/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.171 - (show annotations) (download)
Thu Aug 16 20:02:59 2007 UTC (6 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.170: +7 -1 lines
Version bump, initial version for Linux 2.4.35.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.170 2007/08/16 16:19:06 phreak Exp $
4
5 *hardened-sources-2.4.35 (16 Aug 2007)
6
7 16 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.4.35.ebuild:
9 Version bump, initial version for Linux 2.4.35.
10
11 *hardened-sources-2.6.21-r4 (16 Aug 2007)
12
13 16 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.21-r4.ebuild:
15 Revision bump for Linux 2.6.21.6.
16
17 *hardened-sources-2.6.20-r7 (16 Aug 2007)
18
19 16 Aug 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.20-r7.ebuild:
21 Revision bump for Linux 2.6.20.16.
22
23 *hardened-sources-2.6.22-r1 (13 Aug 2007)
24
25 13 Aug 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.6.22-r1.ebuild:
27 Yet another revision bump.
28
29 *hardened-sources-2.6.22 (10 Aug 2007)
30
31 10 Aug 2007; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.6.22.ebuild:
33 Initial release for 2.6.22. If you are using hardened-sources on a desktop
34 machine (P4 or newer), be aware you might need to disable
35 CONFIG_PAX_PAGEEXEC.
36
37 04 Aug 2007; Christian Heim <phreak@gentoo.org>
38 hardened-sources-2.6.20-r6.ebuild:
39 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
40 2.6.20.15.
41
42 10 Jul 2007; Christian Heim <phreak@gentoo.org>
43 hardened-sources-2.6.20-r5.ebuild:
44 Marking hardened-sources-2.6.20-r5 stable on ppc.
45
46 10 Jul 2007; Christian Heim <phreak@gentoo.org>
47 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
48 Cleanup.
49
50 *hardened-sources-2.6.20-r6 (08 Jul 2007)
51
52 08 Jul 2007; Christian Heim <phreak@gentoo.org>
53 +hardened-sources-2.6.20-r6.ebuild:
54 Revision bump, grabbing yet another stable release.
55
56 17 Jun 2007; Christian Heim <phreak@gentoo.org>
57 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
58 -hardened-sources-2.6.21-r2.ebuild:
59 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
60 alpha stable KEYWORD by mistake.
61
62 17 Jun 2007; Christian Heim <phreak@gentoo.org>
63 hardened-sources-2.6.20-r5.ebuild:
64 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
65 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
66
67 *hardened-sources-2.6.21-r3 (12 Jun 2007)
68
69 12 Jun 2007; Christian Heim <phreak@gentoo.org>
70 +hardened-sources-2.6.21-r3.ebuild:
71 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
72 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
73 love.
74
75 *hardened-sources-2.6.20-r5 (11 Jun 2007)
76
77 11 Jun 2007; Christian Heim <phreak@gentoo.org>
78 +hardened-sources-2.6.20-r5.ebuild:
79 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
80 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
81 love.
82
83 *hardened-sources-2.4.34.5 (11 Jun 2007)
84
85 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
86 +hardened-sources-2.4.34.5.ebuild:
87 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
88
89 30 May 2007; Christian Heim <phreak@gentoo.org>
90 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
91 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
92 stale ebuild(s).
93
94 30 May 2007; Christian Heim <phreak@gentoo.org>
95 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
96 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
97 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
98 Doing some cleanups, remove stale ebuilds.
99
100 26 May 2007; Christian Heim <phreak@gentoo.org>
101 hardened-sources-2.6.21-r2.ebuild:
102 Fixing the grsecurity patch, had one '};' too much.
103
104 *hardened-sources-2.6.21-r2 (26 May 2007)
105
106 26 May 2007; Christian Heim <phreak@gentoo.org>
107 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
108 +hardened-sources-2.6.21-r2.ebuild:
109 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
110 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
111
112 *hardened-sources-2.6.20-r4 (26 May 2007)
113
114 26 May 2007; Christian Heim <phreak@gentoo.org>
115 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
116 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
117 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
118
119 15 May 2007; Christian Heim <phreak@gentoo.org>
120 hardened-sources-2.6.20-r3.ebuild:
121 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
122 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
123 grsecurity patch fail in that exact same hunk.
