/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.160 - (show annotations) (download)
Tue Jun 12 05:18:07 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.159: +9 -1 lines
Revision bump for hardened-sources-2.6.21, incorporating various CVE (some of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other love.
(Portage version: 2.1.2.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.159 2007/06/12 05:11:05 phreak Exp $
4
5 *hardened-sources-2.6.21-r3 (12 Jun 2007)
6
7 12 Jun 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.21-r3.ebuild:
9 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
10 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
11 love.
12
13 *hardened-sources-2.6.20-r5 (11 Jun 2007)
14
15 11 Jun 2007; Christian Heim <phreak@gentoo.org>
16 +hardened-sources-2.6.20-r5.ebuild:
17 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
18 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
19 love.
20
21 *hardened-sources-2.4.34.5 (11 Jun 2007)
22
23 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
24 +hardened-sources-2.4.34.5.ebuild:
25 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
26
27 30 May 2007; Christian Heim <phreak@gentoo.org>
28 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
29 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
30 stale ebuild(s).
31
32 30 May 2007; Christian Heim <phreak@gentoo.org>
33 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
34 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
35 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
36 Doing some cleanups, remove stale ebuilds.
37
38 26 May 2007; Christian Heim <phreak@gentoo.org>
39 hardened-sources-2.6.21-r2.ebuild:
40 Fixing the grsecurity patch, had one '};' too much.
41
42 *hardened-sources-2.6.21-r2 (26 May 2007)
43
44 26 May 2007; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
46 +hardened-sources-2.6.21-r2.ebuild:
47 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
48 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
49
50 *hardened-sources-2.6.20-r4 (26 May 2007)
51
52 26 May 2007; Christian Heim <phreak@gentoo.org>
53 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
54 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
55 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
56
57 15 May 2007; Christian Heim <phreak@gentoo.org>
58 hardened-sources-2.6.20-r3.ebuild:
59 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
60 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
61 grsecurity patch fail in that exact same hunk.
62
63 *hardened-sources-2.6.20-r3 (15 May 2007)
64
65 15 May 2007; Christian Heim <phreak@gentoo.org>
66 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
67 Revision bump, incorporating Linux 2.6.20.11.
68
69 *hardened-sources-2.6.21-r1 (11 May 2007)
70
71 11 May 2007; Christian Heim <phreak@gentoo.org>
72 +hardened-sources-2.6.21-r1.ebuild:
73 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
74 mentioned in #177234.
75
76 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
77 files/digest-hardened-sources-2.6.21, Manifest:
78 Fix Manifest/digest for linux-2.6.21.tar.bz2
79
80 06 May 2007; Christian Heim <phreak@gentoo.org>
81 hardened-sources-2.6.21.ebuild:
82 Bumping the hardened-patches version, needed for the fix for #177234.
83
84 *hardened-sources-2.6.21 (02 May 2007)
85
86 02 May 2007; Christian Heim <phreak@gentoo.org>
87 +hardened-sources-2.6.21.ebuild:
88 Version bump, Linux 2.6.21-hardened.
89
90 29 Apr 2007; Christian Heim <phreak@gentoo.org>
91 hardened-sources-2.6.20-r2.ebuild:
92 Adding ~ia64 on Ned's request.
93
94 29 Apr 2007; Christian Heim <phreak@gentoo.org>
95 hardened-sources-2.6.20-r2.ebuild:
96 Fixing the included grsecurity patch, wasn't alligning due to the Index:
97 header line(s).
98
99 29 Apr 2007; Christian Heim <phreak@gentoo.org>
100 hardened-sources-2.6.20-r2.ebuild:
101 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
102
103 *hardened-sources-2.6.20-r2 (10 Apr 2007)
104
105 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
106 +hardened-sources-2.6.20-r2.ebuild:
107 Version bump, on behalf of phreak
108
109 *hardened-sources-2.6.20-r1 (04 Apr 2007)
110
111 04 Apr 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.20-r1.ebuild:
113 Revision bump, grabbing a newer grsecurity snapshot.
114
115 *hardened-sources-2.6.20 (25 Mar 2007)
116
117 25 Mar 2007; Christian Heim <phreak@gentoo.org>
118 +hardened-sources-2.6.20.ebuild:
119 Finally a hardened-sources version for 2.6.20; many people have been waiting
120 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
121 testbox.
