/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.165 - (show annotations) (download)
Tue Jul 10 19:50:04 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.164: +5 -1 lines
Marking hardened-sources-2.6.20-r5 stable on ppc.
(Portage version: 2.1.3_rc7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.164 2007/07/10 19:48:09 phreak Exp $
4
5 10 Jul 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.20-r5.ebuild:
7 Marking hardened-sources-2.6.20-r5 stable on ppc.
8
9 10 Jul 2007; Christian Heim <phreak@gentoo.org>
10 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
11 Cleanup.
12
13 *hardened-sources-2.6.20-r6 (08 Jul 2007)
14
15 08 Jul 2007; Christian Heim <phreak@gentoo.org>
16 +hardened-sources-2.6.20-r6.ebuild:
17 Revision bump, grabbing yet another stable release.
18
19 17 Jun 2007; Christian Heim <phreak@gentoo.org>
20 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
21 -hardened-sources-2.6.21-r2.ebuild:
22 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
23 alpha stable KEYWORD by mistake.
24
25 17 Jun 2007; Christian Heim <phreak@gentoo.org>
26 hardened-sources-2.6.20-r5.ebuild:
27 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
28 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
29
30 *hardened-sources-2.6.21-r3 (12 Jun 2007)
31
32 12 Jun 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.21-r3.ebuild:
34 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
35 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
36 love.
37
38 *hardened-sources-2.6.20-r5 (11 Jun 2007)
39
40 11 Jun 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.20-r5.ebuild:
42 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
43 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
44 love.
45
46 *hardened-sources-2.4.34.5 (11 Jun 2007)
47
48 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
49 +hardened-sources-2.4.34.5.ebuild:
50 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
51
52 30 May 2007; Christian Heim <phreak@gentoo.org>
53 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
54 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
55 stale ebuild(s).
56
57 30 May 2007; Christian Heim <phreak@gentoo.org>
58 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
59 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
60 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
61 Doing some cleanups, remove stale ebuilds.
62
63 26 May 2007; Christian Heim <phreak@gentoo.org>
64 hardened-sources-2.6.21-r2.ebuild:
65 Fixing the grsecurity patch, had one '};' too much.
66
67 *hardened-sources-2.6.21-r2 (26 May 2007)
68
69 26 May 2007; Christian Heim <phreak@gentoo.org>
70 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
71 +hardened-sources-2.6.21-r2.ebuild:
72 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
73 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
74
75 *hardened-sources-2.6.20-r4 (26 May 2007)
76
77 26 May 2007; Christian Heim <phreak@gentoo.org>
78 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
79 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
80 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
81
82 15 May 2007; Christian Heim <phreak@gentoo.org>
83 hardened-sources-2.6.20-r3.ebuild:
84 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
85 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
86 grsecurity patch fail in that exact same hunk.
87
88 *hardened-sources-2.6.20-r3 (15 May 2007)
89
90 15 May 2007; Christian Heim <phreak@gentoo.org>
91 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
92 Revision bump, incorporating Linux 2.6.20.11.
93
94 *hardened-sources-2.6.21-r1 (11 May 2007)
95
96 11 May 2007; Christian Heim <phreak@gentoo.org>
97 +hardened-sources-2.6.21-r1.ebuild:
98 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
99 mentioned in #177234.
100
101 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
102 files/digest-hardened-sources-2.6.21, Manifest:
103 Fix Manifest/digest for linux-2.6.21.tar.bz2
104
105 06 May 2007; Christian Heim <phreak@gentoo.org>
106 hardened-sources-2.6.21.ebuild:
107 Bumping the hardened-patches version, needed for the fix for #177234.
108
109 *hardened-sources-2.6.21 (02 May 2007)
110
111 02 May 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.21.ebuild:
113 Version bump, Linux 2.6.21-hardened.
114
115 29 Apr 2007; Christian Heim <phreak@gentoo.org>
116 hardened-sources-2.6.20-r2.ebuild:
117 Adding ~ia64 on Ned's request.
118
119 29 Apr 2007; Christian Heim <phreak@gentoo.org>
120 hardened-sources-2.6.20-r2.ebuild:
121 Fixing the included grsecurity patch, wasn't alligning due to the Index:
122 header line(s).
