/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.139 - (show annotations) (download)
Tue Mar 6 11:16:45 2007 UTC (7 years, 6 months ago) by phreak
Branch: MAIN
Changes since 1.138: +5 -1 lines
Fixing the Manifest, the previous one was broken (as in still had the deleted ebuild in it).
(Portage version: 2.1.2.1)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.138 2007/03/06 10:35:54 phreak Exp $
4
5 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
6 Fixing the Manifest, the previous one was broken (as in still had the
7 deleted ebuild in it).
8
9 06 Mar 2007; Christian Heim <phreak@gentoo.org>
10 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
11 +hardened-sources-2.6.18-r5.ebuild:
12 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
13 Linux 2.6.18.8. Also cleaning up the older version.
14
15 *hardened-sources-2.6.18-r5 (06 Mar 2007)
16
17 06 Mar 2007; Christian Heim <phreak@gentoo.org>
18 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
19 +hardened-sources-2.6.18-r5.ebuild:
20 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
21 Linux 2.6.18.8. Also cleaning up the older version.
22
23 24 Feb 2007; Christian Heim <phreak@gentoo.org>
24 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
25 -hardened-sources-2.6.19-r5.ebuild:
26 Removing some of the old version, that didn't work.
27
28 *hardened-sources-2.6.19-r6 (12 Feb 2007)
29
30 12 Feb 2007; Christian Heim <phreak@gentoo.org>
31 +hardened-sources-2.6.19-r6.ebuild:
32 Revision bump, including a new grsec version fixing #166235.
33
34 *hardened-sources-2.4.34 (24 Jan 2007)
35
36 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
37 Manifest:
38 updating Manifest with checksums of new tarball and ebuild
39
40 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
41 +hardened-sources-2.4.34.ebuild:
42 I added new hardened sources 2.4 update, this is a critical path
43 security bugfix - all users of h-s are strongly advised
44 to update their existing hardened sources to this version.
45 It contains a fix for a kernel vulnerability that is pertaining
46 to the PaX changes to virtual memory management, possibly leading
47 to a local kernel exploit ... see grsecurity.net forums and homepage
48
49 23 Jan 2007; Christian Heim <phreak@gentoo.org>
50 files/digest-hardened-sources-2.6.19-r5, Manifest:
51 Fixing the patch-tarball digest.
52
53 *hardened-sources-2.6.19-r5 (23 Jan 2007)
54
55 23 Jan 2007; Christian Heim <phreak@gentoo.org>
56 +hardened-sources-2.6.19-r5.ebuild:
57 Revision bump, closing the recently discovered PaX expand_stack()
58 vulnerability.
59
60 *hardened-sources-2.6.19-r4 (14 Jan 2007)
61
62 14 Jan 2007; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.6.19-r4.ebuild:
64 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
65 dropping the randomized PID feature.
66
67 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
68 hardened-sources-2.4.33.4.ebuild:
69 stable x86, bug #161171
70
71 *hardened-sources-2.6.19-r3 (27 Dec 2006)
72
73 27 Dec 2006; Christian Heim <phreak@gentoo.org>
74 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
75 Revision bump for bug #157186 and #158786.
76
77 *hardened-sources-2.6.18-r4 (27 Dec 2006)
78
79 27 Dec 2006; Christian Heim <phreak@gentoo.org>
80 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
81 Revision bump for bug #157186.
82
83 *hardened-sources-2.6.19-r2 (23 Dec 2006)
84
85 23 Dec 2006; Christian Heim <phreak@gentoo.org>
86 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
87 Revision bump to pull in genpatches-2.6.19-3 for #157186.
88
89 17 Dec 2006; Christian Heim <phreak@gentoo.org>
90 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
91 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
92 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
93 hardened-sources-2.6.19-r1.ebuild:
94 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
95 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
96
97 *hardened-sources-2.4.33.4 (17 Dec 2006)
98
99 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
100 +hardened-sources-2.4.33.4.ebuild:
101 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
102 and quilting
103
104 *hardened-sources-2.6.19-r1 (14 Dec 2006)
105
106 14 Dec 2006; Christian Heim <phreak@gentoo.org>
107 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
108 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
109 for reporting).
