/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.150 - (show annotations) (download)
Mon May 7 10:01:24 2007 UTC (7 years, 2 months ago) by kevquinn
Branch: MAIN
Changes since 1.149: +5 -1 lines
Fix Manifest/digest for linux-2.6.21.tar.bz2
(Portage version: 2.1.2.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.149 2007/05/06 15:58:26 phreak Exp $
4
5 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
6 files/digest-hardened-sources-2.6.21, Manifest:
7 Fix Manifest/digest for linux-2.6.21.tar.bz2
8
9 06 May 2007; Christian Heim <phreak@gentoo.org>
10 hardened-sources-2.6.21.ebuild:
11 Bumping the hardened-patches version, needed for the fix for #177234.
12
13 *hardened-sources-2.6.21 (02 May 2007)
14
15 02 May 2007; Christian Heim <phreak@gentoo.org>
16 +hardened-sources-2.6.21.ebuild:
17 Version bump, Linux 2.6.21-hardened.
18
19 29 Apr 2007; Christian Heim <phreak@gentoo.org>
20 hardened-sources-2.6.20-r2.ebuild:
21 Adding ~ia64 on Ned's request.
22
23 29 Apr 2007; Christian Heim <phreak@gentoo.org>
24 hardened-sources-2.6.20-r2.ebuild:
25 Fixing the included grsecurity patch, wasn't alligning due to the Index:
26 header line(s).
27
28 29 Apr 2007; Christian Heim <phreak@gentoo.org>
29 hardened-sources-2.6.20-r2.ebuild:
30 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
31
32 *hardened-sources-2.6.20-r2 (10 Apr 2007)
33
34 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
35 +hardened-sources-2.6.20-r2.ebuild:
36 Version bump, on behalf of phreak
37
38 *hardened-sources-2.6.20-r1 (04 Apr 2007)
39
40 04 Apr 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.20-r1.ebuild:
42 Revision bump, grabbing a newer grsecurity snapshot.
43
44 *hardened-sources-2.6.20 (25 Mar 2007)
45
46 25 Mar 2007; Christian Heim <phreak@gentoo.org>
47 +hardened-sources-2.6.20.ebuild:
48 Finally a hardened-sources version for 2.6.20; many people have been waiting
49 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
50 testbox.
51
52 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
53 hardened-sources-2.6.18-r6.ebuild:
54 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
55
56 *hardened-sources-2.6.18-r6 (16 Mar 2007)
57
58 16 Mar 2007; Christian Heim <phreak@gentoo.org>
59 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
60 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
61 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
62 supposed to be.
63
64 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
65 Fixing the Manifest, the previous one was broken (as in still had the
66 deleted ebuild in it).
67
68 06 Mar 2007; Christian Heim <phreak@gentoo.org>
69 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
70 +hardened-sources-2.6.18-r5.ebuild:
71 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
72 Linux 2.6.18.8. Also cleaning up the older version.
73
74 *hardened-sources-2.6.18-r5 (06 Mar 2007)
75
76 06 Mar 2007; Christian Heim <phreak@gentoo.org>
77 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
78 +hardened-sources-2.6.18-r5.ebuild:
79 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
80 Linux 2.6.18.8. Also cleaning up the older version.
81
82 24 Feb 2007; Christian Heim <phreak@gentoo.org>
83 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
84 -hardened-sources-2.6.19-r5.ebuild:
85 Removing some of the old version, that didn't work.
86
87 *hardened-sources-2.6.19-r6 (12 Feb 2007)
88
89 12 Feb 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.19-r6.ebuild:
91 Revision bump, including a new grsec version fixing #166235.
92
93 *hardened-sources-2.4.34 (24 Jan 2007)
94
95 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
96 Manifest:
97 updating Manifest with checksums of new tarball and ebuild
98
99 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
100 +hardened-sources-2.4.34.ebuild:
101 I added new hardened sources 2.4 update, this is a critical path
102 security bugfix - all users of h-s are strongly advised
103 to update their existing hardened sources to this version.
104 It contains a fix for a kernel vulnerability that is pertaining
105 to the PaX changes to virtual memory management, possibly leading
106 to a local kernel exploit ... see grsecurity.net forums and homepage
107
108 23 Jan 2007; Christian Heim <phreak@gentoo.org>
109 files/digest-hardened-sources-2.6.19-r5, Manifest:
110 Fixing the patch-tarball digest.
111
112 *hardened-sources-2.6.19-r5 (23 Jan 2007)
113
114 23 Jan 2007; Christian Heim <phreak@gentoo.org>
115 +hardened-sources-2.6.19-r5.ebuild:
116 Revision bump, closing the recently discovered PaX expand_stack()
117 vulnerability.
