/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.162 - (show annotations) (download)
Sun Jun 17 17:23:08 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.161: +7 -1 lines
Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the alpha stable KEYWORD by mistake.
(Portage version: 2.1.3_rc3)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.161 2007/06/17 16:53:54 phreak Exp $
4
5 17 Jun 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
7 -hardened-sources-2.6.21-r2.ebuild:
8 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
9 alpha stable KEYWORD by mistake.
10
11 17 Jun 2007; Christian Heim <phreak@gentoo.org>
12 hardened-sources-2.6.20-r5.ebuild:
13 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
14 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
15
16 *hardened-sources-2.6.21-r3 (12 Jun 2007)
17
18 12 Jun 2007; Christian Heim <phreak@gentoo.org>
19 +hardened-sources-2.6.21-r3.ebuild:
20 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
21 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
22 love.
23
24 *hardened-sources-2.6.20-r5 (11 Jun 2007)
25
26 11 Jun 2007; Christian Heim <phreak@gentoo.org>
27 +hardened-sources-2.6.20-r5.ebuild:
28 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
29 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
30 love.
31
32 *hardened-sources-2.4.34.5 (11 Jun 2007)
33
34 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
35 +hardened-sources-2.4.34.5.ebuild:
36 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
37
38 30 May 2007; Christian Heim <phreak@gentoo.org>
39 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
40 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
41 stale ebuild(s).
42
43 30 May 2007; Christian Heim <phreak@gentoo.org>
44 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
45 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
46 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
47 Doing some cleanups, remove stale ebuilds.
48
49 26 May 2007; Christian Heim <phreak@gentoo.org>
50 hardened-sources-2.6.21-r2.ebuild:
51 Fixing the grsecurity patch, had one '};' too much.
52
53 *hardened-sources-2.6.21-r2 (26 May 2007)
54
55 26 May 2007; Christian Heim <phreak@gentoo.org>
56 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
57 +hardened-sources-2.6.21-r2.ebuild:
58 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
59 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
60
61 *hardened-sources-2.6.20-r4 (26 May 2007)
62
63 26 May 2007; Christian Heim <phreak@gentoo.org>
64 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
65 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
66 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
67
68 15 May 2007; Christian Heim <phreak@gentoo.org>
69 hardened-sources-2.6.20-r3.ebuild:
70 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
71 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
72 grsecurity patch fail in that exact same hunk.
73
74 *hardened-sources-2.6.20-r3 (15 May 2007)
75
76 15 May 2007; Christian Heim <phreak@gentoo.org>
77 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
78 Revision bump, incorporating Linux 2.6.20.11.
79
80 *hardened-sources-2.6.21-r1 (11 May 2007)
81
82 11 May 2007; Christian Heim <phreak@gentoo.org>
83 +hardened-sources-2.6.21-r1.ebuild:
84 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
85 mentioned in #177234.
86
87 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
88 files/digest-hardened-sources-2.6.21, Manifest:
89 Fix Manifest/digest for linux-2.6.21.tar.bz2
90
91 06 May 2007; Christian Heim <phreak@gentoo.org>
92 hardened-sources-2.6.21.ebuild:
93 Bumping the hardened-patches version, needed for the fix for #177234.
94
95 *hardened-sources-2.6.21 (02 May 2007)
96
97 02 May 2007; Christian Heim <phreak@gentoo.org>
98 +hardened-sources-2.6.21.ebuild:
99 Version bump, Linux 2.6.21-hardened.
100
101 29 Apr 2007; Christian Heim <phreak@gentoo.org>
102 hardened-sources-2.6.20-r2.ebuild:
103 Adding ~ia64 on Ned's request.
104
105 29 Apr 2007; Christian Heim <phreak@gentoo.org>
106 hardened-sources-2.6.20-r2.ebuild:
107 Fixing the included grsecurity patch, wasn't alligning due to the Index:
108 header line(s).
