/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.142 - (show annotations) (download)
Sun Mar 25 13:00:27 2007 UTC (7 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.141: +9 -1 lines
Finally a hardened-sources version for 2.6.20; many people have been waiting for this. Thanks to Steve for preliminary testing, thanks to Ned for the testbox.
(Portage version: 2.1.2.2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.141 2007/03/16 15:52:17 chainsaw Exp $
4
5 *hardened-sources-2.6.20 (25 Mar 2007)
6
7 25 Mar 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.20.ebuild:
9 Finally a hardened-sources version for 2.6.20; many people have been waiting
10 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
11 testbox.
12
13 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
14 hardened-sources-2.6.18-r6.ebuild:
15 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
16
17 *hardened-sources-2.6.18-r6 (16 Mar 2007)
18
19 16 Mar 2007; Christian Heim <phreak@gentoo.org>
20 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
21 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
22 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
23 supposed to be.
24
25 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
26 Fixing the Manifest, the previous one was broken (as in still had the
27 deleted ebuild in it).
28
29 06 Mar 2007; Christian Heim <phreak@gentoo.org>
30 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
31 +hardened-sources-2.6.18-r5.ebuild:
32 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
33 Linux 2.6.18.8. Also cleaning up the older version.
34
35 *hardened-sources-2.6.18-r5 (06 Mar 2007)
36
37 06 Mar 2007; Christian Heim <phreak@gentoo.org>
38 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
39 +hardened-sources-2.6.18-r5.ebuild:
40 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
41 Linux 2.6.18.8. Also cleaning up the older version.
42
43 24 Feb 2007; Christian Heim <phreak@gentoo.org>
44 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
45 -hardened-sources-2.6.19-r5.ebuild:
46 Removing some of the old version, that didn't work.
47
48 *hardened-sources-2.6.19-r6 (12 Feb 2007)
49
50 12 Feb 2007; Christian Heim <phreak@gentoo.org>
51 +hardened-sources-2.6.19-r6.ebuild:
52 Revision bump, including a new grsec version fixing #166235.
53
54 *hardened-sources-2.4.34 (24 Jan 2007)
55
56 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
57 Manifest:
58 updating Manifest with checksums of new tarball and ebuild
59
60 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
61 +hardened-sources-2.4.34.ebuild:
62 I added new hardened sources 2.4 update, this is a critical path
63 security bugfix - all users of h-s are strongly advised
64 to update their existing hardened sources to this version.
65 It contains a fix for a kernel vulnerability that is pertaining
66 to the PaX changes to virtual memory management, possibly leading
67 to a local kernel exploit ... see grsecurity.net forums and homepage
68
69 23 Jan 2007; Christian Heim <phreak@gentoo.org>
70 files/digest-hardened-sources-2.6.19-r5, Manifest:
71 Fixing the patch-tarball digest.
72
73 *hardened-sources-2.6.19-r5 (23 Jan 2007)
74
75 23 Jan 2007; Christian Heim <phreak@gentoo.org>
76 +hardened-sources-2.6.19-r5.ebuild:
77 Revision bump, closing the recently discovered PaX expand_stack()
78 vulnerability.
79
80 *hardened-sources-2.6.19-r4 (14 Jan 2007)
81
82 14 Jan 2007; Christian Heim <phreak@gentoo.org>
83 +hardened-sources-2.6.19-r4.ebuild:
84 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
85 dropping the randomized PID feature.
86
87 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
88 hardened-sources-2.4.33.4.ebuild:
89 stable x86, bug #161171
90
91 *hardened-sources-2.6.19-r3 (27 Dec 2006)
92
93 27 Dec 2006; Christian Heim <phreak@gentoo.org>
94 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
95 Revision bump for bug #157186 and #158786.
96
97 *hardened-sources-2.6.18-r4 (27 Dec 2006)
98
99 27 Dec 2006; Christian Heim <phreak@gentoo.org>
100 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
101 Revision bump for bug #157186.
102
103 *hardened-sources-2.6.19-r2 (23 Dec 2006)
104
105 23 Dec 2006; Christian Heim <phreak@gentoo.org>
106 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
107 Revision bump to pull in genpatches-2.6.19-3 for #157186.
108
109 17 Dec 2006; Christian Heim <phreak@gentoo.org>
110 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
111 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
112 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
113 hardened-sources-2.6.19-r1.ebuild:
114 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
115 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
116
117 *hardened-sources-2.4.33.4 (17 Dec 2006)
118
119 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
120 +hardened-sources-2.4.33.4.ebuild:
121 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
122 and quilting
123
124 *hardened-sources-2.6.19-r1 (14 Dec 2006)
125
126 14 Dec 2006; Christian Heim <phreak@gentoo.org>
127 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
128 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
129 for reporting).