122
123 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
124 hardened-sources-2.6.18-r6.ebuild:
125 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
126
127 *hardened-sources-2.6.18-r6 (16 Mar 2007)
128
129 16 Mar 2007; Christian Heim <phreak@gentoo.org>
130 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
131 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
132 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
133 supposed to be.
134
135 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
136 Fixing the Manifest, the previous one was broken (as in still had the
137 deleted ebuild in it).
138
139 06 Mar 2007; Christian Heim <phreak@gentoo.org>
140 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
141 +hardened-sources-2.6.18-r5.ebuild:
142 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
143 Linux 2.6.18.8. Also cleaning up the older version.
144
145 *hardened-sources-2.6.18-r5 (06 Mar 2007)
146
147 06 Mar 2007; Christian Heim <phreak@gentoo.org>
148 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
149 +hardened-sources-2.6.18-r5.ebuild:
150 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
151 Linux 2.6.18.8. Also cleaning up the older version.
152
153 24 Feb 2007; Christian Heim <phreak@gentoo.org>
154 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
155 -hardened-sources-2.6.19-r5.ebuild:
156 Removing some of the old version, that didn't work.
157
158 *hardened-sources-2.6.19-r6 (12 Feb 2007)
159
160 12 Feb 2007; Christian Heim <phreak@gentoo.org>
161 +hardened-sources-2.6.19-r6.ebuild:
162 Revision bump, including a new grsec version fixing #166235.
163
164 *hardened-sources-2.4.34 (24 Jan 2007)
165
166 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
167 Manifest:
168 updating Manifest with checksums of new tarball and ebuild
169
170 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
171 +hardened-sources-2.4.34.ebuild:
172 I added new hardened sources 2.4 update, this is a critical path
173 security bugfix - all users of h-s are strongly advised
174 to update their existing hardened sources to this version.
175 It contains a fix for a kernel vulnerability that is pertaining
176 to the PaX changes to virtual memory management, possibly leading
177 to a local kernel exploit ... see grsecurity.net forums and homepage
178
179 23 Jan 2007; Christian Heim <phreak@gentoo.org>
180 files/digest-hardened-sources-2.6.19-r5, Manifest:
181 Fixing the patch-tarball digest.
182
183 *hardened-sources-2.6.19-r5 (23 Jan 2007)
184
185 23 Jan 2007; Christian Heim <phreak@gentoo.org>
186 +hardened-sources-2.6.19-r5.ebuild:
187 Revision bump, closing the recently discovered PaX expand_stack()
188 vulnerability.
189
190 *hardened-sources-2.6.19-r4 (14 Jan 2007)
191
192 14 Jan 2007; Christian Heim <phreak@gentoo.org>
193 +hardened-sources-2.6.19-r4.ebuild:
194 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
195 dropping the randomized PID feature.
196
197 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
198 hardened-sources-2.4.33.4.ebuild:
199 stable x86, bug #161171
200
201 *hardened-sources-2.6.19-r3 (27 Dec 2006)
202
203 27 Dec 2006; Christian Heim <phreak@gentoo.org>
204 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
205 Revision bump for bug #157186 and #158786.
206
207 *hardened-sources-2.6.18-r4 (27 Dec 2006)
208
209 27 Dec 2006; Christian Heim <phreak@gentoo.org>
210 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
211 Revision bump for bug #157186.
212
213 *hardened-sources-2.6.19-r2 (23 Dec 2006)
214
215 23 Dec 2006; Christian Heim <phreak@gentoo.org>
216 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
217 Revision bump to pull in genpatches-2.6.19-3 for #157186.
218
219 17 Dec 2006; Christian Heim <phreak@gentoo.org>
220 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
221 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
222 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
223 hardened-sources-2.6.19-r1.ebuild:
224 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
225 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
226
227 *hardened-sources-2.4.33.4 (17 Dec 2006)
228
229 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
230 +hardened-sources-2.4.33.4.ebuild:
231 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
232 and quilting
233
234 *hardened-sources-2.6.19-r1 (14 Dec 2006)
235
236 14 Dec 2006; Christian Heim <phreak@gentoo.org>
237 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
238 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
239 for reporting).
