/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.129 - (show annotations) (download)
Wed Dec 27 19:25:47 2006 UTC (7 years, 10 months ago) by phreak
Branch: MAIN
Changes since 1.128: +7 -1 lines
Revision bump for bug #157186 and #158786.
(Portage version: 2.1.2_rc4-r1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.128 2006/12/27 19:16:53 phreak Exp $
4
5 *hardened-sources-2.6.19-r3 (27 Dec 2006)
6
7 27 Dec 2006; Christian Heim <phreak@gentoo.org>
8 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
9 Revision bump for bug #157186 and #158786.
10
11 *hardened-sources-2.6.18-r4 (27 Dec 2006)
12
13 27 Dec 2006; Christian Heim <phreak@gentoo.org>
14 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
15 Revision bump for bug #157186.
16
17 *hardened-sources-2.6.19-r2 (23 Dec 2006)
18
19 23 Dec 2006; Christian Heim <phreak@gentoo.org>
20 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
21 Revision bump to pull in genpatches-2.6.19-3 for #157186.
22
23 17 Dec 2006; Christian Heim <phreak@gentoo.org>
24 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
25 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
26 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
27 hardened-sources-2.6.19-r1.ebuild:
28 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
29 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
30
31 *hardened-sources-2.4.33.4 (17 Dec 2006)
32
33 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
34 +hardened-sources-2.4.33.4.ebuild:
35 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
36 and quilting
37
38 *hardened-sources-2.6.19-r1 (14 Dec 2006)
39
40 14 Dec 2006; Christian Heim <phreak@gentoo.org>
41 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
42 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
43 for reporting).
44
45 *hardened-sources-2.6.19 (13 Dec 2006)
46
47 13 Dec 2006; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.19.ebuild:
49 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
50 Brad for providing that prompt update.
51
52 *hardened-sources-2.6.18-r3 (13 Dec 2006)
53
54 13 Dec 2006; Christian Heim <phreak@gentoo.org>
55 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
56 +hardened-sources-2.6.18-r3.ebuild:
57 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
58 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
59
60 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
61 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
62
63 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
64 Stable on ppc wrt bug 157356
65
66 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
67 hardened-sources-2.6.18.ebuild:
68 stable x86, bug #157356
69
70 *hardened-sources-2.6.18-r2 (06 Dec 2006)
71
72 06 Dec 2006; Christian Heim <phreak@gentoo.org>
73 +hardened-sources-2.6.18-r2.ebuild:
74 Revision bump, including 2.6.18.5 (via genpatches) and
75 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
76 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
77 redesign.
78
79 06 Dec 2006; Christian Heim <phreak@gentoo.org>
80 hardened-sources-2.6.18.ebuild:
81 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
82 of Mike Doty).
83
84 *hardened-sources-2.6.18-r1 (23 Nov 2006)
85
86 23 Nov 2006; Christian Heim <phreak@gentoo.org>
87 +hardened-sources-2.6.18-r1.ebuild:
88 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
89
90 *hardened-sources-2.6.18 (11 Nov 2006)
91
92 11 Nov 2006; Christian Heim <phreak@gentoo.org>
93 +hardened-sources-2.6.18.ebuild:
94 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
95
96 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
97 - mark amd64 stable also. bug #151877
98
99 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
100 - mark 2.6.17-r1 stable
101
102 27 Aug 2006; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
104 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
105
106 *hardened-sources-2.6.17-r1 (26 Aug 2006)
107
108 26 Aug 2006; Christian Heim <phreak@gentoo.org>
109 +hardened-sources-2.6.17-r1.ebuild:
110 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
111 grsecurity patch.
112
113 *hardened-sources-2.6.17 (17 Aug 2006)
114
115 17 Aug 2006; Christian Heim <phreak@gentoo.org>
116 +hardened-sources-2.6.17.ebuild:
117 Bumping the hardened-sources-2.6 series to 2.6.17, using
118 genpatches-2.6.17-6.base.
