/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.134 - (show annotations) (download)
Wed Jan 24 05:46:13 2007 UTC (7 years, 5 months ago) by pappy
Branch: MAIN
Changes since 1.133: +12 -1 lines
committing hardened sources 2.4.34 containing a critical bugfix for grsecurity patch, files pushed to /space/distfiles-local, plz wait for mirrors spreading the love til you are using this ebuild

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.133 2007/01/23 21:28:13 phreak Exp $
4
5 *hardened-sources-2.4.34 (24 Jan 2007)
6
7 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
8 +hardened-sources-2.4.34.ebuild:
9 I added new hardened sources 2.4 update, this is a critical path
10 security bugfix - all users of h-s are strongly advised
11 to update their existing hardened sources to this version.
12 It contains a fix for a kernel vulnerability that is pertaining
13 to the PaX changes to virtual memory management, possibly leading
14 to a local kernel exploit ... see grsecurity.net forums and homepage
15
16 23 Jan 2007; Christian Heim <phreak@gentoo.org>
17 files/digest-hardened-sources-2.6.19-r5, Manifest:
18 Fixing the patch-tarball digest.
19
20 *hardened-sources-2.6.19-r5 (23 Jan 2007)
21
22 23 Jan 2007; Christian Heim <phreak@gentoo.org>
23 +hardened-sources-2.6.19-r5.ebuild:
24 Revision bump, closing the recently discovered PaX expand_stack()
25 vulnerability.
26
27 *hardened-sources-2.6.19-r4 (14 Jan 2007)
28
29 14 Jan 2007; Christian Heim <phreak@gentoo.org>
30 +hardened-sources-2.6.19-r4.ebuild:
31 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
32 dropping the randomized PID feature.
33
34 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
35 hardened-sources-2.4.33.4.ebuild:
36 stable x86, bug #161171
37
38 *hardened-sources-2.6.19-r3 (27 Dec 2006)
39
40 27 Dec 2006; Christian Heim <phreak@gentoo.org>
41 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
42 Revision bump for bug #157186 and #158786.
43
44 *hardened-sources-2.6.18-r4 (27 Dec 2006)
45
46 27 Dec 2006; Christian Heim <phreak@gentoo.org>
47 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
48 Revision bump for bug #157186.
49
50 *hardened-sources-2.6.19-r2 (23 Dec 2006)
51
52 23 Dec 2006; Christian Heim <phreak@gentoo.org>
53 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
54 Revision bump to pull in genpatches-2.6.19-3 for #157186.
55
56 17 Dec 2006; Christian Heim <phreak@gentoo.org>
57 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
58 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
59 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
60 hardened-sources-2.6.19-r1.ebuild:
61 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
62 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
63
64 *hardened-sources-2.4.33.4 (17 Dec 2006)
65
66 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
67 +hardened-sources-2.4.33.4.ebuild:
68 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
69 and quilting
70
71 *hardened-sources-2.6.19-r1 (14 Dec 2006)
72
73 14 Dec 2006; Christian Heim <phreak@gentoo.org>
74 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
75 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
76 for reporting).
77
78 *hardened-sources-2.6.19 (13 Dec 2006)
79
80 13 Dec 2006; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.19.ebuild:
82 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
83 Brad for providing that prompt update.
84
85 *hardened-sources-2.6.18-r3 (13 Dec 2006)
86
87 13 Dec 2006; Christian Heim <phreak@gentoo.org>
88 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
89 +hardened-sources-2.6.18-r3.ebuild:
90 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
91 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
92
93 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
94 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
95
96 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
97 Stable on ppc wrt bug 157356
98
99 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
100 hardened-sources-2.6.18.ebuild:
101 stable x86, bug #157356
102
103 *hardened-sources-2.6.18-r2 (06 Dec 2006)
104
105 06 Dec 2006; Christian Heim <phreak@gentoo.org>
106 +hardened-sources-2.6.18-r2.ebuild:
107 Revision bump, including 2.6.18.5 (via genpatches) and
108 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
109 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
110 redesign.