240
241 *hardened-sources-2.6.19 (13 Dec 2006)
242
243 13 Dec 2006; Christian Heim <phreak@gentoo.org>
244 +hardened-sources-2.6.19.ebuild:
245 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
246 Brad for providing that prompt update.
247
248 *hardened-sources-2.6.18-r3 (13 Dec 2006)
249
250 13 Dec 2006; Christian Heim <phreak@gentoo.org>
251 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
252 +hardened-sources-2.6.18-r3.ebuild:
253 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
254 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
255
256 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
257 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
258
259 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
260 Stable on ppc wrt bug 157356
261
262 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
263 hardened-sources-2.6.18.ebuild:
264 stable x86, bug #157356
265
266 *hardened-sources-2.6.18-r2 (06 Dec 2006)
267
268 06 Dec 2006; Christian Heim <phreak@gentoo.org>
269 +hardened-sources-2.6.18-r2.ebuild:
270 Revision bump, including 2.6.18.5 (via genpatches) and
271 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
272 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
273 redesign.
274
275 06 Dec 2006; Christian Heim <phreak@gentoo.org>
276 hardened-sources-2.6.18.ebuild:
277 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
278 of Mike Doty).
279
280 *hardened-sources-2.6.18-r1 (23 Nov 2006)
281
282 23 Nov 2006; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.6.18-r1.ebuild:
284 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
285
286 *hardened-sources-2.6.18 (11 Nov 2006)
287
288 11 Nov 2006; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.18.ebuild:
290 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
291
292 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
293 - mark amd64 stable also. bug #151877
294
295 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
296 - mark 2.6.17-r1 stable
297
298 27 Aug 2006; Christian Heim <phreak@gentoo.org>
299 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
300 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
301
302 *hardened-sources-2.6.17-r1 (26 Aug 2006)
303
304 26 Aug 2006; Christian Heim <phreak@gentoo.org>
305 +hardened-sources-2.6.17-r1.ebuild:
306 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
307 grsecurity patch.
308
309 *hardened-sources-2.6.17 (17 Aug 2006)
310
311 17 Aug 2006; Christian Heim <phreak@gentoo.org>
312 +hardened-sources-2.6.17.ebuild:
313 Bumping the hardened-sources-2.6 series to 2.6.17, using
314 genpatches-2.6.17-6.base.
315
316 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
317 - stable on x86 and amd64
318
319 *hardened-sources-2.6.16-r11 (15 Jul 2006)
320
321 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
322 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
323 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
324 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
325 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
326 crusty ebuilds
327
328 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
329 hardened-sources-2.6.16-r10.ebuild:
330 marking stable on x86 and amd64
331
332 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
333 - 2.4.32-r6 stable on x86. RSBAC state unknown
334
335 *hardened-sources-2.4.32-r7 (10 Jul 2006)
336
337 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
338 +hardened-sources-2.4.32-r7.ebuild:
339 Bump PaX for RSBAC to test-17
340
341 *hardened-sources-2.6.16-r9 (03 Jul 2006)
342
343 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
344 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
345 hardened-sources-2.6.16 bump to latest -base.
