/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.148 - (show annotations) (download)
Wed May 2 18:14:40 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.147: +7 -1 lines
Version bump, Linux 2.6.21-hardened.
(Portage version: 2.1.2.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.147 2007/04/29 16:12:22 phreak Exp $
4
5 *hardened-sources-2.6.21 (02 May 2007)
6
7 02 May 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.21.ebuild:
9 Version bump, Linux 2.6.21-hardened.
10
11 29 Apr 2007; Christian Heim <phreak@gentoo.org>
12 hardened-sources-2.6.20-r2.ebuild:
13 Adding ~ia64 on Ned's request.
14
15 29 Apr 2007; Christian Heim <phreak@gentoo.org>
16 hardened-sources-2.6.20-r2.ebuild:
17 Fixing the included grsecurity patch, wasn't alligning due to the Index:
18 header line(s).
19
20 29 Apr 2007; Christian Heim <phreak@gentoo.org>
21 hardened-sources-2.6.20-r2.ebuild:
22 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
23
24 *hardened-sources-2.6.20-r2 (10 Apr 2007)
25
26 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
27 +hardened-sources-2.6.20-r2.ebuild:
28 Version bump, on behalf of phreak
29
30 *hardened-sources-2.6.20-r1 (04 Apr 2007)
31
32 04 Apr 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.20-r1.ebuild:
34 Revision bump, grabbing a newer grsecurity snapshot.
35
36 *hardened-sources-2.6.20 (25 Mar 2007)
37
38 25 Mar 2007; Christian Heim <phreak@gentoo.org>
39 +hardened-sources-2.6.20.ebuild:
40 Finally a hardened-sources version for 2.6.20; many people have been waiting
41 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
42 testbox.
43
44 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
45 hardened-sources-2.6.18-r6.ebuild:
46 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
47
48 *hardened-sources-2.6.18-r6 (16 Mar 2007)
49
50 16 Mar 2007; Christian Heim <phreak@gentoo.org>
51 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
52 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
53 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
54 supposed to be.
55
56 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
57 Fixing the Manifest, the previous one was broken (as in still had the
58 deleted ebuild in it).
59
60 06 Mar 2007; Christian Heim <phreak@gentoo.org>
61 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
62 +hardened-sources-2.6.18-r5.ebuild:
63 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
64 Linux 2.6.18.8. Also cleaning up the older version.
65
66 *hardened-sources-2.6.18-r5 (06 Mar 2007)
67
68 06 Mar 2007; Christian Heim <phreak@gentoo.org>
69 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
70 +hardened-sources-2.6.18-r5.ebuild:
71 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
72 Linux 2.6.18.8. Also cleaning up the older version.
73
74 24 Feb 2007; Christian Heim <phreak@gentoo.org>
75 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
76 -hardened-sources-2.6.19-r5.ebuild:
77 Removing some of the old version, that didn't work.
78
79 *hardened-sources-2.6.19-r6 (12 Feb 2007)
80
81 12 Feb 2007; Christian Heim <phreak@gentoo.org>
82 +hardened-sources-2.6.19-r6.ebuild:
83 Revision bump, including a new grsec version fixing #166235.
84
85 *hardened-sources-2.4.34 (24 Jan 2007)
86
87 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
88 Manifest:
89 updating Manifest with checksums of new tarball and ebuild
90
91 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
92 +hardened-sources-2.4.34.ebuild:
93 I added new hardened sources 2.4 update, this is a critical path
94 security bugfix - all users of h-s are strongly advised
95 to update their existing hardened sources to this version.
96 It contains a fix for a kernel vulnerability that is pertaining
97 to the PaX changes to virtual memory management, possibly leading
98 to a local kernel exploit ... see grsecurity.net forums and homepage
99
100 23 Jan 2007; Christian Heim <phreak@gentoo.org>
101 files/digest-hardened-sources-2.6.19-r5, Manifest:
102 Fixing the patch-tarball digest.
103
104 *hardened-sources-2.6.19-r5 (23 Jan 2007)
105
106 23 Jan 2007; Christian Heim <phreak@gentoo.org>
107 +hardened-sources-2.6.19-r5.ebuild:
108 Revision bump, closing the recently discovered PaX expand_stack()
109 vulnerability.
