/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.158 - (show annotations) (download)
Mon Jun 11 20:30:22 2007 UTC (7 years, 5 months ago) by pappy
Branch: MAIN
Changes since 1.157: +7 -1 lines
committing new version
(Portage version: 2.1.2.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.157 2007/05/30 19:24:16 phreak Exp $
4
5 *hardened-sources-2.4.34.5 (11 Jun 2007)
6
7 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
8 +hardened-sources-2.4.34.5.ebuild:
9 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
10
11 30 May 2007; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
13 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
14 stale ebuild(s).
15
16 30 May 2007; Christian Heim <phreak@gentoo.org>
17 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
18 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
19 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
20 Doing some cleanups, remove stale ebuilds.
21
22 26 May 2007; Christian Heim <phreak@gentoo.org>
23 hardened-sources-2.6.21-r2.ebuild:
24 Fixing the grsecurity patch, had one '};' too much.
25
26 *hardened-sources-2.6.21-r2 (26 May 2007)
27
28 26 May 2007; Christian Heim <phreak@gentoo.org>
29 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
30 +hardened-sources-2.6.21-r2.ebuild:
31 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
32 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
33
34 *hardened-sources-2.6.20-r4 (26 May 2007)
35
36 26 May 2007; Christian Heim <phreak@gentoo.org>
37 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
38 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
39 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
40
41 15 May 2007; Christian Heim <phreak@gentoo.org>
42 hardened-sources-2.6.20-r3.ebuild:
43 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
44 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
45 grsecurity patch fail in that exact same hunk.
46
47 *hardened-sources-2.6.20-r3 (15 May 2007)
48
49 15 May 2007; Christian Heim <phreak@gentoo.org>
50 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
51 Revision bump, incorporating Linux 2.6.20.11.
52
53 *hardened-sources-2.6.21-r1 (11 May 2007)
54
55 11 May 2007; Christian Heim <phreak@gentoo.org>
56 +hardened-sources-2.6.21-r1.ebuild:
57 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
58 mentioned in #177234.
59
60 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
61 files/digest-hardened-sources-2.6.21, Manifest:
62 Fix Manifest/digest for linux-2.6.21.tar.bz2
63
64 06 May 2007; Christian Heim <phreak@gentoo.org>
65 hardened-sources-2.6.21.ebuild:
66 Bumping the hardened-patches version, needed for the fix for #177234.
67
68 *hardened-sources-2.6.21 (02 May 2007)
69
70 02 May 2007; Christian Heim <phreak@gentoo.org>
71 +hardened-sources-2.6.21.ebuild:
72 Version bump, Linux 2.6.21-hardened.
73
74 29 Apr 2007; Christian Heim <phreak@gentoo.org>
75 hardened-sources-2.6.20-r2.ebuild:
76 Adding ~ia64 on Ned's request.
77
78 29 Apr 2007; Christian Heim <phreak@gentoo.org>
79 hardened-sources-2.6.20-r2.ebuild:
80 Fixing the included grsecurity patch, wasn't alligning due to the Index:
81 header line(s).
82
83 29 Apr 2007; Christian Heim <phreak@gentoo.org>
84 hardened-sources-2.6.20-r2.ebuild:
85 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
86
87 *hardened-sources-2.6.20-r2 (10 Apr 2007)
88
89 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
90 +hardened-sources-2.6.20-r2.ebuild:
91 Version bump, on behalf of phreak
92
93 *hardened-sources-2.6.20-r1 (04 Apr 2007)
94
95 04 Apr 2007; Christian Heim <phreak@gentoo.org>
96 +hardened-sources-2.6.20-r1.ebuild:
97 Revision bump, grabbing a newer grsecurity snapshot.
98
99 *hardened-sources-2.6.20 (25 Mar 2007)
100
101 25 Mar 2007; Christian Heim <phreak@gentoo.org>
102 +hardened-sources-2.6.20.ebuild:
103 Finally a hardened-sources version for 2.6.20; many people have been waiting
104 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
105 testbox.