346
347 *hardened-sources-2.4.32-r6 (30 Jun 2006)
348
349 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
350 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
351 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
352 sysctl controlable resource logging
353
354 *hardened-sources-2.6.16-r7 (05 Jun 2006)
355
356 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
357 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
358 push new 2.6.16 release in preparation for stable
359
360 22 May 2006; <solar@gentoo.org> :
361 - redigest bug 134002
362
363 *hardened-sources-2.4.32-r5 (16 May 2006)
364
365 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
366 +hardened-sources-2.4.32-r5.ebuild:
367 Fixes rsbac common patching (new patch in new -r5 patchset)
368
369 *hardened-sources-2.4.32-r4 (13 May 2006)
370
371 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
372 +hardened-sources-2.4.32-r4.ebuild:
373 - security bumps
374
375 *hardened-sources-2.6.16-r6 (03 May 2006)
376
377 03 May 2006; John Mylchreest <johnm@gentoo.org>
378 +hardened-sources-2.6.16-r6.ebuild:
379 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
380
381 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
382 hardened-sources-2.6.14-r8.ebuild:
383 fix x86_64 build problem, this will delay the digest issue again for a short
384 while but it will sort itself out
385
386 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
387 hardened-sources-2.6.14-r8.ebuild:
388 bump hardened patchset
389
390 27 Apr 2006; Alec Warner <antarus@gentoo.org>
391 files/digest-hardened-sources-2.4.32-r2,
392 files/digest-hardened-sources-2.4.32-r3,
393 files/digest-hardened-sources-2.6.14-r8, Manifest:
394 Fixing duff SHA256 digests: Bug # 131293
395
396 *hardened-sources-2.6.16-r5 (27 Apr 2006)
397
398 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
399 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
400 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
401 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
402 cleanup of old uneccessary sources
403
404 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
405 fix digest
406
407 *hardened-sources-2.6.14-r8 (20 Apr 2006)
408
409 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
410 +hardened-sources-2.6.14-r8.ebuild:
411 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
412
413 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
414 Turning on gpg-signing again, and recomitting
415
416 *hardened-sources-2.6.16-r4 (20 Apr 2006)
417
418 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
419 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
420 +hardened-sources-2.6.16-r4.ebuild:
421 Fix numerous security vulns
422
423 *hardened-sources-2.4.32-r3 (16 Apr 2006)
424
425 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
426 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
427 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
428 - security bump for bug #112791. Removed old ebuilds
429
430 *hardened-sources-2.6.16-r3 (15 Apr 2006)
431
432 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
433 +hardened-sources-2.6.16-r3.ebuild:
434 Removing silly localversion which I missed
435
436 *hardened-sources-2.6.14-r7 (14 Apr 2006)
437
438 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
439 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
440 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
441
442 *hardened-sources-2.6.16-r2 (13 Apr 2006)
443
444 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
445 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
446 +hardened-sources-2.6.16-r2.ebuild:
447 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
448 labels, dropping USERGROUP define fixes, since these were merged mainstream.
449
450 *hardened-sources-2.6.16-r1 (11 Apr 2006)
451
452 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
453 +hardened-sources-2.6.16-r1.ebuild:
454 Bumping to include ppc build fix and 2.6.16.3
455
456 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
457 hardened-sources-2.6.14-r6.ebuild:
458 Stable on x86; bug #127718
459
460 *hardened-sources-2.6.16 (31 Mar 2006)
461
462 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
463 +hardened-sources-2.6.16.ebuild:
464 Bumping to new version of grsec, and kernel base. New squashfs. Based on
465 2.6.16.1
466
467 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
468 hardened-sources-2.6.14-r6.ebuild:
469 Stable on amd64, bug 127718.
470
471 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
472 Stable on ppc. Bug #127718
473
474 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
475 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
476 -hardened-sources-2.6.14-r4.ebuild:
477 Cleanup.
478
479 *hardened-sources-2.6.14-r6 (15 Mar 2006)
480
481 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
482 +hardened-sources-2.6.14-r6.ebuild:
483 Fixes grsec policy recreation bug and adds a
484 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
485
486 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
487 - stable on x86
488
489 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
490 hardened-sources-2.6.14-r5.ebuild:
491 Stable on ppc.
492
493 *hardened-sources-2.6.14-r5 (01 Feb 2006)
494
495 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
496 +hardened-sources-2.6.14-r5.ebuild:
497 fixing every known exploit
498
499 *hardened-sources-2.4.32-r2 (26 Jan 2006)
500
501 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
502 +hardened-sources-2.4.32-r2.ebuild:
503 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
504
505 *hardened-sources-2.6.14-r4 (12 Jan 2006)
506
507 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
508 - version bump for new genpatches which fix up a few sec holes
509
510 *hardened-sources-2.4.32-r1 (05 Jan 2006)
511
512 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
513 - revision bump to add misc vital linux kernel security patches.