124
125 *hardened-sources-2.6.20-r3 (15 May 2007)
126
127 15 May 2007; Christian Heim <phreak@gentoo.org>
128 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
129 Revision bump, incorporating Linux 2.6.20.11.
130
131 *hardened-sources-2.6.21-r1 (11 May 2007)
132
133 11 May 2007; Christian Heim <phreak@gentoo.org>
134 +hardened-sources-2.6.21-r1.ebuild:
135 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
136 mentioned in #177234.
137
138 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
139 files/digest-hardened-sources-2.6.21, Manifest:
140 Fix Manifest/digest for linux-2.6.21.tar.bz2
141
142 06 May 2007; Christian Heim <phreak@gentoo.org>
143 hardened-sources-2.6.21.ebuild:
144 Bumping the hardened-patches version, needed for the fix for #177234.
145
146 *hardened-sources-2.6.21 (02 May 2007)
147
148 02 May 2007; Christian Heim <phreak@gentoo.org>
149 +hardened-sources-2.6.21.ebuild:
150 Version bump, Linux 2.6.21-hardened.
151
152 29 Apr 2007; Christian Heim <phreak@gentoo.org>
153 hardened-sources-2.6.20-r2.ebuild:
154 Adding ~ia64 on Ned's request.
155
156 29 Apr 2007; Christian Heim <phreak@gentoo.org>
157 hardened-sources-2.6.20-r2.ebuild:
158 Fixing the included grsecurity patch, wasn't alligning due to the Index:
159 header line(s).
160
161 29 Apr 2007; Christian Heim <phreak@gentoo.org>
162 hardened-sources-2.6.20-r2.ebuild:
163 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
164
165 *hardened-sources-2.6.20-r2 (10 Apr 2007)
166
167 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
168 +hardened-sources-2.6.20-r2.ebuild:
169 Version bump, on behalf of phreak
170
171 *hardened-sources-2.6.20-r1 (04 Apr 2007)
172
173 04 Apr 2007; Christian Heim <phreak@gentoo.org>
174 +hardened-sources-2.6.20-r1.ebuild:
175 Revision bump, grabbing a newer grsecurity snapshot.
176
177 *hardened-sources-2.6.20 (25 Mar 2007)
178
179 25 Mar 2007; Christian Heim <phreak@gentoo.org>
180 +hardened-sources-2.6.20.ebuild:
181 Finally a hardened-sources version for 2.6.20; many people have been waiting
182 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
183 testbox.
184
185 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
186 hardened-sources-2.6.18-r6.ebuild:
187 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
188
189 *hardened-sources-2.6.18-r6 (16 Mar 2007)
190
191 16 Mar 2007; Christian Heim <phreak@gentoo.org>
192 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
193 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
194 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
195 supposed to be.
196
197 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
198 Fixing the Manifest, the previous one was broken (as in still had the
199 deleted ebuild in it).
200
201 06 Mar 2007; Christian Heim <phreak@gentoo.org>
202 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
203 +hardened-sources-2.6.18-r5.ebuild:
204 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
205 Linux 2.6.18.8. Also cleaning up the older version.
206
207 *hardened-sources-2.6.18-r5 (06 Mar 2007)
208
209 06 Mar 2007; Christian Heim <phreak@gentoo.org>
210 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
211 +hardened-sources-2.6.18-r5.ebuild:
212 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
213 Linux 2.6.18.8. Also cleaning up the older version.
214
215 24 Feb 2007; Christian Heim <phreak@gentoo.org>
216 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
217 -hardened-sources-2.6.19-r5.ebuild:
218 Removing some of the old version, that didn't work.
219
220 *hardened-sources-2.6.19-r6 (12 Feb 2007)
221
222 12 Feb 2007; Christian Heim <phreak@gentoo.org>
223 +hardened-sources-2.6.19-r6.ebuild:
224 Revision bump, including a new grsec version fixing #166235.
225
226 *hardened-sources-2.4.34 (24 Jan 2007)
227
228 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
229 Manifest:
230 updating Manifest with checksums of new tarball and ebuild
231
232 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
233 +hardened-sources-2.4.34.ebuild:
234 I added new hardened sources 2.4 update, this is a critical path
235 security bugfix - all users of h-s are strongly advised
236 to update their existing hardened sources to this version.