111
112 06 Dec 2006; Christian Heim <phreak@gentoo.org>
113 hardened-sources-2.6.18.ebuild:
114 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
115 of Mike Doty).
116
117 *hardened-sources-2.6.18-r1 (23 Nov 2006)
118
119 23 Nov 2006; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.6.18-r1.ebuild:
121 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
122
123 *hardened-sources-2.6.18 (11 Nov 2006)
124
125 11 Nov 2006; Christian Heim <phreak@gentoo.org>
126 +hardened-sources-2.6.18.ebuild:
127 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
128
129 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
130 - mark amd64 stable also. bug #151877
131
132 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
133 - mark 2.6.17-r1 stable
134
135 27 Aug 2006; Christian Heim <phreak@gentoo.org>
136 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
137 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
138
139 *hardened-sources-2.6.17-r1 (26 Aug 2006)
140
141 26 Aug 2006; Christian Heim <phreak@gentoo.org>
142 +hardened-sources-2.6.17-r1.ebuild:
143 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
144 grsecurity patch.
145
146 *hardened-sources-2.6.17 (17 Aug 2006)
147
148 17 Aug 2006; Christian Heim <phreak@gentoo.org>
149 +hardened-sources-2.6.17.ebuild:
150 Bumping the hardened-sources-2.6 series to 2.6.17, using
151 genpatches-2.6.17-6.base.
152
153 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
154 - stable on x86 and amd64
155
156 *hardened-sources-2.6.16-r11 (15 Jul 2006)
157
158 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
159 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
160 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
161 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
162 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
163 crusty ebuilds
164
165 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
166 hardened-sources-2.6.16-r10.ebuild:
167 marking stable on x86 and amd64
168
169 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
170 - 2.4.32-r6 stable on x86. RSBAC state unknown
171
172 *hardened-sources-2.4.32-r7 (10 Jul 2006)
173
174 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
175 +hardened-sources-2.4.32-r7.ebuild:
176 Bump PaX for RSBAC to test-17
177
178 *hardened-sources-2.6.16-r9 (03 Jul 2006)
179
180 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
181 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
182 hardened-sources-2.6.16 bump to latest -base.
183
184 *hardened-sources-2.4.32-r6 (30 Jun 2006)
185
186 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
187 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
188 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
189 sysctl controlable resource logging
190
191 *hardened-sources-2.6.16-r7 (05 Jun 2006)
192
193 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
194 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
195 push new 2.6.16 release in preparation for stable
196
197 22 May 2006; <solar@gentoo.org> :
198 - redigest bug 134002
199
200 *hardened-sources-2.4.32-r5 (16 May 2006)
201
202 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
203 +hardened-sources-2.4.32-r5.ebuild:
204 Fixes rsbac common patching (new patch in new -r5 patchset)
205
206 *hardened-sources-2.4.32-r4 (13 May 2006)
207
208 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
209 +hardened-sources-2.4.32-r4.ebuild:
210 - security bumps
211
212 *hardened-sources-2.6.16-r6 (03 May 2006)
213
214 03 May 2006; John Mylchreest <johnm@gentoo.org>
215 +hardened-sources-2.6.16-r6.ebuild:
216 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
217
218 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
219 hardened-sources-2.6.14-r8.ebuild:
220 fix x86_64 build problem, this will delay the digest issue again for a short
221 while but it will sort itself out
222
223 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
224 hardened-sources-2.6.14-r8.ebuild:
225 bump hardened patchset
226
227 27 Apr 2006; Alec Warner <antarus@gentoo.org>
228 files/digest-hardened-sources-2.4.32-r2,
229 files/digest-hardened-sources-2.4.32-r3,
230 files/digest-hardened-sources-2.6.14-r8, Manifest:
231 Fixing duff SHA256 digests: Bug # 131293
232
233 *hardened-sources-2.6.16-r5 (27 Apr 2006)
234
235 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
236 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
237 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
238 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
