/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.170 - (show annotations) (download)
Thu Aug 16 16:19:06 2007 UTC (6 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.169: +7 -1 lines
Revision bump for Linux 2.6.21.6.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.169 2007/08/16 16:15:03 phreak Exp $
4
5 *hardened-sources-2.6.21-r4 (16 Aug 2007)
6
7 16 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.21-r4.ebuild:
9 Revision bump for Linux 2.6.21.6.
10
11 *hardened-sources-2.6.20-r7 (16 Aug 2007)
12
13 16 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.20-r7.ebuild:
15 Revision bump for Linux 2.6.20.16.
16
17 *hardened-sources-2.6.22-r1 (13 Aug 2007)
18
19 13 Aug 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.22-r1.ebuild:
21 Yet another revision bump.
22
23 *hardened-sources-2.6.22 (10 Aug 2007)
24
25 10 Aug 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.6.22.ebuild:
27 Initial release for 2.6.22. If you are using hardened-sources on a desktop
28 machine (P4 or newer), be aware you might need to disable
29 CONFIG_PAX_PAGEEXEC.
30
31 04 Aug 2007; Christian Heim <phreak@gentoo.org>
32 hardened-sources-2.6.20-r6.ebuild:
33 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
34 2.6.20.15.
35
36 10 Jul 2007; Christian Heim <phreak@gentoo.org>
37 hardened-sources-2.6.20-r5.ebuild:
38 Marking hardened-sources-2.6.20-r5 stable on ppc.
39
40 10 Jul 2007; Christian Heim <phreak@gentoo.org>
41 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
42 Cleanup.
43
44 *hardened-sources-2.6.20-r6 (08 Jul 2007)
45
46 08 Jul 2007; Christian Heim <phreak@gentoo.org>
47 +hardened-sources-2.6.20-r6.ebuild:
48 Revision bump, grabbing yet another stable release.
49
50 17 Jun 2007; Christian Heim <phreak@gentoo.org>
51 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
52 -hardened-sources-2.6.21-r2.ebuild:
53 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
54 alpha stable KEYWORD by mistake.
55
56 17 Jun 2007; Christian Heim <phreak@gentoo.org>
57 hardened-sources-2.6.20-r5.ebuild:
58 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
59 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
60
61 *hardened-sources-2.6.21-r3 (12 Jun 2007)
62
63 12 Jun 2007; Christian Heim <phreak@gentoo.org>
64 +hardened-sources-2.6.21-r3.ebuild:
65 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
66 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
67 love.
68
69 *hardened-sources-2.6.20-r5 (11 Jun 2007)
70
71 11 Jun 2007; Christian Heim <phreak@gentoo.org>
72 +hardened-sources-2.6.20-r5.ebuild:
73 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
74 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
75 love.
76
77 *hardened-sources-2.4.34.5 (11 Jun 2007)
78
79 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
80 +hardened-sources-2.4.34.5.ebuild:
81 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
82
83 30 May 2007; Christian Heim <phreak@gentoo.org>
84 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
85 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
86 stale ebuild(s).
87
88 30 May 2007; Christian Heim <phreak@gentoo.org>
89 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
90 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
91 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
92 Doing some cleanups, remove stale ebuilds.
93
94 26 May 2007; Christian Heim <phreak@gentoo.org>
95 hardened-sources-2.6.21-r2.ebuild:
96 Fixing the grsecurity patch, had one '};' too much.
97
98 *hardened-sources-2.6.21-r2 (26 May 2007)
99
100 26 May 2007; Christian Heim <phreak@gentoo.org>
101 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
102 +hardened-sources-2.6.21-r2.ebuild:
103 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
104 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
105
106 *hardened-sources-2.6.20-r4 (26 May 2007)
107
108 26 May 2007; Christian Heim <phreak@gentoo.org>
109 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
110 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
111 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
112
113 15 May 2007; Christian Heim <phreak@gentoo.org>
114 hardened-sources-2.6.20-r3.ebuild:
115 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
116 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
117 grsecurity patch fail in that exact same hunk.
118
119 *hardened-sources-2.6.20-r3 (15 May 2007)
120
121 15 May 2007; Christian Heim <phreak@gentoo.org>
122 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
123 Revision bump, incorporating Linux 2.6.20.11.
124
125 *hardened-sources-2.6.21-r1 (11 May 2007)
126
127 11 May 2007; Christian Heim <phreak@gentoo.org>
128 +hardened-sources-2.6.21-r1.ebuild:
129 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
130 mentioned in #177234.
