/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.168 - (show annotations) (download)
Mon Aug 13 21:29:33 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.167: +7 -1 lines
Yet another revision bump.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.167 2007/08/10 09:32:03 phreak Exp $
4
5 *hardened-sources-2.6.22-r1 (13 Aug 2007)
6
7 13 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.22-r1.ebuild:
9 Yet another revision bump.
10
11 *hardened-sources-2.6.22 (10 Aug 2007)
12
13 10 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.22.ebuild:
15 Initial release for 2.6.22. If you are using hardened-sources on a desktop
16 machine (P4 or newer), be aware you might need to disable
17 CONFIG_PAX_PAGEEXEC.
18
19 04 Aug 2007; Christian Heim <phreak@gentoo.org>
20 hardened-sources-2.6.20-r6.ebuild:
21 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
22 2.6.20.15.
23
24 10 Jul 2007; Christian Heim <phreak@gentoo.org>
25 hardened-sources-2.6.20-r5.ebuild:
26 Marking hardened-sources-2.6.20-r5 stable on ppc.
27
28 10 Jul 2007; Christian Heim <phreak@gentoo.org>
29 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
30 Cleanup.
31
32 *hardened-sources-2.6.20-r6 (08 Jul 2007)
33
34 08 Jul 2007; Christian Heim <phreak@gentoo.org>
35 +hardened-sources-2.6.20-r6.ebuild:
36 Revision bump, grabbing yet another stable release.
37
38 17 Jun 2007; Christian Heim <phreak@gentoo.org>
39 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
40 -hardened-sources-2.6.21-r2.ebuild:
41 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
42 alpha stable KEYWORD by mistake.
43
44 17 Jun 2007; Christian Heim <phreak@gentoo.org>
45 hardened-sources-2.6.20-r5.ebuild:
46 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
47 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
48
49 *hardened-sources-2.6.21-r3 (12 Jun 2007)
50
51 12 Jun 2007; Christian Heim <phreak@gentoo.org>
52 +hardened-sources-2.6.21-r3.ebuild:
53 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
54 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
55 love.
56
57 *hardened-sources-2.6.20-r5 (11 Jun 2007)
58
59 11 Jun 2007; Christian Heim <phreak@gentoo.org>
60 +hardened-sources-2.6.20-r5.ebuild:
61 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
62 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
63 love.
64
65 *hardened-sources-2.4.34.5 (11 Jun 2007)
66
67 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
68 +hardened-sources-2.4.34.5.ebuild:
69 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
70
71 30 May 2007; Christian Heim <phreak@gentoo.org>
72 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
73 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
74 stale ebuild(s).
75
76 30 May 2007; Christian Heim <phreak@gentoo.org>
77 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
78 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
79 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
80 Doing some cleanups, remove stale ebuilds.
81
82 26 May 2007; Christian Heim <phreak@gentoo.org>
83 hardened-sources-2.6.21-r2.ebuild:
84 Fixing the grsecurity patch, had one '};' too much.
85
86 *hardened-sources-2.6.21-r2 (26 May 2007)
87
88 26 May 2007; Christian Heim <phreak@gentoo.org>
89 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
90 +hardened-sources-2.6.21-r2.ebuild:
91 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
92 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
93
94 *hardened-sources-2.6.20-r4 (26 May 2007)
95
96 26 May 2007; Christian Heim <phreak@gentoo.org>
97 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
98 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
99 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
100
101 15 May 2007; Christian Heim <phreak@gentoo.org>
102 hardened-sources-2.6.20-r3.ebuild:
103 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
104 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
105 grsecurity patch fail in that exact same hunk.
106
107 *hardened-sources-2.6.20-r3 (15 May 2007)
108
109 15 May 2007; Christian Heim <phreak@gentoo.org>
110 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
111 Revision bump, incorporating Linux 2.6.20.11.
112
113 *hardened-sources-2.6.21-r1 (11 May 2007)
114
115 11 May 2007; Christian Heim <phreak@gentoo.org>
116 +hardened-sources-2.6.21-r1.ebuild:
117 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
118 mentioned in #177234.
