.4 (17 Dec 2006)
20
21 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
22 +hardened-sources-2.4.33.4.ebuild:
23 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
24 and quilting
25
26 *hardened-sources-2.6.19-r1 (14 Dec 2006)
27
28 14 Dec 2006; Christian Heim <phreak@gentoo.org>
29 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
30 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
31 for reporting).
32
33 *hardened-sources-2.6.19 (13 Dec 2006)
34
35 13 Dec 2006; Christian Heim <phreak@gentoo.org>
36 +hardened-sources-2.6.19.ebuild:
37 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
38 Brad for providing that prompt update.
39
40 *hardened-sources-2.6.18-r3 (13 Dec 2006)
41
42 13 Dec 2006; Christian Heim <phreak@gentoo.org>
43 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
44 +hardened-sources-2.6.18-r3.ebuild:
45 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
46 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
47
48 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
49 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
50
51 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
52 Stable on ppc wrt bug 157356
53
54 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
55 hardened-sources-2.6.18.ebuild:
56 stable x86, bug #157356
57
58 *hardened-sources-2.6.18-r2 (06 Dec 2006)
59
60 06 Dec 2006; Christian Heim <phreak@gentoo.org>
61 +hardened-sources-2.6.18-r2.ebuild:
62 Revision bump, including 2.6.18.5 (via genpatches) and
63 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
64 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
65 redesign.
66
67 06 Dec 2006; Christian Heim <phreak@gentoo.org>
68 hardened-sources-2.6.18.ebuild:
69 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
70 of Mike Doty).
71
72 *hardened-sources-2.6.18-r1 (23 Nov 2006)
73
74 23 Nov 2006; Christian Heim <phreak@gentoo.org>
75 +hardened-sources-2.6.18-r1.ebuild:
76 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
77
78 *hardened-sources-2.6.18 (11 Nov 2006)
79
80 11 Nov 2006; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.18.ebuild:
82 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
83
84 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
85 - mark amd64 stable also. bug #151877
86
87 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
88 - mark 2.6.17-r1 stable
89
90 27 Aug 2006; Christian Heim <phreak@gentoo.org>
91 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
92 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
93
94 *hardened-sources-2.6.17-r1 (26 Aug 2006)
95
96 26 Aug 2006; Christian Heim <phreak@gentoo.org>
97 +hardened-sources-2.6.17-r1.ebuild:
98 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
99 grsecurity patch.
100
101 *hardened-sources-2.6.17 (17 Aug 2006)
102
103 17 Aug 2006; Christian Heim <phreak@gentoo.org>
104 +hardened-sources-2.6.17.ebuild:
105 Bumping the hardened-sources-2.6 series to 2.6.17, using
106 genpatches-2.6.17-6.base.
107
108 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
109 - stable on x86 and amd64
110
111 *hardened-sources-2.6.16-r11 (15 Jul 2006)
112
113 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
114 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
115 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
116 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
117 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
118 crusty ebuilds
119
120 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
121 hardened-sources-2.6.16-r10.ebuild:
122 marking stable on x86 and amd64
123
124 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
125 - 2.4.32-r6 stable on x86. RSBAC state unknown
126
127 *hardened-sources-2.4.32-r7 (10 Jul 2006)
128
129 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
130 +hardened-sources-2.4.32-r7.ebuild:
131 Bump PaX for RSBAC to test-17
132
133 *hardened-sources-2.6.16-r9 (03 Jul 2006)
134
135 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
136 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
137 hardened-sources-2.6.16 bump to latest -base.