131
132 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
133 files/digest-hardened-sources-2.6.21, Manifest:
134 Fix Manifest/digest for linux-2.6.21.tar.bz2
135
136 06 May 2007; Christian Heim <phreak@gentoo.org>
137 hardened-sources-2.6.21.ebuild:
138 Bumping the hardened-patches version, needed for the fix for #177234.
139
140 *hardened-sources-2.6.21 (02 May 2007)
141
142 02 May 2007; Christian Heim <phreak@gentoo.org>
143 +hardened-sources-2.6.21.ebuild:
144 Version bump, Linux 2.6.21-hardened.
145
146 29 Apr 2007; Christian Heim <phreak@gentoo.org>
147 hardened-sources-2.6.20-r2.ebuild:
148 Adding ~ia64 on Ned's request.
149
150 29 Apr 2007; Christian Heim <phreak@gentoo.org>
151 hardened-sources-2.6.20-r2.ebuild:
152 Fixing the included grsecurity patch, wasn't alligning due to the Index:
153 header line(s).
154
155 29 Apr 2007; Christian Heim <phreak@gentoo.org>
156 hardened-sources-2.6.20-r2.ebuild:
157 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
158
159 *hardened-sources-2.6.20-r2 (10 Apr 2007)
160
161 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
162 +hardened-sources-2.6.20-r2.ebuild:
163 Version bump, on behalf of phreak
164
165 *hardened-sources-2.6.20-r1 (04 Apr 2007)
166
167 04 Apr 2007; Christian Heim <phreak@gentoo.org>
168 +hardened-sources-2.6.20-r1.ebuild:
169 Revision bump, grabbing a newer grsecurity snapshot.
170
171 *hardened-sources-2.6.20 (25 Mar 2007)
172
173 25 Mar 2007; Christian Heim <phreak@gentoo.org>
174 +hardened-sources-2.6.20.ebuild:
175 Finally a hardened-sources version for 2.6.20; many people have been waiting
176 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
177 testbox.
178
179 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
180 hardened-sources-2.6.18-r6.ebuild:
181 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
182
183 *hardened-sources-2.6.18-r6 (16 Mar 2007)
184
185 16 Mar 2007; Christian Heim <phreak@gentoo.org>
186 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
187 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
188 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
189 supposed to be.
190
191 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
192 Fixing the Manifest, the previous one was broken (as in still had the
193 deleted ebuild in it).
194
195 06 Mar 2007; Christian Heim <phreak@gentoo.org>
196 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
197 +hardened-sources-2.6.18-r5.ebuild:
198 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
199 Linux 2.6.18.8. Also cleaning up the older version.
200
201 *hardened-sources-2.6.18-r5 (06 Mar 2007)
202
203 06 Mar 2007; Christian Heim <phreak@gentoo.org>
204 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
205 +hardened-sources-2.6.18-r5.ebuild:
206 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
207 Linux 2.6.18.8. Also cleaning up the older version.
208
209 24 Feb 2007; Christian Heim <phreak@gentoo.org>
210 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
211 -hardened-sources-2.6.19-r5.ebuild:
212 Removing some of the old version, that didn't work.
213
214 *hardened-sources-2.6.19-r6 (12 Feb 2007)
215
216 12 Feb 2007; Christian Heim <phreak@gentoo.org>
217 +hardened-sources-2.6.19-r6.ebuild:
218 Revision bump, including a new grsec version fixing #166235.
219
220 *hardened-sources-2.4.34 (24 Jan 2007)
221
222 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
223 Manifest:
224 updating Manifest with checksums of new tarball and ebuild
225
226 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
227 +hardened-sources-2.4.34.ebuild:
228 I added new hardened sources 2.4 update, this is a critical path
229 security bugfix - all users of h-s are strongly advised
230 to update their existing hardened sources to this version.
231 It contains a fix for a kernel vulnerability that is pertaining
232 to the PaX changes to virtual memory management, possibly leading
233 to a local kernel exploit ... see grsecurity.net forums and homepage
234
235 23 Jan 2007; Christian Heim <phreak@gentoo.org>
236 files/digest-hardened-sources-2.6.19-r5, Manifest:
237 Fixing the patch-tarball digest.
238
239 *hardened-sources-2.6.19-r5 (23 Jan 2007)
240
241 23 Jan 2007; Christian Heim <phreak@gentoo.org>
242 +hardened-sources-2.6.19-r5.ebuild:
243 Revision bump, closing the recently discovered PaX expand_stack()
244 vulnerability.
