/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.136 - (show annotations) (download)
Mon Feb 12 17:41:48 2007 UTC (7 years, 7 months ago) by phreak
Branch: MAIN
Changes since 1.135: +7 -1 lines
Revision bump, including a new grsec version fixing #166235.
(Portage version: 2.1.2-r9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.135 2007/01/24 06:39:27 pappy Exp $
4
5 *hardened-sources-2.6.19-r6 (12 Feb 2007)
6
7 12 Feb 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.19-r6.ebuild:
9 Revision bump, including a new grsec version fixing #166235.
10
11 *hardened-sources-2.4.34 (24 Jan 2007)
12
13 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
14 Manifest:
15 updating Manifest with checksums of new tarball and ebuild
16
17 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
18 +hardened-sources-2.4.34.ebuild:
19 I added new hardened sources 2.4 update, this is a critical path
20 security bugfix - all users of h-s are strongly advised
21 to update their existing hardened sources to this version.
22 It contains a fix for a kernel vulnerability that is pertaining
23 to the PaX changes to virtual memory management, possibly leading
24 to a local kernel exploit ... see grsecurity.net forums and homepage
25
26 23 Jan 2007; Christian Heim <phreak@gentoo.org>
27 files/digest-hardened-sources-2.6.19-r5, Manifest:
28 Fixing the patch-tarball digest.
29
30 *hardened-sources-2.6.19-r5 (23 Jan 2007)
31
32 23 Jan 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.19-r5.ebuild:
34 Revision bump, closing the recently discovered PaX expand_stack()
35 vulnerability.
36
37 *hardened-sources-2.6.19-r4 (14 Jan 2007)
38
39 14 Jan 2007; Christian Heim <phreak@gentoo.org>
40 +hardened-sources-2.6.19-r4.ebuild:
41 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
42 dropping the randomized PID feature.
43
44 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
45 hardened-sources-2.4.33.4.ebuild:
46 stable x86, bug #161171
47
48 *hardened-sources-2.6.19-r3 (27 Dec 2006)
49
50 27 Dec 2006; Christian Heim <phreak@gentoo.org>
51 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
52 Revision bump for bug #157186 and #158786.
53
54 *hardened-sources-2.6.18-r4 (27 Dec 2006)
55
56 27 Dec 2006; Christian Heim <phreak@gentoo.org>
57 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
58 Revision bump for bug #157186.
59
60 *hardened-sources-2.6.19-r2 (23 Dec 2006)
61
62 23 Dec 2006; Christian Heim <phreak@gentoo.org>
63 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
64 Revision bump to pull in genpatches-2.6.19-3 for #157186.
65
66 17 Dec 2006; Christian Heim <phreak@gentoo.org>
67 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
68 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
69 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
70 hardened-sources-2.6.19-r1.ebuild:
71 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
72 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
73
74 *hardened-sources-2.4.33.4 (17 Dec 2006)
75
76 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
77 +hardened-sources-2.4.33.4.ebuild:
78 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
79 and quilting
80
81 *hardened-sources-2.6.19-r1 (14 Dec 2006)
82
83 14 Dec 2006; Christian Heim <phreak@gentoo.org>
84 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
85 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
86 for reporting).
87
88 *hardened-sources-2.6.19 (13 Dec 2006)
89
90 13 Dec 2006; Christian Heim <phreak@gentoo.org>
91 +hardened-sources-2.6.19.ebuild:
92 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
93 Brad for providing that prompt update.
94
95 *hardened-sources-2.6.18-r3 (13 Dec 2006)
96
97 13 Dec 2006; Christian Heim <phreak@gentoo.org>
98 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
99 +hardened-sources-2.6.18-r3.ebuild:
100 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
101 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
102
103 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
104 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
105
106 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
107 Stable on ppc wrt bug 157356
108
109 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
110 hardened-sources-2.6.18.ebuild:
111 stable x86, bug #157356
112
113 *hardened-sources-2.6.18-r2 (06 Dec 2006)
114
115 06 Dec 2006; Christian Heim <phreak@gentoo.org>
116 +hardened-sources-2.6.18-r2.ebuild:
117 Revision bump, including 2.6.18.5 (via genpatches) and
118 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
119 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
120 redesign.
