/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.147 - (show annotations) (download)
Sun Apr 29 16:12:22 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.146: +5 -1 lines
Adding ~ia64 on Ned's request.
(Portage version: 2.1.2.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.146 2007/04/29 11:22:18 phreak Exp $
4
5 29 Apr 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.20-r2.ebuild:
7 Adding ~ia64 on Ned's request.
8
9 29 Apr 2007; Christian Heim <phreak@gentoo.org>
10 hardened-sources-2.6.20-r2.ebuild:
11 Fixing the included grsecurity patch, wasn't alligning due to the Index:
12 header line(s).
13
14 29 Apr 2007; Christian Heim <phreak@gentoo.org>
15 hardened-sources-2.6.20-r2.ebuild:
16 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
17
18 *hardened-sources-2.6.20-r2 (10 Apr 2007)
19
20 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
21 +hardened-sources-2.6.20-r2.ebuild:
22 Version bump, on behalf of phreak
23
24 *hardened-sources-2.6.20-r1 (04 Apr 2007)
25
26 04 Apr 2007; Christian Heim <phreak@gentoo.org>
27 +hardened-sources-2.6.20-r1.ebuild:
28 Revision bump, grabbing a newer grsecurity snapshot.
29
30 *hardened-sources-2.6.20 (25 Mar 2007)
31
32 25 Mar 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.20.ebuild:
34 Finally a hardened-sources version for 2.6.20; many people have been waiting
35 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
36 testbox.
37
38 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
39 hardened-sources-2.6.18-r6.ebuild:
40 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
41
42 *hardened-sources-2.6.18-r6 (16 Mar 2007)
43
44 16 Mar 2007; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
46 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
47 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
48 supposed to be.
49
50 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
51 Fixing the Manifest, the previous one was broken (as in still had the
52 deleted ebuild in it).
53
54 06 Mar 2007; Christian Heim <phreak@gentoo.org>
55 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
56 +hardened-sources-2.6.18-r5.ebuild:
57 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
58 Linux 2.6.18.8. Also cleaning up the older version.
59
60 *hardened-sources-2.6.18-r5 (06 Mar 2007)
61
62 06 Mar 2007; Christian Heim <phreak@gentoo.org>
63 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
64 +hardened-sources-2.6.18-r5.ebuild:
65 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
66 Linux 2.6.18.8. Also cleaning up the older version.
67
68 24 Feb 2007; Christian Heim <phreak@gentoo.org>
69 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
70 -hardened-sources-2.6.19-r5.ebuild:
71 Removing some of the old version, that didn't work.
72
73 *hardened-sources-2.6.19-r6 (12 Feb 2007)
74
75 12 Feb 2007; Christian Heim <phreak@gentoo.org>
76 +hardened-sources-2.6.19-r6.ebuild:
77 Revision bump, including a new grsec version fixing #166235.
78
79 *hardened-sources-2.4.34 (24 Jan 2007)
80
81 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
82 Manifest:
83 updating Manifest with checksums of new tarball and ebuild
84
85 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
86 +hardened-sources-2.4.34.ebuild:
87 I added new hardened sources 2.4 update, this is a critical path
88 security bugfix - all users of h-s are strongly advised
89 to update their existing hardened sources to this version.
90 It contains a fix for a kernel vulnerability that is pertaining
91 to the PaX changes to virtual memory management, possibly leading
92 to a local kernel exploit ... see grsecurity.net forums and homepage
93
94 23 Jan 2007; Christian Heim <phreak@gentoo.org>
95 files/digest-hardened-sources-2.6.19-r5, Manifest:
96 Fixing the patch-tarball digest.
97
98 *hardened-sources-2.6.19-r5 (23 Jan 2007)
99
100 23 Jan 2007; Christian Heim <phreak@gentoo.org>
101 +hardened-sources-2.6.19-r5.ebuild:
102 Revision bump, closing the recently discovered PaX expand_stack()
103 vulnerability.
104
105 *hardened-sources-2.6.19-r4 (14 Jan 2007)
106
107 14 Jan 2007; Christian Heim <phreak@gentoo.org>
108 +hardened-sources-2.6.19-r4.ebuild:
109 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
110 dropping the randomized PID feature.
