/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.131 - (show annotations) (download)
Sun Jan 14 05:35:01 2007 UTC (7 years, 6 months ago) by phreak
Branch: MAIN
Changes since 1.130: +8 -1 lines
Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus dropping the randomized PID feature.
(Portage version: 2.1.2_rc4-r6)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.130 2007/01/11 22:37:32 opfer Exp $
4
5 *hardened-sources-2.6.19-r4 (14 Jan 2007)
6
7 14 Jan 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.19-r4.ebuild:
9 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
10 dropping the randomized PID feature.
11
12 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
13 hardened-sources-2.4.33.4.ebuild:
14 stable x86, bug #161171
15
16 *hardened-sources-2.6.19-r3 (27 Dec 2006)
17
18 27 Dec 2006; Christian Heim <phreak@gentoo.org>
19 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
20 Revision bump for bug #157186 and #158786.
21
22 *hardened-sources-2.6.18-r4 (27 Dec 2006)
23
24 27 Dec 2006; Christian Heim <phreak@gentoo.org>
25 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
26 Revision bump for bug #157186.
27
28 *hardened-sources-2.6.19-r2 (23 Dec 2006)
29
30 23 Dec 2006; Christian Heim <phreak@gentoo.org>
31 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
32 Revision bump to pull in genpatches-2.6.19-3 for #157186.
33
34 17 Dec 2006; Christian Heim <phreak@gentoo.org>
35 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
36 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
37 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
38 hardened-sources-2.6.19-r1.ebuild:
39 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
40 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
41
42 *hardened-sources-2.4.33.4 (17 Dec 2006)
43
44 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
45 +hardened-sources-2.4.33.4.ebuild:
46 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
47 and quilting
48
49 *hardened-sources-2.6.19-r1 (14 Dec 2006)
50
51 14 Dec 2006; Christian Heim <phreak@gentoo.org>
52 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
53 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
54 for reporting).
55
56 *hardened-sources-2.6.19 (13 Dec 2006)
57
58 13 Dec 2006; Christian Heim <phreak@gentoo.org>
59 +hardened-sources-2.6.19.ebuild:
60 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
61 Brad for providing that prompt update.
62
63 *hardened-sources-2.6.18-r3 (13 Dec 2006)
64
65 13 Dec 2006; Christian Heim <phreak@gentoo.org>
66 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
67 +hardened-sources-2.6.18-r3.ebuild:
68 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
69 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
70
71 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
72 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
73
74 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
75 Stable on ppc wrt bug 157356
76
77 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
78 hardened-sources-2.6.18.ebuild:
79 stable x86, bug #157356
80
81 *hardened-sources-2.6.18-r2 (06 Dec 2006)
82
83 06 Dec 2006; Christian Heim <phreak@gentoo.org>
84 +hardened-sources-2.6.18-r2.ebuild:
85 Revision bump, including 2.6.18.5 (via genpatches) and
86 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
87 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
88 redesign.
89
90 06 Dec 2006; Christian Heim <phreak@gentoo.org>
91 hardened-sources-2.6.18.ebuild:
92 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
93 of Mike Doty).
94
95 *hardened-sources-2.6.18-r1 (23 Nov 2006)
96
97 23 Nov 2006; Christian Heim <phreak@gentoo.org>
98 +hardened-sources-2.6.18-r1.ebuild:
99 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
100
101 *hardened-sources-2.6.18 (11 Nov 2006)
102
103 11 Nov 2006; Christian Heim <phreak@gentoo.org>
104 +hardened-sources-2.6.18.ebuild:
105 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
106
107 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
108 - mark amd64 stable also. bug #151877
109
110 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
111 - mark 2.6.17-r1 stable
112
113 27 Aug 2006; Christian Heim <phreak@gentoo.org>
114 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
115 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
116
117 *hardened-sources-2.6.17-r1 (26 Aug 2006)
118
119 26 Aug 2006; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.6.17-r1.ebuild:
121 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
122 grsecurity patch.
123
124 *hardened-sources-2.6.17 (17 Aug 2006)
125
126 17 Aug 2006; Christian Heim <phreak@gentoo.org>
127 +hardened-sources-2.6.17.ebuild:
128 Bumping the hardened-sources-2.6 series to 2.6.17, using
129 genpatches-2.6.17-6.base.