130
131 *hardened-sources-2.6.19 (13 Dec 2006)
132
133 13 Dec 2006; Christian Heim <phreak@gentoo.org>
134 +hardened-sources-2.6.19.ebuild:
135 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
136 Brad for providing that prompt update.
137
138 *hardened-sources-2.6.18-r3 (13 Dec 2006)
139
140 13 Dec 2006; Christian Heim <phreak@gentoo.org>
141 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
142 +hardened-sources-2.6.18-r3.ebuild:
143 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
144 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
145
146 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
147 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
148
149 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
150 Stable on ppc wrt bug 157356
151
152 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
153 hardened-sources-2.6.18.ebuild:
154 stable x86, bug #157356
155
156 *hardened-sources-2.6.18-r2 (06 Dec 2006)
157
158 06 Dec 2006; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.18-r2.ebuild:
160 Revision bump, including 2.6.18.5 (via genpatches) and
161 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
162 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
163 redesign.
164
165 06 Dec 2006; Christian Heim <phreak@gentoo.org>
166 hardened-sources-2.6.18.ebuild:
167 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
168 of Mike Doty).
169
170 *hardened-sources-2.6.18-r1 (23 Nov 2006)
171
172 23 Nov 2006; Christian Heim <phreak@gentoo.org>
173 +hardened-sources-2.6.18-r1.ebuild:
174 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
175
176 *hardened-sources-2.6.18 (11 Nov 2006)
177
178 11 Nov 2006; Christian Heim <phreak@gentoo.org>
179 +hardened-sources-2.6.18.ebuild:
180 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
181
182 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
183 - mark amd64 stable also. bug #151877
184
185 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
186 - mark 2.6.17-r1 stable
187
188 27 Aug 2006; Christian Heim <phreak@gentoo.org>
189 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
190 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
191
192 *hardened-sources-2.6.17-r1 (26 Aug 2006)
193
194 26 Aug 2006; Christian Heim <phreak@gentoo.org>
195 +hardened-sources-2.6.17-r1.ebuild:
196 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
197 grsecurity patch.
198
199 *hardened-sources-2.6.17 (17 Aug 2006)
200
201 17 Aug 2006; Christian Heim <phreak@gentoo.org>
202 +hardened-sources-2.6.17.ebuild:
203 Bumping the hardened-sources-2.6 series to 2.6.17, using
204 genpatches-2.6.17-6.base.
205
206 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
207 - stable on x86 and amd64
208
209 *hardened-sources-2.6.16-r11 (15 Jul 2006)
210
211 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
212 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
213 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
214 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
215 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
216 crusty ebuilds
217
218 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
219 hardened-sources-2.6.16-r10.ebuild:
220 marking stable on x86 and amd64
221
222 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
223 - 2.4.32-r6 stable on x86. RSBAC state unknown
224
225 *hardened-sources-2.4.32-r7 (10 Jul 2006)
226
227 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
228 +hardened-sources-2.4.32-r7.ebuild:
229 Bump PaX for RSBAC to test-17
230
231 *hardened-sources-2.6.16-r9 (03 Jul 2006)
232
233 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
234 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
235 hardened-sources-2.6.16 bump to latest -base.
