/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.161 - (show annotations) (download)
Sun Jun 17 16:53:54 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.160: +6 -1 lines
Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
(Portage version: 2.1.3_rc3)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.160 2007/06/12 05:18:07 phreak Exp $
4
5 17 Jun 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.20-r5.ebuild:
7 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
8 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
9
10 *hardened-sources-2.6.21-r3 (12 Jun 2007)
11
12 12 Jun 2007; Christian Heim <phreak@gentoo.org>
13 +hardened-sources-2.6.21-r3.ebuild:
14 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
15 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
16 love.
17
18 *hardened-sources-2.6.20-r5 (11 Jun 2007)
19
20 11 Jun 2007; Christian Heim <phreak@gentoo.org>
21 +hardened-sources-2.6.20-r5.ebuild:
22 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
23 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
24 love.
25
26 *hardened-sources-2.4.34.5 (11 Jun 2007)
27
28 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
29 +hardened-sources-2.4.34.5.ebuild:
30 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
31
32 30 May 2007; Christian Heim <phreak@gentoo.org>
33 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
34 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
35 stale ebuild(s).
36
37 30 May 2007; Christian Heim <phreak@gentoo.org>
38 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
39 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
40 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
41 Doing some cleanups, remove stale ebuilds.
42
43 26 May 2007; Christian Heim <phreak@gentoo.org>
44 hardened-sources-2.6.21-r2.ebuild:
45 Fixing the grsecurity patch, had one '};' too much.
46
47 *hardened-sources-2.6.21-r2 (26 May 2007)
48
49 26 May 2007; Christian Heim <phreak@gentoo.org>
50 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
51 +hardened-sources-2.6.21-r2.ebuild:
52 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
53 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
54
55 *hardened-sources-2.6.20-r4 (26 May 2007)
56
57 26 May 2007; Christian Heim <phreak@gentoo.org>
58 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
59 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
60 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
61
62 15 May 2007; Christian Heim <phreak@gentoo.org>
63 hardened-sources-2.6.20-r3.ebuild:
64 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
65 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
66 grsecurity patch fail in that exact same hunk.
67
68 *hardened-sources-2.6.20-r3 (15 May 2007)
69
70 15 May 2007; Christian Heim <phreak@gentoo.org>
71 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
72 Revision bump, incorporating Linux 2.6.20.11.
73
74 *hardened-sources-2.6.21-r1 (11 May 2007)
75
76 11 May 2007; Christian Heim <phreak@gentoo.org>
77 +hardened-sources-2.6.21-r1.ebuild:
78 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
79 mentioned in #177234.
80
81 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
82 files/digest-hardened-sources-2.6.21, Manifest:
83 Fix Manifest/digest for linux-2.6.21.tar.bz2
84
85 06 May 2007; Christian Heim <phreak@gentoo.org>
86 hardened-sources-2.6.21.ebuild:
87 Bumping the hardened-patches version, needed for the fix for #177234.
88
89 *hardened-sources-2.6.21 (02 May 2007)
90
91 02 May 2007; Christian Heim <phreak@gentoo.org>
92 +hardened-sources-2.6.21.ebuild:
93 Version bump, Linux 2.6.21-hardened.
94
95 29 Apr 2007; Christian Heim <phreak@gentoo.org>
96 hardened-sources-2.6.20-r2.ebuild:
97 Adding ~ia64 on Ned's request.
98
99 29 Apr 2007; Christian Heim <phreak@gentoo.org>
100 hardened-sources-2.6.20-r2.ebuild:
101 Fixing the included grsecurity patch, wasn't alligning due to the Index:
102 header line(s).
103
104 29 Apr 2007; Christian Heim <phreak@gentoo.org>
105 hardened-sources-2.6.20-r2.ebuild:
106 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
107
108 *hardened-sources-2.6.20-r2 (10 Apr 2007)
109
110 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
111 +hardened-sources-2.6.20-r2.ebuild:
112 Version bump, on behalf of phreak
113
114 *hardened-sources-2.6.20-r1 (04 Apr 2007)
115
116 04 Apr 2007; Christian Heim <phreak@gentoo.org>
117 +hardened-sources-2.6.20-r1.ebuild:
118 Revision bump, grabbing a newer grsecurity snapshot.
119
120 *hardened-sources-2.6.20 (25 Mar 2007)
121
122 25 Mar 2007; Christian Heim <phreak@gentoo.org>
123 +hardened-sources-2.6.20.ebuild:
124 Finally a hardened-sources version for 2.6.20; many people have been waiting
125 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
126 testbox.