111
112 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
113 hardened-sources-2.4.33.4.ebuild:
114 stable x86, bug #161171
115
116 *hardened-sources-2.6.19-r3 (27 Dec 2006)
117
118 27 Dec 2006; Christian Heim <phreak@gentoo.org>
119 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
120 Revision bump for bug #157186 and #158786.
121
122 *hardened-sources-2.6.18-r4 (27 Dec 2006)
123
124 27 Dec 2006; Christian Heim <phreak@gentoo.org>
125 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
126 Revision bump for bug #157186.
127
128 *hardened-sources-2.6.19-r2 (23 Dec 2006)
129
130 23 Dec 2006; Christian Heim <phreak@gentoo.org>
131 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
132 Revision bump to pull in genpatches-2.6.19-3 for #157186.
133
134 17 Dec 2006; Christian Heim <phreak@gentoo.org>
135 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
136 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
137 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
138 hardened-sources-2.6.19-r1.ebuild:
139 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
140 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
141
142 *hardened-sources-2.4.33.4 (17 Dec 2006)
143
144 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
145 +hardened-sources-2.4.33.4.ebuild:
146 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
147 and quilting
148
149 *hardened-sources-2.6.19-r1 (14 Dec 2006)
150
151 14 Dec 2006; Christian Heim <phreak@gentoo.org>
152 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
153 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
154 for reporting).
155
156 *hardened-sources-2.6.19 (13 Dec 2006)
157
158 13 Dec 2006; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.19.ebuild:
160 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
161 Brad for providing that prompt update.
162
163 *hardened-sources-2.6.18-r3 (13 Dec 2006)
164
165 13 Dec 2006; Christian Heim <phreak@gentoo.org>
166 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
167 +hardened-sources-2.6.18-r3.ebuild:
168 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
169 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
170
171 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
172 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
173
174 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
175 Stable on ppc wrt bug 157356
176
177 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
178 hardened-sources-2.6.18.ebuild:
179 stable x86, bug #157356
180
181 *hardened-sources-2.6.18-r2 (06 Dec 2006)
182
183 06 Dec 2006; Christian Heim <phreak@gentoo.org>
184 +hardened-sources-2.6.18-r2.ebuild:
185 Revision bump, including 2.6.18.5 (via genpatches) and
186 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
187 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
188 redesign.
189
190 06 Dec 2006; Christian Heim <phreak@gentoo.org>
191 hardened-sources-2.6.18.ebuild:
192 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
193 of Mike Doty).
194
195 *hardened-sources-2.6.18-r1 (23 Nov 2006)
196
197 23 Nov 2006; Christian Heim <phreak@gentoo.org>
198 +hardened-sources-2.6.18-r1.ebuild:
199 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
200
201 *hardened-sources-2.6.18 (11 Nov 2006)
202
203 11 Nov 2006; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.6.18.ebuild:
205 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
206
207 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
208 - mark amd64 stable also. bug #151877
209
210 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
211 - mark 2.6.17-r1 stable
212
213 27 Aug 2006; Christian Heim <phreak@gentoo.org>
214 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
215 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
216
217 *hardened-sources-2.6.17-r1 (26 Aug 2006)
218
219 26 Aug 2006; Christian Heim <phreak@gentoo.org>
220 +hardened-sources-2.6.17-r1.ebuild:
221 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
222 grsecurity patch.
223
224 *hardened-sources-2.6.17 (17 Aug 2006)
225
226 17 Aug 2006; Christian Heim <phreak@gentoo.org>
227 +hardened-sources-2.6.17.ebuild:
228 Bumping the hardened-sources-2.6 series to 2.6.17, using
229 genpatches-2.6.17-6.base.
230
231 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
232 - stable on x86 and amd64
233
234 *hardened-sources-2.6.16-r11 (15 Jul 2006)
235
236 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
237 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
238 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
239 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
240 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
241 crusty ebuilds
242
243 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
244 hardened-sources-2.6.16-r10.ebuild:
245 marking stable on x86 and amd64
246
247 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
248 - 2.4.32-r6 stable on x86. RSBAC state unknown
249
250 *hardened-sources-2.4.32-r7 (10 Jul 2006)
251
252 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
253 +hardened-sources-2.4.32-r7.ebuild:
254 Bump PaX for RSBAC to test-17
255
256 *hardened-sources-2.6.16-r9 (03 Jul 2006)
257
258 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
259 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
260 hardened-sources-2.6.16 bump to latest -base.
