/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.159 - (show annotations) (download)
Tue Jun 12 05:11:05 2007 UTC (6 years, 10 months ago) by phreak
Branch: MAIN
Changes since 1.158: +9 -1 lines
Revision bump for hardened-sources-2.6.20, incorporating various CVE (some of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other love.
(Portage version: 2.1.2.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.158 2007/06/11 20:30:22 pappy Exp $
4
5 *hardened-sources-2.6.20-r5 (11 Jun 2007)
6
7 11 Jun 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.20-r5.ebuild:
9 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
10 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
11 love.
12
13 *hardened-sources-2.4.34.5 (11 Jun 2007)
14
15 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
16 +hardened-sources-2.4.34.5.ebuild:
17 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
18
19 30 May 2007; Christian Heim <phreak@gentoo.org>
20 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
21 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
22 stale ebuild(s).
23
24 30 May 2007; Christian Heim <phreak@gentoo.org>
25 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
26 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
27 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
28 Doing some cleanups, remove stale ebuilds.
29
30 26 May 2007; Christian Heim <phreak@gentoo.org>
31 hardened-sources-2.6.21-r2.ebuild:
32 Fixing the grsecurity patch, had one '};' too much.
33
34 *hardened-sources-2.6.21-r2 (26 May 2007)
35
36 26 May 2007; Christian Heim <phreak@gentoo.org>
37 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
38 +hardened-sources-2.6.21-r2.ebuild:
39 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
40 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
41
42 *hardened-sources-2.6.20-r4 (26 May 2007)
43
44 26 May 2007; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
46 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
47 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
48
49 15 May 2007; Christian Heim <phreak@gentoo.org>
50 hardened-sources-2.6.20-r3.ebuild:
51 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
52 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
53 grsecurity patch fail in that exact same hunk.
54
55 *hardened-sources-2.6.20-r3 (15 May 2007)
56
57 15 May 2007; Christian Heim <phreak@gentoo.org>
58 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
59 Revision bump, incorporating Linux 2.6.20.11.
60
61 *hardened-sources-2.6.21-r1 (11 May 2007)
62
63 11 May 2007; Christian Heim <phreak@gentoo.org>
64 +hardened-sources-2.6.21-r1.ebuild:
65 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
66 mentioned in #177234.
67
68 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
69 files/digest-hardened-sources-2.6.21, Manifest:
70 Fix Manifest/digest for linux-2.6.21.tar.bz2
71
72 06 May 2007; Christian Heim <phreak@gentoo.org>
73 hardened-sources-2.6.21.ebuild:
74 Bumping the hardened-patches version, needed for the fix for #177234.
75
76 *hardened-sources-2.6.21 (02 May 2007)
77
78 02 May 2007; Christian Heim <phreak@gentoo.org>
79 +hardened-sources-2.6.21.ebuild:
80 Version bump, Linux 2.6.21-hardened.
81
82 29 Apr 2007; Christian Heim <phreak@gentoo.org>
83 hardened-sources-2.6.20-r2.ebuild:
84 Adding ~ia64 on Ned's request.
85
86 29 Apr 2007; Christian Heim <phreak@gentoo.org>
87 hardened-sources-2.6.20-r2.ebuild:
88 Fixing the included grsecurity patch, wasn't alligning due to the Index:
89 header line(s).
90
91 29 Apr 2007; Christian Heim <phreak@gentoo.org>
92 hardened-sources-2.6.20-r2.ebuild:
93 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
94
95 *hardened-sources-2.6.20-r2 (10 Apr 2007)
96
97 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
98 +hardened-sources-2.6.20-r2.ebuild:
99 Version bump, on behalf of phreak
100
101 *hardened-sources-2.6.20-r1 (04 Apr 2007)
102
103 04 Apr 2007; Christian Heim <phreak@gentoo.org>
104 +hardened-sources-2.6.20-r1.ebuild:
105 Revision bump, grabbing a newer grsecurity snapshot.
106
107 *hardened-sources-2.6.20 (25 Mar 2007)
108
109 25 Mar 2007; Christian Heim <phreak@gentoo.org>
110 +hardened-sources-2.6.20.ebuild:
111 Finally a hardened-sources version for 2.6.20; many people have been waiting
112 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
113 testbox.