106
107 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
108 hardened-sources-2.6.18-r6.ebuild:
109 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
110
111 *hardened-sources-2.6.18-r6 (16 Mar 2007)
112
113 16 Mar 2007; Christian Heim <phreak@gentoo.org>
114 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
115 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
116 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
117 supposed to be.
118
119 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
120 Fixing the Manifest, the previous one was broken (as in still had the
121 deleted ebuild in it).
122
123 06 Mar 2007; Christian Heim <phreak@gentoo.org>
124 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
125 +hardened-sources-2.6.18-r5.ebuild:
126 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
127 Linux 2.6.18.8. Also cleaning up the older version.
128
129 *hardened-sources-2.6.18-r5 (06 Mar 2007)
130
131 06 Mar 2007; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
133 +hardened-sources-2.6.18-r5.ebuild:
134 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
135 Linux 2.6.18.8. Also cleaning up the older version.
136
137 24 Feb 2007; Christian Heim <phreak@gentoo.org>
138 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
139 -hardened-sources-2.6.19-r5.ebuild:
140 Removing some of the old version, that didn't work.
141
142 *hardened-sources-2.6.19-r6 (12 Feb 2007)
143
144 12 Feb 2007; Christian Heim <phreak@gentoo.org>
145 +hardened-sources-2.6.19-r6.ebuild:
146 Revision bump, including a new grsec version fixing #166235.
147
148 *hardened-sources-2.4.34 (24 Jan 2007)
149
150 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
151 Manifest:
152 updating Manifest with checksums of new tarball and ebuild
153
154 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
155 +hardened-sources-2.4.34.ebuild:
156 I added new hardened sources 2.4 update, this is a critical path
157 security bugfix - all users of h-s are strongly advised
158 to update their existing hardened sources to this version.
159 It contains a fix for a kernel vulnerability that is pertaining
160 to the PaX changes to virtual memory management, possibly leading
161 to a local kernel exploit ... see grsecurity.net forums and homepage
162
163 23 Jan 2007; Christian Heim <phreak@gentoo.org>
164 files/digest-hardened-sources-2.6.19-r5, Manifest:
165 Fixing the patch-tarball digest.
166
167 *hardened-sources-2.6.19-r5 (23 Jan 2007)
168
169 23 Jan 2007; Christian Heim <phreak@gentoo.org>
170 +hardened-sources-2.6.19-r5.ebuild:
171 Revision bump, closing the recently discovered PaX expand_stack()
172 vulnerability.
173
174 *hardened-sources-2.6.19-r4 (14 Jan 2007)
175
176 14 Jan 2007; Christian Heim <phreak@gentoo.org>
177 +hardened-sources-2.6.19-r4.ebuild:
178 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
179 dropping the randomized PID feature.
180
181 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
182 hardened-sources-2.4.33.4.ebuild:
183 stable x86, bug #161171
184
185 *hardened-sources-2.6.19-r3 (27 Dec 2006)
186
187 27 Dec 2006; Christian Heim <phreak@gentoo.org>
188 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
189 Revision bump for bug #157186 and #158786.
190
191 *hardened-sources-2.6.18-r4 (27 Dec 2006)
192
193 27 Dec 2006; Christian Heim <phreak@gentoo.org>
194 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
195 Revision bump for bug #157186.
196
197 *hardened-sources-2.6.19-r2 (23 Dec 2006)
198
199 23 Dec 2006; Christian Heim <phreak@gentoo.org>
200 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
201 Revision bump to pull in genpatches-2.6.19-3 for #157186.
202
203 17 Dec 2006; Christian Heim <phreak@gentoo.org>
204 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
205 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
206 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
207 hardened-sources-2.6.19-r1.ebuild:
208 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
209 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
210
211 *hardened-sources-2.4.33.4 (17 Dec 2006)
212
213 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
214 +hardened-sources-2.4.33.4.ebuild:
215 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
216 and quilting
217
218 *hardened-sources-2.6.19-r1 (14 Dec 2006)
219
220 14 Dec 2006; Christian Heim <phreak@gentoo.org>
221 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
222 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
223 for reporting).