261
262 *hardened-sources-2.4.32-r6 (30 Jun 2006)
263
264 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
265 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
266 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
267 sysctl controlable resource logging
268
269 *hardened-sources-2.6.16-r7 (05 Jun 2006)
270
271 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
272 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
273 push new 2.6.16 release in preparation for stable
274
275 22 May 2006; <solar@gentoo.org> :
276 - redigest bug 134002
277
278 *hardened-sources-2.4.32-r5 (16 May 2006)
279
280 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
281 +hardened-sources-2.4.32-r5.ebuild:
282 Fixes rsbac common patching (new patch in new -r5 patchset)
283
284 *hardened-sources-2.4.32-r4 (13 May 2006)
285
286 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
287 +hardened-sources-2.4.32-r4.ebuild:
288 - security bumps
289
290 *hardened-sources-2.6.16-r6 (03 May 2006)
291
292 03 May 2006; John Mylchreest <johnm@gentoo.org>
293 +hardened-sources-2.6.16-r6.ebuild:
294 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
295
296 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
297 hardened-sources-2.6.14-r8.ebuild:
298 fix x86_64 build problem, this will delay the digest issue again for a short
299 while but it will sort itself out
300
301 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
302 hardened-sources-2.6.14-r8.ebuild:
303 bump hardened patchset
304
305 27 Apr 2006; Alec Warner <antarus@gentoo.org>
306 files/digest-hardened-sources-2.4.32-r2,
307 files/digest-hardened-sources-2.4.32-r3,
308 files/digest-hardened-sources-2.6.14-r8, Manifest:
309 Fixing duff SHA256 digests: Bug # 131293
310
311 *hardened-sources-2.6.16-r5 (27 Apr 2006)
312
313 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
314 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
315 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
316 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
317 cleanup of old uneccessary sources
318
319 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
320 fix digest
321
322 *hardened-sources-2.6.14-r8 (20 Apr 2006)
323
324 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
325 +hardened-sources-2.6.14-r8.ebuild:
326 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
327
328 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
329 Turning on gpg-signing again, and recomitting
330
331 *hardened-sources-2.6.16-r4 (20 Apr 2006)
332
333 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
334 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
335 +hardened-sources-2.6.16-r4.ebuild:
336 Fix numerous security vulns
337
338 *hardened-sources-2.4.32-r3 (16 Apr 2006)
339
340 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
341 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
342 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
343 - security bump for bug #112791. Removed old ebuilds
344
345 *hardened-sources-2.6.16-r3 (15 Apr 2006)
346
347 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
348 +hardened-sources-2.6.16-r3.ebuild:
349 Removing silly localversion which I missed
350
351 *hardened-sources-2.6.14-r7 (14 Apr 2006)
352
353 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
354 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
355 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
356
357 *hardened-sources-2.6.16-r2 (13 Apr 2006)
358
359 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
360 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
361 +hardened-sources-2.6.16-r2.ebuild:
362 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
363 labels, dropping USERGROUP define fixes, since these were merged mainstream.
364
365 *hardened-sources-2.6.16-r1 (11 Apr 2006)
366
367 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
368 +hardened-sources-2.6.16-r1.ebuild:
369 Bumping to include ppc build fix and 2.6.16.3
370
371 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
372 hardened-sources-2.6.14-r6.ebuild:
373 Stable on x86; bug #127718
374
375 *hardened-sources-2.6.16 (31 Mar 2006)
376
377 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
378 +hardened-sources-2.6.16.ebuild:
379 Bumping to new version of grsec, and kernel base. New squashfs. Based on
380 2.6.16.1
381
382 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
383 hardened-sources-2.6.14-r6.ebuild:
384 Stable on amd64, bug 127718.
385
386 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
387 Stable on ppc. Bug #127718
388
389 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
390 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
391 -hardened-sources-2.6.14-r4.ebuild:
392 Cleanup.
393
394 *hardened-sources-2.6.14-r6 (15 Mar 2006)
395
396 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
397 +hardened-sources-2.6.14-r6.ebuild:
398 Fixes grsec policy recreation bug and adds a
399 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
400
401 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
402 - stable on x86
403
404 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
405 hardened-sources-2.6.14-r5.ebuild:
406 Stable on ppc.
407
408 *hardened-sources-2.6.14-r5 (01 Feb 2006)
409
410 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
411 +hardened-sources-2.6.14-r5.ebuild:
412 fixing every known exploit
413
414 *hardened-sources-2.4.32-r2 (26 Jan 2006)
415
416 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
417 +hardened-sources-2.4.32-r2.ebuild:
418 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
419
420 *hardened-sources-2.6.14-r4 (12 Jan 2006)
421
422 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
423 - version bump for new genpatches which fix up a few sec holes
424
425 *hardened-sources-2.4.32-r1 (05 Jan 2006)
426
427 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
428 - revision bump to add misc vital linux kernel security patches.
429
430 *hardened-sources-2.6.14-r3 (30 Dec 2005)
431
432 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
433 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
434 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
435
436 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
437 hardened-sources-2.6.14-r2.ebuild:
438 making x86 & amd64 stable following testing.
439
440 *hardened-sources-2.6.14-r2 (27 Dec 2005)
441
442 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
443 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
444 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
445 network hooks.
446
447 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
448 hardened-sources-2.6.14-r1.ebuild:
449 bumping to stable early for sec fix on x86 & amd64
450
451 *hardened-sources-2.6.14-r1 (05 Dec 2005)
452
453 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
454 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
455 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
456
457 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
458 - stable on x86 security bug #114227 CAN-2005-3257
459
460 *hardened-sources-2.4.32 (19 Nov 2005)
461
462 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
463 +hardened-sources-2.4.32.ebuild:
464 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
465 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
466 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
467 rsbac >> /etc/portage/package.use)
468
469 *hardened-sources-2.6.14 (14 Nov 2005)
470
471 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
472 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
473 Bumping 2.6 series to 2.6.14.2
474
475 *hardened-sources-2.6.13-r2 (20 Oct 2005)
476
477 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
478 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
479 +hardened-sources-2.6.13-r2.ebuild:
480 Fixes minor build error in ppc.
481
482 *hardened-sources-2.6.13-r1 (17 Oct 2005)
483
484 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
485 +hardened-sources-2.6.13-r1.ebuild:
486 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
487 2.6.13.4, fixes some major amd64 stability problems.
488
489 *hardened-sources-2.6.13 (16 Sep 2005)
490
491 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
492 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
493 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
494 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
495 users should test this thoroughly.
496
497 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
498 - stable on x86
499
500 *hardened-sources-2.6.11-r15 (27 Jun 2005)
501
502 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
503 +hardened-sources-2.6.11-r15.ebuild:
504 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
505 grsec redefining curr_ip struct.
506
507 *hardened-sources-2.4.31 (20 Jun 2005)
508
509 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
510 initial import of 2.4.31 tree
511
512 *hardened-sources-2.6.11-r14 (14 Jun 2005)
513
514 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
515 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
516 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
517 naming scheme to abide by genpatches
518
519 *hardened-sources-2.6.11-r13 (18 May 2005)
520
521 18 May 2005; John Mylchreest <johnm@gentoo.org>
522 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
523 Managed to mangle the Makefile patch from grsec, to miss out the grsec
524 target. sorry about that. Fixes bug #93022
525
526 *hardened-sources-2.6.11-r12 (17 May 2005)
527
528 17 May 2005; John Mylchreest <johnm@gentoo.org>
529 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
530 +hardened-sources-2.6.11-r12.ebuild:
531 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
532 merges in genpatches-base
533
534 *hardened-sources-2.6.11-r12 (17 May 2005)
535
536 17 May 2005; John Mylchreest <johnm@gentoo.org>
537 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
538 +hardened-sources-2.6.11-r12.ebuild:
539 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
540 merges in genpatches-base
541
542 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
543 -files/2.4.27-cmdline-race.patch,
544 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
545 -files/2.4.28-grsec-binfmt_a.out.patch,
546 -files/2.4.28-grsec-cmdline-race.patch,
547 -files/2.4.28-selinux-binfmt_a.out.patch,
548 -files/2.4.28-selinux-cmdline-race.patch,
549 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
550 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
551 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
552 cleanup..
