/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.138 - (show annotations) (download)
Tue Mar 6 10:35:54 2007 UTC (7 years, 9 months ago) by phreak
Branch: MAIN
Changes since 1.137: +15 -1 lines
Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for Linux 2.6.18.8. Also cleaning up the older version.
(Portage version: 2.1.2.1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.137 2007/02/24 10:51:16 phreak Exp $
4
5 06 Mar 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
7 +hardened-sources-2.6.18-r5.ebuild:
8 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
9 Linux 2.6.18.8. Also cleaning up the older version.
10
11 *hardened-sources-2.6.18-r5 (06 Mar 2007)
12
13 06 Mar 2007; Christian Heim <phreak@gentoo.org>
14 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
15 +hardened-sources-2.6.18-r5.ebuild:
16 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
17 Linux 2.6.18.8. Also cleaning up the older version.
18
19 24 Feb 2007; Christian Heim <phreak@gentoo.org>
20 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
21 -hardened-sources-2.6.19-r5.ebuild:
22 Removing some of the old version, that didn't work.
23
24 *hardened-sources-2.6.19-r6 (12 Feb 2007)
25
26 12 Feb 2007; Christian Heim <phreak@gentoo.org>
27 +hardened-sources-2.6.19-r6.ebuild:
28 Revision bump, including a new grsec version fixing #166235.
29
30 *hardened-sources-2.4.34 (24 Jan 2007)
31
32 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
33 Manifest:
34 updating Manifest with checksums of new tarball and ebuild
35
36 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
37 +hardened-sources-2.4.34.ebuild:
38 I added new hardened sources 2.4 update, this is a critical path
39 security bugfix - all users of h-s are strongly advised
40 to update their existing hardened sources to this version.
41 It contains a fix for a kernel vulnerability that is pertaining
42 to the PaX changes to virtual memory management, possibly leading
43 to a local kernel exploit ... see grsecurity.net forums and homepage
44
45 23 Jan 2007; Christian Heim <phreak@gentoo.org>
46 files/digest-hardened-sources-2.6.19-r5, Manifest:
47 Fixing the patch-tarball digest.
48
49 *hardened-sources-2.6.19-r5 (23 Jan 2007)
50
51 23 Jan 2007; Christian Heim <phreak@gentoo.org>
52 +hardened-sources-2.6.19-r5.ebuild:
53 Revision bump, closing the recently discovered PaX expand_stack()
54 vulnerability.
55
56 *hardened-sources-2.6.19-r4 (14 Jan 2007)
57
58 14 Jan 2007; Christian Heim <phreak@gentoo.org>
59 +hardened-sources-2.6.19-r4.ebuild:
60 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
61 dropping the randomized PID feature.
62
63 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
64 hardened-sources-2.4.33.4.ebuild:
65 stable x86, bug #161171
66
67 *hardened-sources-2.6.19-r3 (27 Dec 2006)
68
69 27 Dec 2006; Christian Heim <phreak@gentoo.org>
70 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
71 Revision bump for bug #157186 and #158786.
72
73 *hardened-sources-2.6.18-r4 (27 Dec 2006)
74
75 27 Dec 2006; Christian Heim <phreak@gentoo.org>
76 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
77 Revision bump for bug #157186.
78
79 *hardened-sources-2.6.19-r2 (23 Dec 2006)
80
81 23 Dec 2006; Christian Heim <phreak@gentoo.org>
82 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
83 Revision bump to pull in genpatches-2.6.19-3 for #157186.
84
85 17 Dec 2006; Christian Heim <phreak@gentoo.org>
86 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
87 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
88 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
89 hardened-sources-2.6.19-r1.ebuild:
90 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
91 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
92
93 *hardened-sources-2.4.33.4 (17 Dec 2006)
94
95 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
96 +hardened-sources-2.4.33.4.ebuild:
97 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
98 and quilting
99
100 *hardened-sources-2.6.19-r1 (14 Dec 2006)
101
102 14 Dec 2006; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
104 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
105 for reporting).
