/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.137 - (show annotations) (download)
Sat Feb 24 10:51:16 2007 UTC (7 years, 6 months ago) by phreak
Branch: MAIN
Changes since 1.136: +6 -1 lines
Removing some of the old version, that didn't work.
(Portage version: 2.1.2-r10)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.136 2007/02/12 17:41:48 phreak Exp $
4
5 24 Feb 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
7 -hardened-sources-2.6.19-r5.ebuild:
8 Removing some of the old version, that didn't work.
9
10 *hardened-sources-2.6.19-r6 (12 Feb 2007)
11
12 12 Feb 2007; Christian Heim <phreak@gentoo.org>
13 +hardened-sources-2.6.19-r6.ebuild:
14 Revision bump, including a new grsec version fixing #166235.
15
16 *hardened-sources-2.4.34 (24 Jan 2007)
17
18 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
19 Manifest:
20 updating Manifest with checksums of new tarball and ebuild
21
22 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
23 +hardened-sources-2.4.34.ebuild:
24 I added new hardened sources 2.4 update, this is a critical path
25 security bugfix - all users of h-s are strongly advised
26 to update their existing hardened sources to this version.
27 It contains a fix for a kernel vulnerability that is pertaining
28 to the PaX changes to virtual memory management, possibly leading
29 to a local kernel exploit ... see grsecurity.net forums and homepage
30
31 23 Jan 2007; Christian Heim <phreak@gentoo.org>
32 files/digest-hardened-sources-2.6.19-r5, Manifest:
33 Fixing the patch-tarball digest.
34
35 *hardened-sources-2.6.19-r5 (23 Jan 2007)
36
37 23 Jan 2007; Christian Heim <phreak@gentoo.org>
38 +hardened-sources-2.6.19-r5.ebuild:
39 Revision bump, closing the recently discovered PaX expand_stack()
40 vulnerability.
41
42 *hardened-sources-2.6.19-r4 (14 Jan 2007)
43
44 14 Jan 2007; Christian Heim <phreak@gentoo.org>
45 +hardened-sources-2.6.19-r4.ebuild:
46 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
47 dropping the randomized PID feature.
48
49 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
50 hardened-sources-2.4.33.4.ebuild:
51 stable x86, bug #161171
52
53 *hardened-sources-2.6.19-r3 (27 Dec 2006)
54
55 27 Dec 2006; Christian Heim <phreak@gentoo.org>
56 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
57 Revision bump for bug #157186 and #158786.
58
59 *hardened-sources-2.6.18-r4 (27 Dec 2006)
60
61 27 Dec 2006; Christian Heim <phreak@gentoo.org>
62 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
63 Revision bump for bug #157186.
64
65 *hardened-sources-2.6.19-r2 (23 Dec 2006)
66
67 23 Dec 2006; Christian Heim <phreak@gentoo.org>
68 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
69 Revision bump to pull in genpatches-2.6.19-3 for #157186.
70
71 17 Dec 2006; Christian Heim <phreak@gentoo.org>
72 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
73 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
74 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
75 hardened-sources-2.6.19-r1.ebuild:
76 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
77 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
78
79 *hardened-sources-2.4.33.4 (17 Dec 2006)
80
81 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
82 +hardened-sources-2.4.33.4.ebuild:
83 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
84 and quilting
85
86 *hardened-sources-2.6.19-r1 (14 Dec 2006)
87
88 14 Dec 2006; Christian Heim <phreak@gentoo.org>
89 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
90 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
91 for reporting).
92
93 *hardened-sources-2.6.19 (13 Dec 2006)
94
95 13 Dec 2006; Christian Heim <phreak@gentoo.org>
96 +hardened-sources-2.6.19.ebuild:
97 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
98 Brad for providing that prompt update.
99
100 *hardened-sources-2.6.18-r3 (13 Dec 2006)
101
102 13 Dec 2006; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
104 +hardened-sources-2.6.18-r3.ebuild:
105 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
106 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
107
108 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
109 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
110
111 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
112 Stable on ppc wrt bug 157356
113
114 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
115 hardened-sources-2.6.18.ebuild:
116 stable x86, bug #157356
117
118 *hardened-sources-2.6.18-r2 (06 Dec 2006)
119
120 06 Dec 2006; Christian Heim <phreak@gentoo.org>
121 +hardened-sources-2.6.18-r2.ebuild:
122 Revision bump, including 2.6.18.5 (via genpatches) and
123 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
124 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
125 redesign.