245
246 *hardened-sources-2.6.19-r4 (14 Jan 2007)
247
248 14 Jan 2007; Christian Heim <phreak@gentoo.org>
249 +hardened-sources-2.6.19-r4.ebuild:
250 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
251 dropping the randomized PID feature.
252
253 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
254 hardened-sources-2.4.33.4.ebuild:
255 stable x86, bug #161171
256
257 *hardened-sources-2.6.19-r3 (27 Dec 2006)
258
259 27 Dec 2006; Christian Heim <phreak@gentoo.org>
260 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
261 Revision bump for bug #157186 and #158786.
262
263 *hardened-sources-2.6.18-r4 (27 Dec 2006)
264
265 27 Dec 2006; Christian Heim <phreak@gentoo.org>
266 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
267 Revision bump for bug #157186.
268
269 *hardened-sources-2.6.19-r2 (23 Dec 2006)
270
271 23 Dec 2006; Christian Heim <phreak@gentoo.org>
272 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
273 Revision bump to pull in genpatches-2.6.19-3 for #157186.
274
275 17 Dec 2006; Christian Heim <phreak@gentoo.org>
276 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
277 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
278 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
279 hardened-sources-2.6.19-r1.ebuild:
280 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
281 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
282
283 *hardened-sources-2.4.33.4 (17 Dec 2006)
284
285 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
286 +hardened-sources-2.4.33.4.ebuild:
287 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
288 and quilting
289
290 *hardened-sources-2.6.19-r1 (14 Dec 2006)
291
292 14 Dec 2006; Christian Heim <phreak@gentoo.org>
293 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
294 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
295 for reporting).
296
297 *hardened-sources-2.6.19 (13 Dec 2006)
298
299 13 Dec 2006; Christian Heim <phreak@gentoo.org>
300 +hardened-sources-2.6.19.ebuild:
301 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
302 Brad for providing that prompt update.
303
304 *hardened-sources-2.6.18-r3 (13 Dec 2006)
305
306 13 Dec 2006; Christian Heim <phreak@gentoo.org>
307 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
308 +hardened-sources-2.6.18-r3.ebuild:
309 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
310 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
311
312 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
313 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
314
315 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
316 Stable on ppc wrt bug 157356
317
318 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
319 hardened-sources-2.6.18.ebuild:
320 stable x86, bug #157356
321
322 *hardened-sources-2.6.18-r2 (06 Dec 2006)
323
324 06 Dec 2006; Christian Heim <phreak@gentoo.org>
325 +hardened-sources-2.6.18-r2.ebuild:
326 Revision bump, including 2.6.18.5 (via genpatches) and
327 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
328 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
329 redesign.
330
331 06 Dec 2006; Christian Heim <phreak@gentoo.org>
332 hardened-sources-2.6.18.ebuild:
333 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
334 of Mike Doty).
335
336 *hardened-sources-2.6.18-r1 (23 Nov 2006)
337
338 23 Nov 2006; Christian Heim <phreak@gentoo.org>
339 +hardened-sources-2.6.18-r1.ebuild:
340 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
341
342 *hardened-sources-2.6.18 (11 Nov 2006)
343
344 11 Nov 2006; Christian Heim <phreak@gentoo.org>
345 +hardened-sources-2.6.18.ebuild:
346 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
347
348 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
349 - mark amd64 stable also. bug #151877
350
351 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
352 - mark 2.6.17-r1 stable
353
354 27 Aug 2006; Christian Heim <phreak@gentoo.org>
355 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
356 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
357
358 *hardened-sources-2.6.17-r1 (26 Aug 2006)
359
360 26 Aug 2006; Christian Heim <phreak@gentoo.org>
361 +hardened-sources-2.6.17-r1.ebuild:
362 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
363 grsecurity patch.
364
365 *hardened-sources-2.6.17 (17 Aug 2006)
366
367 17 Aug 2006; Christian Heim <phreak@gentoo.org>
368 +hardened-sources-2.6.17.ebuild:
369 Bumping the hardened-sources-2.6 series to 2.6.17, using
370 genpatches-2.6.17-6.base.