110
111 *hardened-sources-2.6.19-r4 (14 Jan 2007)
112
113 14 Jan 2007; Christian Heim <phreak@gentoo.org>
114 +hardened-sources-2.6.19-r4.ebuild:
115 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
116 dropping the randomized PID feature.
117
118 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
119 hardened-sources-2.4.33.4.ebuild:
120 stable x86, bug #161171
121
122 *hardened-sources-2.6.19-r3 (27 Dec 2006)
123
124 27 Dec 2006; Christian Heim <phreak@gentoo.org>
125 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
126 Revision bump for bug #157186 and #158786.
127
128 *hardened-sources-2.6.18-r4 (27 Dec 2006)
129
130 27 Dec 2006; Christian Heim <phreak@gentoo.org>
131 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
132 Revision bump for bug #157186.
133
134 *hardened-sources-2.6.19-r2 (23 Dec 2006)
135
136 23 Dec 2006; Christian Heim <phreak@gentoo.org>
137 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
138 Revision bump to pull in genpatches-2.6.19-3 for #157186.
139
140 17 Dec 2006; Christian Heim <phreak@gentoo.org>
141 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
142 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
143 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
144 hardened-sources-2.6.19-r1.ebuild:
145 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
146 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
147
148 *hardened-sources-2.4.33.4 (17 Dec 2006)
149
150 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
151 +hardened-sources-2.4.33.4.ebuild:
152 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
153 and quilting
154
155 *hardened-sources-2.6.19-r1 (14 Dec 2006)
156
157 14 Dec 2006; Christian Heim <phreak@gentoo.org>
158 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
159 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
160 for reporting).
161
162 *hardened-sources-2.6.19 (13 Dec 2006)
163
164 13 Dec 2006; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.19.ebuild:
166 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
167 Brad for providing that prompt update.
168
169 *hardened-sources-2.6.18-r3 (13 Dec 2006)
170
171 13 Dec 2006; Christian Heim <phreak@gentoo.org>
172 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
173 +hardened-sources-2.6.18-r3.ebuild:
174 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
175 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
176
177 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
178 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
179
180 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
181 Stable on ppc wrt bug 157356
182
183 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
184 hardened-sources-2.6.18.ebuild:
185 stable x86, bug #157356
186
187 *hardened-sources-2.6.18-r2 (06 Dec 2006)
188
189 06 Dec 2006; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.18-r2.ebuild:
191 Revision bump, including 2.6.18.5 (via genpatches) and
192 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
193 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
194 redesign.
195
196 06 Dec 2006; Christian Heim <phreak@gentoo.org>
197 hardened-sources-2.6.18.ebuild:
198 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
199 of Mike Doty).
200
201 *hardened-sources-2.6.18-r1 (23 Nov 2006)
202
203 23 Nov 2006; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.6.18-r1.ebuild:
205 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
206
207 *hardened-sources-2.6.18 (11 Nov 2006)
208
209 11 Nov 2006; Christian Heim <phreak@gentoo.org>
210 +hardened-sources-2.6.18.ebuild:
211 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
212
213 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
214 - mark amd64 stable also. bug #151877
215
216 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
217 - mark 2.6.17-r1 stable
218
219 27 Aug 2006; Christian Heim <phreak@gentoo.org>
220 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
221 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
222
223 *hardened-sources-2.6.17-r1 (26 Aug 2006)
224
225 26 Aug 2006; Christian Heim <phreak@gentoo.org>
226 +hardened-sources-2.6.17-r1.ebuild:
227 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
228 grsecurity patch.
229
230 *hardened-sources-2.6.17 (17 Aug 2006)
231
232 17 Aug 2006; Christian Heim <phreak@gentoo.org>
233 +hardened-sources-2.6.17.ebuild:
234 Bumping the hardened-sources-2.6 series to 2.6.17, using
235 genpatches-2.6.17-6.base.
236
237 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
238 - stable on x86 and amd64
239
240 *hardened-sources-2.6.16-r11 (15 Jul 2006)
241
242 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
243 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
244 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
245 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
246 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
247 crusty ebuilds
248
249 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
250 hardened-sources-2.6.16-r10.ebuild:
251 marking stable on x86 and amd64
252
253 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
254 - 2.4.32-r6 stable on x86. RSBAC state unknown
255
256 *hardened-sources-2.4.32-r7 (10 Jul 2006)
257
258 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
259 +hardened-sources-2.4.32-r7.ebuild:
260 Bump PaX for RSBAC to test-17
261
262 *hardened-sources-2.6.16-r9 (03 Jul 2006)
263
264 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
265 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
266 hardened-sources-2.6.16 bump to latest -base.
