/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.157 - (show annotations) (download)
Wed May 30 19:24:16 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.156: +6 -1 lines
Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more stale ebuild(s).
(Portage version: 2.1.2.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.156 2007/05/30 18:52:50 phreak Exp $
4
5 30 May 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
7 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
8 stale ebuild(s).
9
10 30 May 2007; Christian Heim <phreak@gentoo.org>
11 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
12 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
13 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
14 Doing some cleanups, remove stale ebuilds.
15
16 26 May 2007; Christian Heim <phreak@gentoo.org>
17 hardened-sources-2.6.21-r2.ebuild:
18 Fixing the grsecurity patch, had one '};' too much.
19
20 *hardened-sources-2.6.21-r2 (26 May 2007)
21
22 26 May 2007; Christian Heim <phreak@gentoo.org>
23 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
24 +hardened-sources-2.6.21-r2.ebuild:
25 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
26 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
27
28 *hardened-sources-2.6.20-r4 (26 May 2007)
29
30 26 May 2007; Christian Heim <phreak@gentoo.org>
31 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
32 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
33 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
34
35 15 May 2007; Christian Heim <phreak@gentoo.org>
36 hardened-sources-2.6.20-r3.ebuild:
37 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
38 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
39 grsecurity patch fail in that exact same hunk.
40
41 *hardened-sources-2.6.20-r3 (15 May 2007)
42
43 15 May 2007; Christian Heim <phreak@gentoo.org>
44 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
45 Revision bump, incorporating Linux 2.6.20.11.
46
47 *hardened-sources-2.6.21-r1 (11 May 2007)
48
49 11 May 2007; Christian Heim <phreak@gentoo.org>
50 +hardened-sources-2.6.21-r1.ebuild:
51 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
52 mentioned in #177234.
53
54 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
55 files/digest-hardened-sources-2.6.21, Manifest:
56 Fix Manifest/digest for linux-2.6.21.tar.bz2
57
58 06 May 2007; Christian Heim <phreak@gentoo.org>
59 hardened-sources-2.6.21.ebuild:
60 Bumping the hardened-patches version, needed for the fix for #177234.
61
62 *hardened-sources-2.6.21 (02 May 2007)
63
64 02 May 2007; Christian Heim <phreak@gentoo.org>
65 +hardened-sources-2.6.21.ebuild:
66 Version bump, Linux 2.6.21-hardened.
67
68 29 Apr 2007; Christian Heim <phreak@gentoo.org>
69 hardened-sources-2.6.20-r2.ebuild:
70 Adding ~ia64 on Ned's request.
71
72 29 Apr 2007; Christian Heim <phreak@gentoo.org>
73 hardened-sources-2.6.20-r2.ebuild:
74 Fixing the included grsecurity patch, wasn't alligning due to the Index:
75 header line(s).
76
77 29 Apr 2007; Christian Heim <phreak@gentoo.org>
78 hardened-sources-2.6.20-r2.ebuild:
79 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
80
81 *hardened-sources-2.6.20-r2 (10 Apr 2007)
82
83 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
84 +hardened-sources-2.6.20-r2.ebuild:
85 Version bump, on behalf of phreak
86
87 *hardened-sources-2.6.20-r1 (04 Apr 2007)
88
89 04 Apr 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.20-r1.ebuild:
91 Revision bump, grabbing a newer grsecurity snapshot.
92
93 *hardened-sources-2.6.20 (25 Mar 2007)
94
95 25 Mar 2007; Christian Heim <phreak@gentoo.org>
96 +hardened-sources-2.6.20.ebuild:
97 Finally a hardened-sources version for 2.6.20; many people have been waiting
98 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
99 testbox.
100
101 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
102 hardened-sources-2.6.18-r6.ebuild:
103 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
104
105 *hardened-sources-2.6.18-r6 (16 Mar 2007)
106
107 16 Mar 2007; Christian Heim <phreak@gentoo.org>
108 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
109 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
110 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
111 supposed to be.