110
111 *hardened-sources-2.6.19 (13 Dec 2006)
112
113 13 Dec 2006; Christian Heim <phreak@gentoo.org>
114 +hardened-sources-2.6.19.ebuild:
115 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
116 Brad for providing that prompt update.
117
118 *hardened-sources-2.6.18-r3 (13 Dec 2006)
119
120 13 Dec 2006; Christian Heim <phreak@gentoo.org>
121 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
122 +hardened-sources-2.6.18-r3.ebuild:
123 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
124 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
125
126 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
127 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
128
129 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
130 Stable on ppc wrt bug 157356
131
132 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
133 hardened-sources-2.6.18.ebuild:
134 stable x86, bug #157356
135
136 *hardened-sources-2.6.18-r2 (06 Dec 2006)
137
138 06 Dec 2006; Christian Heim <phreak@gentoo.org>
139 +hardened-sources-2.6.18-r2.ebuild:
140 Revision bump, including 2.6.18.5 (via genpatches) and
141 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
142 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
143 redesign.
144
145 06 Dec 2006; Christian Heim <phreak@gentoo.org>
146 hardened-sources-2.6.18.ebuild:
147 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
148 of Mike Doty).
149
150 *hardened-sources-2.6.18-r1 (23 Nov 2006)
151
152 23 Nov 2006; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.18-r1.ebuild:
154 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
155
156 *hardened-sources-2.6.18 (11 Nov 2006)
157
158 11 Nov 2006; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.18.ebuild:
160 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
161
162 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
163 - mark amd64 stable also. bug #151877
164
165 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
166 - mark 2.6.17-r1 stable
167
168 27 Aug 2006; Christian Heim <phreak@gentoo.org>
169 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
170 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
171
172 *hardened-sources-2.6.17-r1 (26 Aug 2006)
173
174 26 Aug 2006; Christian Heim <phreak@gentoo.org>
175 +hardened-sources-2.6.17-r1.ebuild:
176 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
177 grsecurity patch.
178
179 *hardened-sources-2.6.17 (17 Aug 2006)
180
181 17 Aug 2006; Christian Heim <phreak@gentoo.org>
182 +hardened-sources-2.6.17.ebuild:
183 Bumping the hardened-sources-2.6 series to 2.6.17, using
184 genpatches-2.6.17-6.base.
185
186 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
187 - stable on x86 and amd64
188
189 *hardened-sources-2.6.16-r11 (15 Jul 2006)
190
191 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
192 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
193 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
194 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
195 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
196 crusty ebuilds
197
198 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
199 hardened-sources-2.6.16-r10.ebuild:
200 marking stable on x86 and amd64
201
202 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
203 - 2.4.32-r6 stable on x86. RSBAC state unknown
204
205 *hardened-sources-2.4.32-r7 (10 Jul 2006)
206
207 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
208 +hardened-sources-2.4.32-r7.ebuild:
209 Bump PaX for RSBAC to test-17
210
211 *hardened-sources-2.6.16-r9 (03 Jul 2006)
212
213 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
214 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
215 hardened-sources-2.6.16 bump to latest -base.