119
120 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
121 files/digest-hardened-sources-2.6.21, Manifest:
122 Fix Manifest/digest for linux-2.6.21.tar.bz2
123
124 06 May 2007; Christian Heim <phreak@gentoo.org>
125 hardened-sources-2.6.21.ebuild:
126 Bumping the hardened-patches version, needed for the fix for #177234.
127
128 *hardened-sources-2.6.21 (02 May 2007)
129
130 02 May 2007; Christian Heim <phreak@gentoo.org>
131 +hardened-sources-2.6.21.ebuild:
132 Version bump, Linux 2.6.21-hardened.
133
134 29 Apr 2007; Christian Heim <phreak@gentoo.org>
135 hardened-sources-2.6.20-r2.ebuild:
136 Adding ~ia64 on Ned's request.
137
138 29 Apr 2007; Christian Heim <phreak@gentoo.org>
139 hardened-sources-2.6.20-r2.ebuild:
140 Fixing the included grsecurity patch, wasn't alligning due to the Index:
141 header line(s).
142
143 29 Apr 2007; Christian Heim <phreak@gentoo.org>
144 hardened-sources-2.6.20-r2.ebuild:
145 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
146
147 *hardened-sources-2.6.20-r2 (10 Apr 2007)
148
149 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
150 +hardened-sources-2.6.20-r2.ebuild:
151 Version bump, on behalf of phreak
152
153 *hardened-sources-2.6.20-r1 (04 Apr 2007)
154
155 04 Apr 2007; Christian Heim <phreak@gentoo.org>
156 +hardened-sources-2.6.20-r1.ebuild:
157 Revision bump, grabbing a newer grsecurity snapshot.
158
159 *hardened-sources-2.6.20 (25 Mar 2007)
160
161 25 Mar 2007; Christian Heim <phreak@gentoo.org>
162 +hardened-sources-2.6.20.ebuild:
163 Finally a hardened-sources version for 2.6.20; many people have been waiting
164 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
165 testbox.
166
167 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
168 hardened-sources-2.6.18-r6.ebuild:
169 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
170
171 *hardened-sources-2.6.18-r6 (16 Mar 2007)
172
173 16 Mar 2007; Christian Heim <phreak@gentoo.org>
174 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
175 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
176 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
177 supposed to be.
178
179 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
180 Fixing the Manifest, the previous one was broken (as in still had the
181 deleted ebuild in it).
182
183 06 Mar 2007; Christian Heim <phreak@gentoo.org>
184 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
185 +hardened-sources-2.6.18-r5.ebuild:
186 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
187 Linux 2.6.18.8. Also cleaning up the older version.
188
189 *hardened-sources-2.6.18-r5 (06 Mar 2007)
190
191 06 Mar 2007; Christian Heim <phreak@gentoo.org>
192 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
193 +hardened-sources-2.6.18-r5.ebuild:
194 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
195 Linux 2.6.18.8. Also cleaning up the older version.
196
197 24 Feb 2007; Christian Heim <phreak@gentoo.org>
198 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
199 -hardened-sources-2.6.19-r5.ebuild:
200 Removing some of the old version, that didn't work.
201
202 *hardened-sources-2.6.19-r6 (12 Feb 2007)
203
204 12 Feb 2007; Christian Heim <phreak@gentoo.org>
205 +hardened-sources-2.6.19-r6.ebuild:
206 Revision bump, including a new grsec version fixing #166235.
207
208 *hardened-sources-2.4.34 (24 Jan 2007)
209
210 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
211 Manifest:
212 updating Manifest with checksums of new tarball and ebuild
213
214 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
215 +hardened-sources-2.4.34.ebuild:
216 I added new hardened sources 2.4 update, this is a critical path
217 security bugfix - all users of h-s are strongly advised
218 to update their existing hardened sources to this version.
219 It contains a fix for a kernel vulnerability that is pertaining
220 to the PaX changes to virtual memory management, possibly leading
221 to a local kernel exploit ... see grsecurity.net forums and homepage
222
223 23 Jan 2007; Christian Heim <phreak@gentoo.org>
224 files/digest-hardened-sources-2.6.19-r5, Manifest:
225 Fixing the patch-tarball digest.
226
227 *hardened-sources-2.6.19-r5 (23 Jan 2007)
228
229 23 Jan 2007; Christian Heim <phreak@gentoo.org>
230 +hardened-sources-2.6.19-r5.ebuild:
231 Revision bump, closing the recently discovered PaX expand_stack()
232 vulnerability.