123
124 29 Apr 2007; Christian Heim <phreak@gentoo.org>
125 hardened-sources-2.6.20-r2.ebuild:
126 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
127
128 *hardened-sources-2.6.20-r2 (10 Apr 2007)
129
130 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
131 +hardened-sources-2.6.20-r2.ebuild:
132 Version bump, on behalf of phreak
133
134 *hardened-sources-2.6.20-r1 (04 Apr 2007)
135
136 04 Apr 2007; Christian Heim <phreak@gentoo.org>
137 +hardened-sources-2.6.20-r1.ebuild:
138 Revision bump, grabbing a newer grsecurity snapshot.
139
140 *hardened-sources-2.6.20 (25 Mar 2007)
141
142 25 Mar 2007; Christian Heim <phreak@gentoo.org>
143 +hardened-sources-2.6.20.ebuild:
144 Finally a hardened-sources version for 2.6.20; many people have been waiting
145 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
146 testbox.
147
148 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
149 hardened-sources-2.6.18-r6.ebuild:
150 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
151
152 *hardened-sources-2.6.18-r6 (16 Mar 2007)
153
154 16 Mar 2007; Christian Heim <phreak@gentoo.org>
155 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
156 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
157 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
158 supposed to be.
159
160 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
161 Fixing the Manifest, the previous one was broken (as in still had the
162 deleted ebuild in it).
163
164 06 Mar 2007; Christian Heim <phreak@gentoo.org>
165 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
166 +hardened-sources-2.6.18-r5.ebuild:
167 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
168 Linux 2.6.18.8. Also cleaning up the older version.
169
170 *hardened-sources-2.6.18-r5 (06 Mar 2007)
171
172 06 Mar 2007; Christian Heim <phreak@gentoo.org>
173 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
174 +hardened-sources-2.6.18-r5.ebuild:
175 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
176 Linux 2.6.18.8. Also cleaning up the older version.
177
178 24 Feb 2007; Christian Heim <phreak@gentoo.org>
179 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
180 -hardened-sources-2.6.19-r5.ebuild:
181 Removing some of the old version, that didn't work.
182
183 *hardened-sources-2.6.19-r6 (12 Feb 2007)
184
185 12 Feb 2007; Christian Heim <phreak@gentoo.org>
186 +hardened-sources-2.6.19-r6.ebuild:
187 Revision bump, including a new grsec version fixing #166235.
188
189 *hardened-sources-2.4.34 (24 Jan 2007)
190
191 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
192 Manifest:
193 updating Manifest with checksums of new tarball and ebuild
194
195 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
196 +hardened-sources-2.4.34.ebuild:
197 I added new hardened sources 2.4 update, this is a critical path
198 security bugfix - all users of h-s are strongly advised
199 to update their existing hardened sources to this version.
200 It contains a fix for a kernel vulnerability that is pertaining
201 to the PaX changes to virtual memory management, possibly leading
202 to a local kernel exploit ... see grsecurity.net forums and homepage
203
204 23 Jan 2007; Christian Heim <phreak@gentoo.org>
205 files/digest-hardened-sources-2.6.19-r5, Manifest:
206 Fixing the patch-tarball digest.
207
208 *hardened-sources-2.6.19-r5 (23 Jan 2007)
209
210 23 Jan 2007; Christian Heim <phreak@gentoo.org>
211 +hardened-sources-2.6.19-r5.ebuild:
212 Revision bump, closing the recently discovered PaX expand_stack()
213 vulnerability.
214
215 *hardened-sources-2.6.19-r4 (14 Jan 2007)
216
217 14 Jan 2007; Christian Heim <phreak@gentoo.org>
218 +hardened-sources-2.6.19-r4.ebuild:
219 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
220 dropping the randomized PID feature.
