/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.141 - (show annotations) (download)
Fri Mar 16 15:52:17 2007 UTC (7 years, 4 months ago) by chainsaw
Branch: MAIN
Changes since 1.140: +5 -1 lines
Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
(Portage version: 2.1.2.2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.140 2007/03/16 13:49:58 phreak Exp $
4
5 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
6 hardened-sources-2.6.18-r6.ebuild:
7 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
8
9 *hardened-sources-2.6.18-r6 (16 Mar 2007)
10
11 16 Mar 2007; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
13 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
14 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
15 supposed to be.
16
17 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
18 Fixing the Manifest, the previous one was broken (as in still had the
19 deleted ebuild in it).
20
21 06 Mar 2007; Christian Heim <phreak@gentoo.org>
22 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
23 +hardened-sources-2.6.18-r5.ebuild:
24 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
25 Linux 2.6.18.8. Also cleaning up the older version.
26
27 *hardened-sources-2.6.18-r5 (06 Mar 2007)
28
29 06 Mar 2007; Christian Heim <phreak@gentoo.org>
30 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
31 +hardened-sources-2.6.18-r5.ebuild:
32 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
33 Linux 2.6.18.8. Also cleaning up the older version.
34
35 24 Feb 2007; Christian Heim <phreak@gentoo.org>
36 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
37 -hardened-sources-2.6.19-r5.ebuild:
38 Removing some of the old version, that didn't work.
39
40 *hardened-sources-2.6.19-r6 (12 Feb 2007)
41
42 12 Feb 2007; Christian Heim <phreak@gentoo.org>
43 +hardened-sources-2.6.19-r6.ebuild:
44 Revision bump, including a new grsec version fixing #166235.
45
46 *hardened-sources-2.4.34 (24 Jan 2007)
47
48 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
49 Manifest:
50 updating Manifest with checksums of new tarball and ebuild
51
52 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
53 +hardened-sources-2.4.34.ebuild:
54 I added new hardened sources 2.4 update, this is a critical path
55 security bugfix - all users of h-s are strongly advised
56 to update their existing hardened sources to this version.
57 It contains a fix for a kernel vulnerability that is pertaining
58 to the PaX changes to virtual memory management, possibly leading
59 to a local kernel exploit ... see grsecurity.net forums and homepage
60
61 23 Jan 2007; Christian Heim <phreak@gentoo.org>
62 files/digest-hardened-sources-2.6.19-r5, Manifest:
63 Fixing the patch-tarball digest.
64
65 *hardened-sources-2.6.19-r5 (23 Jan 2007)
66
67 23 Jan 2007; Christian Heim <phreak@gentoo.org>
68 +hardened-sources-2.6.19-r5.ebuild:
69 Revision bump, closing the recently discovered PaX expand_stack()
70 vulnerability.
71
72 *hardened-sources-2.6.19-r4 (14 Jan 2007)
73
74 14 Jan 2007; Christian Heim <phreak@gentoo.org>
75 +hardened-sources-2.6.19-r4.ebuild:
76 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
77 dropping the randomized PID feature.
78
79 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
80 hardened-sources-2.4.33.4.ebuild:
81 stable x86, bug #161171
82
83 *hardened-sources-2.6.19-r3 (27 Dec 2006)
84
85 27 Dec 2006; Christian Heim <phreak@gentoo.org>
86 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
87 Revision bump for bug #157186 and #158786.
88
89 *hardened-sources-2.6.18-r4 (27 Dec 2006)
90
91 27 Dec 2006; Christian Heim <phreak@gentoo.org>
92 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
93 Revision bump for bug #157186.
94
95 *hardened-sources-2.6.19-r2 (23 Dec 2006)
96
97 23 Dec 2006; Christian Heim <phreak@gentoo.org>
98 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
99 Revision bump to pull in genpatches-2.6.19-3 for #157186.
100
101 17 Dec 2006; Christian Heim <phreak@gentoo.org>
102 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
103 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
104 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
105 hardened-sources-2.6.19-r1.ebuild:
106 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
107 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
108
109 *hardened-sources-2.4.33.4 (17 Dec 2006)
110
111 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
112 +hardened-sources-2.4.33.4.ebuild:
113 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
114 and quilting
115
116 *hardened-sources-2.6.19-r1 (14 Dec 2006)
117
118 14 Dec 2006; Christian Heim <phreak@gentoo.org>
119 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
120 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
121 for reporting).
