/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.135 - (show annotations) (download)
Wed Jan 24 06:39:27 2007 UTC (7 years, 2 months ago) by pappy
Branch: MAIN
Changes since 1.134: +5 -1 lines
updating changelog to propagate Manifest change
(Portage version: 2.1.1-r2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.134 2007/01/24 05:46:13 pappy Exp $
4
5 *hardened-sources-2.4.34 (24 Jan 2007)
6
7 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
8 Manifest:
9 updating Manifest with checksums of new tarball and ebuild
10
11 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
12 +hardened-sources-2.4.34.ebuild:
13 I added new hardened sources 2.4 update, this is a critical path
14 security bugfix - all users of h-s are strongly advised
15 to update their existing hardened sources to this version.
16 It contains a fix for a kernel vulnerability that is pertaining
17 to the PaX changes to virtual memory management, possibly leading
18 to a local kernel exploit ... see grsecurity.net forums and homepage
19
20 23 Jan 2007; Christian Heim <phreak@gentoo.org>
21 files/digest-hardened-sources-2.6.19-r5, Manifest:
22 Fixing the patch-tarball digest.
23
24 *hardened-sources-2.6.19-r5 (23 Jan 2007)
25
26 23 Jan 2007; Christian Heim <phreak@gentoo.org>
27 +hardened-sources-2.6.19-r5.ebuild:
28 Revision bump, closing the recently discovered PaX expand_stack()
29 vulnerability.
30
31 *hardened-sources-2.6.19-r4 (14 Jan 2007)
32
33 14 Jan 2007; Christian Heim <phreak@gentoo.org>
34 +hardened-sources-2.6.19-r4.ebuild:
35 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
36 dropping the randomized PID feature.
37
38 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
39 hardened-sources-2.4.33.4.ebuild:
40 stable x86, bug #161171
41
42 *hardened-sources-2.6.19-r3 (27 Dec 2006)
43
44 27 Dec 2006; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
46 Revision bump for bug #157186 and #158786.
47
48 *hardened-sources-2.6.18-r4 (27 Dec 2006)
49
50 27 Dec 2006; Christian Heim <phreak@gentoo.org>
51 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
52 Revision bump for bug #157186.
53
54 *hardened-sources-2.6.19-r2 (23 Dec 2006)
55
56 23 Dec 2006; Christian Heim <phreak@gentoo.org>
57 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
58 Revision bump to pull in genpatches-2.6.19-3 for #157186.
59
60 17 Dec 2006; Christian Heim <phreak@gentoo.org>
61 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
62 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
63 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
64 hardened-sources-2.6.19-r1.ebuild:
65 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
66 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
67
68 *hardened-sources-2.4.33.4 (17 Dec 2006)
69
70 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
71 +hardened-sources-2.4.33.4.ebuild:
72 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
73 and quilting
74
75 *hardened-sources-2.6.19-r1 (14 Dec 2006)
76
77 14 Dec 2006; Christian Heim <phreak@gentoo.org>
78 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
79 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
80 for reporting).
81
82 *hardened-sources-2.6.19 (13 Dec 2006)
83
84 13 Dec 2006; Christian Heim <phreak@gentoo.org>
85 +hardened-sources-2.6.19.ebuild:
86 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
87 Brad for providing that prompt update.
88
89 *hardened-sources-2.6.18-r3 (13 Dec 2006)
90
91 13 Dec 2006; Christian Heim <phreak@gentoo.org>
92 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
93 +hardened-sources-2.6.18-r3.ebuild:
94 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
95 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
96
97 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
98 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
99
100 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
101 Stable on ppc wrt bug 157356
102
103 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
104 hardened-sources-2.6.18.ebuild:
105 stable x86, bug #157356
106
107 *hardened-sources-2.6.18-r2 (06 Dec 2006)
108
109 06 Dec 2006; Christian Heim <phreak@gentoo.org>
110 +hardened-sources-2.6.18-r2.ebuild:
111 Revision bump, including 2.6.18.5 (via genpatches) and
112 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
113 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
114 redesign.