216
217 *hardened-sources-2.4.32-r6 (30 Jun 2006)
218
219 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
220 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
221 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
222 sysctl controlable resource logging
223
224 *hardened-sources-2.6.16-r7 (05 Jun 2006)
225
226 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
227 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
228 push new 2.6.16 release in preparation for stable
229
230 22 May 2006; <solar@gentoo.org> :
231 - redigest bug 134002
232
233 *hardened-sources-2.4.32-r5 (16 May 2006)
234
235 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
236 +hardened-sources-2.4.32-r5.ebuild:
237 Fixes rsbac common patching (new patch in new -r5 patchset)
238
239 *hardened-sources-2.4.32-r4 (13 May 2006)
240
241 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
242 +hardened-sources-2.4.32-r4.ebuild:
243 - security bumps
244
245 *hardened-sources-2.6.16-r6 (03 May 2006)
246
247 03 May 2006; John Mylchreest <johnm@gentoo.org>
248 +hardened-sources-2.6.16-r6.ebuild:
249 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
250
251 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
252 hardened-sources-2.6.14-r8.ebuild:
253 fix x86_64 build problem, this will delay the digest issue again for a short
254 while but it will sort itself out
255
256 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
257 hardened-sources-2.6.14-r8.ebuild:
258 bump hardened patchset
259
260 27 Apr 2006; Alec Warner <antarus@gentoo.org>
261 files/digest-hardened-sources-2.4.32-r2,
262 files/digest-hardened-sources-2.4.32-r3,
263 files/digest-hardened-sources-2.6.14-r8, Manifest:
264 Fixing duff SHA256 digests: Bug # 131293
265
266 *hardened-sources-2.6.16-r5 (27 Apr 2006)
267
268 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
269 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
270 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
271 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
272 cleanup of old uneccessary sources
273
274 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
275 fix digest
276
277 *hardened-sources-2.6.14-r8 (20 Apr 2006)
278
279 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
280 +hardened-sources-2.6.14-r8.ebuild:
281 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
282
283 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
284 Turning on gpg-signing again, and recomitting
285
286 *hardened-sources-2.6.16-r4 (20 Apr 2006)
287
288 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
289 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
290 +hardened-sources-2.6.16-r4.ebuild:
291 Fix numerous security vulns
292
293 *hardened-sources-2.4.32-r3 (16 Apr 2006)
294
295 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
296 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
297 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
298 - security bump for bug #112791. Removed old ebuilds
299
300 *hardened-sources-2.6.16-r3 (15 Apr 2006)
301
302 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
303 +hardened-sources-2.6.16-r3.ebuild:
304 Removing silly localversion which I missed
305
306 *hardened-sources-2.6.14-r7 (14 Apr 2006)
307
308 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
309 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
310 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
311
312 *hardened-sources-2.6.16-r2 (13 Apr 2006)
313
314 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
315 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
316 +hardened-sources-2.6.16-r2.ebuild:
317 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
318 labels, dropping USERGROUP define fixes, since these were merged mainstream.
319
320 *hardened-sources-2.6.16-r1 (11 Apr 2006)
321
322 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
323 +hardened-sources-2.6.16-r1.ebuild:
324 Bumping to include ppc build fix and 2.6.16.3
325
326 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
327 hardened-sources-2.6.14-r6.ebuild:
328 Stable on x86; bug #127718
329
330 *hardened-sources-2.6.16 (31 Mar 2006)
331
332 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
333 +hardened-sources-2.6.16.ebuild:
334 Bumping to new version of grsec, and kernel base. New squashfs. Based on
335 2.6.16.1
336
337 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
338 hardened-sources-2.6.14-r6.ebuild:
339 Stable on amd64, bug 127718.
340
341 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
342 Stable on ppc. Bug #127718
343
344 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
345 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
346 -hardened-sources-2.6.14-r4.ebuild:
347 Cleanup.
348
349 *hardened-sources-2.6.14-r6 (15 Mar 2006)
350
351 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
352 +hardened-sources-2.6.14-r6.ebuild:
353 Fixes grsec policy recreation bug and adds a
354 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
355
356 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
357 - stable on x86
358
359 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
360 hardened-sources-2.6.14-r5.ebuild:
361 Stable on ppc.
362
363 *hardened-sources-2.6.14-r5 (01 Feb 2006)
364
365 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
366 +hardened-sources-2.6.14-r5.ebuild:
367 fixing every known exploit
368
369 *hardened-sources-2.4.32-r2 (26 Jan 2006)
370
371 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
372 +hardened-sources-2.4.32-r2.ebuild:
373 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
374
375 *hardened-sources-2.6.14-r4 (12 Jan 2006)
376
377 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
378 - version bump for new genpatches which fix up a few sec holes
379
380 *hardened-sources-2.4.32-r1 (05 Jan 2006)
381
382 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
383 - revision bump to add misc vital linux kernel security patches.