119
120 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
121 - stable on x86 and amd64
122
123 *hardened-sources-2.6.16-r11 (15 Jul 2006)
124
125 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
126 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
127 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
128 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
129 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
130 crusty ebuilds
131
132 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
133 hardened-sources-2.6.16-r10.ebuild:
134 marking stable on x86 and amd64
135
136 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
137 - 2.4.32-r6 stable on x86. RSBAC state unknown
138
139 *hardened-sources-2.4.32-r7 (10 Jul 2006)
140
141 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
142 +hardened-sources-2.4.32-r7.ebuild:
143 Bump PaX for RSBAC to test-17
144
145 *hardened-sources-2.6.16-r9 (03 Jul 2006)
146
147 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
148 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
149 hardened-sources-2.6.16 bump to latest -base.
150
151 *hardened-sources-2.4.32-r6 (30 Jun 2006)
152
153 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
154 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
155 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
156 sysctl controlable resource logging
157
158 *hardened-sources-2.6.16-r7 (05 Jun 2006)
159
160 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
161 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
162 push new 2.6.16 release in preparation for stable
163
164 22 May 2006; <solar@gentoo.org> :
165 - redigest bug 134002
166
167 *hardened-sources-2.4.32-r5 (16 May 2006)
168
169 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
170 +hardened-sources-2.4.32-r5.ebuild:
171 Fixes rsbac common patching (new patch in new -r5 patchset)
172
173 *hardened-sources-2.4.32-r4 (13 May 2006)
174
175 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
176 +hardened-sources-2.4.32-r4.ebuild:
177 - security bumps
178
179 *hardened-sources-2.6.16-r6 (03 May 2006)
180
181 03 May 2006; John Mylchreest <johnm@gentoo.org>
182 +hardened-sources-2.6.16-r6.ebuild:
183 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
184
185 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
186 hardened-sources-2.6.14-r8.ebuild:
187 fix x86_64 build problem, this will delay the digest issue again for a short
188 while but it will sort itself out
189
190 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
191 hardened-sources-2.6.14-r8.ebuild:
192 bump hardened patchset
193
194 27 Apr 2006; Alec Warner <antarus@gentoo.org>
195 files/digest-hardened-sources-2.4.32-r2,
196 files/digest-hardened-sources-2.4.32-r3,
197 files/digest-hardened-sources-2.6.14-r8, Manifest:
198 Fixing duff SHA256 digests: Bug # 131293
199
200 *hardened-sources-2.6.16-r5 (27 Apr 2006)
201
202 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
203 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
204 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
205 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
206 cleanup of old uneccessary sources
207
208 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
209 fix digest
210
211 *hardened-sources-2.6.14-r8 (20 Apr 2006)
212
213 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
214 +hardened-sources-2.6.14-r8.ebuild:
215 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
216
217 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
218 Turning on gpg-signing again, and recomitting
219
220 *hardened-sources-2.6.16-r4 (20 Apr 2006)
221
222 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
223 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
224 +hardened-sources-2.6.16-r4.ebuild:
225 Fix numerous security vulns
226
227 *hardened-sources-2.4.32-r3 (16 Apr 2006)
228
229 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
230 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
231 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
232 - security bump for bug #112791. Removed old ebuilds
233
234 *hardened-sources-2.6.16-r3 (15 Apr 2006)
235
236 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
237 +hardened-sources-2.6.16-r3.ebuild:
238 Removing silly localversion which I missed
239
240 *hardened-sources-2.6.14-r7 (14 Apr 2006)
241
242 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
243 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
244 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
245
246 *hardened-sources-2.6.16-r2 (13 Apr 2006)
247
248 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
249 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
250 +hardened-sources-2.6.16-r2.ebuild:
251 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
252 labels, dropping USERGROUP define fixes, since these were merged mainstream.
253
254 *hardened-sources-2.6.16-r1 (11 Apr 2006)
255
256 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
257 +hardened-sources-2.6.16-r1.ebuild:
258 Bumping to include ppc build fix and 2.6.16.3
259
260 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
261 hardened-sources-2.6.14-r6.ebuild:
262 Stable on x86; bug #127718
263
264 *hardened-sources-2.6.16 (31 Mar 2006)
265
266 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
267 +hardened-sources-2.6.16.ebuild:
268 Bumping to new version of grsec, and kernel base. New squashfs. Based on
269 2.6.16.1
270
271 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
272 hardened-sources-2.6.14-r6.ebuild:
273 Stable on amd64, bug 127718.
274
275 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
276 Stable on ppc. Bug #127718
277
278 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
279 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
280 -hardened-sources-2.6.14-r4.ebuild:
281 Cleanup.
282
283 *hardened-sources-2.6.14-r6 (15 Mar 2006)
284
285 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
286 +hardened-sources-2.6.14-r6.ebuild:
287 Fixes grsec policy recreation bug and adds a
288 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
289
290 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
291 - stable on x86
292
293 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
294 hardened-sources-2.6.14-r5.ebuild:
295 Stable on ppc.
296
297 *hardened-sources-2.6.14-r5 (01 Feb 2006)
298
299 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
300 +hardened-sources-2.6.14-r5.ebuild:
301 fixing every known exploit
302
303 *hardened-sources-2.4.32-r2 (26 Jan 2006)
304
305 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
306 +hardened-sources-2.4.32-r2.ebuild:
307 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
308
309 *hardened-sources-2.6.14-r4 (12 Jan 2006)
310
311 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
312 - version bump for new genpatches which fix up a few sec holes
313
314 *hardened-sources-2.4.32-r1 (05 Jan 2006)
315
316 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
317 - revision bump to add misc vital linux kernel security patches.
318
319 *hardened-sources-2.6.14-r3 (30 Dec 2005)
320
321 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
322 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
323 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
324
325 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
326 hardened-sources-2.6.14-r2.ebuild:
327 making x86 & amd64 stable following testing.
328
329 *hardened-sources-2.6.14-r2 (27 Dec 2005)
330
331 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
332 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
333 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
334 network hooks.
335
336 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
337 hardened-sources-2.6.14-r1.ebuild:
338 bumping to stable early for sec fix on x86 & amd64
339
340 *hardened-sources-2.6.14-r1 (05 Dec 2005)
341
342 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
343 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
344 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
345
346 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
347 - stable on x86 security bug #114227 CAN-2005-3257
348
349 *hardened-sources-2.4.32 (19 Nov 2005)
350
351 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
352 +hardened-sources-2.4.32.ebuild:
353 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
354 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
355 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
356 rsbac >> /etc/portage/package.use)
357
358 *hardened-sources-2.6.14 (14 Nov 2005)
359
360 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
361 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
362 Bumping 2.6 series to 2.6.14.2
363
364 *hardened-sources-2.6.13-r2 (20 Oct 2005)
365
366 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
367 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
368 +hardened-sources-2.6.13-r2.ebuild:
369 Fixes minor build error in ppc.
370
371 *hardened-sources-2.6.13-r1 (17 Oct 2005)
372
373 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
374 +hardened-sources-2.6.13-r1.ebuild:
375 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
376 2.6.13.4, fixes some major amd64 stability problems.
377
378 *hardened-sources-2.6.13 (16 Sep 2005)
379
380 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
381 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
382 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
383 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
384 users should test this thoroughly.
385
386 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
387 - stable on x86
388
389 *hardened-sources-2.6.11-r15 (27 Jun 2005)
390
391 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
392 +hardened-sources-2.6.11-r15.ebuild:
393 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
394 grsec redefining curr_ip struct.
395
396 *hardened-sources-2.4.31 (20 Jun 2005)
397
398 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
399 initial import of 2.4.31 tree
400
401 *hardened-sources-2.6.11-r14 (14 Jun 2005)
402
403 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
404 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
405 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
406 naming scheme to abide by genpatches
407
408 *hardened-sources-2.6.11-r13 (18 May 2005)
409
410 18 May 2005; John Mylchreest <johnm@gentoo.org>
411 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
412 Managed to mangle the Makefile patch from grsec, to miss out the grsec
413 target. sorry about that. Fixes bug #93022
414
415 *hardened-sources-2.6.11-r12 (17 May 2005)
416
417 17 May 2005; John Mylchreest <johnm@gentoo.org>
418 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
419 +hardened-sources-2.6.11-r12.ebuild:
420 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
421 merges in genpatches-base
422
423 *hardened-sources-2.6.11-r12 (17 May 2005)
424
425 17 May 2005; John Mylchreest <johnm@gentoo.org>
426 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
427 +hardened-sources-2.6.11-r12.ebuild:
428 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
429 merges in genpatches-base
430
431 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
432 -files/2.4.27-cmdline-race.patch,
433 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
434 -files/2.4.28-grsec-binfmt_a.out.patch,
435 -files/2.4.28-grsec-cmdline-race.patch,
436 -files/2.4.28-selinux-binfmt_a.out.patch,
437 -files/2.4.28-selinux-cmdline-race.patch,
438 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
439 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
440 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
441 cleanup..