130
131 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
132 - stable on x86 and amd64
133
134 *hardened-sources-2.6.16-r11 (15 Jul 2006)
135
136 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
137 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
138 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
139 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
140 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
141 crusty ebuilds
142
143 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
144 hardened-sources-2.6.16-r10.ebuild:
145 marking stable on x86 and amd64
146
147 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
148 - 2.4.32-r6 stable on x86. RSBAC state unknown
149
150 *hardened-sources-2.4.32-r7 (10 Jul 2006)
151
152 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
153 +hardened-sources-2.4.32-r7.ebuild:
154 Bump PaX for RSBAC to test-17
155
156 *hardened-sources-2.6.16-r9 (03 Jul 2006)
157
158 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
159 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
160 hardened-sources-2.6.16 bump to latest -base.
161
162 *hardened-sources-2.4.32-r6 (30 Jun 2006)
163
164 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
165 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
166 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
167 sysctl controlable resource logging
168
169 *hardened-sources-2.6.16-r7 (05 Jun 2006)
170
171 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
172 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
173 push new 2.6.16 release in preparation for stable
174
175 22 May 2006; <solar@gentoo.org> :
176 - redigest bug 134002
177
178 *hardened-sources-2.4.32-r5 (16 May 2006)
179
180 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
181 +hardened-sources-2.4.32-r5.ebuild:
182 Fixes rsbac common patching (new patch in new -r5 patchset)
183
184 *hardened-sources-2.4.32-r4 (13 May 2006)
185
186 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
187 +hardened-sources-2.4.32-r4.ebuild:
188 - security bumps
189
190 *hardened-sources-2.6.16-r6 (03 May 2006)
191
192 03 May 2006; John Mylchreest <johnm@gentoo.org>
193 +hardened-sources-2.6.16-r6.ebuild:
194 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
195
196 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
197 hardened-sources-2.6.14-r8.ebuild:
198 fix x86_64 build problem, this will delay the digest issue again for a short
199 while but it will sort itself out
200
201 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
202 hardened-sources-2.6.14-r8.ebuild:
203 bump hardened patchset
204
205 27 Apr 2006; Alec Warner <antarus@gentoo.org>
206 files/digest-hardened-sources-2.4.32-r2,
207 files/digest-hardened-sources-2.4.32-r3,
208 files/digest-hardened-sources-2.6.14-r8, Manifest:
209 Fixing duff SHA256 digests: Bug # 131293
210
211 *hardened-sources-2.6.16-r5 (27 Apr 2006)
212
213 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
214 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
215 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
216 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
217 cleanup of old uneccessary sources
218
219 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
220 fix digest
221
222 *hardened-sources-2.6.14-r8 (20 Apr 2006)
223
224 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
225 +hardened-sources-2.6.14-r8.ebuild:
226 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
227
228 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
229 Turning on gpg-signing again, and recomitting
230
231 *hardened-sources-2.6.16-r4 (20 Apr 2006)
232
233 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
234 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
235 +hardened-sources-2.6.16-r4.ebuild:
236 Fix numerous security vulns
237
238 *hardened-sources-2.4.32-r3 (16 Apr 2006)
239
240 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
241 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
242 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
243 - security bump for bug #112791. Removed old ebuilds
244
245 *hardened-sources-2.6.16-r3 (15 Apr 2006)
246
247 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
248 +hardened-sources-2.6.16-r3.ebuild:
249 Removing silly localversion which I missed
250
251 *hardened-sources-2.6.14-r7 (14 Apr 2006)
252
253 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
254 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
255 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
256
257 *hardened-sources-2.6.16-r2 (13 Apr 2006)
258
259 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
260 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
261 +hardened-sources-2.6.16-r2.ebuild:
262 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
263 labels, dropping USERGROUP define fixes, since these were merged mainstream.
264
265 *hardened-sources-2.6.16-r1 (11 Apr 2006)
266
267 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
268 +hardened-sources-2.6.16-r1.ebuild:
269 Bumping to include ppc build fix and 2.6.16.3
270
271 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
272 hardened-sources-2.6.14-r6.ebuild:
273 Stable on x86; bug #127718
274
275 *hardened-sources-2.6.16 (31 Mar 2006)
276
277 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
278 +hardened-sources-2.6.16.ebuild:
279 Bumping to new version of grsec, and kernel base. New squashfs. Based on
280 2.6.16.1
281
282 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
283 hardened-sources-2.6.14-r6.ebuild:
284 Stable on amd64, bug 127718.
285
286 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
287 Stable on ppc. Bug #127718
288
289 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
290 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
291 -hardened-sources-2.6.14-r4.ebuild:
292 Cleanup.
293
294 *hardened-sources-2.6.14-r6 (15 Mar 2006)
295
296 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
297 +hardened-sources-2.6.14-r6.ebuild:
298 Fixes grsec policy recreation bug and adds a
299 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
300
301 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
302 - stable on x86
303
304 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
305 hardened-sources-2.6.14-r5.ebuild:
306 Stable on ppc.
307
308 *hardened-sources-2.6.14-r5 (01 Feb 2006)
309
310 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
311 +hardened-sources-2.6.14-r5.ebuild:
312 fixing every known exploit
313
314 *hardened-sources-2.4.32-r2 (26 Jan 2006)
315
316 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
317 +hardened-sources-2.4.32-r2.ebuild:
318 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
319
320 *hardened-sources-2.6.14-r4 (12 Jan 2006)
321
322 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
323 - version bump for new genpatches which fix up a few sec holes
324
325 *hardened-sources-2.4.32-r1 (05 Jan 2006)
326
327 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
328 - revision bump to add misc vital linux kernel security patches.
329
330 *hardened-sources-2.6.14-r3 (30 Dec 2005)
331
332 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
333 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
334 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
335
336 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
337 hardened-sources-2.6.14-r2.ebuild:
338 making x86 & amd64 stable following testing.
339
340 *hardened-sources-2.6.14-r2 (27 Dec 2005)
341
342 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
343 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
344 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
345 network hooks.
346
347 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
348 hardened-sources-2.6.14-r1.ebuild:
349 bumping to stable early for sec fix on x86 & amd64
350
351 *hardened-sources-2.6.14-r1 (05 Dec 2005)
352
353 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
354 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
355 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
356
357 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
358 - stable on x86 security bug #114227 CAN-2005-3257
359
360 *hardened-sources-2.4.32 (19 Nov 2005)
361
362 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
363 +hardened-sources-2.4.32.ebuild:
364 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
365 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
366 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
367 rsbac >> /etc/portage/package.use)
368
369 *hardened-sources-2.6.14 (14 Nov 2005)
370
371 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
372 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
373 Bumping 2.6 series to 2.6.14.2
374
375 *hardened-sources-2.6.13-r2 (20 Oct 2005)
376
377 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
378 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
379 +hardened-sources-2.6.13-r2.ebuild:
380 Fixes minor build error in ppc.
381
382 *hardened-sources-2.6.13-r1 (17 Oct 2005)
383
384 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
385 +hardened-sources-2.6.13-r1.ebuild:
386 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
387 2.6.13.4, fixes some major amd64 stability problems.
388
389 *hardened-sources-2.6.13 (16 Sep 2005)
390
391 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
392 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
393 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
394 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
395 users should test this thoroughly.
396
397 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
398 - stable on x86
399
400 *hardened-sources-2.6.11-r15 (27 Jun 2005)
401
402 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
403 +hardened-sources-2.6.11-r15.ebuild:
404 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
405 grsec redefining curr_ip struct.
406
407 *hardened-sources-2.4.31 (20 Jun 2005)
408
409 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
410 initial import of 2.4.31 tree
411
412 *hardened-sources-2.6.11-r14 (14 Jun 2005)
413
414 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
415 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
416 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
417 naming scheme to abide by genpatches
418
419 *hardened-sources-2.6.11-r13 (18 May 2005)
420
421 18 May 2005; John Mylchreest <johnm@gentoo.org>
422 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
423 Managed to mangle the Makefile patch from grsec, to miss out the grsec
424 target. sorry about that. Fixes bug #93022
425
426 *hardened-sources-2.6.11-r12 (17 May 2005)
427
428 17 May 2005; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
430 +hardened-sources-2.6.11-r12.ebuild:
431 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
432 merges in genpatches-base
433
434 *hardened-sources-2.6.11-r12 (17 May 2005)
435
436 17 May 2005; John Mylchreest <johnm@gentoo.org>
437 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
438 +hardened-sources-2.6.11-r12.ebuild:
439 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
440 merges in genpatches-base
441
442 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
443 -files/2.4.27-cmdline-race.patch,
444 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
445 -files/2.4.28-grsec-binfmt_a.out.patch,
446 -files/2.4.28-grsec-cmdline-race.patch,
447 -files/2.4.28-selinux-binfmt_a.out.patch,
448 -files/2.4.28-selinux-cmdline-race.patch,
449 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
450 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
451 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
452 cleanup..