109
110 29 Apr 2007; Christian Heim <phreak@gentoo.org>
111 hardened-sources-2.6.20-r2.ebuild:
112 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
113
114 *hardened-sources-2.6.20-r2 (10 Apr 2007)
115
116 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
117 +hardened-sources-2.6.20-r2.ebuild:
118 Version bump, on behalf of phreak
119
120 *hardened-sources-2.6.20-r1 (04 Apr 2007)
121
122 04 Apr 2007; Christian Heim <phreak@gentoo.org>
123 +hardened-sources-2.6.20-r1.ebuild:
124 Revision bump, grabbing a newer grsecurity snapshot.
125
126 *hardened-sources-2.6.20 (25 Mar 2007)
127
128 25 Mar 2007; Christian Heim <phreak@gentoo.org>
129 +hardened-sources-2.6.20.ebuild:
130 Finally a hardened-sources version for 2.6.20; many people have been waiting
131 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
132 testbox.
133
134 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
135 hardened-sources-2.6.18-r6.ebuild:
136 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
137
138 *hardened-sources-2.6.18-r6 (16 Mar 2007)
139
140 16 Mar 2007; Christian Heim <phreak@gentoo.org>
141 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
142 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
143 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
144 supposed to be.
145
146 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
147 Fixing the Manifest, the previous one was broken (as in still had the
148 deleted ebuild in it).
149
150 06 Mar 2007; Christian Heim <phreak@gentoo.org>
151 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
152 +hardened-sources-2.6.18-r5.ebuild:
153 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
154 Linux 2.6.18.8. Also cleaning up the older version.
155
156 *hardened-sources-2.6.18-r5 (06 Mar 2007)
157
158 06 Mar 2007; Christian Heim <phreak@gentoo.org>
159 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
160 +hardened-sources-2.6.18-r5.ebuild:
161 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
162 Linux 2.6.18.8. Also cleaning up the older version.
163
164 24 Feb 2007; Christian Heim <phreak@gentoo.org>
165 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
166 -hardened-sources-2.6.19-r5.ebuild:
167 Removing some of the old version, that didn't work.
168
169 *hardened-sources-2.6.19-r6 (12 Feb 2007)
170
171 12 Feb 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.6.19-r6.ebuild:
173 Revision bump, including a new grsec version fixing #166235.
174
175 *hardened-sources-2.4.34 (24 Jan 2007)
176
177 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
178 Manifest:
179 updating Manifest with checksums of new tarball and ebuild
180
181 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
182 +hardened-sources-2.4.34.ebuild:
183 I added new hardened sources 2.4 update, this is a critical path
184 security bugfix - all users of h-s are strongly advised
185 to update their existing hardened sources to this version.
186 It contains a fix for a kernel vulnerability that is pertaining
187 to the PaX changes to virtual memory management, possibly leading
188 to a local kernel exploit ... see grsecurity.net forums and homepage
189
190 23 Jan 2007; Christian Heim <phreak@gentoo.org>
191 files/digest-hardened-sources-2.6.19-r5, Manifest:
192 Fixing the patch-tarball digest.
193
194 *hardened-sources-2.6.19-r5 (23 Jan 2007)
195
196 23 Jan 2007; Christian Heim <phreak@gentoo.org>
197 +hardened-sources-2.6.19-r5.ebuild:
198 Revision bump, closing the recently discovered PaX expand_stack()
199 vulnerability.
200
201 *hardened-sources-2.6.19-r4 (14 Jan 2007)
202
203 14 Jan 2007; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.6.19-r4.ebuild:
205 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
206 dropping the randomized PID feature.
207
208 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
209 hardened-sources-2.4.33.4.ebuild:
210 stable x86, bug #161171
211
212 *hardened-sources-2.6.19-r3 (27 Dec 2006)
213
214 27 Dec 2006; Christian Heim <phreak@gentoo.org>
215 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
216 Revision bump for bug #157186 and #158786.
217
218 *hardened-sources-2.6.18-r4 (27 Dec 2006)
219
220 27 Dec 2006; Christian Heim <phreak@gentoo.org>
221 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
222 Revision bump for bug #157186.
223
224 *hardened-sources-2.6.19-r2 (23 Dec 2006)
225
226 23 Dec 2006; Christian Heim <phreak@gentoo.org>
227 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
228 Revision bump to pull in genpatches-2.6.19-3 for #157186.
229
230 17 Dec 2006; Christian Heim <phreak@gentoo.org>
231 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
232 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
233 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
234 hardened-sources-2.6.19-r1.ebuild:
235 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
236 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
237
238 *hardened-sources-2.4.33.4 (17 Dec 2006)
239
240 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
241 +hardened-sources-2.4.33.4.ebuild:
242 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
243 and quilting
244
245 *hardened-sources-2.6.19-r1 (14 Dec 2006)
246
247 14 Dec 2006; Christian Heim <phreak@gentoo.org>
248 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
249 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
250 for reporting).