112
113 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
114 Fixing the Manifest, the previous one was broken (as in still had the
115 deleted ebuild in it).
116
117 06 Mar 2007; Christian Heim <phreak@gentoo.org>
118 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
119 +hardened-sources-2.6.18-r5.ebuild:
120 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
121 Linux 2.6.18.8. Also cleaning up the older version.
122
123 *hardened-sources-2.6.18-r5 (06 Mar 2007)
124
125 06 Mar 2007; Christian Heim <phreak@gentoo.org>
126 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
127 +hardened-sources-2.6.18-r5.ebuild:
128 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
129 Linux 2.6.18.8. Also cleaning up the older version.
130
131 24 Feb 2007; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
133 -hardened-sources-2.6.19-r5.ebuild:
134 Removing some of the old version, that didn't work.
135
136 *hardened-sources-2.6.19-r6 (12 Feb 2007)
137
138 12 Feb 2007; Christian Heim <phreak@gentoo.org>
139 +hardened-sources-2.6.19-r6.ebuild:
140 Revision bump, including a new grsec version fixing #166235.
141
142 *hardened-sources-2.4.34 (24 Jan 2007)
143
144 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
145 Manifest:
146 updating Manifest with checksums of new tarball and ebuild
147
148 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
149 +hardened-sources-2.4.34.ebuild:
150 I added new hardened sources 2.4 update, this is a critical path
151 security bugfix - all users of h-s are strongly advised
152 to update their existing hardened sources to this version.
153 It contains a fix for a kernel vulnerability that is pertaining
154 to the PaX changes to virtual memory management, possibly leading
155 to a local kernel exploit ... see grsecurity.net forums and homepage
156
157 23 Jan 2007; Christian Heim <phreak@gentoo.org>
158 files/digest-hardened-sources-2.6.19-r5, Manifest:
159 Fixing the patch-tarball digest.
160
161 *hardened-sources-2.6.19-r5 (23 Jan 2007)
162
163 23 Jan 2007; Christian Heim <phreak@gentoo.org>
164 +hardened-sources-2.6.19-r5.ebuild:
165 Revision bump, closing the recently discovered PaX expand_stack()
166 vulnerability.
167
168 *hardened-sources-2.6.19-r4 (14 Jan 2007)
169
170 14 Jan 2007; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.19-r4.ebuild:
172 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
173 dropping the randomized PID feature.
174
175 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
176 hardened-sources-2.4.33.4.ebuild:
177 stable x86, bug #161171
178
179 *hardened-sources-2.6.19-r3 (27 Dec 2006)
180
181 27 Dec 2006; Christian Heim <phreak@gentoo.org>
182 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
183 Revision bump for bug #157186 and #158786.
184
185 *hardened-sources-2.6.18-r4 (27 Dec 2006)
186
187 27 Dec 2006; Christian Heim <phreak@gentoo.org>
188 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
189 Revision bump for bug #157186.
190
191 *hardened-sources-2.6.19-r2 (23 Dec 2006)
192
193 23 Dec 2006; Christian Heim <phreak@gentoo.org>
194 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
195 Revision bump to pull in genpatches-2.6.19-3 for #157186.
196
197 17 Dec 2006; Christian Heim <phreak@gentoo.org>
198 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
199 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
200 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
201 hardened-sources-2.6.19-r1.ebuild:
202 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
203 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
204
205 *hardened-sources-2.4.33.4 (17 Dec 2006)
206
207 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
208 +hardened-sources-2.4.33.4.ebuild:
209 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
210 and quilting
211
212 *hardened-sources-2.6.19-r1 (14 Dec 2006)
213
214 14 Dec 2006; Christian Heim <phreak@gentoo.org>
215 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
216 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
217 for reporting).