384
385 *hardened-sources-2.6.14-r3 (30 Dec 2005)
386
387 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
388 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
389 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
390
391 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
392 hardened-sources-2.6.14-r2.ebuild:
393 making x86 & amd64 stable following testing.
394
395 *hardened-sources-2.6.14-r2 (27 Dec 2005)
396
397 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
398 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
399 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
400 network hooks.
401
402 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
403 hardened-sources-2.6.14-r1.ebuild:
404 bumping to stable early for sec fix on x86 & amd64
405
406 *hardened-sources-2.6.14-r1 (05 Dec 2005)
407
408 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
409 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
410 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
411
412 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
413 - stable on x86 security bug #114227 CAN-2005-3257
414
415 *hardened-sources-2.4.32 (19 Nov 2005)
416
417 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
418 +hardened-sources-2.4.32.ebuild:
419 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
420 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
421 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
422 rsbac >> /etc/portage/package.use)
423
424 *hardened-sources-2.6.14 (14 Nov 2005)
425
426 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
427 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
428 Bumping 2.6 series to 2.6.14.2
429
430 *hardened-sources-2.6.13-r2 (20 Oct 2005)
431
432 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
433 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
434 +hardened-sources-2.6.13-r2.ebuild:
435 Fixes minor build error in ppc.
436
437 *hardened-sources-2.6.13-r1 (17 Oct 2005)
438
439 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
440 +hardened-sources-2.6.13-r1.ebuild:
441 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
442 2.6.13.4, fixes some major amd64 stability problems.
443
444 *hardened-sources-2.6.13 (16 Sep 2005)
445
446 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
447 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
448 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
449 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
450 users should test this thoroughly.
451
452 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
453 - stable on x86
454
455 *hardened-sources-2.6.11-r15 (27 Jun 2005)
456
457 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
458 +hardened-sources-2.6.11-r15.ebuild:
459 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
460 grsec redefining curr_ip struct.
461
462 *hardened-sources-2.4.31 (20 Jun 2005)
463
464 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
465 initial import of 2.4.31 tree
466
467 *hardened-sources-2.6.11-r14 (14 Jun 2005)
468
469 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
470 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
471 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
472 naming scheme to abide by genpatches
473
474 *hardened-sources-2.6.11-r13 (18 May 2005)
475
476 18 May 2005; John Mylchreest <johnm@gentoo.org>
477 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
478 Managed to mangle the Makefile patch from grsec, to miss out the grsec
479 target. sorry about that. Fixes bug #93022
480
481 *hardened-sources-2.6.11-r12 (17 May 2005)
482
483 17 May 2005; John Mylchreest <johnm@gentoo.org>
484 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
485 +hardened-sources-2.6.11-r12.ebuild:
486 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
487 merges in genpatches-base
488
489 *hardened-sources-2.6.11-r12 (17 May 2005)
490
491 17 May 2005; John Mylchreest <johnm@gentoo.org>
492 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
493 +hardened-sources-2.6.11-r12.ebuild:
494 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
495 merges in genpatches-base
496
497 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
498 -files/2.4.27-cmdline-race.patch,
499 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
500 -files/2.4.28-grsec-binfmt_a.out.patch,
501 -files/2.4.28-grsec-cmdline-race.patch,
502 -files/2.4.28-selinux-binfmt_a.out.patch,
503 -files/2.4.28-selinux-cmdline-race.patch,
504 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
505 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
506 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
507 cleanup..
508
509 *hardened-sources-2.4.30-r1 (21 Apr 2005)
510
511 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
512 - disable aout by default
513
514 *hardened-sources-2.4.30 (18 Apr 2005)
515
516 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
517 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
518 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
519 use
520
521 *hardened-sources-2.4.29 (30 Mar 2005)
522
523 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
524 +hardened-sources-2.4.29.ebuild:
525 New hardened-patches-2.4-29.0 patchball.
526 Removed SELinux support, upgraded GRSecurity to 2.1.4.
527
528 *hardened-sources-2.4.28-r5 (06 Mar 2005)
529
530 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
531 +hardened-sources-2.4.28-r5.ebuild:
532 Added a fix for a PaX vulnerability.
533
534 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
535 hardened-sources-2.4.28-r4.ebuild:
536 Stable on x86
537
538 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
539 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
540 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
541 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
542 - fixed/added RDEPEND= in all kernel-2 ebuilds
543
544 *hardened-sources-2.4.28-r4 (21 Jan 2005)
545
546 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547 +hardened-sources-2.4.28-r4.ebuild:
548 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
549 backport of neighbour hash updates.