514
515 *hardened-sources-2.6.14-r3 (30 Dec 2005)
516
517 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
518 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
519 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
520
521 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
522 hardened-sources-2.6.14-r2.ebuild:
523 making x86 & amd64 stable following testing.
524
525 *hardened-sources-2.6.14-r2 (27 Dec 2005)
526
527 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
528 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
529 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
530 network hooks.
531
532 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
533 hardened-sources-2.6.14-r1.ebuild:
534 bumping to stable early for sec fix on x86 & amd64
535
536 *hardened-sources-2.6.14-r1 (05 Dec 2005)
537
538 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
539 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
540 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
541
542 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
543 - stable on x86 security bug #114227 CAN-2005-3257
544
545 *hardened-sources-2.4.32 (19 Nov 2005)
546
547 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
548 +hardened-sources-2.4.32.ebuild:
549 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
550 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
551 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
552 rsbac >> /etc/portage/package.use)
553
554 *hardened-sources-2.6.14 (14 Nov 2005)
555
556 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
557 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
558 Bumping 2.6 series to 2.6.14.2
559
560 *hardened-sources-2.6.13-r2 (20 Oct 2005)
561
562 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
563 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
564 +hardened-sources-2.6.13-r2.ebuild:
565 Fixes minor build error in ppc.
566
567 *hardened-sources-2.6.13-r1 (17 Oct 2005)
568
569 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
570 +hardened-sources-2.6.13-r1.ebuild:
571 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
572 2.6.13.4, fixes some major amd64 stability problems.
573
574 *hardened-sources-2.6.13 (16 Sep 2005)
575
576 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
577 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
578 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
579 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
580 users should test this thoroughly.
581
582 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
583 - stable on x86
584
585 *hardened-sources-2.6.11-r15 (27 Jun 2005)
586
587 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
588 +hardened-sources-2.6.11-r15.ebuild:
589 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
590 grsec redefining curr_ip struct.
591
592 *hardened-sources-2.4.31 (20 Jun 2005)
593
594 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
595 initial import of 2.4.31 tree
596
597 *hardened-sources-2.6.11-r14 (14 Jun 2005)
598
599 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
600 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
601 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
602 naming scheme to abide by genpatches
603
604 *hardened-sources-2.6.11-r13 (18 May 2005)
605
606 18 May 2005; John Mylchreest <johnm@gentoo.org>
607 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
608 Managed to mangle the Makefile patch from grsec, to miss out the grsec
609 target. sorry about that. Fixes bug #93022
610
611 *hardened-sources-2.6.11-r12 (17 May 2005)
612
613 17 May 2005; John Mylchreest <johnm@gentoo.org>
614 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
615 +hardened-sources-2.6.11-r12.ebuild:
616 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
617 merges in genpatches-base
618
619 *hardened-sources-2.6.11-r12 (17 May 2005)
620
621 17 May 2005; John Mylchreest <johnm@gentoo.org>
622 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
623 +hardened-sources-2.6.11-r12.ebuild:
624 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
625 merges in genpatches-base
626
627 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
628 -files/2.4.27-cmdline-race.patch,
629 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
630 -files/2.4.28-grsec-binfmt_a.out.patch,
631 -files/2.4.28-grsec-cmdline-race.patch,
632 -files/2.4.28-selinux-binfmt_a.out.patch,
633 -files/2.4.28-selinux-cmdline-race.patch,
634 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
635 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
636 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
637 cleanup..
