/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.130 - (show annotations) (download)
Thu Jan 11 22:37:32 2007 UTC (7 years, 6 months ago) by opfer
Branch: MAIN
Changes since 1.129: +6 -2 lines
stable x86, bug #161171
(Portage version: 2.1.1-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.129 2006/12/27 19:25:47 phreak Exp $
4
5 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
6 hardened-sources-2.4.33.4.ebuild:
7 stable x86, bug #161171
8
9 *hardened-sources-2.6.19-r3 (27 Dec 2006)
10
11 27 Dec 2006; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
13 Revision bump for bug #157186 and #158786.
14
15 *hardened-sources-2.6.18-r4 (27 Dec 2006)
16
17 27 Dec 2006; Christian Heim <phreak@gentoo.org>
18 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
19 Revision bump for bug #157186.
20
21 *hardened-sources-2.6.19-r2 (23 Dec 2006)
22
23 23 Dec 2006; Christian Heim <phreak@gentoo.org>
24 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
25 Revision bump to pull in genpatches-2.6.19-3 for #157186.
26
27 17 Dec 2006; Christian Heim <phreak@gentoo.org>
28 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
29 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
30 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
31 hardened-sources-2.6.19-r1.ebuild:
32 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
33 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
34
35 *hardened-sources-2.4.33.4 (17 Dec 2006)
36
37 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
38 +hardened-sources-2.4.33.4.ebuild:
39 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
40 and quilting
41
42 *hardened-sources-2.6.19-r1 (14 Dec 2006)
43
44 14 Dec 2006; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
46 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
47 for reporting).
48
49 *hardened-sources-2.6.19 (13 Dec 2006)
50
51 13 Dec 2006; Christian Heim <phreak@gentoo.org>
52 +hardened-sources-2.6.19.ebuild:
53 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
54 Brad for providing that prompt update.
55
56 *hardened-sources-2.6.18-r3 (13 Dec 2006)
57
58 13 Dec 2006; Christian Heim <phreak@gentoo.org>
59 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
60 +hardened-sources-2.6.18-r3.ebuild:
61 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
62 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
63
64 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
65 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
66
67 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
68 Stable on ppc wrt bug 157356
69
70 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
71 hardened-sources-2.6.18.ebuild:
72 stable x86, bug #157356
73
74 *hardened-sources-2.6.18-r2 (06 Dec 2006)
75
76 06 Dec 2006; Christian Heim <phreak@gentoo.org>
77 +hardened-sources-2.6.18-r2.ebuild:
78 Revision bump, including 2.6.18.5 (via genpatches) and
79 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
80 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
81 redesign.
82
83 06 Dec 2006; Christian Heim <phreak@gentoo.org>
84 hardened-sources-2.6.18.ebuild:
85 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
86 of Mike Doty).
87
88 *hardened-sources-2.6.18-r1 (23 Nov 2006)
89
90 23 Nov 2006; Christian Heim <phreak@gentoo.org>
91 +hardened-sources-2.6.18-r1.ebuild:
92 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
93
94 *hardened-sources-2.6.18 (11 Nov 2006)
95
96 11 Nov 2006; Christian Heim <phreak@gentoo.org>
97 +hardened-sources-2.6.18.ebuild:
98 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
99
100 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
101 - mark amd64 stable also. bug #151877
102
103 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
104 - mark 2.6.17-r1 stable
105
106 27 Aug 2006; Christian Heim <phreak@gentoo.org>
107 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
108 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
109
110 *hardened-sources-2.6.17-r1 (26 Aug 2006)
111
112 26 Aug 2006; Christian Heim <phreak@gentoo.org>
113 +hardened-sources-2.6.17-r1.ebuild:
114 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
115 grsecurity patch.
116
117 *hardened-sources-2.6.17 (17 Aug 2006)
118
119 17 Aug 2006; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.6.17.ebuild:
121 Bumping the hardened-sources-2.6 series to 2.6.17, using
122 genpatches-2.6.17-6.base.