221
222 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
223 hardened-sources-2.4.33.4.ebuild:
224 stable x86, bug #161171
225
226 *hardened-sources-2.6.19-r3 (27 Dec 2006)
227
228 27 Dec 2006; Christian Heim <phreak@gentoo.org>
229 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
230 Revision bump for bug #157186 and #158786.
231
232 *hardened-sources-2.6.18-r4 (27 Dec 2006)
233
234 27 Dec 2006; Christian Heim <phreak@gentoo.org>
235 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
236 Revision bump for bug #157186.
237
238 *hardened-sources-2.6.19-r2 (23 Dec 2006)
239
240 23 Dec 2006; Christian Heim <phreak@gentoo.org>
241 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
242 Revision bump to pull in genpatches-2.6.19-3 for #157186.
243
244 17 Dec 2006; Christian Heim <phreak@gentoo.org>
245 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
246 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
247 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
248 hardened-sources-2.6.19-r1.ebuild:
249 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
250 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
251
252 *hardened-sources-2.4.33.4 (17 Dec 2006)
253
254 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
255 +hardened-sources-2.4.33.4.ebuild:
256 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
257 and quilting
258
259 *hardened-sources-2.6.19-r1 (14 Dec 2006)
260
261 14 Dec 2006; Christian Heim <phreak@gentoo.org>
262 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
263 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
264 for reporting).
265
266 *hardened-sources-2.6.19 (13 Dec 2006)
267
268 13 Dec 2006; Christian Heim <phreak@gentoo.org>
269 +hardened-sources-2.6.19.ebuild:
270 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
271 Brad for providing that prompt update.
272
273 *hardened-sources-2.6.18-r3 (13 Dec 2006)
274
275 13 Dec 2006; Christian Heim <phreak@gentoo.org>
276 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
277 +hardened-sources-2.6.18-r3.ebuild:
278 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
279 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
280
281 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
282 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
283
284 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
285 Stable on ppc wrt bug 157356
286
287 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
288 hardened-sources-2.6.18.ebuild:
289 stable x86, bug #157356
290
291 *hardened-sources-2.6.18-r2 (06 Dec 2006)
292
293 06 Dec 2006; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.18-r2.ebuild:
295 Revision bump, including 2.6.18.5 (via genpatches) and
296 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
297 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
298 redesign.
299
300 06 Dec 2006; Christian Heim <phreak@gentoo.org>
301 hardened-sources-2.6.18.ebuild:
302 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
303 of Mike Doty).
304
305 *hardened-sources-2.6.18-r1 (23 Nov 2006)
306
307 23 Nov 2006; Christian Heim <phreak@gentoo.org>
308 +hardened-sources-2.6.18-r1.ebuild:
309 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
310
311 *hardened-sources-2.6.18 (11 Nov 2006)
312
313 11 Nov 2006; Christian Heim <phreak@gentoo.org>
314 +hardened-sources-2.6.18.ebuild:
315 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
316
317 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
318 - mark amd64 stable also. bug #151877
319
320 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
321 - mark 2.6.17-r1 stable
322
323 27 Aug 2006; Christian Heim <phreak@gentoo.org>
324 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
325 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
326
327 *hardened-sources-2.6.17-r1 (26 Aug 2006)
328
329 26 Aug 2006; Christian Heim <phreak@gentoo.org>
330 +hardened-sources-2.6.17-r1.ebuild:
331 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
332 grsecurity patch.
333
334 *hardened-sources-2.6.17 (17 Aug 2006)
335
336 17 Aug 2006; Christian Heim <phreak@gentoo.org>
337 +hardened-sources-2.6.17.ebuild:
338 Bumping the hardened-sources-2.6 series to 2.6.17, using
339 genpatches-2.6.17-6.base.
340
341 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
342 - stable on x86 and amd64
343
344 *hardened-sources-2.6.16-r11 (15 Jul 2006)
345
346 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
347 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
348 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
349 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
350 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
351 crusty ebuilds
352
353 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
354 hardened-sources-2.6.16-r10.ebuild:
355 marking stable on x86 and amd64
356
357 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
358 - 2.4.32-r6 stable on x86. RSBAC state unknown
359
360 *hardened-sources-2.4.32-r7 (10 Jul 2006)
361
362 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
363 +hardened-sources-2.4.32-r7.ebuild:
364 Bump PaX for RSBAC to test-17
365
366 *hardened-sources-2.6.16-r9 (03 Jul 2006)
367
368 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
369 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
370 hardened-sources-2.6.16 bump to latest -base.