550
551 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
552 hardened-sources-2.4.28-r3.ebuild:
553 Stable on x86
554
555 *hardened-sources-2.6.10-r3 (20 Jan 2005)
556
557 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
558 +hardened-sources-2.6.10-r3.ebuild:
559 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
560 in 2005.0
561
562 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
563 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
564 hardened-sources-2.4.28-r2.ebuild:
565 Mark stable on x86
566
567 *hardened-sources-2.4.28-r3 (17 Jan 2005)
568
569 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
570 +hardened-sources-2.4.28-r3.ebuild:
571 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
572
573 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
574 hardened-sources-2.4.28.ebuild:
575 Mark stable on x86.
576
577 *hardened-sources-2.4.28-r2 (13 Jan 2005)
578
579 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
580 +hardened-sources-2.4.28-r2.ebuild:
581 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
582 Mazinger for grsecurity patches as well.
583
584 *hardened-sources-2.4.28-r1 (23 Dec 2004)
585
586 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
587 Security bump. Thank tocharian for rolling a new patchset...
588
589 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
590 +files/2.4.28-grsec-cmdline-race.patch,
591 +files/2.4.28-selinux-binfmt_a.out.patch,
592 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
593 - Round up remaining security patches that appear to be missing in 2.4.28. -
594 PaX standalone updated to current. hgpv=28.1
595
596 *hardened-sources-2.4.28 (28 Nov 2004)
597
598 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
599 security bump. Thank tocharian for rolling a new patchset
600
601 *hardened-sources-2.4.27-r3 (08 Sep 2004)
602
603 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
604 +hardened-sources-2.4.27-r3.ebuild:
605 Applies the new 2.4-27.2 patchball which updates
606 GRSecurity to the 2.0.1 version.
607
608 *hardened-sources-2.4.27-r2 (31 Aug 2004)
609
610 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
611 +hardened-sources-2.4.27-r2.ebuild:
612 Version bump.
613 This version uses the new 2.4-27.1 patchball which updates
614 both the SELinux PaX hooks patch and the SELinux headers.
615
616 *hardened-sources-2.4.27-r1 (09 Aug 2004)
617
618 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
619 +hardened-sources-2.4.27-r1.ebuild,
620 -hardened-sources-2.4.27.ebuild,
621 +files/2.4.27-cmdline-race.patch:
622 Version bump, fix for cmdline race. See bug #59905.
623
624 *hardened-sources-2.4.26-r6 (09 Aug 2004)
625
626 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
627 +hardened-sources-2.4.26-r6.ebuild,
628 -hardened-sources-2.4.26-r5.ebuild,
629 -hardened-sources-2.4.26-r4.ebuild,
630 +files/2.4.26-cmdline-race.patch:
631 Version bump, fix for cmdline race. See bug #59905.
632
633 *hardened-sources-2.4.27 (08 Aug 2004)
634
635 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
636 +hardened-sources-2.4.27.ebuild,
637 +files/2.4.27-CAN-2004-0394.patch:
638 Ported the patchball to the 2.4.27 kernel version.
639
640 *hardened-sources-2.4.26-r5 (07 Aug 2004)
641
642 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
643 +hardened-sources-2.4.26-r5.ebuild:
644 Updated to use the new hardened-patches-2.4-26.1 patchball.
645 It adds the following features:
646 - Squashfs
647 - Ebtables
648 - Netdev random (core+drivers)
649 - Watchdog Timer (WDT) fix.