127
128 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
129 hardened-sources-2.6.18-r6.ebuild:
130 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
131
132 *hardened-sources-2.6.18-r6 (16 Mar 2007)
133
134 16 Mar 2007; Christian Heim <phreak@gentoo.org>
135 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
136 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
137 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
138 supposed to be.
139
140 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
141 Fixing the Manifest, the previous one was broken (as in still had the
142 deleted ebuild in it).
143
144 06 Mar 2007; Christian Heim <phreak@gentoo.org>
145 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
146 +hardened-sources-2.6.18-r5.ebuild:
147 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
148 Linux 2.6.18.8. Also cleaning up the older version.
149
150 *hardened-sources-2.6.18-r5 (06 Mar 2007)
151
152 06 Mar 2007; Christian Heim <phreak@gentoo.org>
153 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
154 +hardened-sources-2.6.18-r5.ebuild:
155 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
156 Linux 2.6.18.8. Also cleaning up the older version.
157
158 24 Feb 2007; Christian Heim <phreak@gentoo.org>
159 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
160 -hardened-sources-2.6.19-r5.ebuild:
161 Removing some of the old version, that didn't work.
162
163 *hardened-sources-2.6.19-r6 (12 Feb 2007)
164
165 12 Feb 2007; Christian Heim <phreak@gentoo.org>
166 +hardened-sources-2.6.19-r6.ebuild:
167 Revision bump, including a new grsec version fixing #166235.
168
169 *hardened-sources-2.4.34 (24 Jan 2007)
170
171 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
172 Manifest:
173 updating Manifest with checksums of new tarball and ebuild
174
175 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
176 +hardened-sources-2.4.34.ebuild:
177 I added new hardened sources 2.4 update, this is a critical path
178 security bugfix - all users of h-s are strongly advised
179 to update their existing hardened sources to this version.
180 It contains a fix for a kernel vulnerability that is pertaining
181 to the PaX changes to virtual memory management, possibly leading
182 to a local kernel exploit ... see grsecurity.net forums and homepage
183
184 23 Jan 2007; Christian Heim <phreak@gentoo.org>
185 files/digest-hardened-sources-2.6.19-r5, Manifest:
186 Fixing the patch-tarball digest.
187
188 *hardened-sources-2.6.19-r5 (23 Jan 2007)
189
190 23 Jan 2007; Christian Heim <phreak@gentoo.org>
191 +hardened-sources-2.6.19-r5.ebuild:
192 Revision bump, closing the recently discovered PaX expand_stack()
193 vulnerability.
194
195 *hardened-sources-2.6.19-r4 (14 Jan 2007)
196
197 14 Jan 2007; Christian Heim <phreak@gentoo.org>
198 +hardened-sources-2.6.19-r4.ebuild:
199 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
200 dropping the randomized PID feature.
201
202 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
203 hardened-sources-2.4.33.4.ebuild:
204 stable x86, bug #161171
205
206 *hardened-sources-2.6.19-r3 (27 Dec 2006)
207
208 27 Dec 2006; Christian Heim <phreak@gentoo.org>
209 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
210 Revision bump for bug #157186 and #158786.
211
212 *hardened-sources-2.6.18-r4 (27 Dec 2006)
213
214 27 Dec 2006; Christian Heim <phreak@gentoo.org>
215 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
216 Revision bump for bug #157186.
217
218 *hardened-sources-2.6.19-r2 (23 Dec 2006)
219
220 23 Dec 2006; Christian Heim <phreak@gentoo.org>
221 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
222 Revision bump to pull in genpatches-2.6.19-3 for #157186.
223
224 17 Dec 2006; Christian Heim <phreak@gentoo.org>
225 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
226 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
227 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
228 hardened-sources-2.6.19-r1.ebuild:
229 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
230 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
231
232 *hardened-sources-2.4.33.4 (17 Dec 2006)
233
234 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
235 +hardened-sources-2.4.33.4.ebuild:
236 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
237 and quilting
238
239 *hardened-sources-2.6.19-r1 (14 Dec 2006)
240
241 14 Dec 2006; Christian Heim <phreak@gentoo.org>
242 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
243 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
244 for reporting).