122
123 *hardened-sources-2.6.19 (13 Dec 2006)
124
125 13 Dec 2006; Christian Heim <phreak@gentoo.org>
126 +hardened-sources-2.6.19.ebuild:
127 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
128 Brad for providing that prompt update.
129
130 *hardened-sources-2.6.18-r3 (13 Dec 2006)
131
132 13 Dec 2006; Christian Heim <phreak@gentoo.org>
133 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
134 +hardened-sources-2.6.18-r3.ebuild:
135 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
136 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
137
138 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
139 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
140
141 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
142 Stable on ppc wrt bug 157356
143
144 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
145 hardened-sources-2.6.18.ebuild:
146 stable x86, bug #157356
147
148 *hardened-sources-2.6.18-r2 (06 Dec 2006)
149
150 06 Dec 2006; Christian Heim <phreak@gentoo.org>
151 +hardened-sources-2.6.18-r2.ebuild:
152 Revision bump, including 2.6.18.5 (via genpatches) and
153 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
154 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
155 redesign.
156
157 06 Dec 2006; Christian Heim <phreak@gentoo.org>
158 hardened-sources-2.6.18.ebuild:
159 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
160 of Mike Doty).
161
162 *hardened-sources-2.6.18-r1 (23 Nov 2006)
163
164 23 Nov 2006; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.18-r1.ebuild:
166 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
167
168 *hardened-sources-2.6.18 (11 Nov 2006)
169
170 11 Nov 2006; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.18.ebuild:
172 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
173
174 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
175 - mark amd64 stable also. bug #151877
176
177 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
178 - mark 2.6.17-r1 stable
179
180 27 Aug 2006; Christian Heim <phreak@gentoo.org>
181 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
182 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
183
184 *hardened-sources-2.6.17-r1 (26 Aug 2006)
185
186 26 Aug 2006; Christian Heim <phreak@gentoo.org>
187 +hardened-sources-2.6.17-r1.ebuild:
188 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
189 grsecurity patch.
190
191 *hardened-sources-2.6.17 (17 Aug 2006)
192
193 17 Aug 2006; Christian Heim <phreak@gentoo.org>
194 +hardened-sources-2.6.17.ebuild:
195 Bumping the hardened-sources-2.6 series to 2.6.17, using
196 genpatches-2.6.17-6.base.
197
198 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
199 - stable on x86 and amd64
200
201 *hardened-sources-2.6.16-r11 (15 Jul 2006)
202
203 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
204 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
205 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
206 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
207 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
208 crusty ebuilds
209
210 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
211 hardened-sources-2.6.16-r10.ebuild:
212 marking stable on x86 and amd64
213
214 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
215 - 2.4.32-r6 stable on x86. RSBAC state unknown
216
217 *hardened-sources-2.4.32-r7 (10 Jul 2006)
218
219 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
220 +hardened-sources-2.4.32-r7.ebuild:
221 Bump PaX for RSBAC to test-17
222
223 *hardened-sources-2.6.16-r9 (03 Jul 2006)
224
225 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
226 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
227 hardened-sources-2.6.16 bump to latest -base.
