/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.163 - (show annotations) (download)
Sun Jul 8 21:09:37 2007 UTC (7 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.162: +7 -1 lines
Revision bump, grabbing yet another stable release.
(Portage version: 2.1.3_rc6)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.162 2007/06/17 17:23:08 phreak Exp $
4
5 *hardened-sources-2.6.20-r6 (08 Jul 2007)
6
7 08 Jul 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.20-r6.ebuild:
9 Revision bump, grabbing yet another stable release.
10
11 17 Jun 2007; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
13 -hardened-sources-2.6.21-r2.ebuild:
14 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
15 alpha stable KEYWORD by mistake.
16
17 17 Jun 2007; Christian Heim <phreak@gentoo.org>
18 hardened-sources-2.6.20-r5.ebuild:
19 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
20 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
21
22 *hardened-sources-2.6.21-r3 (12 Jun 2007)
23
24 12 Jun 2007; Christian Heim <phreak@gentoo.org>
25 +hardened-sources-2.6.21-r3.ebuild:
26 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
27 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
28 love.
29
30 *hardened-sources-2.6.20-r5 (11 Jun 2007)
31
32 11 Jun 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.20-r5.ebuild:
34 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
35 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
36 love.
37
38 *hardened-sources-2.4.34.5 (11 Jun 2007)
39
40 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
41 +hardened-sources-2.4.34.5.ebuild:
42 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
43
44 30 May 2007; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
46 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
47 stale ebuild(s).
48
49 30 May 2007; Christian Heim <phreak@gentoo.org>
50 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
51 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
52 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
53 Doing some cleanups, remove stale ebuilds.
54
55 26 May 2007; Christian Heim <phreak@gentoo.org>
56 hardened-sources-2.6.21-r2.ebuild:
57 Fixing the grsecurity patch, had one '};' too much.
58
59 *hardened-sources-2.6.21-r2 (26 May 2007)
60
61 26 May 2007; Christian Heim <phreak@gentoo.org>
62 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
63 +hardened-sources-2.6.21-r2.ebuild:
64 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
65 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
66
67 *hardened-sources-2.6.20-r4 (26 May 2007)
68
69 26 May 2007; Christian Heim <phreak@gentoo.org>
70 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
71 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
72 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
73
74 15 May 2007; Christian Heim <phreak@gentoo.org>
75 hardened-sources-2.6.20-r3.ebuild:
76 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
77 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
78 grsecurity patch fail in that exact same hunk.
79
80 *hardened-sources-2.6.20-r3 (15 May 2007)
81
82 15 May 2007; Christian Heim <phreak@gentoo.org>
83 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
84 Revision bump, incorporating Linux 2.6.20.11.
85
86 *hardened-sources-2.6.21-r1 (11 May 2007)
87
88 11 May 2007; Christian Heim <phreak@gentoo.org>
89 +hardened-sources-2.6.21-r1.ebuild:
90 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
91 mentioned in #177234.
92
93 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
94 files/digest-hardened-sources-2.6.21, Manifest:
95 Fix Manifest/digest for linux-2.6.21.tar.bz2
96
97 06 May 2007; Christian Heim <phreak@gentoo.org>
98 hardened-sources-2.6.21.ebuild:
99 Bumping the hardened-patches version, needed for the fix for #177234.
100
101 *hardened-sources-2.6.21 (02 May 2007)
102
103 02 May 2007; Christian Heim <phreak@gentoo.org>
104 +hardened-sources-2.6.21.ebuild:
105 Version bump, Linux 2.6.21-hardened.
106
107 29 Apr 2007; Christian Heim <phreak@gentoo.org>
108 hardened-sources-2.6.20-r2.ebuild:
109 Adding ~ia64 on Ned's request.
110
111 29 Apr 2007; Christian Heim <phreak@gentoo.org>
112 hardened-sources-2.6.20-r2.ebuild:
113 Fixing the included grsecurity patch, wasn't alligning due to the Index:
114 header line(s).