114
115 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
116 hardened-sources-2.6.18-r6.ebuild:
117 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
118
119 *hardened-sources-2.6.18-r6 (16 Mar 2007)
120
121 16 Mar 2007; Christian Heim <phreak@gentoo.org>
122 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
123 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
124 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
125 supposed to be.
126
127 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
128 Fixing the Manifest, the previous one was broken (as in still had the
129 deleted ebuild in it).
130
131 06 Mar 2007; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
133 +hardened-sources-2.6.18-r5.ebuild:
134 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
135 Linux 2.6.18.8. Also cleaning up the older version.
136
137 *hardened-sources-2.6.18-r5 (06 Mar 2007)
138
139 06 Mar 2007; Christian Heim <phreak@gentoo.org>
140 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
141 +hardened-sources-2.6.18-r5.ebuild:
142 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
143 Linux 2.6.18.8. Also cleaning up the older version.
144
145 24 Feb 2007; Christian Heim <phreak@gentoo.org>
146 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
147 -hardened-sources-2.6.19-r5.ebuild:
148 Removing some of the old version, that didn't work.
149
150 *hardened-sources-2.6.19-r6 (12 Feb 2007)
151
152 12 Feb 2007; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.19-r6.ebuild:
154 Revision bump, including a new grsec version fixing #166235.
155
156 *hardened-sources-2.4.34 (24 Jan 2007)
157
158 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
159 Manifest:
160 updating Manifest with checksums of new tarball and ebuild
161
162 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
163 +hardened-sources-2.4.34.ebuild:
164 I added new hardened sources 2.4 update, this is a critical path
165 security bugfix - all users of h-s are strongly advised
166 to update their existing hardened sources to this version.
167 It contains a fix for a kernel vulnerability that is pertaining
168 to the PaX changes to virtual memory management, possibly leading
169 to a local kernel exploit ... see grsecurity.net forums and homepage
170
171 23 Jan 2007; Christian Heim <phreak@gentoo.org>
172 files/digest-hardened-sources-2.6.19-r5, Manifest:
173 Fixing the patch-tarball digest.
174
175 *hardened-sources-2.6.19-r5 (23 Jan 2007)
176
177 23 Jan 2007; Christian Heim <phreak@gentoo.org>
178 +hardened-sources-2.6.19-r5.ebuild:
179 Revision bump, closing the recently discovered PaX expand_stack()
180 vulnerability.
181
182 *hardened-sources-2.6.19-r4 (14 Jan 2007)
183
184 14 Jan 2007; Christian Heim <phreak@gentoo.org>
185 +hardened-sources-2.6.19-r4.ebuild:
186 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
187 dropping the randomized PID feature.
188
189 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
190 hardened-sources-2.4.33.4.ebuild:
191 stable x86, bug #161171
192
193 *hardened-sources-2.6.19-r3 (27 Dec 2006)
194
195 27 Dec 2006; Christian Heim <phreak@gentoo.org>
196 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
197 Revision bump for bug #157186 and #158786.
198
199 *hardened-sources-2.6.18-r4 (27 Dec 2006)
200
201 27 Dec 2006; Christian Heim <phreak@gentoo.org>
202 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
203 Revision bump for bug #157186.
204
205 *hardened-sources-2.6.19-r2 (23 Dec 2006)
206
207 23 Dec 2006; Christian Heim <phreak@gentoo.org>
208 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
209 Revision bump to pull in genpatches-2.6.19-3 for #157186.
210
211 17 Dec 2006; Christian Heim <phreak@gentoo.org>
212 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
213 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
214 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
215 hardened-sources-2.6.19-r1.ebuild:
216 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
217 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
218
219 *hardened-sources-2.4.33.4 (17 Dec 2006)
220
221 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
222 +hardened-sources-2.4.33.4.ebuild:
223 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
224 and quilting
225
226 *hardened-sources-2.6.19-r1 (14 Dec 2006)
227
228 14 Dec 2006; Christian Heim <phreak@gentoo.org>
229 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
230 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
231 for reporting).