251
252 *hardened-sources-2.6.19 (13 Dec 2006)
253
254 13 Dec 2006; Christian Heim <phreak@gentoo.org>
255 +hardened-sources-2.6.19.ebuild:
256 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
257 Brad for providing that prompt update.
258
259 *hardened-sources-2.6.18-r3 (13 Dec 2006)
260
261 13 Dec 2006; Christian Heim <phreak@gentoo.org>
262 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
263 +hardened-sources-2.6.18-r3.ebuild:
264 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
265 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
266
267 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
268 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
269
270 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
271 Stable on ppc wrt bug 157356
272
273 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
274 hardened-sources-2.6.18.ebuild:
275 stable x86, bug #157356
276
277 *hardened-sources-2.6.18-r2 (06 Dec 2006)
278
279 06 Dec 2006; Christian Heim <phreak@gentoo.org>
280 +hardened-sources-2.6.18-r2.ebuild:
281 Revision bump, including 2.6.18.5 (via genpatches) and
282 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
283 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
284 redesign.
285
286 06 Dec 2006; Christian Heim <phreak@gentoo.org>
287 hardened-sources-2.6.18.ebuild:
288 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
289 of Mike Doty).
290
291 *hardened-sources-2.6.18-r1 (23 Nov 2006)
292
293 23 Nov 2006; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.18-r1.ebuild:
295 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
296
297 *hardened-sources-2.6.18 (11 Nov 2006)
298
299 11 Nov 2006; Christian Heim <phreak@gentoo.org>
300 +hardened-sources-2.6.18.ebuild:
301 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
302
303 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
304 - mark amd64 stable also. bug #151877
305
306 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
307 - mark 2.6.17-r1 stable
308
309 27 Aug 2006; Christian Heim <phreak@gentoo.org>
310 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
311 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
312
313 *hardened-sources-2.6.17-r1 (26 Aug 2006)
314
315 26 Aug 2006; Christian Heim <phreak@gentoo.org>
316 +hardened-sources-2.6.17-r1.ebuild:
317 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
318 grsecurity patch.
319
320 *hardened-sources-2.6.17 (17 Aug 2006)
321
322 17 Aug 2006; Christian Heim <phreak@gentoo.org>
323 +hardened-sources-2.6.17.ebuild:
324 Bumping the hardened-sources-2.6 series to 2.6.17, using
325 genpatches-2.6.17-6.base.
326
327 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
328 - stable on x86 and amd64
329
330 *hardened-sources-2.6.16-r11 (15 Jul 2006)
331
332 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
333 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
334 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
335 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
336 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
337 crusty ebuilds
338
339 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
340 hardened-sources-2.6.16-r10.ebuild:
341 marking stable on x86 and amd64
342
343 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
344 - 2.4.32-r6 stable on x86. RSBAC state unknown
345
346 *hardened-sources-2.4.32-r7 (10 Jul 2006)
347
348 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
349 +hardened-sources-2.4.32-r7.ebuild:
350 Bump PaX for RSBAC to test-17
351
352 *hardened-sources-2.6.16-r9 (03 Jul 2006)
353
354 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
355 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
356 hardened-sources-2.6.16 bump to latest -base.