650
651 *hardened-sources-2.4.26-r4 (04 Aug 2004)
652
653 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
654 +hardened-sources-2.4.26-r4.ebuild,
655 +files/2.4.26-CAN-2004-0415.patch,
656 -hardened-sources-2.4.26-3:
657 Version bump, fix for CAN 0415, see bug #59378.
658
659 *hardened-sources-2.4.26-r3 (22 Jul 2004)
660
661 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
662 +hardened-sources-2.4.26-r3.ebuild,
663 +files/2.4.26-CAN-2004-0497.patch,
664 -hardened-sources-2.4.26-r2.ebuild:
665 Version bump, fixed CAN 0497, see bug #56171.
666
667 *hardened-sources-2.4.26-r2 (29 Jun 2004)
668
669 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
670 +hardened-sources-2.4.26-r2.ebuild,
671 +files/2.4.26-CAN-2004-0495.patch,
672 +files/2.4.26-CAN-2004-0535.patch,
673 -hardened-sources-2.4.26-r1.ebuild:
674 Fixes for both CAN 0495 and 0535, see bug #54976
675
676 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
677 hardened-sources-2.4.26-r1.ebuild:
678 QA - fix use invocation
679
680 *hardened-sources-2.4.26-r1 (22 June 2004)
681
682 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
683 +hardened-sources-2.4.26-r1.ebuild,
684 +files/2.4.26-CAN-2004-0394.patch,
685 +files/2.4.26-signal-race.patch,
686 -hardened-sources-2.4.26.ebuild,
687 -hardened-sources-2.4.24-r3.ebuild:
688 Version bump for the CAN-2004-0394 issue and bug #53804
689 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
690
691
692 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
693 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
694 Masked hardened-sources-2.4.26.ebuild broken for ppc
695
696 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
697 hardened-sources-2.4.24-r3.ebuild:
698 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
699
700 *hardened-sources-2.4.26 (29 May 2004)
701
702 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
703 +hardened-sources-2.4.26.ebuild:
704 Updated hardened-sources for the 2.4.26 kernel
705 Removed broken components, updated almost everything.
706
707 *hardened-sources-2.4.24-r3 (17 Apr 2004)
708
709 17 Apr 2004; <plasmaroo@gentoo.org>
710 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
711 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
712 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
713 +hardened-sources-2.4.24-r3.ebuild:
714 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
715 vulnerabilities. Old revisions removed.
716
717 *hardened-sources-2.4.24-r2 (15 Apr 2004)
718
719 15 Apr 2004; <plasmaroo@gentoo.org>
720 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
721 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
722 Version bump for the CAN-2004-0109 issue; bug #47881.
723
724 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
725 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
726 Add eutils to inherit.
727
728 *hardened-sources-2.4.24-r1 (19 Feb 2004)
729
730 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
731 files/hardened-sources-2.4.24.munmap.patch:
732 Added the patch for the mremap/munmap vulnerability. Bug #42024.
733
734 *hardened-sources-2.4.24 (06 Feb 2004)
735
736 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
737 hardened-sources-2.4.24.ebuild:
738 Version bump, updated most of the components.
739 This release includes the following:
740
741 - Hardened security
742 - Netfilter patch-o-matic 20031219
743 - FreeSWAN 2.04 & x509 1.4.8
744 - EVMS 2.2.2
745 - XFS 1.3.1
746 - cryptoloop jari
747 - grsecurity 2.0-rc4
748 - SELinux
749 - PaX 200402060000
750 - PaX Obscurity 200308302223
751 - Others...
752
753 Neither -ck nor systrace are included anymore.
754
755 *hardened-sources-2.4.22-r2 (05 Jan 2004)
756
757 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
758 hardened-sources-2.4.22-r2.ebuild:
759 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
760
761 *hardened-sources-2.4.22-r1 (02 Dec 2003)
762
763 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
764 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
765
766 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
767 hardened-sources-2.4.22-r1.ebuild:
768 Version bump for the 'do_brk' vulnerability.
769
770 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
771 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
772 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
773 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
774 Fix the 'do_brk' vulnerability.
775
776 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
777 hardened-sources-2.4.22.ebuild:
778 - Removed the src_install() portion for SELinux flask
779 components. These are no longer handled in the kernel
780 so this code was not necessary.