245
246 *hardened-sources-2.6.19 (13 Dec 2006)
247
248 13 Dec 2006; Christian Heim <phreak@gentoo.org>
249 +hardened-sources-2.6.19.ebuild:
250 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
251 Brad for providing that prompt update.
252
253 *hardened-sources-2.6.18-r3 (13 Dec 2006)
254
255 13 Dec 2006; Christian Heim <phreak@gentoo.org>
256 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
257 +hardened-sources-2.6.18-r3.ebuild:
258 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
259 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
260
261 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
262 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
263
264 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
265 Stable on ppc wrt bug 157356
266
267 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
268 hardened-sources-2.6.18.ebuild:
269 stable x86, bug #157356
270
271 *hardened-sources-2.6.18-r2 (06 Dec 2006)
272
273 06 Dec 2006; Christian Heim <phreak@gentoo.org>
274 +hardened-sources-2.6.18-r2.ebuild:
275 Revision bump, including 2.6.18.5 (via genpatches) and
276 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
277 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
278 redesign.
279
280 06 Dec 2006; Christian Heim <phreak@gentoo.org>
281 hardened-sources-2.6.18.ebuild:
282 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
283 of Mike Doty).
284
285 *hardened-sources-2.6.18-r1 (23 Nov 2006)
286
287 23 Nov 2006; Christian Heim <phreak@gentoo.org>
288 +hardened-sources-2.6.18-r1.ebuild:
289 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
290
291 *hardened-sources-2.6.18 (11 Nov 2006)
292
293 11 Nov 2006; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.18.ebuild:
295 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
296
297 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
298 - mark amd64 stable also. bug #151877
299
300 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
301 - mark 2.6.17-r1 stable
302
303 27 Aug 2006; Christian Heim <phreak@gentoo.org>
304 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
305 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
306
307 *hardened-sources-2.6.17-r1 (26 Aug 2006)
308
309 26 Aug 2006; Christian Heim <phreak@gentoo.org>
310 +hardened-sources-2.6.17-r1.ebuild:
311 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
312 grsecurity patch.
313
314 *hardened-sources-2.6.17 (17 Aug 2006)
315
316 17 Aug 2006; Christian Heim <phreak@gentoo.org>
317 +hardened-sources-2.6.17.ebuild:
318 Bumping the hardened-sources-2.6 series to 2.6.17, using
319 genpatches-2.6.17-6.base.
320
321 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
322 - stable on x86 and amd64
323
324 *hardened-sources-2.6.16-r11 (15 Jul 2006)
325
326 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
327 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
328 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
329 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
330 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
331 crusty ebuilds
332
333 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
334 hardened-sources-2.6.16-r10.ebuild:
335 marking stable on x86 and amd64
336
337 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
338 - 2.4.32-r6 stable on x86. RSBAC state unknown
339
340 *hardened-sources-2.4.32-r7 (10 Jul 2006)
341
342 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
343 +hardened-sources-2.4.32-r7.ebuild:
344 Bump PaX for RSBAC to test-17
345
346 *hardened-sources-2.6.16-r9 (03 Jul 2006)
347
348 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
349 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
350 hardened-sources-2.6.16 bump to latest -base.