123
124 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
125 - stable on x86 and amd64
126
127 *hardened-sources-2.6.16-r11 (15 Jul 2006)
128
129 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
130 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
131 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
132 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
133 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
134 crusty ebuilds
135
136 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
137 hardened-sources-2.6.16-r10.ebuild:
138 marking stable on x86 and amd64
139
140 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
141 - 2.4.32-r6 stable on x86. RSBAC state unknown
142
143 *hardened-sources-2.4.32-r7 (10 Jul 2006)
144
145 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
146 +hardened-sources-2.4.32-r7.ebuild:
147 Bump PaX for RSBAC to test-17
148
149 *hardened-sources-2.6.16-r9 (03 Jul 2006)
150
151 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
152 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
153 hardened-sources-2.6.16 bump to latest -base.
154
155 *hardened-sources-2.4.32-r6 (30 Jun 2006)
156
157 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
158 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
159 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
160 sysctl controlable resource logging
161
162 *hardened-sources-2.6.16-r7 (05 Jun 2006)
163
164 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
165 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
166 push new 2.6.16 release in preparation for stable
167
168 22 May 2006; <solar@gentoo.org> :
169 - redigest bug 134002
170
171 *hardened-sources-2.4.32-r5 (16 May 2006)
172
173 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
174 +hardened-sources-2.4.32-r5.ebuild:
175 Fixes rsbac common patching (new patch in new -r5 patchset)
176
177 *hardened-sources-2.4.32-r4 (13 May 2006)
178
179 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
180 +hardened-sources-2.4.32-r4.ebuild:
181 - security bumps
182
183 *hardened-sources-2.6.16-r6 (03 May 2006)
184
185 03 May 2006; John Mylchreest <johnm@gentoo.org>
186 +hardened-sources-2.6.16-r6.ebuild:
187 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
188
189 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
190 hardened-sources-2.6.14-r8.ebuild:
191 fix x86_64 build problem, this will delay the digest issue again for a short
192 while but it will sort itself out
193
194 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
195 hardened-sources-2.6.14-r8.ebuild:
196 bump hardened patchset
197
198 27 Apr 2006; Alec Warner <antarus@gentoo.org>
199 files/digest-hardened-sources-2.4.32-r2,
200 files/digest-hardened-sources-2.4.32-r3,
201 files/digest-hardened-sources-2.6.14-r8, Manifest:
202 Fixing duff SHA256 digests: Bug # 131293
203
204 *hardened-sources-2.6.16-r5 (27 Apr 2006)
205
206 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
207 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
208 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
209 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
210 cleanup of old uneccessary sources
211
212 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
213 fix digest
214
215 *hardened-sources-2.6.14-r8 (20 Apr 2006)
216
217 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
218 +hardened-sources-2.6.14-r8.ebuild:
219 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
220
221 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
222 Turning on gpg-signing again, and recomitting
223
224 *hardened-sources-2.6.16-r4 (20 Apr 2006)
225
226 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
227 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
228 +hardened-sources-2.6.16-r4.ebuild:
229 Fix numerous security vulns
230
231 *hardened-sources-2.4.32-r3 (16 Apr 2006)
232
233 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
234 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
235 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
236 - security bump for bug #112791. Removed old ebuilds
237
238 *hardened-sources-2.6.16-r3 (15 Apr 2006)
239
240 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
241 +hardened-sources-2.6.16-r3.ebuild:
242 Removing silly localversion which I missed
243
244 *hardened-sources-2.6.14-r7 (14 Apr 2006)
245
246 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
247 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
248 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
249
250 *hardened-sources-2.6.16-r2 (13 Apr 2006)
251
252 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
253 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
254 +hardened-sources-2.6.16-r2.ebuild:
255 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
256 labels, dropping USERGROUP define fixes, since these were merged mainstream.
257
258 *hardened-sources-2.6.16-r1 (11 Apr 2006)
259
260 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
261 +hardened-sources-2.6.16-r1.ebuild:
262 Bumping to include ppc build fix and 2.6.16.3
263
264 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
265 hardened-sources-2.6.14-r6.ebuild:
266 Stable on x86; bug #127718
267
268 *hardened-sources-2.6.16 (31 Mar 2006)
269
270 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
271 +hardened-sources-2.6.16.ebuild:
272 Bumping to new version of grsec, and kernel base. New squashfs. Based on
273 2.6.16.1
274
275 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
276 hardened-sources-2.6.14-r6.ebuild:
277 Stable on amd64, bug 127718.
278
279 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
280 Stable on ppc. Bug #127718
281
282 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
283 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
284 -hardened-sources-2.6.14-r4.ebuild:
285 Cleanup.
286
287 *hardened-sources-2.6.14-r6 (15 Mar 2006)
288
289 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
290 +hardened-sources-2.6.14-r6.ebuild:
291 Fixes grsec policy recreation bug and adds a
292 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
293
294 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
295 - stable on x86
296
297 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
298 hardened-sources-2.6.14-r5.ebuild:
299 Stable on ppc.
300
301 *hardened-sources-2.6.14-r5 (01 Feb 2006)
302
303 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
304 +hardened-sources-2.6.14-r5.ebuild:
305 fixing every known exploit
306
307 *hardened-sources-2.4.32-r2 (26 Jan 2006)
308
309 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
310 +hardened-sources-2.4.32-r2.ebuild:
311 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
312
313 *hardened-sources-2.6.14-r4 (12 Jan 2006)
314
315 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
316 - version bump for new genpatches which fix up a few sec holes
317
318 *hardened-sources-2.4.32-r1 (05 Jan 2006)
319
320 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
321 - revision bump to add misc vital linux kernel security patches.
322
323 *hardened-sources-2.6.14-r3 (30 Dec 2005)
324
325 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
326 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
327 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
328
329 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
330 hardened-sources-2.6.14-r2.ebuild:
331 making x86 & amd64 stable following testing.
332
333 *hardened-sources-2.6.14-r2 (27 Dec 2005)
334
335 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
336 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
337 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
338 network hooks.
339
340 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
341 hardened-sources-2.6.14-r1.ebuild:
342 bumping to stable early for sec fix on x86 & amd64
343
344 *hardened-sources-2.6.14-r1 (05 Dec 2005)
345
346 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
347 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
348 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
349
350 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
351 - stable on x86 security bug #114227 CAN-2005-3257
352
353 *hardened-sources-2.4.32 (19 Nov 2005)
354
355 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
356 +hardened-sources-2.4.32.ebuild:
357 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
358 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
359 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
360 rsbac >> /etc/portage/package.use)
361
362 *hardened-sources-2.6.14 (14 Nov 2005)
363
364 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
365 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
366 Bumping 2.6 series to 2.6.14.2
367
368 *hardened-sources-2.6.13-r2 (20 Oct 2005)
369
370 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
371 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
372 +hardened-sources-2.6.13-r2.ebuild:
373 Fixes minor build error in ppc.
374
375 *hardened-sources-2.6.13-r1 (17 Oct 2005)
376
377 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
378 +hardened-sources-2.6.13-r1.ebuild:
379 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
380 2.6.13.4, fixes some major amd64 stability problems.
381
382 *hardened-sources-2.6.13 (16 Sep 2005)
383
384 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
385 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
386 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
387 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
388 users should test this thoroughly.
389
390 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
391 - stable on x86
392
393 *hardened-sources-2.6.11-r15 (27 Jun 2005)
394
395 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
396 +hardened-sources-2.6.11-r15.ebuild:
397 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
398 grsec redefining curr_ip struct.
399
400 *hardened-sources-2.4.31 (20 Jun 2005)
401
402 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
403 initial import of 2.4.31 tree
404
405 *hardened-sources-2.6.11-r14 (14 Jun 2005)
406
407 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
408 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
409 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
410 naming scheme to abide by genpatches
411
412 *hardened-sources-2.6.11-r13 (18 May 2005)
413
414 18 May 2005; John Mylchreest <johnm@gentoo.org>
415 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
416 Managed to mangle the Makefile patch from grsec, to miss out the grsec
417 target. sorry about that. Fixes bug #93022
418
419 *hardened-sources-2.6.11-r12 (17 May 2005)
420
421 17 May 2005; John Mylchreest <johnm@gentoo.org>
422 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
423 +hardened-sources-2.6.11-r12.ebuild:
424 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
425 merges in genpatches-base
426
427 *hardened-sources-2.6.11-r12 (17 May 2005)
428
429 17 May 2005; John Mylchreest <johnm@gentoo.org>
430 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
431 +hardened-sources-2.6.11-r12.ebuild:
432 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
433 merges in genpatches-base
434
435 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
436 -files/2.4.27-cmdline-race.patch,
437 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
438 -files/2.4.28-grsec-binfmt_a.out.patch,
439 -files/2.4.28-grsec-cmdline-race.patch,
440 -files/2.4.28-selinux-binfmt_a.out.patch,
441 -files/2.4.28-selinux-cmdline-race.patch,
442 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
443 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
444 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
445 cleanup..