218
219 *hardened-sources-2.6.19 (13 Dec 2006)
220
221 13 Dec 2006; Christian Heim <phreak@gentoo.org>
222 +hardened-sources-2.6.19.ebuild:
223 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
224 Brad for providing that prompt update.
225
226 *hardened-sources-2.6.18-r3 (13 Dec 2006)
227
228 13 Dec 2006; Christian Heim <phreak@gentoo.org>
229 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
230 +hardened-sources-2.6.18-r3.ebuild:
231 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
232 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
233
234 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
235 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
236
237 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
238 Stable on ppc wrt bug 157356
239
240 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
241 hardened-sources-2.6.18.ebuild:
242 stable x86, bug #157356
243
244 *hardened-sources-2.6.18-r2 (06 Dec 2006)
245
246 06 Dec 2006; Christian Heim <phreak@gentoo.org>
247 +hardened-sources-2.6.18-r2.ebuild:
248 Revision bump, including 2.6.18.5 (via genpatches) and
249 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
250 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
251 redesign.
252
253 06 Dec 2006; Christian Heim <phreak@gentoo.org>
254 hardened-sources-2.6.18.ebuild:
255 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
256 of Mike Doty).
257
258 *hardened-sources-2.6.18-r1 (23 Nov 2006)
259
260 23 Nov 2006; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.6.18-r1.ebuild:
262 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
263
264 *hardened-sources-2.6.18 (11 Nov 2006)
265
266 11 Nov 2006; Christian Heim <phreak@gentoo.org>
267 +hardened-sources-2.6.18.ebuild:
268 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
269
270 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
271 - mark amd64 stable also. bug #151877
272
273 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
274 - mark 2.6.17-r1 stable
275
276 27 Aug 2006; Christian Heim <phreak@gentoo.org>
277 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
278 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
279
280 *hardened-sources-2.6.17-r1 (26 Aug 2006)
281
282 26 Aug 2006; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.6.17-r1.ebuild:
284 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
285 grsecurity patch.
286
287 *hardened-sources-2.6.17 (17 Aug 2006)
288
289 17 Aug 2006; Christian Heim <phreak@gentoo.org>
290 +hardened-sources-2.6.17.ebuild:
291 Bumping the hardened-sources-2.6 series to 2.6.17, using
292 genpatches-2.6.17-6.base.
293
294 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
295 - stable on x86 and amd64
296
297 *hardened-sources-2.6.16-r11 (15 Jul 2006)
298
299 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
300 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
301 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
302 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
303 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
304 crusty ebuilds
305
306 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
307 hardened-sources-2.6.16-r10.ebuild:
308 marking stable on x86 and amd64
309
310 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
311 - 2.4.32-r6 stable on x86. RSBAC state unknown
312
313 *hardened-sources-2.4.32-r7 (10 Jul 2006)
314
315 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
316 +hardened-sources-2.4.32-r7.ebuild:
317 Bump PaX for RSBAC to test-17
318
319 *hardened-sources-2.6.16-r9 (03 Jul 2006)
320
321 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
322 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
323 hardened-sources-2.6.16 bump to latest -base.