357
358 *hardened-sources-2.4.32-r6 (30 Jun 2006)
359
360 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
361 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
362 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
363 sysctl controlable resource logging
364
365 *hardened-sources-2.6.16-r7 (05 Jun 2006)
366
367 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
368 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
369 push new 2.6.16 release in preparation for stable
370
371 22 May 2006; <solar@gentoo.org> :
372 - redigest bug 134002
373
374 *hardened-sources-2.4.32-r5 (16 May 2006)
375
376 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
377 +hardened-sources-2.4.32-r5.ebuild:
378 Fixes rsbac common patching (new patch in new -r5 patchset)
379
380 *hardened-sources-2.4.32-r4 (13 May 2006)
381
382 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
383 +hardened-sources-2.4.32-r4.ebuild:
384 - security bumps
385
386 *hardened-sources-2.6.16-r6 (03 May 2006)
387
388 03 May 2006; John Mylchreest <johnm@gentoo.org>
389 +hardened-sources-2.6.16-r6.ebuild:
390 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
391
392 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
393 hardened-sources-2.6.14-r8.ebuild:
394 fix x86_64 build problem, this will delay the digest issue again for a short
395 while but it will sort itself out
396
397 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
398 hardened-sources-2.6.14-r8.ebuild:
399 bump hardened patchset
400
401 27 Apr 2006; Alec Warner <antarus@gentoo.org>
402 files/digest-hardened-sources-2.4.32-r2,
403 files/digest-hardened-sources-2.4.32-r3,
404 files/digest-hardened-sources-2.6.14-r8, Manifest:
405 Fixing duff SHA256 digests: Bug # 131293
406
407 *hardened-sources-2.6.16-r5 (27 Apr 2006)
408
409 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
410 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
411 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
412 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
413 cleanup of old uneccessary sources
414
415 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
416 fix digest
417
418 *hardened-sources-2.6.14-r8 (20 Apr 2006)
419
420 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
421 +hardened-sources-2.6.14-r8.ebuild:
422 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
423
424 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
425 Turning on gpg-signing again, and recomitting
426
427 *hardened-sources-2.6.16-r4 (20 Apr 2006)
428
429 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
430 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
431 +hardened-sources-2.6.16-r4.ebuild:
432 Fix numerous security vulns
433
434 *hardened-sources-2.4.32-r3 (16 Apr 2006)
435
436 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
437 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
438 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
439 - security bump for bug #112791. Removed old ebuilds
440
441 *hardened-sources-2.6.16-r3 (15 Apr 2006)
442
443 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
444 +hardened-sources-2.6.16-r3.ebuild:
445 Removing silly localversion which I missed
446
447 *hardened-sources-2.6.14-r7 (14 Apr 2006)
448
449 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
450 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
451 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
452
453 *hardened-sources-2.6.16-r2 (13 Apr 2006)
454
455 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
456 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
457 +hardened-sources-2.6.16-r2.ebuild:
458 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
459 labels, dropping USERGROUP define fixes, since these were merged mainstream.
460
461 *hardened-sources-2.6.16-r1 (11 Apr 2006)
462
463 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
464 +hardened-sources-2.6.16-r1.ebuild:
465 Bumping to include ppc build fix and 2.6.16.3
466
467 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
468 hardened-sources-2.6.14-r6.ebuild:
469 Stable on x86; bug #127718
470
471 *hardened-sources-2.6.16 (31 Mar 2006)
472
473 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
474 +hardened-sources-2.6.16.ebuild:
475 Bumping to new version of grsec, and kernel base. New squashfs. Based on
476 2.6.16.1
477
478 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
479 hardened-sources-2.6.14-r6.ebuild:
480 Stable on amd64, bug 127718.
481
482 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
483 Stable on ppc. Bug #127718
484
485 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
486 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
487 -hardened-sources-2.6.14-r4.ebuild:
488 Cleanup.
489
490 *hardened-sources-2.6.14-r6 (15 Mar 2006)
491
492 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
493 +hardened-sources-2.6.14-r6.ebuild:
494 Fixes grsec policy recreation bug and adds a
495 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
496
497 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
498 - stable on x86
499
500 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
501 hardened-sources-2.6.14-r5.ebuild:
502 Stable on ppc.
503
504 *hardened-sources-2.6.14-r5 (01 Feb 2006)
505
506 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
507 +hardened-sources-2.6.14-r5.ebuild:
508 fixing every known exploit
509
510 *hardened-sources-2.4.32-r2 (26 Jan 2006)
511
512 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
513 +hardened-sources-2.4.32-r2.ebuild:
514 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
515
516 *hardened-sources-2.6.14-r4 (12 Jan 2006)
517
518 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
519 - version bump for new genpatches which fix up a few sec holes
520
521 *hardened-sources-2.4.32-r1 (05 Jan 2006)
522
523 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
524 - revision bump to add misc vital linux kernel security patches.