232
233 *hardened-sources-2.6.19 (13 Dec 2006)
234
235 13 Dec 2006; Christian Heim <phreak@gentoo.org>
236 +hardened-sources-2.6.19.ebuild:
237 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
238 Brad for providing that prompt update.
239
240 *hardened-sources-2.6.18-r3 (13 Dec 2006)
241
242 13 Dec 2006; Christian Heim <phreak@gentoo.org>
243 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
244 +hardened-sources-2.6.18-r3.ebuild:
245 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
246 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
247
248 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
249 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
250
251 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
252 Stable on ppc wrt bug 157356
253
254 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
255 hardened-sources-2.6.18.ebuild:
256 stable x86, bug #157356
257
258 *hardened-sources-2.6.18-r2 (06 Dec 2006)
259
260 06 Dec 2006; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.6.18-r2.ebuild:
262 Revision bump, including 2.6.18.5 (via genpatches) and
263 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
264 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
265 redesign.
266
267 06 Dec 2006; Christian Heim <phreak@gentoo.org>
268 hardened-sources-2.6.18.ebuild:
269 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
270 of Mike Doty).
271
272 *hardened-sources-2.6.18-r1 (23 Nov 2006)
273
274 23 Nov 2006; Christian Heim <phreak@gentoo.org>
275 +hardened-sources-2.6.18-r1.ebuild:
276 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
277
278 *hardened-sources-2.6.18 (11 Nov 2006)
279
280 11 Nov 2006; Christian Heim <phreak@gentoo.org>
281 +hardened-sources-2.6.18.ebuild:
282 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
283
284 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
285 - mark amd64 stable also. bug #151877
286
287 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
288 - mark 2.6.17-r1 stable
289
290 27 Aug 2006; Christian Heim <phreak@gentoo.org>
291 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
292 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
293
294 *hardened-sources-2.6.17-r1 (26 Aug 2006)
295
296 26 Aug 2006; Christian Heim <phreak@gentoo.org>
297 +hardened-sources-2.6.17-r1.ebuild:
298 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
299 grsecurity patch.
300
301 *hardened-sources-2.6.17 (17 Aug 2006)
302
303 17 Aug 2006; Christian Heim <phreak@gentoo.org>
304 +hardened-sources-2.6.17.ebuild:
305 Bumping the hardened-sources-2.6 series to 2.6.17, using
306 genpatches-2.6.17-6.base.
307
308 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
309 - stable on x86 and amd64
310
311 *hardened-sources-2.6.16-r11 (15 Jul 2006)
312
313 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
314 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
315 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
316 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
317 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
318 crusty ebuilds
319
320 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
321 hardened-sources-2.6.16-r10.ebuild:
322 marking stable on x86 and amd64
323
324 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
325 - 2.4.32-r6 stable on x86. RSBAC state unknown
326
327 *hardened-sources-2.4.32-r7 (10 Jul 2006)
328
329 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
330 +hardened-sources-2.4.32-r7.ebuild:
331 Bump PaX for RSBAC to test-17
332
333 *hardened-sources-2.6.16-r9 (03 Jul 2006)
334
335 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
336 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
337 hardened-sources-2.6.16 bump to latest -base.