453
454 *hardened-sources-2.4.30-r1 (21 Apr 2005)
455
456 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
457 - disable aout by default
458
459 *hardened-sources-2.4.30 (18 Apr 2005)
460
461 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
462 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
463 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
464 use
465
466 *hardened-sources-2.4.29 (30 Mar 2005)
467
468 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
469 +hardened-sources-2.4.29.ebuild:
470 New hardened-patches-2.4-29.0 patchball.
471 Removed SELinux support, upgraded GRSecurity to 2.1.4.
472
473 *hardened-sources-2.4.28-r5 (06 Mar 2005)
474
475 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
476 +hardened-sources-2.4.28-r5.ebuild:
477 Added a fix for a PaX vulnerability.
478
479 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
480 hardened-sources-2.4.28-r4.ebuild:
481 Stable on x86
482
483 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
484 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
485 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
486 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
487 - fixed/added RDEPEND= in all kernel-2 ebuilds
488
489 *hardened-sources-2.4.28-r4 (21 Jan 2005)
490
491 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
492 +hardened-sources-2.4.28-r4.ebuild:
493 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
494 backport of neighbour hash updates.
495
496 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
497 hardened-sources-2.4.28-r3.ebuild:
498 Stable on x86
499
500 *hardened-sources-2.6.10-r3 (20 Jan 2005)
501
502 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
503 +hardened-sources-2.6.10-r3.ebuild:
504 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
505 in 2005.0
506
507 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
508 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
509 hardened-sources-2.4.28-r2.ebuild:
510 Mark stable on x86
511
512 *hardened-sources-2.4.28-r3 (17 Jan 2005)
513
514 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
515 +hardened-sources-2.4.28-r3.ebuild:
516 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
517
518 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
519 hardened-sources-2.4.28.ebuild:
520 Mark stable on x86.
521
522 *hardened-sources-2.4.28-r2 (13 Jan 2005)
523
524 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
525 +hardened-sources-2.4.28-r2.ebuild:
526 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
527 Mazinger for grsecurity patches as well.
528
529 *hardened-sources-2.4.28-r1 (23 Dec 2004)
530
531 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
532 Security bump. Thank tocharian for rolling a new patchset...
533
534 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
535 +files/2.4.28-grsec-cmdline-race.patch,
536 +files/2.4.28-selinux-binfmt_a.out.patch,
537 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
538 - Round up remaining security patches that appear to be missing in 2.4.28. -
539 PaX standalone updated to current. hgpv=28.1
540
541 *hardened-sources-2.4.28 (28 Nov 2004)
542
543 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
544 security bump. Thank tocharian for rolling a new patchset
545
546 *hardened-sources-2.4.27-r3 (08 Sep 2004)
547
548 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
549 +hardened-sources-2.4.27-r3.ebuild:
550 Applies the new 2.4-27.2 patchball which updates
551 GRSecurity to the 2.0.1 version.
552
553 *hardened-sources-2.4.27-r2 (31 Aug 2004)
554
555 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
556 +hardened-sources-2.4.27-r2.ebuild:
557 Version bump.
558 This version uses the new 2.4-27.1 patchball which updates
559 both the SELinux PaX hooks patch and the SELinux headers.
560
561 *hardened-sources-2.4.27-r1 (09 Aug 2004)
562
563 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
564 +hardened-sources-2.4.27-r1.ebuild,
565 -hardened-sources-2.4.27.ebuild,
566 +files/2.4.27-cmdline-race.patch:
567 Version bump, fix for cmdline race. See bug #59905.
568
569 *hardened-sources-2.4.26-r6 (09 Aug 2004)
570
571 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
572 +hardened-sources-2.4.26-r6.ebuild,
573 -hardened-sources-2.4.26-r5.ebuild,
574 -hardened-sources-2.4.26-r4.ebuild,
575 +files/2.4.26-cmdline-race.patch:
576 Version bump, fix for cmdline race. See bug #59905.
577
578 *hardened-sources-2.4.27 (08 Aug 2004)
579
580 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
581 +hardened-sources-2.4.27.ebuild,
582 +files/2.4.27-CAN-2004-0394.patch:
583 Ported the patchball to the 2.4.27 kernel version.
584
585 *hardened-sources-2.4.26-r5 (07 Aug 2004)
586
587 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
588 +hardened-sources-2.4.26-r5.ebuild:
589 Updated to use the new hardened-patches-2.4-26.1 patchball.
590 It adds the following features:
591 - Squashfs
592 - Ebtables
593 - Netdev random (core+drivers)
594 - Watchdog Timer (WDT) fix.