138
139 *hardened-sources-2.4.32-r6 (30 Jun 2006)
140
141 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
142 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
143 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
144 sysctl controlable resource logging
145
146 *hardened-sources-2.6.16-r7 (05 Jun 2006)
147
148 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
149 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
150 push new 2.6.16 release in preparation for stable
151
152 22 May 2006; <solar@gentoo.org> :
153 - redigest bug 134002
154
155 *hardened-sources-2.4.32-r5 (16 May 2006)
156
157 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
158 +hardened-sources-2.4.32-r5.ebuild:
159 Fixes rsbac common patching (new patch in new -r5 patchset)
160
161 *hardened-sources-2.4.32-r4 (13 May 2006)
162
163 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
164 +hardened-sources-2.4.32-r4.ebuild:
165 - security bumps
166
167 *hardened-sources-2.6.16-r6 (03 May 2006)
168
169 03 May 2006; John Mylchreest <johnm@gentoo.org>
170 +hardened-sources-2.6.16-r6.ebuild:
171 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
172
173 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
174 hardened-sources-2.6.14-r8.ebuild:
175 fix x86_64 build problem, this will delay the digest issue again for a short
176 while but it will sort itself out
177
178 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
179 hardened-sources-2.6.14-r8.ebuild:
180 bump hardened patchset
181
182 27 Apr 2006; Alec Warner <antarus@gentoo.org>
183 files/digest-hardened-sources-2.4.32-r2,
184 files/digest-hardened-sources-2.4.32-r3,
185 files/digest-hardened-sources-2.6.14-r8, Manifest:
186 Fixing duff SHA256 digests: Bug # 131293
187
188 *hardened-sources-2.6.16-r5 (27 Apr 2006)
189
190 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
191 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
192 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
193 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
194 cleanup of old uneccessary sources
195
196 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
197 fix digest
198
199 *hardened-sources-2.6.14-r8 (20 Apr 2006)
200
201 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
202 +hardened-sources-2.6.14-r8.ebuild:
203 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
204
205 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
206 Turning on gpg-signing again, and recomitting
207
208 *hardened-sources-2.6.16-r4 (20 Apr 2006)
209
210 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
211 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
212 +hardened-sources-2.6.16-r4.ebuild:
213 Fix numerous security vulns
214
215 *hardened-sources-2.4.32-r3 (16 Apr 2006)
216
217 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
218 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
219 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
220 - security bump for bug #112791. Removed old ebuilds
221
222 *hardened-sources-2.6.16-r3 (15 Apr 2006)
223
224 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
225 +hardened-sources-2.6.16-r3.ebuild:
226 Removing silly localversion which I missed
227
228 *hardened-sources-2.6.14-r7 (14 Apr 2006)
229
230 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
231 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
232 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
233
234 *hardened-sources-2.6.16-r2 (13 Apr 2006)
235
236 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
237 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
238 +hardened-sources-2.6.16-r2.ebuild:
239 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
240 labels, dropping USERGROUP define fixes, since these were merged mainstream.
241
242 *hardened-sources-2.6.16-r1 (11 Apr 2006)
243
244 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
245 +hardened-sources-2.6.16-r1.ebuild:
246 Bumping to include ppc build fix and 2.6.16.3
247
248 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
249 hardened-sources-2.6.14-r6.ebuild:
250 Stable on x86; bug #127718
251
252 *hardened-sources-2.6.16 (31 Mar 2006)
253
254 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
255 +hardened-sources-2.6.16.ebuild:
256 Bumping to new version of grsec, and kernel base. New squashfs. Based on
257 2.6.16.1
258
259 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
260 hardened-sources-2.6.14-r6.ebuild:
261 Stable on amd64, bug 127718.
262
263 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
264 Stable on ppc. Bug #127718
265
266 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
267 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
268 -hardened-sources-2.6.14-r4.ebuild:
269 Cleanup.
270
271 *hardened-sources-2.6.14-r6 (15 Mar 2006)
272
273 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
274 +hardened-sources-2.6.14-r6.ebuild:
275 Fixes grsec policy recreation bug and adds a
276 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
277
278 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
279 - stable on x86
280
281 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
282 hardened-sources-2.6.14-r5.ebuild:
283 Stable on ppc.
284
285 *hardened-sources-2.6.14-r5 (01 Feb 2006)
286
287 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
288 +hardened-sources-2.6.14-r5.ebuild:
289 fixing every known exploit
290
291 *hardened-sources-2.4.32-r2 (26 Jan 2006)
292
293 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
294 +hardened-sources-2.4.32-r2.ebuild:
295 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
296
297 *hardened-sources-2.6.14-r4 (12 Jan 2006)
298
299 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
300 - version bump for new genpatches which fix up a few sec holes
301
302 *hardened-sources-2.4.32-r1 (05 Jan 2006)
303
304 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
305 - revision bump to add misc vital linux kernel security patches.