267
268 *hardened-sources-2.4.32-r6 (30 Jun 2006)
269
270 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
271 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
272 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
273 sysctl controlable resource logging
274
275 *hardened-sources-2.6.16-r7 (05 Jun 2006)
276
277 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
278 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
279 push new 2.6.16 release in preparation for stable
280
281 22 May 2006; <solar@gentoo.org> :
282 - redigest bug 134002
283
284 *hardened-sources-2.4.32-r5 (16 May 2006)
285
286 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
287 +hardened-sources-2.4.32-r5.ebuild:
288 Fixes rsbac common patching (new patch in new -r5 patchset)
289
290 *hardened-sources-2.4.32-r4 (13 May 2006)
291
292 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
293 +hardened-sources-2.4.32-r4.ebuild:
294 - security bumps
295
296 *hardened-sources-2.6.16-r6 (03 May 2006)
297
298 03 May 2006; John Mylchreest <johnm@gentoo.org>
299 +hardened-sources-2.6.16-r6.ebuild:
300 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
301
302 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
303 hardened-sources-2.6.14-r8.ebuild:
304 fix x86_64 build problem, this will delay the digest issue again for a short
305 while but it will sort itself out
306
307 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
308 hardened-sources-2.6.14-r8.ebuild:
309 bump hardened patchset
310
311 27 Apr 2006; Alec Warner <antarus@gentoo.org>
312 files/digest-hardened-sources-2.4.32-r2,
313 files/digest-hardened-sources-2.4.32-r3,
314 files/digest-hardened-sources-2.6.14-r8, Manifest:
315 Fixing duff SHA256 digests: Bug # 131293
316
317 *hardened-sources-2.6.16-r5 (27 Apr 2006)
318
319 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
320 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
321 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
322 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
323 cleanup of old uneccessary sources
324
325 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
326 fix digest
327
328 *hardened-sources-2.6.14-r8 (20 Apr 2006)
329
330 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
331 +hardened-sources-2.6.14-r8.ebuild:
332 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
333
334 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
335 Turning on gpg-signing again, and recomitting
336
337 *hardened-sources-2.6.16-r4 (20 Apr 2006)
338
339 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
340 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
341 +hardened-sources-2.6.16-r4.ebuild:
342 Fix numerous security vulns
343
344 *hardened-sources-2.4.32-r3 (16 Apr 2006)
345
346 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
347 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
348 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
349 - security bump for bug #112791. Removed old ebuilds
350
351 *hardened-sources-2.6.16-r3 (15 Apr 2006)
352
353 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
354 +hardened-sources-2.6.16-r3.ebuild:
355 Removing silly localversion which I missed
356
357 *hardened-sources-2.6.14-r7 (14 Apr 2006)
358
359 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
360 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
361 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
362
363 *hardened-sources-2.6.16-r2 (13 Apr 2006)
364
365 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
366 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
367 +hardened-sources-2.6.16-r2.ebuild:
368 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
369 labels, dropping USERGROUP define fixes, since these were merged mainstream.
370
371 *hardened-sources-2.6.16-r1 (11 Apr 2006)
372
373 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
374 +hardened-sources-2.6.16-r1.ebuild:
375 Bumping to include ppc build fix and 2.6.16.3
376
377 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
378 hardened-sources-2.6.14-r6.ebuild:
379 Stable on x86; bug #127718
380
381 *hardened-sources-2.6.16 (31 Mar 2006)
382
383 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
384 +hardened-sources-2.6.16.ebuild:
385 Bumping to new version of grsec, and kernel base. New squashfs. Based on
386 2.6.16.1
387
388 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
389 hardened-sources-2.6.14-r6.ebuild:
390 Stable on amd64, bug 127718.
391
392 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
393 Stable on ppc. Bug #127718
394
395 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
396 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
397 -hardened-sources-2.6.14-r4.ebuild:
398 Cleanup.
399
400 *hardened-sources-2.6.14-r6 (15 Mar 2006)
401
402 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
403 +hardened-sources-2.6.14-r6.ebuild:
404 Fixes grsec policy recreation bug and adds a
405 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
406
407 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
408 - stable on x86
409
410 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
411 hardened-sources-2.6.14-r5.ebuild:
412 Stable on ppc.
413
414 *hardened-sources-2.6.14-r5 (01 Feb 2006)
415
416 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
417 +hardened-sources-2.6.14-r5.ebuild:
418 fixing every known exploit
419
420 *hardened-sources-2.4.32-r2 (26 Jan 2006)
421
422 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
423 +hardened-sources-2.4.32-r2.ebuild:
424 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
425
426 *hardened-sources-2.6.14-r4 (12 Jan 2006)
427
428 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
429 - version bump for new genpatches which fix up a few sec holes
430
431 *hardened-sources-2.4.32-r1 (05 Jan 2006)
432
433 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
434 - revision bump to add misc vital linux kernel security patches.
435
436 *hardened-sources-2.6.14-r3 (30 Dec 2005)
437
438 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
439 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
440 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
441
442 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
443 hardened-sources-2.6.14-r2.ebuild:
444 making x86 & amd64 stable following testing.
445
446 *hardened-sources-2.6.14-r2 (27 Dec 2005)
447
448 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
449 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
450 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
451 network hooks.
452
453 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
454 hardened-sources-2.6.14-r1.ebuild:
455 bumping to stable early for sec fix on x86 & amd64
456
457 *hardened-sources-2.6.14-r1 (05 Dec 2005)
458
459 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
460 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
461 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
462
463 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
464 - stable on x86 security bug #114227 CAN-2005-3257
465
466 *hardened-sources-2.4.32 (19 Nov 2005)
467
468 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
469 +hardened-sources-2.4.32.ebuild:
470 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
471 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
472 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
473 rsbac >> /etc/portage/package.use)
474
475 *hardened-sources-2.6.14 (14 Nov 2005)
476
477 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
478 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
479 Bumping 2.6 series to 2.6.14.2
480
481 *hardened-sources-2.6.13-r2 (20 Oct 2005)
482
483 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
484 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
485 +hardened-sources-2.6.13-r2.ebuild:
486 Fixes minor build error in ppc.
487
488 *hardened-sources-2.6.13-r1 (17 Oct 2005)
489
490 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
491 +hardened-sources-2.6.13-r1.ebuild:
492 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
493 2.6.13.4, fixes some major amd64 stability problems.
494
495 *hardened-sources-2.6.13 (16 Sep 2005)
496
497 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
498 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
499 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
500 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
501 users should test this thoroughly.
502
503 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
504 - stable on x86
505
506 *hardened-sources-2.6.11-r15 (27 Jun 2005)
507
508 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
509 +hardened-sources-2.6.11-r15.ebuild:
510 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
511 grsec redefining curr_ip struct.
512
513 *hardened-sources-2.4.31 (20 Jun 2005)
514
515 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
516 initial import of 2.4.31 tree
517
518 *hardened-sources-2.6.11-r14 (14 Jun 2005)
519
520 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
521 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
522 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
523 naming scheme to abide by genpatches
524
525 *hardened-sources-2.6.11-r13 (18 May 2005)
526
527 18 May 2005; John Mylchreest <johnm@gentoo.org>
528 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
529 Managed to mangle the Makefile patch from grsec, to miss out the grsec
530 target. sorry about that. Fixes bug #93022
531
532 *hardened-sources-2.6.11-r12 (17 May 2005)
533
534 17 May 2005; John Mylchreest <johnm@gentoo.org>
535 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
536 +hardened-sources-2.6.11-r12.ebuild:
537 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
538 merges in genpatches-base
539
540 *hardened-sources-2.6.11-r12 (17 May 2005)
541
542 17 May 2005; John Mylchreest <johnm@gentoo.org>
543 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
544 +hardened-sources-2.6.11-r12.ebuild:
545 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
546 merges in genpatches-base
547
548 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
549 -files/2.4.27-cmdline-race.patch,
550 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
551 -files/2.4.28-grsec-binfmt_a.out.patch,
552 -files/2.4.28-grsec-cmdline-race.patch,
553 -files/2.4.28-selinux-binfmt_a.out.patch,
554 -files/2.4.28-selinux-cmdline-race.patch,
555 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
556 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
557 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
558 cleanup..