351
352 *hardened-sources-2.4.32-r6 (30 Jun 2006)
353
354 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
355 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
356 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
357 sysctl controlable resource logging
358
359 *hardened-sources-2.6.16-r7 (05 Jun 2006)
360
361 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
362 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
363 push new 2.6.16 release in preparation for stable
364
365 22 May 2006; <solar@gentoo.org> :
366 - redigest bug 134002
367
368 *hardened-sources-2.4.32-r5 (16 May 2006)
369
370 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
371 +hardened-sources-2.4.32-r5.ebuild:
372 Fixes rsbac common patching (new patch in new -r5 patchset)
373
374 *hardened-sources-2.4.32-r4 (13 May 2006)
375
376 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
377 +hardened-sources-2.4.32-r4.ebuild:
378 - security bumps
379
380 *hardened-sources-2.6.16-r6 (03 May 2006)
381
382 03 May 2006; John Mylchreest <johnm@gentoo.org>
383 +hardened-sources-2.6.16-r6.ebuild:
384 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
385
386 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
387 hardened-sources-2.6.14-r8.ebuild:
388 fix x86_64 build problem, this will delay the digest issue again for a short
389 while but it will sort itself out
390
391 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
392 hardened-sources-2.6.14-r8.ebuild:
393 bump hardened patchset
394
395 27 Apr 2006; Alec Warner <antarus@gentoo.org>
396 files/digest-hardened-sources-2.4.32-r2,
397 files/digest-hardened-sources-2.4.32-r3,
398 files/digest-hardened-sources-2.6.14-r8, Manifest:
399 Fixing duff SHA256 digests: Bug # 131293
400
401 *hardened-sources-2.6.16-r5 (27 Apr 2006)
402
403 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
404 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
405 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
406 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
407 cleanup of old uneccessary sources
408
409 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
410 fix digest
411
412 *hardened-sources-2.6.14-r8 (20 Apr 2006)
413
414 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
415 +hardened-sources-2.6.14-r8.ebuild:
416 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
417
418 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
419 Turning on gpg-signing again, and recomitting
420
421 *hardened-sources-2.6.16-r4 (20 Apr 2006)
422
423 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
424 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
425 +hardened-sources-2.6.16-r4.ebuild:
426 Fix numerous security vulns
427
428 *hardened-sources-2.4.32-r3 (16 Apr 2006)
429
430 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
431 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
432 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
433 - security bump for bug #112791. Removed old ebuilds
434
435 *hardened-sources-2.6.16-r3 (15 Apr 2006)
436
437 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
438 +hardened-sources-2.6.16-r3.ebuild:
439 Removing silly localversion which I missed
440
441 *hardened-sources-2.6.14-r7 (14 Apr 2006)
442
443 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
444 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
445 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
446
447 *hardened-sources-2.6.16-r2 (13 Apr 2006)
448
449 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
450 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
451 +hardened-sources-2.6.16-r2.ebuild:
452 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
453 labels, dropping USERGROUP define fixes, since these were merged mainstream.
454
455 *hardened-sources-2.6.16-r1 (11 Apr 2006)
456
457 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
458 +hardened-sources-2.6.16-r1.ebuild:
459 Bumping to include ppc build fix and 2.6.16.3
460
461 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
462 hardened-sources-2.6.14-r6.ebuild:
463 Stable on x86; bug #127718
464
465 *hardened-sources-2.6.16 (31 Mar 2006)
466
467 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
468 +hardened-sources-2.6.16.ebuild:
469 Bumping to new version of grsec, and kernel base. New squashfs. Based on
470 2.6.16.1
471
472 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
473 hardened-sources-2.6.14-r6.ebuild:
474 Stable on amd64, bug 127718.
475
476 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
477 Stable on ppc. Bug #127718
478
479 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
480 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
481 -hardened-sources-2.6.14-r4.ebuild:
482 Cleanup.
483
484 *hardened-sources-2.6.14-r6 (15 Mar 2006)
485
486 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
487 +hardened-sources-2.6.14-r6.ebuild:
488 Fixes grsec policy recreation bug and adds a
489 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
490
491 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
492 - stable on x86
493
494 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
495 hardened-sources-2.6.14-r5.ebuild:
496 Stable on ppc.
497
498 *hardened-sources-2.6.14-r5 (01 Feb 2006)
499
500 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
501 +hardened-sources-2.6.14-r5.ebuild:
502 fixing every known exploit
503
504 *hardened-sources-2.4.32-r2 (26 Jan 2006)
505
506 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
507 +hardened-sources-2.4.32-r2.ebuild:
508 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
509
510 *hardened-sources-2.6.14-r4 (12 Jan 2006)
511
512 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
513 - version bump for new genpatches which fix up a few sec holes
514
515 *hardened-sources-2.4.32-r1 (05 Jan 2006)
516
517 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
518 - revision bump to add misc vital linux kernel security patches.