115
116 29 Apr 2007; Christian Heim <phreak@gentoo.org>
117 hardened-sources-2.6.20-r2.ebuild:
118 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
119
120 *hardened-sources-2.6.20-r2 (10 Apr 2007)
121
122 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
123 +hardened-sources-2.6.20-r2.ebuild:
124 Version bump, on behalf of phreak
125
126 *hardened-sources-2.6.20-r1 (04 Apr 2007)
127
128 04 Apr 2007; Christian Heim <phreak@gentoo.org>
129 +hardened-sources-2.6.20-r1.ebuild:
130 Revision bump, grabbing a newer grsecurity snapshot.
131
132 *hardened-sources-2.6.20 (25 Mar 2007)
133
134 25 Mar 2007; Christian Heim <phreak@gentoo.org>
135 +hardened-sources-2.6.20.ebuild:
136 Finally a hardened-sources version for 2.6.20; many people have been waiting
137 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
138 testbox.
139
140 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
141 hardened-sources-2.6.18-r6.ebuild:
142 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
143
144 *hardened-sources-2.6.18-r6 (16 Mar 2007)
145
146 16 Mar 2007; Christian Heim <phreak@gentoo.org>
147 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
148 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
149 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
150 supposed to be.
151
152 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
153 Fixing the Manifest, the previous one was broken (as in still had the
154 deleted ebuild in it).
155
156 06 Mar 2007; Christian Heim <phreak@gentoo.org>
157 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
158 +hardened-sources-2.6.18-r5.ebuild:
159 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
160 Linux 2.6.18.8. Also cleaning up the older version.
161
162 *hardened-sources-2.6.18-r5 (06 Mar 2007)
163
164 06 Mar 2007; Christian Heim <phreak@gentoo.org>
165 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
166 +hardened-sources-2.6.18-r5.ebuild:
167 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
168 Linux 2.6.18.8. Also cleaning up the older version.
169
170 24 Feb 2007; Christian Heim <phreak@gentoo.org>
171 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
172 -hardened-sources-2.6.19-r5.ebuild:
173 Removing some of the old version, that didn't work.
174
175 *hardened-sources-2.6.19-r6 (12 Feb 2007)
176
177 12 Feb 2007; Christian Heim <phreak@gentoo.org>
178 +hardened-sources-2.6.19-r6.ebuild:
179 Revision bump, including a new grsec version fixing #166235.
180
181 *hardened-sources-2.4.34 (24 Jan 2007)
182
183 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
184 Manifest:
185 updating Manifest with checksums of new tarball and ebuild
186
187 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
188 +hardened-sources-2.4.34.ebuild:
189 I added new hardened sources 2.4 update, this is a critical path
190 security bugfix - all users of h-s are strongly advised
191 to update their existing hardened sources to this version.
192 It contains a fix for a kernel vulnerability that is pertaining
193 to the PaX changes to virtual memory management, possibly leading
194 to a local kernel exploit ... see grsecurity.net forums and homepage
195
196 23 Jan 2007; Christian Heim <phreak@gentoo.org>
197 files/digest-hardened-sources-2.6.19-r5, Manifest:
198 Fixing the patch-tarball digest.
199
200 *hardened-sources-2.6.19-r5 (23 Jan 2007)
201
202 23 Jan 2007; Christian Heim <phreak@gentoo.org>
203 +hardened-sources-2.6.19-r5.ebuild:
204 Revision bump, closing the recently discovered PaX expand_stack()
205 vulnerability.
206
207 *hardened-sources-2.6.19-r4 (14 Jan 2007)
208
209 14 Jan 2007; Christian Heim <phreak@gentoo.org>
210 +hardened-sources-2.6.19-r4.ebuild:
211 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
212 dropping the randomized PID feature.
213
214 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
215 hardened-sources-2.4.33.4.ebuild:
216 stable x86, bug #161171
217
218 *hardened-sources-2.6.19-r3 (27 Dec 2006)
219
220 27 Dec 2006; Christian Heim <phreak@gentoo.org>
221 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
222 Revision bump for bug #157186 and #158786.
223
224 *hardened-sources-2.6.18-r4 (27 Dec 2006)