525
526 *hardened-sources-2.6.14-r3 (30 Dec 2005)
527
528 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
529 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
530 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
531
532 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
533 hardened-sources-2.6.14-r2.ebuild:
534 making x86 & amd64 stable following testing.
535
536 *hardened-sources-2.6.14-r2 (27 Dec 2005)
537
538 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
539 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
540 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
541 network hooks.
542
543 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
544 hardened-sources-2.6.14-r1.ebuild:
545 bumping to stable early for sec fix on x86 & amd64
546
547 *hardened-sources-2.6.14-r1 (05 Dec 2005)
548
549 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
550 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
551 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
552
553 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
554 - stable on x86 security bug #114227 CAN-2005-3257
555
556 *hardened-sources-2.4.32 (19 Nov 2005)
557
558 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
559 +hardened-sources-2.4.32.ebuild:
560 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
561 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
562 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
563 rsbac >> /etc/portage/package.use)
564
565 *hardened-sources-2.6.14 (14 Nov 2005)
566
567 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
568 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
569 Bumping 2.6 series to 2.6.14.2
570
571 *hardened-sources-2.6.13-r2 (20 Oct 2005)
572
573 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
574 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
575 +hardened-sources-2.6.13-r2.ebuild:
576 Fixes minor build error in ppc.
577
578 *hardened-sources-2.6.13-r1 (17 Oct 2005)
579
580 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
581 +hardened-sources-2.6.13-r1.ebuild:
582 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
583 2.6.13.4, fixes some major amd64 stability problems.
584
585 *hardened-sources-2.6.13 (16 Sep 2005)
586
587 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
588 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
589 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
590 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
591 users should test this thoroughly.
592
593 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
594 - stable on x86
595
596 *hardened-sources-2.6.11-r15 (27 Jun 2005)
597
598 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
599 +hardened-sources-2.6.11-r15.ebuild:
600 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
601 grsec redefining curr_ip struct.
602
603 *hardened-sources-2.4.31 (20 Jun 2005)
604
605 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
606 initial import of 2.4.31 tree
607
608 *hardened-sources-2.6.11-r14 (14 Jun 2005)
609
610 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
611 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
612 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
613 naming scheme to abide by genpatches
614
615 *hardened-sources-2.6.11-r13 (18 May 2005)
616
617 18 May 2005; John Mylchreest <johnm@gentoo.org>
618 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
619 Managed to mangle the Makefile patch from grsec, to miss out the grsec
620 target. sorry about that. Fixes bug #93022
621
622 *hardened-sources-2.6.11-r12 (17 May 2005)
623
624 17 May 2005; John Mylchreest <johnm@gentoo.org>
625 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
626 +hardened-sources-2.6.11-r12.ebuild:
627 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
628 merges in genpatches-base
629
630 *hardened-sources-2.6.11-r12 (17 May 2005)
631
632 17 May 2005; John Mylchreest <johnm@gentoo.org>
633 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
634 +hardened-sources-2.6.11-r12.ebuild:
635 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
636 merges in genpatches-base
637
638 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
639 -files/2.4.27-cmdline-race.patch,
640 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
641 -files/2.4.28-grsec-binfmt_a.out.patch,
642 -files/2.4.28-grsec-cmdline-race.patch,
643 -files/2.4.28-selinux-binfmt_a.out.patch,
644 -files/2.4.28-selinux-cmdline-race.patch,
645 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
646 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
647 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
648 cleanup..