115
116 06 Dec 2006; Christian Heim <phreak@gentoo.org>
117 hardened-sources-2.6.18.ebuild:
118 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
119 of Mike Doty).
120
121 *hardened-sources-2.6.18-r1 (23 Nov 2006)
122
123 23 Nov 2006; Christian Heim <phreak@gentoo.org>
124 +hardened-sources-2.6.18-r1.ebuild:
125 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
126
127 *hardened-sources-2.6.18 (11 Nov 2006)
128
129 11 Nov 2006; Christian Heim <phreak@gentoo.org>
130 +hardened-sources-2.6.18.ebuild:
131 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
132
133 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
134 - mark amd64 stable also. bug #151877
135
136 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
137 - mark 2.6.17-r1 stable
138
139 27 Aug 2006; Christian Heim <phreak@gentoo.org>
140 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
141 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
142
143 *hardened-sources-2.6.17-r1 (26 Aug 2006)
144
145 26 Aug 2006; Christian Heim <phreak@gentoo.org>
146 +hardened-sources-2.6.17-r1.ebuild:
147 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
148 grsecurity patch.
149
150 *hardened-sources-2.6.17 (17 Aug 2006)
151
152 17 Aug 2006; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.17.ebuild:
154 Bumping the hardened-sources-2.6 series to 2.6.17, using
155 genpatches-2.6.17-6.base.
156
157 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
158 - stable on x86 and amd64
159
160 *hardened-sources-2.6.16-r11 (15 Jul 2006)
161
162 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
163 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
164 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
165 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
166 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
167 crusty ebuilds
168
169 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
170 hardened-sources-2.6.16-r10.ebuild:
171 marking stable on x86 and amd64
172
173 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
174 - 2.4.32-r6 stable on x86. RSBAC state unknown
175
176 *hardened-sources-2.4.32-r7 (10 Jul 2006)
177
178 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
179 +hardened-sources-2.4.32-r7.ebuild:
180 Bump PaX for RSBAC to test-17
181
182 *hardened-sources-2.6.16-r9 (03 Jul 2006)
183
184 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
185 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
186 hardened-sources-2.6.16 bump to latest -base.
187
188 *hardened-sources-2.4.32-r6 (30 Jun 2006)
189
190 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
191 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
192 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
193 sysctl controlable resource logging
194
195 *hardened-sources-2.6.16-r7 (05 Jun 2006)
196
197 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
198 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
199 push new 2.6.16 release in preparation for stable
200
201 22 May 2006; <solar@gentoo.org> :
202 - redigest bug 134002
203
204 *hardened-sources-2.4.32-r5 (16 May 2006)
205
206 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
207 +hardened-sources-2.4.32-r5.ebuild:
208 Fixes rsbac common patching (new patch in new -r5 patchset)
209
210 *hardened-sources-2.4.32-r4 (13 May 2006)
211
212 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
213 +hardened-sources-2.4.32-r4.ebuild:
214 - security bumps
215
216 *hardened-sources-2.6.16-r6 (03 May 2006)
217
218 03 May 2006; John Mylchreest <johnm@gentoo.org>
219 +hardened-sources-2.6.16-r6.ebuild:
220 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
221
222 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
223 hardened-sources-2.6.14-r8.ebuild:
224 fix x86_64 build problem, this will delay the digest issue again for a short
225 while but it will sort itself out
226
227 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
228 hardened-sources-2.6.14-r8.ebuild:
229 bump hardened patchset
230
231 27 Apr 2006; Alec Warner <antarus@gentoo.org>
232 files/digest-hardened-sources-2.4.32-r2,
233 files/digest-hardened-sources-2.4.32-r3,
234 files/digest-hardened-sources-2.6.14-r8, Manifest:
235 Fixing duff SHA256 digests: Bug # 131293
236
237 *hardened-sources-2.6.16-r5 (27 Apr 2006)
238
239 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
240 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
241 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
242 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