126
127 06 Dec 2006; Christian Heim <phreak@gentoo.org>
128 hardened-sources-2.6.18.ebuild:
129 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
130 of Mike Doty).
131
132 *hardened-sources-2.6.18-r1 (23 Nov 2006)
133
134 23 Nov 2006; Christian Heim <phreak@gentoo.org>
135 +hardened-sources-2.6.18-r1.ebuild:
136 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
137
138 *hardened-sources-2.6.18 (11 Nov 2006)
139
140 11 Nov 2006; Christian Heim <phreak@gentoo.org>
141 +hardened-sources-2.6.18.ebuild:
142 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
143
144 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
145 - mark amd64 stable also. bug #151877
146
147 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
148 - mark 2.6.17-r1 stable
149
150 27 Aug 2006; Christian Heim <phreak@gentoo.org>
151 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
152 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
153
154 *hardened-sources-2.6.17-r1 (26 Aug 2006)
155
156 26 Aug 2006; Christian Heim <phreak@gentoo.org>
157 +hardened-sources-2.6.17-r1.ebuild:
158 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
159 grsecurity patch.
160
161 *hardened-sources-2.6.17 (17 Aug 2006)
162
163 17 Aug 2006; Christian Heim <phreak@gentoo.org>
164 +hardened-sources-2.6.17.ebuild:
165 Bumping the hardened-sources-2.6 series to 2.6.17, using
166 genpatches-2.6.17-6.base.
167
168 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
169 - stable on x86 and amd64
170
171 *hardened-sources-2.6.16-r11 (15 Jul 2006)
172
173 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
174 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
175 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
176 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
177 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
178 crusty ebuilds
179
180 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
181 hardened-sources-2.6.16-r10.ebuild:
182 marking stable on x86 and amd64
183
184 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
185 - 2.4.32-r6 stable on x86. RSBAC state unknown
186
187 *hardened-sources-2.4.32-r7 (10 Jul 2006)
188
189 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
190 +hardened-sources-2.4.32-r7.ebuild:
191 Bump PaX for RSBAC to test-17
192
193 *hardened-sources-2.6.16-r9 (03 Jul 2006)
194
195 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
196 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
197 hardened-sources-2.6.16 bump to latest -base.
198
199 *hardened-sources-2.4.32-r6 (30 Jun 2006)
200
201 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
202 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
203 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
204 sysctl controlable resource logging
205
206 *hardened-sources-2.6.16-r7 (05 Jun 2006)
207
208 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
209 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
210 push new 2.6.16 release in preparation for stable
211
212 22 May 2006; <solar@gentoo.org> :
213 - redigest bug 134002
214
215 *hardened-sources-2.4.32-r5 (16 May 2006)
216
217 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
218 +hardened-sources-2.4.32-r5.ebuild:
219 Fixes rsbac common patching (new patch in new -r5 patchset)
220
221 *hardened-sources-2.4.32-r4 (13 May 2006)
222
223 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
224 +hardened-sources-2.4.32-r4.ebuild:
225 - security bumps
226
227 *hardened-sources-2.6.16-r6 (03 May 2006)
228
229 03 May 2006; John Mylchreest <johnm@gentoo.org>
230 +hardened-sources-2.6.16-r6.ebuild:
231 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
232
233 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
234 hardened-sources-2.6.14-r8.ebuild:
235 fix x86_64 build problem, this will delay the digest issue again for a short
236 while but it will sort itself out
237
238 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
239 hardened-sources-2.6.14-r8.ebuild:
240 bump hardened patchset
241
242 27 Apr 2006; Alec Warner <antarus@gentoo.org>
243 files/digest-hardened-sources-2.4.32-r2,
244 files/digest-hardened-sources-2.4.32-r3,
245 files/digest-hardened-sources-2.6.14-r8, Manifest:
246 Fixing duff SHA256 digests: Bug # 131293
247
248 *hardened-sources-2.6.16-r5 (27 Apr 2006)
249
250 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
251 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
252 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
253 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