519
520 *hardened-sources-2.6.14-r3 (30 Dec 2005)
521
522 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
523 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
524 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
525
526 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
527 hardened-sources-2.6.14-r2.ebuild:
528 making x86 & amd64 stable following testing.
529
530 *hardened-sources-2.6.14-r2 (27 Dec 2005)
531
532 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
533 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
534 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
535 network hooks.
536
537 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
538 hardened-sources-2.6.14-r1.ebuild:
539 bumping to stable early for sec fix on x86 & amd64
540
541 *hardened-sources-2.6.14-r1 (05 Dec 2005)
542
543 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
544 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
545 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
546
547 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
548 - stable on x86 security bug #114227 CAN-2005-3257
549
550 *hardened-sources-2.4.32 (19 Nov 2005)
551
552 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
553 +hardened-sources-2.4.32.ebuild:
554 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
555 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
556 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
557 rsbac >> /etc/portage/package.use)
558
559 *hardened-sources-2.6.14 (14 Nov 2005)
560
561 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
562 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
563 Bumping 2.6 series to 2.6.14.2
564
565 *hardened-sources-2.6.13-r2 (20 Oct 2005)
566
567 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
568 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
569 +hardened-sources-2.6.13-r2.ebuild:
570 Fixes minor build error in ppc.
571
572 *hardened-sources-2.6.13-r1 (17 Oct 2005)
573
574 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
575 +hardened-sources-2.6.13-r1.ebuild:
576 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
577 2.6.13.4, fixes some major amd64 stability problems.
578
579 *hardened-sources-2.6.13 (16 Sep 2005)
580
581 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
582 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
583 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
584 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
585 users should test this thoroughly.
586
587 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
588 - stable on x86
589
590 *hardened-sources-2.6.11-r15 (27 Jun 2005)
591
592 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
593 +hardened-sources-2.6.11-r15.ebuild:
594 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
595 grsec redefining curr_ip struct.
596
597 *hardened-sources-2.4.31 (20 Jun 2005)
598
599 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
600 initial import of 2.4.31 tree
601
602 *hardened-sources-2.6.11-r14 (14 Jun 2005)
603
604 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
605 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
606 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
607 naming scheme to abide by genpatches
608
609 *hardened-sources-2.6.11-r13 (18 May 2005)
610
611 18 May 2005; John Mylchreest <johnm@gentoo.org>
612 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
613 Managed to mangle the Makefile patch from grsec, to miss out the grsec
614 target. sorry about that. Fixes bug #93022
615
616 *hardened-sources-2.6.11-r12 (17 May 2005)
617
618 17 May 2005; John Mylchreest <johnm@gentoo.org>
619 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
620 +hardened-sources-2.6.11-r12.ebuild:
621 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
622 merges in genpatches-base
623
624 *hardened-sources-2.6.11-r12 (17 May 2005)
625
626 17 May 2005; John Mylchreest <johnm@gentoo.org>
627 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
628 +hardened-sources-2.6.11-r12.ebuild:
629 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
630 merges in genpatches-base
631
632 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
633 -files/2.4.27-cmdline-race.patch,
634 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
635 -files/2.4.28-grsec-binfmt_a.out.patch,
636 -files/2.4.28-grsec-cmdline-race.patch,
637 -files/2.4.28-selinux-binfmt_a.out.patch,
638 -files/2.4.28-selinux-cmdline-race.patch,
639 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
640 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
641 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
642 cleanup..