121
122 06 Dec 2006; Christian Heim <phreak@gentoo.org>
123 hardened-sources-2.6.18.ebuild:
124 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
125 of Mike Doty).
126
127 *hardened-sources-2.6.18-r1 (23 Nov 2006)
128
129 23 Nov 2006; Christian Heim <phreak@gentoo.org>
130 +hardened-sources-2.6.18-r1.ebuild:
131 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
132
133 *hardened-sources-2.6.18 (11 Nov 2006)
134
135 11 Nov 2006; Christian Heim <phreak@gentoo.org>
136 +hardened-sources-2.6.18.ebuild:
137 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
138
139 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
140 - mark amd64 stable also. bug #151877
141
142 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
143 - mark 2.6.17-r1 stable
144
145 27 Aug 2006; Christian Heim <phreak@gentoo.org>
146 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
147 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
148
149 *hardened-sources-2.6.17-r1 (26 Aug 2006)
150
151 26 Aug 2006; Christian Heim <phreak@gentoo.org>
152 +hardened-sources-2.6.17-r1.ebuild:
153 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
154 grsecurity patch.
155
156 *hardened-sources-2.6.17 (17 Aug 2006)
157
158 17 Aug 2006; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.17.ebuild:
160 Bumping the hardened-sources-2.6 series to 2.6.17, using
161 genpatches-2.6.17-6.base.
162
163 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
164 - stable on x86 and amd64
165
166 *hardened-sources-2.6.16-r11 (15 Jul 2006)
167
168 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
169 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
170 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
171 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
172 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
173 crusty ebuilds
174
175 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
176 hardened-sources-2.6.16-r10.ebuild:
177 marking stable on x86 and amd64
178
179 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
180 - 2.4.32-r6 stable on x86. RSBAC state unknown
181
182 *hardened-sources-2.4.32-r7 (10 Jul 2006)
183
184 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
185 +hardened-sources-2.4.32-r7.ebuild:
186 Bump PaX for RSBAC to test-17
187
188 *hardened-sources-2.6.16-r9 (03 Jul 2006)
189
190 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
191 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
192 hardened-sources-2.6.16 bump to latest -base.
193
194 *hardened-sources-2.4.32-r6 (30 Jun 2006)
195
196 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
197 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
198 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
199 sysctl controlable resource logging
200
201 *hardened-sources-2.6.16-r7 (05 Jun 2006)
202
203 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
204 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
205 push new 2.6.16 release in preparation for stable
206
207 22 May 2006; <solar@gentoo.org> :
208 - redigest bug 134002
209
210 *hardened-sources-2.4.32-r5 (16 May 2006)
211
212 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
213 +hardened-sources-2.4.32-r5.ebuild:
214 Fixes rsbac common patching (new patch in new -r5 patchset)
215
216 *hardened-sources-2.4.32-r4 (13 May 2006)
217
218 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
219 +hardened-sources-2.4.32-r4.ebuild:
220 - security bumps
221
222 *hardened-sources-2.6.16-r6 (03 May 2006)
223
224 03 May 2006; John Mylchreest <johnm@gentoo.org>
225 +hardened-sources-2.6.16-r6.ebuild:
226 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
227
228 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
229 hardened-sources-2.6.14-r8.ebuild:
230 fix x86_64 build problem, this will delay the digest issue again for a short
231 while but it will sort itself out
232
233 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
234 hardened-sources-2.6.14-r8.ebuild:
235 bump hardened patchset
236
237 27 Apr 2006; Alec Warner <antarus@gentoo.org>
238 files/digest-hardened-sources-2.4.32-r2,
239 files/digest-hardened-sources-2.4.32-r3,
240 files/digest-hardened-sources-2.6.14-r8, Manifest:
241 Fixing duff SHA256 digests: Bug # 131293
242
243 *hardened-sources-2.6.16-r5 (27 Apr 2006)
244
245 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
246 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
247 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
248 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