225
226 27 Dec 2006; Christian Heim <phreak@gentoo.org>
227 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
228 Revision bump for bug #157186.
229
230 *hardened-sources-2.6.19-r2 (23 Dec 2006)
231
232 23 Dec 2006; Christian Heim <phreak@gentoo.org>
233 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
234 Revision bump to pull in genpatches-2.6.19-3 for #157186.
235
236 17 Dec 2006; Christian Heim <phreak@gentoo.org>
237 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
238 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
239 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
240 hardened-sources-2.6.19-r1.ebuild:
241 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
242 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
243
244 *hardened-sources-2.4.33.4 (17 Dec 2006)
245
246 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
247 +hardened-sources-2.4.33.4.ebuild:
248 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
249 and quilting
250
251 *hardened-sources-2.6.19-r1 (14 Dec 2006)
252
253 14 Dec 2006; Christian Heim <phreak@gentoo.org>
254 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
255 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
256 for reporting).
257
258 *hardened-sources-2.6.19 (13 Dec 2006)
259
260 13 Dec 2006; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.6.19.ebuild:
262 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
263 Brad for providing that prompt update.
264
265 *hardened-sources-2.6.18-r3 (13 Dec 2006)
266
267 13 Dec 2006; Christian Heim <phreak@gentoo.org>
268 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
269 +hardened-sources-2.6.18-r3.ebuild:
270 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
271 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
272
273 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
274 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
275
276 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
277 Stable on ppc wrt bug 157356
278
279 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
280 hardened-sources-2.6.18.ebuild:
281 stable x86, bug #157356
282
283 *hardened-sources-2.6.18-r2 (06 Dec 2006)
284
285 06 Dec 2006; Christian Heim <phreak@gentoo.org>
286 +hardened-sources-2.6.18-r2.ebuild:
287 Revision bump, including 2.6.18.5 (via genpatches) and
288 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
289 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
290 redesign.
291
292 06 Dec 2006; Christian Heim <phreak@gentoo.org>
293 hardened-sources-2.6.18.ebuild:
294 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
295 of Mike Doty).
296
297 *hardened-sources-2.6.18-r1 (23 Nov 2006)
298
299 23 Nov 2006; Christian Heim <phreak@gentoo.org>
300 +hardened-sources-2.6.18-r1.ebuild:
301 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
302
303 *hardened-sources-2.6.18 (11 Nov 2006)
304
305 11 Nov 2006; Christian Heim <phreak@gentoo.org>
306 +hardened-sources-2.6.18.ebuild:
307 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
308
309 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
310 - mark amd64 stable also. bug #151877
311
312 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
313 - mark 2.6.17-r1 stable
314
315 27 Aug 2006; Christian Heim <phreak@gentoo.org>
316 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
317 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
318
319 *hardened-sources-2.6.17-r1 (26 Aug 2006)
320
321 26 Aug 2006; Christian Heim <phreak@gentoo.org>
322 +hardened-sources-2.6.17-r1.ebuild:
323 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
324 grsecurity patch.
325
326 *hardened-sources-2.6.17 (17 Aug 2006)
327
328 17 Aug 2006; Christian Heim <phreak@gentoo.org>
329 +hardened-sources-2.6.17.ebuild:
330 Bumping the hardened-sources-2.6 series to 2.6.17, using
331 genpatches-2.6.17-6.base.
332
333 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
334 - stable on x86 and amd64
335
336 *hardened-sources-2.6.16-r11 (15 Jul 2006)
337
338 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
339 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
340 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
341 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
342 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
343 crusty ebuilds
344
345 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
346 hardened-sources-2.6.16-r10.ebuild:
347 marking stable on x86 and amd64
348
349 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
350 - 2.4.32-r6 stable on x86. RSBAC state unknown
351
352 *hardened-sources-2.4.32-r7 (10 Jul 2006)
353
354 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
355 +hardened-sources-2.4.32-r7.ebuild:
356 Bump PaX for RSBAC to test-17
357
358 *hardened-sources-2.6.16-r9 (03 Jul 2006)
359
360 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
361 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
362 hardened-sources-2.6.16 bump to latest -base.