371
372 *hardened-sources-2.4.32-r6 (30 Jun 2006)
373
374 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
375 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
376 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
377 sysctl controlable resource logging
378
379 *hardened-sources-2.6.16-r7 (05 Jun 2006)
380
381 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
382 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
383 push new 2.6.16 release in preparation for stable
384
385 22 May 2006; <solar@gentoo.org> :
386 - redigest bug 134002
387
388 *hardened-sources-2.4.32-r5 (16 May 2006)
389
390 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
391 +hardened-sources-2.4.32-r5.ebuild:
392 Fixes rsbac common patching (new patch in new -r5 patchset)
393
394 *hardened-sources-2.4.32-r4 (13 May 2006)
395
396 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
397 +hardened-sources-2.4.32-r4.ebuild:
398 - security bumps
399
400 *hardened-sources-2.6.16-r6 (03 May 2006)
401
402 03 May 2006; John Mylchreest <johnm@gentoo.org>
403 +hardened-sources-2.6.16-r6.ebuild:
404 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
405
406 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
407 hardened-sources-2.6.14-r8.ebuild:
408 fix x86_64 build problem, this will delay the digest issue again for a short
409 while but it will sort itself out
410
411 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
412 hardened-sources-2.6.14-r8.ebuild:
413 bump hardened patchset
414
415 27 Apr 2006; Alec Warner <antarus@gentoo.org>
416 files/digest-hardened-sources-2.4.32-r2,
417 files/digest-hardened-sources-2.4.32-r3,
418 files/digest-hardened-sources-2.6.14-r8, Manifest:
419 Fixing duff SHA256 digests: Bug # 131293
420
421 *hardened-sources-2.6.16-r5 (27 Apr 2006)
422
423 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
424 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
425 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
426 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
427 cleanup of old uneccessary sources
428
429 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
430 fix digest
431
432 *hardened-sources-2.6.14-r8 (20 Apr 2006)
433
434 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
435 +hardened-sources-2.6.14-r8.ebuild:
436 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
437
438 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
439 Turning on gpg-signing again, and recomitting
440
441 *hardened-sources-2.6.16-r4 (20 Apr 2006)
442
443 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
444 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
445 +hardened-sources-2.6.16-r4.ebuild:
446 Fix numerous security vulns
447
448 *hardened-sources-2.4.32-r3 (16 Apr 2006)
449
450 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
451 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
452 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
453 - security bump for bug #112791. Removed old ebuilds
454
455 *hardened-sources-2.6.16-r3 (15 Apr 2006)
456
457 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
458 +hardened-sources-2.6.16-r3.ebuild:
459 Removing silly localversion which I missed
460
461 *hardened-sources-2.6.14-r7 (14 Apr 2006)
462
463 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
464 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
465 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
466
467 *hardened-sources-2.6.16-r2 (13 Apr 2006)
468
469 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
470 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
471 +hardened-sources-2.6.16-r2.ebuild:
472 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
473 labels, dropping USERGROUP define fixes, since these were merged mainstream.
474
475 *hardened-sources-2.6.16-r1 (11 Apr 2006)
476
477 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
478 +hardened-sources-2.6.16-r1.ebuild:
479 Bumping to include ppc build fix and 2.6.16.3
480
481 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
482 hardened-sources-2.6.14-r6.ebuild:
483 Stable on x86; bug #127718
484
485 *hardened-sources-2.6.16 (31 Mar 2006)
486
487 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
488 +hardened-sources-2.6.16.ebuild:
489 Bumping to new version of grsec, and kernel base. New squashfs. Based on
490 2.6.16.1
491
492 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
493 hardened-sources-2.6.14-r6.ebuild:
494 Stable on amd64, bug 127718.
495
496 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
497 Stable on ppc. Bug #127718
498
499 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
500 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
501 -hardened-sources-2.6.14-r4.ebuild:
502 Cleanup.
503
504 *hardened-sources-2.6.14-r6 (15 Mar 2006)
505
506 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
507 +hardened-sources-2.6.14-r6.ebuild:
508 Fixes grsec policy recreation bug and adds a
509 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
510
511 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
512 - stable on x86
513
514 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
515 hardened-sources-2.6.14-r5.ebuild:
516 Stable on ppc.
517
518 *hardened-sources-2.6.14-r5 (01 Feb 2006)
519
520 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
521 +hardened-sources-2.6.14-r5.ebuild:
522 fixing every known exploit
523
524 *hardened-sources-2.4.32-r2 (26 Jan 2006)
525
526 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
527 +hardened-sources-2.4.32-r2.ebuild:
528 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
529
530 *hardened-sources-2.6.14-r4 (12 Jan 2006)
531
532 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
533 - version bump for new genpatches which fix up a few sec holes
534
535 *hardened-sources-2.4.32-r1 (05 Jan 2006)
536
537 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
538 - revision bump to add misc vital linux kernel security patches.