118
119 *hardened-sources-2.6.19-r4 (14 Jan 2007)
120
121 14 Jan 2007; Christian Heim <phreak@gentoo.org>
122 +hardened-sources-2.6.19-r4.ebuild:
123 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
124 dropping the randomized PID feature.
125
126 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
127 hardened-sources-2.4.33.4.ebuild:
128 stable x86, bug #161171
129
130 *hardened-sources-2.6.19-r3 (27 Dec 2006)
131
132 27 Dec 2006; Christian Heim <phreak@gentoo.org>
133 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
134 Revision bump for bug #157186 and #158786.
135
136 *hardened-sources-2.6.18-r4 (27 Dec 2006)
137
138 27 Dec 2006; Christian Heim <phreak@gentoo.org>
139 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
140 Revision bump for bug #157186.
141
142 *hardened-sources-2.6.19-r2 (23 Dec 2006)
143
144 23 Dec 2006; Christian Heim <phreak@gentoo.org>
145 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
146 Revision bump to pull in genpatches-2.6.19-3 for #157186.
147
148 17 Dec 2006; Christian Heim <phreak@gentoo.org>
149 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
150 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
151 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
152 hardened-sources-2.6.19-r1.ebuild:
153 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
154 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
155
156 *hardened-sources-2.4.33.4 (17 Dec 2006)
157
158 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
159 +hardened-sources-2.4.33.4.ebuild:
160 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
161 and quilting
162
163 *hardened-sources-2.6.19-r1 (14 Dec 2006)
164
165 14 Dec 2006; Christian Heim <phreak@gentoo.org>
166 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
167 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
168 for reporting).
169
170 *hardened-sources-2.6.19 (13 Dec 2006)
171
172 13 Dec 2006; Christian Heim <phreak@gentoo.org>
173 +hardened-sources-2.6.19.ebuild:
174 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
175 Brad for providing that prompt update.
176
177 *hardened-sources-2.6.18-r3 (13 Dec 2006)
178
179 13 Dec 2006; Christian Heim <phreak@gentoo.org>
180 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
181 +hardened-sources-2.6.18-r3.ebuild:
182 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
183 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
184
185 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
186 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
187
188 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
189 Stable on ppc wrt bug 157356
190
191 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
192 hardened-sources-2.6.18.ebuild:
193 stable x86, bug #157356
194
195 *hardened-sources-2.6.18-r2 (06 Dec 2006)
196
197 06 Dec 2006; Christian Heim <phreak@gentoo.org>
198 +hardened-sources-2.6.18-r2.ebuild:
199 Revision bump, including 2.6.18.5 (via genpatches) and
200 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
201 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
202 redesign.
203
204 06 Dec 2006; Christian Heim <phreak@gentoo.org>
205 hardened-sources-2.6.18.ebuild:
206 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
207 of Mike Doty).
208
209 *hardened-sources-2.6.18-r1 (23 Nov 2006)
210
211 23 Nov 2006; Christian Heim <phreak@gentoo.org>
212 +hardened-sources-2.6.18-r1.ebuild:
213 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
214
215 *hardened-sources-2.6.18 (11 Nov 2006)
216
217 11 Nov 2006; Christian Heim <phreak@gentoo.org>
218 +hardened-sources-2.6.18.ebuild:
219 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
220
221 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
222 - mark amd64 stable also. bug #151877
223
224 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
225 - mark 2.6.17-r1 stable
226
227 27 Aug 2006; Christian Heim <phreak@gentoo.org>
228 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
229 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
230
231 *hardened-sources-2.6.17-r1 (26 Aug 2006)
232
233 26 Aug 2006; Christian Heim <phreak@gentoo.org>
234 +hardened-sources-2.6.17-r1.ebuild:
235 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
236 grsecurity patch.
237
238 *hardened-sources-2.6.17 (17 Aug 2006)
239
240 17 Aug 2006; Christian Heim <phreak@gentoo.org>
241 +hardened-sources-2.6.17.ebuild:
242 Bumping the hardened-sources-2.6 series to 2.6.17, using
243 genpatches-2.6.17-6.base.