446
447 *hardened-sources-2.4.30-r1 (21 Apr 2005)
448
449 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
450 - disable aout by default
451
452 *hardened-sources-2.4.30 (18 Apr 2005)
453
454 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
455 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
456 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
457 use
458
459 *hardened-sources-2.4.29 (30 Mar 2005)
460
461 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
462 +hardened-sources-2.4.29.ebuild:
463 New hardened-patches-2.4-29.0 patchball.
464 Removed SELinux support, upgraded GRSecurity to 2.1.4.
465
466 *hardened-sources-2.4.28-r5 (06 Mar 2005)
467
468 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
469 +hardened-sources-2.4.28-r5.ebuild:
470 Added a fix for a PaX vulnerability.
471
472 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
473 hardened-sources-2.4.28-r4.ebuild:
474 Stable on x86
475
476 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
477 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
478 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
479 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
480 - fixed/added RDEPEND= in all kernel-2 ebuilds
481
482 *hardened-sources-2.4.28-r4 (21 Jan 2005)
483
484 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
485 +hardened-sources-2.4.28-r4.ebuild:
486 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
487 backport of neighbour hash updates.
488
489 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
490 hardened-sources-2.4.28-r3.ebuild:
491 Stable on x86
492
493 *hardened-sources-2.6.10-r3 (20 Jan 2005)
494
495 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
496 +hardened-sources-2.6.10-r3.ebuild:
497 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
498 in 2005.0
499
500 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
501 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
502 hardened-sources-2.4.28-r2.ebuild:
503 Mark stable on x86
504
505 *hardened-sources-2.4.28-r3 (17 Jan 2005)
506
507 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
508 +hardened-sources-2.4.28-r3.ebuild:
509 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
510
511 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
512 hardened-sources-2.4.28.ebuild:
513 Mark stable on x86.
514
515 *hardened-sources-2.4.28-r2 (13 Jan 2005)
516
517 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
518 +hardened-sources-2.4.28-r2.ebuild:
519 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
520 Mazinger for grsecurity patches as well.
521
522 *hardened-sources-2.4.28-r1 (23 Dec 2004)
523
524 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
525 Security bump. Thank tocharian for rolling a new patchset...
526
527 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
528 +files/2.4.28-grsec-cmdline-race.patch,
529 +files/2.4.28-selinux-binfmt_a.out.patch,
530 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
531 - Round up remaining security patches that appear to be missing in 2.4.28. -
532 PaX standalone updated to current. hgpv=28.1
533
534 *hardened-sources-2.4.28 (28 Nov 2004)
535
536 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
537 security bump. Thank tocharian for rolling a new patchset
538
539 *hardened-sources-2.4.27-r3 (08 Sep 2004)
540
541 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
542 +hardened-sources-2.4.27-r3.ebuild:
543 Applies the new 2.4-27.2 patchball which updates
544 GRSecurity to the 2.0.1 version.
545
546 *hardened-sources-2.4.27-r2 (31 Aug 2004)
547
548 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
549 +hardened-sources-2.4.27-r2.ebuild:
550 Version bump.
551 This version uses the new 2.4-27.1 patchball which updates
552 both the SELinux PaX hooks patch and the SELinux headers.
553
554 *hardened-sources-2.4.27-r1 (09 Aug 2004)
555
556 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
557 +hardened-sources-2.4.27-r1.ebuild,
558 -hardened-sources-2.4.27.ebuild,
559 +files/2.4.27-cmdline-race.patch:
560 Version bump, fix for cmdline race. See bug #59905.
561
562 *hardened-sources-2.4.26-r6 (09 Aug 2004)
563
564 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
565 +hardened-sources-2.4.26-r6.ebuild,
566 -hardened-sources-2.4.26-r5.ebuild,
567 -hardened-sources-2.4.26-r4.ebuild,
568 +files/2.4.26-cmdline-race.patch:
569 Version bump, fix for cmdline race. See bug #59905.
570
571 *hardened-sources-2.4.27 (08 Aug 2004)
572
573 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
574 +hardened-sources-2.4.27.ebuild,
575 +files/2.4.27-CAN-2004-0394.patch:
576 Ported the patchball to the 2.4.27 kernel version.
577
578 *hardened-sources-2.4.26-r5 (07 Aug 2004)
579
580 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
581 +hardened-sources-2.4.26-r5.ebuild:
582 Updated to use the new hardened-patches-2.4-26.1 patchball.
583 It adds the following features:
584 - Squashfs
585 - Ebtables
586 - Netdev random (core+drivers)
587 - Watchdog Timer (WDT) fix.