233
234 *hardened-sources-2.6.19-r4 (14 Jan 2007)
235
236 14 Jan 2007; Christian Heim <phreak@gentoo.org>
237 +hardened-sources-2.6.19-r4.ebuild:
238 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
239 dropping the randomized PID feature.
240
241 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
242 hardened-sources-2.4.33.4.ebuild:
243 stable x86, bug #161171
244
245 *hardened-sources-2.6.19-r3 (27 Dec 2006)
246
247 27 Dec 2006; Christian Heim <phreak@gentoo.org>
248 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
249 Revision bump for bug #157186 and #158786.
250
251 *hardened-sources-2.6.18-r4 (27 Dec 2006)
252
253 27 Dec 2006; Christian Heim <phreak@gentoo.org>
254 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
255 Revision bump for bug #157186.
256
257 *hardened-sources-2.6.19-r2 (23 Dec 2006)
258
259 23 Dec 2006; Christian Heim <phreak@gentoo.org>
260 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
261 Revision bump to pull in genpatches-2.6.19-3 for #157186.
262
263 17 Dec 2006; Christian Heim <phreak@gentoo.org>
264 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
265 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
266 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
267 hardened-sources-2.6.19-r1.ebuild:
268 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
269 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
270
271 *hardened-sources-2.4.33.4 (17 Dec 2006)
272
273 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
274 +hardened-sources-2.4.33.4.ebuild:
275 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
276 and quilting
277
278 *hardened-sources-2.6.19-r1 (14 Dec 2006)
279
280 14 Dec 2006; Christian Heim <phreak@gentoo.org>
281 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
282 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
283 for reporting).
284
285 *hardened-sources-2.6.19 (13 Dec 2006)
286
287 13 Dec 2006; Christian Heim <phreak@gentoo.org>
288 +hardened-sources-2.6.19.ebuild:
289 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
290 Brad for providing that prompt update.
291
292 *hardened-sources-2.6.18-r3 (13 Dec 2006)
293
294 13 Dec 2006; Christian Heim <phreak@gentoo.org>
295 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
296 +hardened-sources-2.6.18-r3.ebuild:
297 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
298 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
299
300 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
301 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
302
303 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
304 Stable on ppc wrt bug 157356
305
306 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
307 hardened-sources-2.6.18.ebuild:
308 stable x86, bug #157356
309
310 *hardened-sources-2.6.18-r2 (06 Dec 2006)
311
312 06 Dec 2006; Christian Heim <phreak@gentoo.org>
313 +hardened-sources-2.6.18-r2.ebuild:
314 Revision bump, including 2.6.18.5 (via genpatches) and
315 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
316 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
317 redesign.
318
319 06 Dec 2006; Christian Heim <phreak@gentoo.org>
320 hardened-sources-2.6.18.ebuild:
321 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
322 of Mike Doty).
323
324 *hardened-sources-2.6.18-r1 (23 Nov 2006)
325
326 23 Nov 2006; Christian Heim <phreak@gentoo.org>
327 +hardened-sources-2.6.18-r1.ebuild:
328 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
329
330 *hardened-sources-2.6.18 (11 Nov 2006)
331
332 11 Nov 2006; Christian Heim <phreak@gentoo.org>
333 +hardened-sources-2.6.18.ebuild:
334 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
335
336 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
337 - mark amd64 stable also. bug #151877
338
339 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
340 - mark 2.6.17-r1 stable
341
342 27 Aug 2006; Christian Heim <phreak@gentoo.org>
343 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
344 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
345
346 *hardened-sources-2.6.17-r1 (26 Aug 2006)
347
348 26 Aug 2006; Christian Heim <phreak@gentoo.org>
349 +hardened-sources-2.6.17-r1.ebuild:
350 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
351 grsecurity patch.
352
353 *hardened-sources-2.6.17 (17 Aug 2006)
354
355 17 Aug 2006; Christian Heim <phreak@gentoo.org>
356 +hardened-sources-2.6.17.ebuild:
357 Bumping the hardened-sources-2.6 series to 2.6.17, using
358 genpatches-2.6.17-6.base.