236
237 *hardened-sources-2.4.32-r6 (30 Jun 2006)
238
239 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
240 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
241 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
242 sysctl controlable resource logging
243
244 *hardened-sources-2.6.16-r7 (05 Jun 2006)
245
246 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
247 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
248 push new 2.6.16 release in preparation for stable
249
250 22 May 2006; <solar@gentoo.org> :
251 - redigest bug 134002
252
253 *hardened-sources-2.4.32-r5 (16 May 2006)
254
255 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
256 +hardened-sources-2.4.32-r5.ebuild:
257 Fixes rsbac common patching (new patch in new -r5 patchset)
258
259 *hardened-sources-2.4.32-r4 (13 May 2006)
260
261 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
262 +hardened-sources-2.4.32-r4.ebuild:
263 - security bumps
264
265 *hardened-sources-2.6.16-r6 (03 May 2006)
266
267 03 May 2006; John Mylchreest <johnm@gentoo.org>
268 +hardened-sources-2.6.16-r6.ebuild:
269 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
270
271 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
272 hardened-sources-2.6.14-r8.ebuild:
273 fix x86_64 build problem, this will delay the digest issue again for a short
274 while but it will sort itself out
275
276 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
277 hardened-sources-2.6.14-r8.ebuild:
278 bump hardened patchset
279
280 27 Apr 2006; Alec Warner <antarus@gentoo.org>
281 files/digest-hardened-sources-2.4.32-r2,
282 files/digest-hardened-sources-2.4.32-r3,
283 files/digest-hardened-sources-2.6.14-r8, Manifest:
284 Fixing duff SHA256 digests: Bug # 131293
285
286 *hardened-sources-2.6.16-r5 (27 Apr 2006)
287
288 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
289 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
290 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
291 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
292 cleanup of old uneccessary sources
293
294 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
295 fix digest
296
297 *hardened-sources-2.6.14-r8 (20 Apr 2006)
298
299 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
300 +hardened-sources-2.6.14-r8.ebuild:
301 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
302
303 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
304 Turning on gpg-signing again, and recomitting
305
306 *hardened-sources-2.6.16-r4 (20 Apr 2006)
307
308 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
309 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
310 +hardened-sources-2.6.16-r4.ebuild:
311 Fix numerous security vulns
312
313 *hardened-sources-2.4.32-r3 (16 Apr 2006)
314
315 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
316 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
317 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
318 - security bump for bug #112791. Removed old ebuilds
319
320 *hardened-sources-2.6.16-r3 (15 Apr 2006)
321
322 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
323 +hardened-sources-2.6.16-r3.ebuild:
324 Removing silly localversion which I missed
325
326 *hardened-sources-2.6.14-r7 (14 Apr 2006)
327
328 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
329 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
330 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
331
332 *hardened-sources-2.6.16-r2 (13 Apr 2006)
333
334 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
335 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
336 +hardened-sources-2.6.16-r2.ebuild:
337 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
338 labels, dropping USERGROUP define fixes, since these were merged mainstream.
339
340 *hardened-sources-2.6.16-r1 (11 Apr 2006)
341
342 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
343 +hardened-sources-2.6.16-r1.ebuild:
344 Bumping to include ppc build fix and 2.6.16.3
345
346 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
347 hardened-sources-2.6.14-r6.ebuild:
348 Stable on x86; bug #127718
349
350 *hardened-sources-2.6.16 (31 Mar 2006)
351
352 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
353 +hardened-sources-2.6.16.ebuild:
354 Bumping to new version of grsec, and kernel base. New squashfs. Based on
355 2.6.16.1
356
357 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
358 hardened-sources-2.6.14-r6.ebuild:
359 Stable on amd64, bug 127718.
360
361 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
362 Stable on ppc. Bug #127718
363
364 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
365 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
366 -hardened-sources-2.6.14-r4.ebuild:
367 Cleanup.
368
369 *hardened-sources-2.6.14-r6 (15 Mar 2006)
370
371 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
372 +hardened-sources-2.6.14-r6.ebuild:
373 Fixes grsec policy recreation bug and adds a
374 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
375
376 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
377 - stable on x86
378
379 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
380 hardened-sources-2.6.14-r5.ebuild:
381 Stable on ppc.
382
383 *hardened-sources-2.6.14-r5 (01 Feb 2006)
384
385 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
386 +hardened-sources-2.6.14-r5.ebuild:
387 fixing every known exploit
388
389 *hardened-sources-2.4.32-r2 (26 Jan 2006)
390
391 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
392 +hardened-sources-2.4.32-r2.ebuild:
393 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
394
395 *hardened-sources-2.6.14-r4 (12 Jan 2006)
396
397 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
398 - version bump for new genpatches which fix up a few sec holes
399
400 *hardened-sources-2.4.32-r1 (05 Jan 2006)
401
402 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
403 - revision bump to add misc vital linux kernel security patches.