371
372 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
373 - stable on x86 and amd64
374
375 *hardened-sources-2.6.16-r11 (15 Jul 2006)
376
377 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
378 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
379 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
380 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
381 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
382 crusty ebuilds
383
384 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
385 hardened-sources-2.6.16-r10.ebuild:
386 marking stable on x86 and amd64
387
388 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
389 - 2.4.32-r6 stable on x86. RSBAC state unknown
390
391 *hardened-sources-2.4.32-r7 (10 Jul 2006)
392
393 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
394 +hardened-sources-2.4.32-r7.ebuild:
395 Bump PaX for RSBAC to test-17
396
397 *hardened-sources-2.6.16-r9 (03 Jul 2006)
398
399 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
400 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
401 hardened-sources-2.6.16 bump to latest -base.
402
403 *hardened-sources-2.4.32-r6 (30 Jun 2006)
404
405 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
406 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
407 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
408 sysctl controlable resource logging
409
410 *hardened-sources-2.6.16-r7 (05 Jun 2006)
411
412 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
413 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
414 push new 2.6.16 release in preparation for stable
415
416 22 May 2006; <solar@gentoo.org> :
417 - redigest bug 134002
418
419 *hardened-sources-2.4.32-r5 (16 May 2006)
420
421 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
422 +hardened-sources-2.4.32-r5.ebuild:
423 Fixes rsbac common patching (new patch in new -r5 patchset)
424
425 *hardened-sources-2.4.32-r4 (13 May 2006)
426
427 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
428 +hardened-sources-2.4.32-r4.ebuild:
429 - security bumps
430
431 *hardened-sources-2.6.16-r6 (03 May 2006)
432
433 03 May 2006; John Mylchreest <johnm@gentoo.org>
434 +hardened-sources-2.6.16-r6.ebuild:
435 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
436
437 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
438 hardened-sources-2.6.14-r8.ebuild:
439 fix x86_64 build problem, this will delay the digest issue again for a short
440 while but it will sort itself out
441
442 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
443 hardened-sources-2.6.14-r8.ebuild:
444 bump hardened patchset
445
446 27 Apr 2006; Alec Warner <antarus@gentoo.org>
447 files/digest-hardened-sources-2.4.32-r2,
448 files/digest-hardened-sources-2.4.32-r3,
449 files/digest-hardened-sources-2.6.14-r8, Manifest:
450 Fixing duff SHA256 digests: Bug # 131293
451
452 *hardened-sources-2.6.16-r5 (27 Apr 2006)
453
454 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
455 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
456 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
457 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
458 cleanup of old uneccessary sources
459
460 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
461 fix digest
462
463 *hardened-sources-2.6.14-r8 (20 Apr 2006)
464
465 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
466 +hardened-sources-2.6.14-r8.ebuild:
467 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
468
469 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
470 Turning on gpg-signing again, and recomitting
471
472 *hardened-sources-2.6.16-r4 (20 Apr 2006)
473
474 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
475 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
476 +hardened-sources-2.6.16-r4.ebuild:
477 Fix numerous security vulns
478
479 *hardened-sources-2.4.32-r3 (16 Apr 2006)
480
481 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
482 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
483 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
484 - security bump for bug #112791. Removed old ebuilds
485
486 *hardened-sources-2.6.16-r3 (15 Apr 2006)
487
488 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
489 +hardened-sources-2.6.16-r3.ebuild:
490 Removing silly localversion which I missed
491
492 *hardened-sources-2.6.14-r7 (14 Apr 2006)
493
494 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
495 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
496 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
497
498 *hardened-sources-2.6.16-r2 (13 Apr 2006)
499
500 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
501 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
502 +hardened-sources-2.6.16-r2.ebuild:
503 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
504 labels, dropping USERGROUP define fixes, since these were merged mainstream.