539
540 *hardened-sources-2.6.14-r3 (30 Dec 2005)
541
542 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
543 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
544 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
545
546 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
547 hardened-sources-2.6.14-r2.ebuild:
548 making x86 & amd64 stable following testing.
549
550 *hardened-sources-2.6.14-r2 (27 Dec 2005)
551
552 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
553 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
554 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
555 network hooks.
556
557 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
558 hardened-sources-2.6.14-r1.ebuild:
559 bumping to stable early for sec fix on x86 & amd64
560
561 *hardened-sources-2.6.14-r1 (05 Dec 2005)
562
563 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
564 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
565 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
566
567 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
568 - stable on x86 security bug #114227 CAN-2005-3257
569
570 *hardened-sources-2.4.32 (19 Nov 2005)
571
572 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
573 +hardened-sources-2.4.32.ebuild:
574 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
575 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
576 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
577 rsbac >> /etc/portage/package.use)
578
579 *hardened-sources-2.6.14 (14 Nov 2005)
580
581 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
582 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
583 Bumping 2.6 series to 2.6.14.2
584
585 *hardened-sources-2.6.13-r2 (20 Oct 2005)
586
587 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
588 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
589 +hardened-sources-2.6.13-r2.ebuild:
590 Fixes minor build error in ppc.
591
592 *hardened-sources-2.6.13-r1 (17 Oct 2005)
593
594 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
595 +hardened-sources-2.6.13-r1.ebuild:
596 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
597 2.6.13.4, fixes some major amd64 stability problems.
598
599 *hardened-sources-2.6.13 (16 Sep 2005)
600
601 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
602 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
603 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
604 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
605 users should test this thoroughly.
606
607 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
608 - stable on x86
609
610 *hardened-sources-2.6.11-r15 (27 Jun 2005)
611
612 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
613 +hardened-sources-2.6.11-r15.ebuild:
614 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
615 grsec redefining curr_ip struct.
616
617 *hardened-sources-2.4.31 (20 Jun 2005)
618
619 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
620 initial import of 2.4.31 tree
621
622 *hardened-sources-2.6.11-r14 (14 Jun 2005)
623
624 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
625 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
626 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
627 naming scheme to abide by genpatches
628
629 *hardened-sources-2.6.11-r13 (18 May 2005)
630
631 18 May 2005; John Mylchreest <johnm@gentoo.org>
632 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
633 Managed to mangle the Makefile patch from grsec, to miss out the grsec
634 target. sorry about that. Fixes bug #93022
635
636 *hardened-sources-2.6.11-r12 (17 May 2005)
637
638 17 May 2005; John Mylchreest <johnm@gentoo.org>
639 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
640 +hardened-sources-2.6.11-r12.ebuild:
641 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
642 merges in genpatches-base
643
644 *hardened-sources-2.6.11-r12 (17 May 2005)
645
646 17 May 2005; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
648 +hardened-sources-2.6.11-r12.ebuild:
649 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
650 merges in genpatches-base
651
652 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
653 -files/2.4.27-cmdline-race.patch,
654 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
655 -files/2.4.28-grsec-binfmt_a.out.patch,
656 -files/2.4.28-grsec-cmdline-race.patch,
657 -files/2.4.28-selinux-binfmt_a.out.patch,
658 -files/2.4.28-selinux-cmdline-race.patch,
659 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
660 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
661 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
662 cleanup..