559
560 *hardened-sources-2.4.30-r1 (21 Apr 2005)
561
562 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
563 - disable aout by default
564
565 *hardened-sources-2.4.30 (18 Apr 2005)
566
567 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
568 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
569 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
570 use
571
572 *hardened-sources-2.4.29 (30 Mar 2005)
573
574 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
575 +hardened-sources-2.4.29.ebuild:
576 New hardened-patches-2.4-29.0 patchball.
577 Removed SELinux support, upgraded GRSecurity to 2.1.4.
578
579 *hardened-sources-2.4.28-r5 (06 Mar 2005)
580
581 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
582 +hardened-sources-2.4.28-r5.ebuild:
583 Added a fix for a PaX vulnerability.
584
585 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
586 hardened-sources-2.4.28-r4.ebuild:
587 Stable on x86
588
589 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
590 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
591 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
592 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
593 - fixed/added RDEPEND= in all kernel-2 ebuilds
594
595 *hardened-sources-2.4.28-r4 (21 Jan 2005)
596
597 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
598 +hardened-sources-2.4.28-r4.ebuild:
599 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
600 backport of neighbour hash updates.
601
602 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
603 hardened-sources-2.4.28-r3.ebuild:
604 Stable on x86
605
606 *hardened-sources-2.6.10-r3 (20 Jan 2005)
607
608 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
609 +hardened-sources-2.6.10-r3.ebuild:
610 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
611 in 2005.0
612
613 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
614 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
615 hardened-sources-2.4.28-r2.ebuild:
616 Mark stable on x86
617
618 *hardened-sources-2.4.28-r3 (17 Jan 2005)
619
620 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
621 +hardened-sources-2.4.28-r3.ebuild:
622 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
623
624 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
625 hardened-sources-2.4.28.ebuild:
626 Mark stable on x86.
627
628 *hardened-sources-2.4.28-r2 (13 Jan 2005)
629
630 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
631 +hardened-sources-2.4.28-r2.ebuild:
632 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
633 Mazinger for grsecurity patches as well.
634
635 *hardened-sources-2.4.28-r1 (23 Dec 2004)
636
637 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
638 Security bump. Thank tocharian for rolling a new patchset...
639
640 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
641 +files/2.4.28-grsec-cmdline-race.patch,
642 +files/2.4.28-selinux-binfmt_a.out.patch,
643 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
644 - Round up remaining security patches that appear to be missing in 2.4.28. -
645 PaX standalone updated to current. hgpv=28.1
646
647 *hardened-sources-2.4.28 (28 Nov 2004)
648
649 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
650 security bump. Thank tocharian for rolling a new patchset
651
652 *hardened-sources-2.4.27-r3 (08 Sep 2004)
653
654 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
655 +hardened-sources-2.4.27-r3.ebuild:
656 Applies the new 2.4-27.2 patchball which updates
657 GRSecurity to the 2.0.1 version.
658
659 *hardened-sources-2.4.27-r2 (31 Aug 2004)
660
661 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
662 +hardened-sources-2.4.27-r2.ebuild:
663 Version bump.
664 This version uses the new 2.4-27.1 patchball which updates
665 both the SELinux PaX hooks patch and the SELinux headers.
666
667 *hardened-sources-2.4.27-r1 (09 Aug 2004)
668
669 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
670 +hardened-sources-2.4.27-r1.ebuild,
671 -hardened-sources-2.4.27.ebuild,
672 +files/2.4.27-cmdline-race.patch:
673 Version bump, fix for cmdline race. See bug #59905.
674
675 *hardened-sources-2.4.26-r6 (09 Aug 2004)
676
677 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
678 +hardened-sources-2.4.26-r6.ebuild,
679 -hardened-sources-2.4.26-r5.ebuild,
680 -hardened-sources-2.4.26-r4.ebuild,
681 +files/2.4.26-cmdline-race.patch:
682 Version bump, fix for cmdline race. See bug #59905.
683
684 *hardened-sources-2.4.27 (08 Aug 2004)
685
686 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
687 +hardened-sources-2.4.27.ebuild,
688 +files/2.4.27-CAN-2004-0394.patch:
689 Ported the patchball to the 2.4.27 kernel version.
690
691 *hardened-sources-2.4.26-r5 (07 Aug 2004)
692
693 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
694 +hardened-sources-2.4.26-r5.ebuild:
695 Updated to use the new hardened-patches-2.4-26.1 patchball.
696 It adds the following features:
697 - Squashfs
698 - Ebtables
699 - Netdev random (core+drivers)
700 - Watchdog Timer (WDT) fix.