243 cleanup of old uneccessary sources
244
245 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
246 fix digest
247
248 *hardened-sources-2.6.14-r8 (20 Apr 2006)
249
250 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
251 +hardened-sources-2.6.14-r8.ebuild:
252 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
253
254 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
255 Turning on gpg-signing again, and recomitting
256
257 *hardened-sources-2.6.16-r4 (20 Apr 2006)
258
259 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
260 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
261 +hardened-sources-2.6.16-r4.ebuild:
262 Fix numerous security vulns
263
264 *hardened-sources-2.4.32-r3 (16 Apr 2006)
265
266 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
267 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
268 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
269 - security bump for bug #112791. Removed old ebuilds
270
271 *hardened-sources-2.6.16-r3 (15 Apr 2006)
272
273 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
274 +hardened-sources-2.6.16-r3.ebuild:
275 Removing silly localversion which I missed
276
277 *hardened-sources-2.6.14-r7 (14 Apr 2006)
278
279 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
280 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
281 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
282
283 *hardened-sources-2.6.16-r2 (13 Apr 2006)
284
285 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
286 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
287 +hardened-sources-2.6.16-r2.ebuild:
288 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
289 labels, dropping USERGROUP define fixes, since these were merged mainstream.
290
291 *hardened-sources-2.6.16-r1 (11 Apr 2006)
292
293 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
294 +hardened-sources-2.6.16-r1.ebuild:
295 Bumping to include ppc build fix and 2.6.16.3
296
297 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
298 hardened-sources-2.6.14-r6.ebuild:
299 Stable on x86; bug #127718
300
301 *hardened-sources-2.6.16 (31 Mar 2006)
302
303 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
304 +hardened-sources-2.6.16.ebuild:
305 Bumping to new version of grsec, and kernel base. New squashfs. Based on
306 2.6.16.1
307
308 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
309 hardened-sources-2.6.14-r6.ebuild:
310 Stable on amd64, bug 127718.
311
312 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
313 Stable on ppc. Bug #127718
314
315 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
316 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
317 -hardened-sources-2.6.14-r4.ebuild:
318 Cleanup.
319
320 *hardened-sources-2.6.14-r6 (15 Mar 2006)
321
322 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
323 +hardened-sources-2.6.14-r6.ebuild:
324 Fixes grsec policy recreation bug and adds a
325 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
326
327 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
328 - stable on x86
329
330 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
331 hardened-sources-2.6.14-r5.ebuild:
332 Stable on ppc.
333
334 *hardened-sources-2.6.14-r5 (01 Feb 2006)
335
336 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
337 +hardened-sources-2.6.14-r5.ebuild:
338 fixing every known exploit
339
340 *hardened-sources-2.4.32-r2 (26 Jan 2006)
341
342 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
343 +hardened-sources-2.4.32-r2.ebuild:
344 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
345
346 *hardened-sources-2.6.14-r4 (12 Jan 2006)
347
348 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
349 - version bump for new genpatches which fix up a few sec holes
350
351 *hardened-sources-2.4.32-r1 (05 Jan 2006)
352
353 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
354 - revision bump to add misc vital linux kernel security patches.
355
356 *hardened-sources-2.6.14-r3 (30 Dec 2005)
357
358 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
359 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
360 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
361
362 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
363 hardened-sources-2.6.14-r2.ebuild:
364 making x86 & amd64 stable following testing.
365
366 *hardened-sources-2.6.14-r2 (27 Dec 2005)
367
368 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
369 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
370 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
371 network hooks.