228
229 *hardened-sources-2.4.32-r6 (30 Jun 2006)
230
231 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
232 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
233 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
234 sysctl controlable resource logging
235
236 *hardened-sources-2.6.16-r7 (05 Jun 2006)
237
238 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
239 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
240 push new 2.6.16 release in preparation for stable
241
242 22 May 2006; <solar@gentoo.org> :
243 - redigest bug 134002
244
245 *hardened-sources-2.4.32-r5 (16 May 2006)
246
247 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
248 +hardened-sources-2.4.32-r5.ebuild:
249 Fixes rsbac common patching (new patch in new -r5 patchset)
250
251 *hardened-sources-2.4.32-r4 (13 May 2006)
252
253 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
254 +hardened-sources-2.4.32-r4.ebuild:
255 - security bumps
256
257 *hardened-sources-2.6.16-r6 (03 May 2006)
258
259 03 May 2006; John Mylchreest <johnm@gentoo.org>
260 +hardened-sources-2.6.16-r6.ebuild:
261 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
262
263 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
264 hardened-sources-2.6.14-r8.ebuild:
265 fix x86_64 build problem, this will delay the digest issue again for a short
266 while but it will sort itself out
267
268 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
269 hardened-sources-2.6.14-r8.ebuild:
270 bump hardened patchset
271
272 27 Apr 2006; Alec Warner <antarus@gentoo.org>
273 files/digest-hardened-sources-2.4.32-r2,
274 files/digest-hardened-sources-2.4.32-r3,
275 files/digest-hardened-sources-2.6.14-r8, Manifest:
276 Fixing duff SHA256 digests: Bug # 131293
277
278 *hardened-sources-2.6.16-r5 (27 Apr 2006)
279
280 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
281 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
282 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
283 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
284 cleanup of old uneccessary sources
285
286 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
287 fix digest
288
289 *hardened-sources-2.6.14-r8 (20 Apr 2006)
290
291 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
292 +hardened-sources-2.6.14-r8.ebuild:
293 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
294
295 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
296 Turning on gpg-signing again, and recomitting
297
298 *hardened-sources-2.6.16-r4 (20 Apr 2006)
299
300 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
301 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
302 +hardened-sources-2.6.16-r4.ebuild:
303 Fix numerous security vulns
304
305 *hardened-sources-2.4.32-r3 (16 Apr 2006)
306
307 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
308 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
309 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
310 - security bump for bug #112791. Removed old ebuilds
311
312 *hardened-sources-2.6.16-r3 (15 Apr 2006)
313
314 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
315 +hardened-sources-2.6.16-r3.ebuild:
316 Removing silly localversion which I missed
317
318 *hardened-sources-2.6.14-r7 (14 Apr 2006)
319
320 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
321 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
322 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
323
324 *hardened-sources-2.6.16-r2 (13 Apr 2006)
325
326 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
327 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
328 +hardened-sources-2.6.16-r2.ebuild:
329 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
330 labels, dropping USERGROUP define fixes, since these were merged mainstream.
331
332 *hardened-sources-2.6.16-r1 (11 Apr 2006)
333
334 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
335 +hardened-sources-2.6.16-r1.ebuild:
336 Bumping to include ppc build fix and 2.6.16.3
337
338 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
339 hardened-sources-2.6.14-r6.ebuild:
340 Stable on x86; bug #127718
341
342 *hardened-sources-2.6.16 (31 Mar 2006)
343
344 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
345 +hardened-sources-2.6.16.ebuild:
346 Bumping to new version of grsec, and kernel base. New squashfs. Based on
347 2.6.16.1
348
349 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
350 hardened-sources-2.6.14-r6.ebuild:
351 Stable on amd64, bug 127718.
352
353 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
354 Stable on ppc. Bug #127718
355
356 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
357 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
358 -hardened-sources-2.6.14-r4.ebuild:
359 Cleanup.
360
361 *hardened-sources-2.6.14-r6 (15 Mar 2006)
362
363 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
364 +hardened-sources-2.6.14-r6.ebuild:
365 Fixes grsec policy recreation bug and adds a
366 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
367
368 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
369 - stable on x86
370
371 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
372 hardened-sources-2.6.14-r5.ebuild:
373 Stable on ppc.
374
375 *hardened-sources-2.6.14-r5 (01 Feb 2006)
376
377 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
378 +hardened-sources-2.6.14-r5.ebuild:
379 fixing every known exploit
380
381 *hardened-sources-2.4.32-r2 (26 Jan 2006)
382
383 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
384 +hardened-sources-2.4.32-r2.ebuild:
385 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
386
387 *hardened-sources-2.6.14-r4 (12 Jan 2006)
388
389 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
390 - version bump for new genpatches which fix up a few sec holes
391
392 *hardened-sources-2.4.32-r1 (05 Jan 2006)
393
394 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
395 - revision bump to add misc vital linux kernel security patches.