254 cleanup of old uneccessary sources
255
256 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
257 fix digest
258
259 *hardened-sources-2.6.14-r8 (20 Apr 2006)
260
261 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
262 +hardened-sources-2.6.14-r8.ebuild:
263 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
264
265 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
266 Turning on gpg-signing again, and recomitting
267
268 *hardened-sources-2.6.16-r4 (20 Apr 2006)
269
270 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
271 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
272 +hardened-sources-2.6.16-r4.ebuild:
273 Fix numerous security vulns
274
275 *hardened-sources-2.4.32-r3 (16 Apr 2006)
276
277 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
278 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
279 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
280 - security bump for bug #112791. Removed old ebuilds
281
282 *hardened-sources-2.6.16-r3 (15 Apr 2006)
283
284 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
285 +hardened-sources-2.6.16-r3.ebuild:
286 Removing silly localversion which I missed
287
288 *hardened-sources-2.6.14-r7 (14 Apr 2006)
289
290 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
291 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
292 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
293
294 *hardened-sources-2.6.16-r2 (13 Apr 2006)
295
296 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
297 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
298 +hardened-sources-2.6.16-r2.ebuild:
299 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
300 labels, dropping USERGROUP define fixes, since these were merged mainstream.
301
302 *hardened-sources-2.6.16-r1 (11 Apr 2006)
303
304 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
305 +hardened-sources-2.6.16-r1.ebuild:
306 Bumping to include ppc build fix and 2.6.16.3
307
308 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
309 hardened-sources-2.6.14-r6.ebuild:
310 Stable on x86; bug #127718
311
312 *hardened-sources-2.6.16 (31 Mar 2006)
313
314 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
315 +hardened-sources-2.6.16.ebuild:
316 Bumping to new version of grsec, and kernel base. New squashfs. Based on
317 2.6.16.1
318
319 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
320 hardened-sources-2.6.14-r6.ebuild:
321 Stable on amd64, bug 127718.
322
323 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
324 Stable on ppc. Bug #127718
325
326 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
327 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
328 -hardened-sources-2.6.14-r4.ebuild:
329 Cleanup.
330
331 *hardened-sources-2.6.14-r6 (15 Mar 2006)
332
333 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
334 +hardened-sources-2.6.14-r6.ebuild:
335 Fixes grsec policy recreation bug and adds a
336 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
337
338 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
339 - stable on x86
340
341 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
342 hardened-sources-2.6.14-r5.ebuild:
343 Stable on ppc.
344
345 *hardened-sources-2.6.14-r5 (01 Feb 2006)
346
347 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
348 +hardened-sources-2.6.14-r5.ebuild:
349 fixing every known exploit
350
351 *hardened-sources-2.4.32-r2 (26 Jan 2006)
352
353 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
354 +hardened-sources-2.4.32-r2.ebuild:
355 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
356
357 *hardened-sources-2.6.14-r4 (12 Jan 2006)
358
359 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
360 - version bump for new genpatches which fix up a few sec holes
361
362 *hardened-sources-2.4.32-r1 (05 Jan 2006)
363
364 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
365 - revision bump to add misc vital linux kernel security patches.
366
367 *hardened-sources-2.6.14-r3 (30 Dec 2005)
368
369 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
370 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
371 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
372
373 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
374 hardened-sources-2.6.14-r2.ebuild:
375 making x86 & amd64 stable following testing.
376
377 *hardened-sources-2.6.14-r2 (27 Dec 2005)
378
379 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
380 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
381 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
382 network hooks.