237 It contains a fix for a kernel vulnerability that is pertaining
238 to the PaX changes to virtual memory management, possibly leading
239 to a local kernel exploit ... see grsecurity.net forums and homepage
240
241 23 Jan 2007; Christian Heim <phreak@gentoo.org>
242 files/digest-hardened-sources-2.6.19-r5, Manifest:
243 Fixing the patch-tarball digest.
244
245 *hardened-sources-2.6.19-r5 (23 Jan 2007)
246
247 23 Jan 2007; Christian Heim <phreak@gentoo.org>
248 +hardened-sources-2.6.19-r5.ebuild:
249 Revision bump, closing the recently discovered PaX expand_stack()
250 vulnerability.
251
252 *hardened-sources-2.6.19-r4 (14 Jan 2007)
253
254 14 Jan 2007; Christian Heim <phreak@gentoo.org>
255 +hardened-sources-2.6.19-r4.ebuild:
256 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
257 dropping the randomized PID feature.
258
259 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
260 hardened-sources-2.4.33.4.ebuild:
261 stable x86, bug #161171
262
263 *hardened-sources-2.6.19-r3 (27 Dec 2006)
264
265 27 Dec 2006; Christian Heim <phreak@gentoo.org>
266 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
267 Revision bump for bug #157186 and #158786.
268
269 *hardened-sources-2.6.18-r4 (27 Dec 2006)
270
271 27 Dec 2006; Christian Heim <phreak@gentoo.org>
272 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
273 Revision bump for bug #157186.
274
275 *hardened-sources-2.6.19-r2 (23 Dec 2006)
276
277 23 Dec 2006; Christian Heim <phreak@gentoo.org>
278 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
279 Revision bump to pull in genpatches-2.6.19-3 for #157186.
280
281 17 Dec 2006; Christian Heim <phreak@gentoo.org>
282 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
283 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
284 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
285 hardened-sources-2.6.19-r1.ebuild:
286 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
287 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
288
289 *hardened-sources-2.4.33.4 (17 Dec 2006)
290
291 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
292 +hardened-sources-2.4.33.4.ebuild:
293 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
294 and quilting
295
296 *hardened-sources-2.6.19-r1 (14 Dec 2006)
297
298 14 Dec 2006; Christian Heim <phreak@gentoo.org>
299 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
300 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
301 for reporting).
302
303 *hardened-sources-2.6.19 (13 Dec 2006)
304
305 13 Dec 2006; Christian Heim <phreak@gentoo.org>
306 +hardened-sources-2.6.19.ebuild:
307 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
308 Brad for providing that prompt update.
309
310 *hardened-sources-2.6.18-r3 (13 Dec 2006)
311
312 13 Dec 2006; Christian Heim <phreak@gentoo.org>
313 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
314 +hardened-sources-2.6.18-r3.ebuild:
315 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
316 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
317
318 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
319 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
320
321 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
322 Stable on ppc wrt bug 157356
323
324 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
325 hardened-sources-2.6.18.ebuild:
326 stable x86, bug #157356
327
328 *hardened-sources-2.6.18-r2 (06 Dec 2006)
329
330 06 Dec 2006; Christian Heim <phreak@gentoo.org>
331 +hardened-sources-2.6.18-r2.ebuild:
332 Revision bump, including 2.6.18.5 (via genpatches) and
333 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
334 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
335 redesign.
336
337 06 Dec 2006; Christian Heim <phreak@gentoo.org>
338 hardened-sources-2.6.18.ebuild:
339 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
340 of Mike Doty).
341
342 *hardened-sources-2.6.18-r1 (23 Nov 2006)
343
344 23 Nov 2006; Christian Heim <phreak@gentoo.org>
345 +hardened-sources-2.6.18-r1.ebuild:
346 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
347
348 *hardened-sources-2.6.18 (11 Nov 2006)
349
350 11 Nov 2006; Christian Heim <phreak@gentoo.org>
351 +hardened-sources-2.6.18.ebuild:
352 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
353
354 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
355 - mark amd64 stable also. bug #151877
356
357 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
358 - mark 2.6.17-r1 stable
359
360 27 Aug 2006; Christian Heim <phreak@gentoo.org>
361 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
362 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
363
364 *hardened-sources-2.6.17-r1 (26 Aug 2006)
365
366 26 Aug 2006; Christian Heim <phreak@gentoo.org>
367 +hardened-sources-2.6.17-r1.ebuild:
368 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
369 grsecurity patch.