595
596 *hardened-sources-2.4.26-r4 (04 Aug 2004)
597
598 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
599 +hardened-sources-2.4.26-r4.ebuild,
600 +files/2.4.26-CAN-2004-0415.patch,
601 -hardened-sources-2.4.26-3:
602 Version bump, fix for CAN 0415, see bug #59378.
603
604 *hardened-sources-2.4.26-r3 (22 Jul 2004)
605
606 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
607 +hardened-sources-2.4.26-r3.ebuild,
608 +files/2.4.26-CAN-2004-0497.patch,
609 -hardened-sources-2.4.26-r2.ebuild:
610 Version bump, fixed CAN 0497, see bug #56171.
611
612 *hardened-sources-2.4.26-r2 (29 Jun 2004)
613
614 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
615 +hardened-sources-2.4.26-r2.ebuild,
616 +files/2.4.26-CAN-2004-0495.patch,
617 +files/2.4.26-CAN-2004-0535.patch,
618 -hardened-sources-2.4.26-r1.ebuild:
619 Fixes for both CAN 0495 and 0535, see bug #54976
620
621 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
622 hardened-sources-2.4.26-r1.ebuild:
623 QA - fix use invocation
624
625 *hardened-sources-2.4.26-r1 (22 June 2004)
626
627 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
628 +hardened-sources-2.4.26-r1.ebuild,
629 +files/2.4.26-CAN-2004-0394.patch,
630 +files/2.4.26-signal-race.patch,
631 -hardened-sources-2.4.26.ebuild,
632 -hardened-sources-2.4.24-r3.ebuild:
633 Version bump for the CAN-2004-0394 issue and bug #53804
634 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
635
636
637 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
638 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
639 Masked hardened-sources-2.4.26.ebuild broken for ppc
640
641 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
642 hardened-sources-2.4.24-r3.ebuild:
643 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
644
645 *hardened-sources-2.4.26 (29 May 2004)
646
647 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
648 +hardened-sources-2.4.26.ebuild:
649 Updated hardened-sources for the 2.4.26 kernel
650 Removed broken components, updated almost everything.
651
652 *hardened-sources-2.4.24-r3 (17 Apr 2004)
653
654 17 Apr 2004; <plasmaroo@gentoo.org>
655 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
656 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
657 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
658 +hardened-sources-2.4.24-r3.ebuild:
659 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
660 vulnerabilities. Old revisions removed.
661
662 *hardened-sources-2.4.24-r2 (15 Apr 2004)
663
664 15 Apr 2004; <plasmaroo@gentoo.org>
665 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
666 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
667 Version bump for the CAN-2004-0109 issue; bug #47881.
668
669 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
670 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
671 Add eutils to inherit.
672
673 *hardened-sources-2.4.24-r1 (19 Feb 2004)
674
675 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
676 files/hardened-sources-2.4.24.munmap.patch:
677 Added the patch for the mremap/munmap vulnerability. Bug #42024.
678
679 *hardened-sources-2.4.24 (06 Feb 2004)
680
681 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
682 hardened-sources-2.4.24.ebuild:
683 Version bump, updated most of the components.
684 This release includes the following:
685
686 - Hardened security
687 - Netfilter patch-o-matic 20031219
688 - FreeSWAN 2.04 & x509 1.4.8
689 - EVMS 2.2.2
690 - XFS 1.3.1
691 - cryptoloop jari
692 - grsecurity 2.0-rc4
693 - SELinux
694 - PaX 200402060000
695 - PaX Obscurity 200308302223
696 - Others...
697
698 Neither -ck nor systrace are included anymore.
699
700 *hardened-sources-2.4.22-r2 (05 Jan 2004)
701
702 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
703 hardened-sources-2.4.22-r2.ebuild:
704 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
705
706 *hardened-sources-2.4.22-r1 (02 Dec 2003)
707
708 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
709 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
710
711 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
712 hardened-sources-2.4.22-r1.ebuild:
713 Version bump for the 'do_brk' vulnerability.
714
715 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
716 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
717 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
718 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
719 Fix the 'do_brk' vulnerability.
720
721 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
722 hardened-sources-2.4.22.ebuild:
723 - Removed the src_install() portion for SELinux flask
724 components. These are no longer handled in the kernel
725 so this code was not necessary.