359
360 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
361 - stable on x86 and amd64
362
363 *hardened-sources-2.6.16-r11 (15 Jul 2006)
364
365 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
366 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
367 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
368 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
369 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
370 crusty ebuilds
371
372 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
373 hardened-sources-2.6.16-r10.ebuild:
374 marking stable on x86 and amd64
375
376 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
377 - 2.4.32-r6 stable on x86. RSBAC state unknown
378
379 *hardened-sources-2.4.32-r7 (10 Jul 2006)
380
381 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
382 +hardened-sources-2.4.32-r7.ebuild:
383 Bump PaX for RSBAC to test-17
384
385 *hardened-sources-2.6.16-r9 (03 Jul 2006)
386
387 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
388 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
389 hardened-sources-2.6.16 bump to latest -base.
390
391 *hardened-sources-2.4.32-r6 (30 Jun 2006)
392
393 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
394 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
395 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
396 sysctl controlable resource logging
397
398 *hardened-sources-2.6.16-r7 (05 Jun 2006)
399
400 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
401 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
402 push new 2.6.16 release in preparation for stable
403
404 22 May 2006; <solar@gentoo.org> :
405 - redigest bug 134002
406
407 *hardened-sources-2.4.32-r5 (16 May 2006)
408
409 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
410 +hardened-sources-2.4.32-r5.ebuild:
411 Fixes rsbac common patching (new patch in new -r5 patchset)
412
413 *hardened-sources-2.4.32-r4 (13 May 2006)
414
415 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
416 +hardened-sources-2.4.32-r4.ebuild:
417 - security bumps
418
419 *hardened-sources-2.6.16-r6 (03 May 2006)
420
421 03 May 2006; John Mylchreest <johnm@gentoo.org>
422 +hardened-sources-2.6.16-r6.ebuild:
423 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
424
425 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
426 hardened-sources-2.6.14-r8.ebuild:
427 fix x86_64 build problem, this will delay the digest issue again for a short
428 while but it will sort itself out
429
430 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
431 hardened-sources-2.6.14-r8.ebuild:
432 bump hardened patchset
433
434 27 Apr 2006; Alec Warner <antarus@gentoo.org>
435 files/digest-hardened-sources-2.4.32-r2,
436 files/digest-hardened-sources-2.4.32-r3,
437 files/digest-hardened-sources-2.6.14-r8, Manifest:
438 Fixing duff SHA256 digests: Bug # 131293
439
440 *hardened-sources-2.6.16-r5 (27 Apr 2006)
441
442 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
443 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
444 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
445 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
446 cleanup of old uneccessary sources
447
448 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
449 fix digest
450
451 *hardened-sources-2.6.14-r8 (20 Apr 2006)
452
453 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
454 +hardened-sources-2.6.14-r8.ebuild:
455 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
456
457 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
458 Turning on gpg-signing again, and recomitting
459
460 *hardened-sources-2.6.16-r4 (20 Apr 2006)
461
462 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
463 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
464 +hardened-sources-2.6.16-r4.ebuild:
465 Fix numerous security vulns
466
467 *hardened-sources-2.4.32-r3 (16 Apr 2006)
468
469 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
470 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
471 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
472 - security bump for bug #112791. Removed old ebuilds
473
474 *hardened-sources-2.6.16-r3 (15 Apr 2006)
475
476 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
477 +hardened-sources-2.6.16-r3.ebuild:
478 Removing silly localversion which I missed
479
480 *hardened-sources-2.6.14-r7 (14 Apr 2006)
481
482 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
483 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
484 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
485
486 *hardened-sources-2.6.16-r2 (13 Apr 2006)
487
488 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
489 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
490 +hardened-sources-2.6.16-r2.ebuild:
491 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
492 labels, dropping USERGROUP define fixes, since these were merged mainstream.
493
494 *hardened-sources-2.6.16-r1 (11 Apr 2006)
495
496 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
497 +hardened-sources-2.6.16-r1.ebuild:
498 Bumping to include ppc build fix and 2.6.16.3
499
500 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
501 hardened-sources-2.6.14-r6.ebuild:
502 Stable on x86; bug #127718
503
504 *hardened-sources-2.6.16 (31 Mar 2006)
505
506 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
507 +hardened-sources-2.6.16.ebuild:
508 Bumping to new version of grsec, and kernel base. New squashfs. Based on
509 2.6.16.1
510
511 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
512 hardened-sources-2.6.14-r6.ebuild:
513 Stable on amd64, bug 127718.
514
515 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
516 Stable on ppc. Bug #127718
517
518 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
519 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
520 -hardened-sources-2.6.14-r4.ebuild:
521 Cleanup.
522
523 *hardened-sources-2.6.14-r6 (15 Mar 2006)
524
525 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
526 +hardened-sources-2.6.14-r6.ebuild:
527 Fixes grsec policy recreation bug and adds a
528 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
529
530 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
531 - stable on x86
532
533 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
534 hardened-sources-2.6.14-r5.ebuild:
535 Stable on ppc.
536
537 *hardened-sources-2.6.14-r5 (01 Feb 2006)
538
539 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
540 +hardened-sources-2.6.14-r5.ebuild:
541 fixing every known exploit
542
543 *hardened-sources-2.4.32-r2 (26 Jan 2006)
544
545 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
546 +hardened-sources-2.4.32-r2.ebuild:
547 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
548
549 *hardened-sources-2.6.14-r4 (12 Jan 2006)
550
551 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
552 - version bump for new genpatches which fix up a few sec holes
553
554 *hardened-sources-2.4.32-r1 (05 Jan 2006)
555
556 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
557 - revision bump to add misc vital linux kernel security patches.
558
559 *hardened-sources-2.6.14-r3 (30 Dec 2005)
560
561 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
562 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
563 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
564
565 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
566 hardened-sources-2.6.14-r2.ebuild:
567 making x86 & amd64 stable following testing.
568
569 *hardened-sources-2.6.14-r2 (27 Dec 2005)
570
571 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
572 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
573 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
574 network hooks.
575
576 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
577 hardened-sources-2.6.14-r1.ebuild:
578 bumping to stable early for sec fix on x86 & amd64
579
580 *hardened-sources-2.6.14-r1 (05 Dec 2005)
581
582 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
583 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
584 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
585
586 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
587 - stable on x86 security bug #114227 CAN-2005-3257
588
589 *hardened-sources-2.4.32 (19 Nov 2005)
590
591 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
592 +hardened-sources-2.4.32.ebuild:
593 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
594 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
595 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
596 rsbac >> /etc/portage/package.use)
597
598 *hardened-sources-2.6.14 (14 Nov 2005)
599
600 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
601 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
602 Bumping 2.6 series to 2.6.14.2
603
604 *hardened-sources-2.6.13-r2 (20 Oct 2005)
605
606 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
607 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
608 +hardened-sources-2.6.13-r2.ebuild:
609 Fixes minor build error in ppc.
610
611 *hardened-sources-2.6.13-r1 (17 Oct 2005)
612
613 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
614 +hardened-sources-2.6.13-r1.ebuild:
615 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
616 2.6.13.4, fixes some major amd64 stability problems.
617
618 *hardened-sources-2.6.13 (16 Sep 2005)
619
620 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
621 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
622 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
623 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
624 users should test this thoroughly.
625
626 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
627 - stable on x86
628
629 *hardened-sources-2.6.11-r15 (27 Jun 2005)
630
631 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
632 +hardened-sources-2.6.11-r15.ebuild:
633 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
634 grsec redefining curr_ip struct.
635
636 *hardened-sources-2.4.31 (20 Jun 2005)
637
638 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
639 initial import of 2.4.31 tree
640
641 *hardened-sources-2.6.11-r14 (14 Jun 2005)
642
643 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
644 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
645 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
646 naming scheme to abide by genpatches
647
648 *hardened-sources-2.6.11-r13 (18 May 2005)
649
650 18 May 2005; John Mylchreest <johnm@gentoo.org>
651 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
652 Managed to mangle the Makefile patch from grsec, to miss out the grsec
653 target. sorry about that. Fixes bug #93022
654
655 *hardened-sources-2.6.11-r12 (17 May 2005)
656
657 17 May 2005; John Mylchreest <johnm@gentoo.org>
658 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
659 +hardened-sources-2.6.11-r12.ebuild:
660 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
661 merges in genpatches-base
662
663 *hardened-sources-2.6.11-r12 (17 May 2005)
664
665 17 May 2005; John Mylchreest <johnm@gentoo.org>
666 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
667 +hardened-sources-2.6.11-r12.ebuild:
668 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
669 merges in genpatches-base
670
671 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
672 -files/2.4.27-cmdline-race.patch,
673 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
674 -files/2.4.28-grsec-binfmt_a.out.patch,
675 -files/2.4.28-grsec-cmdline-race.patch,
676 -files/2.4.28-selinux-binfmt_a.out.patch,
677 -files/2.4.28-selinux-cmdline-race.patch,
678 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
679 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
680 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
681 cleanup..