442
443 *hardened-sources-2.4.30-r1 (21 Apr 2005)
444
445 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
446 - disable aout by default
447
448 *hardened-sources-2.4.30 (18 Apr 2005)
449
450 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
451 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
452 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
453 use
454
455 *hardened-sources-2.4.29 (30 Mar 2005)
456
457 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
458 +hardened-sources-2.4.29.ebuild:
459 New hardened-patches-2.4-29.0 patchball.
460 Removed SELinux support, upgraded GRSecurity to 2.1.4.
461
462 *hardened-sources-2.4.28-r5 (06 Mar 2005)
463
464 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
465 +hardened-sources-2.4.28-r5.ebuild:
466 Added a fix for a PaX vulnerability.
467
468 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
469 hardened-sources-2.4.28-r4.ebuild:
470 Stable on x86
471
472 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
473 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
474 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
475 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
476 - fixed/added RDEPEND= in all kernel-2 ebuilds
477
478 *hardened-sources-2.4.28-r4 (21 Jan 2005)
479
480 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
481 +hardened-sources-2.4.28-r4.ebuild:
482 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
483 backport of neighbour hash updates.
484
485 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
486 hardened-sources-2.4.28-r3.ebuild:
487 Stable on x86
488
489 *hardened-sources-2.6.10-r3 (20 Jan 2005)
490
491 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
492 +hardened-sources-2.6.10-r3.ebuild:
493 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
494 in 2005.0
495
496 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
497 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
498 hardened-sources-2.4.28-r2.ebuild:
499 Mark stable on x86
500
501 *hardened-sources-2.4.28-r3 (17 Jan 2005)
502
503 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
504 +hardened-sources-2.4.28-r3.ebuild:
505 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
506
507 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
508 hardened-sources-2.4.28.ebuild:
509 Mark stable on x86.
510
511 *hardened-sources-2.4.28-r2 (13 Jan 2005)
512
513 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
514 +hardened-sources-2.4.28-r2.ebuild:
515 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
516 Mazinger for grsecurity patches as well.
517
518 *hardened-sources-2.4.28-r1 (23 Dec 2004)
519
520 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
521 Security bump. Thank tocharian for rolling a new patchset...
522
523 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
524 +files/2.4.28-grsec-cmdline-race.patch,
525 +files/2.4.28-selinux-binfmt_a.out.patch,
526 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
527 - Round up remaining security patches that appear to be missing in 2.4.28. -
528 PaX standalone updated to current. hgpv=28.1
529
530 *hardened-sources-2.4.28 (28 Nov 2004)
531
532 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
533 security bump. Thank tocharian for rolling a new patchset
534
535 *hardened-sources-2.4.27-r3 (08 Sep 2004)
536
537 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
538 +hardened-sources-2.4.27-r3.ebuild:
539 Applies the new 2.4-27.2 patchball which updates
540 GRSecurity to the 2.0.1 version.
541
542 *hardened-sources-2.4.27-r2 (31 Aug 2004)
543
544 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
545 +hardened-sources-2.4.27-r2.ebuild:
546 Version bump.
547 This version uses the new 2.4-27.1 patchball which updates
548 both the SELinux PaX hooks patch and the SELinux headers.
549
550 *hardened-sources-2.4.27-r1 (09 Aug 2004)
551
552 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
553 +hardened-sources-2.4.27-r1.ebuild,
554 -hardened-sources-2.4.27.ebuild,
555 +files/2.4.27-cmdline-race.patch:
556 Version bump, fix for cmdline race. See bug #59905.
557
558 *hardened-sources-2.4.26-r6 (09 Aug 2004)
559
560 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
561 +hardened-sources-2.4.26-r6.ebuild,
562 -hardened-sources-2.4.26-r5.ebuild,
563 -hardened-sources-2.4.26-r4.ebuild,
564 +files/2.4.26-cmdline-race.patch:
565 Version bump, fix for cmdline race. See bug #59905.
566
567 *hardened-sources-2.4.27 (08 Aug 2004)
568
569 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
570 +hardened-sources-2.4.27.ebuild,
571 +files/2.4.27-CAN-2004-0394.patch:
572 Ported the patchball to the 2.4.27 kernel version.
573
574 *hardened-sources-2.4.26-r5 (07 Aug 2004)
575
576 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
577 +hardened-sources-2.4.26-r5.ebuild:
578 Updated to use the new hardened-patches-2.4-26.1 patchball.
579 It adds the following features:
580 - Squashfs
581 - Ebtables
582 - Netdev random (core+drivers)
583 - Watchdog Timer (WDT) fix.