306
307 *hardened-sources-2.6.14-r3 (30 Dec 2005)
308
309 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
310 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
311 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
312
313 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
314 hardened-sources-2.6.14-r2.ebuild:
315 making x86 & amd64 stable following testing.
316
317 *hardened-sources-2.6.14-r2 (27 Dec 2005)
318
319 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
320 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
321 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
322 network hooks.
323
324 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
325 hardened-sources-2.6.14-r1.ebuild:
326 bumping to stable early for sec fix on x86 & amd64
327
328 *hardened-sources-2.6.14-r1 (05 Dec 2005)
329
330 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
331 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
332 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
333
334 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
335 - stable on x86 security bug #114227 CAN-2005-3257
336
337 *hardened-sources-2.4.32 (19 Nov 2005)
338
339 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
340 +hardened-sources-2.4.32.ebuild:
341 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
342 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
343 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
344 rsbac >> /etc/portage/package.use)
345
346 *hardened-sources-2.6.14 (14 Nov 2005)
347
348 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
349 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
350 Bumping 2.6 series to 2.6.14.2
351
352 *hardened-sources-2.6.13-r2 (20 Oct 2005)
353
354 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
355 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
356 +hardened-sources-2.6.13-r2.ebuild:
357 Fixes minor build error in ppc.
358
359 *hardened-sources-2.6.13-r1 (17 Oct 2005)
360
361 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
362 +hardened-sources-2.6.13-r1.ebuild:
363 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
364 2.6.13.4, fixes some major amd64 stability problems.
365
366 *hardened-sources-2.6.13 (16 Sep 2005)
367
368 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
369 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
370 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
371 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
372 users should test this thoroughly.
373
374 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
375 - stable on x86
376
377 *hardened-sources-2.6.11-r15 (27 Jun 2005)
378
379 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
380 +hardened-sources-2.6.11-r15.ebuild:
381 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
382 grsec redefining curr_ip struct.
383
384 *hardened-sources-2.4.31 (20 Jun 2005)
385
386 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
387 initial import of 2.4.31 tree
388
389 *hardened-sources-2.6.11-r14 (14 Jun 2005)
390
391 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
392 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
393 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
394 naming scheme to abide by genpatches
395
396 *hardened-sources-2.6.11-r13 (18 May 2005)
397
398 18 May 2005; John Mylchreest <johnm@gentoo.org>
399 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
400 Managed to mangle the Makefile patch from grsec, to miss out the grsec
401 target. sorry about that. Fixes bug #93022
402
403 *hardened-sources-2.6.11-r12 (17 May 2005)
404
405 17 May 2005; John Mylchreest <johnm@gentoo.org>
406 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
407 +hardened-sources-2.6.11-r12.ebuild:
408 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
409 merges in genpatches-base
410
411 *hardened-sources-2.6.11-r12 (17 May 2005)
412
413 17 May 2005; John Mylchreest <johnm@gentoo.org>
414 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
415 +hardened-sources-2.6.11-r12.ebuild:
416 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
417 merges in genpatches-base
418
419 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
420 -files/2.4.27-cmdline-race.patch,
421 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
422 -files/2.4.28-grsec-binfmt_a.out.patch,
423 -files/2.4.28-grsec-cmdline-race.patch,
424 -files/2.4.28-selinux-binfmt_a.out.patch,
425 -files/2.4.28-selinux-cmdline-race.patch,
426 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
427 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
428 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
429 cleanup..