324
325 *hardened-sources-2.4.32-r6 (30 Jun 2006)
326
327 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
328 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
329 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
330 sysctl controlable resource logging
331
332 *hardened-sources-2.6.16-r7 (05 Jun 2006)
333
334 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
335 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
336 push new 2.6.16 release in preparation for stable
337
338 22 May 2006; <solar@gentoo.org> :
339 - redigest bug 134002
340
341 *hardened-sources-2.4.32-r5 (16 May 2006)
342
343 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
344 +hardened-sources-2.4.32-r5.ebuild:
345 Fixes rsbac common patching (new patch in new -r5 patchset)
346
347 *hardened-sources-2.4.32-r4 (13 May 2006)
348
349 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
350 +hardened-sources-2.4.32-r4.ebuild:
351 - security bumps
352
353 *hardened-sources-2.6.16-r6 (03 May 2006)
354
355 03 May 2006; John Mylchreest <johnm@gentoo.org>
356 +hardened-sources-2.6.16-r6.ebuild:
357 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
358
359 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
360 hardened-sources-2.6.14-r8.ebuild:
361 fix x86_64 build problem, this will delay the digest issue again for a short
362 while but it will sort itself out
363
364 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
365 hardened-sources-2.6.14-r8.ebuild:
366 bump hardened patchset
367
368 27 Apr 2006; Alec Warner <antarus@gentoo.org>
369 files/digest-hardened-sources-2.4.32-r2,
370 files/digest-hardened-sources-2.4.32-r3,
371 files/digest-hardened-sources-2.6.14-r8, Manifest:
372 Fixing duff SHA256 digests: Bug # 131293
373
374 *hardened-sources-2.6.16-r5 (27 Apr 2006)
375
376 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
377 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
378 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
379 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
380 cleanup of old uneccessary sources
381
382 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
383 fix digest
384
385 *hardened-sources-2.6.14-r8 (20 Apr 2006)
386
387 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
388 +hardened-sources-2.6.14-r8.ebuild:
389 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
390
391 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
392 Turning on gpg-signing again, and recomitting
393
394 *hardened-sources-2.6.16-r4 (20 Apr 2006)
395
396 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
397 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
398 +hardened-sources-2.6.16-r4.ebuild:
399 Fix numerous security vulns
400
401 *hardened-sources-2.4.32-r3 (16 Apr 2006)
402
403 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
404 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
405 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
406 - security bump for bug #112791. Removed old ebuilds
407
408 *hardened-sources-2.6.16-r3 (15 Apr 2006)
409
410 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
411 +hardened-sources-2.6.16-r3.ebuild:
412 Removing silly localversion which I missed
413
414 *hardened-sources-2.6.14-r7 (14 Apr 2006)
415
416 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
417 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
418 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
419
420 *hardened-sources-2.6.16-r2 (13 Apr 2006)
421
422 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
423 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
424 +hardened-sources-2.6.16-r2.ebuild:
425 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
426 labels, dropping USERGROUP define fixes, since these were merged mainstream.
427
428 *hardened-sources-2.6.16-r1 (11 Apr 2006)
429
430 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
431 +hardened-sources-2.6.16-r1.ebuild:
432 Bumping to include ppc build fix and 2.6.16.3
433
434 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
435 hardened-sources-2.6.14-r6.ebuild:
436 Stable on x86; bug #127718
437
438 *hardened-sources-2.6.16 (31 Mar 2006)
439
440 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
441 +hardened-sources-2.6.16.ebuild:
442 Bumping to new version of grsec, and kernel base. New squashfs. Based on
443 2.6.16.1
444
445 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
446 hardened-sources-2.6.14-r6.ebuild:
447 Stable on amd64, bug 127718.
448
449 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
450 Stable on ppc. Bug #127718
451
452 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
453 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
454 -hardened-sources-2.6.14-r4.ebuild:
455 Cleanup.
456
457 *hardened-sources-2.6.14-r6 (15 Mar 2006)
458
459 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
460 +hardened-sources-2.6.14-r6.ebuild:
461 Fixes grsec policy recreation bug and adds a
462 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
463
464 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
465 - stable on x86
466
467 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
468 hardened-sources-2.6.14-r5.ebuild:
469 Stable on ppc.
470
471 *hardened-sources-2.6.14-r5 (01 Feb 2006)
472
473 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
474 +hardened-sources-2.6.14-r5.ebuild:
475 fixing every known exploit
476
477 *hardened-sources-2.4.32-r2 (26 Jan 2006)
478
479 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
480 +hardened-sources-2.4.32-r2.ebuild:
481 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
482
483 *hardened-sources-2.6.14-r4 (12 Jan 2006)
484
485 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
486 - version bump for new genpatches which fix up a few sec holes
487
488 *hardened-sources-2.4.32-r1 (05 Jan 2006)
489
490 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
491 - revision bump to add misc vital linux kernel security patches.
492
493 *hardened-sources-2.6.14-r3 (30 Dec 2005)
494
495 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
496 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
497 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
498
499 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
500 hardened-sources-2.6.14-r2.ebuild:
501 making x86 & amd64 stable following testing.