553
554 *hardened-sources-2.4.30-r1 (21 Apr 2005)
555
556 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
557 - disable aout by default
558
559 *hardened-sources-2.4.30 (18 Apr 2005)
560
561 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
562 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
563 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
564 use
565
566 *hardened-sources-2.4.29 (30 Mar 2005)
567
568 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
569 +hardened-sources-2.4.29.ebuild:
570 New hardened-patches-2.4-29.0 patchball.
571 Removed SELinux support, upgraded GRSecurity to 2.1.4.
572
573 *hardened-sources-2.4.28-r5 (06 Mar 2005)
574
575 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
576 +hardened-sources-2.4.28-r5.ebuild:
577 Added a fix for a PaX vulnerability.
578
579 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
580 hardened-sources-2.4.28-r4.ebuild:
581 Stable on x86
582
583 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
584 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
585 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
586 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
587 - fixed/added RDEPEND= in all kernel-2 ebuilds
588
589 *hardened-sources-2.4.28-r4 (21 Jan 2005)
590
591 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
592 +hardened-sources-2.4.28-r4.ebuild:
593 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
594 backport of neighbour hash updates.
595
596 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
597 hardened-sources-2.4.28-r3.ebuild:
598 Stable on x86
599
600 *hardened-sources-2.6.10-r3 (20 Jan 2005)
601
602 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
603 +hardened-sources-2.6.10-r3.ebuild:
604 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
605 in 2005.0
606
607 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
608 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
609 hardened-sources-2.4.28-r2.ebuild:
610 Mark stable on x86
611
612 *hardened-sources-2.4.28-r3 (17 Jan 2005)
613
614 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
615 +hardened-sources-2.4.28-r3.ebuild:
616 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
617
618 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
619 hardened-sources-2.4.28.ebuild:
620 Mark stable on x86.
621
622 *hardened-sources-2.4.28-r2 (13 Jan 2005)
623
624 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
625 +hardened-sources-2.4.28-r2.ebuild:
626 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
627 Mazinger for grsecurity patches as well.
628
629 *hardened-sources-2.4.28-r1 (23 Dec 2004)
630
631 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
632 Security bump. Thank tocharian for rolling a new patchset...
633
634 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
635 +files/2.4.28-grsec-cmdline-race.patch,
636 +files/2.4.28-selinux-binfmt_a.out.patch,
637 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
638 - Round up remaining security patches that appear to be missing in 2.4.28. -
639 PaX standalone updated to current. hgpv=28.1
640
641 *hardened-sources-2.4.28 (28 Nov 2004)
642
643 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
644 security bump. Thank tocharian for rolling a new patchset
645
646 *hardened-sources-2.4.27-r3 (08 Sep 2004)
647
648 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
649 +hardened-sources-2.4.27-r3.ebuild:
650 Applies the new 2.4-27.2 patchball which updates
651 GRSecurity to the 2.0.1 version.
652
653 *hardened-sources-2.4.27-r2 (31 Aug 2004)
654
655 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
656 +hardened-sources-2.4.27-r2.ebuild:
657 Version bump.
658 This version uses the new 2.4-27.1 patchball which updates
659 both the SELinux PaX hooks patch and the SELinux headers.
660
661 *hardened-sources-2.4.27-r1 (09 Aug 2004)
662
663 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
664 +hardened-sources-2.4.27-r1.ebuild,
665 -hardened-sources-2.4.27.ebuild,
666 +files/2.4.27-cmdline-race.patch:
667 Version bump, fix for cmdline race. See bug #59905.
668
669 *hardened-sources-2.4.26-r6 (09 Aug 2004)
670
671 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
672 +hardened-sources-2.4.26-r6.ebuild,
673 -hardened-sources-2.4.26-r5.ebuild,
674 -hardened-sources-2.4.26-r4.ebuild,
675 +files/2.4.26-cmdline-race.patch:
676 Version bump, fix for cmdline race. See bug #59905.
677
678 *hardened-sources-2.4.27 (08 Aug 2004)
679
680 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
681 +hardened-sources-2.4.27.ebuild,
682 +files/2.4.27-CAN-2004-0394.patch:
683 Ported the patchball to the 2.4.27 kernel version.
684
685 *hardened-sources-2.4.26-r5 (07 Aug 2004)
686
687 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
688 +hardened-sources-2.4.26-r5.ebuild:
689 Updated to use the new hardened-patches-2.4-26.1 patchball.
690 It adds the following features:
691 - Squashfs
692 - Ebtables
693 - Netdev random (core+drivers)
694 - Watchdog Timer (WDT) fix.