682
683 *hardened-sources-2.4.30-r1 (21 Apr 2005)
684
685 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
686 - disable aout by default
687
688 *hardened-sources-2.4.30 (18 Apr 2005)
689
690 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
691 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
692 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
693 use
694
695 *hardened-sources-2.4.29 (30 Mar 2005)
696
697 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
698 +hardened-sources-2.4.29.ebuild:
699 New hardened-patches-2.4-29.0 patchball.
700 Removed SELinux support, upgraded GRSecurity to 2.1.4.
701
702 *hardened-sources-2.4.28-r5 (06 Mar 2005)
703
704 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
705 +hardened-sources-2.4.28-r5.ebuild:
706 Added a fix for a PaX vulnerability.
707
708 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
709 hardened-sources-2.4.28-r4.ebuild:
710 Stable on x86
711
712 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
713 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
714 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
715 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
716 - fixed/added RDEPEND= in all kernel-2 ebuilds
717
718 *hardened-sources-2.4.28-r4 (21 Jan 2005)
719
720 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721 +hardened-sources-2.4.28-r4.ebuild:
722 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
723 backport of neighbour hash updates.
724
725 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
726 hardened-sources-2.4.28-r3.ebuild:
727 Stable on x86
728
729 *hardened-sources-2.6.10-r3 (20 Jan 2005)
730
731 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
732 +hardened-sources-2.6.10-r3.ebuild:
733 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
734 in 2005.0
735
736 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
737 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
738 hardened-sources-2.4.28-r2.ebuild:
739 Mark stable on x86
740
741 *hardened-sources-2.4.28-r3 (17 Jan 2005)
742
743 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
744 +hardened-sources-2.4.28-r3.ebuild:
745 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
746
747 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
748 hardened-sources-2.4.28.ebuild:
749 Mark stable on x86.
750
751 *hardened-sources-2.4.28-r2 (13 Jan 2005)
752
753 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754 +hardened-sources-2.4.28-r2.ebuild:
755 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
756 Mazinger for grsecurity patches as well.
757
758 *hardened-sources-2.4.28-r1 (23 Dec 2004)
759
760 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
761 Security bump. Thank tocharian for rolling a new patchset...
762
763 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
764 +files/2.4.28-grsec-cmdline-race.patch,
765 +files/2.4.28-selinux-binfmt_a.out.patch,
766 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
767 - Round up remaining security patches that appear to be missing in 2.4.28. -
768 PaX standalone updated to current. hgpv=28.1
769
770 *hardened-sources-2.4.28 (28 Nov 2004)
771
772 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
773 security bump. Thank tocharian for rolling a new patchset
774
775 *hardened-sources-2.4.27-r3 (08 Sep 2004)
776
777 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
778 +hardened-sources-2.4.27-r3.ebuild:
779 Applies the new 2.4-27.2 patchball which updates
780 GRSecurity to the 2.0.1 version.
781
782 *hardened-sources-2.4.27-r2 (31 Aug 2004)
783
784 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
785 +hardened-sources-2.4.27-r2.ebuild:
786 Version bump.
787 This version uses the new 2.4-27.1 patchball which updates
788 both the SELinux PaX hooks patch and the SELinux headers.
789
790 *hardened-sources-2.4.27-r1 (09 Aug 2004)
791
792 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
793 +hardened-sources-2.4.27-r1.ebuild,
794 -hardened-sources-2.4.27.ebuild,
795 +files/2.4.27-cmdline-race.patch:
796 Version bump, fix for cmdline race. See bug #59905.
797
798 *hardened-sources-2.4.26-r6 (09 Aug 2004)
799
800 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
801 +hardened-sources-2.4.26-r6.ebuild,
802 -hardened-sources-2.4.26-r5.ebuild,
803 -hardened-sources-2.4.26-r4.ebuild,
804 +files/2.4.26-cmdline-race.patch:
805 Version bump, fix for cmdline race. See bug #59905.
806
807 *hardened-sources-2.4.27 (08 Aug 2004)
808
809 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
810 +hardened-sources-2.4.27.ebuild,
811 +files/2.4.27-CAN-2004-0394.patch:
812 Ported the patchball to the 2.4.27 kernel version.
813
814 *hardened-sources-2.4.26-r5 (07 Aug 2004)
815
816 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.26-r5.ebuild:
818 Updated to use the new hardened-patches-2.4-26.1 patchball.
819 It adds the following features:
820 - Squashfs
821 - Ebtables
822 - Netdev random (core+drivers)
823 - Watchdog Timer (WDT) fix.