106
107 *hardened-sources-2.6.19 (13 Dec 2006)
108
109 13 Dec 2006; Christian Heim <phreak@gentoo.org>
110 +hardened-sources-2.6.19.ebuild:
111 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
112 Brad for providing that prompt update.
113
114 *hardened-sources-2.6.18-r3 (13 Dec 2006)
115
116 13 Dec 2006; Christian Heim <phreak@gentoo.org>
117 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
118 +hardened-sources-2.6.18-r3.ebuild:
119 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
120 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
121
122 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
123 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
124
125 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
126 Stable on ppc wrt bug 157356
127
128 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
129 hardened-sources-2.6.18.ebuild:
130 stable x86, bug #157356
131
132 *hardened-sources-2.6.18-r2 (06 Dec 2006)
133
134 06 Dec 2006; Christian Heim <phreak@gentoo.org>
135 +hardened-sources-2.6.18-r2.ebuild:
136 Revision bump, including 2.6.18.5 (via genpatches) and
137 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
138 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
139 redesign.
140
141 06 Dec 2006; Christian Heim <phreak@gentoo.org>
142 hardened-sources-2.6.18.ebuild:
143 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
144 of Mike Doty).
145
146 *hardened-sources-2.6.18-r1 (23 Nov 2006)
147
148 23 Nov 2006; Christian Heim <phreak@gentoo.org>
149 +hardened-sources-2.6.18-r1.ebuild:
150 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
151
152 *hardened-sources-2.6.18 (11 Nov 2006)
153
154 11 Nov 2006; Christian Heim <phreak@gentoo.org>
155 +hardened-sources-2.6.18.ebuild:
156 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
157
158 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
159 - mark amd64 stable also. bug #151877
160
161 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
162 - mark 2.6.17-r1 stable
163
164 27 Aug 2006; Christian Heim <phreak@gentoo.org>
165 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
166 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
167
168 *hardened-sources-2.6.17-r1 (26 Aug 2006)
169
170 26 Aug 2006; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.17-r1.ebuild:
172 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
173 grsecurity patch.
174
175 *hardened-sources-2.6.17 (17 Aug 2006)
176
177 17 Aug 2006; Christian Heim <phreak@gentoo.org>
178 +hardened-sources-2.6.17.ebuild:
179 Bumping the hardened-sources-2.6 series to 2.6.17, using
180 genpatches-2.6.17-6.base.
181
182 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
183 - stable on x86 and amd64
184
185 *hardened-sources-2.6.16-r11 (15 Jul 2006)
186
187 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
188 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
189 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
190 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
191 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
192 crusty ebuilds
193
194 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
195 hardened-sources-2.6.16-r10.ebuild:
196 marking stable on x86 and amd64
197
198 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
199 - 2.4.32-r6 stable on x86. RSBAC state unknown
200
201 *hardened-sources-2.4.32-r7 (10 Jul 2006)
202
203 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
204 +hardened-sources-2.4.32-r7.ebuild:
205 Bump PaX for RSBAC to test-17
206
207 *hardened-sources-2.6.16-r9 (03 Jul 2006)
208
209 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
210 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
211 hardened-sources-2.6.16 bump to latest -base.