239 cleanup of old uneccessary sources
240
241 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
242 fix digest
243
244 *hardened-sources-2.6.14-r8 (20 Apr 2006)
245
246 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
247 +hardened-sources-2.6.14-r8.ebuild:
248 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
249
250 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
251 Turning on gpg-signing again, and recomitting
252
253 *hardened-sources-2.6.16-r4 (20 Apr 2006)
254
255 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
256 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
257 +hardened-sources-2.6.16-r4.ebuild:
258 Fix numerous security vulns
259
260 *hardened-sources-2.4.32-r3 (16 Apr 2006)
261
262 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
263 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
264 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
265 - security bump for bug #112791. Removed old ebuilds
266
267 *hardened-sources-2.6.16-r3 (15 Apr 2006)
268
269 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
270 +hardened-sources-2.6.16-r3.ebuild:
271 Removing silly localversion which I missed
272
273 *hardened-sources-2.6.14-r7 (14 Apr 2006)
274
275 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
276 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
277 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
278
279 *hardened-sources-2.6.16-r2 (13 Apr 2006)
280
281 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
282 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
283 +hardened-sources-2.6.16-r2.ebuild:
284 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
285 labels, dropping USERGROUP define fixes, since these were merged mainstream.
286
287 *hardened-sources-2.6.16-r1 (11 Apr 2006)
288
289 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
290 +hardened-sources-2.6.16-r1.ebuild:
291 Bumping to include ppc build fix and 2.6.16.3
292
293 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
294 hardened-sources-2.6.14-r6.ebuild:
295 Stable on x86; bug #127718
296
297 *hardened-sources-2.6.16 (31 Mar 2006)
298
299 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
300 +hardened-sources-2.6.16.ebuild:
301 Bumping to new version of grsec, and kernel base. New squashfs. Based on
302 2.6.16.1
303
304 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
305 hardened-sources-2.6.14-r6.ebuild:
306 Stable on amd64, bug 127718.
307
308 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
309 Stable on ppc. Bug #127718
310
311 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
312 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
313 -hardened-sources-2.6.14-r4.ebuild:
314 Cleanup.
315
316 *hardened-sources-2.6.14-r6 (15 Mar 2006)
317
318 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
319 +hardened-sources-2.6.14-r6.ebuild:
320 Fixes grsec policy recreation bug and adds a
321 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
322
323 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
324 - stable on x86
325
326 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
327 hardened-sources-2.6.14-r5.ebuild:
328 Stable on ppc.
329
330 *hardened-sources-2.6.14-r5 (01 Feb 2006)
331
332 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
333 +hardened-sources-2.6.14-r5.ebuild:
334 fixing every known exploit
335
336 *hardened-sources-2.4.32-r2 (26 Jan 2006)
337
338 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
339 +hardened-sources-2.4.32-r2.ebuild:
340 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
341
342 *hardened-sources-2.6.14-r4 (12 Jan 2006)
343
344 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
345 - version bump for new genpatches which fix up a few sec holes
346
347 *hardened-sources-2.4.32-r1 (05 Jan 2006)
348
349 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
350 - revision bump to add misc vital linux kernel security patches.
351
352 *hardened-sources-2.6.14-r3 (30 Dec 2005)
353
354 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
355 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
356 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
357
358 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
359 hardened-sources-2.6.14-r2.ebuild:
360 making x86 & amd64 stable following testing.
361
362 *hardened-sources-2.6.14-r2 (27 Dec 2005)
363
364 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
365 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
366 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
367 network hooks.