249 cleanup of old uneccessary sources
250
251 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
252 fix digest
253
254 *hardened-sources-2.6.14-r8 (20 Apr 2006)
255
256 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
257 +hardened-sources-2.6.14-r8.ebuild:
258 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
259
260 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
261 Turning on gpg-signing again, and recomitting
262
263 *hardened-sources-2.6.16-r4 (20 Apr 2006)
264
265 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
266 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
267 +hardened-sources-2.6.16-r4.ebuild:
268 Fix numerous security vulns
269
270 *hardened-sources-2.4.32-r3 (16 Apr 2006)
271
272 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
273 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
274 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
275 - security bump for bug #112791. Removed old ebuilds
276
277 *hardened-sources-2.6.16-r3 (15 Apr 2006)
278
279 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
280 +hardened-sources-2.6.16-r3.ebuild:
281 Removing silly localversion which I missed
282
283 *hardened-sources-2.6.14-r7 (14 Apr 2006)
284
285 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
286 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
287 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
288
289 *hardened-sources-2.6.16-r2 (13 Apr 2006)
290
291 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
292 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
293 +hardened-sources-2.6.16-r2.ebuild:
294 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
295 labels, dropping USERGROUP define fixes, since these were merged mainstream.
296
297 *hardened-sources-2.6.16-r1 (11 Apr 2006)
298
299 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
300 +hardened-sources-2.6.16-r1.ebuild:
301 Bumping to include ppc build fix and 2.6.16.3
302
303 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
304 hardened-sources-2.6.14-r6.ebuild:
305 Stable on x86; bug #127718
306
307 *hardened-sources-2.6.16 (31 Mar 2006)
308
309 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
310 +hardened-sources-2.6.16.ebuild:
311 Bumping to new version of grsec, and kernel base. New squashfs. Based on
312 2.6.16.1
313
314 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
315 hardened-sources-2.6.14-r6.ebuild:
316 Stable on amd64, bug 127718.
317
318 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
319 Stable on ppc. Bug #127718
320
321 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
322 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
323 -hardened-sources-2.6.14-r4.ebuild:
324 Cleanup.
325
326 *hardened-sources-2.6.14-r6 (15 Mar 2006)
327
328 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
329 +hardened-sources-2.6.14-r6.ebuild:
330 Fixes grsec policy recreation bug and adds a
331 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
332
333 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
334 - stable on x86
335
336 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
337 hardened-sources-2.6.14-r5.ebuild:
338 Stable on ppc.
339
340 *hardened-sources-2.6.14-r5 (01 Feb 2006)
341
342 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
343 +hardened-sources-2.6.14-r5.ebuild:
344 fixing every known exploit
345
346 *hardened-sources-2.4.32-r2 (26 Jan 2006)
347
348 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
349 +hardened-sources-2.4.32-r2.ebuild:
350 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
351
352 *hardened-sources-2.6.14-r4 (12 Jan 2006)
353
354 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
355 - version bump for new genpatches which fix up a few sec holes
356
357 *hardened-sources-2.4.32-r1 (05 Jan 2006)
358
359 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
360 - revision bump to add misc vital linux kernel security patches.
361
362 *hardened-sources-2.6.14-r3 (30 Dec 2005)
363
364 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
365 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
366 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
367
368 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
369 hardened-sources-2.6.14-r2.ebuild:
370 making x86 & amd64 stable following testing.
371
372 *hardened-sources-2.6.14-r2 (27 Dec 2005)
373
374 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
375 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
376 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
377 network hooks.