338
339 *hardened-sources-2.4.32-r6 (30 Jun 2006)
340
341 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
342 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
343 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
344 sysctl controlable resource logging
345
346 *hardened-sources-2.6.16-r7 (05 Jun 2006)
347
348 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
349 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
350 push new 2.6.16 release in preparation for stable
351
352 22 May 2006; <solar@gentoo.org> :
353 - redigest bug 134002
354
355 *hardened-sources-2.4.32-r5 (16 May 2006)
356
357 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
358 +hardened-sources-2.4.32-r5.ebuild:
359 Fixes rsbac common patching (new patch in new -r5 patchset)
360
361 *hardened-sources-2.4.32-r4 (13 May 2006)
362
363 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
364 +hardened-sources-2.4.32-r4.ebuild:
365 - security bumps
366
367 *hardened-sources-2.6.16-r6 (03 May 2006)
368
369 03 May 2006; John Mylchreest <johnm@gentoo.org>
370 +hardened-sources-2.6.16-r6.ebuild:
371 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
372
373 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
374 hardened-sources-2.6.14-r8.ebuild:
375 fix x86_64 build problem, this will delay the digest issue again for a short
376 while but it will sort itself out
377
378 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
379 hardened-sources-2.6.14-r8.ebuild:
380 bump hardened patchset
381
382 27 Apr 2006; Alec Warner <antarus@gentoo.org>
383 files/digest-hardened-sources-2.4.32-r2,
384 files/digest-hardened-sources-2.4.32-r3,
385 files/digest-hardened-sources-2.6.14-r8, Manifest:
386 Fixing duff SHA256 digests: Bug # 131293
387
388 *hardened-sources-2.6.16-r5 (27 Apr 2006)
389
390 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
391 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
392 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
393 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
394 cleanup of old uneccessary sources
395
396 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
397 fix digest
398
399 *hardened-sources-2.6.14-r8 (20 Apr 2006)
400
401 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
402 +hardened-sources-2.6.14-r8.ebuild:
403 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
404
405 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
406 Turning on gpg-signing again, and recomitting
407
408 *hardened-sources-2.6.16-r4 (20 Apr 2006)
409
410 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
411 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
412 +hardened-sources-2.6.16-r4.ebuild:
413 Fix numerous security vulns
414
415 *hardened-sources-2.4.32-r3 (16 Apr 2006)
416
417 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
418 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
419 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
420 - security bump for bug #112791. Removed old ebuilds
421
422 *hardened-sources-2.6.16-r3 (15 Apr 2006)
423
424 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
425 +hardened-sources-2.6.16-r3.ebuild:
426 Removing silly localversion which I missed
427
428 *hardened-sources-2.6.14-r7 (14 Apr 2006)
429
430 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
431 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
432 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
433
434 *hardened-sources-2.6.16-r2 (13 Apr 2006)
435
436 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
437 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
438 +hardened-sources-2.6.16-r2.ebuild:
439 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
440 labels, dropping USERGROUP define fixes, since these were merged mainstream.
441
442 *hardened-sources-2.6.16-r1 (11 Apr 2006)
443
444 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
445 +hardened-sources-2.6.16-r1.ebuild:
446 Bumping to include ppc build fix and 2.6.16.3
447
448 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
449 hardened-sources-2.6.14-r6.ebuild:
450 Stable on x86; bug #127718
451
452 *hardened-sources-2.6.16 (31 Mar 2006)
453
454 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
455 +hardened-sources-2.6.16.ebuild:
456 Bumping to new version of grsec, and kernel base. New squashfs. Based on
457 2.6.16.1
458
459 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
460 hardened-sources-2.6.14-r6.ebuild:
461 Stable on amd64, bug 127718.
462
463 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
464 Stable on ppc. Bug #127718
465
466 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
467 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
468 -hardened-sources-2.6.14-r4.ebuild:
469 Cleanup.
470
471 *hardened-sources-2.6.14-r6 (15 Mar 2006)
472
473 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
474 +hardened-sources-2.6.14-r6.ebuild:
475 Fixes grsec policy recreation bug and adds a
476 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
477
478 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
479 - stable on x86
480
481 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
482 hardened-sources-2.6.14-r5.ebuild:
483 Stable on ppc.
484
485 *hardened-sources-2.6.14-r5 (01 Feb 2006)
486
487 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
488 +hardened-sources-2.6.14-r5.ebuild:
489 fixing every known exploit
490
491 *hardened-sources-2.4.32-r2 (26 Jan 2006)
492
493 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
494 +hardened-sources-2.4.32-r2.ebuild:
495 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
496
497 *hardened-sources-2.6.14-r4 (12 Jan 2006)
498
499 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
500 - version bump for new genpatches which fix up a few sec holes
501
502 *hardened-sources-2.4.32-r1 (05 Jan 2006)
503
504 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
505 - revision bump to add misc vital linux kernel security patches.