368
369 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
370 hardened-sources-2.6.14-r1.ebuild:
371 bumping to stable early for sec fix on x86 & amd64
372
373 *hardened-sources-2.6.14-r1 (05 Dec 2005)
374
375 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
376 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
377 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
378
379 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
380 - stable on x86 security bug #114227 CAN-2005-3257
381
382 *hardened-sources-2.4.32 (19 Nov 2005)
383
384 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
385 +hardened-sources-2.4.32.ebuild:
386 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
387 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
388 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
389 rsbac >> /etc/portage/package.use)
390
391 *hardened-sources-2.6.14 (14 Nov 2005)
392
393 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
394 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
395 Bumping 2.6 series to 2.6.14.2
396
397 *hardened-sources-2.6.13-r2 (20 Oct 2005)
398
399 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
400 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
401 +hardened-sources-2.6.13-r2.ebuild:
402 Fixes minor build error in ppc.
403
404 *hardened-sources-2.6.13-r1 (17 Oct 2005)
405
406 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
407 +hardened-sources-2.6.13-r1.ebuild:
408 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
409 2.6.13.4, fixes some major amd64 stability problems.
410
411 *hardened-sources-2.6.13 (16 Sep 2005)
412
413 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
414 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
415 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
416 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
417 users should test this thoroughly.
418
419 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
420 - stable on x86
421
422 *hardened-sources-2.6.11-r15 (27 Jun 2005)
423
424 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
425 +hardened-sources-2.6.11-r15.ebuild:
426 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
427 grsec redefining curr_ip struct.
428
429 *hardened-sources-2.4.31 (20 Jun 2005)
430
431 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
432 initial import of 2.4.31 tree
433
434 *hardened-sources-2.6.11-r14 (14 Jun 2005)
435
436 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
437 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
438 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
439 naming scheme to abide by genpatches
440
441 *hardened-sources-2.6.11-r13 (18 May 2005)
442
443 18 May 2005; John Mylchreest <johnm@gentoo.org>
444 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
445 Managed to mangle the Makefile patch from grsec, to miss out the grsec
446 target. sorry about that. Fixes bug #93022
447
448 *hardened-sources-2.6.11-r12 (17 May 2005)
449
450 17 May 2005; John Mylchreest <johnm@gentoo.org>
451 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
452 +hardened-sources-2.6.11-r12.ebuild:
453 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
454 merges in genpatches-base
455
456 *hardened-sources-2.6.11-r12 (17 May 2005)
457
458 17 May 2005; John Mylchreest <johnm@gentoo.org>
459 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
460 +hardened-sources-2.6.11-r12.ebuild:
461 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
462 merges in genpatches-base
463
464 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
465 -files/2.4.27-cmdline-race.patch,
466 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
467 -files/2.4.28-grsec-binfmt_a.out.patch,
468 -files/2.4.28-grsec-cmdline-race.patch,
469 -files/2.4.28-selinux-binfmt_a.out.patch,
470 -files/2.4.28-selinux-cmdline-race.patch,
471 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
472 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
473 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
474 cleanup..
475
476 *hardened-sources-2.4.30-r1 (21 Apr 2005)
477
478 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
479 - disable aout by default
480
481 *hardened-sources-2.4.30 (18 Apr 2005)
482
483 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
484 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
485 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
486 use
487
488 *hardened-sources-2.4.29 (30 Mar 2005)
489
490 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
491 +hardened-sources-2.4.29.ebuild:
492 New hardened-patches-2.4-29.0 patchball.
493 Removed SELinux support, upgraded GRSecurity to 2.1.4.
494
495 *hardened-sources-2.4.28-r5 (06 Mar 2005)
496
497 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
498 +hardened-sources-2.4.28-r5.ebuild:
499 Added a fix for a PaX vulnerability.
500
501 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
502 hardened-sources-2.4.28-r4.ebuild:
503 Stable on x86
504
505 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
506 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
507 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
508 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
509 - fixed/added RDEPEND= in all kernel-2 ebuilds
510
511 *hardened-sources-2.4.28-r4 (21 Jan 2005)
512
513 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
514 +hardened-sources-2.4.28-r4.ebuild:
515 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
516 backport of neighbour hash updates.