638
639 *hardened-sources-2.4.30-r1 (21 Apr 2005)
640
641 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
642 - disable aout by default
643
644 *hardened-sources-2.4.30 (18 Apr 2005)
645
646 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
647 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
648 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
649 use
650
651 *hardened-sources-2.4.29 (30 Mar 2005)
652
653 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
654 +hardened-sources-2.4.29.ebuild:
655 New hardened-patches-2.4-29.0 patchball.
656 Removed SELinux support, upgraded GRSecurity to 2.1.4.
657
658 *hardened-sources-2.4.28-r5 (06 Mar 2005)
659
660 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
661 +hardened-sources-2.4.28-r5.ebuild:
662 Added a fix for a PaX vulnerability.
663
664 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
665 hardened-sources-2.4.28-r4.ebuild:
666 Stable on x86
667
668 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
669 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
670 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
671 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
672 - fixed/added RDEPEND= in all kernel-2 ebuilds
673
674 *hardened-sources-2.4.28-r4 (21 Jan 2005)
675
676 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
677 +hardened-sources-2.4.28-r4.ebuild:
678 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
679 backport of neighbour hash updates.
680
681 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682 hardened-sources-2.4.28-r3.ebuild:
683 Stable on x86
684
685 *hardened-sources-2.6.10-r3 (20 Jan 2005)
686
687 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
688 +hardened-sources-2.6.10-r3.ebuild:
689 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
690 in 2005.0
691
692 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
693 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
694 hardened-sources-2.4.28-r2.ebuild:
695 Mark stable on x86
696
697 *hardened-sources-2.4.28-r3 (17 Jan 2005)
698
699 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
700 +hardened-sources-2.4.28-r3.ebuild:
701 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
702
703 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
704 hardened-sources-2.4.28.ebuild:
705 Mark stable on x86.
706
707 *hardened-sources-2.4.28-r2 (13 Jan 2005)
708
709 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
710 +hardened-sources-2.4.28-r2.ebuild:
711 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
712 Mazinger for grsecurity patches as well.
713
714 *hardened-sources-2.4.28-r1 (23 Dec 2004)
715
716 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
717 Security bump. Thank tocharian for rolling a new patchset...
718
719 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
720 +files/2.4.28-grsec-cmdline-race.patch,
721 +files/2.4.28-selinux-binfmt_a.out.patch,
722 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
723 - Round up remaining security patches that appear to be missing in 2.4.28. -
724 PaX standalone updated to current. hgpv=28.1
725
726 *hardened-sources-2.4.28 (28 Nov 2004)
727
728 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
729 security bump. Thank tocharian for rolling a new patchset
730
731 *hardened-sources-2.4.27-r3 (08 Sep 2004)
732
733 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
734 +hardened-sources-2.4.27-r3.ebuild:
735 Applies the new 2.4-27.2 patchball which updates
736 GRSecurity to the 2.0.1 version.
737
738 *hardened-sources-2.4.27-r2 (31 Aug 2004)
739
740 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
741 +hardened-sources-2.4.27-r2.ebuild:
742 Version bump.
743 This version uses the new 2.4-27.1 patchball which updates
744 both the SELinux PaX hooks patch and the SELinux headers.
745
746 *hardened-sources-2.4.27-r1 (09 Aug 2004)
747
748 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
749 +hardened-sources-2.4.27-r1.ebuild,
750 -hardened-sources-2.4.27.ebuild,
751 +files/2.4.27-cmdline-race.patch:
752 Version bump, fix for cmdline race. See bug #59905.
753
754 *hardened-sources-2.4.26-r6 (09 Aug 2004)
755
756 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
757 +hardened-sources-2.4.26-r6.ebuild,
758 -hardened-sources-2.4.26-r5.ebuild,
759 -hardened-sources-2.4.26-r4.ebuild,
760 +files/2.4.26-cmdline-race.patch:
761 Version bump, fix for cmdline race. See bug #59905.
762
763 *hardened-sources-2.4.27 (08 Aug 2004)
764
765 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
766 +hardened-sources-2.4.27.ebuild,
767 +files/2.4.27-CAN-2004-0394.patch:
768 Ported the patchball to the 2.4.27 kernel version.
769
770 *hardened-sources-2.4.26-r5 (07 Aug 2004)
771
772 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
773 +hardened-sources-2.4.26-r5.ebuild:
774 Updated to use the new hardened-patches-2.4-26.1 patchball.
775 It adds the following features:
776 - Squashfs
777 - Ebtables
778 - Netdev random (core+drivers)
779 - Watchdog Timer (WDT) fix.