781
782 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
783 New 2.4.22 based hardened-sources thanks to
784 Phil West <p.west@computer.org>.
785
786 These sources include:
787 - New SELinux API
788 - Updated CK-base
789 - Updated GRSec
790 - Systrace
791 - SuperFreeS/WAN 1.99.8
792 - Propolice kernel build support
793 - EVMS
794 - Other various security related patches
795
796 *hardened-sources-2.4.21 (14 Sep 2003)
797
798 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
799 Updated hardened-sources based on the 2.4.21 Linux kernel.
800 This includes updates to most major components such as:
801 - ck-base-0306300059
802 - selinux-2.4-2003071106
803 - grsecurity-2.0-rc1
804 - Updated IPTables patch-o-matic
805 - Updated SuperFreeS/WAN
806
807 Thanks to Phil West <pwest@computer.org> for his work in getting this
808 updated patch set ready for the 2.4.21 based kernel.
809
810 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
811 Initial import of hardened-sources-2.4.20-r4. This revision
812 includes only a few changes, but one of these is an important
813 security fix. It is recommended all users of hardened-sources
814 upgrade to this release.
815
816 - ioperm bug fix
817 - fixed compilation failure when building without GRSec
818
819 SAL (Secure Auditing for Linux) is NOT included in this revision
820 due to time constraints, but is planned for inclusion in the near
821 future.
822
823 *hardened-sources-2.4.20-r2 (12 Jun 2003)
824
825 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
826 hardened-sources-2.4.20-r3.ebuild:
827 Add Header...
828
829 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
830 hardened-sources-2.4.20-r3.ebuild:
831 Removed warnings from ebuild. This kernel should be safe to
832 use at this point.
833
834 *hardened-sources-2.4.20-r3 (08 Jun 2003)
835
836 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
837 hardened-sources-2.4.20-r3.ebuild:
838 New revision. Includes the following changes over -r2:
839
840 - ck7-base (O(1), preempt, low latency)
841 - Super FreeS/WAN 1.99.7rc2
842 - PaX for the LSM/SELinux branch
843 - GRSecurity 2.0-pre4 (role based access control)
844 - Systrace 1.3
845 - EXT3 fixes
846 - EVMS 2.0.1
847 - GCC 3.1+ compile optimizations
848 - ProPolice kernel build support
849 - Hashing table security fixes
850
851 *hardened-sources-2.4.20-r1 (09 Apr 2003)
852
853 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
854 Initial import of hardened-sources-r2. This new
855 ebuild includes many new performance and security
856 related patches. As in -r1, it will patch in
857 LSM/SELinux if "selinux" is in USE, otherwise it
858 will patch in GRSecurity. The following patches
859 are included in this revision:
860
861 - O(1) Scheduler, Low Latency, and Preempt
862 (pulled from the base CK patch)
863 - ptrace exploit patch for the LSM kernel
864 (the GRSec patch already fixes this)
865 - LSM 2.4-2003040709
866 - SELinux 2.4-2003040709
867 - Systrace v1.2
868 - IPTables patch-o-matic base patches - 20030107
869 - CryptoAPI 2.4.20.1 w/ loop-jari patch
870 - Super FreeS/WAN 1.99.6.1
871 - GRSecurity 1.9.9g
872 - MPPE
873 - EXT3 data journal fix
874 - CIPE 1.5.4
875
876 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
877 hardened-sources-2.4.20-r1.ebuild, manifest:
878 Updated to install flask components correctly for selinux.
879
880 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
881 hardened-sources-2.4.20-r1.ebuild:
882 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
883 is patched in instead. Ptrace patches for selinux have also been added. In
884 either case, systrace support will be patched in as well.
885
886 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
887 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
888 Revision bump for new sources.
889
890 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
891 hardened-sources-2.4.20-r1.ebuild:
892 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
893
894 *hardened-sources-2.4.20 (30 Mar 2003)
895
896 30 Mar 2003; Joshua Brindle <method@gentoo.org>
897 hardened-sources-2.4.20.ebuild:
898 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20