506
507 *hardened-sources-2.6.14-r3 (30 Dec 2005)
508
509 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
510 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
511 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
512
513 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
514 hardened-sources-2.6.14-r2.ebuild:
515 making x86 & amd64 stable following testing.
516
517 *hardened-sources-2.6.14-r2 (27 Dec 2005)
518
519 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
520 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
521 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
522 network hooks.
523
524 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
525 hardened-sources-2.6.14-r1.ebuild:
526 bumping to stable early for sec fix on x86 & amd64
527
528 *hardened-sources-2.6.14-r1 (05 Dec 2005)
529
530 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
531 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
532 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
533
534 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
535 - stable on x86 security bug #114227 CAN-2005-3257
536
537 *hardened-sources-2.4.32 (19 Nov 2005)
538
539 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
540 +hardened-sources-2.4.32.ebuild:
541 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
542 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
543 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
544 rsbac >> /etc/portage/package.use)
545
546 *hardened-sources-2.6.14 (14 Nov 2005)
547
548 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
549 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
550 Bumping 2.6 series to 2.6.14.2
551
552 *hardened-sources-2.6.13-r2 (20 Oct 2005)
553
554 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
555 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
556 +hardened-sources-2.6.13-r2.ebuild:
557 Fixes minor build error in ppc.
558
559 *hardened-sources-2.6.13-r1 (17 Oct 2005)
560
561 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
562 +hardened-sources-2.6.13-r1.ebuild:
563 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
564 2.6.13.4, fixes some major amd64 stability problems.
565
566 *hardened-sources-2.6.13 (16 Sep 2005)
567
568 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
569 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
570 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
571 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
572 users should test this thoroughly.
573
574 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
575 - stable on x86
576
577 *hardened-sources-2.6.11-r15 (27 Jun 2005)
578
579 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
580 +hardened-sources-2.6.11-r15.ebuild:
581 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
582 grsec redefining curr_ip struct.
583
584 *hardened-sources-2.4.31 (20 Jun 2005)
585
586 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
587 initial import of 2.4.31 tree
588
589 *hardened-sources-2.6.11-r14 (14 Jun 2005)
590
591 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
592 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
593 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
594 naming scheme to abide by genpatches
595
596 *hardened-sources-2.6.11-r13 (18 May 2005)
597
598 18 May 2005; John Mylchreest <johnm@gentoo.org>
599 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
600 Managed to mangle the Makefile patch from grsec, to miss out the grsec
601 target. sorry about that. Fixes bug #93022
602
603 *hardened-sources-2.6.11-r12 (17 May 2005)
604
605 17 May 2005; John Mylchreest <johnm@gentoo.org>
606 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
607 +hardened-sources-2.6.11-r12.ebuild:
608 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
609 merges in genpatches-base
610
611 *hardened-sources-2.6.11-r12 (17 May 2005)
612
613 17 May 2005; John Mylchreest <johnm@gentoo.org>
614 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
615 +hardened-sources-2.6.11-r12.ebuild:
616 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
617 merges in genpatches-base
618
619 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
620 -files/2.4.27-cmdline-race.patch,
621 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
622 -files/2.4.28-grsec-binfmt_a.out.patch,
623 -files/2.4.28-grsec-cmdline-race.patch,
624 -files/2.4.28-selinux-binfmt_a.out.patch,
625 -files/2.4.28-selinux-cmdline-race.patch,
626 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
627 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
628 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
629 cleanup..
630
631 *hardened-sources-2.4.30-r1 (21 Apr 2005)
632
633 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
634 - disable aout by default
635
636 *hardened-sources-2.4.30 (18 Apr 2005)
637
638 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
639 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
640 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
641 use
642
643 *hardened-sources-2.4.29 (30 Mar 2005)
644
645 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
646 +hardened-sources-2.4.29.ebuild:
647 New hardened-patches-2.4-29.0 patchball.
648 Removed SELinux support, upgraded GRSecurity to 2.1.4.
649
650 *hardened-sources-2.4.28-r5 (06 Mar 2005)
651
652 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
653 +hardened-sources-2.4.28-r5.ebuild:
654 Added a fix for a PaX vulnerability.
655
656 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
657 hardened-sources-2.4.28-r4.ebuild:
658 Stable on x86
659
660 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
661 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
662 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
663 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
664 - fixed/added RDEPEND= in all kernel-2 ebuilds
665
666 *hardened-sources-2.4.28-r4 (21 Jan 2005)
667
668 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
669 +hardened-sources-2.4.28-r4.ebuild:
670 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
671 backport of neighbour hash updates.