517
518 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
519 hardened-sources-2.4.28-r3.ebuild:
520 Stable on x86
521
522 *hardened-sources-2.6.10-r3 (20 Jan 2005)
523
524 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
525 +hardened-sources-2.6.10-r3.ebuild:
526 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
527 in 2005.0
528
529 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
530 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
531 hardened-sources-2.4.28-r2.ebuild:
532 Mark stable on x86
533
534 *hardened-sources-2.4.28-r3 (17 Jan 2005)
535
536 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
537 +hardened-sources-2.4.28-r3.ebuild:
538 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
539
540 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
541 hardened-sources-2.4.28.ebuild:
542 Mark stable on x86.
543
544 *hardened-sources-2.4.28-r2 (13 Jan 2005)
545
546 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547 +hardened-sources-2.4.28-r2.ebuild:
548 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
549 Mazinger for grsecurity patches as well.
550
551 *hardened-sources-2.4.28-r1 (23 Dec 2004)
552
553 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
554 Security bump. Thank tocharian for rolling a new patchset...
555
556 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
557 +files/2.4.28-grsec-cmdline-race.patch,
558 +files/2.4.28-selinux-binfmt_a.out.patch,
559 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
560 - Round up remaining security patches that appear to be missing in 2.4.28. -
561 PaX standalone updated to current. hgpv=28.1
562
563 *hardened-sources-2.4.28 (28 Nov 2004)
564
565 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
566 security bump. Thank tocharian for rolling a new patchset
567
568 *hardened-sources-2.4.27-r3 (08 Sep 2004)
569
570 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
571 +hardened-sources-2.4.27-r3.ebuild:
572 Applies the new 2.4-27.2 patchball which updates
573 GRSecurity to the 2.0.1 version.
574
575 *hardened-sources-2.4.27-r2 (31 Aug 2004)
576
577 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
578 +hardened-sources-2.4.27-r2.ebuild:
579 Version bump.
580 This version uses the new 2.4-27.1 patchball which updates
581 both the SELinux PaX hooks patch and the SELinux headers.
582
583 *hardened-sources-2.4.27-r1 (09 Aug 2004)
584
585 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
586 +hardened-sources-2.4.27-r1.ebuild,
587 -hardened-sources-2.4.27.ebuild,
588 +files/2.4.27-cmdline-race.patch:
589 Version bump, fix for cmdline race. See bug #59905.
590
591 *hardened-sources-2.4.26-r6 (09 Aug 2004)
592
593 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
594 +hardened-sources-2.4.26-r6.ebuild,
595 -hardened-sources-2.4.26-r5.ebuild,
596 -hardened-sources-2.4.26-r4.ebuild,
597 +files/2.4.26-cmdline-race.patch:
598 Version bump, fix for cmdline race. See bug #59905.
599
600 *hardened-sources-2.4.27 (08 Aug 2004)
601
602 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
603 +hardened-sources-2.4.27.ebuild,
604 +files/2.4.27-CAN-2004-0394.patch:
605 Ported the patchball to the 2.4.27 kernel version.
606
607 *hardened-sources-2.4.26-r5 (07 Aug 2004)
608
609 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
610 +hardened-sources-2.4.26-r5.ebuild:
611 Updated to use the new hardened-patches-2.4-26.1 patchball.
612 It adds the following features:
613 - Squashfs
614 - Ebtables
615 - Netdev random (core+drivers)
616 - Watchdog Timer (WDT) fix.