430
431 *hardened-sources-2.4.30-r1 (21 Apr 2005)
432
433 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
434 - disable aout by default
435
436 *hardened-sources-2.4.30 (18 Apr 2005)
437
438 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
439 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
440 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
441 use
442
443 *hardened-sources-2.4.29 (30 Mar 2005)
444
445 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
446 +hardened-sources-2.4.29.ebuild:
447 New hardened-patches-2.4-29.0 patchball.
448 Removed SELinux support, upgraded GRSecurity to 2.1.4.
449
450 *hardened-sources-2.4.28-r5 (06 Mar 2005)
451
452 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
453 +hardened-sources-2.4.28-r5.ebuild:
454 Added a fix for a PaX vulnerability.
455
456 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
457 hardened-sources-2.4.28-r4.ebuild:
458 Stable on x86
459
460 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
461 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
462 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
463 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
464 - fixed/added RDEPEND= in all kernel-2 ebuilds
465
466 *hardened-sources-2.4.28-r4 (21 Jan 2005)
467
468 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
469 +hardened-sources-2.4.28-r4.ebuild:
470 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
471 backport of neighbour hash updates.
472
473 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
474 hardened-sources-2.4.28-r3.ebuild:
475 Stable on x86
476
477 *hardened-sources-2.6.10-r3 (20 Jan 2005)
478
479 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
480 +hardened-sources-2.6.10-r3.ebuild:
481 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
482 in 2005.0
483
484 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
485 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
486 hardened-sources-2.4.28-r2.ebuild:
487 Mark stable on x86
488
489 *hardened-sources-2.4.28-r3 (17 Jan 2005)
490
491 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
492 +hardened-sources-2.4.28-r3.ebuild:
493 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
494
495 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
496 hardened-sources-2.4.28.ebuild:
497 Mark stable on x86.
498
499 *hardened-sources-2.4.28-r2 (13 Jan 2005)
500
501 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
502 +hardened-sources-2.4.28-r2.ebuild:
503 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
504 Mazinger for grsecurity patches as well.
505
506 *hardened-sources-2.4.28-r1 (23 Dec 2004)
507
508 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
509 Security bump. Thank tocharian for rolling a new patchset...
510
511 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
512 +files/2.4.28-grsec-cmdline-race.patch,
513 +files/2.4.28-selinux-binfmt_a.out.patch,
514 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
515 - Round up remaining security patches that appear to be missing in 2.4.28. -
516 PaX standalone updated to current. hgpv=28.1
517
518 *hardened-sources-2.4.28 (28 Nov 2004)
519
520 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
521 security bump. Thank tocharian for rolling a new patchset
522
523 *hardened-sources-2.4.27-r3 (08 Sep 2004)
524
525 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
526 +hardened-sources-2.4.27-r3.ebuild:
527 Applies the new 2.4-27.2 patchball which updates
528 GRSecurity to the 2.0.1 version.
529
530 *hardened-sources-2.4.27-r2 (31 Aug 2004)
531
532 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
533 +hardened-sources-2.4.27-r2.ebuild:
534 Version bump.
535 This version uses the new 2.4-27.1 patchball which updates
536 both the SELinux PaX hooks patch and the SELinux headers.
537
538 *hardened-sources-2.4.27-r1 (09 Aug 2004)
539
540 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
541 +hardened-sources-2.4.27-r1.ebuild,
542 -hardened-sources-2.4.27.ebuild,
543 +files/2.4.27-cmdline-race.patch:
544 Version bump, fix for cmdline race. See bug #59905.
545
546 *hardened-sources-2.4.26-r6 (09 Aug 2004)
547
548 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
549 +hardened-sources-2.4.26-r6.ebuild,
550 -hardened-sources-2.4.26-r5.ebuild,
551 -hardened-sources-2.4.26-r4.ebuild,
552 +files/2.4.26-cmdline-race.patch:
553 Version bump, fix for cmdline race. See bug #59905.
554
555 *hardened-sources-2.4.27 (08 Aug 2004)
556
557 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
558 +hardened-sources-2.4.27.ebuild,
559 +files/2.4.27-CAN-2004-0394.patch:
560 Ported the patchball to the 2.4.27 kernel version.
561
562 *hardened-sources-2.4.26-r5 (07 Aug 2004)
563
564 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
565 +hardened-sources-2.4.26-r5.ebuild:
566 Updated to use the new hardened-patches-2.4-26.1 patchball.
567 It adds the following features:
568 - Squashfs
569 - Ebtables
570 - Netdev random (core+drivers)
571 - Watchdog Timer (WDT) fix.