363
364 *hardened-sources-2.4.32-r6 (30 Jun 2006)
365
366 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
367 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
368 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
369 sysctl controlable resource logging
370
371 *hardened-sources-2.6.16-r7 (05 Jun 2006)
372
373 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
374 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
375 push new 2.6.16 release in preparation for stable
376
377 22 May 2006; <solar@gentoo.org> :
378 - redigest bug 134002
379
380 *hardened-sources-2.4.32-r5 (16 May 2006)
381
382 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
383 +hardened-sources-2.4.32-r5.ebuild:
384 Fixes rsbac common patching (new patch in new -r5 patchset)
385
386 *hardened-sources-2.4.32-r4 (13 May 2006)
387
388 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
389 +hardened-sources-2.4.32-r4.ebuild:
390 - security bumps
391
392 *hardened-sources-2.6.16-r6 (03 May 2006)
393
394 03 May 2006; John Mylchreest <johnm@gentoo.org>
395 +hardened-sources-2.6.16-r6.ebuild:
396 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
397
398 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
399 hardened-sources-2.6.14-r8.ebuild:
400 fix x86_64 build problem, this will delay the digest issue again for a short
401 while but it will sort itself out
402
403 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
404 hardened-sources-2.6.14-r8.ebuild:
405 bump hardened patchset
406
407 27 Apr 2006; Alec Warner <antarus@gentoo.org>
408 files/digest-hardened-sources-2.4.32-r2,
409 files/digest-hardened-sources-2.4.32-r3,
410 files/digest-hardened-sources-2.6.14-r8, Manifest:
411 Fixing duff SHA256 digests: Bug # 131293
412
413 *hardened-sources-2.6.16-r5 (27 Apr 2006)
414
415 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
416 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
417 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
418 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
419 cleanup of old uneccessary sources
420
421 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
422 fix digest
423
424 *hardened-sources-2.6.14-r8 (20 Apr 2006)
425
426 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
427 +hardened-sources-2.6.14-r8.ebuild:
428 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
429
430 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
431 Turning on gpg-signing again, and recomitting
432
433 *hardened-sources-2.6.16-r4 (20 Apr 2006)
434
435 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
436 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
437 +hardened-sources-2.6.16-r4.ebuild:
438 Fix numerous security vulns
439
440 *hardened-sources-2.4.32-r3 (16 Apr 2006)
441
442 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
443 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
444 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
445 - security bump for bug #112791. Removed old ebuilds
446
447 *hardened-sources-2.6.16-r3 (15 Apr 2006)
448
449 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
450 +hardened-sources-2.6.16-r3.ebuild:
451 Removing silly localversion which I missed
452
453 *hardened-sources-2.6.14-r7 (14 Apr 2006)
454
455 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
456 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
457 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
458
459 *hardened-sources-2.6.16-r2 (13 Apr 2006)
460
461 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
462 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
463 +hardened-sources-2.6.16-r2.ebuild:
464 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
465 labels, dropping USERGROUP define fixes, since these were merged mainstream.
466
467 *hardened-sources-2.6.16-r1 (11 Apr 2006)
468
469 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
470 +hardened-sources-2.6.16-r1.ebuild:
471 Bumping to include ppc build fix and 2.6.16.3
472
473 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
474 hardened-sources-2.6.14-r6.ebuild:
475 Stable on x86; bug #127718
476
477 *hardened-sources-2.6.16 (31 Mar 2006)
478
479 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
480 +hardened-sources-2.6.16.ebuild:
481 Bumping to new version of grsec, and kernel base. New squashfs. Based on
482 2.6.16.1
483
484 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
485 hardened-sources-2.6.14-r6.ebuild:
486 Stable on amd64, bug 127718.
487
488 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
489 Stable on ppc. Bug #127718
490
491 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
492 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
493 -hardened-sources-2.6.14-r4.ebuild:
494 Cleanup.
495
496 *hardened-sources-2.6.14-r6 (15 Mar 2006)
497
498 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
499 +hardened-sources-2.6.14-r6.ebuild:
500 Fixes grsec policy recreation bug and adds a
501 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
502
503 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
504 - stable on x86
505
506 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
507 hardened-sources-2.6.14-r5.ebuild:
508 Stable on ppc.
509
510 *hardened-sources-2.6.14-r5 (01 Feb 2006)
511
512 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
513 +hardened-sources-2.6.14-r5.ebuild:
514 fixing every known exploit
515
516 *hardened-sources-2.4.32-r2 (26 Jan 2006)
517
518 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
519 +hardened-sources-2.4.32-r2.ebuild:
520 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
521
522 *hardened-sources-2.6.14-r4 (12 Jan 2006)
523
524 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
525 - version bump for new genpatches which fix up a few sec holes
526
527 *hardened-sources-2.4.32-r1 (05 Jan 2006)
528
529 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
530 - revision bump to add misc vital linux kernel security patches.