649
650 *hardened-sources-2.4.30-r1 (21 Apr 2005)
651
652 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
653 - disable aout by default
654
655 *hardened-sources-2.4.30 (18 Apr 2005)
656
657 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
658 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
659 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
660 use
661
662 *hardened-sources-2.4.29 (30 Mar 2005)
663
664 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
665 +hardened-sources-2.4.29.ebuild:
666 New hardened-patches-2.4-29.0 patchball.
667 Removed SELinux support, upgraded GRSecurity to 2.1.4.
668
669 *hardened-sources-2.4.28-r5 (06 Mar 2005)
670
671 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
672 +hardened-sources-2.4.28-r5.ebuild:
673 Added a fix for a PaX vulnerability.
674
675 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
676 hardened-sources-2.4.28-r4.ebuild:
677 Stable on x86
678
679 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
680 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
681 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
682 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
683 - fixed/added RDEPEND= in all kernel-2 ebuilds
684
685 *hardened-sources-2.4.28-r4 (21 Jan 2005)
686
687 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
688 +hardened-sources-2.4.28-r4.ebuild:
689 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
690 backport of neighbour hash updates.
691
692 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
693 hardened-sources-2.4.28-r3.ebuild:
694 Stable on x86
695
696 *hardened-sources-2.6.10-r3 (20 Jan 2005)
697
698 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
699 +hardened-sources-2.6.10-r3.ebuild:
700 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
701 in 2005.0
702
703 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
704 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
705 hardened-sources-2.4.28-r2.ebuild:
706 Mark stable on x86
707
708 *hardened-sources-2.4.28-r3 (17 Jan 2005)
709
710 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
711 +hardened-sources-2.4.28-r3.ebuild:
712 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
713
714 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715 hardened-sources-2.4.28.ebuild:
716 Mark stable on x86.
717
718 *hardened-sources-2.4.28-r2 (13 Jan 2005)
719
720 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721 +hardened-sources-2.4.28-r2.ebuild:
722 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
723 Mazinger for grsecurity patches as well.
724
725 *hardened-sources-2.4.28-r1 (23 Dec 2004)
726
727 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
728 Security bump. Thank tocharian for rolling a new patchset...
729
730 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
731 +files/2.4.28-grsec-cmdline-race.patch,
732 +files/2.4.28-selinux-binfmt_a.out.patch,
733 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
734 - Round up remaining security patches that appear to be missing in 2.4.28. -
735 PaX standalone updated to current. hgpv=28.1
736
737 *hardened-sources-2.4.28 (28 Nov 2004)
738
739 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
740 security bump. Thank tocharian for rolling a new patchset
741
742 *hardened-sources-2.4.27-r3 (08 Sep 2004)
743
744 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
745 +hardened-sources-2.4.27-r3.ebuild:
746 Applies the new 2.4-27.2 patchball which updates
747 GRSecurity to the 2.0.1 version.
748
749 *hardened-sources-2.4.27-r2 (31 Aug 2004)
750
751 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
752 +hardened-sources-2.4.27-r2.ebuild:
753 Version bump.
754 This version uses the new 2.4-27.1 patchball which updates
755 both the SELinux PaX hooks patch and the SELinux headers.
756
757 *hardened-sources-2.4.27-r1 (09 Aug 2004)
758
759 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
760 +hardened-sources-2.4.27-r1.ebuild,
761 -hardened-sources-2.4.27.ebuild,
762 +files/2.4.27-cmdline-race.patch:
763 Version bump, fix for cmdline race. See bug #59905.
764
765 *hardened-sources-2.4.26-r6 (09 Aug 2004)
766
767 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
768 +hardened-sources-2.4.26-r6.ebuild,
769 -hardened-sources-2.4.26-r5.ebuild,
770 -hardened-sources-2.4.26-r4.ebuild,
771 +files/2.4.26-cmdline-race.patch:
772 Version bump, fix for cmdline race. See bug #59905.
773
774 *hardened-sources-2.4.27 (08 Aug 2004)
775
776 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
777 +hardened-sources-2.4.27.ebuild,
778 +files/2.4.27-CAN-2004-0394.patch:
779 Ported the patchball to the 2.4.27 kernel version.
780
781 *hardened-sources-2.4.26-r5 (07 Aug 2004)
782
783 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
784 +hardened-sources-2.4.26-r5.ebuild:
785 Updated to use the new hardened-patches-2.4-26.1 patchball.
786 It adds the following features:
787 - Squashfs
788 - Ebtables
789 - Netdev random (core+drivers)
790 - Watchdog Timer (WDT) fix.