212
213 *hardened-sources-2.4.32-r6 (30 Jun 2006)
214
215 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
216 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
217 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
218 sysctl controlable resource logging
219
220 *hardened-sources-2.6.16-r7 (05 Jun 2006)
221
222 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
223 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
224 push new 2.6.16 release in preparation for stable
225
226 22 May 2006; <solar@gentoo.org> :
227 - redigest bug 134002
228
229 *hardened-sources-2.4.32-r5 (16 May 2006)
230
231 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
232 +hardened-sources-2.4.32-r5.ebuild:
233 Fixes rsbac common patching (new patch in new -r5 patchset)
234
235 *hardened-sources-2.4.32-r4 (13 May 2006)
236
237 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
238 +hardened-sources-2.4.32-r4.ebuild:
239 - security bumps
240
241 *hardened-sources-2.6.16-r6 (03 May 2006)
242
243 03 May 2006; John Mylchreest <johnm@gentoo.org>
244 +hardened-sources-2.6.16-r6.ebuild:
245 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
246
247 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
248 hardened-sources-2.6.14-r8.ebuild:
249 fix x86_64 build problem, this will delay the digest issue again for a short
250 while but it will sort itself out
251
252 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
253 hardened-sources-2.6.14-r8.ebuild:
254 bump hardened patchset
255
256 27 Apr 2006; Alec Warner <antarus@gentoo.org>
257 files/digest-hardened-sources-2.4.32-r2,
258 files/digest-hardened-sources-2.4.32-r3,
259 files/digest-hardened-sources-2.6.14-r8, Manifest:
260 Fixing duff SHA256 digests: Bug # 131293
261
262 *hardened-sources-2.6.16-r5 (27 Apr 2006)
263
264 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
265 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
266 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
267 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
268 cleanup of old uneccessary sources
269
270 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
271 fix digest
272
273 *hardened-sources-2.6.14-r8 (20 Apr 2006)
274
275 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
276 +hardened-sources-2.6.14-r8.ebuild:
277 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
278
279 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
280 Turning on gpg-signing again, and recomitting
281
282 *hardened-sources-2.6.16-r4 (20 Apr 2006)
283
284 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
285 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
286 +hardened-sources-2.6.16-r4.ebuild:
287 Fix numerous security vulns
288
289 *hardened-sources-2.4.32-r3 (16 Apr 2006)
290
291 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
292 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
293 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
294 - security bump for bug #112791. Removed old ebuilds
295
296 *hardened-sources-2.6.16-r3 (15 Apr 2006)
297
298 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
299 +hardened-sources-2.6.16-r3.ebuild:
300 Removing silly localversion which I missed
301
302 *hardened-sources-2.6.14-r7 (14 Apr 2006)
303
304 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
305 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
306 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
307
308 *hardened-sources-2.6.16-r2 (13 Apr 2006)
309
310 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
311 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
312 +hardened-sources-2.6.16-r2.ebuild:
313 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
314 labels, dropping USERGROUP define fixes, since these were merged mainstream.
315
316 *hardened-sources-2.6.16-r1 (11 Apr 2006)
317
318 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
319 +hardened-sources-2.6.16-r1.ebuild:
320 Bumping to include ppc build fix and 2.6.16.3
321
322 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
323 hardened-sources-2.6.14-r6.ebuild:
324 Stable on x86; bug #127718
325
326 *hardened-sources-2.6.16 (31 Mar 2006)
327
328 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
329 +hardened-sources-2.6.16.ebuild:
330 Bumping to new version of grsec, and kernel base. New squashfs. Based on
331 2.6.16.1
332
333 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
334 hardened-sources-2.6.14-r6.ebuild:
335 Stable on amd64, bug 127718.
336
337 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
338 Stable on ppc. Bug #127718
339
340 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
341 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
342 -hardened-sources-2.6.14-r4.ebuild:
343 Cleanup.
344
345 *hardened-sources-2.6.14-r6 (15 Mar 2006)
346
347 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
348 +hardened-sources-2.6.14-r6.ebuild:
349 Fixes grsec policy recreation bug and adds a
350 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
351
352 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
353 - stable on x86
354
355 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
356 hardened-sources-2.6.14-r5.ebuild:
357 Stable on ppc.
358
359 *hardened-sources-2.6.14-r5 (01 Feb 2006)
360
361 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
362 +hardened-sources-2.6.14-r5.ebuild:
363 fixing every known exploit
364
365 *hardened-sources-2.4.32-r2 (26 Jan 2006)
366
367 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
368 +hardened-sources-2.4.32-r2.ebuild:
369 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
370
371 *hardened-sources-2.6.14-r4 (12 Jan 2006)
372
373 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
374 - version bump for new genpatches which fix up a few sec holes
375
376 *hardened-sources-2.4.32-r1 (05 Jan 2006)
377
378 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
379 - revision bump to add misc vital linux kernel security patches.