502
503 *hardened-sources-2.6.14-r2 (27 Dec 2005)
504
505 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
506 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
507 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
508 network hooks.
509
510 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
511 hardened-sources-2.6.14-r1.ebuild:
512 bumping to stable early for sec fix on x86 & amd64
513
514 *hardened-sources-2.6.14-r1 (05 Dec 2005)
515
516 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
517 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
518 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
519
520 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
521 - stable on x86 security bug #114227 CAN-2005-3257
522
523 *hardened-sources-2.4.32 (19 Nov 2005)
524
525 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
526 +hardened-sources-2.4.32.ebuild:
527 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
528 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
529 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
530 rsbac >> /etc/portage/package.use)
531
532 *hardened-sources-2.6.14 (14 Nov 2005)
533
534 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
535 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
536 Bumping 2.6 series to 2.6.14.2
537
538 *hardened-sources-2.6.13-r2 (20 Oct 2005)
539
540 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
541 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
542 +hardened-sources-2.6.13-r2.ebuild:
543 Fixes minor build error in ppc.
544
545 *hardened-sources-2.6.13-r1 (17 Oct 2005)
546
547 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
548 +hardened-sources-2.6.13-r1.ebuild:
549 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
550 2.6.13.4, fixes some major amd64 stability problems.
551
552 *hardened-sources-2.6.13 (16 Sep 2005)
553
554 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
555 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
556 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
557 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
558 users should test this thoroughly.
559
560 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
561 - stable on x86
562
563 *hardened-sources-2.6.11-r15 (27 Jun 2005)
564
565 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
566 +hardened-sources-2.6.11-r15.ebuild:
567 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
568 grsec redefining curr_ip struct.
569
570 *hardened-sources-2.4.31 (20 Jun 2005)
571
572 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
573 initial import of 2.4.31 tree
574
575 *hardened-sources-2.6.11-r14 (14 Jun 2005)
576
577 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
578 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
579 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
580 naming scheme to abide by genpatches
581
582 *hardened-sources-2.6.11-r13 (18 May 2005)
583
584 18 May 2005; John Mylchreest <johnm@gentoo.org>
585 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
586 Managed to mangle the Makefile patch from grsec, to miss out the grsec
587 target. sorry about that. Fixes bug #93022
588
589 *hardened-sources-2.6.11-r12 (17 May 2005)
590
591 17 May 2005; John Mylchreest <johnm@gentoo.org>
592 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
593 +hardened-sources-2.6.11-r12.ebuild:
594 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
595 merges in genpatches-base
596
597 *hardened-sources-2.6.11-r12 (17 May 2005)
598
599 17 May 2005; John Mylchreest <johnm@gentoo.org>
600 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
601 +hardened-sources-2.6.11-r12.ebuild:
602 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
603 merges in genpatches-base
604
605 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
606 -files/2.4.27-cmdline-race.patch,
607 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
608 -files/2.4.28-grsec-binfmt_a.out.patch,
609 -files/2.4.28-grsec-cmdline-race.patch,
610 -files/2.4.28-selinux-binfmt_a.out.patch,
611 -files/2.4.28-selinux-cmdline-race.patch,
612 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
613 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
614 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
615 cleanup..
616
617 *hardened-sources-2.4.30-r1 (21 Apr 2005)
618
619 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
620 - disable aout by default
621
622 *hardened-sources-2.4.30 (18 Apr 2005)
623
624 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
625 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
626 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
627 use
628
629 *hardened-sources-2.4.29 (30 Mar 2005)
630
631 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
632 +hardened-sources-2.4.29.ebuild:
633 New hardened-patches-2.4-29.0 patchball.
634 Removed SELinux support, upgraded GRSecurity to 2.1.4.
635
636 *hardened-sources-2.4.28-r5 (06 Mar 2005)
637
638 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
639 +hardened-sources-2.4.28-r5.ebuild:
640 Added a fix for a PaX vulnerability.
641
642 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
643 hardened-sources-2.4.28-r4.ebuild:
644 Stable on x86
645
646 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
647 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
648 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
649 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
650 - fixed/added RDEPEND= in all kernel-2 ebuilds
651
652 *hardened-sources-2.4.28-r4 (21 Jan 2005)
653
654 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
655 +hardened-sources-2.4.28-r4.ebuild:
656 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
657 backport of neighbour hash updates.