383
384 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
385 hardened-sources-2.6.14-r1.ebuild:
386 bumping to stable early for sec fix on x86 & amd64
387
388 *hardened-sources-2.6.14-r1 (05 Dec 2005)
389
390 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
391 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
392 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
393
394 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
395 - stable on x86 security bug #114227 CAN-2005-3257
396
397 *hardened-sources-2.4.32 (19 Nov 2005)
398
399 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
400 +hardened-sources-2.4.32.ebuild:
401 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
402 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
403 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
404 rsbac >> /etc/portage/package.use)
405
406 *hardened-sources-2.6.14 (14 Nov 2005)
407
408 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
409 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
410 Bumping 2.6 series to 2.6.14.2
411
412 *hardened-sources-2.6.13-r2 (20 Oct 2005)
413
414 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
415 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
416 +hardened-sources-2.6.13-r2.ebuild:
417 Fixes minor build error in ppc.
418
419 *hardened-sources-2.6.13-r1 (17 Oct 2005)
420
421 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
422 +hardened-sources-2.6.13-r1.ebuild:
423 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
424 2.6.13.4, fixes some major amd64 stability problems.
425
426 *hardened-sources-2.6.13 (16 Sep 2005)
427
428 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
430 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
431 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
432 users should test this thoroughly.
433
434 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
435 - stable on x86
436
437 *hardened-sources-2.6.11-r15 (27 Jun 2005)
438
439 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
440 +hardened-sources-2.6.11-r15.ebuild:
441 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
442 grsec redefining curr_ip struct.
443
444 *hardened-sources-2.4.31 (20 Jun 2005)
445
446 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
447 initial import of 2.4.31 tree
448
449 *hardened-sources-2.6.11-r14 (14 Jun 2005)
450
451 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
452 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
453 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
454 naming scheme to abide by genpatches
455
456 *hardened-sources-2.6.11-r13 (18 May 2005)
457
458 18 May 2005; John Mylchreest <johnm@gentoo.org>
459 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
460 Managed to mangle the Makefile patch from grsec, to miss out the grsec
461 target. sorry about that. Fixes bug #93022
462
463 *hardened-sources-2.6.11-r12 (17 May 2005)
464
465 17 May 2005; John Mylchreest <johnm@gentoo.org>
466 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
467 +hardened-sources-2.6.11-r12.ebuild:
468 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
469 merges in genpatches-base
470
471 *hardened-sources-2.6.11-r12 (17 May 2005)
472
473 17 May 2005; John Mylchreest <johnm@gentoo.org>
474 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
475 +hardened-sources-2.6.11-r12.ebuild:
476 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
477 merges in genpatches-base
478
479 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
480 -files/2.4.27-cmdline-race.patch,
481 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
482 -files/2.4.28-grsec-binfmt_a.out.patch,
483 -files/2.4.28-grsec-cmdline-race.patch,
484 -files/2.4.28-selinux-binfmt_a.out.patch,
485 -files/2.4.28-selinux-cmdline-race.patch,
486 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
487 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
488 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
489 cleanup..
490
491 *hardened-sources-2.4.30-r1 (21 Apr 2005)
492
493 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
494 - disable aout by default
495
496 *hardened-sources-2.4.30 (18 Apr 2005)
497
498 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
499 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
500 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
501 use
502
503 *hardened-sources-2.4.29 (30 Mar 2005)
504
505 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
506 +hardened-sources-2.4.29.ebuild:
507 New hardened-patches-2.4-29.0 patchball.
508 Removed SELinux support, upgraded GRSecurity to 2.1.4.
509
510 *hardened-sources-2.4.28-r5 (06 Mar 2005)
511
512 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
513 +hardened-sources-2.4.28-r5.ebuild:
514 Added a fix for a PaX vulnerability.
515
516 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
517 hardened-sources-2.4.28-r4.ebuild:
518 Stable on x86
519
520 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
521 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
522 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
523 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
524 - fixed/added RDEPEND= in all kernel-2 ebuilds
525
526 *hardened-sources-2.4.28-r4 (21 Jan 2005)
527
528 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
529 +hardened-sources-2.4.28-r4.ebuild:
530 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
531 backport of neighbour hash updates.