224
225 *hardened-sources-2.6.19 (13 Dec 2006)
226
227 13 Dec 2006; Christian Heim <phreak@gentoo.org>
228 +hardened-sources-2.6.19.ebuild:
229 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
230 Brad for providing that prompt update.
231
232 *hardened-sources-2.6.18-r3 (13 Dec 2006)
233
234 13 Dec 2006; Christian Heim <phreak@gentoo.org>
235 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
236 +hardened-sources-2.6.18-r3.ebuild:
237 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
238 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
239
240 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
241 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
242
243 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
244 Stable on ppc wrt bug 157356
245
246 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
247 hardened-sources-2.6.18.ebuild:
248 stable x86, bug #157356
249
250 *hardened-sources-2.6.18-r2 (06 Dec 2006)
251
252 06 Dec 2006; Christian Heim <phreak@gentoo.org>
253 +hardened-sources-2.6.18-r2.ebuild:
254 Revision bump, including 2.6.18.5 (via genpatches) and
255 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
256 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
257 redesign.
258
259 06 Dec 2006; Christian Heim <phreak@gentoo.org>
260 hardened-sources-2.6.18.ebuild:
261 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
262 of Mike Doty).
263
264 *hardened-sources-2.6.18-r1 (23 Nov 2006)
265
266 23 Nov 2006; Christian Heim <phreak@gentoo.org>
267 +hardened-sources-2.6.18-r1.ebuild:
268 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
269
270 *hardened-sources-2.6.18 (11 Nov 2006)
271
272 11 Nov 2006; Christian Heim <phreak@gentoo.org>
273 +hardened-sources-2.6.18.ebuild:
274 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
275
276 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
277 - mark amd64 stable also. bug #151877
278
279 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
280 - mark 2.6.17-r1 stable
281
282 27 Aug 2006; Christian Heim <phreak@gentoo.org>
283 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
284 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
285
286 *hardened-sources-2.6.17-r1 (26 Aug 2006)
287
288 26 Aug 2006; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.17-r1.ebuild:
290 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
291 grsecurity patch.
292
293 *hardened-sources-2.6.17 (17 Aug 2006)
294
295 17 Aug 2006; Christian Heim <phreak@gentoo.org>
296 +hardened-sources-2.6.17.ebuild:
297 Bumping the hardened-sources-2.6 series to 2.6.17, using
298 genpatches-2.6.17-6.base.
299
300 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
301 - stable on x86 and amd64
302
303 *hardened-sources-2.6.16-r11 (15 Jul 2006)
304
305 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
306 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
307 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
308 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
309 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
310 crusty ebuilds
311
312 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
313 hardened-sources-2.6.16-r10.ebuild:
314 marking stable on x86 and amd64
315
316 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
317 - 2.4.32-r6 stable on x86. RSBAC state unknown
318
319 *hardened-sources-2.4.32-r7 (10 Jul 2006)
320
321 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
322 +hardened-sources-2.4.32-r7.ebuild:
323 Bump PaX for RSBAC to test-17
324
325 *hardened-sources-2.6.16-r9 (03 Jul 2006)
326
327 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
328 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
329 hardened-sources-2.6.16 bump to latest -base.