531
532 *hardened-sources-2.6.14-r3 (30 Dec 2005)
533
534 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
535 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
536 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
537
538 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
539 hardened-sources-2.6.14-r2.ebuild:
540 making x86 & amd64 stable following testing.
541
542 *hardened-sources-2.6.14-r2 (27 Dec 2005)
543
544 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
545 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
546 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
547 network hooks.
548
549 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
550 hardened-sources-2.6.14-r1.ebuild:
551 bumping to stable early for sec fix on x86 & amd64
552
553 *hardened-sources-2.6.14-r1 (05 Dec 2005)
554
555 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
556 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
557 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
558
559 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
560 - stable on x86 security bug #114227 CAN-2005-3257
561
562 *hardened-sources-2.4.32 (19 Nov 2005)
563
564 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
565 +hardened-sources-2.4.32.ebuild:
566 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
567 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
568 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
569 rsbac >> /etc/portage/package.use)
570
571 *hardened-sources-2.6.14 (14 Nov 2005)
572
573 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
574 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
575 Bumping 2.6 series to 2.6.14.2
576
577 *hardened-sources-2.6.13-r2 (20 Oct 2005)
578
579 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
580 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
581 +hardened-sources-2.6.13-r2.ebuild:
582 Fixes minor build error in ppc.
583
584 *hardened-sources-2.6.13-r1 (17 Oct 2005)
585
586 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
587 +hardened-sources-2.6.13-r1.ebuild:
588 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
589 2.6.13.4, fixes some major amd64 stability problems.
590
591 *hardened-sources-2.6.13 (16 Sep 2005)
592
593 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
594 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
595 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
596 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
597 users should test this thoroughly.
598
599 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
600 - stable on x86
601
602 *hardened-sources-2.6.11-r15 (27 Jun 2005)
603
604 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
605 +hardened-sources-2.6.11-r15.ebuild:
606 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
607 grsec redefining curr_ip struct.
608
609 *hardened-sources-2.4.31 (20 Jun 2005)
610
611 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
612 initial import of 2.4.31 tree
613
614 *hardened-sources-2.6.11-r14 (14 Jun 2005)
615
616 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
617 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
618 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
619 naming scheme to abide by genpatches
620
621 *hardened-sources-2.6.11-r13 (18 May 2005)
622
623 18 May 2005; John Mylchreest <johnm@gentoo.org>
624 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
625 Managed to mangle the Makefile patch from grsec, to miss out the grsec
626 target. sorry about that. Fixes bug #93022
627
628 *hardened-sources-2.6.11-r12 (17 May 2005)
629
630 17 May 2005; John Mylchreest <johnm@gentoo.org>
631 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
632 +hardened-sources-2.6.11-r12.ebuild:
633 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
634 merges in genpatches-base
635
636 *hardened-sources-2.6.11-r12 (17 May 2005)
637
638 17 May 2005; John Mylchreest <johnm@gentoo.org>
639 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
640 +hardened-sources-2.6.11-r12.ebuild:
641 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
642 merges in genpatches-base
643
644 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
645 -files/2.4.27-cmdline-race.patch,
646 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
647 -files/2.4.28-grsec-binfmt_a.out.patch,
648 -files/2.4.28-grsec-cmdline-race.patch,
649 -files/2.4.28-selinux-binfmt_a.out.patch,
650 -files/2.4.28-selinux-cmdline-race.patch,
651 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
652 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
653 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
654 cleanup..