370
371 *hardened-sources-2.6.17 (17 Aug 2006)
372
373 17 Aug 2006; Christian Heim <phreak@gentoo.org>
374 +hardened-sources-2.6.17.ebuild:
375 Bumping the hardened-sources-2.6 series to 2.6.17, using
376 genpatches-2.6.17-6.base.
377
378 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
379 - stable on x86 and amd64
380
381 *hardened-sources-2.6.16-r11 (15 Jul 2006)
382
383 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
384 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
385 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
386 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
387 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
388 crusty ebuilds
389
390 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
391 hardened-sources-2.6.16-r10.ebuild:
392 marking stable on x86 and amd64
393
394 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
395 - 2.4.32-r6 stable on x86. RSBAC state unknown
396
397 *hardened-sources-2.4.32-r7 (10 Jul 2006)
398
399 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
400 +hardened-sources-2.4.32-r7.ebuild:
401 Bump PaX for RSBAC to test-17
402
403 *hardened-sources-2.6.16-r9 (03 Jul 2006)
404
405 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
406 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
407 hardened-sources-2.6.16 bump to latest -base.
408
409 *hardened-sources-2.4.32-r6 (30 Jun 2006)
410
411 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
412 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
413 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
414 sysctl controlable resource logging
415
416 *hardened-sources-2.6.16-r7 (05 Jun 2006)
417
418 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
419 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
420 push new 2.6.16 release in preparation for stable
421
422 22 May 2006; <solar@gentoo.org> :
423 - redigest bug 134002
424
425 *hardened-sources-2.4.32-r5 (16 May 2006)
426
427 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
428 +hardened-sources-2.4.32-r5.ebuild:
429 Fixes rsbac common patching (new patch in new -r5 patchset)
430
431 *hardened-sources-2.4.32-r4 (13 May 2006)
432
433 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
434 +hardened-sources-2.4.32-r4.ebuild:
435 - security bumps
436
437 *hardened-sources-2.6.16-r6 (03 May 2006)
438
439 03 May 2006; John Mylchreest <johnm@gentoo.org>
440 +hardened-sources-2.6.16-r6.ebuild:
441 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
442
443 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
444 hardened-sources-2.6.14-r8.ebuild:
445 fix x86_64 build problem, this will delay the digest issue again for a short
446 while but it will sort itself out
447
448 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
449 hardened-sources-2.6.14-r8.ebuild:
450 bump hardened patchset
451
452 27 Apr 2006; Alec Warner <antarus@gentoo.org>
453 files/digest-hardened-sources-2.4.32-r2,
454 files/digest-hardened-sources-2.4.32-r3,
455 files/digest-hardened-sources-2.6.14-r8, Manifest:
456 Fixing duff SHA256 digests: Bug # 131293
457
458 *hardened-sources-2.6.16-r5 (27 Apr 2006)
459
460 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
461 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
462 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
463 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
464 cleanup of old uneccessary sources
465
466 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
467 fix digest
468
469 *hardened-sources-2.6.14-r8 (20 Apr 2006)
470
471 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
472 +hardened-sources-2.6.14-r8.ebuild:
473 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
474
475 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
476 Turning on gpg-signing again, and recomitting
477
478 *hardened-sources-2.6.16-r4 (20 Apr 2006)
479
480 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
481 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
482 +hardened-sources-2.6.16-r4.ebuild:
483 Fix numerous security vulns
484
485 *hardened-sources-2.4.32-r3 (16 Apr 2006)
486
487 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
488 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
489 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
490 - security bump for bug #112791. Removed old ebuilds
491
492 *hardened-sources-2.6.16-r3 (15 Apr 2006)
493
494 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
495 +hardened-sources-2.6.16-r3.ebuild:
496 Removing silly localversion which I missed
497
498 *hardened-sources-2.6.14-r7 (14 Apr 2006)
499
500 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
501 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
502 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
503
504 *hardened-sources-2.6.16-r2 (13 Apr 2006)
505
506 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
507 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
508 +hardened-sources-2.6.16-r2.ebuild:
509 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
510 labels, dropping USERGROUP define fixes, since these were merged mainstream.