505
506 *hardened-sources-2.6.16-r1 (11 Apr 2006)
507
508 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
509 +hardened-sources-2.6.16-r1.ebuild:
510 Bumping to include ppc build fix and 2.6.16.3
511
512 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
513 hardened-sources-2.6.14-r6.ebuild:
514 Stable on x86; bug #127718
515
516 *hardened-sources-2.6.16 (31 Mar 2006)
517
518 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
519 +hardened-sources-2.6.16.ebuild:
520 Bumping to new version of grsec, and kernel base. New squashfs. Based on
521 2.6.16.1
522
523 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
524 hardened-sources-2.6.14-r6.ebuild:
525 Stable on amd64, bug 127718.
526
527 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
528 Stable on ppc. Bug #127718
529
530 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
531 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
532 -hardened-sources-2.6.14-r4.ebuild:
533 Cleanup.
534
535 *hardened-sources-2.6.14-r6 (15 Mar 2006)
536
537 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
538 +hardened-sources-2.6.14-r6.ebuild:
539 Fixes grsec policy recreation bug and adds a
540 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
541
542 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
543 - stable on x86
544
545 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
546 hardened-sources-2.6.14-r5.ebuild:
547 Stable on ppc.
548
549 *hardened-sources-2.6.14-r5 (01 Feb 2006)
550
551 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
552 +hardened-sources-2.6.14-r5.ebuild:
553 fixing every known exploit
554
555 *hardened-sources-2.4.32-r2 (26 Jan 2006)
556
557 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
558 +hardened-sources-2.4.32-r2.ebuild:
559 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
560
561 *hardened-sources-2.6.14-r4 (12 Jan 2006)
562
563 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
564 - version bump for new genpatches which fix up a few sec holes
565
566 *hardened-sources-2.4.32-r1 (05 Jan 2006)
567
568 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
569 - revision bump to add misc vital linux kernel security patches.
570
571 *hardened-sources-2.6.14-r3 (30 Dec 2005)
572
573 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
574 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
575 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
576
577 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
578 hardened-sources-2.6.14-r2.ebuild:
579 making x86 & amd64 stable following testing.
580
581 *hardened-sources-2.6.14-r2 (27 Dec 2005)
582
583 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
584 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
585 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
586 network hooks.
587
588 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
589 hardened-sources-2.6.14-r1.ebuild:
590 bumping to stable early for sec fix on x86 & amd64
591
592 *hardened-sources-2.6.14-r1 (05 Dec 2005)
593
594 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
595 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
596 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
597
598 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
599 - stable on x86 security bug #114227 CAN-2005-3257
600
601 *hardened-sources-2.4.32 (19 Nov 2005)
602
603 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
604 +hardened-sources-2.4.32.ebuild:
605 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
606 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
607 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
608 rsbac >> /etc/portage/package.use)
609
610 *hardened-sources-2.6.14 (14 Nov 2005)
611
612 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
613 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
614 Bumping 2.6 series to 2.6.14.2
615
616 *hardened-sources-2.6.13-r2 (20 Oct 2005)
617
618 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
619 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
620 +hardened-sources-2.6.13-r2.ebuild:
621 Fixes minor build error in ppc.
622
623 *hardened-sources-2.6.13-r1 (17 Oct 2005)
624
625 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
626 +hardened-sources-2.6.13-r1.ebuild:
627 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
628 2.6.13.4, fixes some major amd64 stability problems.
629
630 *hardened-sources-2.6.13 (16 Sep 2005)
631
632 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
633 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
634 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
635 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
636 users should test this thoroughly.
637
638 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
639 - stable on x86
640
641 *hardened-sources-2.6.11-r15 (27 Jun 2005)
642
643 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
644 +hardened-sources-2.6.11-r15.ebuild:
645 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
646 grsec redefining curr_ip struct.
647
648 *hardened-sources-2.4.31 (20 Jun 2005)
649
650 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
651 initial import of 2.4.31 tree
652
653 *hardened-sources-2.6.11-r14 (14 Jun 2005)
654
655 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
656 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
657 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
658 naming scheme to abide by genpatches
659
660 *hardened-sources-2.6.11-r13 (18 May 2005)
661
662 18 May 2005; John Mylchreest <johnm@gentoo.org>
663 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
664 Managed to mangle the Makefile patch from grsec, to miss out the grsec
665 target. sorry about that. Fixes bug #93022
666
667 *hardened-sources-2.6.11-r12 (17 May 2005)
668
669 17 May 2005; John Mylchreest <johnm@gentoo.org>
670 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
671 +hardened-sources-2.6.11-r12.ebuild:
672 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
673 merges in genpatches-base
674
675 *hardened-sources-2.6.11-r12 (17 May 2005)
676
677 17 May 2005; John Mylchreest <johnm@gentoo.org>
678 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
679 +hardened-sources-2.6.11-r12.ebuild:
680 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
681 merges in genpatches-base
682
683 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
684 -files/2.4.27-cmdline-race.patch,
685 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
686 -files/2.4.28-grsec-binfmt_a.out.patch,
687 -files/2.4.28-grsec-cmdline-race.patch,
688 -files/2.4.28-selinux-binfmt_a.out.patch,
689 -files/2.4.28-selinux-cmdline-race.patch,
690 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
691 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
692 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
693 cleanup..