584
585 *hardened-sources-2.4.26-r4 (04 Aug 2004)
586
587 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
588 +hardened-sources-2.4.26-r4.ebuild,
589 +files/2.4.26-CAN-2004-0415.patch,
590 -hardened-sources-2.4.26-3:
591 Version bump, fix for CAN 0415, see bug #59378.
592
593 *hardened-sources-2.4.26-r3 (22 Jul 2004)
594
595 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
596 +hardened-sources-2.4.26-r3.ebuild,
597 +files/2.4.26-CAN-2004-0497.patch,
598 -hardened-sources-2.4.26-r2.ebuild:
599 Version bump, fixed CAN 0497, see bug #56171.
600
601 *hardened-sources-2.4.26-r2 (29 Jun 2004)
602
603 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
604 +hardened-sources-2.4.26-r2.ebuild,
605 +files/2.4.26-CAN-2004-0495.patch,
606 +files/2.4.26-CAN-2004-0535.patch,
607 -hardened-sources-2.4.26-r1.ebuild:
608 Fixes for both CAN 0495 and 0535, see bug #54976
609
610 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
611 hardened-sources-2.4.26-r1.ebuild:
612 QA - fix use invocation
613
614 *hardened-sources-2.4.26-r1 (22 June 2004)
615
616 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
617 +hardened-sources-2.4.26-r1.ebuild,
618 +files/2.4.26-CAN-2004-0394.patch,
619 +files/2.4.26-signal-race.patch,
620 -hardened-sources-2.4.26.ebuild,
621 -hardened-sources-2.4.24-r3.ebuild:
622 Version bump for the CAN-2004-0394 issue and bug #53804
623 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
624
625
626 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
627 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
628 Masked hardened-sources-2.4.26.ebuild broken for ppc
629
630 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
631 hardened-sources-2.4.24-r3.ebuild:
632 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
633
634 *hardened-sources-2.4.26 (29 May 2004)
635
636 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
637 +hardened-sources-2.4.26.ebuild:
638 Updated hardened-sources for the 2.4.26 kernel
639 Removed broken components, updated almost everything.
640
641 *hardened-sources-2.4.24-r3 (17 Apr 2004)
642
643 17 Apr 2004; <plasmaroo@gentoo.org>
644 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
645 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
646 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
647 +hardened-sources-2.4.24-r3.ebuild:
648 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
649 vulnerabilities. Old revisions removed.
650
651 *hardened-sources-2.4.24-r2 (15 Apr 2004)
652
653 15 Apr 2004; <plasmaroo@gentoo.org>
654 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
655 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
656 Version bump for the CAN-2004-0109 issue; bug #47881.
657
658 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
659 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
660 Add eutils to inherit.
661
662 *hardened-sources-2.4.24-r1 (19 Feb 2004)
663
664 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
665 files/hardened-sources-2.4.24.munmap.patch:
666 Added the patch for the mremap/munmap vulnerability. Bug #42024.
667
668 *hardened-sources-2.4.24 (06 Feb 2004)
669
670 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
671 hardened-sources-2.4.24.ebuild:
672 Version bump, updated most of the components.
673 This release includes the following:
674
675 - Hardened security
676 - Netfilter patch-o-matic 20031219
677 - FreeSWAN 2.04 & x509 1.4.8
678 - EVMS 2.2.2
679 - XFS 1.3.1
680 - cryptoloop jari
681 - grsecurity 2.0-rc4
682 - SELinux
683 - PaX 200402060000
684 - PaX Obscurity 200308302223
685 - Others...
686
687 Neither -ck nor systrace are included anymore.
688
689 *hardened-sources-2.4.22-r2 (05 Jan 2004)
690
691 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
692 hardened-sources-2.4.22-r2.ebuild:
693 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
694
695 *hardened-sources-2.4.22-r1 (02 Dec 2003)
696
697 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
698 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
699
700 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
701 hardened-sources-2.4.22-r1.ebuild:
702 Version bump for the 'do_brk' vulnerability.
703
704 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
705 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
706 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
707 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
708 Fix the 'do_brk' vulnerability.
709
710 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
711 hardened-sources-2.4.22.ebuild:
712 - Removed the src_install() portion for SELinux flask
713 components. These are no longer handled in the kernel
714 so this code was not necessary.