378
379 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
380 hardened-sources-2.6.14-r1.ebuild:
381 bumping to stable early for sec fix on x86 & amd64
382
383 *hardened-sources-2.6.14-r1 (05 Dec 2005)
384
385 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
386 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
387 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
388
389 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
390 - stable on x86 security bug #114227 CAN-2005-3257
391
392 *hardened-sources-2.4.32 (19 Nov 2005)
393
394 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
395 +hardened-sources-2.4.32.ebuild:
396 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
397 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
398 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
399 rsbac >> /etc/portage/package.use)
400
401 *hardened-sources-2.6.14 (14 Nov 2005)
402
403 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
404 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
405 Bumping 2.6 series to 2.6.14.2
406
407 *hardened-sources-2.6.13-r2 (20 Oct 2005)
408
409 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
410 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
411 +hardened-sources-2.6.13-r2.ebuild:
412 Fixes minor build error in ppc.
413
414 *hardened-sources-2.6.13-r1 (17 Oct 2005)
415
416 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
417 +hardened-sources-2.6.13-r1.ebuild:
418 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
419 2.6.13.4, fixes some major amd64 stability problems.
420
421 *hardened-sources-2.6.13 (16 Sep 2005)
422
423 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
424 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
425 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
426 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
427 users should test this thoroughly.
428
429 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
430 - stable on x86
431
432 *hardened-sources-2.6.11-r15 (27 Jun 2005)
433
434 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
435 +hardened-sources-2.6.11-r15.ebuild:
436 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
437 grsec redefining curr_ip struct.
438
439 *hardened-sources-2.4.31 (20 Jun 2005)
440
441 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
442 initial import of 2.4.31 tree
443
444 *hardened-sources-2.6.11-r14 (14 Jun 2005)
445
446 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
447 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
448 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
449 naming scheme to abide by genpatches
450
451 *hardened-sources-2.6.11-r13 (18 May 2005)
452
453 18 May 2005; John Mylchreest <johnm@gentoo.org>
454 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
455 Managed to mangle the Makefile patch from grsec, to miss out the grsec
456 target. sorry about that. Fixes bug #93022
457
458 *hardened-sources-2.6.11-r12 (17 May 2005)
459
460 17 May 2005; John Mylchreest <johnm@gentoo.org>
461 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
462 +hardened-sources-2.6.11-r12.ebuild:
463 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
464 merges in genpatches-base
465
466 *hardened-sources-2.6.11-r12 (17 May 2005)
467
468 17 May 2005; John Mylchreest <johnm@gentoo.org>
469 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
470 +hardened-sources-2.6.11-r12.ebuild:
471 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
472 merges in genpatches-base
473
474 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
475 -files/2.4.27-cmdline-race.patch,
476 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
477 -files/2.4.28-grsec-binfmt_a.out.patch,
478 -files/2.4.28-grsec-cmdline-race.patch,
479 -files/2.4.28-selinux-binfmt_a.out.patch,
480 -files/2.4.28-selinux-cmdline-race.patch,
481 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
482 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
483 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
484 cleanup..
485
486 *hardened-sources-2.4.30-r1 (21 Apr 2005)
487
488 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
489 - disable aout by default
490
491 *hardened-sources-2.4.30 (18 Apr 2005)
492
493 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
494 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
495 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
496 use
497
498 *hardened-sources-2.4.29 (30 Mar 2005)
499
500 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
501 +hardened-sources-2.4.29.ebuild:
502 New hardened-patches-2.4-29.0 patchball.
503 Removed SELinux support, upgraded GRSecurity to 2.1.4.
504
505 *hardened-sources-2.4.28-r5 (06 Mar 2005)
506
507 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
508 +hardened-sources-2.4.28-r5.ebuild:
509 Added a fix for a PaX vulnerability.
510
511 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
512 hardened-sources-2.4.28-r4.ebuild:
513 Stable on x86
514
515 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
516 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
517 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
518 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
519 - fixed/added RDEPEND= in all kernel-2 ebuilds
520
521 *hardened-sources-2.4.28-r4 (21 Jan 2005)
522
523 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
524 +hardened-sources-2.4.28-r4.ebuild:
525 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
526 backport of neighbour hash updates.