572
573 *hardened-sources-2.4.26-r4 (04 Aug 2004)
574
575 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
576 +hardened-sources-2.4.26-r4.ebuild,
577 +files/2.4.26-CAN-2004-0415.patch,
578 -hardened-sources-2.4.26-3:
579 Version bump, fix for CAN 0415, see bug #59378.
580
581 *hardened-sources-2.4.26-r3 (22 Jul 2004)
582
583 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
584 +hardened-sources-2.4.26-r3.ebuild,
585 +files/2.4.26-CAN-2004-0497.patch,
586 -hardened-sources-2.4.26-r2.ebuild:
587 Version bump, fixed CAN 0497, see bug #56171.
588
589 *hardened-sources-2.4.26-r2 (29 Jun 2004)
590
591 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
592 +hardened-sources-2.4.26-r2.ebuild,
593 +files/2.4.26-CAN-2004-0495.patch,
594 +files/2.4.26-CAN-2004-0535.patch,
595 -hardened-sources-2.4.26-r1.ebuild:
596 Fixes for both CAN 0495 and 0535, see bug #54976
597
598 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
599 hardened-sources-2.4.26-r1.ebuild:
600 QA - fix use invocation
601
602 *hardened-sources-2.4.26-r1 (22 June 2004)
603
604 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
605 +hardened-sources-2.4.26-r1.ebuild,
606 +files/2.4.26-CAN-2004-0394.patch,
607 +files/2.4.26-signal-race.patch,
608 -hardened-sources-2.4.26.ebuild,
609 -hardened-sources-2.4.24-r3.ebuild:
610 Version bump for the CAN-2004-0394 issue and bug #53804
611 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
612
613
614 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
615 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
616 Masked hardened-sources-2.4.26.ebuild broken for ppc
617
618 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
619 hardened-sources-2.4.24-r3.ebuild:
620 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
621
622 *hardened-sources-2.4.26 (29 May 2004)
623
624 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
625 +hardened-sources-2.4.26.ebuild:
626 Updated hardened-sources for the 2.4.26 kernel
627 Removed broken components, updated almost everything.
628
629 *hardened-sources-2.4.24-r3 (17 Apr 2004)
630
631 17 Apr 2004; <plasmaroo@gentoo.org>
632 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
633 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
634 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
635 +hardened-sources-2.4.24-r3.ebuild:
636 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
637 vulnerabilities. Old revisions removed.
638
639 *hardened-sources-2.4.24-r2 (15 Apr 2004)
640
641 15 Apr 2004; <plasmaroo@gentoo.org>
642 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
643 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
644 Version bump for the CAN-2004-0109 issue; bug #47881.
645
646 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
647 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
648 Add eutils to inherit.
649
650 *hardened-sources-2.4.24-r1 (19 Feb 2004)
651
652 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
653 files/hardened-sources-2.4.24.munmap.patch:
654 Added the patch for the mremap/munmap vulnerability. Bug #42024.
655
656 *hardened-sources-2.4.24 (06 Feb 2004)
657
658 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
659 hardened-sources-2.4.24.ebuild:
660 Version bump, updated most of the components.
661 This release includes the following:
662
663 - Hardened security
664 - Netfilter patch-o-matic 20031219
665 - FreeSWAN 2.04 & x509 1.4.8
666 - EVMS 2.2.2
667 - XFS 1.3.1
668 - cryptoloop jari
669 - grsecurity 2.0-rc4
670 - SELinux
671 - PaX 200402060000
672 - PaX Obscurity 200308302223
673 - Others...
674
675 Neither -ck nor systrace are included anymore.
676
677 *hardened-sources-2.4.22-r2 (05 Jan 2004)
678
679 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
680 hardened-sources-2.4.22-r2.ebuild:
681 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
682
683 *hardened-sources-2.4.22-r1 (02 Dec 2003)
684
685 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
686 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
687
688 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
689 hardened-sources-2.4.22-r1.ebuild:
690 Version bump for the 'do_brk' vulnerability.
691
692 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
693 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
694 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
695 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
696 Fix the 'do_brk' vulnerability.
697
698 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
699 hardened-sources-2.4.22.ebuild:
700 - Removed the src_install() portion for SELinux flask
701 components. These are no longer handled in the kernel
702 so this code was not necessary.