244
245 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
246 - stable on x86 and amd64
247
248 *hardened-sources-2.6.16-r11 (15 Jul 2006)
249
250 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
251 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
252 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
253 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
254 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
255 crusty ebuilds
256
257 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
258 hardened-sources-2.6.16-r10.ebuild:
259 marking stable on x86 and amd64
260
261 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
262 - 2.4.32-r6 stable on x86. RSBAC state unknown
263
264 *hardened-sources-2.4.32-r7 (10 Jul 2006)
265
266 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
267 +hardened-sources-2.4.32-r7.ebuild:
268 Bump PaX for RSBAC to test-17
269
270 *hardened-sources-2.6.16-r9 (03 Jul 2006)
271
272 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
273 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
274 hardened-sources-2.6.16 bump to latest -base.
275
276 *hardened-sources-2.4.32-r6 (30 Jun 2006)
277
278 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
279 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
280 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
281 sysctl controlable resource logging
282
283 *hardened-sources-2.6.16-r7 (05 Jun 2006)
284
285 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
286 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
287 push new 2.6.16 release in preparation for stable
288
289 22 May 2006; <solar@gentoo.org> :
290 - redigest bug 134002
291
292 *hardened-sources-2.4.32-r5 (16 May 2006)
293
294 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
295 +hardened-sources-2.4.32-r5.ebuild:
296 Fixes rsbac common patching (new patch in new -r5 patchset)
297
298 *hardened-sources-2.4.32-r4 (13 May 2006)
299
300 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
301 +hardened-sources-2.4.32-r4.ebuild:
302 - security bumps
303
304 *hardened-sources-2.6.16-r6 (03 May 2006)
305
306 03 May 2006; John Mylchreest <johnm@gentoo.org>
307 +hardened-sources-2.6.16-r6.ebuild:
308 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
309
310 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
311 hardened-sources-2.6.14-r8.ebuild:
312 fix x86_64 build problem, this will delay the digest issue again for a short
313 while but it will sort itself out
314
315 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
316 hardened-sources-2.6.14-r8.ebuild:
317 bump hardened patchset
318
319 27 Apr 2006; Alec Warner <antarus@gentoo.org>
320 files/digest-hardened-sources-2.4.32-r2,
321 files/digest-hardened-sources-2.4.32-r3,
322 files/digest-hardened-sources-2.6.14-r8, Manifest:
323 Fixing duff SHA256 digests: Bug # 131293
324
325 *hardened-sources-2.6.16-r5 (27 Apr 2006)
326
327 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
328 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
329 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
330 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
331 cleanup of old uneccessary sources
332
333 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
334 fix digest
335
336 *hardened-sources-2.6.14-r8 (20 Apr 2006)
337
338 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
339 +hardened-sources-2.6.14-r8.ebuild:
340 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
341
342 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
343 Turning on gpg-signing again, and recomitting
344
345 *hardened-sources-2.6.16-r4 (20 Apr 2006)
346
347 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
348 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
349 +hardened-sources-2.6.16-r4.ebuild:
350 Fix numerous security vulns
351
352 *hardened-sources-2.4.32-r3 (16 Apr 2006)
353
354 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
355 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
356 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
357 - security bump for bug #112791. Removed old ebuilds
358
359 *hardened-sources-2.6.16-r3 (15 Apr 2006)
360
361 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
362 +hardened-sources-2.6.16-r3.ebuild:
363 Removing silly localversion which I missed
364
365 *hardened-sources-2.6.14-r7 (14 Apr 2006)
366
367 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
368 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
369 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
370
371 *hardened-sources-2.6.16-r2 (13 Apr 2006)
372
373 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
374 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
375 +hardened-sources-2.6.16-r2.ebuild:
376 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
377 labels, dropping USERGROUP define fixes, since these were merged mainstream.