511
512 *hardened-sources-2.6.16-r1 (11 Apr 2006)
513
514 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
515 +hardened-sources-2.6.16-r1.ebuild:
516 Bumping to include ppc build fix and 2.6.16.3
517
518 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
519 hardened-sources-2.6.14-r6.ebuild:
520 Stable on x86; bug #127718
521
522 *hardened-sources-2.6.16 (31 Mar 2006)
523
524 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
525 +hardened-sources-2.6.16.ebuild:
526 Bumping to new version of grsec, and kernel base. New squashfs. Based on
527 2.6.16.1
528
529 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
530 hardened-sources-2.6.14-r6.ebuild:
531 Stable on amd64, bug 127718.
532
533 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
534 Stable on ppc. Bug #127718
535
536 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
537 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
538 -hardened-sources-2.6.14-r4.ebuild:
539 Cleanup.
540
541 *hardened-sources-2.6.14-r6 (15 Mar 2006)
542
543 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
544 +hardened-sources-2.6.14-r6.ebuild:
545 Fixes grsec policy recreation bug and adds a
546 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
547
548 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
549 - stable on x86
550
551 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
552 hardened-sources-2.6.14-r5.ebuild:
553 Stable on ppc.
554
555 *hardened-sources-2.6.14-r5 (01 Feb 2006)
556
557 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
558 +hardened-sources-2.6.14-r5.ebuild:
559 fixing every known exploit
560
561 *hardened-sources-2.4.32-r2 (26 Jan 2006)
562
563 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
564 +hardened-sources-2.4.32-r2.ebuild:
565 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
566
567 *hardened-sources-2.6.14-r4 (12 Jan 2006)
568
569 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
570 - version bump for new genpatches which fix up a few sec holes
571
572 *hardened-sources-2.4.32-r1 (05 Jan 2006)
573
574 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
575 - revision bump to add misc vital linux kernel security patches.
576
577 *hardened-sources-2.6.14-r3 (30 Dec 2005)
578
579 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
580 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
581 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
582
583 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
584 hardened-sources-2.6.14-r2.ebuild:
585 making x86 & amd64 stable following testing.
586
587 *hardened-sources-2.6.14-r2 (27 Dec 2005)
588
589 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
590 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
591 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
592 network hooks.
593
594 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
595 hardened-sources-2.6.14-r1.ebuild:
596 bumping to stable early for sec fix on x86 & amd64
597
598 *hardened-sources-2.6.14-r1 (05 Dec 2005)
599
600 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
601 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
602 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
603
604 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
605 - stable on x86 security bug #114227 CAN-2005-3257
606
607 *hardened-sources-2.4.32 (19 Nov 2005)
608
609 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
610 +hardened-sources-2.4.32.ebuild:
611 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
612 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
613 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
614 rsbac >> /etc/portage/package.use)
615
616 *hardened-sources-2.6.14 (14 Nov 2005)
617
618 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
619 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
620 Bumping 2.6 series to 2.6.14.2
621
622 *hardened-sources-2.6.13-r2 (20 Oct 2005)
623
624 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
625 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
626 +hardened-sources-2.6.13-r2.ebuild:
627 Fixes minor build error in ppc.
628
629 *hardened-sources-2.6.13-r1 (17 Oct 2005)
630
631 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
632 +hardened-sources-2.6.13-r1.ebuild:
633 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
634 2.6.13.4, fixes some major amd64 stability problems.
635
636 *hardened-sources-2.6.13 (16 Sep 2005)
637
638 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
639 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
640 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
641 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
642 users should test this thoroughly.
643
644 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
645 - stable on x86
646
647 *hardened-sources-2.6.11-r15 (27 Jun 2005)
648
649 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
650 +hardened-sources-2.6.11-r15.ebuild:
651 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
652 grsec redefining curr_ip struct.