372
373 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
374 hardened-sources-2.6.14-r1.ebuild:
375 bumping to stable early for sec fix on x86 & amd64
376
377 *hardened-sources-2.6.14-r1 (05 Dec 2005)
378
379 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
380 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
381 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
382
383 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
384 - stable on x86 security bug #114227 CAN-2005-3257
385
386 *hardened-sources-2.4.32 (19 Nov 2005)
387
388 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
389 +hardened-sources-2.4.32.ebuild:
390 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
391 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
392 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
393 rsbac >> /etc/portage/package.use)
394
395 *hardened-sources-2.6.14 (14 Nov 2005)
396
397 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
398 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
399 Bumping 2.6 series to 2.6.14.2
400
401 *hardened-sources-2.6.13-r2 (20 Oct 2005)
402
403 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
404 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
405 +hardened-sources-2.6.13-r2.ebuild:
406 Fixes minor build error in ppc.
407
408 *hardened-sources-2.6.13-r1 (17 Oct 2005)
409
410 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
411 +hardened-sources-2.6.13-r1.ebuild:
412 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
413 2.6.13.4, fixes some major amd64 stability problems.
414
415 *hardened-sources-2.6.13 (16 Sep 2005)
416
417 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
418 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
419 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
420 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
421 users should test this thoroughly.
422
423 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
424 - stable on x86
425
426 *hardened-sources-2.6.11-r15 (27 Jun 2005)
427
428 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
429 +hardened-sources-2.6.11-r15.ebuild:
430 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
431 grsec redefining curr_ip struct.
432
433 *hardened-sources-2.4.31 (20 Jun 2005)
434
435 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
436 initial import of 2.4.31 tree
437
438 *hardened-sources-2.6.11-r14 (14 Jun 2005)
439
440 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
441 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
442 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
443 naming scheme to abide by genpatches
444
445 *hardened-sources-2.6.11-r13 (18 May 2005)
446
447 18 May 2005; John Mylchreest <johnm@gentoo.org>
448 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
449 Managed to mangle the Makefile patch from grsec, to miss out the grsec
450 target. sorry about that. Fixes bug #93022
451
452 *hardened-sources-2.6.11-r12 (17 May 2005)
453
454 17 May 2005; John Mylchreest <johnm@gentoo.org>
455 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
456 +hardened-sources-2.6.11-r12.ebuild:
457 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
458 merges in genpatches-base
459
460 *hardened-sources-2.6.11-r12 (17 May 2005)
461
462 17 May 2005; John Mylchreest <johnm@gentoo.org>
463 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
464 +hardened-sources-2.6.11-r12.ebuild:
465 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
466 merges in genpatches-base
467
468 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
469 -files/2.4.27-cmdline-race.patch,
470 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
471 -files/2.4.28-grsec-binfmt_a.out.patch,
472 -files/2.4.28-grsec-cmdline-race.patch,
473 -files/2.4.28-selinux-binfmt_a.out.patch,
474 -files/2.4.28-selinux-cmdline-race.patch,
475 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
476 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
477 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
478 cleanup..
479
480 *hardened-sources-2.4.30-r1 (21 Apr 2005)
481
482 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
483 - disable aout by default
484
485 *hardened-sources-2.4.30 (18 Apr 2005)
486
487 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
488 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
489 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
490 use
491
492 *hardened-sources-2.4.29 (30 Mar 2005)
493
494 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
495 +hardened-sources-2.4.29.ebuild:
496 New hardened-patches-2.4-29.0 patchball.
497 Removed SELinux support, upgraded GRSecurity to 2.1.4.
498
499 *hardened-sources-2.4.28-r5 (06 Mar 2005)
500
501 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
502 +hardened-sources-2.4.28-r5.ebuild:
503 Added a fix for a PaX vulnerability.
504
505 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
506 hardened-sources-2.4.28-r4.ebuild:
507 Stable on x86
508
509 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
510 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
511 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
512 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
513 - fixed/added RDEPEND= in all kernel-2 ebuilds
514
515 *hardened-sources-2.4.28-r4 (21 Jan 2005)
516
517 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
518 +hardened-sources-2.4.28-r4.ebuild:
519 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
520 backport of neighbour hash updates.