532
533 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
534 hardened-sources-2.4.28-r3.ebuild:
535 Stable on x86
536
537 *hardened-sources-2.6.10-r3 (20 Jan 2005)
538
539 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
540 +hardened-sources-2.6.10-r3.ebuild:
541 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
542 in 2005.0
543
544 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
545 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
546 hardened-sources-2.4.28-r2.ebuild:
547 Mark stable on x86
548
549 *hardened-sources-2.4.28-r3 (17 Jan 2005)
550
551 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
552 +hardened-sources-2.4.28-r3.ebuild:
553 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
554
555 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
556 hardened-sources-2.4.28.ebuild:
557 Mark stable on x86.
558
559 *hardened-sources-2.4.28-r2 (13 Jan 2005)
560
561 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
562 +hardened-sources-2.4.28-r2.ebuild:
563 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
564 Mazinger for grsecurity patches as well.
565
566 *hardened-sources-2.4.28-r1 (23 Dec 2004)
567
568 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
569 Security bump. Thank tocharian for rolling a new patchset...
570
571 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
572 +files/2.4.28-grsec-cmdline-race.patch,
573 +files/2.4.28-selinux-binfmt_a.out.patch,
574 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
575 - Round up remaining security patches that appear to be missing in 2.4.28. -
576 PaX standalone updated to current. hgpv=28.1
577
578 *hardened-sources-2.4.28 (28 Nov 2004)
579
580 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
581 security bump. Thank tocharian for rolling a new patchset
582
583 *hardened-sources-2.4.27-r3 (08 Sep 2004)
584
585 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
586 +hardened-sources-2.4.27-r3.ebuild:
587 Applies the new 2.4-27.2 patchball which updates
588 GRSecurity to the 2.0.1 version.
589
590 *hardened-sources-2.4.27-r2 (31 Aug 2004)
591
592 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
593 +hardened-sources-2.4.27-r2.ebuild:
594 Version bump.
595 This version uses the new 2.4-27.1 patchball which updates
596 both the SELinux PaX hooks patch and the SELinux headers.
597
598 *hardened-sources-2.4.27-r1 (09 Aug 2004)
599
600 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
601 +hardened-sources-2.4.27-r1.ebuild,
602 -hardened-sources-2.4.27.ebuild,
603 +files/2.4.27-cmdline-race.patch:
604 Version bump, fix for cmdline race. See bug #59905.
605
606 *hardened-sources-2.4.26-r6 (09 Aug 2004)
607
608 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
609 +hardened-sources-2.4.26-r6.ebuild,
610 -hardened-sources-2.4.26-r5.ebuild,
611 -hardened-sources-2.4.26-r4.ebuild,
612 +files/2.4.26-cmdline-race.patch:
613 Version bump, fix for cmdline race. See bug #59905.
614
615 *hardened-sources-2.4.27 (08 Aug 2004)
616
617 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
618 +hardened-sources-2.4.27.ebuild,
619 +files/2.4.27-CAN-2004-0394.patch:
620 Ported the patchball to the 2.4.27 kernel version.
621
622 *hardened-sources-2.4.26-r5 (07 Aug 2004)
623
624 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
625 +hardened-sources-2.4.26-r5.ebuild:
626 Updated to use the new hardened-patches-2.4-26.1 patchball.
627 It adds the following features:
628 - Squashfs
629 - Ebtables
630 - Netdev random (core+drivers)
631 - Watchdog Timer (WDT) fix.