527
528 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
529 hardened-sources-2.4.28-r3.ebuild:
530 Stable on x86
531
532 *hardened-sources-2.6.10-r3 (20 Jan 2005)
533
534 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
535 +hardened-sources-2.6.10-r3.ebuild:
536 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
537 in 2005.0
538
539 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
540 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
541 hardened-sources-2.4.28-r2.ebuild:
542 Mark stable on x86
543
544 *hardened-sources-2.4.28-r3 (17 Jan 2005)
545
546 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547 +hardened-sources-2.4.28-r3.ebuild:
548 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
549
550 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
551 hardened-sources-2.4.28.ebuild:
552 Mark stable on x86.
553
554 *hardened-sources-2.4.28-r2 (13 Jan 2005)
555
556 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
557 +hardened-sources-2.4.28-r2.ebuild:
558 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
559 Mazinger for grsecurity patches as well.
560
561 *hardened-sources-2.4.28-r1 (23 Dec 2004)
562
563 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
564 Security bump. Thank tocharian for rolling a new patchset...
565
566 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
567 +files/2.4.28-grsec-cmdline-race.patch,
568 +files/2.4.28-selinux-binfmt_a.out.patch,
569 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
570 - Round up remaining security patches that appear to be missing in 2.4.28. -
571 PaX standalone updated to current. hgpv=28.1
572
573 *hardened-sources-2.4.28 (28 Nov 2004)
574
575 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
576 security bump. Thank tocharian for rolling a new patchset
577
578 *hardened-sources-2.4.27-r3 (08 Sep 2004)
579
580 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
581 +hardened-sources-2.4.27-r3.ebuild:
582 Applies the new 2.4-27.2 patchball which updates
583 GRSecurity to the 2.0.1 version.
584
585 *hardened-sources-2.4.27-r2 (31 Aug 2004)
586
587 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
588 +hardened-sources-2.4.27-r2.ebuild:
589 Version bump.
590 This version uses the new 2.4-27.1 patchball which updates
591 both the SELinux PaX hooks patch and the SELinux headers.
592
593 *hardened-sources-2.4.27-r1 (09 Aug 2004)
594
595 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
596 +hardened-sources-2.4.27-r1.ebuild,
597 -hardened-sources-2.4.27.ebuild,
598 +files/2.4.27-cmdline-race.patch:
599 Version bump, fix for cmdline race. See bug #59905.
600
601 *hardened-sources-2.4.26-r6 (09 Aug 2004)
602
603 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
604 +hardened-sources-2.4.26-r6.ebuild,
605 -hardened-sources-2.4.26-r5.ebuild,
606 -hardened-sources-2.4.26-r4.ebuild,
607 +files/2.4.26-cmdline-race.patch:
608 Version bump, fix for cmdline race. See bug #59905.
609
610 *hardened-sources-2.4.27 (08 Aug 2004)
611
612 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
613 +hardened-sources-2.4.27.ebuild,
614 +files/2.4.27-CAN-2004-0394.patch:
615 Ported the patchball to the 2.4.27 kernel version.
616
617 *hardened-sources-2.4.26-r5 (07 Aug 2004)
618
619 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
620 +hardened-sources-2.4.26-r5.ebuild:
621 Updated to use the new hardened-patches-2.4-26.1 patchball.
622 It adds the following features:
623 - Squashfs
624 - Ebtables
625 - Netdev random (core+drivers)
626 - Watchdog Timer (WDT) fix.