663
664 *hardened-sources-2.4.30-r1 (21 Apr 2005)
665
666 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
667 - disable aout by default
668
669 *hardened-sources-2.4.30 (18 Apr 2005)
670
671 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
672 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
673 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
674 use
675
676 *hardened-sources-2.4.29 (30 Mar 2005)
677
678 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
679 +hardened-sources-2.4.29.ebuild:
680 New hardened-patches-2.4-29.0 patchball.
681 Removed SELinux support, upgraded GRSecurity to 2.1.4.
682
683 *hardened-sources-2.4.28-r5 (06 Mar 2005)
684
685 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
686 +hardened-sources-2.4.28-r5.ebuild:
687 Added a fix for a PaX vulnerability.
688
689 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
690 hardened-sources-2.4.28-r4.ebuild:
691 Stable on x86
692
693 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
694 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
695 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
696 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
697 - fixed/added RDEPEND= in all kernel-2 ebuilds
698
699 *hardened-sources-2.4.28-r4 (21 Jan 2005)
700
701 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
702 +hardened-sources-2.4.28-r4.ebuild:
703 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
704 backport of neighbour hash updates.
705
706 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
707 hardened-sources-2.4.28-r3.ebuild:
708 Stable on x86
709
710 *hardened-sources-2.6.10-r3 (20 Jan 2005)
711
712 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
713 +hardened-sources-2.6.10-r3.ebuild:
714 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
715 in 2005.0
716
717 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
718 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
719 hardened-sources-2.4.28-r2.ebuild:
720 Mark stable on x86
721
722 *hardened-sources-2.4.28-r3 (17 Jan 2005)
723
724 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
725 +hardened-sources-2.4.28-r3.ebuild:
726 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
727
728 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
729 hardened-sources-2.4.28.ebuild:
730 Mark stable on x86.
731
732 *hardened-sources-2.4.28-r2 (13 Jan 2005)
733
734 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
735 +hardened-sources-2.4.28-r2.ebuild:
736 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
737 Mazinger for grsecurity patches as well.
738
739 *hardened-sources-2.4.28-r1 (23 Dec 2004)
740
741 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
742 Security bump. Thank tocharian for rolling a new patchset...
743
744 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
745 +files/2.4.28-grsec-cmdline-race.patch,
746 +files/2.4.28-selinux-binfmt_a.out.patch,
747 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
748 - Round up remaining security patches that appear to be missing in 2.4.28. -
749 PaX standalone updated to current. hgpv=28.1
750
751 *hardened-sources-2.4.28 (28 Nov 2004)
752
753 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
754 security bump. Thank tocharian for rolling a new patchset
755
756 *hardened-sources-2.4.27-r3 (08 Sep 2004)
757
758 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
759 +hardened-sources-2.4.27-r3.ebuild:
760 Applies the new 2.4-27.2 patchball which updates
761 GRSecurity to the 2.0.1 version.
762
763 *hardened-sources-2.4.27-r2 (31 Aug 2004)
764
765 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
766 +hardened-sources-2.4.27-r2.ebuild:
767 Version bump.
768 This version uses the new 2.4-27.1 patchball which updates
769 both the SELinux PaX hooks patch and the SELinux headers.
770
771 *hardened-sources-2.4.27-r1 (09 Aug 2004)
772
773 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
774 +hardened-sources-2.4.27-r1.ebuild,
775 -hardened-sources-2.4.27.ebuild,
776 +files/2.4.27-cmdline-race.patch:
777 Version bump, fix for cmdline race. See bug #59905.
778
779 *hardened-sources-2.4.26-r6 (09 Aug 2004)
780
781 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
782 +hardened-sources-2.4.26-r6.ebuild,
783 -hardened-sources-2.4.26-r5.ebuild,
784 -hardened-sources-2.4.26-r4.ebuild,
785 +files/2.4.26-cmdline-race.patch:
786 Version bump, fix for cmdline race. See bug #59905.
787
788 *hardened-sources-2.4.27 (08 Aug 2004)
789
790 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
791 +hardened-sources-2.4.27.ebuild,
792 +files/2.4.27-CAN-2004-0394.patch:
793 Ported the patchball to the 2.4.27 kernel version.
794
795 *hardened-sources-2.4.26-r5 (07 Aug 2004)
796
797 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
798 +hardened-sources-2.4.26-r5.ebuild:
799 Updated to use the new hardened-patches-2.4-26.1 patchball.
800 It adds the following features:
801 - Squashfs
802 - Ebtables
803 - Netdev random (core+drivers)
804 - Watchdog Timer (WDT) fix.