672
673 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
674 hardened-sources-2.4.28-r3.ebuild:
675 Stable on x86
676
677 *hardened-sources-2.6.10-r3 (20 Jan 2005)
678
679 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
680 +hardened-sources-2.6.10-r3.ebuild:
681 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
682 in 2005.0
683
684 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
685 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
686 hardened-sources-2.4.28-r2.ebuild:
687 Mark stable on x86
688
689 *hardened-sources-2.4.28-r3 (17 Jan 2005)
690
691 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
692 +hardened-sources-2.4.28-r3.ebuild:
693 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
694
695 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
696 hardened-sources-2.4.28.ebuild:
697 Mark stable on x86.
698
699 *hardened-sources-2.4.28-r2 (13 Jan 2005)
700
701 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
702 +hardened-sources-2.4.28-r2.ebuild:
703 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
704 Mazinger for grsecurity patches as well.
705
706 *hardened-sources-2.4.28-r1 (23 Dec 2004)
707
708 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
709 Security bump. Thank tocharian for rolling a new patchset...
710
711 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
712 +files/2.4.28-grsec-cmdline-race.patch,
713 +files/2.4.28-selinux-binfmt_a.out.patch,
714 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
715 - Round up remaining security patches that appear to be missing in 2.4.28. -
716 PaX standalone updated to current. hgpv=28.1
717
718 *hardened-sources-2.4.28 (28 Nov 2004)
719
720 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
721 security bump. Thank tocharian for rolling a new patchset
722
723 *hardened-sources-2.4.27-r3 (08 Sep 2004)
724
725 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
726 +hardened-sources-2.4.27-r3.ebuild:
727 Applies the new 2.4-27.2 patchball which updates
728 GRSecurity to the 2.0.1 version.
729
730 *hardened-sources-2.4.27-r2 (31 Aug 2004)
731
732 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
733 +hardened-sources-2.4.27-r2.ebuild:
734 Version bump.
735 This version uses the new 2.4-27.1 patchball which updates
736 both the SELinux PaX hooks patch and the SELinux headers.
737
738 *hardened-sources-2.4.27-r1 (09 Aug 2004)
739
740 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
741 +hardened-sources-2.4.27-r1.ebuild,
742 -hardened-sources-2.4.27.ebuild,
743 +files/2.4.27-cmdline-race.patch:
744 Version bump, fix for cmdline race. See bug #59905.
745
746 *hardened-sources-2.4.26-r6 (09 Aug 2004)
747
748 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
749 +hardened-sources-2.4.26-r6.ebuild,
750 -hardened-sources-2.4.26-r5.ebuild,
751 -hardened-sources-2.4.26-r4.ebuild,
752 +files/2.4.26-cmdline-race.patch:
753 Version bump, fix for cmdline race. See bug #59905.
754
755 *hardened-sources-2.4.27 (08 Aug 2004)
756
757 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
758 +hardened-sources-2.4.27.ebuild,
759 +files/2.4.27-CAN-2004-0394.patch:
760 Ported the patchball to the 2.4.27 kernel version.
761
762 *hardened-sources-2.4.26-r5 (07 Aug 2004)
763
764 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
765 +hardened-sources-2.4.26-r5.ebuild:
766 Updated to use the new hardened-patches-2.4-26.1 patchball.
767 It adds the following features:
768 - Squashfs
769 - Ebtables
770 - Netdev random (core+drivers)
771 - Watchdog Timer (WDT) fix.