658
659 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
660 hardened-sources-2.4.28-r3.ebuild:
661 Stable on x86
662
663 *hardened-sources-2.6.10-r3 (20 Jan 2005)
664
665 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
666 +hardened-sources-2.6.10-r3.ebuild:
667 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
668 in 2005.0
669
670 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
671 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
672 hardened-sources-2.4.28-r2.ebuild:
673 Mark stable on x86
674
675 *hardened-sources-2.4.28-r3 (17 Jan 2005)
676
677 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
678 +hardened-sources-2.4.28-r3.ebuild:
679 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
680
681 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682 hardened-sources-2.4.28.ebuild:
683 Mark stable on x86.
684
685 *hardened-sources-2.4.28-r2 (13 Jan 2005)
686
687 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
688 +hardened-sources-2.4.28-r2.ebuild:
689 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
690 Mazinger for grsecurity patches as well.
691
692 *hardened-sources-2.4.28-r1 (23 Dec 2004)
693
694 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
695 Security bump. Thank tocharian for rolling a new patchset...
696
697 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
698 +files/2.4.28-grsec-cmdline-race.patch,
699 +files/2.4.28-selinux-binfmt_a.out.patch,
700 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
701 - Round up remaining security patches that appear to be missing in 2.4.28. -
702 PaX standalone updated to current. hgpv=28.1
703
704 *hardened-sources-2.4.28 (28 Nov 2004)
705
706 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
707 security bump. Thank tocharian for rolling a new patchset
708
709 *hardened-sources-2.4.27-r3 (08 Sep 2004)
710
711 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
712 +hardened-sources-2.4.27-r3.ebuild:
713 Applies the new 2.4-27.2 patchball which updates
714 GRSecurity to the 2.0.1 version.
715
716 *hardened-sources-2.4.27-r2 (31 Aug 2004)
717
718 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
719 +hardened-sources-2.4.27-r2.ebuild:
720 Version bump.
721 This version uses the new 2.4-27.1 patchball which updates
722 both the SELinux PaX hooks patch and the SELinux headers.
723
724 *hardened-sources-2.4.27-r1 (09 Aug 2004)
725
726 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
727 +hardened-sources-2.4.27-r1.ebuild,
728 -hardened-sources-2.4.27.ebuild,
729 +files/2.4.27-cmdline-race.patch:
730 Version bump, fix for cmdline race. See bug #59905.
731
732 *hardened-sources-2.4.26-r6 (09 Aug 2004)
733
734 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
735 +hardened-sources-2.4.26-r6.ebuild,
736 -hardened-sources-2.4.26-r5.ebuild,
737 -hardened-sources-2.4.26-r4.ebuild,
738 +files/2.4.26-cmdline-race.patch:
739 Version bump, fix for cmdline race. See bug #59905.
740
741 *hardened-sources-2.4.27 (08 Aug 2004)
742
743 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
744 +hardened-sources-2.4.27.ebuild,
745 +files/2.4.27-CAN-2004-0394.patch:
746 Ported the patchball to the 2.4.27 kernel version.
747
748 *hardened-sources-2.4.26-r5 (07 Aug 2004)
749
750 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
751 +hardened-sources-2.4.26-r5.ebuild:
752 Updated to use the new hardened-patches-2.4-26.1 patchball.
753 It adds the following features:
754 - Squashfs
755 - Ebtables
756 - Netdev random (core+drivers)
757 - Watchdog Timer (WDT) fix.