380
381 *hardened-sources-2.6.14-r3 (30 Dec 2005)
382
383 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
384 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
385 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
386
387 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
388 hardened-sources-2.6.14-r2.ebuild:
389 making x86 & amd64 stable following testing.
390
391 *hardened-sources-2.6.14-r2 (27 Dec 2005)
392
393 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
394 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
395 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
396 network hooks.
397
398 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
399 hardened-sources-2.6.14-r1.ebuild:
400 bumping to stable early for sec fix on x86 & amd64
401
402 *hardened-sources-2.6.14-r1 (05 Dec 2005)
403
404 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
405 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
406 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
407
408 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
409 - stable on x86 security bug #114227 CAN-2005-3257
410
411 *hardened-sources-2.4.32 (19 Nov 2005)
412
413 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
414 +hardened-sources-2.4.32.ebuild:
415 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
416 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
417 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
418 rsbac >> /etc/portage/package.use)
419
420 *hardened-sources-2.6.14 (14 Nov 2005)
421
422 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
423 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
424 Bumping 2.6 series to 2.6.14.2
425
426 *hardened-sources-2.6.13-r2 (20 Oct 2005)
427
428 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
430 +hardened-sources-2.6.13-r2.ebuild:
431 Fixes minor build error in ppc.
432
433 *hardened-sources-2.6.13-r1 (17 Oct 2005)
434
435 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
436 +hardened-sources-2.6.13-r1.ebuild:
437 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
438 2.6.13.4, fixes some major amd64 stability problems.
439
440 *hardened-sources-2.6.13 (16 Sep 2005)
441
442 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
443 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
444 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
445 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
446 users should test this thoroughly.
447
448 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
449 - stable on x86
450
451 *hardened-sources-2.6.11-r15 (27 Jun 2005)
452
453 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
454 +hardened-sources-2.6.11-r15.ebuild:
455 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
456 grsec redefining curr_ip struct.
457
458 *hardened-sources-2.4.31 (20 Jun 2005)
459
460 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
461 initial import of 2.4.31 tree
462
463 *hardened-sources-2.6.11-r14 (14 Jun 2005)
464
465 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
466 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
467 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
468 naming scheme to abide by genpatches
469
470 *hardened-sources-2.6.11-r13 (18 May 2005)
471
472 18 May 2005; John Mylchreest <johnm@gentoo.org>
473 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
474 Managed to mangle the Makefile patch from grsec, to miss out the grsec
475 target. sorry about that. Fixes bug #93022
476
477 *hardened-sources-2.6.11-r12 (17 May 2005)
478
479 17 May 2005; John Mylchreest <johnm@gentoo.org>
480 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
481 +hardened-sources-2.6.11-r12.ebuild:
482 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
483 merges in genpatches-base
484
485 *hardened-sources-2.6.11-r12 (17 May 2005)
486
487 17 May 2005; John Mylchreest <johnm@gentoo.org>
488 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
489 +hardened-sources-2.6.11-r12.ebuild:
490 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
491 merges in genpatches-base
492
493 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
494 -files/2.4.27-cmdline-race.patch,
495 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
496 -files/2.4.28-grsec-binfmt_a.out.patch,
497 -files/2.4.28-grsec-cmdline-race.patch,
498 -files/2.4.28-selinux-binfmt_a.out.patch,
499 -files/2.4.28-selinux-cmdline-race.patch,
500 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
501 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
502 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
503 cleanup..
504
505 *hardened-sources-2.4.30-r1 (21 Apr 2005)
506
507 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
508 - disable aout by default
509
510 *hardened-sources-2.4.30 (18 Apr 2005)
511
512 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
513 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
514 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
515 use
516
517 *hardened-sources-2.4.29 (30 Mar 2005)
518
519 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
520 +hardened-sources-2.4.29.ebuild:
521 New hardened-patches-2.4-29.0 patchball.
522 Removed SELinux support, upgraded GRSecurity to 2.1.4.
523
524 *hardened-sources-2.4.28-r5 (06 Mar 2005)
525
526 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
527 +hardened-sources-2.4.28-r5.ebuild:
528 Added a fix for a PaX vulnerability.
529
530 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
531 hardened-sources-2.4.28-r4.ebuild:
532 Stable on x86
533
534 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
535 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
536 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
537 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
538 - fixed/added RDEPEND= in all kernel-2 ebuilds
539
540 *hardened-sources-2.4.28-r4 (21 Jan 2005)
541
542 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
543 +hardened-sources-2.4.28-r4.ebuild:
544 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
545 backport of neighbour hash updates.