772
773 *hardened-sources-2.4.26-r4 (04 Aug 2004)
774
775 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
776 +hardened-sources-2.4.26-r4.ebuild,
777 +files/2.4.26-CAN-2004-0415.patch,
778 -hardened-sources-2.4.26-3:
779 Version bump, fix for CAN 0415, see bug #59378.
780
781 *hardened-sources-2.4.26-r3 (22 Jul 2004)
782
783 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
784 +hardened-sources-2.4.26-r3.ebuild,
785 +files/2.4.26-CAN-2004-0497.patch,
786 -hardened-sources-2.4.26-r2.ebuild:
787 Version bump, fixed CAN 0497, see bug #56171.
788
789 *hardened-sources-2.4.26-r2 (29 Jun 2004)
790
791 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
792 +hardened-sources-2.4.26-r2.ebuild,
793 +files/2.4.26-CAN-2004-0495.patch,
794 +files/2.4.26-CAN-2004-0535.patch,
795 -hardened-sources-2.4.26-r1.ebuild:
796 Fixes for both CAN 0495 and 0535, see bug #54976
797
798 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
799 hardened-sources-2.4.26-r1.ebuild:
800 QA - fix use invocation
801
802 *hardened-sources-2.4.26-r1 (22 June 2004)
803
804 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
805 +hardened-sources-2.4.26-r1.ebuild,
806 +files/2.4.26-CAN-2004-0394.patch,
807 +files/2.4.26-signal-race.patch,
808 -hardened-sources-2.4.26.ebuild,
809 -hardened-sources-2.4.24-r3.ebuild:
810 Version bump for the CAN-2004-0394 issue and bug #53804
811 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
812
813
814 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
815 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
816 Masked hardened-sources-2.4.26.ebuild broken for ppc
817
818 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
819 hardened-sources-2.4.24-r3.ebuild:
820 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
821
822 *hardened-sources-2.4.26 (29 May 2004)
823
824 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
825 +hardened-sources-2.4.26.ebuild:
826 Updated hardened-sources for the 2.4.26 kernel
827 Removed broken components, updated almost everything.
828
829 *hardened-sources-2.4.24-r3 (17 Apr 2004)
830
831 17 Apr 2004; <plasmaroo@gentoo.org>
832 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
833 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
834 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
835 +hardened-sources-2.4.24-r3.ebuild:
836 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
837 vulnerabilities. Old revisions removed.
838
839 *hardened-sources-2.4.24-r2 (15 Apr 2004)
840
841 15 Apr 2004; <plasmaroo@gentoo.org>
842 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
843 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
844 Version bump for the CAN-2004-0109 issue; bug #47881.
845
846 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
847 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
848 Add eutils to inherit.
849
850 *hardened-sources-2.4.24-r1 (19 Feb 2004)
851
852 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
853 files/hardened-sources-2.4.24.munmap.patch:
854 Added the patch for the mremap/munmap vulnerability. Bug #42024.
855
856 *hardened-sources-2.4.24 (06 Feb 2004)
857
858 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
859 hardened-sources-2.4.24.ebuild:
860 Version bump, updated most of the components.
861 This release includes the following:
862
863 - Hardened security
864 - Netfilter patch-o-matic 20031219
865 - FreeSWAN 2.04 & x509 1.4.8
866 - EVMS 2.2.2
867 - XFS 1.3.1
868 - cryptoloop jari
869 - grsecurity 2.0-rc4
870 - SELinux
871 - PaX 200402060000
872 - PaX Obscurity 200308302223
873 - Others...
874
875 Neither -ck nor systrace are included anymore.
876
877 *hardened-sources-2.4.22-r2 (05 Jan 2004)
878
879 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
880 hardened-sources-2.4.22-r2.ebuild:
881 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
882
883 *hardened-sources-2.4.22-r1 (02 Dec 2003)
884
885 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
886 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
887
888 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
889 hardened-sources-2.4.22-r1.ebuild:
890 Version bump for the 'do_brk' vulnerability.
891
892 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
893 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
894 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
895 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
896 Fix the 'do_brk' vulnerability.
897
898 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
899 hardened-sources-2.4.22.ebuild:
900 - Removed the src_install() portion for SELinux flask
901 components. These are no longer handled in the kernel
902 so this code was not necessary.