404
405 *hardened-sources-2.6.14-r3 (30 Dec 2005)
406
407 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
408 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
409 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
410
411 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
412 hardened-sources-2.6.14-r2.ebuild:
413 making x86 & amd64 stable following testing.
414
415 *hardened-sources-2.6.14-r2 (27 Dec 2005)
416
417 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
418 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
419 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
420 network hooks.
421
422 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
423 hardened-sources-2.6.14-r1.ebuild:
424 bumping to stable early for sec fix on x86 & amd64
425
426 *hardened-sources-2.6.14-r1 (05 Dec 2005)
427
428 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
430 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
431
432 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
433 - stable on x86 security bug #114227 CAN-2005-3257
434
435 *hardened-sources-2.4.32 (19 Nov 2005)
436
437 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
438 +hardened-sources-2.4.32.ebuild:
439 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
440 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
441 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
442 rsbac >> /etc/portage/package.use)
443
444 *hardened-sources-2.6.14 (14 Nov 2005)
445
446 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
447 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
448 Bumping 2.6 series to 2.6.14.2
449
450 *hardened-sources-2.6.13-r2 (20 Oct 2005)
451
452 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
453 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
454 +hardened-sources-2.6.13-r2.ebuild:
455 Fixes minor build error in ppc.
456
457 *hardened-sources-2.6.13-r1 (17 Oct 2005)
458
459 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
460 +hardened-sources-2.6.13-r1.ebuild:
461 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
462 2.6.13.4, fixes some major amd64 stability problems.
463
464 *hardened-sources-2.6.13 (16 Sep 2005)
465
466 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
467 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
468 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
469 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
470 users should test this thoroughly.
471
472 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
473 - stable on x86
474
475 *hardened-sources-2.6.11-r15 (27 Jun 2005)
476
477 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
478 +hardened-sources-2.6.11-r15.ebuild:
479 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
480 grsec redefining curr_ip struct.
481
482 *hardened-sources-2.4.31 (20 Jun 2005)
483
484 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
485 initial import of 2.4.31 tree
486
487 *hardened-sources-2.6.11-r14 (14 Jun 2005)
488
489 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
490 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
491 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
492 naming scheme to abide by genpatches
493
494 *hardened-sources-2.6.11-r13 (18 May 2005)
495
496 18 May 2005; John Mylchreest <johnm@gentoo.org>
497 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
498 Managed to mangle the Makefile patch from grsec, to miss out the grsec
499 target. sorry about that. Fixes bug #93022
500
501 *hardened-sources-2.6.11-r12 (17 May 2005)
502
503 17 May 2005; John Mylchreest <johnm@gentoo.org>
504 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
505 +hardened-sources-2.6.11-r12.ebuild:
506 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
507 merges in genpatches-base
508
509 *hardened-sources-2.6.11-r12 (17 May 2005)
510
511 17 May 2005; John Mylchreest <johnm@gentoo.org>
512 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
513 +hardened-sources-2.6.11-r12.ebuild:
514 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
515 merges in genpatches-base
516
517 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
518 -files/2.4.27-cmdline-race.patch,
519 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
520 -files/2.4.28-grsec-binfmt_a.out.patch,
521 -files/2.4.28-grsec-cmdline-race.patch,
522 -files/2.4.28-selinux-binfmt_a.out.patch,
523 -files/2.4.28-selinux-cmdline-race.patch,
524 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
525 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
526 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
527 cleanup..