655
656 *hardened-sources-2.4.30-r1 (21 Apr 2005)
657
658 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
659 - disable aout by default
660
661 *hardened-sources-2.4.30 (18 Apr 2005)
662
663 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
664 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
665 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
666 use
667
668 *hardened-sources-2.4.29 (30 Mar 2005)
669
670 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
671 +hardened-sources-2.4.29.ebuild:
672 New hardened-patches-2.4-29.0 patchball.
673 Removed SELinux support, upgraded GRSecurity to 2.1.4.
674
675 *hardened-sources-2.4.28-r5 (06 Mar 2005)
676
677 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
678 +hardened-sources-2.4.28-r5.ebuild:
679 Added a fix for a PaX vulnerability.
680
681 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
682 hardened-sources-2.4.28-r4.ebuild:
683 Stable on x86
684
685 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
686 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
687 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
688 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
689 - fixed/added RDEPEND= in all kernel-2 ebuilds
690
691 *hardened-sources-2.4.28-r4 (21 Jan 2005)
692
693 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
694 +hardened-sources-2.4.28-r4.ebuild:
695 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
696 backport of neighbour hash updates.
697
698 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
699 hardened-sources-2.4.28-r3.ebuild:
700 Stable on x86
701
702 *hardened-sources-2.6.10-r3 (20 Jan 2005)
703
704 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
705 +hardened-sources-2.6.10-r3.ebuild:
706 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
707 in 2005.0
708
709 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
710 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
711 hardened-sources-2.4.28-r2.ebuild:
712 Mark stable on x86
713
714 *hardened-sources-2.4.28-r3 (17 Jan 2005)
715
716 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
717 +hardened-sources-2.4.28-r3.ebuild:
718 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
719
720 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721 hardened-sources-2.4.28.ebuild:
722 Mark stable on x86.
723
724 *hardened-sources-2.4.28-r2 (13 Jan 2005)
725
726 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
727 +hardened-sources-2.4.28-r2.ebuild:
728 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
729 Mazinger for grsecurity patches as well.
730
731 *hardened-sources-2.4.28-r1 (23 Dec 2004)
732
733 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
734 Security bump. Thank tocharian for rolling a new patchset...
735
736 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
737 +files/2.4.28-grsec-cmdline-race.patch,
738 +files/2.4.28-selinux-binfmt_a.out.patch,
739 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
740 - Round up remaining security patches that appear to be missing in 2.4.28. -
741 PaX standalone updated to current. hgpv=28.1
742
743 *hardened-sources-2.4.28 (28 Nov 2004)
744
745 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
746 security bump. Thank tocharian for rolling a new patchset
747
748 *hardened-sources-2.4.27-r3 (08 Sep 2004)
749
750 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
751 +hardened-sources-2.4.27-r3.ebuild:
752 Applies the new 2.4-27.2 patchball which updates
753 GRSecurity to the 2.0.1 version.
754
755 *hardened-sources-2.4.27-r2 (31 Aug 2004)
756
757 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
758 +hardened-sources-2.4.27-r2.ebuild:
759 Version bump.
760 This version uses the new 2.4-27.1 patchball which updates
761 both the SELinux PaX hooks patch and the SELinux headers.
762
763 *hardened-sources-2.4.27-r1 (09 Aug 2004)
764
765 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
766 +hardened-sources-2.4.27-r1.ebuild,
767 -hardened-sources-2.4.27.ebuild,
768 +files/2.4.27-cmdline-race.patch:
769 Version bump, fix for cmdline race. See bug #59905.
770
771 *hardened-sources-2.4.26-r6 (09 Aug 2004)
772
773 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
774 +hardened-sources-2.4.26-r6.ebuild,
775 -hardened-sources-2.4.26-r5.ebuild,
776 -hardened-sources-2.4.26-r4.ebuild,
777 +files/2.4.26-cmdline-race.patch:
778 Version bump, fix for cmdline race. See bug #59905.
779
780 *hardened-sources-2.4.27 (08 Aug 2004)
781
782 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
783 +hardened-sources-2.4.27.ebuild,
784 +files/2.4.27-CAN-2004-0394.patch:
785 Ported the patchball to the 2.4.27 kernel version.
786
787 *hardened-sources-2.4.26-r5 (07 Aug 2004)
788
789 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
790 +hardened-sources-2.4.26-r5.ebuild:
791 Updated to use the new hardened-patches-2.4-26.1 patchball.
792 It adds the following features:
793 - Squashfs
794 - Ebtables
795 - Netdev random (core+drivers)
796 - Watchdog Timer (WDT) fix.