378
379 *hardened-sources-2.6.16-r1 (11 Apr 2006)
380
381 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
382 +hardened-sources-2.6.16-r1.ebuild:
383 Bumping to include ppc build fix and 2.6.16.3
384
385 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
386 hardened-sources-2.6.14-r6.ebuild:
387 Stable on x86; bug #127718
388
389 *hardened-sources-2.6.16 (31 Mar 2006)
390
391 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
392 +hardened-sources-2.6.16.ebuild:
393 Bumping to new version of grsec, and kernel base. New squashfs. Based on
394 2.6.16.1
395
396 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
397 hardened-sources-2.6.14-r6.ebuild:
398 Stable on amd64, bug 127718.
399
400 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
401 Stable on ppc. Bug #127718
402
403 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
404 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
405 -hardened-sources-2.6.14-r4.ebuild:
406 Cleanup.
407
408 *hardened-sources-2.6.14-r6 (15 Mar 2006)
409
410 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
411 +hardened-sources-2.6.14-r6.ebuild:
412 Fixes grsec policy recreation bug and adds a
413 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
414
415 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
416 - stable on x86
417
418 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
419 hardened-sources-2.6.14-r5.ebuild:
420 Stable on ppc.
421
422 *hardened-sources-2.6.14-r5 (01 Feb 2006)
423
424 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
425 +hardened-sources-2.6.14-r5.ebuild:
426 fixing every known exploit
427
428 *hardened-sources-2.4.32-r2 (26 Jan 2006)
429
430 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
431 +hardened-sources-2.4.32-r2.ebuild:
432 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
433
434 *hardened-sources-2.6.14-r4 (12 Jan 2006)
435
436 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
437 - version bump for new genpatches which fix up a few sec holes
438
439 *hardened-sources-2.4.32-r1 (05 Jan 2006)
440
441 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
442 - revision bump to add misc vital linux kernel security patches.
443
444 *hardened-sources-2.6.14-r3 (30 Dec 2005)
445
446 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
447 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
448 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
449
450 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
451 hardened-sources-2.6.14-r2.ebuild:
452 making x86 & amd64 stable following testing.
453
454 *hardened-sources-2.6.14-r2 (27 Dec 2005)
455
456 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
457 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
458 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
459 network hooks.
460
461 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
462 hardened-sources-2.6.14-r1.ebuild:
463 bumping to stable early for sec fix on x86 & amd64
464
465 *hardened-sources-2.6.14-r1 (05 Dec 2005)
466
467 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
468 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
469 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
470
471 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
472 - stable on x86 security bug #114227 CAN-2005-3257
473
474 *hardened-sources-2.4.32 (19 Nov 2005)
475
476 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
477 +hardened-sources-2.4.32.ebuild:
478 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
479 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
480 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
481 rsbac >> /etc/portage/package.use)
482
483 *hardened-sources-2.6.14 (14 Nov 2005)
484
485 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
486 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
487 Bumping 2.6 series to 2.6.14.2
488
489 *hardened-sources-2.6.13-r2 (20 Oct 2005)
490
491 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
492 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
493 +hardened-sources-2.6.13-r2.ebuild:
494 Fixes minor build error in ppc.
495
496 *hardened-sources-2.6.13-r1 (17 Oct 2005)
497
498 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
499 +hardened-sources-2.6.13-r1.ebuild:
500 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
501 2.6.13.4, fixes some major amd64 stability problems.
502
503 *hardened-sources-2.6.13 (16 Sep 2005)
504
505 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
506 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
507 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
508 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
509 users should test this thoroughly.
510
511 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
512 - stable on x86
513
514 *hardened-sources-2.6.11-r15 (27 Jun 2005)
515
516 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
517 +hardened-sources-2.6.11-r15.ebuild:
518 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
519 grsec redefining curr_ip struct.
520
521 *hardened-sources-2.4.31 (20 Jun 2005)
522
523 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
524 initial import of 2.4.31 tree
525
526 *hardened-sources-2.6.11-r14 (14 Jun 2005)
527
528 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
529 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
530 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
531 naming scheme to abide by genpatches
532
533 *hardened-sources-2.6.11-r13 (18 May 2005)
534
535 18 May 2005; John Mylchreest <johnm@gentoo.org>
536 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
537 Managed to mangle the Makefile patch from grsec, to miss out the grsec
538 target. sorry about that. Fixes bug #93022
539
540 *hardened-sources-2.6.11-r12 (17 May 2005)
541
542 17 May 2005; John Mylchreest <johnm@gentoo.org>
543 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
544 +hardened-sources-2.6.11-r12.ebuild:
545 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
546 merges in genpatches-base
547
548 *hardened-sources-2.6.11-r12 (17 May 2005)
549
550 17 May 2005; John Mylchreest <johnm@gentoo.org>
551 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
552 +hardened-sources-2.6.11-r12.ebuild:
553 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
554 merges in genpatches-base
555
556 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
557 -files/2.4.27-cmdline-race.patch,
558 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
559 -files/2.4.28-grsec-binfmt_a.out.patch,
560 -files/2.4.28-grsec-cmdline-race.patch,
561 -files/2.4.28-selinux-binfmt_a.out.patch,
562 -files/2.4.28-selinux-cmdline-race.patch,
563 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
564 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
565 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
566 cleanup..