632
633 *hardened-sources-2.4.26-r4 (04 Aug 2004)
634
635 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
636 +hardened-sources-2.4.26-r4.ebuild,
637 +files/2.4.26-CAN-2004-0415.patch,
638 -hardened-sources-2.4.26-3:
639 Version bump, fix for CAN 0415, see bug #59378.
640
641 *hardened-sources-2.4.26-r3 (22 Jul 2004)
642
643 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
644 +hardened-sources-2.4.26-r3.ebuild,
645 +files/2.4.26-CAN-2004-0497.patch,
646 -hardened-sources-2.4.26-r2.ebuild:
647 Version bump, fixed CAN 0497, see bug #56171.
648
649 *hardened-sources-2.4.26-r2 (29 Jun 2004)
650
651 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
652 +hardened-sources-2.4.26-r2.ebuild,
653 +files/2.4.26-CAN-2004-0495.patch,
654 +files/2.4.26-CAN-2004-0535.patch,
655 -hardened-sources-2.4.26-r1.ebuild:
656 Fixes for both CAN 0495 and 0535, see bug #54976
657
658 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
659 hardened-sources-2.4.26-r1.ebuild:
660 QA - fix use invocation
661
662 *hardened-sources-2.4.26-r1 (22 June 2004)
663
664 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
665 +hardened-sources-2.4.26-r1.ebuild,
666 +files/2.4.26-CAN-2004-0394.patch,
667 +files/2.4.26-signal-race.patch,
668 -hardened-sources-2.4.26.ebuild,
669 -hardened-sources-2.4.24-r3.ebuild:
670 Version bump for the CAN-2004-0394 issue and bug #53804
671 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
672
673
674 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
675 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
676 Masked hardened-sources-2.4.26.ebuild broken for ppc
677
678 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
679 hardened-sources-2.4.24-r3.ebuild:
680 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
681
682 *hardened-sources-2.4.26 (29 May 2004)
683
684 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
685 +hardened-sources-2.4.26.ebuild:
686 Updated hardened-sources for the 2.4.26 kernel
687 Removed broken components, updated almost everything.
688
689 *hardened-sources-2.4.24-r3 (17 Apr 2004)
690
691 17 Apr 2004; <plasmaroo@gentoo.org>
692 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
693 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
694 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
695 +hardened-sources-2.4.24-r3.ebuild:
696 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
697 vulnerabilities. Old revisions removed.
698
699 *hardened-sources-2.4.24-r2 (15 Apr 2004)
700
701 15 Apr 2004; <plasmaroo@gentoo.org>
702 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
703 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
704 Version bump for the CAN-2004-0109 issue; bug #47881.
705
706 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
707 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
708 Add eutils to inherit.
709
710 *hardened-sources-2.4.24-r1 (19 Feb 2004)
711
712 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
713 files/hardened-sources-2.4.24.munmap.patch:
714 Added the patch for the mremap/munmap vulnerability. Bug #42024.
715
716 *hardened-sources-2.4.24 (06 Feb 2004)
717
718 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
719 hardened-sources-2.4.24.ebuild:
720 Version bump, updated most of the components.
721 This release includes the following:
722
723 - Hardened security
724 - Netfilter patch-o-matic 20031219
725 - FreeSWAN 2.04 & x509 1.4.8
726 - EVMS 2.2.2
727 - XFS 1.3.1
728 - cryptoloop jari
729 - grsecurity 2.0-rc4
730 - SELinux
731 - PaX 200402060000
732 - PaX Obscurity 200308302223
733 - Others...
734
735 Neither -ck nor systrace are included anymore.
736
737 *hardened-sources-2.4.22-r2 (05 Jan 2004)
738
739 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
740 hardened-sources-2.4.22-r2.ebuild:
741 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
742
743 *hardened-sources-2.4.22-r1 (02 Dec 2003)
744
745 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
746 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
747
748 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
749 hardened-sources-2.4.22-r1.ebuild:
750 Version bump for the 'do_brk' vulnerability.
751
752 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
753 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
754 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
755 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
756 Fix the 'do_brk' vulnerability.
757
758 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
759 hardened-sources-2.4.22.ebuild:
760 - Removed the src_install() portion for SELinux flask
761 components. These are no longer handled in the kernel
762 so this code was not necessary.