791
792 *hardened-sources-2.4.26-r4 (04 Aug 2004)
793
794 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
795 +hardened-sources-2.4.26-r4.ebuild,
796 +files/2.4.26-CAN-2004-0415.patch,
797 -hardened-sources-2.4.26-3:
798 Version bump, fix for CAN 0415, see bug #59378.
799
800 *hardened-sources-2.4.26-r3 (22 Jul 2004)
801
802 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
803 +hardened-sources-2.4.26-r3.ebuild,
804 +files/2.4.26-CAN-2004-0497.patch,
805 -hardened-sources-2.4.26-r2.ebuild:
806 Version bump, fixed CAN 0497, see bug #56171.
807
808 *hardened-sources-2.4.26-r2 (29 Jun 2004)
809
810 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
811 +hardened-sources-2.4.26-r2.ebuild,
812 +files/2.4.26-CAN-2004-0495.patch,
813 +files/2.4.26-CAN-2004-0535.patch,
814 -hardened-sources-2.4.26-r1.ebuild:
815 Fixes for both CAN 0495 and 0535, see bug #54976
816
817 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
818 hardened-sources-2.4.26-r1.ebuild:
819 QA - fix use invocation
820
821 *hardened-sources-2.4.26-r1 (22 June 2004)
822
823 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
824 +hardened-sources-2.4.26-r1.ebuild,
825 +files/2.4.26-CAN-2004-0394.patch,
826 +files/2.4.26-signal-race.patch,
827 -hardened-sources-2.4.26.ebuild,
828 -hardened-sources-2.4.24-r3.ebuild:
829 Version bump for the CAN-2004-0394 issue and bug #53804
830 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
831
832
833 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
834 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
835 Masked hardened-sources-2.4.26.ebuild broken for ppc
836
837 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
838 hardened-sources-2.4.24-r3.ebuild:
839 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
840
841 *hardened-sources-2.4.26 (29 May 2004)
842
843 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
844 +hardened-sources-2.4.26.ebuild:
845 Updated hardened-sources for the 2.4.26 kernel
846 Removed broken components, updated almost everything.
847
848 *hardened-sources-2.4.24-r3 (17 Apr 2004)
849
850 17 Apr 2004; <plasmaroo@gentoo.org>
851 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
852 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
853 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
854 +hardened-sources-2.4.24-r3.ebuild:
855 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
856 vulnerabilities. Old revisions removed.
857
858 *hardened-sources-2.4.24-r2 (15 Apr 2004)
859
860 15 Apr 2004; <plasmaroo@gentoo.org>
861 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
862 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
863 Version bump for the CAN-2004-0109 issue; bug #47881.
864
865 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
866 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
867 Add eutils to inherit.
868
869 *hardened-sources-2.4.24-r1 (19 Feb 2004)
870
871 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
872 files/hardened-sources-2.4.24.munmap.patch:
873 Added the patch for the mremap/munmap vulnerability. Bug #42024.
874
875 *hardened-sources-2.4.24 (06 Feb 2004)
876
877 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
878 hardened-sources-2.4.24.ebuild:
879 Version bump, updated most of the components.
880 This release includes the following:
881
882 - Hardened security
883 - Netfilter patch-o-matic 20031219
884 - FreeSWAN 2.04 & x509 1.4.8
885 - EVMS 2.2.2
886 - XFS 1.3.1
887 - cryptoloop jari
888 - grsecurity 2.0-rc4
889 - SELinux
890 - PaX 200402060000
891 - PaX Obscurity 200308302223
892 - Others...
893
894 Neither -ck nor systrace are included anymore.
895
896 *hardened-sources-2.4.22-r2 (05 Jan 2004)
897
898 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
899 hardened-sources-2.4.22-r2.ebuild:
900 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
901
902 *hardened-sources-2.4.22-r1 (02 Dec 2003)
903
904 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
905 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
906
907 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
908 hardened-sources-2.4.22-r1.ebuild:
909 Version bump for the 'do_brk' vulnerability.
910
911 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
912 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
913 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
914 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
915 Fix the 'do_brk' vulnerability.
916
917 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
918 hardened-sources-2.4.22.ebuild:
919 - Removed the src_install() portion for SELinux flask
920 components. These are no longer handled in the kernel
921 so this code was not necessary.