528
529 *hardened-sources-2.4.30-r1 (21 Apr 2005)
530
531 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
532 - disable aout by default
533
534 *hardened-sources-2.4.30 (18 Apr 2005)
535
536 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
537 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
538 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
539 use
540
541 *hardened-sources-2.4.29 (30 Mar 2005)
542
543 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
544 +hardened-sources-2.4.29.ebuild:
545 New hardened-patches-2.4-29.0 patchball.
546 Removed SELinux support, upgraded GRSecurity to 2.1.4.
547
548 *hardened-sources-2.4.28-r5 (06 Mar 2005)
549
550 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
551 +hardened-sources-2.4.28-r5.ebuild:
552 Added a fix for a PaX vulnerability.
553
554 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
555 hardened-sources-2.4.28-r4.ebuild:
556 Stable on x86
557
558 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
559 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
560 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
561 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
562 - fixed/added RDEPEND= in all kernel-2 ebuilds
563
564 *hardened-sources-2.4.28-r4 (21 Jan 2005)
565
566 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
567 +hardened-sources-2.4.28-r4.ebuild:
568 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
569 backport of neighbour hash updates.
570
571 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
572 hardened-sources-2.4.28-r3.ebuild:
573 Stable on x86
574
575 *hardened-sources-2.6.10-r3 (20 Jan 2005)
576
577 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
578 +hardened-sources-2.6.10-r3.ebuild:
579 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
580 in 2005.0
581
582 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
583 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
584 hardened-sources-2.4.28-r2.ebuild:
585 Mark stable on x86
586
587 *hardened-sources-2.4.28-r3 (17 Jan 2005)
588
589 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
590 +hardened-sources-2.4.28-r3.ebuild:
591 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
592
593 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
594 hardened-sources-2.4.28.ebuild:
595 Mark stable on x86.
596
597 *hardened-sources-2.4.28-r2 (13 Jan 2005)
598
599 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
600 +hardened-sources-2.4.28-r2.ebuild:
601 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
602 Mazinger for grsecurity patches as well.
603
604 *hardened-sources-2.4.28-r1 (23 Dec 2004)
605
606 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
607 Security bump. Thank tocharian for rolling a new patchset...
608
609 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
610 +files/2.4.28-grsec-cmdline-race.patch,
611 +files/2.4.28-selinux-binfmt_a.out.patch,
612 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
613 - Round up remaining security patches that appear to be missing in 2.4.28. -
614 PaX standalone updated to current. hgpv=28.1
615
616 *hardened-sources-2.4.28 (28 Nov 2004)
617
618 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
619 security bump. Thank tocharian for rolling a new patchset
620
621 *hardened-sources-2.4.27-r3 (08 Sep 2004)
622
623 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
624 +hardened-sources-2.4.27-r3.ebuild:
625 Applies the new 2.4-27.2 patchball which updates
626 GRSecurity to the 2.0.1 version.
627
628 *hardened-sources-2.4.27-r2 (31 Aug 2004)
629
630 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
631 +hardened-sources-2.4.27-r2.ebuild:
632 Version bump.
633 This version uses the new 2.4-27.1 patchball which updates
634 both the SELinux PaX hooks patch and the SELinux headers.
635
636 *hardened-sources-2.4.27-r1 (09 Aug 2004)
637
638 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
639 +hardened-sources-2.4.27-r1.ebuild,
640 -hardened-sources-2.4.27.ebuild,
641 +files/2.4.27-cmdline-race.patch:
642 Version bump, fix for cmdline race. See bug #59905.
643
644 *hardened-sources-2.4.26-r6 (09 Aug 2004)
645
646 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
647 +hardened-sources-2.4.26-r6.ebuild,
648 -hardened-sources-2.4.26-r5.ebuild,
649 -hardened-sources-2.4.26-r4.ebuild,
650 +files/2.4.26-cmdline-race.patch:
651 Version bump, fix for cmdline race. See bug #59905.
652
653 *hardened-sources-2.4.27 (08 Aug 2004)
654
655 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
656 +hardened-sources-2.4.27.ebuild,
657 +files/2.4.27-CAN-2004-0394.patch:
658 Ported the patchball to the 2.4.27 kernel version.
659
660 *hardened-sources-2.4.26-r5 (07 Aug 2004)
661
662 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
663 +hardened-sources-2.4.26-r5.ebuild:
664 Updated to use the new hardened-patches-2.4-26.1 patchball.
665 It adds the following features:
666 - Squashfs
667 - Ebtables
668 - Netdev random (core+drivers)
669 - Watchdog Timer (WDT) fix.