330
331 *hardened-sources-2.4.32-r6 (30 Jun 2006)
332
333 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
334 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
335 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
336 sysctl controlable resource logging
337
338 *hardened-sources-2.6.16-r7 (05 Jun 2006)
339
340 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
341 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
342 push new 2.6.16 release in preparation for stable
343
344 22 May 2006; <solar@gentoo.org> :
345 - redigest bug 134002
346
347 *hardened-sources-2.4.32-r5 (16 May 2006)
348
349 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
350 +hardened-sources-2.4.32-r5.ebuild:
351 Fixes rsbac common patching (new patch in new -r5 patchset)
352
353 *hardened-sources-2.4.32-r4 (13 May 2006)
354
355 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
356 +hardened-sources-2.4.32-r4.ebuild:
357 - security bumps
358
359 *hardened-sources-2.6.16-r6 (03 May 2006)
360
361 03 May 2006; John Mylchreest <johnm@gentoo.org>
362 +hardened-sources-2.6.16-r6.ebuild:
363 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
364
365 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
366 hardened-sources-2.6.14-r8.ebuild:
367 fix x86_64 build problem, this will delay the digest issue again for a short
368 while but it will sort itself out
369
370 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
371 hardened-sources-2.6.14-r8.ebuild:
372 bump hardened patchset
373
374 27 Apr 2006; Alec Warner <antarus@gentoo.org>
375 files/digest-hardened-sources-2.4.32-r2,
376 files/digest-hardened-sources-2.4.32-r3,
377 files/digest-hardened-sources-2.6.14-r8, Manifest:
378 Fixing duff SHA256 digests: Bug # 131293
379
380 *hardened-sources-2.6.16-r5 (27 Apr 2006)
381
382 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
383 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
384 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
385 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
386 cleanup of old uneccessary sources
387
388 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
389 fix digest
390
391 *hardened-sources-2.6.14-r8 (20 Apr 2006)
392
393 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
394 +hardened-sources-2.6.14-r8.ebuild:
395 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
396
397 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
398 Turning on gpg-signing again, and recomitting
399
400 *hardened-sources-2.6.16-r4 (20 Apr 2006)
401
402 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
403 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
404 +hardened-sources-2.6.16-r4.ebuild:
405 Fix numerous security vulns
406
407 *hardened-sources-2.4.32-r3 (16 Apr 2006)
408
409 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
410 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
411 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
412 - security bump for bug #112791. Removed old ebuilds
413
414 *hardened-sources-2.6.16-r3 (15 Apr 2006)
415
416 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
417 +hardened-sources-2.6.16-r3.ebuild:
418 Removing silly localversion which I missed
419
420 *hardened-sources-2.6.14-r7 (14 Apr 2006)
421
422 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
423 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
424 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
425
426 *hardened-sources-2.6.16-r2 (13 Apr 2006)
427
428 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
430 +hardened-sources-2.6.16-r2.ebuild:
431 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
432 labels, dropping USERGROUP define fixes, since these were merged mainstream.
433
434 *hardened-sources-2.6.16-r1 (11 Apr 2006)
435
436 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
437 +hardened-sources-2.6.16-r1.ebuild:
438 Bumping to include ppc build fix and 2.6.16.3
439
440 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
441 hardened-sources-2.6.14-r6.ebuild:
442 Stable on x86; bug #127718
443
444 *hardened-sources-2.6.16 (31 Mar 2006)
445
446 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
447 +hardened-sources-2.6.16.ebuild:
448 Bumping to new version of grsec, and kernel base. New squashfs. Based on
449 2.6.16.1
450
451 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
452 hardened-sources-2.6.14-r6.ebuild:
453 Stable on amd64, bug 127718.
454
455 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
456 Stable on ppc. Bug #127718
457
458 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
459 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
460 -hardened-sources-2.6.14-r4.ebuild:
461 Cleanup.
462
463 *hardened-sources-2.6.14-r6 (15 Mar 2006)
464
465 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
466 +hardened-sources-2.6.14-r6.ebuild:
467 Fixes grsec policy recreation bug and adds a
468 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
469
470 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
471 - stable on x86
472
473 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
474 hardened-sources-2.6.14-r5.ebuild:
475 Stable on ppc.
476
477 *hardened-sources-2.6.14-r5 (01 Feb 2006)
478
479 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
480 +hardened-sources-2.6.14-r5.ebuild:
481 fixing every known exploit
482
483 *hardened-sources-2.4.32-r2 (26 Jan 2006)
484
485 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
486 +hardened-sources-2.4.32-r2.ebuild:
487 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
488
489 *hardened-sources-2.6.14-r4 (12 Jan 2006)
490
491 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
492 - version bump for new genpatches which fix up a few sec holes
493
494 *hardened-sources-2.4.32-r1 (05 Jan 2006)
495
496 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
497 - revision bump to add misc vital linux kernel security patches.