824
825 *hardened-sources-2.4.26-r4 (04 Aug 2004)
826
827 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
828 +hardened-sources-2.4.26-r4.ebuild,
829 +files/2.4.26-CAN-2004-0415.patch,
830 -hardened-sources-2.4.26-3:
831 Version bump, fix for CAN 0415, see bug #59378.
832
833 *hardened-sources-2.4.26-r3 (22 Jul 2004)
834
835 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
836 +hardened-sources-2.4.26-r3.ebuild,
837 +files/2.4.26-CAN-2004-0497.patch,
838 -hardened-sources-2.4.26-r2.ebuild:
839 Version bump, fixed CAN 0497, see bug #56171.
840
841 *hardened-sources-2.4.26-r2 (29 Jun 2004)
842
843 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
844 +hardened-sources-2.4.26-r2.ebuild,
845 +files/2.4.26-CAN-2004-0495.patch,
846 +files/2.4.26-CAN-2004-0535.patch,
847 -hardened-sources-2.4.26-r1.ebuild:
848 Fixes for both CAN 0495 and 0535, see bug #54976
849
850 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
851 hardened-sources-2.4.26-r1.ebuild:
852 QA - fix use invocation
853
854 *hardened-sources-2.4.26-r1 (22 June 2004)
855
856 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
857 +hardened-sources-2.4.26-r1.ebuild,
858 +files/2.4.26-CAN-2004-0394.patch,
859 +files/2.4.26-signal-race.patch,
860 -hardened-sources-2.4.26.ebuild,
861 -hardened-sources-2.4.24-r3.ebuild:
862 Version bump for the CAN-2004-0394 issue and bug #53804
863 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
864
865
866 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
867 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
868 Masked hardened-sources-2.4.26.ebuild broken for ppc
869
870 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
871 hardened-sources-2.4.24-r3.ebuild:
872 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
873
874 *hardened-sources-2.4.26 (29 May 2004)
875
876 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
877 +hardened-sources-2.4.26.ebuild:
878 Updated hardened-sources for the 2.4.26 kernel
879 Removed broken components, updated almost everything.
880
881 *hardened-sources-2.4.24-r3 (17 Apr 2004)
882
883 17 Apr 2004; <plasmaroo@gentoo.org>
884 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
885 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
886 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
887 +hardened-sources-2.4.24-r3.ebuild:
888 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
889 vulnerabilities. Old revisions removed.
890
891 *hardened-sources-2.4.24-r2 (15 Apr 2004)
892
893 15 Apr 2004; <plasmaroo@gentoo.org>
894 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
895 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
896 Version bump for the CAN-2004-0109 issue; bug #47881.
897
898 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
899 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
900 Add eutils to inherit.
901
902 *hardened-sources-2.4.24-r1 (19 Feb 2004)
903
904 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
905 files/hardened-sources-2.4.24.munmap.patch:
906 Added the patch for the mremap/munmap vulnerability. Bug #42024.
907
908 *hardened-sources-2.4.24 (06 Feb 2004)
909
910 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
911 hardened-sources-2.4.24.ebuild:
912 Version bump, updated most of the components.
913 This release includes the following:
914
915 - Hardened security
916 - Netfilter patch-o-matic 20031219
917 - FreeSWAN 2.04 & x509 1.4.8
918 - EVMS 2.2.2
919 - XFS 1.3.1
920 - cryptoloop jari
921 - grsecurity 2.0-rc4
922 - SELinux
923 - PaX 200402060000
924 - PaX Obscurity 200308302223
925 - Others...