396
397 *hardened-sources-2.6.14-r3 (30 Dec 2005)
398
399 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
400 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
401 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
402
403 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
404 hardened-sources-2.6.14-r2.ebuild:
405 making x86 & amd64 stable following testing.
406
407 *hardened-sources-2.6.14-r2 (27 Dec 2005)
408
409 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
410 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
411 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
412 network hooks.
413
414 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
415 hardened-sources-2.6.14-r1.ebuild:
416 bumping to stable early for sec fix on x86 & amd64
417
418 *hardened-sources-2.6.14-r1 (05 Dec 2005)
419
420 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
421 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
422 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
423
424 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
425 - stable on x86 security bug #114227 CAN-2005-3257
426
427 *hardened-sources-2.4.32 (19 Nov 2005)
428
429 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
430 +hardened-sources-2.4.32.ebuild:
431 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
432 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
433 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
434 rsbac >> /etc/portage/package.use)
435
436 *hardened-sources-2.6.14 (14 Nov 2005)
437
438 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
439 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
440 Bumping 2.6 series to 2.6.14.2
441
442 *hardened-sources-2.6.13-r2 (20 Oct 2005)
443
444 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
445 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
446 +hardened-sources-2.6.13-r2.ebuild:
447 Fixes minor build error in ppc.
448
449 *hardened-sources-2.6.13-r1 (17 Oct 2005)
450
451 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
452 +hardened-sources-2.6.13-r1.ebuild:
453 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
454 2.6.13.4, fixes some major amd64 stability problems.
455
456 *hardened-sources-2.6.13 (16 Sep 2005)
457
458 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
459 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
460 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
461 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
462 users should test this thoroughly.
463
464 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
465 - stable on x86
466
467 *hardened-sources-2.6.11-r15 (27 Jun 2005)
468
469 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
470 +hardened-sources-2.6.11-r15.ebuild:
471 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
472 grsec redefining curr_ip struct.
473
474 *hardened-sources-2.4.31 (20 Jun 2005)
475
476 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
477 initial import of 2.4.31 tree
478
479 *hardened-sources-2.6.11-r14 (14 Jun 2005)
480
481 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
482 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
483 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
484 naming scheme to abide by genpatches
485
486 *hardened-sources-2.6.11-r13 (18 May 2005)
487
488 18 May 2005; John Mylchreest <johnm@gentoo.org>
489 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
490 Managed to mangle the Makefile patch from grsec, to miss out the grsec
491 target. sorry about that. Fixes bug #93022
492
493 *hardened-sources-2.6.11-r12 (17 May 2005)
494
495 17 May 2005; John Mylchreest <johnm@gentoo.org>
496 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
497 +hardened-sources-2.6.11-r12.ebuild:
498 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
499 merges in genpatches-base
500
501 *hardened-sources-2.6.11-r12 (17 May 2005)
502
503 17 May 2005; John Mylchreest <johnm@gentoo.org>
504 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
505 +hardened-sources-2.6.11-r12.ebuild:
506 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
507 merges in genpatches-base
508
509 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
510 -files/2.4.27-cmdline-race.patch,
511 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
512 -files/2.4.28-grsec-binfmt_a.out.patch,
513 -files/2.4.28-grsec-cmdline-race.patch,
514 -files/2.4.28-selinux-binfmt_a.out.patch,
515 -files/2.4.28-selinux-cmdline-race.patch,
516 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
517 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
518 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
519 cleanup..
520
521 *hardened-sources-2.4.30-r1 (21 Apr 2005)
522
523 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
524 - disable aout by default
525
526 *hardened-sources-2.4.30 (18 Apr 2005)
527
528 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
529 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
530 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
531 use
532
533 *hardened-sources-2.4.29 (30 Mar 2005)
534
535 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
536 +hardened-sources-2.4.29.ebuild:
537 New hardened-patches-2.4-29.0 patchball.
538 Removed SELinux support, upgraded GRSecurity to 2.1.4.
539
540 *hardened-sources-2.4.28-r5 (06 Mar 2005)
541
542 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
543 +hardened-sources-2.4.28-r5.ebuild:
544 Added a fix for a PaX vulnerability.
545
546 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
547 hardened-sources-2.4.28-r4.ebuild:
548 Stable on x86
549
550 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
551 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
552 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
553 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
554 - fixed/added RDEPEND= in all kernel-2 ebuilds
555
556 *hardened-sources-2.4.28-r4 (21 Jan 2005)
557
558 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
559 +hardened-sources-2.4.28-r4.ebuild:
560 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
561 backport of neighbour hash updates.