670
671 *hardened-sources-2.4.26-r4 (04 Aug 2004)
672
673 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
674 +hardened-sources-2.4.26-r4.ebuild,
675 +files/2.4.26-CAN-2004-0415.patch,
676 -hardened-sources-2.4.26-3:
677 Version bump, fix for CAN 0415, see bug #59378.
678
679 *hardened-sources-2.4.26-r3 (22 Jul 2004)
680
681 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
682 +hardened-sources-2.4.26-r3.ebuild,
683 +files/2.4.26-CAN-2004-0497.patch,
684 -hardened-sources-2.4.26-r2.ebuild:
685 Version bump, fixed CAN 0497, see bug #56171.
686
687 *hardened-sources-2.4.26-r2 (29 Jun 2004)
688
689 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
690 +hardened-sources-2.4.26-r2.ebuild,
691 +files/2.4.26-CAN-2004-0495.patch,
692 +files/2.4.26-CAN-2004-0535.patch,
693 -hardened-sources-2.4.26-r1.ebuild:
694 Fixes for both CAN 0495 and 0535, see bug #54976
695
696 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
697 hardened-sources-2.4.26-r1.ebuild:
698 QA - fix use invocation
699
700 *hardened-sources-2.4.26-r1 (22 June 2004)
701
702 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
703 +hardened-sources-2.4.26-r1.ebuild,
704 +files/2.4.26-CAN-2004-0394.patch,
705 +files/2.4.26-signal-race.patch,
706 -hardened-sources-2.4.26.ebuild,
707 -hardened-sources-2.4.24-r3.ebuild:
708 Version bump for the CAN-2004-0394 issue and bug #53804
709 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
710
711
712 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
713 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
714 Masked hardened-sources-2.4.26.ebuild broken for ppc
715
716 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
717 hardened-sources-2.4.24-r3.ebuild:
718 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
719
720 *hardened-sources-2.4.26 (29 May 2004)
721
722 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
723 +hardened-sources-2.4.26.ebuild:
724 Updated hardened-sources for the 2.4.26 kernel
725 Removed broken components, updated almost everything.
726
727 *hardened-sources-2.4.24-r3 (17 Apr 2004)
728
729 17 Apr 2004; <plasmaroo@gentoo.org>
730 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
731 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
732 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
733 +hardened-sources-2.4.24-r3.ebuild:
734 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
735 vulnerabilities. Old revisions removed.
736
737 *hardened-sources-2.4.24-r2 (15 Apr 2004)
738
739 15 Apr 2004; <plasmaroo@gentoo.org>
740 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
741 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
742 Version bump for the CAN-2004-0109 issue; bug #47881.
743
744 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
745 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
746 Add eutils to inherit.
747
748 *hardened-sources-2.4.24-r1 (19 Feb 2004)
749
750 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
751 files/hardened-sources-2.4.24.munmap.patch:
752 Added the patch for the mremap/munmap vulnerability. Bug #42024.
753
754 *hardened-sources-2.4.24 (06 Feb 2004)
755
756 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
757 hardened-sources-2.4.24.ebuild:
758 Version bump, updated most of the components.
759 This release includes the following:
760
761 - Hardened security
762 - Netfilter patch-o-matic 20031219
763 - FreeSWAN 2.04 & x509 1.4.8
764 - EVMS 2.2.2
765 - XFS 1.3.1
766 - cryptoloop jari
767 - grsecurity 2.0-rc4
768 - SELinux
769 - PaX 200402060000
770 - PaX Obscurity 200308302223
771 - Others...
772
773 Neither -ck nor systrace are included anymore.
774
775 *hardened-sources-2.4.22-r2 (05 Jan 2004)
776
777 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
778 hardened-sources-2.4.22-r2.ebuild:
779 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
780
781 *hardened-sources-2.4.22-r1 (02 Dec 2003)
782
783 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
784 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
785
786 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
787 hardened-sources-2.4.22-r1.ebuild:
788 Version bump for the 'do_brk' vulnerability.
789
790 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
791 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
792 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
793 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
794 Fix the 'do_brk' vulnerability.
795
796 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
797 hardened-sources-2.4.22.ebuild:
798 - Removed the src_install() portion for SELinux flask
799 components. These are no longer handled in the kernel
800 so this code was not necessary.