694
695 *hardened-sources-2.4.30-r1 (21 Apr 2005)
696
697 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
698 - disable aout by default
699
700 *hardened-sources-2.4.30 (18 Apr 2005)
701
702 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
703 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
704 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
705 use
706
707 *hardened-sources-2.4.29 (30 Mar 2005)
708
709 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
710 +hardened-sources-2.4.29.ebuild:
711 New hardened-patches-2.4-29.0 patchball.
712 Removed SELinux support, upgraded GRSecurity to 2.1.4.
713
714 *hardened-sources-2.4.28-r5 (06 Mar 2005)
715
716 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
717 +hardened-sources-2.4.28-r5.ebuild:
718 Added a fix for a PaX vulnerability.
719
720 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
721 hardened-sources-2.4.28-r4.ebuild:
722 Stable on x86
723
724 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
725 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
726 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
727 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
728 - fixed/added RDEPEND= in all kernel-2 ebuilds
729
730 *hardened-sources-2.4.28-r4 (21 Jan 2005)
731
732 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
733 +hardened-sources-2.4.28-r4.ebuild:
734 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
735 backport of neighbour hash updates.
736
737 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
738 hardened-sources-2.4.28-r3.ebuild:
739 Stable on x86
740
741 *hardened-sources-2.6.10-r3 (20 Jan 2005)
742
743 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
744 +hardened-sources-2.6.10-r3.ebuild:
745 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
746 in 2005.0
747
748 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
749 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
750 hardened-sources-2.4.28-r2.ebuild:
751 Mark stable on x86
752
753 *hardened-sources-2.4.28-r3 (17 Jan 2005)
754
755 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
756 +hardened-sources-2.4.28-r3.ebuild:
757 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
758
759 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
760 hardened-sources-2.4.28.ebuild:
761 Mark stable on x86.
762
763 *hardened-sources-2.4.28-r2 (13 Jan 2005)
764
765 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
766 +hardened-sources-2.4.28-r2.ebuild:
767 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
768 Mazinger for grsecurity patches as well.
769
770 *hardened-sources-2.4.28-r1 (23 Dec 2004)
771
772 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
773 Security bump. Thank tocharian for rolling a new patchset...
774
775 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
776 +files/2.4.28-grsec-cmdline-race.patch,
777 +files/2.4.28-selinux-binfmt_a.out.patch,
778 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
779 - Round up remaining security patches that appear to be missing in 2.4.28. -
780 PaX standalone updated to current. hgpv=28.1
781
782 *hardened-sources-2.4.28 (28 Nov 2004)
783
784 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
785 security bump. Thank tocharian for rolling a new patchset
786
787 *hardened-sources-2.4.27-r3 (08 Sep 2004)
788
789 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
790 +hardened-sources-2.4.27-r3.ebuild:
791 Applies the new 2.4-27.2 patchball which updates
792 GRSecurity to the 2.0.1 version.
793
794 *hardened-sources-2.4.27-r2 (31 Aug 2004)
795
796 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
797 +hardened-sources-2.4.27-r2.ebuild:
798 Version bump.
799 This version uses the new 2.4-27.1 patchball which updates
800 both the SELinux PaX hooks patch and the SELinux headers.
801
802 *hardened-sources-2.4.27-r1 (09 Aug 2004)
803
804 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
805 +hardened-sources-2.4.27-r1.ebuild,
806 -hardened-sources-2.4.27.ebuild,
807 +files/2.4.27-cmdline-race.patch:
808 Version bump, fix for cmdline race. See bug #59905.
809
810 *hardened-sources-2.4.26-r6 (09 Aug 2004)
811
812 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
813 +hardened-sources-2.4.26-r6.ebuild,
814 -hardened-sources-2.4.26-r5.ebuild,
815 -hardened-sources-2.4.26-r4.ebuild,
816 +files/2.4.26-cmdline-race.patch:
817 Version bump, fix for cmdline race. See bug #59905.
818
819 *hardened-sources-2.4.27 (08 Aug 2004)
820
821 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
822 +hardened-sources-2.4.27.ebuild,
823 +files/2.4.27-CAN-2004-0394.patch:
824 Ported the patchball to the 2.4.27 kernel version.
825
826 *hardened-sources-2.4.26-r5 (07 Aug 2004)
827
828 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
829 +hardened-sources-2.4.26-r5.ebuild:
830 Updated to use the new hardened-patches-2.4-26.1 patchball.
831 It adds the following features:
832 - Squashfs
833 - Ebtables
834 - Netdev random (core+drivers)
835 - Watchdog Timer (WDT) fix.