498
499 *hardened-sources-2.6.14-r3 (30 Dec 2005)
500
501 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
502 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
503 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
504
505 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
506 hardened-sources-2.6.14-r2.ebuild:
507 making x86 & amd64 stable following testing.
508
509 *hardened-sources-2.6.14-r2 (27 Dec 2005)
510
511 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
512 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
513 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
514 network hooks.
515
516 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
517 hardened-sources-2.6.14-r1.ebuild:
518 bumping to stable early for sec fix on x86 & amd64
519
520 *hardened-sources-2.6.14-r1 (05 Dec 2005)
521
522 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
523 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
524 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
525
526 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
527 - stable on x86 security bug #114227 CAN-2005-3257
528
529 *hardened-sources-2.4.32 (19 Nov 2005)
530
531 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
532 +hardened-sources-2.4.32.ebuild:
533 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
534 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
535 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
536 rsbac >> /etc/portage/package.use)
537
538 *hardened-sources-2.6.14 (14 Nov 2005)
539
540 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
541 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
542 Bumping 2.6 series to 2.6.14.2
543
544 *hardened-sources-2.6.13-r2 (20 Oct 2005)
545
546 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
547 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
548 +hardened-sources-2.6.13-r2.ebuild:
549 Fixes minor build error in ppc.
550
551 *hardened-sources-2.6.13-r1 (17 Oct 2005)
552
553 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
554 +hardened-sources-2.6.13-r1.ebuild:
555 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
556 2.6.13.4, fixes some major amd64 stability problems.
557
558 *hardened-sources-2.6.13 (16 Sep 2005)
559
560 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
561 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
562 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
563 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
564 users should test this thoroughly.
565
566 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
567 - stable on x86
568
569 *hardened-sources-2.6.11-r15 (27 Jun 2005)
570
571 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
572 +hardened-sources-2.6.11-r15.ebuild:
573 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
574 grsec redefining curr_ip struct.
575
576 *hardened-sources-2.4.31 (20 Jun 2005)
577
578 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
579 initial import of 2.4.31 tree
580
581 *hardened-sources-2.6.11-r14 (14 Jun 2005)
582
583 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
584 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
585 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
586 naming scheme to abide by genpatches
587
588 *hardened-sources-2.6.11-r13 (18 May 2005)
589
590 18 May 2005; John Mylchreest <johnm@gentoo.org>
591 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
592 Managed to mangle the Makefile patch from grsec, to miss out the grsec
593 target. sorry about that. Fixes bug #93022
594
595 *hardened-sources-2.6.11-r12 (17 May 2005)
596
597 17 May 2005; John Mylchreest <johnm@gentoo.org>
598 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
599 +hardened-sources-2.6.11-r12.ebuild:
600 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
601 merges in genpatches-base
602
603 *hardened-sources-2.6.11-r12 (17 May 2005)
604
605 17 May 2005; John Mylchreest <johnm@gentoo.org>
606 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
607 +hardened-sources-2.6.11-r12.ebuild:
608 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
609 merges in genpatches-base
610
611 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
612 -files/2.4.27-cmdline-race.patch,
613 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
614 -files/2.4.28-grsec-binfmt_a.out.patch,
615 -files/2.4.28-grsec-cmdline-race.patch,
616 -files/2.4.28-selinux-binfmt_a.out.patch,
617 -files/2.4.28-selinux-cmdline-race.patch,
618 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
619 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
620 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
621 cleanup..
622
623 *hardened-sources-2.4.30-r1 (21 Apr 2005)
624
625 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
626 - disable aout by default
627
628 *hardened-sources-2.4.30 (18 Apr 2005)
629
630 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
631 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
632 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
633 use
634
635 *hardened-sources-2.4.29 (30 Mar 2005)
636
637 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
638 +hardened-sources-2.4.29.ebuild:
639 New hardened-patches-2.4-29.0 patchball.
640 Removed SELinux support, upgraded GRSecurity to 2.1.4.
641
642 *hardened-sources-2.4.28-r5 (06 Mar 2005)
643
644 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
645 +hardened-sources-2.4.28-r5.ebuild:
646 Added a fix for a PaX vulnerability.
647
648 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
649 hardened-sources-2.4.28-r4.ebuild:
650 Stable on x86
651
652 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
653 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
654 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
655 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
656 - fixed/added RDEPEND= in all kernel-2 ebuilds
657
658 *hardened-sources-2.4.28-r4 (21 Jan 2005)
659
660 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
661 +hardened-sources-2.4.28-r4.ebuild:
662 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
663 backport of neighbour hash updates.