703
704 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
705 New 2.4.22 based hardened-sources thanks to
706 Phil West <p.west@computer.org>.
707
708 These sources include:
709 - New SELinux API
710 - Updated CK-base
711 - Updated GRSec
712 - Systrace
713 - SuperFreeS/WAN 1.99.8
714 - Propolice kernel build support
715 - EVMS
716 - Other various security related patches
717
718 *hardened-sources-2.4.21 (14 Sep 2003)
719
720 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
721 Updated hardened-sources based on the 2.4.21 Linux kernel.
722 This includes updates to most major components such as:
723 - ck-base-0306300059
724 - selinux-2.4-2003071106
725 - grsecurity-2.0-rc1
726 - Updated IPTables patch-o-matic
727 - Updated SuperFreeS/WAN
728
729 Thanks to Phil West <pwest@computer.org> for his work in getting this
730 updated patch set ready for the 2.4.21 based kernel.
731
732 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
733 Initial import of hardened-sources-2.4.20-r4. This revision
734 includes only a few changes, but one of these is an important
735 security fix. It is recommended all users of hardened-sources
736 upgrade to this release.
737
738 - ioperm bug fix
739 - fixed compilation failure when building without GRSec
740
741 SAL (Secure Auditing for Linux) is NOT included in this revision
742 due to time constraints, but is planned for inclusion in the near
743 future.
744
745 *hardened-sources-2.4.20-r2 (12 Jun 2003)
746
747 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
748 hardened-sources-2.4.20-r3.ebuild:
749 Add Header...
750
751 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
752 hardened-sources-2.4.20-r3.ebuild:
753 Removed warnings from ebuild. This kernel should be safe to
754 use at this point.
755
756 *hardened-sources-2.4.20-r3 (08 Jun 2003)
757
758 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
759 hardened-sources-2.4.20-r3.ebuild:
760 New revision. Includes the following changes over -r2:
761
762 - ck7-base (O(1), preempt, low latency)
763 - Super FreeS/WAN 1.99.7rc2
764 - PaX for the LSM/SELinux branch
765 - GRSecurity 2.0-pre4 (role based access control)
766 - Systrace 1.3
767 - EXT3 fixes
768 - EVMS 2.0.1
769 - GCC 3.1+ compile optimizations
770 - ProPolice kernel build support
771 - Hashing table security fixes
772
773 *hardened-sources-2.4.20-r1 (09 Apr 2003)
774
775 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
776 Initial import of hardened-sources-r2. This new
777 ebuild includes many new performance and security
778 related patches. As in -r1, it will patch in
779 LSM/SELinux if "selinux" is in USE, otherwise it
780 will patch in GRSecurity. The following patches
781 are included in this revision:
782
783 - O(1) Scheduler, Low Latency, and Preempt
784 (pulled from the base CK patch)
785 - ptrace exploit patch for the LSM kernel
786 (the GRSec patch already fixes this)
787 - LSM 2.4-2003040709
788 - SELinux 2.4-2003040709
789 - Systrace v1.2
790 - IPTables patch-o-matic base patches - 20030107
791 - CryptoAPI 2.4.20.1 w/ loop-jari patch
792 - Super FreeS/WAN 1.99.6.1
793 - GRSecurity 1.9.9g
794 - MPPE
795 - EXT3 data journal fix
796 - CIPE 1.5.4
797
798 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
799 hardened-sources-2.4.20-r1.ebuild, manifest:
800 Updated to install flask components correctly for selinux.
801
802 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
803 hardened-sources-2.4.20-r1.ebuild:
804 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
805 is patched in instead. Ptrace patches for selinux have also been added. In
806 either case, systrace support will be patched in as well.
807
808 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
809 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
810 Revision bump for new sources.
811
812 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
813 hardened-sources-2.4.20-r1.ebuild:
814 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
815
816 *hardened-sources-2.4.20 (30 Mar 2003)
817
818 30 Mar 2003; Joshua Brindle <method@gentoo.org>
819 hardened-sources-2.4.20.ebuild:
820 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20