701
702 *hardened-sources-2.4.26-r4 (04 Aug 2004)
703
704 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
705 +hardened-sources-2.4.26-r4.ebuild,
706 +files/2.4.26-CAN-2004-0415.patch,
707 -hardened-sources-2.4.26-3:
708 Version bump, fix for CAN 0415, see bug #59378.
709
710 *hardened-sources-2.4.26-r3 (22 Jul 2004)
711
712 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
713 +hardened-sources-2.4.26-r3.ebuild,
714 +files/2.4.26-CAN-2004-0497.patch,
715 -hardened-sources-2.4.26-r2.ebuild:
716 Version bump, fixed CAN 0497, see bug #56171.
717
718 *hardened-sources-2.4.26-r2 (29 Jun 2004)
719
720 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
721 +hardened-sources-2.4.26-r2.ebuild,
722 +files/2.4.26-CAN-2004-0495.patch,
723 +files/2.4.26-CAN-2004-0535.patch,
724 -hardened-sources-2.4.26-r1.ebuild:
725 Fixes for both CAN 0495 and 0535, see bug #54976
726
727 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
728 hardened-sources-2.4.26-r1.ebuild:
729 QA - fix use invocation
730
731 *hardened-sources-2.4.26-r1 (22 June 2004)
732
733 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
734 +hardened-sources-2.4.26-r1.ebuild,
735 +files/2.4.26-CAN-2004-0394.patch,
736 +files/2.4.26-signal-race.patch,
737 -hardened-sources-2.4.26.ebuild,
738 -hardened-sources-2.4.24-r3.ebuild:
739 Version bump for the CAN-2004-0394 issue and bug #53804
740 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
741
742
743 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
744 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
745 Masked hardened-sources-2.4.26.ebuild broken for ppc
746
747 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
748 hardened-sources-2.4.24-r3.ebuild:
749 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
750
751 *hardened-sources-2.4.26 (29 May 2004)
752
753 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
754 +hardened-sources-2.4.26.ebuild:
755 Updated hardened-sources for the 2.4.26 kernel
756 Removed broken components, updated almost everything.
757
758 *hardened-sources-2.4.24-r3 (17 Apr 2004)
759
760 17 Apr 2004; <plasmaroo@gentoo.org>
761 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
762 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
763 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
764 +hardened-sources-2.4.24-r3.ebuild:
765 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
766 vulnerabilities. Old revisions removed.
767
768 *hardened-sources-2.4.24-r2 (15 Apr 2004)
769
770 15 Apr 2004; <plasmaroo@gentoo.org>
771 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
772 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
773 Version bump for the CAN-2004-0109 issue; bug #47881.
774
775 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
776 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
777 Add eutils to inherit.
778
779 *hardened-sources-2.4.24-r1 (19 Feb 2004)
780
781 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
782 files/hardened-sources-2.4.24.munmap.patch:
783 Added the patch for the mremap/munmap vulnerability. Bug #42024.
784
785 *hardened-sources-2.4.24 (06 Feb 2004)
786
787 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
788 hardened-sources-2.4.24.ebuild:
789 Version bump, updated most of the components.
790 This release includes the following:
791
792 - Hardened security
793 - Netfilter patch-o-matic 20031219
794 - FreeSWAN 2.04 & x509 1.4.8
795 - EVMS 2.2.2
796 - XFS 1.3.1
797 - cryptoloop jari
798 - grsecurity 2.0-rc4
799 - SELinux
800 - PaX 200402060000
801 - PaX Obscurity 200308302223
802 - Others...
803
804 Neither -ck nor systrace are included anymore.
805
806 *hardened-sources-2.4.22-r2 (05 Jan 2004)
807
808 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
809 hardened-sources-2.4.22-r2.ebuild:
810 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
811
812 *hardened-sources-2.4.22-r1 (02 Dec 2003)
813
814 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
815 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
816
817 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
818 hardened-sources-2.4.22-r1.ebuild:
819 Version bump for the 'do_brk' vulnerability.
820
821 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
822 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
823 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
824 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
825 Fix the 'do_brk' vulnerability.
826
827 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
828 hardened-sources-2.4.22.ebuild:
829 - Removed the src_install() portion for SELinux flask
830 components. These are no longer handled in the kernel
831 so this code was not necessary.