801
802 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
803 New 2.4.22 based hardened-sources thanks to
804 Phil West <p.west@computer.org>.
805
806 These sources include:
807 - New SELinux API
808 - Updated CK-base
809 - Updated GRSec
810 - Systrace
811 - SuperFreeS/WAN 1.99.8
812 - Propolice kernel build support
813 - EVMS
814 - Other various security related patches
815
816 *hardened-sources-2.4.21 (14 Sep 2003)
817
818 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
819 Updated hardened-sources based on the 2.4.21 Linux kernel.
820 This includes updates to most major components such as:
821 - ck-base-0306300059
822 - selinux-2.4-2003071106
823 - grsecurity-2.0-rc1
824 - Updated IPTables patch-o-matic
825 - Updated SuperFreeS/WAN
826
827 Thanks to Phil West <pwest@computer.org> for his work in getting this
828 updated patch set ready for the 2.4.21 based kernel.
829
830 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
831 Initial import of hardened-sources-2.4.20-r4. This revision
832 includes only a few changes, but one of these is an important
833 security fix. It is recommended all users of hardened-sources
834 upgrade to this release.
835
836 - ioperm bug fix
837 - fixed compilation failure when building without GRSec
838
839 SAL (Secure Auditing for Linux) is NOT included in this revision
840 due to time constraints, but is planned for inclusion in the near
841 future.
842
843 *hardened-sources-2.4.20-r2 (12 Jun 2003)
844
845 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
846 hardened-sources-2.4.20-r3.ebuild:
847 Add Header...
848
849 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
850 hardened-sources-2.4.20-r3.ebuild:
851 Removed warnings from ebuild. This kernel should be safe to
852 use at this point.
853
854 *hardened-sources-2.4.20-r3 (08 Jun 2003)
855
856 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
857 hardened-sources-2.4.20-r3.ebuild:
858 New revision. Includes the following changes over -r2:
859
860 - ck7-base (O(1), preempt, low latency)
861 - Super FreeS/WAN 1.99.7rc2
862 - PaX for the LSM/SELinux branch
863 - GRSecurity 2.0-pre4 (role based access control)
864 - Systrace 1.3
865 - EXT3 fixes
866 - EVMS 2.0.1
867 - GCC 3.1+ compile optimizations
868 - ProPolice kernel build support
869 - Hashing table security fixes
870
871 *hardened-sources-2.4.20-r1 (09 Apr 2003)
872
873 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
874 Initial import of hardened-sources-r2. This new
875 ebuild includes many new performance and security
876 related patches. As in -r1, it will patch in
877 LSM/SELinux if "selinux" is in USE, otherwise it
878 will patch in GRSecurity. The following patches
879 are included in this revision:
880
881 - O(1) Scheduler, Low Latency, and Preempt
882 (pulled from the base CK patch)
883 - ptrace exploit patch for the LSM kernel
884 (the GRSec patch already fixes this)
885 - LSM 2.4-2003040709
886 - SELinux 2.4-2003040709
887 - Systrace v1.2
888 - IPTables patch-o-matic base patches - 20030107
889 - CryptoAPI 2.4.20.1 w/ loop-jari patch
890 - Super FreeS/WAN 1.99.6.1
891 - GRSecurity 1.9.9g
892 - MPPE
893 - EXT3 data journal fix
894 - CIPE 1.5.4
895
896 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
897 hardened-sources-2.4.20-r1.ebuild, manifest:
898 Updated to install flask components correctly for selinux.
899
900 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
901 hardened-sources-2.4.20-r1.ebuild:
902 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
903 is patched in instead. Ptrace patches for selinux have also been added. In
904 either case, systrace support will be patched in as well.
905
906 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
907 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
908 Revision bump for new sources.
909
910 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
911 hardened-sources-2.4.20-r1.ebuild:
912 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
913
914 *hardened-sources-2.4.20 (30 Mar 2003)
915
916 30 Mar 2003; Joshua Brindle <method@gentoo.org>
917 hardened-sources-2.4.20.ebuild:
918 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20