521
522 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
523 hardened-sources-2.4.28-r3.ebuild:
524 Stable on x86
525
526 *hardened-sources-2.6.10-r3 (20 Jan 2005)
527
528 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
529 +hardened-sources-2.6.10-r3.ebuild:
530 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
531 in 2005.0
532
533 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
534 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
535 hardened-sources-2.4.28-r2.ebuild:
536 Mark stable on x86
537
538 *hardened-sources-2.4.28-r3 (17 Jan 2005)
539
540 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
541 +hardened-sources-2.4.28-r3.ebuild:
542 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
543
544 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
545 hardened-sources-2.4.28.ebuild:
546 Mark stable on x86.
547
548 *hardened-sources-2.4.28-r2 (13 Jan 2005)
549
550 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
551 +hardened-sources-2.4.28-r2.ebuild:
552 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
553 Mazinger for grsecurity patches as well.
554
555 *hardened-sources-2.4.28-r1 (23 Dec 2004)
556
557 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
558 Security bump. Thank tocharian for rolling a new patchset...
559
560 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
561 +files/2.4.28-grsec-cmdline-race.patch,
562 +files/2.4.28-selinux-binfmt_a.out.patch,
563 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
564 - Round up remaining security patches that appear to be missing in 2.4.28. -
565 PaX standalone updated to current. hgpv=28.1
566
567 *hardened-sources-2.4.28 (28 Nov 2004)
568
569 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
570 security bump. Thank tocharian for rolling a new patchset
571
572 *hardened-sources-2.4.27-r3 (08 Sep 2004)
573
574 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
575 +hardened-sources-2.4.27-r3.ebuild:
576 Applies the new 2.4-27.2 patchball which updates
577 GRSecurity to the 2.0.1 version.
578
579 *hardened-sources-2.4.27-r2 (31 Aug 2004)
580
581 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
582 +hardened-sources-2.4.27-r2.ebuild:
583 Version bump.
584 This version uses the new 2.4-27.1 patchball which updates
585 both the SELinux PaX hooks patch and the SELinux headers.
586
587 *hardened-sources-2.4.27-r1 (09 Aug 2004)
588
589 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
590 +hardened-sources-2.4.27-r1.ebuild,
591 -hardened-sources-2.4.27.ebuild,
592 +files/2.4.27-cmdline-race.patch:
593 Version bump, fix for cmdline race. See bug #59905.
594
595 *hardened-sources-2.4.26-r6 (09 Aug 2004)
596
597 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
598 +hardened-sources-2.4.26-r6.ebuild,
599 -hardened-sources-2.4.26-r5.ebuild,
600 -hardened-sources-2.4.26-r4.ebuild,
601 +files/2.4.26-cmdline-race.patch:
602 Version bump, fix for cmdline race. See bug #59905.
603
604 *hardened-sources-2.4.27 (08 Aug 2004)
605
606 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
607 +hardened-sources-2.4.27.ebuild,
608 +files/2.4.27-CAN-2004-0394.patch:
609 Ported the patchball to the 2.4.27 kernel version.
610
611 *hardened-sources-2.4.26-r5 (07 Aug 2004)
612
613 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
614 +hardened-sources-2.4.26-r5.ebuild:
615 Updated to use the new hardened-patches-2.4-26.1 patchball.
616 It adds the following features:
617 - Squashfs
618 - Ebtables
619 - Netdev random (core+drivers)
620 - Watchdog Timer (WDT) fix.