805
806 *hardened-sources-2.4.26-r4 (04 Aug 2004)
807
808 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
809 +hardened-sources-2.4.26-r4.ebuild,
810 +files/2.4.26-CAN-2004-0415.patch,
811 -hardened-sources-2.4.26-3:
812 Version bump, fix for CAN 0415, see bug #59378.
813
814 *hardened-sources-2.4.26-r3 (22 Jul 2004)
815
816 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.26-r3.ebuild,
818 +files/2.4.26-CAN-2004-0497.patch,
819 -hardened-sources-2.4.26-r2.ebuild:
820 Version bump, fixed CAN 0497, see bug #56171.
821
822 *hardened-sources-2.4.26-r2 (29 Jun 2004)
823
824 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
825 +hardened-sources-2.4.26-r2.ebuild,
826 +files/2.4.26-CAN-2004-0495.patch,
827 +files/2.4.26-CAN-2004-0535.patch,
828 -hardened-sources-2.4.26-r1.ebuild:
829 Fixes for both CAN 0495 and 0535, see bug #54976
830
831 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
832 hardened-sources-2.4.26-r1.ebuild:
833 QA - fix use invocation
834
835 *hardened-sources-2.4.26-r1 (22 June 2004)
836
837 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
838 +hardened-sources-2.4.26-r1.ebuild,
839 +files/2.4.26-CAN-2004-0394.patch,
840 +files/2.4.26-signal-race.patch,
841 -hardened-sources-2.4.26.ebuild,
842 -hardened-sources-2.4.24-r3.ebuild:
843 Version bump for the CAN-2004-0394 issue and bug #53804
844 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
845
846
847 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
848 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
849 Masked hardened-sources-2.4.26.ebuild broken for ppc
850
851 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
852 hardened-sources-2.4.24-r3.ebuild:
853 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
854
855 *hardened-sources-2.4.26 (29 May 2004)
856
857 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
858 +hardened-sources-2.4.26.ebuild:
859 Updated hardened-sources for the 2.4.26 kernel
860 Removed broken components, updated almost everything.
861
862 *hardened-sources-2.4.24-r3 (17 Apr 2004)
863
864 17 Apr 2004; <plasmaroo@gentoo.org>
865 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
866 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
867 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
868 +hardened-sources-2.4.24-r3.ebuild:
869 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
870 vulnerabilities. Old revisions removed.
871
872 *hardened-sources-2.4.24-r2 (15 Apr 2004)
873
874 15 Apr 2004; <plasmaroo@gentoo.org>
875 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
876 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
877 Version bump for the CAN-2004-0109 issue; bug #47881.
878
879 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
880 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
881 Add eutils to inherit.
882
883 *hardened-sources-2.4.24-r1 (19 Feb 2004)
884
885 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
886 files/hardened-sources-2.4.24.munmap.patch:
887 Added the patch for the mremap/munmap vulnerability. Bug #42024.
888
889 *hardened-sources-2.4.24 (06 Feb 2004)
890
891 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
892 hardened-sources-2.4.24.ebuild:
893 Version bump, updated most of the components.
894 This release includes the following:
895
896 - Hardened security
897 - Netfilter patch-o-matic 20031219
898 - FreeSWAN 2.04 & x509 1.4.8
899 - EVMS 2.2.2
900 - XFS 1.3.1
901 - cryptoloop jari
902 - grsecurity 2.0-rc4
903 - SELinux
904 - PaX 200402060000
905 - PaX Obscurity 200308302223
906 - Others...
907
908 Neither -ck nor systrace are included anymore.
909
910 *hardened-sources-2.4.22-r2 (05 Jan 2004)
911
912 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
913 hardened-sources-2.4.22-r2.ebuild:
914 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
915
916 *hardened-sources-2.4.22-r1 (02 Dec 2003)
917
918 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
919 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
920
921 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
922 hardened-sources-2.4.22-r1.ebuild:
923 Version bump for the 'do_brk' vulnerability.
924
925 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
926 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
927 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
928 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
929 Fix the 'do_brk' vulnerability.
930
931 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
932 hardened-sources-2.4.22.ebuild:
933 - Removed the src_install() portion for SELinux flask
934 components. These are no longer handled in the kernel
935 so this code was not necessary.