715
716 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
717 New 2.4.22 based hardened-sources thanks to
718 Phil West <p.west@computer.org>.
719
720 These sources include:
721 - New SELinux API
722 - Updated CK-base
723 - Updated GRSec
724 - Systrace
725 - SuperFreeS/WAN 1.99.8
726 - Propolice kernel build support
727 - EVMS
728 - Other various security related patches
729
730 *hardened-sources-2.4.21 (14 Sep 2003)
731
732 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
733 Updated hardened-sources based on the 2.4.21 Linux kernel.
734 This includes updates to most major components such as:
735 - ck-base-0306300059
736 - selinux-2.4-2003071106
737 - grsecurity-2.0-rc1
738 - Updated IPTables patch-o-matic
739 - Updated SuperFreeS/WAN
740
741 Thanks to Phil West <pwest@computer.org> for his work in getting this
742 updated patch set ready for the 2.4.21 based kernel.
743
744 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
745 Initial import of hardened-sources-2.4.20-r4. This revision
746 includes only a few changes, but one of these is an important
747 security fix. It is recommended all users of hardened-sources
748 upgrade to this release.
749
750 - ioperm bug fix
751 - fixed compilation failure when building without GRSec
752
753 SAL (Secure Auditing for Linux) is NOT included in this revision
754 due to time constraints, but is planned for inclusion in the near
755 future.
756
757 *hardened-sources-2.4.20-r2 (12 Jun 2003)
758
759 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
760 hardened-sources-2.4.20-r3.ebuild:
761 Add Header...
762
763 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
764 hardened-sources-2.4.20-r3.ebuild:
765 Removed warnings from ebuild. This kernel should be safe to
766 use at this point.
767
768 *hardened-sources-2.4.20-r3 (08 Jun 2003)
769
770 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
771 hardened-sources-2.4.20-r3.ebuild:
772 New revision. Includes the following changes over -r2:
773
774 - ck7-base (O(1), preempt, low latency)
775 - Super FreeS/WAN 1.99.7rc2
776 - PaX for the LSM/SELinux branch
777 - GRSecurity 2.0-pre4 (role based access control)
778 - Systrace 1.3
779 - EXT3 fixes
780 - EVMS 2.0.1
781 - GCC 3.1+ compile optimizations
782 - ProPolice kernel build support
783 - Hashing table security fixes
784
785 *hardened-sources-2.4.20-r1 (09 Apr 2003)
786
787 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
788 Initial import of hardened-sources-r2. This new
789 ebuild includes many new performance and security
790 related patches. As in -r1, it will patch in
791 LSM/SELinux if "selinux" is in USE, otherwise it
792 will patch in GRSecurity. The following patches
793 are included in this revision:
794
795 - O(1) Scheduler, Low Latency, and Preempt
796 (pulled from the base CK patch)
797 - ptrace exploit patch for the LSM kernel
798 (the GRSec patch already fixes this)
799 - LSM 2.4-2003040709
800 - SELinux 2.4-2003040709
801 - Systrace v1.2
802 - IPTables patch-o-matic base patches - 20030107
803 - CryptoAPI 2.4.20.1 w/ loop-jari patch
804 - Super FreeS/WAN 1.99.6.1
805 - GRSecurity 1.9.9g
806 - MPPE
807 - EXT3 data journal fix
808 - CIPE 1.5.4
809
810 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
811 hardened-sources-2.4.20-r1.ebuild, manifest:
812 Updated to install flask components correctly for selinux.
813
814 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
815 hardened-sources-2.4.20-r1.ebuild:
816 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
817 is patched in instead. Ptrace patches for selinux have also been added. In
818 either case, systrace support will be patched in as well.
819
820 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
821 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
822 Revision bump for new sources.
823
824 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
825 hardened-sources-2.4.20-r1.ebuild:
826 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
827
828 *hardened-sources-2.4.20 (30 Mar 2003)
829
830 30 Mar 2003; Joshua Brindle <method@gentoo.org>
831 hardened-sources-2.4.20.ebuild:
832 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20