763
764 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
765 New 2.4.22 based hardened-sources thanks to
766 Phil West <p.west@computer.org>.
767
768 These sources include:
769 - New SELinux API
770 - Updated CK-base
771 - Updated GRSec
772 - Systrace
773 - SuperFreeS/WAN 1.99.8
774 - Propolice kernel build support
775 - EVMS
776 - Other various security related patches
777
778 *hardened-sources-2.4.21 (14 Sep 2003)
779
780 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
781 Updated hardened-sources based on the 2.4.21 Linux kernel.
782 This includes updates to most major components such as:
783 - ck-base-0306300059
784 - selinux-2.4-2003071106
785 - grsecurity-2.0-rc1
786 - Updated IPTables patch-o-matic
787 - Updated SuperFreeS/WAN
788
789 Thanks to Phil West <pwest@computer.org> for his work in getting this
790 updated patch set ready for the 2.4.21 based kernel.
791
792 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
793 Initial import of hardened-sources-2.4.20-r4. This revision
794 includes only a few changes, but one of these is an important
795 security fix. It is recommended all users of hardened-sources
796 upgrade to this release.
797
798 - ioperm bug fix
799 - fixed compilation failure when building without GRSec
800
801 SAL (Secure Auditing for Linux) is NOT included in this revision
802 due to time constraints, but is planned for inclusion in the near
803 future.
804
805 *hardened-sources-2.4.20-r2 (12 Jun 2003)
806
807 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
808 hardened-sources-2.4.20-r3.ebuild:
809 Add Header...
810
811 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
812 hardened-sources-2.4.20-r3.ebuild:
813 Removed warnings from ebuild. This kernel should be safe to
814 use at this point.
815
816 *hardened-sources-2.4.20-r3 (08 Jun 2003)
817
818 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
819 hardened-sources-2.4.20-r3.ebuild:
820 New revision. Includes the following changes over -r2:
821
822 - ck7-base (O(1), preempt, low latency)
823 - Super FreeS/WAN 1.99.7rc2
824 - PaX for the LSM/SELinux branch
825 - GRSecurity 2.0-pre4 (role based access control)
826 - Systrace 1.3
827 - EXT3 fixes
828 - EVMS 2.0.1
829 - GCC 3.1+ compile optimizations
830 - ProPolice kernel build support
831 - Hashing table security fixes
832
833 *hardened-sources-2.4.20-r1 (09 Apr 2003)
834
835 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
836 Initial import of hardened-sources-r2. This new
837 ebuild includes many new performance and security
838 related patches. As in -r1, it will patch in
839 LSM/SELinux if "selinux" is in USE, otherwise it
840 will patch in GRSecurity. The following patches
841 are included in this revision:
842
843 - O(1) Scheduler, Low Latency, and Preempt
844 (pulled from the base CK patch)
845 - ptrace exploit patch for the LSM kernel
846 (the GRSec patch already fixes this)
847 - LSM 2.4-2003040709
848 - SELinux 2.4-2003040709
849 - Systrace v1.2
850 - IPTables patch-o-matic base patches - 20030107
851 - CryptoAPI 2.4.20.1 w/ loop-jari patch
852 - Super FreeS/WAN 1.99.6.1
853 - GRSecurity 1.9.9g
854 - MPPE
855 - EXT3 data journal fix
856 - CIPE 1.5.4
857
858 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
859 hardened-sources-2.4.20-r1.ebuild, manifest:
860 Updated to install flask components correctly for selinux.
861
862 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
863 hardened-sources-2.4.20-r1.ebuild:
864 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
865 is patched in instead. Ptrace patches for selinux have also been added. In
866 either case, systrace support will be patched in as well.
867
868 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
869 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
870 Revision bump for new sources.
871
872 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
873 hardened-sources-2.4.20-r1.ebuild:
874 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
875
876 *hardened-sources-2.4.20 (30 Mar 2003)
877
878 30 Mar 2003; Joshua Brindle <method@gentoo.org>
879 hardened-sources-2.4.20.ebuild:
880 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20