562
563 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
564 hardened-sources-2.4.28-r3.ebuild:
565 Stable on x86
566
567 *hardened-sources-2.6.10-r3 (20 Jan 2005)
568
569 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
570 +hardened-sources-2.6.10-r3.ebuild:
571 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
572 in 2005.0
573
574 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
575 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
576 hardened-sources-2.4.28-r2.ebuild:
577 Mark stable on x86
578
579 *hardened-sources-2.4.28-r3 (17 Jan 2005)
580
581 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
582 +hardened-sources-2.4.28-r3.ebuild:
583 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
584
585 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
586 hardened-sources-2.4.28.ebuild:
587 Mark stable on x86.
588
589 *hardened-sources-2.4.28-r2 (13 Jan 2005)
590
591 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
592 +hardened-sources-2.4.28-r2.ebuild:
593 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
594 Mazinger for grsecurity patches as well.
595
596 *hardened-sources-2.4.28-r1 (23 Dec 2004)
597
598 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
599 Security bump. Thank tocharian for rolling a new patchset...
600
601 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
602 +files/2.4.28-grsec-cmdline-race.patch,
603 +files/2.4.28-selinux-binfmt_a.out.patch,
604 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
605 - Round up remaining security patches that appear to be missing in 2.4.28. -
606 PaX standalone updated to current. hgpv=28.1
607
608 *hardened-sources-2.4.28 (28 Nov 2004)
609
610 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
611 security bump. Thank tocharian for rolling a new patchset
612
613 *hardened-sources-2.4.27-r3 (08 Sep 2004)
614
615 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
616 +hardened-sources-2.4.27-r3.ebuild:
617 Applies the new 2.4-27.2 patchball which updates
618 GRSecurity to the 2.0.1 version.
619
620 *hardened-sources-2.4.27-r2 (31 Aug 2004)
621
622 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
623 +hardened-sources-2.4.27-r2.ebuild:
624 Version bump.
625 This version uses the new 2.4-27.1 patchball which updates
626 both the SELinux PaX hooks patch and the SELinux headers.
627
628 *hardened-sources-2.4.27-r1 (09 Aug 2004)
629
630 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
631 +hardened-sources-2.4.27-r1.ebuild,
632 -hardened-sources-2.4.27.ebuild,
633 +files/2.4.27-cmdline-race.patch:
634 Version bump, fix for cmdline race. See bug #59905.
635
636 *hardened-sources-2.4.26-r6 (09 Aug 2004)
637
638 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
639 +hardened-sources-2.4.26-r6.ebuild,
640 -hardened-sources-2.4.26-r5.ebuild,
641 -hardened-sources-2.4.26-r4.ebuild,
642 +files/2.4.26-cmdline-race.patch:
643 Version bump, fix for cmdline race. See bug #59905.
644
645 *hardened-sources-2.4.27 (08 Aug 2004)
646
647 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
648 +hardened-sources-2.4.27.ebuild,
649 +files/2.4.27-CAN-2004-0394.patch:
650 Ported the patchball to the 2.4.27 kernel version.
651
652 *hardened-sources-2.4.26-r5 (07 Aug 2004)
653
654 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
655 +hardened-sources-2.4.26-r5.ebuild:
656 Updated to use the new hardened-patches-2.4-26.1 patchball.
657 It adds the following features:
658 - Squashfs
659 - Ebtables
660 - Netdev random (core+drivers)
661 - Watchdog Timer (WDT) fix.