546
547 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
548 hardened-sources-2.4.28-r3.ebuild:
549 Stable on x86
550
551 *hardened-sources-2.6.10-r3 (20 Jan 2005)
552
553 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
554 +hardened-sources-2.6.10-r3.ebuild:
555 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
556 in 2005.0
557
558 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
559 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
560 hardened-sources-2.4.28-r2.ebuild:
561 Mark stable on x86
562
563 *hardened-sources-2.4.28-r3 (17 Jan 2005)
564
565 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
566 +hardened-sources-2.4.28-r3.ebuild:
567 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
568
569 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
570 hardened-sources-2.4.28.ebuild:
571 Mark stable on x86.
572
573 *hardened-sources-2.4.28-r2 (13 Jan 2005)
574
575 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
576 +hardened-sources-2.4.28-r2.ebuild:
577 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
578 Mazinger for grsecurity patches as well.
579
580 *hardened-sources-2.4.28-r1 (23 Dec 2004)
581
582 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
583 Security bump. Thank tocharian for rolling a new patchset...
584
585 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
586 +files/2.4.28-grsec-cmdline-race.patch,
587 +files/2.4.28-selinux-binfmt_a.out.patch,
588 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
589 - Round up remaining security patches that appear to be missing in 2.4.28. -
590 PaX standalone updated to current. hgpv=28.1
591
592 *hardened-sources-2.4.28 (28 Nov 2004)
593
594 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
595 security bump. Thank tocharian for rolling a new patchset
596
597 *hardened-sources-2.4.27-r3 (08 Sep 2004)
598
599 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
600 +hardened-sources-2.4.27-r3.ebuild:
601 Applies the new 2.4-27.2 patchball which updates
602 GRSecurity to the 2.0.1 version.
603
604 *hardened-sources-2.4.27-r2 (31 Aug 2004)
605
606 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
607 +hardened-sources-2.4.27-r2.ebuild:
608 Version bump.
609 This version uses the new 2.4-27.1 patchball which updates
610 both the SELinux PaX hooks patch and the SELinux headers.
611
612 *hardened-sources-2.4.27-r1 (09 Aug 2004)
613
614 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
615 +hardened-sources-2.4.27-r1.ebuild,
616 -hardened-sources-2.4.27.ebuild,
617 +files/2.4.27-cmdline-race.patch:
618 Version bump, fix for cmdline race. See bug #59905.
619
620 *hardened-sources-2.4.26-r6 (09 Aug 2004)
621
622 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
623 +hardened-sources-2.4.26-r6.ebuild,
624 -hardened-sources-2.4.26-r5.ebuild,
625 -hardened-sources-2.4.26-r4.ebuild,
626 +files/2.4.26-cmdline-race.patch:
627 Version bump, fix for cmdline race. See bug #59905.
628
629 *hardened-sources-2.4.27 (08 Aug 2004)
630
631 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
632 +hardened-sources-2.4.27.ebuild,
633 +files/2.4.27-CAN-2004-0394.patch:
634 Ported the patchball to the 2.4.27 kernel version.
635
636 *hardened-sources-2.4.26-r5 (07 Aug 2004)
637
638 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
639 +hardened-sources-2.4.26-r5.ebuild:
640 Updated to use the new hardened-patches-2.4-26.1 patchball.
641 It adds the following features:
642 - Squashfs
643 - Ebtables
644 - Netdev random (core+drivers)
645 - Watchdog Timer (WDT) fix.