922
923 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
924 New 2.4.22 based hardened-sources thanks to
925 Phil West <p.west@computer.org>.
926
927 These sources include:
928 - New SELinux API
929 - Updated CK-base
930 - Updated GRSec
931 - Systrace
932 - SuperFreeS/WAN 1.99.8
933 - Propolice kernel build support
934 - EVMS
935 - Other various security related patches
936
937 *hardened-sources-2.4.21 (14 Sep 2003)
938
939 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
940 Updated hardened-sources based on the 2.4.21 Linux kernel.
941 This includes updates to most major components such as:
942 - ck-base-0306300059
943 - selinux-2.4-2003071106
944 - grsecurity-2.0-rc1
945 - Updated IPTables patch-o-matic
946 - Updated SuperFreeS/WAN
947
948 Thanks to Phil West <pwest@computer.org> for his work in getting this
949 updated patch set ready for the 2.4.21 based kernel.
950
951 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
952 Initial import of hardened-sources-2.4.20-r4. This revision
953 includes only a few changes, but one of these is an important
954 security fix. It is recommended all users of hardened-sources
955 upgrade to this release.
956
957 - ioperm bug fix
958 - fixed compilation failure when building without GRSec
959
960 SAL (Secure Auditing for Linux) is NOT included in this revision
961 due to time constraints, but is planned for inclusion in the near
962 future.
963
964 *hardened-sources-2.4.20-r2 (12 Jun 2003)
965
966 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
967 hardened-sources-2.4.20-r3.ebuild:
968 Add Header...
969
970 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
971 hardened-sources-2.4.20-r3.ebuild:
972 Removed warnings from ebuild. This kernel should be safe to
973 use at this point.
974
975 *hardened-sources-2.4.20-r3 (08 Jun 2003)
976
977 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
978 hardened-sources-2.4.20-r3.ebuild:
979 New revision. Includes the following changes over -r2:
980
981 - ck7-base (O(1), preempt, low latency)
982 - Super FreeS/WAN 1.99.7rc2
983 - PaX for the LSM/SELinux branch
984 - GRSecurity 2.0-pre4 (role based access control)
985 - Systrace 1.3
986 - EXT3 fixes
987 - EVMS 2.0.1
988 - GCC 3.1+ compile optimizations
989 - ProPolice kernel build support
990 - Hashing table security fixes
991
992 *hardened-sources-2.4.20-r1 (09 Apr 2003)
993
994 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
995 Initial import of hardened-sources-r2. This new
996 ebuild includes many new performance and security
997 related patches. As in -r1, it will patch in
998 LSM/SELinux if "selinux" is in USE, otherwise it
999 will patch in GRSecurity. The following patches
1000 are included in this revision:
1001
1002 - O(1) Scheduler, Low Latency, and Preempt
1003 (pulled from the base CK patch)
1004 - ptrace exploit patch for the LSM kernel
1005 (the GRSec patch already fixes this)
1006 - LSM 2.4-2003040709
1007 - SELinux 2.4-2003040709
1008 - Systrace v1.2
1009 - IPTables patch-o-matic base patches - 20030107
1010 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1011 - Super FreeS/WAN 1.99.6.1
1012 - GRSecurity 1.9.9g
1013 - MPPE
1014 - EXT3 data journal fix
1015 - CIPE 1.5.4
1016
1017 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1018 hardened-sources-2.4.20-r1.ebuild, manifest:
1019 Updated to install flask components correctly for selinux.
1020
1021 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1022 hardened-sources-2.4.20-r1.ebuild:
1023 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1024 is patched in instead. Ptrace patches for selinux have also been added. In
1025 either case, systrace support will be patched in as well.
1026
1027 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1028 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1029 Revision bump for new sources.
1030
1031 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1032 hardened-sources-2.4.20-r1.ebuild:
1033 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1034
1035 *hardened-sources-2.4.20 (30 Mar 2003)
1036
1037 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1038 hardened-sources-2.4.20.ebuild:
1039 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20