643
644 *hardened-sources-2.4.30-r1 (21 Apr 2005)
645
646 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
647 - disable aout by default
648
649 *hardened-sources-2.4.30 (18 Apr 2005)
650
651 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
652 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
653 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
654 use
655
656 *hardened-sources-2.4.29 (30 Mar 2005)
657
658 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
659 +hardened-sources-2.4.29.ebuild:
660 New hardened-patches-2.4-29.0 patchball.
661 Removed SELinux support, upgraded GRSecurity to 2.1.4.
662
663 *hardened-sources-2.4.28-r5 (06 Mar 2005)
664
665 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
666 +hardened-sources-2.4.28-r5.ebuild:
667 Added a fix for a PaX vulnerability.
668
669 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
670 hardened-sources-2.4.28-r4.ebuild:
671 Stable on x86
672
673 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
674 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
675 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
676 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
677 - fixed/added RDEPEND= in all kernel-2 ebuilds
678
679 *hardened-sources-2.4.28-r4 (21 Jan 2005)
680
681 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682 +hardened-sources-2.4.28-r4.ebuild:
683 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
684 backport of neighbour hash updates.
685
686 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
687 hardened-sources-2.4.28-r3.ebuild:
688 Stable on x86
689
690 *hardened-sources-2.6.10-r3 (20 Jan 2005)
691
692 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
693 +hardened-sources-2.6.10-r3.ebuild:
694 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
695 in 2005.0
696
697 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
698 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
699 hardened-sources-2.4.28-r2.ebuild:
700 Mark stable on x86
701
702 *hardened-sources-2.4.28-r3 (17 Jan 2005)
703
704 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
705 +hardened-sources-2.4.28-r3.ebuild:
706 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
707
708 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
709 hardened-sources-2.4.28.ebuild:
710 Mark stable on x86.
711
712 *hardened-sources-2.4.28-r2 (13 Jan 2005)
713
714 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715 +hardened-sources-2.4.28-r2.ebuild:
716 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
717 Mazinger for grsecurity patches as well.
718
719 *hardened-sources-2.4.28-r1 (23 Dec 2004)
720
721 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
722 Security bump. Thank tocharian for rolling a new patchset...
723
724 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
725 +files/2.4.28-grsec-cmdline-race.patch,
726 +files/2.4.28-selinux-binfmt_a.out.patch,
727 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
728 - Round up remaining security patches that appear to be missing in 2.4.28. -
729 PaX standalone updated to current. hgpv=28.1
730
731 *hardened-sources-2.4.28 (28 Nov 2004)
732
733 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
734 security bump. Thank tocharian for rolling a new patchset
735
736 *hardened-sources-2.4.27-r3 (08 Sep 2004)
737
738 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
739 +hardened-sources-2.4.27-r3.ebuild:
740 Applies the new 2.4-27.2 patchball which updates
741 GRSecurity to the 2.0.1 version.
742
743 *hardened-sources-2.4.27-r2 (31 Aug 2004)
744
745 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
746 +hardened-sources-2.4.27-r2.ebuild:
747 Version bump.
748 This version uses the new 2.4-27.1 patchball which updates
749 both the SELinux PaX hooks patch and the SELinux headers.
750
751 *hardened-sources-2.4.27-r1 (09 Aug 2004)
752
753 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
754 +hardened-sources-2.4.27-r1.ebuild,
755 -hardened-sources-2.4.27.ebuild,
756 +files/2.4.27-cmdline-race.patch:
757 Version bump, fix for cmdline race. See bug #59905.
758
759 *hardened-sources-2.4.26-r6 (09 Aug 2004)
760
761 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
762 +hardened-sources-2.4.26-r6.ebuild,
763 -hardened-sources-2.4.26-r5.ebuild,
764 -hardened-sources-2.4.26-r4.ebuild,
765 +files/2.4.26-cmdline-race.patch:
766 Version bump, fix for cmdline race. See bug #59905.
767
768 *hardened-sources-2.4.27 (08 Aug 2004)
769
770 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
771 +hardened-sources-2.4.27.ebuild,
772 +files/2.4.27-CAN-2004-0394.patch:
773 Ported the patchball to the 2.4.27 kernel version.
774
775 *hardened-sources-2.4.26-r5 (07 Aug 2004)
776
777 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
778 +hardened-sources-2.4.26-r5.ebuild:
779 Updated to use the new hardened-patches-2.4-26.1 patchball.
780 It adds the following features:
781 - Squashfs
782 - Ebtables
783 - Netdev random (core+drivers)
784 - Watchdog Timer (WDT) fix.