588
589 *hardened-sources-2.4.26-r4 (04 Aug 2004)
590
591 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
592 +hardened-sources-2.4.26-r4.ebuild,
593 +files/2.4.26-CAN-2004-0415.patch,
594 -hardened-sources-2.4.26-3:
595 Version bump, fix for CAN 0415, see bug #59378.
596
597 *hardened-sources-2.4.26-r3 (22 Jul 2004)
598
599 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
600 +hardened-sources-2.4.26-r3.ebuild,
601 +files/2.4.26-CAN-2004-0497.patch,
602 -hardened-sources-2.4.26-r2.ebuild:
603 Version bump, fixed CAN 0497, see bug #56171.
604
605 *hardened-sources-2.4.26-r2 (29 Jun 2004)
606
607 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
608 +hardened-sources-2.4.26-r2.ebuild,
609 +files/2.4.26-CAN-2004-0495.patch,
610 +files/2.4.26-CAN-2004-0535.patch,
611 -hardened-sources-2.4.26-r1.ebuild:
612 Fixes for both CAN 0495 and 0535, see bug #54976
613
614 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
615 hardened-sources-2.4.26-r1.ebuild:
616 QA - fix use invocation
617
618 *hardened-sources-2.4.26-r1 (22 June 2004)
619
620 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
621 +hardened-sources-2.4.26-r1.ebuild,
622 +files/2.4.26-CAN-2004-0394.patch,
623 +files/2.4.26-signal-race.patch,
624 -hardened-sources-2.4.26.ebuild,
625 -hardened-sources-2.4.24-r3.ebuild:
626 Version bump for the CAN-2004-0394 issue and bug #53804
627 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
628
629
630 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
631 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
632 Masked hardened-sources-2.4.26.ebuild broken for ppc
633
634 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
635 hardened-sources-2.4.24-r3.ebuild:
636 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
637
638 *hardened-sources-2.4.26 (29 May 2004)
639
640 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
641 +hardened-sources-2.4.26.ebuild:
642 Updated hardened-sources for the 2.4.26 kernel
643 Removed broken components, updated almost everything.
644
645 *hardened-sources-2.4.24-r3 (17 Apr 2004)
646
647 17 Apr 2004; <plasmaroo@gentoo.org>
648 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
649 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
650 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
651 +hardened-sources-2.4.24-r3.ebuild:
652 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
653 vulnerabilities. Old revisions removed.
654
655 *hardened-sources-2.4.24-r2 (15 Apr 2004)
656
657 15 Apr 2004; <plasmaroo@gentoo.org>
658 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
659 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
660 Version bump for the CAN-2004-0109 issue; bug #47881.
661
662 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
663 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
664 Add eutils to inherit.
665
666 *hardened-sources-2.4.24-r1 (19 Feb 2004)
667
668 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
669 files/hardened-sources-2.4.24.munmap.patch:
670 Added the patch for the mremap/munmap vulnerability. Bug #42024.
671
672 *hardened-sources-2.4.24 (06 Feb 2004)
673
674 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
675 hardened-sources-2.4.24.ebuild:
676 Version bump, updated most of the components.
677 This release includes the following:
678
679 - Hardened security
680 - Netfilter patch-o-matic 20031219
681 - FreeSWAN 2.04 & x509 1.4.8
682 - EVMS 2.2.2
683 - XFS 1.3.1
684 - cryptoloop jari
685 - grsecurity 2.0-rc4
686 - SELinux
687 - PaX 200402060000
688 - PaX Obscurity 200308302223
689 - Others...
690
691 Neither -ck nor systrace are included anymore.
692
693 *hardened-sources-2.4.22-r2 (05 Jan 2004)
694
695 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
696 hardened-sources-2.4.22-r2.ebuild:
697 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
698
699 *hardened-sources-2.4.22-r1 (02 Dec 2003)
700
701 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
702 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
703
704 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
705 hardened-sources-2.4.22-r1.ebuild:
706 Version bump for the 'do_brk' vulnerability.
707
708 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
709 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
710 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
711 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
712 Fix the 'do_brk' vulnerability.
713
714 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
715 hardened-sources-2.4.22.ebuild:
716 - Removed the src_install() portion for SELinux flask
717 components. These are no longer handled in the kernel
718 so this code was not necessary.