664
665 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
666 hardened-sources-2.4.28-r3.ebuild:
667 Stable on x86
668
669 *hardened-sources-2.6.10-r3 (20 Jan 2005)
670
671 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
672 +hardened-sources-2.6.10-r3.ebuild:
673 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
674 in 2005.0
675
676 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
677 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
678 hardened-sources-2.4.28-r2.ebuild:
679 Mark stable on x86
680
681 *hardened-sources-2.4.28-r3 (17 Jan 2005)
682
683 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
684 +hardened-sources-2.4.28-r3.ebuild:
685 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
686
687 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
688 hardened-sources-2.4.28.ebuild:
689 Mark stable on x86.
690
691 *hardened-sources-2.4.28-r2 (13 Jan 2005)
692
693 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
694 +hardened-sources-2.4.28-r2.ebuild:
695 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
696 Mazinger for grsecurity patches as well.
697
698 *hardened-sources-2.4.28-r1 (23 Dec 2004)
699
700 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
701 Security bump. Thank tocharian for rolling a new patchset...
702
703 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
704 +files/2.4.28-grsec-cmdline-race.patch,
705 +files/2.4.28-selinux-binfmt_a.out.patch,
706 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
707 - Round up remaining security patches that appear to be missing in 2.4.28. -
708 PaX standalone updated to current. hgpv=28.1
709
710 *hardened-sources-2.4.28 (28 Nov 2004)
711
712 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
713 security bump. Thank tocharian for rolling a new patchset
714
715 *hardened-sources-2.4.27-r3 (08 Sep 2004)
716
717 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
718 +hardened-sources-2.4.27-r3.ebuild:
719 Applies the new 2.4-27.2 patchball which updates
720 GRSecurity to the 2.0.1 version.
721
722 *hardened-sources-2.4.27-r2 (31 Aug 2004)
723
724 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
725 +hardened-sources-2.4.27-r2.ebuild:
726 Version bump.
727 This version uses the new 2.4-27.1 patchball which updates
728 both the SELinux PaX hooks patch and the SELinux headers.
729
730 *hardened-sources-2.4.27-r1 (09 Aug 2004)
731
732 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
733 +hardened-sources-2.4.27-r1.ebuild,
734 -hardened-sources-2.4.27.ebuild,
735 +files/2.4.27-cmdline-race.patch:
736 Version bump, fix for cmdline race. See bug #59905.
737
738 *hardened-sources-2.4.26-r6 (09 Aug 2004)
739
740 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
741 +hardened-sources-2.4.26-r6.ebuild,
742 -hardened-sources-2.4.26-r5.ebuild,
743 -hardened-sources-2.4.26-r4.ebuild,
744 +files/2.4.26-cmdline-race.patch:
745 Version bump, fix for cmdline race. See bug #59905.
746
747 *hardened-sources-2.4.27 (08 Aug 2004)
748
749 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
750 +hardened-sources-2.4.27.ebuild,
751 +files/2.4.27-CAN-2004-0394.patch:
752 Ported the patchball to the 2.4.27 kernel version.
753
754 *hardened-sources-2.4.26-r5 (07 Aug 2004)
755
756 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
757 +hardened-sources-2.4.26-r5.ebuild:
758 Updated to use the new hardened-patches-2.4-26.1 patchball.
759 It adds the following features:
760 - Squashfs
761 - Ebtables
762 - Netdev random (core+drivers)
763 - Watchdog Timer (WDT) fix.