936
937 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
938 New 2.4.22 based hardened-sources thanks to
939 Phil West <p.west@computer.org>.
940
941 These sources include:
942 - New SELinux API
943 - Updated CK-base
944 - Updated GRSec
945 - Systrace
946 - SuperFreeS/WAN 1.99.8
947 - Propolice kernel build support
948 - EVMS
949 - Other various security related patches
950
951 *hardened-sources-2.4.21 (14 Sep 2003)
952
953 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
954 Updated hardened-sources based on the 2.4.21 Linux kernel.
955 This includes updates to most major components such as:
956 - ck-base-0306300059
957 - selinux-2.4-2003071106
958 - grsecurity-2.0-rc1
959 - Updated IPTables patch-o-matic
960 - Updated SuperFreeS/WAN
961
962 Thanks to Phil West <pwest@computer.org> for his work in getting this
963 updated patch set ready for the 2.4.21 based kernel.
964
965 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
966 Initial import of hardened-sources-2.4.20-r4. This revision
967 includes only a few changes, but one of these is an important
968 security fix. It is recommended all users of hardened-sources
969 upgrade to this release.
970
971 - ioperm bug fix
972 - fixed compilation failure when building without GRSec
973
974 SAL (Secure Auditing for Linux) is NOT included in this revision
975 due to time constraints, but is planned for inclusion in the near
976 future.
977
978 *hardened-sources-2.4.20-r2 (12 Jun 2003)
979
980 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
981 hardened-sources-2.4.20-r3.ebuild:
982 Add Header...
983
984 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
985 hardened-sources-2.4.20-r3.ebuild:
986 Removed warnings from ebuild. This kernel should be safe to
987 use at this point.
988
989 *hardened-sources-2.4.20-r3 (08 Jun 2003)
990
991 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
992 hardened-sources-2.4.20-r3.ebuild:
993 New revision. Includes the following changes over -r2:
994
995 - ck7-base (O(1), preempt, low latency)
996 - Super FreeS/WAN 1.99.7rc2
997 - PaX for the LSM/SELinux branch
998 - GRSecurity 2.0-pre4 (role based access control)
999 - Systrace 1.3
1000 - EXT3 fixes
1001 - EVMS 2.0.1
1002 - GCC 3.1+ compile optimizations
1003 - ProPolice kernel build support
1004 - Hashing table security fixes
1005
1006 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1007
1008 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1009 Initial import of hardened-sources-r2. This new
1010 ebuild includes many new performance and security
1011 related patches. As in -r1, it will patch in
1012 LSM/SELinux if "selinux" is in USE, otherwise it
1013 will patch in GRSecurity. The following patches
1014 are included in this revision:
1015
1016 - O(1) Scheduler, Low Latency, and Preempt
1017 (pulled from the base CK patch)
1018 - ptrace exploit patch for the LSM kernel
1019 (the GRSec patch already fixes this)
1020 - LSM 2.4-2003040709
1021 - SELinux 2.4-2003040709
1022 - Systrace v1.2
1023 - IPTables patch-o-matic base patches - 20030107
1024 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1025 - Super FreeS/WAN 1.99.6.1
1026 - GRSecurity 1.9.9g
1027 - MPPE
1028 - EXT3 data journal fix
1029 - CIPE 1.5.4
1030
1031 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1032 hardened-sources-2.4.20-r1.ebuild, manifest:
1033 Updated to install flask components correctly for selinux.
1034
1035 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1036 hardened-sources-2.4.20-r1.ebuild:
1037 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1038 is patched in instead. Ptrace patches for selinux have also been added. In
1039 either case, systrace support will be patched in as well.
1040
1041 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1042 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1043 Revision bump for new sources.
1044
1045 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1046 hardened-sources-2.4.20-r1.ebuild:
1047 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1048
1049 *hardened-sources-2.4.20 (30 Mar 2003)
1050
1051 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1052 hardened-sources-2.4.20.ebuild:
1053 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20