719
720 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
721 New 2.4.22 based hardened-sources thanks to
722 Phil West <p.west@computer.org>.
723
724 These sources include:
725 - New SELinux API
726 - Updated CK-base
727 - Updated GRSec
728 - Systrace
729 - SuperFreeS/WAN 1.99.8
730 - Propolice kernel build support
731 - EVMS
732 - Other various security related patches
733
734 *hardened-sources-2.4.21 (14 Sep 2003)
735
736 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
737 Updated hardened-sources based on the 2.4.21 Linux kernel.
738 This includes updates to most major components such as:
739 - ck-base-0306300059
740 - selinux-2.4-2003071106
741 - grsecurity-2.0-rc1
742 - Updated IPTables patch-o-matic
743 - Updated SuperFreeS/WAN
744
745 Thanks to Phil West <pwest@computer.org> for his work in getting this
746 updated patch set ready for the 2.4.21 based kernel.
747
748 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
749 Initial import of hardened-sources-2.4.20-r4. This revision
750 includes only a few changes, but one of these is an important
751 security fix. It is recommended all users of hardened-sources
752 upgrade to this release.
753
754 - ioperm bug fix
755 - fixed compilation failure when building without GRSec
756
757 SAL (Secure Auditing for Linux) is NOT included in this revision
758 due to time constraints, but is planned for inclusion in the near
759 future.
760
761 *hardened-sources-2.4.20-r2 (12 Jun 2003)
762
763 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
764 hardened-sources-2.4.20-r3.ebuild:
765 Add Header...
766
767 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
768 hardened-sources-2.4.20-r3.ebuild:
769 Removed warnings from ebuild. This kernel should be safe to
770 use at this point.
771
772 *hardened-sources-2.4.20-r3 (08 Jun 2003)
773
774 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
775 hardened-sources-2.4.20-r3.ebuild:
776 New revision. Includes the following changes over -r2:
777
778 - ck7-base (O(1), preempt, low latency)
779 - Super FreeS/WAN 1.99.7rc2
780 - PaX for the LSM/SELinux branch
781 - GRSecurity 2.0-pre4 (role based access control)
782 - Systrace 1.3
783 - EXT3 fixes
784 - EVMS 2.0.1
785 - GCC 3.1+ compile optimizations
786 - ProPolice kernel build support
787 - Hashing table security fixes
788
789 *hardened-sources-2.4.20-r1 (09 Apr 2003)
790
791 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
792 Initial import of hardened-sources-r2. This new
793 ebuild includes many new performance and security
794 related patches. As in -r1, it will patch in
795 LSM/SELinux if "selinux" is in USE, otherwise it
796 will patch in GRSecurity. The following patches
797 are included in this revision:
798
799 - O(1) Scheduler, Low Latency, and Preempt
800 (pulled from the base CK patch)
801 - ptrace exploit patch for the LSM kernel
802 (the GRSec patch already fixes this)
803 - LSM 2.4-2003040709
804 - SELinux 2.4-2003040709
805 - Systrace v1.2
806 - IPTables patch-o-matic base patches - 20030107
807 - CryptoAPI 2.4.20.1 w/ loop-jari patch
808 - Super FreeS/WAN 1.99.6.1
809 - GRSecurity 1.9.9g
810 - MPPE
811 - EXT3 data journal fix
812 - CIPE 1.5.4
813
814 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
815 hardened-sources-2.4.20-r1.ebuild, manifest:
816 Updated to install flask components correctly for selinux.
817
818 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
819 hardened-sources-2.4.20-r1.ebuild:
820 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
821 is patched in instead. Ptrace patches for selinux have also been added. In
822 either case, systrace support will be patched in as well.
823
824 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
825 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
826 Revision bump for new sources.
827
828 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
829 hardened-sources-2.4.20-r1.ebuild:
830 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
831
832 *hardened-sources-2.4.20 (30 Mar 2003)
833
834 30 Mar 2003; Joshua Brindle <method@gentoo.org>
835 hardened-sources-2.4.20.ebuild:
836 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20