903
904 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
905 New 2.4.22 based hardened-sources thanks to
906 Phil West <p.west@computer.org>.
907
908 These sources include:
909 - New SELinux API
910 - Updated CK-base
911 - Updated GRSec
912 - Systrace
913 - SuperFreeS/WAN 1.99.8
914 - Propolice kernel build support
915 - EVMS
916 - Other various security related patches
917
918 *hardened-sources-2.4.21 (14 Sep 2003)
919
920 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
921 Updated hardened-sources based on the 2.4.21 Linux kernel.
922 This includes updates to most major components such as:
923 - ck-base-0306300059
924 - selinux-2.4-2003071106
925 - grsecurity-2.0-rc1
926 - Updated IPTables patch-o-matic
927 - Updated SuperFreeS/WAN
928
929 Thanks to Phil West <pwest@computer.org> for his work in getting this
930 updated patch set ready for the 2.4.21 based kernel.
931
932 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
933 Initial import of hardened-sources-2.4.20-r4. This revision
934 includes only a few changes, but one of these is an important
935 security fix. It is recommended all users of hardened-sources
936 upgrade to this release.
937
938 - ioperm bug fix
939 - fixed compilation failure when building without GRSec
940
941 SAL (Secure Auditing for Linux) is NOT included in this revision
942 due to time constraints, but is planned for inclusion in the near
943 future.
944
945 *hardened-sources-2.4.20-r2 (12 Jun 2003)
946
947 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
948 hardened-sources-2.4.20-r3.ebuild:
949 Add Header...
950
951 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
952 hardened-sources-2.4.20-r3.ebuild:
953 Removed warnings from ebuild. This kernel should be safe to
954 use at this point.
955
956 *hardened-sources-2.4.20-r3 (08 Jun 2003)
957
958 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
959 hardened-sources-2.4.20-r3.ebuild:
960 New revision. Includes the following changes over -r2:
961
962 - ck7-base (O(1), preempt, low latency)
963 - Super FreeS/WAN 1.99.7rc2
964 - PaX for the LSM/SELinux branch
965 - GRSecurity 2.0-pre4 (role based access control)
966 - Systrace 1.3
967 - EXT3 fixes
968 - EVMS 2.0.1
969 - GCC 3.1+ compile optimizations
970 - ProPolice kernel build support
971 - Hashing table security fixes
972
973 *hardened-sources-2.4.20-r1 (09 Apr 2003)
974
975 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
976 Initial import of hardened-sources-r2. This new
977 ebuild includes many new performance and security
978 related patches. As in -r1, it will patch in
979 LSM/SELinux if "selinux" is in USE, otherwise it
980 will patch in GRSecurity. The following patches
981 are included in this revision:
982
983 - O(1) Scheduler, Low Latency, and Preempt
984 (pulled from the base CK patch)
985 - ptrace exploit patch for the LSM kernel
986 (the GRSec patch already fixes this)
987 - LSM 2.4-2003040709
988 - SELinux 2.4-2003040709
989 - Systrace v1.2
990 - IPTables patch-o-matic base patches - 20030107
991 - CryptoAPI 2.4.20.1 w/ loop-jari patch
992 - Super FreeS/WAN 1.99.6.1
993 - GRSecurity 1.9.9g
994 - MPPE
995 - EXT3 data journal fix
996 - CIPE 1.5.4
997
998 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
999 hardened-sources-2.4.20-r1.ebuild, manifest:
1000 Updated to install flask components correctly for selinux.
1001
1002 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1003 hardened-sources-2.4.20-r1.ebuild:
1004 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1005 is patched in instead. Ptrace patches for selinux have also been added. In
1006 either case, systrace support will be patched in as well.
1007
1008 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1009 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1010 Revision bump for new sources.
1011
1012 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1013 hardened-sources-2.4.20-r1.ebuild:
1014 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1015
1016 *hardened-sources-2.4.20 (30 Mar 2003)
1017
1018 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1019 hardened-sources-2.4.20.ebuild:
1020 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20