695
696 *hardened-sources-2.4.26-r4 (04 Aug 2004)
697
698 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
699 +hardened-sources-2.4.26-r4.ebuild,
700 +files/2.4.26-CAN-2004-0415.patch,
701 -hardened-sources-2.4.26-3:
702 Version bump, fix for CAN 0415, see bug #59378.
703
704 *hardened-sources-2.4.26-r3 (22 Jul 2004)
705
706 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
707 +hardened-sources-2.4.26-r3.ebuild,
708 +files/2.4.26-CAN-2004-0497.patch,
709 -hardened-sources-2.4.26-r2.ebuild:
710 Version bump, fixed CAN 0497, see bug #56171.
711
712 *hardened-sources-2.4.26-r2 (29 Jun 2004)
713
714 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
715 +hardened-sources-2.4.26-r2.ebuild,
716 +files/2.4.26-CAN-2004-0495.patch,
717 +files/2.4.26-CAN-2004-0535.patch,
718 -hardened-sources-2.4.26-r1.ebuild:
719 Fixes for both CAN 0495 and 0535, see bug #54976
720
721 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
722 hardened-sources-2.4.26-r1.ebuild:
723 QA - fix use invocation
724
725 *hardened-sources-2.4.26-r1 (22 June 2004)
726
727 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
728 +hardened-sources-2.4.26-r1.ebuild,
729 +files/2.4.26-CAN-2004-0394.patch,
730 +files/2.4.26-signal-race.patch,
731 -hardened-sources-2.4.26.ebuild,
732 -hardened-sources-2.4.24-r3.ebuild:
733 Version bump for the CAN-2004-0394 issue and bug #53804
734 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
735
736
737 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
738 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
739 Masked hardened-sources-2.4.26.ebuild broken for ppc
740
741 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
742 hardened-sources-2.4.24-r3.ebuild:
743 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
744
745 *hardened-sources-2.4.26 (29 May 2004)
746
747 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
748 +hardened-sources-2.4.26.ebuild:
749 Updated hardened-sources for the 2.4.26 kernel
750 Removed broken components, updated almost everything.
751
752 *hardened-sources-2.4.24-r3 (17 Apr 2004)
753
754 17 Apr 2004; <plasmaroo@gentoo.org>
755 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
756 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
757 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
758 +hardened-sources-2.4.24-r3.ebuild:
759 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
760 vulnerabilities. Old revisions removed.
761
762 *hardened-sources-2.4.24-r2 (15 Apr 2004)
763
764 15 Apr 2004; <plasmaroo@gentoo.org>
765 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
766 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
767 Version bump for the CAN-2004-0109 issue; bug #47881.
768
769 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
770 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
771 Add eutils to inherit.
772
773 *hardened-sources-2.4.24-r1 (19 Feb 2004)
774
775 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
776 files/hardened-sources-2.4.24.munmap.patch:
777 Added the patch for the mremap/munmap vulnerability. Bug #42024.
778
779 *hardened-sources-2.4.24 (06 Feb 2004)
780
781 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
782 hardened-sources-2.4.24.ebuild:
783 Version bump, updated most of the components.
784 This release includes the following:
785
786 - Hardened security
787 - Netfilter patch-o-matic 20031219
788 - FreeSWAN 2.04 & x509 1.4.8
789 - EVMS 2.2.2
790 - XFS 1.3.1
791 - cryptoloop jari
792 - grsecurity 2.0-rc4
793 - SELinux
794 - PaX 200402060000
795 - PaX Obscurity 200308302223
796 - Others...
797
798 Neither -ck nor systrace are included anymore.
799
800 *hardened-sources-2.4.22-r2 (05 Jan 2004)
801
802 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
803 hardened-sources-2.4.22-r2.ebuild:
804 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
805
806 *hardened-sources-2.4.22-r1 (02 Dec 2003)
807
808 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
809 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
810
811 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
812 hardened-sources-2.4.22-r1.ebuild:
813 Version bump for the 'do_brk' vulnerability.
814
815 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
816 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
817 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
818 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
819 Fix the 'do_brk' vulnerability.
820
821 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
822 hardened-sources-2.4.22.ebuild:
823 - Removed the src_install() portion for SELinux flask
824 components. These are no longer handled in the kernel
825 so this code was not necessary.