646
647 *hardened-sources-2.4.26-r4 (04 Aug 2004)
648
649 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
650 +hardened-sources-2.4.26-r4.ebuild,
651 +files/2.4.26-CAN-2004-0415.patch,
652 -hardened-sources-2.4.26-3:
653 Version bump, fix for CAN 0415, see bug #59378.
654
655 *hardened-sources-2.4.26-r3 (22 Jul 2004)
656
657 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
658 +hardened-sources-2.4.26-r3.ebuild,
659 +files/2.4.26-CAN-2004-0497.patch,
660 -hardened-sources-2.4.26-r2.ebuild:
661 Version bump, fixed CAN 0497, see bug #56171.
662
663 *hardened-sources-2.4.26-r2 (29 Jun 2004)
664
665 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
666 +hardened-sources-2.4.26-r2.ebuild,
667 +files/2.4.26-CAN-2004-0495.patch,
668 +files/2.4.26-CAN-2004-0535.patch,
669 -hardened-sources-2.4.26-r1.ebuild:
670 Fixes for both CAN 0495 and 0535, see bug #54976
671
672 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
673 hardened-sources-2.4.26-r1.ebuild:
674 QA - fix use invocation
675
676 *hardened-sources-2.4.26-r1 (22 June 2004)
677
678 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
679 +hardened-sources-2.4.26-r1.ebuild,
680 +files/2.4.26-CAN-2004-0394.patch,
681 +files/2.4.26-signal-race.patch,
682 -hardened-sources-2.4.26.ebuild,
683 -hardened-sources-2.4.24-r3.ebuild:
684 Version bump for the CAN-2004-0394 issue and bug #53804
685 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
686
687
688 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
689 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
690 Masked hardened-sources-2.4.26.ebuild broken for ppc
691
692 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
693 hardened-sources-2.4.24-r3.ebuild:
694 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
695
696 *hardened-sources-2.4.26 (29 May 2004)
697
698 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
699 +hardened-sources-2.4.26.ebuild:
700 Updated hardened-sources for the 2.4.26 kernel
701 Removed broken components, updated almost everything.
702
703 *hardened-sources-2.4.24-r3 (17 Apr 2004)
704
705 17 Apr 2004; <plasmaroo@gentoo.org>
706 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
707 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
708 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
709 +hardened-sources-2.4.24-r3.ebuild:
710 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
711 vulnerabilities. Old revisions removed.
712
713 *hardened-sources-2.4.24-r2 (15 Apr 2004)
714
715 15 Apr 2004; <plasmaroo@gentoo.org>
716 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
717 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
718 Version bump for the CAN-2004-0109 issue; bug #47881.
719
720 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
721 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
722 Add eutils to inherit.
723
724 *hardened-sources-2.4.24-r1 (19 Feb 2004)
725
726 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
727 files/hardened-sources-2.4.24.munmap.patch:
728 Added the patch for the mremap/munmap vulnerability. Bug #42024.
729
730 *hardened-sources-2.4.24 (06 Feb 2004)
731
732 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
733 hardened-sources-2.4.24.ebuild:
734 Version bump, updated most of the components.
735 This release includes the following:
736
737 - Hardened security
738 - Netfilter patch-o-matic 20031219
739 - FreeSWAN 2.04 & x509 1.4.8
740 - EVMS 2.2.2
741 - XFS 1.3.1
742 - cryptoloop jari
743 - grsecurity 2.0-rc4
744 - SELinux
745 - PaX 200402060000
746 - PaX Obscurity 200308302223
747 - Others...
748
749 Neither -ck nor systrace are included anymore.
750
751 *hardened-sources-2.4.22-r2 (05 Jan 2004)
752
753 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
754 hardened-sources-2.4.22-r2.ebuild:
755 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
756
757 *hardened-sources-2.4.22-r1 (02 Dec 2003)
758
759 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
760 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
761
762 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
763 hardened-sources-2.4.22-r1.ebuild:
764 Version bump for the 'do_brk' vulnerability.
765
766 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
767 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
768 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
769 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
770 Fix the 'do_brk' vulnerability.
771
772 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
773 hardened-sources-2.4.22.ebuild:
774 - Removed the src_install() portion for SELinux flask
775 components. These are no longer handled in the kernel
776 so this code was not necessary.