621
622 *hardened-sources-2.4.26-r4 (04 Aug 2004)
623
624 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
625 +hardened-sources-2.4.26-r4.ebuild,
626 +files/2.4.26-CAN-2004-0415.patch,
627 -hardened-sources-2.4.26-3:
628 Version bump, fix for CAN 0415, see bug #59378.
629
630 *hardened-sources-2.4.26-r3 (22 Jul 2004)
631
632 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
633 +hardened-sources-2.4.26-r3.ebuild,
634 +files/2.4.26-CAN-2004-0497.patch,
635 -hardened-sources-2.4.26-r2.ebuild:
636 Version bump, fixed CAN 0497, see bug #56171.
637
638 *hardened-sources-2.4.26-r2 (29 Jun 2004)
639
640 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
641 +hardened-sources-2.4.26-r2.ebuild,
642 +files/2.4.26-CAN-2004-0495.patch,
643 +files/2.4.26-CAN-2004-0535.patch,
644 -hardened-sources-2.4.26-r1.ebuild:
645 Fixes for both CAN 0495 and 0535, see bug #54976
646
647 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
648 hardened-sources-2.4.26-r1.ebuild:
649 QA - fix use invocation
650
651 *hardened-sources-2.4.26-r1 (22 June 2004)
652
653 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
654 +hardened-sources-2.4.26-r1.ebuild,
655 +files/2.4.26-CAN-2004-0394.patch,
656 +files/2.4.26-signal-race.patch,
657 -hardened-sources-2.4.26.ebuild,
658 -hardened-sources-2.4.24-r3.ebuild:
659 Version bump for the CAN-2004-0394 issue and bug #53804
660 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
661
662
663 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
664 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
665 Masked hardened-sources-2.4.26.ebuild broken for ppc
666
667 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
668 hardened-sources-2.4.24-r3.ebuild:
669 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
670
671 *hardened-sources-2.4.26 (29 May 2004)
672
673 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
674 +hardened-sources-2.4.26.ebuild:
675 Updated hardened-sources for the 2.4.26 kernel
676 Removed broken components, updated almost everything.
677
678 *hardened-sources-2.4.24-r3 (17 Apr 2004)
679
680 17 Apr 2004; <plasmaroo@gentoo.org>
681 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
682 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
683 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
684 +hardened-sources-2.4.24-r3.ebuild:
685 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
686 vulnerabilities. Old revisions removed.
687
688 *hardened-sources-2.4.24-r2 (15 Apr 2004)
689
690 15 Apr 2004; <plasmaroo@gentoo.org>
691 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
692 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
693 Version bump for the CAN-2004-0109 issue; bug #47881.
694
695 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
696 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
697 Add eutils to inherit.
698
699 *hardened-sources-2.4.24-r1 (19 Feb 2004)
700
701 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
702 files/hardened-sources-2.4.24.munmap.patch:
703 Added the patch for the mremap/munmap vulnerability. Bug #42024.
704
705 *hardened-sources-2.4.24 (06 Feb 2004)
706
707 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
708 hardened-sources-2.4.24.ebuild:
709 Version bump, updated most of the components.
710 This release includes the following:
711
712 - Hardened security
713 - Netfilter patch-o-matic 20031219
714 - FreeSWAN 2.04 & x509 1.4.8
715 - EVMS 2.2.2
716 - XFS 1.3.1
717 - cryptoloop jari
718 - grsecurity 2.0-rc4
719 - SELinux
720 - PaX 200402060000
721 - PaX Obscurity 200308302223
722 - Others...
723
724 Neither -ck nor systrace are included anymore.
725
726 *hardened-sources-2.4.22-r2 (05 Jan 2004)
727
728 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
729 hardened-sources-2.4.22-r2.ebuild:
730 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
731
732 *hardened-sources-2.4.22-r1 (02 Dec 2003)
733
734 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
735 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
736
737 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
738 hardened-sources-2.4.22-r1.ebuild:
739 Version bump for the 'do_brk' vulnerability.
740
741 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
742 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
743 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
744 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
745 Fix the 'do_brk' vulnerability.
746
747 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
748 hardened-sources-2.4.22.ebuild:
749 - Removed the src_install() portion for SELinux flask
750 components. These are no longer handled in the kernel
751 so this code was not necessary.