826
827 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
828 New 2.4.22 based hardened-sources thanks to
829 Phil West <p.west@computer.org>.
830
831 These sources include:
832 - New SELinux API
833 - Updated CK-base
834 - Updated GRSec
835 - Systrace
836 - SuperFreeS/WAN 1.99.8
837 - Propolice kernel build support
838 - EVMS
839 - Other various security related patches
840
841 *hardened-sources-2.4.21 (14 Sep 2003)
842
843 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
844 Updated hardened-sources based on the 2.4.21 Linux kernel.
845 This includes updates to most major components such as:
846 - ck-base-0306300059
847 - selinux-2.4-2003071106
848 - grsecurity-2.0-rc1
849 - Updated IPTables patch-o-matic
850 - Updated SuperFreeS/WAN
851
852 Thanks to Phil West <pwest@computer.org> for his work in getting this
853 updated patch set ready for the 2.4.21 based kernel.
854
855 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
856 Initial import of hardened-sources-2.4.20-r4. This revision
857 includes only a few changes, but one of these is an important
858 security fix. It is recommended all users of hardened-sources
859 upgrade to this release.
860
861 - ioperm bug fix
862 - fixed compilation failure when building without GRSec
863
864 SAL (Secure Auditing for Linux) is NOT included in this revision
865 due to time constraints, but is planned for inclusion in the near
866 future.
867
868 *hardened-sources-2.4.20-r2 (12 Jun 2003)
869
870 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
871 hardened-sources-2.4.20-r3.ebuild:
872 Add Header...
873
874 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
875 hardened-sources-2.4.20-r3.ebuild:
876 Removed warnings from ebuild. This kernel should be safe to
877 use at this point.
878
879 *hardened-sources-2.4.20-r3 (08 Jun 2003)
880
881 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
882 hardened-sources-2.4.20-r3.ebuild:
883 New revision. Includes the following changes over -r2:
884
885 - ck7-base (O(1), preempt, low latency)
886 - Super FreeS/WAN 1.99.7rc2
887 - PaX for the LSM/SELinux branch
888 - GRSecurity 2.0-pre4 (role based access control)
889 - Systrace 1.3
890 - EXT3 fixes
891 - EVMS 2.0.1
892 - GCC 3.1+ compile optimizations
893 - ProPolice kernel build support
894 - Hashing table security fixes
895
896 *hardened-sources-2.4.20-r1 (09 Apr 2003)
897
898 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
899 Initial import of hardened-sources-r2. This new
900 ebuild includes many new performance and security
901 related patches. As in -r1, it will patch in
902 LSM/SELinux if "selinux" is in USE, otherwise it
903 will patch in GRSecurity. The following patches
904 are included in this revision:
905
906 - O(1) Scheduler, Low Latency, and Preempt
907 (pulled from the base CK patch)
908 - ptrace exploit patch for the LSM kernel
909 (the GRSec patch already fixes this)
910 - LSM 2.4-2003040709
911 - SELinux 2.4-2003040709
912 - Systrace v1.2
913 - IPTables patch-o-matic base patches - 20030107
914 - CryptoAPI 2.4.20.1 w/ loop-jari patch
915 - Super FreeS/WAN 1.99.6.1
916 - GRSecurity 1.9.9g
917 - MPPE
918 - EXT3 data journal fix
919 - CIPE 1.5.4
920
921 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
922 hardened-sources-2.4.20-r1.ebuild, manifest:
923 Updated to install flask components correctly for selinux.
924
925 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
926 hardened-sources-2.4.20-r1.ebuild:
927 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
928 is patched in instead. Ptrace patches for selinux have also been added. In
929 either case, systrace support will be patched in as well.
930
931 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
932 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
933 Revision bump for new sources.
934
935 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
936 hardened-sources-2.4.20-r1.ebuild:
937 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
938
939 *hardened-sources-2.4.20 (30 Mar 2003)
940
941 30 Mar 2003; Joshua Brindle <method@gentoo.org>
942 hardened-sources-2.4.20.ebuild:
943 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20