797
798 *hardened-sources-2.4.26-r4 (04 Aug 2004)
799
800 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
801 +hardened-sources-2.4.26-r4.ebuild,
802 +files/2.4.26-CAN-2004-0415.patch,
803 -hardened-sources-2.4.26-3:
804 Version bump, fix for CAN 0415, see bug #59378.
805
806 *hardened-sources-2.4.26-r3 (22 Jul 2004)
807
808 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
809 +hardened-sources-2.4.26-r3.ebuild,
810 +files/2.4.26-CAN-2004-0497.patch,
811 -hardened-sources-2.4.26-r2.ebuild:
812 Version bump, fixed CAN 0497, see bug #56171.
813
814 *hardened-sources-2.4.26-r2 (29 Jun 2004)
815
816 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.26-r2.ebuild,
818 +files/2.4.26-CAN-2004-0495.patch,
819 +files/2.4.26-CAN-2004-0535.patch,
820 -hardened-sources-2.4.26-r1.ebuild:
821 Fixes for both CAN 0495 and 0535, see bug #54976
822
823 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
824 hardened-sources-2.4.26-r1.ebuild:
825 QA - fix use invocation
826
827 *hardened-sources-2.4.26-r1 (22 June 2004)
828
829 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
830 +hardened-sources-2.4.26-r1.ebuild,
831 +files/2.4.26-CAN-2004-0394.patch,
832 +files/2.4.26-signal-race.patch,
833 -hardened-sources-2.4.26.ebuild,
834 -hardened-sources-2.4.24-r3.ebuild:
835 Version bump for the CAN-2004-0394 issue and bug #53804
836 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
837
838
839 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
840 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
841 Masked hardened-sources-2.4.26.ebuild broken for ppc
842
843 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
844 hardened-sources-2.4.24-r3.ebuild:
845 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
846
847 *hardened-sources-2.4.26 (29 May 2004)
848
849 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
850 +hardened-sources-2.4.26.ebuild:
851 Updated hardened-sources for the 2.4.26 kernel
852 Removed broken components, updated almost everything.
853
854 *hardened-sources-2.4.24-r3 (17 Apr 2004)
855
856 17 Apr 2004; <plasmaroo@gentoo.org>
857 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
858 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
859 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
860 +hardened-sources-2.4.24-r3.ebuild:
861 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
862 vulnerabilities. Old revisions removed.
863
864 *hardened-sources-2.4.24-r2 (15 Apr 2004)
865
866 15 Apr 2004; <plasmaroo@gentoo.org>
867 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
868 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
869 Version bump for the CAN-2004-0109 issue; bug #47881.
870
871 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
872 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
873 Add eutils to inherit.
874
875 *hardened-sources-2.4.24-r1 (19 Feb 2004)
876
877 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
878 files/hardened-sources-2.4.24.munmap.patch:
879 Added the patch for the mremap/munmap vulnerability. Bug #42024.
880
881 *hardened-sources-2.4.24 (06 Feb 2004)
882
883 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
884 hardened-sources-2.4.24.ebuild:
885 Version bump, updated most of the components.
886 This release includes the following:
887
888 - Hardened security
889 - Netfilter patch-o-matic 20031219
890 - FreeSWAN 2.04 & x509 1.4.8
891 - EVMS 2.2.2
892 - XFS 1.3.1
893 - cryptoloop jari
894 - grsecurity 2.0-rc4
895 - SELinux
896 - PaX 200402060000
897 - PaX Obscurity 200308302223
898 - Others...
899
900 Neither -ck nor systrace are included anymore.
901
902 *hardened-sources-2.4.22-r2 (05 Jan 2004)
903
904 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
905 hardened-sources-2.4.22-r2.ebuild:
906 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
907
908 *hardened-sources-2.4.22-r1 (02 Dec 2003)
909
910 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
911 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
912
913 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
914 hardened-sources-2.4.22-r1.ebuild:
915 Version bump for the 'do_brk' vulnerability.
916
917 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
918 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
919 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
920 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
921 Fix the 'do_brk' vulnerability.
922
923 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
924 hardened-sources-2.4.22.ebuild:
925 - Removed the src_install() portion for SELinux flask
926 components. These are no longer handled in the kernel
927 so this code was not necessary.