726
727 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
728 New 2.4.22 based hardened-sources thanks to
729 Phil West <p.west@computer.org>.
730
731 These sources include:
732 - New SELinux API
733 - Updated CK-base
734 - Updated GRSec
735 - Systrace
736 - SuperFreeS/WAN 1.99.8
737 - Propolice kernel build support
738 - EVMS
739 - Other various security related patches
740
741 *hardened-sources-2.4.21 (14 Sep 2003)
742
743 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
744 Updated hardened-sources based on the 2.4.21 Linux kernel.
745 This includes updates to most major components such as:
746 - ck-base-0306300059
747 - selinux-2.4-2003071106
748 - grsecurity-2.0-rc1
749 - Updated IPTables patch-o-matic
750 - Updated SuperFreeS/WAN
751
752 Thanks to Phil West <pwest@computer.org> for his work in getting this
753 updated patch set ready for the 2.4.21 based kernel.
754
755 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
756 Initial import of hardened-sources-2.4.20-r4. This revision
757 includes only a few changes, but one of these is an important
758 security fix. It is recommended all users of hardened-sources
759 upgrade to this release.
760
761 - ioperm bug fix
762 - fixed compilation failure when building without GRSec
763
764 SAL (Secure Auditing for Linux) is NOT included in this revision
765 due to time constraints, but is planned for inclusion in the near
766 future.
767
768 *hardened-sources-2.4.20-r2 (12 Jun 2003)
769
770 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
771 hardened-sources-2.4.20-r3.ebuild:
772 Add Header...
773
774 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
775 hardened-sources-2.4.20-r3.ebuild:
776 Removed warnings from ebuild. This kernel should be safe to
777 use at this point.
778
779 *hardened-sources-2.4.20-r3 (08 Jun 2003)
780
781 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
782 hardened-sources-2.4.20-r3.ebuild:
783 New revision. Includes the following changes over -r2:
784
785 - ck7-base (O(1), preempt, low latency)
786 - Super FreeS/WAN 1.99.7rc2
787 - PaX for the LSM/SELinux branch
788 - GRSecurity 2.0-pre4 (role based access control)
789 - Systrace 1.3
790 - EXT3 fixes
791 - EVMS 2.0.1
792 - GCC 3.1+ compile optimizations
793 - ProPolice kernel build support
794 - Hashing table security fixes
795
796 *hardened-sources-2.4.20-r1 (09 Apr 2003)
797
798 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
799 Initial import of hardened-sources-r2. This new
800 ebuild includes many new performance and security
801 related patches. As in -r1, it will patch in
802 LSM/SELinux if "selinux" is in USE, otherwise it
803 will patch in GRSecurity. The following patches
804 are included in this revision:
805
806 - O(1) Scheduler, Low Latency, and Preempt
807 (pulled from the base CK patch)
808 - ptrace exploit patch for the LSM kernel
809 (the GRSec patch already fixes this)
810 - LSM 2.4-2003040709
811 - SELinux 2.4-2003040709
812 - Systrace v1.2
813 - IPTables patch-o-matic base patches - 20030107
814 - CryptoAPI 2.4.20.1 w/ loop-jari patch
815 - Super FreeS/WAN 1.99.6.1
816 - GRSecurity 1.9.9g
817 - MPPE
818 - EXT3 data journal fix
819 - CIPE 1.5.4
820
821 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
822 hardened-sources-2.4.20-r1.ebuild, manifest:
823 Updated to install flask components correctly for selinux.
824
825 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
826 hardened-sources-2.4.20-r1.ebuild:
827 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
828 is patched in instead. Ptrace patches for selinux have also been added. In
829 either case, systrace support will be patched in as well.
830
831 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
832 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
833 Revision bump for new sources.
834
835 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
836 hardened-sources-2.4.20-r1.ebuild:
837 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
838
839 *hardened-sources-2.4.20 (30 Mar 2003)
840
841 30 Mar 2003; Joshua Brindle <method@gentoo.org>
842 hardened-sources-2.4.20.ebuild:
843 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20