836
837 *hardened-sources-2.4.26-r4 (04 Aug 2004)
838
839 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
840 +hardened-sources-2.4.26-r4.ebuild,
841 +files/2.4.26-CAN-2004-0415.patch,
842 -hardened-sources-2.4.26-3:
843 Version bump, fix for CAN 0415, see bug #59378.
844
845 *hardened-sources-2.4.26-r3 (22 Jul 2004)
846
847 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
848 +hardened-sources-2.4.26-r3.ebuild,
849 +files/2.4.26-CAN-2004-0497.patch,
850 -hardened-sources-2.4.26-r2.ebuild:
851 Version bump, fixed CAN 0497, see bug #56171.
852
853 *hardened-sources-2.4.26-r2 (29 Jun 2004)
854
855 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
856 +hardened-sources-2.4.26-r2.ebuild,
857 +files/2.4.26-CAN-2004-0495.patch,
858 +files/2.4.26-CAN-2004-0535.patch,
859 -hardened-sources-2.4.26-r1.ebuild:
860 Fixes for both CAN 0495 and 0535, see bug #54976
861
862 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
863 hardened-sources-2.4.26-r1.ebuild:
864 QA - fix use invocation
865
866 *hardened-sources-2.4.26-r1 (22 June 2004)
867
868 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
869 +hardened-sources-2.4.26-r1.ebuild,
870 +files/2.4.26-CAN-2004-0394.patch,
871 +files/2.4.26-signal-race.patch,
872 -hardened-sources-2.4.26.ebuild,
873 -hardened-sources-2.4.24-r3.ebuild:
874 Version bump for the CAN-2004-0394 issue and bug #53804
875 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
876
877
878 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
879 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
880 Masked hardened-sources-2.4.26.ebuild broken for ppc
881
882 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
883 hardened-sources-2.4.24-r3.ebuild:
884 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
885
886 *hardened-sources-2.4.26 (29 May 2004)
887
888 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
889 +hardened-sources-2.4.26.ebuild:
890 Updated hardened-sources for the 2.4.26 kernel
891 Removed broken components, updated almost everything.
892
893 *hardened-sources-2.4.24-r3 (17 Apr 2004)
894
895 17 Apr 2004; <plasmaroo@gentoo.org>
896 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
897 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
898 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
899 +hardened-sources-2.4.24-r3.ebuild:
900 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
901 vulnerabilities. Old revisions removed.
902
903 *hardened-sources-2.4.24-r2 (15 Apr 2004)
904
905 15 Apr 2004; <plasmaroo@gentoo.org>
906 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
907 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
908 Version bump for the CAN-2004-0109 issue; bug #47881.
909
910 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
911 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
912 Add eutils to inherit.
913
914 *hardened-sources-2.4.24-r1 (19 Feb 2004)
915
916 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
917 files/hardened-sources-2.4.24.munmap.patch:
918 Added the patch for the mremap/munmap vulnerability. Bug #42024.
919
920 *hardened-sources-2.4.24 (06 Feb 2004)
921
922 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
923 hardened-sources-2.4.24.ebuild:
924 Version bump, updated most of the components.
925 This release includes the following:
926
927 - Hardened security
928 - Netfilter patch-o-matic 20031219
929 - FreeSWAN 2.04 & x509 1.4.8
930 - EVMS 2.2.2
931 - XFS 1.3.1
932 - cryptoloop jari
933 - grsecurity 2.0-rc4
934 - SELinux
935 - PaX 200402060000
936 - PaX Obscurity 200308302223
937 - Others...