567
568 *hardened-sources-2.4.30-r1 (21 Apr 2005)
569
570 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
571 - disable aout by default
572
573 *hardened-sources-2.4.30 (18 Apr 2005)
574
575 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
576 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
577 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
578 use
579
580 *hardened-sources-2.4.29 (30 Mar 2005)
581
582 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
583 +hardened-sources-2.4.29.ebuild:
584 New hardened-patches-2.4-29.0 patchball.
585 Removed SELinux support, upgraded GRSecurity to 2.1.4.
586
587 *hardened-sources-2.4.28-r5 (06 Mar 2005)
588
589 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
590 +hardened-sources-2.4.28-r5.ebuild:
591 Added a fix for a PaX vulnerability.
592
593 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
594 hardened-sources-2.4.28-r4.ebuild:
595 Stable on x86
596
597 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
598 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
599 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
600 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
601 - fixed/added RDEPEND= in all kernel-2 ebuilds
602
603 *hardened-sources-2.4.28-r4 (21 Jan 2005)
604
605 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
606 +hardened-sources-2.4.28-r4.ebuild:
607 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
608 backport of neighbour hash updates.
609
610 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
611 hardened-sources-2.4.28-r3.ebuild:
612 Stable on x86
613
614 *hardened-sources-2.6.10-r3 (20 Jan 2005)
615
616 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
617 +hardened-sources-2.6.10-r3.ebuild:
618 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
619 in 2005.0
620
621 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
622 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
623 hardened-sources-2.4.28-r2.ebuild:
624 Mark stable on x86
625
626 *hardened-sources-2.4.28-r3 (17 Jan 2005)
627
628 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
629 +hardened-sources-2.4.28-r3.ebuild:
630 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
631
632 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
633 hardened-sources-2.4.28.ebuild:
634 Mark stable on x86.
635
636 *hardened-sources-2.4.28-r2 (13 Jan 2005)
637
638 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
639 +hardened-sources-2.4.28-r2.ebuild:
640 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
641 Mazinger for grsecurity patches as well.
642
643 *hardened-sources-2.4.28-r1 (23 Dec 2004)
644
645 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
646 Security bump. Thank tocharian for rolling a new patchset...
647
648 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
649 +files/2.4.28-grsec-cmdline-race.patch,
650 +files/2.4.28-selinux-binfmt_a.out.patch,
651 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
652 - Round up remaining security patches that appear to be missing in 2.4.28. -
653 PaX standalone updated to current. hgpv=28.1
654
655 *hardened-sources-2.4.28 (28 Nov 2004)
656
657 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
658 security bump. Thank tocharian for rolling a new patchset
659
660 *hardened-sources-2.4.27-r3 (08 Sep 2004)
661
662 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
663 +hardened-sources-2.4.27-r3.ebuild:
664 Applies the new 2.4-27.2 patchball which updates
665 GRSecurity to the 2.0.1 version.
666
667 *hardened-sources-2.4.27-r2 (31 Aug 2004)
668
669 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
670 +hardened-sources-2.4.27-r2.ebuild:
671 Version bump.
672 This version uses the new 2.4-27.1 patchball which updates
673 both the SELinux PaX hooks patch and the SELinux headers.
674
675 *hardened-sources-2.4.27-r1 (09 Aug 2004)
676
677 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
678 +hardened-sources-2.4.27-r1.ebuild,
679 -hardened-sources-2.4.27.ebuild,
680 +files/2.4.27-cmdline-race.patch:
681 Version bump, fix for cmdline race. See bug #59905.
682
683 *hardened-sources-2.4.26-r6 (09 Aug 2004)
684
685 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
686 +hardened-sources-2.4.26-r6.ebuild,
687 -hardened-sources-2.4.26-r5.ebuild,
688 -hardened-sources-2.4.26-r4.ebuild,
689 +files/2.4.26-cmdline-race.patch:
690 Version bump, fix for cmdline race. See bug #59905.
691
692 *hardened-sources-2.4.27 (08 Aug 2004)
693
694 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
695 +hardened-sources-2.4.27.ebuild,
696 +files/2.4.27-CAN-2004-0394.patch:
697 Ported the patchball to the 2.4.27 kernel version.
698
699 *hardened-sources-2.4.26-r5 (07 Aug 2004)
700
701 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
702 +hardened-sources-2.4.26-r5.ebuild:
703 Updated to use the new hardened-patches-2.4-26.1 patchball.
704 It adds the following features:
705 - Squashfs
706 - Ebtables
707 - Netdev random (core+drivers)
708 - Watchdog Timer (WDT) fix.