777
778 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
779 New 2.4.22 based hardened-sources thanks to
780 Phil West <p.west@computer.org>.
781
782 These sources include:
783 - New SELinux API
784 - Updated CK-base
785 - Updated GRSec
786 - Systrace
787 - SuperFreeS/WAN 1.99.8
788 - Propolice kernel build support
789 - EVMS
790 - Other various security related patches
791
792 *hardened-sources-2.4.21 (14 Sep 2003)
793
794 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
795 Updated hardened-sources based on the 2.4.21 Linux kernel.
796 This includes updates to most major components such as:
797 - ck-base-0306300059
798 - selinux-2.4-2003071106
799 - grsecurity-2.0-rc1
800 - Updated IPTables patch-o-matic
801 - Updated SuperFreeS/WAN
802
803 Thanks to Phil West <pwest@computer.org> for his work in getting this
804 updated patch set ready for the 2.4.21 based kernel.
805
806 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
807 Initial import of hardened-sources-2.4.20-r4. This revision
808 includes only a few changes, but one of these is an important
809 security fix. It is recommended all users of hardened-sources
810 upgrade to this release.
811
812 - ioperm bug fix
813 - fixed compilation failure when building without GRSec
814
815 SAL (Secure Auditing for Linux) is NOT included in this revision
816 due to time constraints, but is planned for inclusion in the near
817 future.
818
819 *hardened-sources-2.4.20-r2 (12 Jun 2003)
820
821 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
822 hardened-sources-2.4.20-r3.ebuild:
823 Add Header...
824
825 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
826 hardened-sources-2.4.20-r3.ebuild:
827 Removed warnings from ebuild. This kernel should be safe to
828 use at this point.
829
830 *hardened-sources-2.4.20-r3 (08 Jun 2003)
831
832 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
833 hardened-sources-2.4.20-r3.ebuild:
834 New revision. Includes the following changes over -r2:
835
836 - ck7-base (O(1), preempt, low latency)
837 - Super FreeS/WAN 1.99.7rc2
838 - PaX for the LSM/SELinux branch
839 - GRSecurity 2.0-pre4 (role based access control)
840 - Systrace 1.3
841 - EXT3 fixes
842 - EVMS 2.0.1
843 - GCC 3.1+ compile optimizations
844 - ProPolice kernel build support
845 - Hashing table security fixes
846
847 *hardened-sources-2.4.20-r1 (09 Apr 2003)
848
849 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
850 Initial import of hardened-sources-r2. This new
851 ebuild includes many new performance and security
852 related patches. As in -r1, it will patch in
853 LSM/SELinux if "selinux" is in USE, otherwise it
854 will patch in GRSecurity. The following patches
855 are included in this revision:
856
857 - O(1) Scheduler, Low Latency, and Preempt
858 (pulled from the base CK patch)
859 - ptrace exploit patch for the LSM kernel
860 (the GRSec patch already fixes this)
861 - LSM 2.4-2003040709
862 - SELinux 2.4-2003040709
863 - Systrace v1.2
864 - IPTables patch-o-matic base patches - 20030107
865 - CryptoAPI 2.4.20.1 w/ loop-jari patch
866 - Super FreeS/WAN 1.99.6.1
867 - GRSecurity 1.9.9g
868 - MPPE
869 - EXT3 data journal fix
870 - CIPE 1.5.4
871
872 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
873 hardened-sources-2.4.20-r1.ebuild, manifest:
874 Updated to install flask components correctly for selinux.
875
876 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
877 hardened-sources-2.4.20-r1.ebuild:
878 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
879 is patched in instead. Ptrace patches for selinux have also been added. In
880 either case, systrace support will be patched in as well.
881
882 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
883 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
884 Revision bump for new sources.
885
886 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
887 hardened-sources-2.4.20-r1.ebuild:
888 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
889
890 *hardened-sources-2.4.20 (30 Mar 2003)
891
892 30 Mar 2003; Joshua Brindle <method@gentoo.org>
893 hardened-sources-2.4.20.ebuild:
894 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20