938
939 Neither -ck nor systrace are included anymore.
940
941 *hardened-sources-2.4.22-r2 (05 Jan 2004)
942
943 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
944 hardened-sources-2.4.22-r2.ebuild:
945 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
946
947 *hardened-sources-2.4.22-r1 (02 Dec 2003)
948
949 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
950 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
951
952 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
953 hardened-sources-2.4.22-r1.ebuild:
954 Version bump for the 'do_brk' vulnerability.
955
956 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
957 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
958 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
959 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
960 Fix the 'do_brk' vulnerability.
961
962 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
963 hardened-sources-2.4.22.ebuild:
964 - Removed the src_install() portion for SELinux flask
965 components. These are no longer handled in the kernel
966 so this code was not necessary.
967
968 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
969 New 2.4.22 based hardened-sources thanks to
970 Phil West <p.west@computer.org>.
971
972 These sources include:
973 - New SELinux API
974 - Updated CK-base
975 - Updated GRSec
976 - Systrace
977 - SuperFreeS/WAN 1.99.8
978 - Propolice kernel build support
979 - EVMS
980 - Other various security related patches
981
982 *hardened-sources-2.4.21 (14 Sep 2003)
983
984 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
985 Updated hardened-sources based on the 2.4.21 Linux kernel.
986 This includes updates to most major components such as:
987 - ck-base-0306300059
988 - selinux-2.4-2003071106
989 - grsecurity-2.0-rc1
990 - Updated IPTables patch-o-matic
991 - Updated SuperFreeS/WAN
992
993 Thanks to Phil West <pwest@computer.org> for his work in getting this
994 updated patch set ready for the 2.4.21 based kernel.
995
996 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
997 Initial import of hardened-sources-2.4.20-r4. This revision
998 includes only a few changes, but one of these is an important
999 security fix. It is recommended all users of hardened-sources
1000 upgrade to this release.
1001
1002 - ioperm bug fix
1003 - fixed compilation failure when building without GRSec
1004
1005 SAL (Secure Auditing for Linux) is NOT included in this revision
1006 due to time constraints, but is planned for inclusion in the near
1007 future.
1008
1009 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1010
1011 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1012 hardened-sources-2.4.20-r3.ebuild:
1013 Add Header...
1014
1015 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1016 hardened-sources-2.4.20-r3.ebuild:
1017 Removed warnings from ebuild. This kernel should be safe to
1018 use at this point.
1019
1020 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1021
1022 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1023 hardened-sources-2.4.20-r3.ebuild:
1024 New revision. Includes the following changes over -r2:
1025
1026 - ck7-base (O(1), preempt, low latency)
1027 - Super FreeS/WAN 1.99.7rc2
1028 - PaX for the LSM/SELinux branch
1029 - GRSecurity 2.0-pre4 (role based access control)
1030 - Systrace 1.3
1031 - EXT3 fixes
1032 - EVMS 2.0.1
1033 - GCC 3.1+ compile optimizations
1034 - ProPolice kernel build support
1035 - Hashing table security fixes
1036
1037 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1038
1039 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1040 Initial import of hardened-sources-r2. This new
1041 ebuild includes many new performance and security
1042 related patches. As in -r1, it will patch in
1043 LSM/SELinux if "selinux" is in USE, otherwise it
1044 will patch in GRSecurity. The following patches
1045 are included in this revision:
1046
1047 - O(1) Scheduler, Low Latency, and Preempt
1048 (pulled from the base CK patch)
1049 - ptrace exploit patch for the LSM kernel
1050 (the GRSec patch already fixes this)
1051 - LSM 2.4-2003040709
1052 - SELinux 2.4-2003040709
1053 - Systrace v1.2
1054 - IPTables patch-o-matic base patches - 20030107
1055 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1056 - Super FreeS/WAN 1.99.6.1
1057 - GRSecurity 1.9.9g
1058 - MPPE
1059 - EXT3 data journal fix
1060 - CIPE 1.5.4
1061
1062 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1063 hardened-sources-2.4.20-r1.ebuild, manifest:
1064 Updated to install flask components correctly for selinux.
1065
1066 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1067 hardened-sources-2.4.20-r1.ebuild:
1068 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1069 is patched in instead. Ptrace patches for selinux have also been added. In
1070 either case, systrace support will be patched in as well.
1071
1072 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1073 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1074 Revision bump for new sources.
1075
1076 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1077 hardened-sources-2.4.20-r1.ebuild:
1078 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1079
1080 *hardened-sources-2.4.20 (30 Mar 2003)
1081
1082 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1083 hardened-sources-2.4.20.ebuild:
1084 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20