627
628 *hardened-sources-2.4.26-r4 (04 Aug 2004)
629
630 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
631 +hardened-sources-2.4.26-r4.ebuild,
632 +files/2.4.26-CAN-2004-0415.patch,
633 -hardened-sources-2.4.26-3:
634 Version bump, fix for CAN 0415, see bug #59378.
635
636 *hardened-sources-2.4.26-r3 (22 Jul 2004)
637
638 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
639 +hardened-sources-2.4.26-r3.ebuild,
640 +files/2.4.26-CAN-2004-0497.patch,
641 -hardened-sources-2.4.26-r2.ebuild:
642 Version bump, fixed CAN 0497, see bug #56171.
643
644 *hardened-sources-2.4.26-r2 (29 Jun 2004)
645
646 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
647 +hardened-sources-2.4.26-r2.ebuild,
648 +files/2.4.26-CAN-2004-0495.patch,
649 +files/2.4.26-CAN-2004-0535.patch,
650 -hardened-sources-2.4.26-r1.ebuild:
651 Fixes for both CAN 0495 and 0535, see bug #54976
652
653 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
654 hardened-sources-2.4.26-r1.ebuild:
655 QA - fix use invocation
656
657 *hardened-sources-2.4.26-r1 (22 June 2004)
658
659 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
660 +hardened-sources-2.4.26-r1.ebuild,
661 +files/2.4.26-CAN-2004-0394.patch,
662 +files/2.4.26-signal-race.patch,
663 -hardened-sources-2.4.26.ebuild,
664 -hardened-sources-2.4.24-r3.ebuild:
665 Version bump for the CAN-2004-0394 issue and bug #53804
666 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
667
668
669 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
670 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
671 Masked hardened-sources-2.4.26.ebuild broken for ppc
672
673 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
674 hardened-sources-2.4.24-r3.ebuild:
675 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
676
677 *hardened-sources-2.4.26 (29 May 2004)
678
679 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
680 +hardened-sources-2.4.26.ebuild:
681 Updated hardened-sources for the 2.4.26 kernel
682 Removed broken components, updated almost everything.
683
684 *hardened-sources-2.4.24-r3 (17 Apr 2004)
685
686 17 Apr 2004; <plasmaroo@gentoo.org>
687 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
688 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
689 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
690 +hardened-sources-2.4.24-r3.ebuild:
691 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
692 vulnerabilities. Old revisions removed.
693
694 *hardened-sources-2.4.24-r2 (15 Apr 2004)
695
696 15 Apr 2004; <plasmaroo@gentoo.org>
697 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
698 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
699 Version bump for the CAN-2004-0109 issue; bug #47881.
700
701 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
702 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
703 Add eutils to inherit.
704
705 *hardened-sources-2.4.24-r1 (19 Feb 2004)
706
707 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
708 files/hardened-sources-2.4.24.munmap.patch:
709 Added the patch for the mremap/munmap vulnerability. Bug #42024.
710
711 *hardened-sources-2.4.24 (06 Feb 2004)
712
713 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
714 hardened-sources-2.4.24.ebuild:
715 Version bump, updated most of the components.
716 This release includes the following:
717
718 - Hardened security
719 - Netfilter patch-o-matic 20031219
720 - FreeSWAN 2.04 & x509 1.4.8
721 - EVMS 2.2.2
722 - XFS 1.3.1
723 - cryptoloop jari
724 - grsecurity 2.0-rc4
725 - SELinux
726 - PaX 200402060000
727 - PaX Obscurity 200308302223
728 - Others...
729
730 Neither -ck nor systrace are included anymore.
731
732 *hardened-sources-2.4.22-r2 (05 Jan 2004)
733
734 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
735 hardened-sources-2.4.22-r2.ebuild:
736 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
737
738 *hardened-sources-2.4.22-r1 (02 Dec 2003)
739
740 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
741 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
742
743 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
744 hardened-sources-2.4.22-r1.ebuild:
745 Version bump for the 'do_brk' vulnerability.
746
747 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
748 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
749 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
750 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
751 Fix the 'do_brk' vulnerability.
752
753 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
754 hardened-sources-2.4.22.ebuild:
755 - Removed the src_install() portion for SELinux flask
756 components. These are no longer handled in the kernel
757 so this code was not necessary.