617
618 *hardened-sources-2.4.26-r4 (04 Aug 2004)
619
620 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
621 +hardened-sources-2.4.26-r4.ebuild,
622 +files/2.4.26-CAN-2004-0415.patch,
623 -hardened-sources-2.4.26-3:
624 Version bump, fix for CAN 0415, see bug #59378.
625
626 *hardened-sources-2.4.26-r3 (22 Jul 2004)
627
628 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
629 +hardened-sources-2.4.26-r3.ebuild,
630 +files/2.4.26-CAN-2004-0497.patch,
631 -hardened-sources-2.4.26-r2.ebuild:
632 Version bump, fixed CAN 0497, see bug #56171.
633
634 *hardened-sources-2.4.26-r2 (29 Jun 2004)
635
636 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
637 +hardened-sources-2.4.26-r2.ebuild,
638 +files/2.4.26-CAN-2004-0495.patch,
639 +files/2.4.26-CAN-2004-0535.patch,
640 -hardened-sources-2.4.26-r1.ebuild:
641 Fixes for both CAN 0495 and 0535, see bug #54976
642
643 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
644 hardened-sources-2.4.26-r1.ebuild:
645 QA - fix use invocation
646
647 *hardened-sources-2.4.26-r1 (22 June 2004)
648
649 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
650 +hardened-sources-2.4.26-r1.ebuild,
651 +files/2.4.26-CAN-2004-0394.patch,
652 +files/2.4.26-signal-race.patch,
653 -hardened-sources-2.4.26.ebuild,
654 -hardened-sources-2.4.24-r3.ebuild:
655 Version bump for the CAN-2004-0394 issue and bug #53804
656 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
657
658
659 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
660 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
661 Masked hardened-sources-2.4.26.ebuild broken for ppc
662
663 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
664 hardened-sources-2.4.24-r3.ebuild:
665 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
666
667 *hardened-sources-2.4.26 (29 May 2004)
668
669 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
670 +hardened-sources-2.4.26.ebuild:
671 Updated hardened-sources for the 2.4.26 kernel
672 Removed broken components, updated almost everything.
673
674 *hardened-sources-2.4.24-r3 (17 Apr 2004)
675
676 17 Apr 2004; <plasmaroo@gentoo.org>
677 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
678 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
679 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
680 +hardened-sources-2.4.24-r3.ebuild:
681 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
682 vulnerabilities. Old revisions removed.
683
684 *hardened-sources-2.4.24-r2 (15 Apr 2004)
685
686 15 Apr 2004; <plasmaroo@gentoo.org>
687 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
688 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
689 Version bump for the CAN-2004-0109 issue; bug #47881.
690
691 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
692 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
693 Add eutils to inherit.
694
695 *hardened-sources-2.4.24-r1 (19 Feb 2004)
696
697 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
698 files/hardened-sources-2.4.24.munmap.patch:
699 Added the patch for the mremap/munmap vulnerability. Bug #42024.
700
701 *hardened-sources-2.4.24 (06 Feb 2004)
702
703 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
704 hardened-sources-2.4.24.ebuild:
705 Version bump, updated most of the components.
706 This release includes the following:
707
708 - Hardened security
709 - Netfilter patch-o-matic 20031219
710 - FreeSWAN 2.04 & x509 1.4.8
711 - EVMS 2.2.2
712 - XFS 1.3.1
713 - cryptoloop jari
714 - grsecurity 2.0-rc4
715 - SELinux
716 - PaX 200402060000
717 - PaX Obscurity 200308302223
718 - Others...
719
720 Neither -ck nor systrace are included anymore.
721
722 *hardened-sources-2.4.22-r2 (05 Jan 2004)
723
724 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
725 hardened-sources-2.4.22-r2.ebuild:
726 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
727
728 *hardened-sources-2.4.22-r1 (02 Dec 2003)
729
730 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
731 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
732
733 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
734 hardened-sources-2.4.22-r1.ebuild:
735 Version bump for the 'do_brk' vulnerability.
736
737 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
738 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
739 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
740 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
741 Fix the 'do_brk' vulnerability.
742
743 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
744 hardened-sources-2.4.22.ebuild:
745 - Removed the src_install() portion for SELinux flask
746 components. These are no longer handled in the kernel
747 so this code was not necessary.