662
663 *hardened-sources-2.4.26-r4 (04 Aug 2004)
664
665 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
666 +hardened-sources-2.4.26-r4.ebuild,
667 +files/2.4.26-CAN-2004-0415.patch,
668 -hardened-sources-2.4.26-3:
669 Version bump, fix for CAN 0415, see bug #59378.
670
671 *hardened-sources-2.4.26-r3 (22 Jul 2004)
672
673 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
674 +hardened-sources-2.4.26-r3.ebuild,
675 +files/2.4.26-CAN-2004-0497.patch,
676 -hardened-sources-2.4.26-r2.ebuild:
677 Version bump, fixed CAN 0497, see bug #56171.
678
679 *hardened-sources-2.4.26-r2 (29 Jun 2004)
680
681 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
682 +hardened-sources-2.4.26-r2.ebuild,
683 +files/2.4.26-CAN-2004-0495.patch,
684 +files/2.4.26-CAN-2004-0535.patch,
685 -hardened-sources-2.4.26-r1.ebuild:
686 Fixes for both CAN 0495 and 0535, see bug #54976
687
688 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
689 hardened-sources-2.4.26-r1.ebuild:
690 QA - fix use invocation
691
692 *hardened-sources-2.4.26-r1 (22 June 2004)
693
694 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
695 +hardened-sources-2.4.26-r1.ebuild,
696 +files/2.4.26-CAN-2004-0394.patch,
697 +files/2.4.26-signal-race.patch,
698 -hardened-sources-2.4.26.ebuild,
699 -hardened-sources-2.4.24-r3.ebuild:
700 Version bump for the CAN-2004-0394 issue and bug #53804
701 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
702
703
704 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
705 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
706 Masked hardened-sources-2.4.26.ebuild broken for ppc
707
708 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
709 hardened-sources-2.4.24-r3.ebuild:
710 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
711
712 *hardened-sources-2.4.26 (29 May 2004)
713
714 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
715 +hardened-sources-2.4.26.ebuild:
716 Updated hardened-sources for the 2.4.26 kernel
717 Removed broken components, updated almost everything.
718
719 *hardened-sources-2.4.24-r3 (17 Apr 2004)
720
721 17 Apr 2004; <plasmaroo@gentoo.org>
722 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
723 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
724 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
725 +hardened-sources-2.4.24-r3.ebuild:
726 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
727 vulnerabilities. Old revisions removed.
728
729 *hardened-sources-2.4.24-r2 (15 Apr 2004)
730
731 15 Apr 2004; <plasmaroo@gentoo.org>
732 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
733 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
734 Version bump for the CAN-2004-0109 issue; bug #47881.
735
736 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
737 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
738 Add eutils to inherit.
739
740 *hardened-sources-2.4.24-r1 (19 Feb 2004)
741
742 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
743 files/hardened-sources-2.4.24.munmap.patch:
744 Added the patch for the mremap/munmap vulnerability. Bug #42024.
745
746 *hardened-sources-2.4.24 (06 Feb 2004)
747
748 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
749 hardened-sources-2.4.24.ebuild:
750 Version bump, updated most of the components.
751 This release includes the following:
752
753 - Hardened security
754 - Netfilter patch-o-matic 20031219
755 - FreeSWAN 2.04 & x509 1.4.8
756 - EVMS 2.2.2
757 - XFS 1.3.1
758 - cryptoloop jari
759 - grsecurity 2.0-rc4
760 - SELinux
761 - PaX 200402060000
762 - PaX Obscurity 200308302223
763 - Others...
764
765 Neither -ck nor systrace are included anymore.
766
767 *hardened-sources-2.4.22-r2 (05 Jan 2004)
768
769 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
770 hardened-sources-2.4.22-r2.ebuild:
771 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
772
773 *hardened-sources-2.4.22-r1 (02 Dec 2003)
774
775 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
776 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
777
778 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
779 hardened-sources-2.4.22-r1.ebuild:
780 Version bump for the 'do_brk' vulnerability.
781
782 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
783 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
784 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
785 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
786 Fix the 'do_brk' vulnerability.
787
788 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
789 hardened-sources-2.4.22.ebuild:
790 - Removed the src_install() portion for SELinux flask
791 components. These are no longer handled in the kernel
792 so this code was not necessary.