764
765 *hardened-sources-2.4.26-r4 (04 Aug 2004)
766
767 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
768 +hardened-sources-2.4.26-r4.ebuild,
769 +files/2.4.26-CAN-2004-0415.patch,
770 -hardened-sources-2.4.26-3:
771 Version bump, fix for CAN 0415, see bug #59378.
772
773 *hardened-sources-2.4.26-r3 (22 Jul 2004)
774
775 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
776 +hardened-sources-2.4.26-r3.ebuild,
777 +files/2.4.26-CAN-2004-0497.patch,
778 -hardened-sources-2.4.26-r2.ebuild:
779 Version bump, fixed CAN 0497, see bug #56171.
780
781 *hardened-sources-2.4.26-r2 (29 Jun 2004)
782
783 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
784 +hardened-sources-2.4.26-r2.ebuild,
785 +files/2.4.26-CAN-2004-0495.patch,
786 +files/2.4.26-CAN-2004-0535.patch,
787 -hardened-sources-2.4.26-r1.ebuild:
788 Fixes for both CAN 0495 and 0535, see bug #54976
789
790 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
791 hardened-sources-2.4.26-r1.ebuild:
792 QA - fix use invocation
793
794 *hardened-sources-2.4.26-r1 (22 June 2004)
795
796 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
797 +hardened-sources-2.4.26-r1.ebuild,
798 +files/2.4.26-CAN-2004-0394.patch,
799 +files/2.4.26-signal-race.patch,
800 -hardened-sources-2.4.26.ebuild,
801 -hardened-sources-2.4.24-r3.ebuild:
802 Version bump for the CAN-2004-0394 issue and bug #53804
803 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
804
805
806 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
807 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
808 Masked hardened-sources-2.4.26.ebuild broken for ppc
809
810 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
811 hardened-sources-2.4.24-r3.ebuild:
812 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
813
814 *hardened-sources-2.4.26 (29 May 2004)
815
816 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.26.ebuild:
818 Updated hardened-sources for the 2.4.26 kernel
819 Removed broken components, updated almost everything.
820
821 *hardened-sources-2.4.24-r3 (17 Apr 2004)
822
823 17 Apr 2004; <plasmaroo@gentoo.org>
824 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
825 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
826 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
827 +hardened-sources-2.4.24-r3.ebuild:
828 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
829 vulnerabilities. Old revisions removed.
830
831 *hardened-sources-2.4.24-r2 (15 Apr 2004)
832
833 15 Apr 2004; <plasmaroo@gentoo.org>
834 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
835 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
836 Version bump for the CAN-2004-0109 issue; bug #47881.
837
838 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
839 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
840 Add eutils to inherit.
841
842 *hardened-sources-2.4.24-r1 (19 Feb 2004)
843
844 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
845 files/hardened-sources-2.4.24.munmap.patch:
846 Added the patch for the mremap/munmap vulnerability. Bug #42024.
847
848 *hardened-sources-2.4.24 (06 Feb 2004)
849
850 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
851 hardened-sources-2.4.24.ebuild:
852 Version bump, updated most of the components.
853 This release includes the following:
854
855 - Hardened security
856 - Netfilter patch-o-matic 20031219
857 - FreeSWAN 2.04 & x509 1.4.8
858 - EVMS 2.2.2
859 - XFS 1.3.1
860 - cryptoloop jari
861 - grsecurity 2.0-rc4
862 - SELinux
863 - PaX 200402060000
864 - PaX Obscurity 200308302223
865 - Others...
866
867 Neither -ck nor systrace are included anymore.
868
869 *hardened-sources-2.4.22-r2 (05 Jan 2004)
870
871 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
872 hardened-sources-2.4.22-r2.ebuild:
873 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
874
875 *hardened-sources-2.4.22-r1 (02 Dec 2003)
876
877 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
878 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
879
880 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
881 hardened-sources-2.4.22-r1.ebuild:
882 Version bump for the 'do_brk' vulnerability.
883
884 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
885 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
886 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
887 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
888 Fix the 'do_brk' vulnerability.
889
890 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
891 hardened-sources-2.4.22.ebuild:
892 - Removed the src_install() portion for SELinux flask
893 components. These are no longer handled in the kernel
894 so this code was not necessary.