748
749 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
750 New 2.4.22 based hardened-sources thanks to
751 Phil West <p.west@computer.org>.
752
753 These sources include:
754 - New SELinux API
755 - Updated CK-base
756 - Updated GRSec
757 - Systrace
758 - SuperFreeS/WAN 1.99.8
759 - Propolice kernel build support
760 - EVMS
761 - Other various security related patches
762
763 *hardened-sources-2.4.21 (14 Sep 2003)
764
765 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
766 Updated hardened-sources based on the 2.4.21 Linux kernel.
767 This includes updates to most major components such as:
768 - ck-base-0306300059
769 - selinux-2.4-2003071106
770 - grsecurity-2.0-rc1
771 - Updated IPTables patch-o-matic
772 - Updated SuperFreeS/WAN
773
774 Thanks to Phil West <pwest@computer.org> for his work in getting this
775 updated patch set ready for the 2.4.21 based kernel.
776
777 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
778 Initial import of hardened-sources-2.4.20-r4. This revision
779 includes only a few changes, but one of these is an important
780 security fix. It is recommended all users of hardened-sources
781 upgrade to this release.
782
783 - ioperm bug fix
784 - fixed compilation failure when building without GRSec
785
786 SAL (Secure Auditing for Linux) is NOT included in this revision
787 due to time constraints, but is planned for inclusion in the near
788 future.
789
790 *hardened-sources-2.4.20-r2 (12 Jun 2003)
791
792 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
793 hardened-sources-2.4.20-r3.ebuild:
794 Add Header...
795
796 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
797 hardened-sources-2.4.20-r3.ebuild:
798 Removed warnings from ebuild. This kernel should be safe to
799 use at this point.
800
801 *hardened-sources-2.4.20-r3 (08 Jun 2003)
802
803 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
804 hardened-sources-2.4.20-r3.ebuild:
805 New revision. Includes the following changes over -r2:
806
807 - ck7-base (O(1), preempt, low latency)
808 - Super FreeS/WAN 1.99.7rc2
809 - PaX for the LSM/SELinux branch
810 - GRSecurity 2.0-pre4 (role based access control)
811 - Systrace 1.3
812 - EXT3 fixes
813 - EVMS 2.0.1
814 - GCC 3.1+ compile optimizations
815 - ProPolice kernel build support
816 - Hashing table security fixes
817
818 *hardened-sources-2.4.20-r1 (09 Apr 2003)
819
820 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
821 Initial import of hardened-sources-r2. This new
822 ebuild includes many new performance and security
823 related patches. As in -r1, it will patch in
824 LSM/SELinux if "selinux" is in USE, otherwise it
825 will patch in GRSecurity. The following patches
826 are included in this revision:
827
828 - O(1) Scheduler, Low Latency, and Preempt
829 (pulled from the base CK patch)
830 - ptrace exploit patch for the LSM kernel
831 (the GRSec patch already fixes this)
832 - LSM 2.4-2003040709
833 - SELinux 2.4-2003040709
834 - Systrace v1.2
835 - IPTables patch-o-matic base patches - 20030107
836 - CryptoAPI 2.4.20.1 w/ loop-jari patch
837 - Super FreeS/WAN 1.99.6.1
838 - GRSecurity 1.9.9g
839 - MPPE
840 - EXT3 data journal fix
841 - CIPE 1.5.4
842
843 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
844 hardened-sources-2.4.20-r1.ebuild, manifest:
845 Updated to install flask components correctly for selinux.
846
847 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
848 hardened-sources-2.4.20-r1.ebuild:
849 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
850 is patched in instead. Ptrace patches for selinux have also been added. In
851 either case, systrace support will be patched in as well.
852
853 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
854 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
855 Revision bump for new sources.
856
857 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858 hardened-sources-2.4.20-r1.ebuild:
859 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
860
861 *hardened-sources-2.4.20 (30 Mar 2003)
862
863 30 Mar 2003; Joshua Brindle <method@gentoo.org>
864 hardened-sources-2.4.20.ebuild:
865 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20