780
781 *hardened-sources-2.4.26-r4 (04 Aug 2004)
782
783 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
784 +hardened-sources-2.4.26-r4.ebuild,
785 +files/2.4.26-CAN-2004-0415.patch,
786 -hardened-sources-2.4.26-3:
787 Version bump, fix for CAN 0415, see bug #59378.
788
789 *hardened-sources-2.4.26-r3 (22 Jul 2004)
790
791 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
792 +hardened-sources-2.4.26-r3.ebuild,
793 +files/2.4.26-CAN-2004-0497.patch,
794 -hardened-sources-2.4.26-r2.ebuild:
795 Version bump, fixed CAN 0497, see bug #56171.
796
797 *hardened-sources-2.4.26-r2 (29 Jun 2004)
798
799 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
800 +hardened-sources-2.4.26-r2.ebuild,
801 +files/2.4.26-CAN-2004-0495.patch,
802 +files/2.4.26-CAN-2004-0535.patch,
803 -hardened-sources-2.4.26-r1.ebuild:
804 Fixes for both CAN 0495 and 0535, see bug #54976
805
806 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
807 hardened-sources-2.4.26-r1.ebuild:
808 QA - fix use invocation
809
810 *hardened-sources-2.4.26-r1 (22 June 2004)
811
812 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
813 +hardened-sources-2.4.26-r1.ebuild,
814 +files/2.4.26-CAN-2004-0394.patch,
815 +files/2.4.26-signal-race.patch,
816 -hardened-sources-2.4.26.ebuild,
817 -hardened-sources-2.4.24-r3.ebuild:
818 Version bump for the CAN-2004-0394 issue and bug #53804
819 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
820
821
822 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
823 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
824 Masked hardened-sources-2.4.26.ebuild broken for ppc
825
826 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
827 hardened-sources-2.4.24-r3.ebuild:
828 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
829
830 *hardened-sources-2.4.26 (29 May 2004)
831
832 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
833 +hardened-sources-2.4.26.ebuild:
834 Updated hardened-sources for the 2.4.26 kernel
835 Removed broken components, updated almost everything.
836
837 *hardened-sources-2.4.24-r3 (17 Apr 2004)
838
839 17 Apr 2004; <plasmaroo@gentoo.org>
840 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
841 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
842 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
843 +hardened-sources-2.4.24-r3.ebuild:
844 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
845 vulnerabilities. Old revisions removed.
846
847 *hardened-sources-2.4.24-r2 (15 Apr 2004)
848
849 15 Apr 2004; <plasmaroo@gentoo.org>
850 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
851 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
852 Version bump for the CAN-2004-0109 issue; bug #47881.
853
854 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
855 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
856 Add eutils to inherit.
857
858 *hardened-sources-2.4.24-r1 (19 Feb 2004)
859
860 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
861 files/hardened-sources-2.4.24.munmap.patch:
862 Added the patch for the mremap/munmap vulnerability. Bug #42024.
863
864 *hardened-sources-2.4.24 (06 Feb 2004)
865
866 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
867 hardened-sources-2.4.24.ebuild:
868 Version bump, updated most of the components.
869 This release includes the following:
870
871 - Hardened security
872 - Netfilter patch-o-matic 20031219
873 - FreeSWAN 2.04 & x509 1.4.8
874 - EVMS 2.2.2
875 - XFS 1.3.1
876 - cryptoloop jari
877 - grsecurity 2.0-rc4
878 - SELinux
879 - PaX 200402060000
880 - PaX Obscurity 200308302223
881 - Others...
882
883 Neither -ck nor systrace are included anymore.
884
885 *hardened-sources-2.4.22-r2 (05 Jan 2004)
886
887 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
888 hardened-sources-2.4.22-r2.ebuild:
889 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
890
891 *hardened-sources-2.4.22-r1 (02 Dec 2003)
892
893 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
894 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
895
896 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
897 hardened-sources-2.4.22-r1.ebuild:
898 Version bump for the 'do_brk' vulnerability.
899
900 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
901 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
902 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
903 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
904 Fix the 'do_brk' vulnerability.
905
906 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
907 hardened-sources-2.4.22.ebuild:
908 - Removed the src_install() portion for SELinux flask
909 components. These are no longer handled in the kernel
910 so this code was not necessary.