928
929 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
930 New 2.4.22 based hardened-sources thanks to
931 Phil West <p.west@computer.org>.
932
933 These sources include:
934 - New SELinux API
935 - Updated CK-base
936 - Updated GRSec
937 - Systrace
938 - SuperFreeS/WAN 1.99.8
939 - Propolice kernel build support
940 - EVMS
941 - Other various security related patches
942
943 *hardened-sources-2.4.21 (14 Sep 2003)
944
945 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
946 Updated hardened-sources based on the 2.4.21 Linux kernel.
947 This includes updates to most major components such as:
948 - ck-base-0306300059
949 - selinux-2.4-2003071106
950 - grsecurity-2.0-rc1
951 - Updated IPTables patch-o-matic
952 - Updated SuperFreeS/WAN
953
954 Thanks to Phil West <pwest@computer.org> for his work in getting this
955 updated patch set ready for the 2.4.21 based kernel.
956
957 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
958 Initial import of hardened-sources-2.4.20-r4. This revision
959 includes only a few changes, but one of these is an important
960 security fix. It is recommended all users of hardened-sources
961 upgrade to this release.
962
963 - ioperm bug fix
964 - fixed compilation failure when building without GRSec
965
966 SAL (Secure Auditing for Linux) is NOT included in this revision
967 due to time constraints, but is planned for inclusion in the near
968 future.
969
970 *hardened-sources-2.4.20-r2 (12 Jun 2003)
971
972 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
973 hardened-sources-2.4.20-r3.ebuild:
974 Add Header...
975
976 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
977 hardened-sources-2.4.20-r3.ebuild:
978 Removed warnings from ebuild. This kernel should be safe to
979 use at this point.
980
981 *hardened-sources-2.4.20-r3 (08 Jun 2003)
982
983 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
984 hardened-sources-2.4.20-r3.ebuild:
985 New revision. Includes the following changes over -r2:
986
987 - ck7-base (O(1), preempt, low latency)
988 - Super FreeS/WAN 1.99.7rc2
989 - PaX for the LSM/SELinux branch
990 - GRSecurity 2.0-pre4 (role based access control)
991 - Systrace 1.3
992 - EXT3 fixes
993 - EVMS 2.0.1
994 - GCC 3.1+ compile optimizations
995 - ProPolice kernel build support
996 - Hashing table security fixes
997
998 *hardened-sources-2.4.20-r1 (09 Apr 2003)
999
1000 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1001 Initial import of hardened-sources-r2. This new
1002 ebuild includes many new performance and security
1003 related patches. As in -r1, it will patch in
1004 LSM/SELinux if "selinux" is in USE, otherwise it
1005 will patch in GRSecurity. The following patches
1006 are included in this revision:
1007
1008 - O(1) Scheduler, Low Latency, and Preempt
1009 (pulled from the base CK patch)
1010 - ptrace exploit patch for the LSM kernel
1011 (the GRSec patch already fixes this)
1012 - LSM 2.4-2003040709
1013 - SELinux 2.4-2003040709
1014 - Systrace v1.2
1015 - IPTables patch-o-matic base patches - 20030107
1016 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1017 - Super FreeS/WAN 1.99.6.1
1018 - GRSecurity 1.9.9g
1019 - MPPE
1020 - EXT3 data journal fix
1021 - CIPE 1.5.4
1022
1023 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1024 hardened-sources-2.4.20-r1.ebuild, manifest:
1025 Updated to install flask components correctly for selinux.
1026
1027 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1028 hardened-sources-2.4.20-r1.ebuild:
1029 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1030 is patched in instead. Ptrace patches for selinux have also been added. In
1031 either case, systrace support will be patched in as well.
1032
1033 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1034 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1035 Revision bump for new sources.
1036
1037 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1038 hardened-sources-2.4.20-r1.ebuild:
1039 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1040
1041 *hardened-sources-2.4.20 (30 Mar 2003)
1042
1043 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1044 hardened-sources-2.4.20.ebuild:
1045 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20