758
759 *hardened-sources-2.4.26-r4 (04 Aug 2004)
760
761 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
762 +hardened-sources-2.4.26-r4.ebuild,
763 +files/2.4.26-CAN-2004-0415.patch,
764 -hardened-sources-2.4.26-3:
765 Version bump, fix for CAN 0415, see bug #59378.
766
767 *hardened-sources-2.4.26-r3 (22 Jul 2004)
768
769 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
770 +hardened-sources-2.4.26-r3.ebuild,
771 +files/2.4.26-CAN-2004-0497.patch,
772 -hardened-sources-2.4.26-r2.ebuild:
773 Version bump, fixed CAN 0497, see bug #56171.
774
775 *hardened-sources-2.4.26-r2 (29 Jun 2004)
776
777 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
778 +hardened-sources-2.4.26-r2.ebuild,
779 +files/2.4.26-CAN-2004-0495.patch,
780 +files/2.4.26-CAN-2004-0535.patch,
781 -hardened-sources-2.4.26-r1.ebuild:
782 Fixes for both CAN 0495 and 0535, see bug #54976
783
784 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
785 hardened-sources-2.4.26-r1.ebuild:
786 QA - fix use invocation
787
788 *hardened-sources-2.4.26-r1 (22 June 2004)
789
790 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
791 +hardened-sources-2.4.26-r1.ebuild,
792 +files/2.4.26-CAN-2004-0394.patch,
793 +files/2.4.26-signal-race.patch,
794 -hardened-sources-2.4.26.ebuild,
795 -hardened-sources-2.4.24-r3.ebuild:
796 Version bump for the CAN-2004-0394 issue and bug #53804
797 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
798
799
800 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
801 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
802 Masked hardened-sources-2.4.26.ebuild broken for ppc
803
804 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
805 hardened-sources-2.4.24-r3.ebuild:
806 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
807
808 *hardened-sources-2.4.26 (29 May 2004)
809
810 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
811 +hardened-sources-2.4.26.ebuild:
812 Updated hardened-sources for the 2.4.26 kernel
813 Removed broken components, updated almost everything.
814
815 *hardened-sources-2.4.24-r3 (17 Apr 2004)
816
817 17 Apr 2004; <plasmaroo@gentoo.org>
818 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
819 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
820 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
821 +hardened-sources-2.4.24-r3.ebuild:
822 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
823 vulnerabilities. Old revisions removed.
824
825 *hardened-sources-2.4.24-r2 (15 Apr 2004)
826
827 15 Apr 2004; <plasmaroo@gentoo.org>
828 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
829 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
830 Version bump for the CAN-2004-0109 issue; bug #47881.
831
832 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
833 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
834 Add eutils to inherit.
835
836 *hardened-sources-2.4.24-r1 (19 Feb 2004)
837
838 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
839 files/hardened-sources-2.4.24.munmap.patch:
840 Added the patch for the mremap/munmap vulnerability. Bug #42024.
841
842 *hardened-sources-2.4.24 (06 Feb 2004)
843
844 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
845 hardened-sources-2.4.24.ebuild:
846 Version bump, updated most of the components.
847 This release includes the following:
848
849 - Hardened security
850 - Netfilter patch-o-matic 20031219
851 - FreeSWAN 2.04 & x509 1.4.8
852 - EVMS 2.2.2
853 - XFS 1.3.1
854 - cryptoloop jari
855 - grsecurity 2.0-rc4
856 - SELinux
857 - PaX 200402060000
858 - PaX Obscurity 200308302223
859 - Others...
860
861 Neither -ck nor systrace are included anymore.
862
863 *hardened-sources-2.4.22-r2 (05 Jan 2004)
864
865 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
866 hardened-sources-2.4.22-r2.ebuild:
867 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
868
869 *hardened-sources-2.4.22-r1 (02 Dec 2003)
870
871 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
872 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
873
874 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
875 hardened-sources-2.4.22-r1.ebuild:
876 Version bump for the 'do_brk' vulnerability.
877
878 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
879 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
880 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
881 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
882 Fix the 'do_brk' vulnerability.
883
884 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
885 hardened-sources-2.4.22.ebuild:
886 - Removed the src_install() portion for SELinux flask
887 components. These are no longer handled in the kernel
888 so this code was not necessary.