832
833 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
834 New 2.4.22 based hardened-sources thanks to
835 Phil West <p.west@computer.org>.
836
837 These sources include:
838 - New SELinux API
839 - Updated CK-base
840 - Updated GRSec
841 - Systrace
842 - SuperFreeS/WAN 1.99.8
843 - Propolice kernel build support
844 - EVMS
845 - Other various security related patches
846
847 *hardened-sources-2.4.21 (14 Sep 2003)
848
849 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
850 Updated hardened-sources based on the 2.4.21 Linux kernel.
851 This includes updates to most major components such as:
852 - ck-base-0306300059
853 - selinux-2.4-2003071106
854 - grsecurity-2.0-rc1
855 - Updated IPTables patch-o-matic
856 - Updated SuperFreeS/WAN
857
858 Thanks to Phil West <pwest@computer.org> for his work in getting this
859 updated patch set ready for the 2.4.21 based kernel.
860
861 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
862 Initial import of hardened-sources-2.4.20-r4. This revision
863 includes only a few changes, but one of these is an important
864 security fix. It is recommended all users of hardened-sources
865 upgrade to this release.
866
867 - ioperm bug fix
868 - fixed compilation failure when building without GRSec
869
870 SAL (Secure Auditing for Linux) is NOT included in this revision
871 due to time constraints, but is planned for inclusion in the near
872 future.
873
874 *hardened-sources-2.4.20-r2 (12 Jun 2003)
875
876 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
877 hardened-sources-2.4.20-r3.ebuild:
878 Add Header...
879
880 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
881 hardened-sources-2.4.20-r3.ebuild:
882 Removed warnings from ebuild. This kernel should be safe to
883 use at this point.
884
885 *hardened-sources-2.4.20-r3 (08 Jun 2003)
886
887 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
888 hardened-sources-2.4.20-r3.ebuild:
889 New revision. Includes the following changes over -r2:
890
891 - ck7-base (O(1), preempt, low latency)
892 - Super FreeS/WAN 1.99.7rc2
893 - PaX for the LSM/SELinux branch
894 - GRSecurity 2.0-pre4 (role based access control)
895 - Systrace 1.3
896 - EXT3 fixes
897 - EVMS 2.0.1
898 - GCC 3.1+ compile optimizations
899 - ProPolice kernel build support
900 - Hashing table security fixes
901
902 *hardened-sources-2.4.20-r1 (09 Apr 2003)
903
904 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
905 Initial import of hardened-sources-r2. This new
906 ebuild includes many new performance and security
907 related patches. As in -r1, it will patch in
908 LSM/SELinux if "selinux" is in USE, otherwise it
909 will patch in GRSecurity. The following patches
910 are included in this revision:
911
912 - O(1) Scheduler, Low Latency, and Preempt
913 (pulled from the base CK patch)
914 - ptrace exploit patch for the LSM kernel
915 (the GRSec patch already fixes this)
916 - LSM 2.4-2003040709
917 - SELinux 2.4-2003040709
918 - Systrace v1.2
919 - IPTables patch-o-matic base patches - 20030107
920 - CryptoAPI 2.4.20.1 w/ loop-jari patch
921 - Super FreeS/WAN 1.99.6.1
922 - GRSecurity 1.9.9g
923 - MPPE
924 - EXT3 data journal fix
925 - CIPE 1.5.4
926
927 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
928 hardened-sources-2.4.20-r1.ebuild, manifest:
929 Updated to install flask components correctly for selinux.
930
931 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
932 hardened-sources-2.4.20-r1.ebuild:
933 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
934 is patched in instead. Ptrace patches for selinux have also been added. In
935 either case, systrace support will be patched in as well.
936
937 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
938 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
939 Revision bump for new sources.
940
941 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
942 hardened-sources-2.4.20-r1.ebuild:
943 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
944
945 *hardened-sources-2.4.20 (30 Mar 2003)
946
947 30 Mar 2003; Joshua Brindle <method@gentoo.org>
948 hardened-sources-2.4.20.ebuild:
949 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20