926
927 Neither -ck nor systrace are included anymore.
928
929 *hardened-sources-2.4.22-r2 (05 Jan 2004)
930
931 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
932 hardened-sources-2.4.22-r2.ebuild:
933 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
934
935 *hardened-sources-2.4.22-r1 (02 Dec 2003)
936
937 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
938 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
939
940 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
941 hardened-sources-2.4.22-r1.ebuild:
942 Version bump for the 'do_brk' vulnerability.
943
944 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
945 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
946 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
947 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
948 Fix the 'do_brk' vulnerability.
949
950 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
951 hardened-sources-2.4.22.ebuild:
952 - Removed the src_install() portion for SELinux flask
953 components. These are no longer handled in the kernel
954 so this code was not necessary.
955
956 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
957 New 2.4.22 based hardened-sources thanks to
958 Phil West <p.west@computer.org>.
959
960 These sources include:
961 - New SELinux API
962 - Updated CK-base
963 - Updated GRSec
964 - Systrace
965 - SuperFreeS/WAN 1.99.8
966 - Propolice kernel build support
967 - EVMS
968 - Other various security related patches
969
970 *hardened-sources-2.4.21 (14 Sep 2003)
971
972 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
973 Updated hardened-sources based on the 2.4.21 Linux kernel.
974 This includes updates to most major components such as:
975 - ck-base-0306300059
976 - selinux-2.4-2003071106
977 - grsecurity-2.0-rc1
978 - Updated IPTables patch-o-matic
979 - Updated SuperFreeS/WAN
980
981 Thanks to Phil West <pwest@computer.org> for his work in getting this
982 updated patch set ready for the 2.4.21 based kernel.
983
984 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
985 Initial import of hardened-sources-2.4.20-r4. This revision
986 includes only a few changes, but one of these is an important
987 security fix. It is recommended all users of hardened-sources
988 upgrade to this release.
989
990 - ioperm bug fix
991 - fixed compilation failure when building without GRSec
992
993 SAL (Secure Auditing for Linux) is NOT included in this revision
994 due to time constraints, but is planned for inclusion in the near
995 future.
996
997 *hardened-sources-2.4.20-r2 (12 Jun 2003)
998
999 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1000 hardened-sources-2.4.20-r3.ebuild:
1001 Add Header...
1002
1003 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1004 hardened-sources-2.4.20-r3.ebuild:
1005 Removed warnings from ebuild. This kernel should be safe to
1006 use at this point.
1007
1008 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1009
1010 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1011 hardened-sources-2.4.20-r3.ebuild:
1012 New revision. Includes the following changes over -r2:
1013
1014 - ck7-base (O(1), preempt, low latency)
1015 - Super FreeS/WAN 1.99.7rc2
1016 - PaX for the LSM/SELinux branch
1017 - GRSecurity 2.0-pre4 (role based access control)
1018 - Systrace 1.3
1019 - EXT3 fixes
1020 - EVMS 2.0.1
1021 - GCC 3.1+ compile optimizations
1022 - ProPolice kernel build support
1023 - Hashing table security fixes
1024
1025 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1026
1027 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1028 Initial import of hardened-sources-r2. This new
1029 ebuild includes many new performance and security
1030 related patches. As in -r1, it will patch in
1031 LSM/SELinux if "selinux" is in USE, otherwise it
1032 will patch in GRSecurity. The following patches
1033 are included in this revision:
1034
1035 - O(1) Scheduler, Low Latency, and Preempt
1036 (pulled from the base CK patch)
1037 - ptrace exploit patch for the LSM kernel
1038 (the GRSec patch already fixes this)
1039 - LSM 2.4-2003040709
1040 - SELinux 2.4-2003040709
1041 - Systrace v1.2
1042 - IPTables patch-o-matic base patches - 20030107
1043 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1044 - Super FreeS/WAN 1.99.6.1
1045 - GRSecurity 1.9.9g
1046 - MPPE
1047 - EXT3 data journal fix
1048 - CIPE 1.5.4
1049
1050 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1051 hardened-sources-2.4.20-r1.ebuild, manifest:
1052 Updated to install flask components correctly for selinux.
1053
1054 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1055 hardened-sources-2.4.20-r1.ebuild:
1056 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1057 is patched in instead. Ptrace patches for selinux have also been added. In
1058 either case, systrace support will be patched in as well.
1059
1060 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1061 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1062 Revision bump for new sources.
1063
1064 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1065 hardened-sources-2.4.20-r1.ebuild:
1066 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1067
1068 *hardened-sources-2.4.20 (30 Mar 2003)
1069
1070 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1071 hardened-sources-2.4.20.ebuild:
1072 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20