889
890 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
891 New 2.4.22 based hardened-sources thanks to
892 Phil West <p.west@computer.org>.
893
894 These sources include:
895 - New SELinux API
896 - Updated CK-base
897 - Updated GRSec
898 - Systrace
899 - SuperFreeS/WAN 1.99.8
900 - Propolice kernel build support
901 - EVMS
902 - Other various security related patches
903
904 *hardened-sources-2.4.21 (14 Sep 2003)
905
906 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
907 Updated hardened-sources based on the 2.4.21 Linux kernel.
908 This includes updates to most major components such as:
909 - ck-base-0306300059
910 - selinux-2.4-2003071106
911 - grsecurity-2.0-rc1
912 - Updated IPTables patch-o-matic
913 - Updated SuperFreeS/WAN
914
915 Thanks to Phil West <pwest@computer.org> for his work in getting this
916 updated patch set ready for the 2.4.21 based kernel.
917
918 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
919 Initial import of hardened-sources-2.4.20-r4. This revision
920 includes only a few changes, but one of these is an important
921 security fix. It is recommended all users of hardened-sources
922 upgrade to this release.
923
924 - ioperm bug fix
925 - fixed compilation failure when building without GRSec
926
927 SAL (Secure Auditing for Linux) is NOT included in this revision
928 due to time constraints, but is planned for inclusion in the near
929 future.
930
931 *hardened-sources-2.4.20-r2 (12 Jun 2003)
932
933 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
934 hardened-sources-2.4.20-r3.ebuild:
935 Add Header...
936
937 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
938 hardened-sources-2.4.20-r3.ebuild:
939 Removed warnings from ebuild. This kernel should be safe to
940 use at this point.
941
942 *hardened-sources-2.4.20-r3 (08 Jun 2003)
943
944 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
945 hardened-sources-2.4.20-r3.ebuild:
946 New revision. Includes the following changes over -r2:
947
948 - ck7-base (O(1), preempt, low latency)
949 - Super FreeS/WAN 1.99.7rc2
950 - PaX for the LSM/SELinux branch
951 - GRSecurity 2.0-pre4 (role based access control)
952 - Systrace 1.3
953 - EXT3 fixes
954 - EVMS 2.0.1
955 - GCC 3.1+ compile optimizations
956 - ProPolice kernel build support
957 - Hashing table security fixes
958
959 *hardened-sources-2.4.20-r1 (09 Apr 2003)
960
961 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
962 Initial import of hardened-sources-r2. This new
963 ebuild includes many new performance and security
964 related patches. As in -r1, it will patch in
965 LSM/SELinux if "selinux" is in USE, otherwise it
966 will patch in GRSecurity. The following patches
967 are included in this revision:
968
969 - O(1) Scheduler, Low Latency, and Preempt
970 (pulled from the base CK patch)
971 - ptrace exploit patch for the LSM kernel
972 (the GRSec patch already fixes this)
973 - LSM 2.4-2003040709
974 - SELinux 2.4-2003040709
975 - Systrace v1.2
976 - IPTables patch-o-matic base patches - 20030107
977 - CryptoAPI 2.4.20.1 w/ loop-jari patch
978 - Super FreeS/WAN 1.99.6.1
979 - GRSecurity 1.9.9g
980 - MPPE
981 - EXT3 data journal fix
982 - CIPE 1.5.4
983
984 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
985 hardened-sources-2.4.20-r1.ebuild, manifest:
986 Updated to install flask components correctly for selinux.
987
988 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
989 hardened-sources-2.4.20-r1.ebuild:
990 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
991 is patched in instead. Ptrace patches for selinux have also been added. In
992 either case, systrace support will be patched in as well.
993
994 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
995 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
996 Revision bump for new sources.
997
998 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
999 hardened-sources-2.4.20-r1.ebuild:
1000 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1001
1002 *hardened-sources-2.4.20 (30 Mar 2003)
1003
1004 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1005 hardened-sources-2.4.20.ebuild:
1006 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20