785
786 *hardened-sources-2.4.26-r4 (04 Aug 2004)
787
788 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
789 +hardened-sources-2.4.26-r4.ebuild,
790 +files/2.4.26-CAN-2004-0415.patch,
791 -hardened-sources-2.4.26-3:
792 Version bump, fix for CAN 0415, see bug #59378.
793
794 *hardened-sources-2.4.26-r3 (22 Jul 2004)
795
796 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
797 +hardened-sources-2.4.26-r3.ebuild,
798 +files/2.4.26-CAN-2004-0497.patch,
799 -hardened-sources-2.4.26-r2.ebuild:
800 Version bump, fixed CAN 0497, see bug #56171.
801
802 *hardened-sources-2.4.26-r2 (29 Jun 2004)
803
804 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
805 +hardened-sources-2.4.26-r2.ebuild,
806 +files/2.4.26-CAN-2004-0495.patch,
807 +files/2.4.26-CAN-2004-0535.patch,
808 -hardened-sources-2.4.26-r1.ebuild:
809 Fixes for both CAN 0495 and 0535, see bug #54976
810
811 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
812 hardened-sources-2.4.26-r1.ebuild:
813 QA - fix use invocation
814
815 *hardened-sources-2.4.26-r1 (22 June 2004)
816
817 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
818 +hardened-sources-2.4.26-r1.ebuild,
819 +files/2.4.26-CAN-2004-0394.patch,
820 +files/2.4.26-signal-race.patch,
821 -hardened-sources-2.4.26.ebuild,
822 -hardened-sources-2.4.24-r3.ebuild:
823 Version bump for the CAN-2004-0394 issue and bug #53804
824 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
825
826
827 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
828 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
829 Masked hardened-sources-2.4.26.ebuild broken for ppc
830
831 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
832 hardened-sources-2.4.24-r3.ebuild:
833 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
834
835 *hardened-sources-2.4.26 (29 May 2004)
836
837 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
838 +hardened-sources-2.4.26.ebuild:
839 Updated hardened-sources for the 2.4.26 kernel
840 Removed broken components, updated almost everything.
841
842 *hardened-sources-2.4.24-r3 (17 Apr 2004)
843
844 17 Apr 2004; <plasmaroo@gentoo.org>
845 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
846 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
847 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
848 +hardened-sources-2.4.24-r3.ebuild:
849 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
850 vulnerabilities. Old revisions removed.
851
852 *hardened-sources-2.4.24-r2 (15 Apr 2004)
853
854 15 Apr 2004; <plasmaroo@gentoo.org>
855 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
856 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
857 Version bump for the CAN-2004-0109 issue; bug #47881.
858
859 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
860 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
861 Add eutils to inherit.
862
863 *hardened-sources-2.4.24-r1 (19 Feb 2004)
864
865 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
866 files/hardened-sources-2.4.24.munmap.patch:
867 Added the patch for the mremap/munmap vulnerability. Bug #42024.
868
869 *hardened-sources-2.4.24 (06 Feb 2004)
870
871 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
872 hardened-sources-2.4.24.ebuild:
873 Version bump, updated most of the components.
874 This release includes the following:
875
876 - Hardened security
877 - Netfilter patch-o-matic 20031219
878 - FreeSWAN 2.04 & x509 1.4.8
879 - EVMS 2.2.2
880 - XFS 1.3.1
881 - cryptoloop jari
882 - grsecurity 2.0-rc4
883 - SELinux
884 - PaX 200402060000
885 - PaX Obscurity 200308302223
886 - Others...
887
888 Neither -ck nor systrace are included anymore.
889
890 *hardened-sources-2.4.22-r2 (05 Jan 2004)
891
892 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
893 hardened-sources-2.4.22-r2.ebuild:
894 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
895
896 *hardened-sources-2.4.22-r1 (02 Dec 2003)
897
898 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
899 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
900
901 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
902 hardened-sources-2.4.22-r1.ebuild:
903 Version bump for the 'do_brk' vulnerability.
904
905 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
906 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
907 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
908 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
909 Fix the 'do_brk' vulnerability.
910
911 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
912 hardened-sources-2.4.22.ebuild:
913 - Removed the src_install() portion for SELinux flask
914 components. These are no longer handled in the kernel
915 so this code was not necessary.