793
794 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
795 New 2.4.22 based hardened-sources thanks to
796 Phil West <p.west@computer.org>.
797
798 These sources include:
799 - New SELinux API
800 - Updated CK-base
801 - Updated GRSec
802 - Systrace
803 - SuperFreeS/WAN 1.99.8
804 - Propolice kernel build support
805 - EVMS
806 - Other various security related patches
807
808 *hardened-sources-2.4.21 (14 Sep 2003)
809
810 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
811 Updated hardened-sources based on the 2.4.21 Linux kernel.
812 This includes updates to most major components such as:
813 - ck-base-0306300059
814 - selinux-2.4-2003071106
815 - grsecurity-2.0-rc1
816 - Updated IPTables patch-o-matic
817 - Updated SuperFreeS/WAN
818
819 Thanks to Phil West <pwest@computer.org> for his work in getting this
820 updated patch set ready for the 2.4.21 based kernel.
821
822 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
823 Initial import of hardened-sources-2.4.20-r4. This revision
824 includes only a few changes, but one of these is an important
825 security fix. It is recommended all users of hardened-sources
826 upgrade to this release.
827
828 - ioperm bug fix
829 - fixed compilation failure when building without GRSec
830
831 SAL (Secure Auditing for Linux) is NOT included in this revision
832 due to time constraints, but is planned for inclusion in the near
833 future.
834
835 *hardened-sources-2.4.20-r2 (12 Jun 2003)
836
837 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
838 hardened-sources-2.4.20-r3.ebuild:
839 Add Header...
840
841 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
842 hardened-sources-2.4.20-r3.ebuild:
843 Removed warnings from ebuild. This kernel should be safe to
844 use at this point.
845
846 *hardened-sources-2.4.20-r3 (08 Jun 2003)
847
848 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
849 hardened-sources-2.4.20-r3.ebuild:
850 New revision. Includes the following changes over -r2:
851
852 - ck7-base (O(1), preempt, low latency)
853 - Super FreeS/WAN 1.99.7rc2
854 - PaX for the LSM/SELinux branch
855 - GRSecurity 2.0-pre4 (role based access control)
856 - Systrace 1.3
857 - EXT3 fixes
858 - EVMS 2.0.1
859 - GCC 3.1+ compile optimizations
860 - ProPolice kernel build support
861 - Hashing table security fixes
862
863 *hardened-sources-2.4.20-r1 (09 Apr 2003)
864
865 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
866 Initial import of hardened-sources-r2. This new
867 ebuild includes many new performance and security
868 related patches. As in -r1, it will patch in
869 LSM/SELinux if "selinux" is in USE, otherwise it
870 will patch in GRSecurity. The following patches
871 are included in this revision:
872
873 - O(1) Scheduler, Low Latency, and Preempt
874 (pulled from the base CK patch)
875 - ptrace exploit patch for the LSM kernel
876 (the GRSec patch already fixes this)
877 - LSM 2.4-2003040709
878 - SELinux 2.4-2003040709
879 - Systrace v1.2
880 - IPTables patch-o-matic base patches - 20030107
881 - CryptoAPI 2.4.20.1 w/ loop-jari patch
882 - Super FreeS/WAN 1.99.6.1
883 - GRSecurity 1.9.9g
884 - MPPE
885 - EXT3 data journal fix
886 - CIPE 1.5.4
887
888 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
889 hardened-sources-2.4.20-r1.ebuild, manifest:
890 Updated to install flask components correctly for selinux.
891
892 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
893 hardened-sources-2.4.20-r1.ebuild:
894 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
895 is patched in instead. Ptrace patches for selinux have also been added. In
896 either case, systrace support will be patched in as well.
897
898 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
899 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
900 Revision bump for new sources.
901
902 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
903 hardened-sources-2.4.20-r1.ebuild:
904 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
905
906 *hardened-sources-2.4.20 (30 Mar 2003)
907
908 30 Mar 2003; Joshua Brindle <method@gentoo.org>
909 hardened-sources-2.4.20.ebuild:
910 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20