653
654 *hardened-sources-2.4.31 (20 Jun 2005)
655
656 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
657 initial import of 2.4.31 tree
658
659 *hardened-sources-2.6.11-r14 (14 Jun 2005)
660
661 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
662 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
663 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
664 naming scheme to abide by genpatches
665
666 *hardened-sources-2.6.11-r13 (18 May 2005)
667
668 18 May 2005; John Mylchreest <johnm@gentoo.org>
669 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
670 Managed to mangle the Makefile patch from grsec, to miss out the grsec
671 target. sorry about that. Fixes bug #93022
672
673 *hardened-sources-2.6.11-r12 (17 May 2005)
674
675 17 May 2005; John Mylchreest <johnm@gentoo.org>
676 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
677 +hardened-sources-2.6.11-r12.ebuild:
678 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
679 merges in genpatches-base
680
681 *hardened-sources-2.6.11-r12 (17 May 2005)
682
683 17 May 2005; John Mylchreest <johnm@gentoo.org>
684 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
685 +hardened-sources-2.6.11-r12.ebuild:
686 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
687 merges in genpatches-base
688
689 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
690 -files/2.4.27-cmdline-race.patch,
691 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
692 -files/2.4.28-grsec-binfmt_a.out.patch,
693 -files/2.4.28-grsec-cmdline-race.patch,
694 -files/2.4.28-selinux-binfmt_a.out.patch,
695 -files/2.4.28-selinux-cmdline-race.patch,
696 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
697 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
698 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
699 cleanup..
700
701 *hardened-sources-2.4.30-r1 (21 Apr 2005)
702
703 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
704 - disable aout by default
705
706 *hardened-sources-2.4.30 (18 Apr 2005)
707
708 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
709 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
710 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
711 use
712
713 *hardened-sources-2.4.29 (30 Mar 2005)
714
715 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
716 +hardened-sources-2.4.29.ebuild:
717 New hardened-patches-2.4-29.0 patchball.
718 Removed SELinux support, upgraded GRSecurity to 2.1.4.
719
720 *hardened-sources-2.4.28-r5 (06 Mar 2005)
721
722 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
723 +hardened-sources-2.4.28-r5.ebuild:
724 Added a fix for a PaX vulnerability.
725
726 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
727 hardened-sources-2.4.28-r4.ebuild:
728 Stable on x86
729
730 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
731 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
732 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
733 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
734 - fixed/added RDEPEND= in all kernel-2 ebuilds
735
736 *hardened-sources-2.4.28-r4 (21 Jan 2005)
737
738 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
739 +hardened-sources-2.4.28-r4.ebuild:
740 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
741 backport of neighbour hash updates.
742
743 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
744 hardened-sources-2.4.28-r3.ebuild:
745 Stable on x86
746
747 *hardened-sources-2.6.10-r3 (20 Jan 2005)
748
749 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
750 +hardened-sources-2.6.10-r3.ebuild:
751 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
752 in 2005.0
753
754 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
755 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
756 hardened-sources-2.4.28-r2.ebuild:
757 Mark stable on x86
758
759 *hardened-sources-2.4.28-r3 (17 Jan 2005)
760
761 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
762 +hardened-sources-2.4.28-r3.ebuild:
763 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
764
765 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
766 hardened-sources-2.4.28.ebuild:
767 Mark stable on x86.
768
769 *hardened-sources-2.4.28-r2 (13 Jan 2005)
770
771 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772 +hardened-sources-2.4.28-r2.ebuild:
773 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
774 Mazinger for grsecurity patches as well.
775
776 *hardened-sources-2.4.28-r1 (23 Dec 2004)
777
778 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
779 Security bump. Thank tocharian for rolling a new patchset...
780
781 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
782 +files/2.4.28-grsec-cmdline-race.patch,
783 +files/2.4.28-selinux-binfmt_a.out.patch,
784 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
785 - Round up remaining security patches that appear to be missing in 2.4.28. -
786 PaX standalone updated to current. hgpv=28.1
787
788 *hardened-sources-2.4.28 (28 Nov 2004)
789
790 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
791 security bump. Thank tocharian for rolling a new patchset
792
793 *hardened-sources-2.4.27-r3 (08 Sep 2004)
794
795 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
796 +hardened-sources-2.4.27-r3.ebuild:
797 Applies the new 2.4-27.2 patchball which updates
798 GRSecurity to the 2.0.1 version.
799
800 *hardened-sources-2.4.27-r2 (31 Aug 2004)
801
802 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
803 +hardened-sources-2.4.27-r2.ebuild:
804 Version bump.
805 This version uses the new 2.4-27.1 patchball which updates
806 both the SELinux PaX hooks patch and the SELinux headers.