709
710 *hardened-sources-2.4.26-r4 (04 Aug 2004)
711
712 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
713 +hardened-sources-2.4.26-r4.ebuild,
714 +files/2.4.26-CAN-2004-0415.patch,
715 -hardened-sources-2.4.26-3:
716 Version bump, fix for CAN 0415, see bug #59378.
717
718 *hardened-sources-2.4.26-r3 (22 Jul 2004)
719
720 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
721 +hardened-sources-2.4.26-r3.ebuild,
722 +files/2.4.26-CAN-2004-0497.patch,
723 -hardened-sources-2.4.26-r2.ebuild:
724 Version bump, fixed CAN 0497, see bug #56171.
725
726 *hardened-sources-2.4.26-r2 (29 Jun 2004)
727
728 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
729 +hardened-sources-2.4.26-r2.ebuild,
730 +files/2.4.26-CAN-2004-0495.patch,
731 +files/2.4.26-CAN-2004-0535.patch,
732 -hardened-sources-2.4.26-r1.ebuild:
733 Fixes for both CAN 0495 and 0535, see bug #54976
734
735 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
736 hardened-sources-2.4.26-r1.ebuild:
737 QA - fix use invocation
738
739 *hardened-sources-2.4.26-r1 (22 June 2004)
740
741 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
742 +hardened-sources-2.4.26-r1.ebuild,
743 +files/2.4.26-CAN-2004-0394.patch,
744 +files/2.4.26-signal-race.patch,
745 -hardened-sources-2.4.26.ebuild,
746 -hardened-sources-2.4.24-r3.ebuild:
747 Version bump for the CAN-2004-0394 issue and bug #53804
748 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
749
750
751 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
752 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
753 Masked hardened-sources-2.4.26.ebuild broken for ppc
754
755 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
756 hardened-sources-2.4.24-r3.ebuild:
757 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
758
759 *hardened-sources-2.4.26 (29 May 2004)
760
761 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
762 +hardened-sources-2.4.26.ebuild:
763 Updated hardened-sources for the 2.4.26 kernel
764 Removed broken components, updated almost everything.
765
766 *hardened-sources-2.4.24-r3 (17 Apr 2004)
767
768 17 Apr 2004; <plasmaroo@gentoo.org>
769 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
770 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
771 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
772 +hardened-sources-2.4.24-r3.ebuild:
773 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
774 vulnerabilities. Old revisions removed.
775
776 *hardened-sources-2.4.24-r2 (15 Apr 2004)
777
778 15 Apr 2004; <plasmaroo@gentoo.org>
779 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
780 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
781 Version bump for the CAN-2004-0109 issue; bug #47881.
782
783 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
784 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
785 Add eutils to inherit.
786
787 *hardened-sources-2.4.24-r1 (19 Feb 2004)
788
789 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
790 files/hardened-sources-2.4.24.munmap.patch:
791 Added the patch for the mremap/munmap vulnerability. Bug #42024.
792
793 *hardened-sources-2.4.24 (06 Feb 2004)
794
795 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
796 hardened-sources-2.4.24.ebuild:
797 Version bump, updated most of the components.
798 This release includes the following:
799
800 - Hardened security
801 - Netfilter patch-o-matic 20031219
802 - FreeSWAN 2.04 & x509 1.4.8
803 - EVMS 2.2.2
804 - XFS 1.3.1
805 - cryptoloop jari
806 - grsecurity 2.0-rc4
807 - SELinux
808 - PaX 200402060000
809 - PaX Obscurity 200308302223
810 - Others...
811
812 Neither -ck nor systrace are included anymore.
813
814 *hardened-sources-2.4.22-r2 (05 Jan 2004)
815
816 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
817 hardened-sources-2.4.22-r2.ebuild:
818 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
819
820 *hardened-sources-2.4.22-r1 (02 Dec 2003)
821
822 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
823 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
824
825 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
826 hardened-sources-2.4.22-r1.ebuild:
827 Version bump for the 'do_brk' vulnerability.
828
829 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
830 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
831 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
832 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
833 Fix the 'do_brk' vulnerability.
834
835 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
836 hardened-sources-2.4.22.ebuild:
837 - Removed the src_install() portion for SELinux flask
838 components. These are no longer handled in the kernel
839 so this code was not necessary.