758
759 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
760 New 2.4.22 based hardened-sources thanks to
761 Phil West <p.west@computer.org>.
762
763 These sources include:
764 - New SELinux API
765 - Updated CK-base
766 - Updated GRSec
767 - Systrace
768 - SuperFreeS/WAN 1.99.8
769 - Propolice kernel build support
770 - EVMS
771 - Other various security related patches
772
773 *hardened-sources-2.4.21 (14 Sep 2003)
774
775 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
776 Updated hardened-sources based on the 2.4.21 Linux kernel.
777 This includes updates to most major components such as:
778 - ck-base-0306300059
779 - selinux-2.4-2003071106
780 - grsecurity-2.0-rc1
781 - Updated IPTables patch-o-matic
782 - Updated SuperFreeS/WAN
783
784 Thanks to Phil West <pwest@computer.org> for his work in getting this
785 updated patch set ready for the 2.4.21 based kernel.
786
787 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
788 Initial import of hardened-sources-2.4.20-r4. This revision
789 includes only a few changes, but one of these is an important
790 security fix. It is recommended all users of hardened-sources
791 upgrade to this release.
792
793 - ioperm bug fix
794 - fixed compilation failure when building without GRSec
795
796 SAL (Secure Auditing for Linux) is NOT included in this revision
797 due to time constraints, but is planned for inclusion in the near
798 future.
799
800 *hardened-sources-2.4.20-r2 (12 Jun 2003)
801
802 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
803 hardened-sources-2.4.20-r3.ebuild:
804 Add Header...
805
806 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
807 hardened-sources-2.4.20-r3.ebuild:
808 Removed warnings from ebuild. This kernel should be safe to
809 use at this point.
810
811 *hardened-sources-2.4.20-r3 (08 Jun 2003)
812
813 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
814 hardened-sources-2.4.20-r3.ebuild:
815 New revision. Includes the following changes over -r2:
816
817 - ck7-base (O(1), preempt, low latency)
818 - Super FreeS/WAN 1.99.7rc2
819 - PaX for the LSM/SELinux branch
820 - GRSecurity 2.0-pre4 (role based access control)
821 - Systrace 1.3
822 - EXT3 fixes
823 - EVMS 2.0.1
824 - GCC 3.1+ compile optimizations
825 - ProPolice kernel build support
826 - Hashing table security fixes
827
828 *hardened-sources-2.4.20-r1 (09 Apr 2003)
829
830 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
831 Initial import of hardened-sources-r2. This new
832 ebuild includes many new performance and security
833 related patches. As in -r1, it will patch in
834 LSM/SELinux if "selinux" is in USE, otherwise it
835 will patch in GRSecurity. The following patches
836 are included in this revision:
837
838 - O(1) Scheduler, Low Latency, and Preempt
839 (pulled from the base CK patch)
840 - ptrace exploit patch for the LSM kernel
841 (the GRSec patch already fixes this)
842 - LSM 2.4-2003040709
843 - SELinux 2.4-2003040709
844 - Systrace v1.2
845 - IPTables patch-o-matic base patches - 20030107
846 - CryptoAPI 2.4.20.1 w/ loop-jari patch
847 - Super FreeS/WAN 1.99.6.1
848 - GRSecurity 1.9.9g
849 - MPPE
850 - EXT3 data journal fix
851 - CIPE 1.5.4
852
853 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
854 hardened-sources-2.4.20-r1.ebuild, manifest:
855 Updated to install flask components correctly for selinux.
856
857 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
858 hardened-sources-2.4.20-r1.ebuild:
859 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
860 is patched in instead. Ptrace patches for selinux have also been added. In
861 either case, systrace support will be patched in as well.
862
863 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
864 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
865 Revision bump for new sources.
866
867 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
868 hardened-sources-2.4.20-r1.ebuild:
869 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
870
871 *hardened-sources-2.4.20 (30 Mar 2003)
872
873 30 Mar 2003; Joshua Brindle <method@gentoo.org>
874 hardened-sources-2.4.20.ebuild:
875 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20