911
912 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
913 New 2.4.22 based hardened-sources thanks to
914 Phil West <p.west@computer.org>.
915
916 These sources include:
917 - New SELinux API
918 - Updated CK-base
919 - Updated GRSec
920 - Systrace
921 - SuperFreeS/WAN 1.99.8
922 - Propolice kernel build support
923 - EVMS
924 - Other various security related patches
925
926 *hardened-sources-2.4.21 (14 Sep 2003)
927
928 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
929 Updated hardened-sources based on the 2.4.21 Linux kernel.
930 This includes updates to most major components such as:
931 - ck-base-0306300059
932 - selinux-2.4-2003071106
933 - grsecurity-2.0-rc1
934 - Updated IPTables patch-o-matic
935 - Updated SuperFreeS/WAN
936
937 Thanks to Phil West <pwest@computer.org> for his work in getting this
938 updated patch set ready for the 2.4.21 based kernel.
939
940 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
941 Initial import of hardened-sources-2.4.20-r4. This revision
942 includes only a few changes, but one of these is an important
943 security fix. It is recommended all users of hardened-sources
944 upgrade to this release.
945
946 - ioperm bug fix
947 - fixed compilation failure when building without GRSec
948
949 SAL (Secure Auditing for Linux) is NOT included in this revision
950 due to time constraints, but is planned for inclusion in the near
951 future.
952
953 *hardened-sources-2.4.20-r2 (12 Jun 2003)
954
955 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
956 hardened-sources-2.4.20-r3.ebuild:
957 Add Header...
958
959 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
960 hardened-sources-2.4.20-r3.ebuild:
961 Removed warnings from ebuild. This kernel should be safe to
962 use at this point.
963
964 *hardened-sources-2.4.20-r3 (08 Jun 2003)
965
966 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
967 hardened-sources-2.4.20-r3.ebuild:
968 New revision. Includes the following changes over -r2:
969
970 - ck7-base (O(1), preempt, low latency)
971 - Super FreeS/WAN 1.99.7rc2
972 - PaX for the LSM/SELinux branch
973 - GRSecurity 2.0-pre4 (role based access control)
974 - Systrace 1.3
975 - EXT3 fixes
976 - EVMS 2.0.1
977 - GCC 3.1+ compile optimizations
978 - ProPolice kernel build support
979 - Hashing table security fixes
980
981 *hardened-sources-2.4.20-r1 (09 Apr 2003)
982
983 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
984 Initial import of hardened-sources-r2. This new
985 ebuild includes many new performance and security
986 related patches. As in -r1, it will patch in
987 LSM/SELinux if "selinux" is in USE, otherwise it
988 will patch in GRSecurity. The following patches
989 are included in this revision:
990
991 - O(1) Scheduler, Low Latency, and Preempt
992 (pulled from the base CK patch)
993 - ptrace exploit patch for the LSM kernel
994 (the GRSec patch already fixes this)
995 - LSM 2.4-2003040709
996 - SELinux 2.4-2003040709
997 - Systrace v1.2
998 - IPTables patch-o-matic base patches - 20030107
999 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1000 - Super FreeS/WAN 1.99.6.1
1001 - GRSecurity 1.9.9g
1002 - MPPE
1003 - EXT3 data journal fix
1004 - CIPE 1.5.4
1005
1006 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1007 hardened-sources-2.4.20-r1.ebuild, manifest:
1008 Updated to install flask components correctly for selinux.
1009
1010 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1011 hardened-sources-2.4.20-r1.ebuild:
1012 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1013 is patched in instead. Ptrace patches for selinux have also been added. In
1014 either case, systrace support will be patched in as well.
1015
1016 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1017 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1018 Revision bump for new sources.
1019
1020 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1021 hardened-sources-2.4.20-r1.ebuild:
1022 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1023
1024 *hardened-sources-2.4.20 (30 Mar 2003)
1025
1026 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1027 hardened-sources-2.4.20.ebuild:
1028 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20