895
896 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
897 New 2.4.22 based hardened-sources thanks to
898 Phil West <p.west@computer.org>.
899
900 These sources include:
901 - New SELinux API
902 - Updated CK-base
903 - Updated GRSec
904 - Systrace
905 - SuperFreeS/WAN 1.99.8
906 - Propolice kernel build support
907 - EVMS
908 - Other various security related patches
909
910 *hardened-sources-2.4.21 (14 Sep 2003)
911
912 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
913 Updated hardened-sources based on the 2.4.21 Linux kernel.
914 This includes updates to most major components such as:
915 - ck-base-0306300059
916 - selinux-2.4-2003071106
917 - grsecurity-2.0-rc1
918 - Updated IPTables patch-o-matic
919 - Updated SuperFreeS/WAN
920
921 Thanks to Phil West <pwest@computer.org> for his work in getting this
922 updated patch set ready for the 2.4.21 based kernel.
923
924 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
925 Initial import of hardened-sources-2.4.20-r4. This revision
926 includes only a few changes, but one of these is an important
927 security fix. It is recommended all users of hardened-sources
928 upgrade to this release.
929
930 - ioperm bug fix
931 - fixed compilation failure when building without GRSec
932
933 SAL (Secure Auditing for Linux) is NOT included in this revision
934 due to time constraints, but is planned for inclusion in the near
935 future.
936
937 *hardened-sources-2.4.20-r2 (12 Jun 2003)
938
939 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
940 hardened-sources-2.4.20-r3.ebuild:
941 Add Header...
942
943 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
944 hardened-sources-2.4.20-r3.ebuild:
945 Removed warnings from ebuild. This kernel should be safe to
946 use at this point.
947
948 *hardened-sources-2.4.20-r3 (08 Jun 2003)
949
950 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
951 hardened-sources-2.4.20-r3.ebuild:
952 New revision. Includes the following changes over -r2:
953
954 - ck7-base (O(1), preempt, low latency)
955 - Super FreeS/WAN 1.99.7rc2
956 - PaX for the LSM/SELinux branch
957 - GRSecurity 2.0-pre4 (role based access control)
958 - Systrace 1.3
959 - EXT3 fixes
960 - EVMS 2.0.1
961 - GCC 3.1+ compile optimizations
962 - ProPolice kernel build support
963 - Hashing table security fixes
964
965 *hardened-sources-2.4.20-r1 (09 Apr 2003)
966
967 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
968 Initial import of hardened-sources-r2. This new
969 ebuild includes many new performance and security
970 related patches. As in -r1, it will patch in
971 LSM/SELinux if "selinux" is in USE, otherwise it
972 will patch in GRSecurity. The following patches
973 are included in this revision:
974
975 - O(1) Scheduler, Low Latency, and Preempt
976 (pulled from the base CK patch)
977 - ptrace exploit patch for the LSM kernel
978 (the GRSec patch already fixes this)
979 - LSM 2.4-2003040709
980 - SELinux 2.4-2003040709
981 - Systrace v1.2
982 - IPTables patch-o-matic base patches - 20030107
983 - CryptoAPI 2.4.20.1 w/ loop-jari patch
984 - Super FreeS/WAN 1.99.6.1
985 - GRSecurity 1.9.9g
986 - MPPE
987 - EXT3 data journal fix
988 - CIPE 1.5.4
989
990 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
991 hardened-sources-2.4.20-r1.ebuild, manifest:
992 Updated to install flask components correctly for selinux.
993
994 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
995 hardened-sources-2.4.20-r1.ebuild:
996 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
997 is patched in instead. Ptrace patches for selinux have also been added. In
998 either case, systrace support will be patched in as well.
999
1000 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1001 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1002 Revision bump for new sources.
1003
1004 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1005 hardened-sources-2.4.20-r1.ebuild:
1006 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1007
1008 *hardened-sources-2.4.20 (30 Mar 2003)
1009
1010 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1011 hardened-sources-2.4.20.ebuild:
1012 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20