752
753 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
754 New 2.4.22 based hardened-sources thanks to
755 Phil West <p.west@computer.org>.
756
757 These sources include:
758 - New SELinux API
759 - Updated CK-base
760 - Updated GRSec
761 - Systrace
762 - SuperFreeS/WAN 1.99.8
763 - Propolice kernel build support
764 - EVMS
765 - Other various security related patches
766
767 *hardened-sources-2.4.21 (14 Sep 2003)
768
769 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
770 Updated hardened-sources based on the 2.4.21 Linux kernel.
771 This includes updates to most major components such as:
772 - ck-base-0306300059
773 - selinux-2.4-2003071106
774 - grsecurity-2.0-rc1
775 - Updated IPTables patch-o-matic
776 - Updated SuperFreeS/WAN
777
778 Thanks to Phil West <pwest@computer.org> for his work in getting this
779 updated patch set ready for the 2.4.21 based kernel.
780
781 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
782 Initial import of hardened-sources-2.4.20-r4. This revision
783 includes only a few changes, but one of these is an important
784 security fix. It is recommended all users of hardened-sources
785 upgrade to this release.
786
787 - ioperm bug fix
788 - fixed compilation failure when building without GRSec
789
790 SAL (Secure Auditing for Linux) is NOT included in this revision
791 due to time constraints, but is planned for inclusion in the near
792 future.
793
794 *hardened-sources-2.4.20-r2 (12 Jun 2003)
795
796 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
797 hardened-sources-2.4.20-r3.ebuild:
798 Add Header...
799
800 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
801 hardened-sources-2.4.20-r3.ebuild:
802 Removed warnings from ebuild. This kernel should be safe to
803 use at this point.
804
805 *hardened-sources-2.4.20-r3 (08 Jun 2003)
806
807 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
808 hardened-sources-2.4.20-r3.ebuild:
809 New revision. Includes the following changes over -r2:
810
811 - ck7-base (O(1), preempt, low latency)
812 - Super FreeS/WAN 1.99.7rc2
813 - PaX for the LSM/SELinux branch
814 - GRSecurity 2.0-pre4 (role based access control)
815 - Systrace 1.3
816 - EXT3 fixes
817 - EVMS 2.0.1
818 - GCC 3.1+ compile optimizations
819 - ProPolice kernel build support
820 - Hashing table security fixes
821
822 *hardened-sources-2.4.20-r1 (09 Apr 2003)
823
824 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
825 Initial import of hardened-sources-r2. This new
826 ebuild includes many new performance and security
827 related patches. As in -r1, it will patch in
828 LSM/SELinux if "selinux" is in USE, otherwise it
829 will patch in GRSecurity. The following patches
830 are included in this revision:
831
832 - O(1) Scheduler, Low Latency, and Preempt
833 (pulled from the base CK patch)
834 - ptrace exploit patch for the LSM kernel
835 (the GRSec patch already fixes this)
836 - LSM 2.4-2003040709
837 - SELinux 2.4-2003040709
838 - Systrace v1.2
839 - IPTables patch-o-matic base patches - 20030107
840 - CryptoAPI 2.4.20.1 w/ loop-jari patch
841 - Super FreeS/WAN 1.99.6.1
842 - GRSecurity 1.9.9g
843 - MPPE
844 - EXT3 data journal fix
845 - CIPE 1.5.4
846
847 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
848 hardened-sources-2.4.20-r1.ebuild, manifest:
849 Updated to install flask components correctly for selinux.
850
851 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
852 hardened-sources-2.4.20-r1.ebuild:
853 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
854 is patched in instead. Ptrace patches for selinux have also been added. In
855 either case, systrace support will be patched in as well.
856
857 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
859 Revision bump for new sources.
860
861 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
862 hardened-sources-2.4.20-r1.ebuild:
863 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
864
865 *hardened-sources-2.4.20 (30 Mar 2003)
866
867 30 Mar 2003; Joshua Brindle <method@gentoo.org>
868 hardened-sources-2.4.20.ebuild:
869 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20