916
917 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
918 New 2.4.22 based hardened-sources thanks to
919 Phil West <p.west@computer.org>.
920
921 These sources include:
922 - New SELinux API
923 - Updated CK-base
924 - Updated GRSec
925 - Systrace
926 - SuperFreeS/WAN 1.99.8
927 - Propolice kernel build support
928 - EVMS
929 - Other various security related patches
930
931 *hardened-sources-2.4.21 (14 Sep 2003)
932
933 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
934 Updated hardened-sources based on the 2.4.21 Linux kernel.
935 This includes updates to most major components such as:
936 - ck-base-0306300059
937 - selinux-2.4-2003071106
938 - grsecurity-2.0-rc1
939 - Updated IPTables patch-o-matic
940 - Updated SuperFreeS/WAN
941
942 Thanks to Phil West <pwest@computer.org> for his work in getting this
943 updated patch set ready for the 2.4.21 based kernel.
944
945 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
946 Initial import of hardened-sources-2.4.20-r4. This revision
947 includes only a few changes, but one of these is an important
948 security fix. It is recommended all users of hardened-sources
949 upgrade to this release.
950
951 - ioperm bug fix
952 - fixed compilation failure when building without GRSec
953
954 SAL (Secure Auditing for Linux) is NOT included in this revision
955 due to time constraints, but is planned for inclusion in the near
956 future.
957
958 *hardened-sources-2.4.20-r2 (12 Jun 2003)
959
960 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
961 hardened-sources-2.4.20-r3.ebuild:
962 Add Header...
963
964 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
965 hardened-sources-2.4.20-r3.ebuild:
966 Removed warnings from ebuild. This kernel should be safe to
967 use at this point.
968
969 *hardened-sources-2.4.20-r3 (08 Jun 2003)
970
971 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
972 hardened-sources-2.4.20-r3.ebuild:
973 New revision. Includes the following changes over -r2:
974
975 - ck7-base (O(1), preempt, low latency)
976 - Super FreeS/WAN 1.99.7rc2
977 - PaX for the LSM/SELinux branch
978 - GRSecurity 2.0-pre4 (role based access control)
979 - Systrace 1.3
980 - EXT3 fixes
981 - EVMS 2.0.1
982 - GCC 3.1+ compile optimizations
983 - ProPolice kernel build support
984 - Hashing table security fixes
985
986 *hardened-sources-2.4.20-r1 (09 Apr 2003)
987
988 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
989 Initial import of hardened-sources-r2. This new
990 ebuild includes many new performance and security
991 related patches. As in -r1, it will patch in
992 LSM/SELinux if "selinux" is in USE, otherwise it
993 will patch in GRSecurity. The following patches
994 are included in this revision:
995
996 - O(1) Scheduler, Low Latency, and Preempt
997 (pulled from the base CK patch)
998 - ptrace exploit patch for the LSM kernel
999 (the GRSec patch already fixes this)
1000 - LSM 2.4-2003040709
1001 - SELinux 2.4-2003040709
1002 - Systrace v1.2
1003 - IPTables patch-o-matic base patches - 20030107
1004 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1005 - Super FreeS/WAN 1.99.6.1
1006 - GRSecurity 1.9.9g
1007 - MPPE
1008 - EXT3 data journal fix
1009 - CIPE 1.5.4
1010
1011 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1012 hardened-sources-2.4.20-r1.ebuild, manifest:
1013 Updated to install flask components correctly for selinux.
1014
1015 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1016 hardened-sources-2.4.20-r1.ebuild:
1017 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1018 is patched in instead. Ptrace patches for selinux have also been added. In
1019 either case, systrace support will be patched in as well.
1020
1021 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1022 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1023 Revision bump for new sources.
1024
1025 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1026 hardened-sources-2.4.20-r1.ebuild:
1027 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1028
1029 *hardened-sources-2.4.20 (30 Mar 2003)
1030
1031 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1032 hardened-sources-2.4.20.ebuild:
1033 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20