840
841 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
842 New 2.4.22 based hardened-sources thanks to
843 Phil West <p.west@computer.org>.
844
845 These sources include:
846 - New SELinux API
847 - Updated CK-base
848 - Updated GRSec
849 - Systrace
850 - SuperFreeS/WAN 1.99.8
851 - Propolice kernel build support
852 - EVMS
853 - Other various security related patches
854
855 *hardened-sources-2.4.21 (14 Sep 2003)
856
857 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
858 Updated hardened-sources based on the 2.4.21 Linux kernel.
859 This includes updates to most major components such as:
860 - ck-base-0306300059
861 - selinux-2.4-2003071106
862 - grsecurity-2.0-rc1
863 - Updated IPTables patch-o-matic
864 - Updated SuperFreeS/WAN
865
866 Thanks to Phil West <pwest@computer.org> for his work in getting this
867 updated patch set ready for the 2.4.21 based kernel.
868
869 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
870 Initial import of hardened-sources-2.4.20-r4. This revision
871 includes only a few changes, but one of these is an important
872 security fix. It is recommended all users of hardened-sources
873 upgrade to this release.
874
875 - ioperm bug fix
876 - fixed compilation failure when building without GRSec
877
878 SAL (Secure Auditing for Linux) is NOT included in this revision
879 due to time constraints, but is planned for inclusion in the near
880 future.
881
882 *hardened-sources-2.4.20-r2 (12 Jun 2003)
883
884 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
885 hardened-sources-2.4.20-r3.ebuild:
886 Add Header...
887
888 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
889 hardened-sources-2.4.20-r3.ebuild:
890 Removed warnings from ebuild. This kernel should be safe to
891 use at this point.
892
893 *hardened-sources-2.4.20-r3 (08 Jun 2003)
894
895 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
896 hardened-sources-2.4.20-r3.ebuild:
897 New revision. Includes the following changes over -r2:
898
899 - ck7-base (O(1), preempt, low latency)
900 - Super FreeS/WAN 1.99.7rc2
901 - PaX for the LSM/SELinux branch
902 - GRSecurity 2.0-pre4 (role based access control)
903 - Systrace 1.3
904 - EXT3 fixes
905 - EVMS 2.0.1
906 - GCC 3.1+ compile optimizations
907 - ProPolice kernel build support
908 - Hashing table security fixes
909
910 *hardened-sources-2.4.20-r1 (09 Apr 2003)
911
912 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
913 Initial import of hardened-sources-r2. This new
914 ebuild includes many new performance and security
915 related patches. As in -r1, it will patch in
916 LSM/SELinux if "selinux" is in USE, otherwise it
917 will patch in GRSecurity. The following patches
918 are included in this revision:
919
920 - O(1) Scheduler, Low Latency, and Preempt
921 (pulled from the base CK patch)
922 - ptrace exploit patch for the LSM kernel
923 (the GRSec patch already fixes this)
924 - LSM 2.4-2003040709
925 - SELinux 2.4-2003040709
926 - Systrace v1.2
927 - IPTables patch-o-matic base patches - 20030107
928 - CryptoAPI 2.4.20.1 w/ loop-jari patch
929 - Super FreeS/WAN 1.99.6.1
930 - GRSecurity 1.9.9g
931 - MPPE
932 - EXT3 data journal fix
933 - CIPE 1.5.4
934
935 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
936 hardened-sources-2.4.20-r1.ebuild, manifest:
937 Updated to install flask components correctly for selinux.
938
939 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
940 hardened-sources-2.4.20-r1.ebuild:
941 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
942 is patched in instead. Ptrace patches for selinux have also been added. In
943 either case, systrace support will be patched in as well.
944
945 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
946 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
947 Revision bump for new sources.
948
949 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
950 hardened-sources-2.4.20-r1.ebuild:
951 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
952
953 *hardened-sources-2.4.20 (30 Mar 2003)
954
955 30 Mar 2003; Joshua Brindle <method@gentoo.org>
956 hardened-sources-2.4.20.ebuild:
957 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20