807
808 *hardened-sources-2.4.27-r1 (09 Aug 2004)
809
810 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
811 +hardened-sources-2.4.27-r1.ebuild,
812 -hardened-sources-2.4.27.ebuild,
813 +files/2.4.27-cmdline-race.patch:
814 Version bump, fix for cmdline race. See bug #59905.
815
816 *hardened-sources-2.4.26-r6 (09 Aug 2004)
817
818 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
819 +hardened-sources-2.4.26-r6.ebuild,
820 -hardened-sources-2.4.26-r5.ebuild,
821 -hardened-sources-2.4.26-r4.ebuild,
822 +files/2.4.26-cmdline-race.patch:
823 Version bump, fix for cmdline race. See bug #59905.
824
825 *hardened-sources-2.4.27 (08 Aug 2004)
826
827 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
828 +hardened-sources-2.4.27.ebuild,
829 +files/2.4.27-CAN-2004-0394.patch:
830 Ported the patchball to the 2.4.27 kernel version.
831
832 *hardened-sources-2.4.26-r5 (07 Aug 2004)
833
834 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
835 +hardened-sources-2.4.26-r5.ebuild:
836 Updated to use the new hardened-patches-2.4-26.1 patchball.
837 It adds the following features:
838 - Squashfs
839 - Ebtables
840 - Netdev random (core+drivers)
841 - Watchdog Timer (WDT) fix.
842
843 *hardened-sources-2.4.26-r4 (04 Aug 2004)
844
845 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
846 +hardened-sources-2.4.26-r4.ebuild,
847 +files/2.4.26-CAN-2004-0415.patch,
848 -hardened-sources-2.4.26-3:
849 Version bump, fix for CAN 0415, see bug #59378.
850
851 *hardened-sources-2.4.26-r3 (22 Jul 2004)
852
853 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
854 +hardened-sources-2.4.26-r3.ebuild,
855 +files/2.4.26-CAN-2004-0497.patch,
856 -hardened-sources-2.4.26-r2.ebuild:
857 Version bump, fixed CAN 0497, see bug #56171.
858
859 *hardened-sources-2.4.26-r2 (29 Jun 2004)
860
861 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
862 +hardened-sources-2.4.26-r2.ebuild,
863 +files/2.4.26-CAN-2004-0495.patch,
864 +files/2.4.26-CAN-2004-0535.patch,
865 -hardened-sources-2.4.26-r1.ebuild:
866 Fixes for both CAN 0495 and 0535, see bug #54976
867
868 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
869 hardened-sources-2.4.26-r1.ebuild:
870 QA - fix use invocation
871
872 *hardened-sources-2.4.26-r1 (22 June 2004)
873
874 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
875 +hardened-sources-2.4.26-r1.ebuild,
876 +files/2.4.26-CAN-2004-0394.patch,
877 +files/2.4.26-signal-race.patch,
878 -hardened-sources-2.4.26.ebuild,
879 -hardened-sources-2.4.24-r3.ebuild:
880 Version bump for the CAN-2004-0394 issue and bug #53804
881 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
882
883
884 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
885 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
886 Masked hardened-sources-2.4.26.ebuild broken for ppc
887
888 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
889 hardened-sources-2.4.24-r3.ebuild:
890 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
891
892 *hardened-sources-2.4.26 (29 May 2004)
893
894 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
895 +hardened-sources-2.4.26.ebuild:
896 Updated hardened-sources for the 2.4.26 kernel
897 Removed broken components, updated almost everything.
898
899 *hardened-sources-2.4.24-r3 (17 Apr 2004)
900
901 17 Apr 2004; <plasmaroo@gentoo.org>
902 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
903 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
904 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
905 +hardened-sources-2.4.24-r3.ebuild:
906 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
907 vulnerabilities. Old revisions removed.
908
909 *hardened-sources-2.4.24-r2 (15 Apr 2004)
910
911 15 Apr 2004; <plasmaroo@gentoo.org>
912 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
913 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
914 Version bump for the CAN-2004-0109 issue; bug #47881.
915
916 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
917 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
918 Add eutils to inherit.
919
920 *hardened-sources-2.4.24-r1 (19 Feb 2004)
921
922 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
923 files/hardened-sources-2.4.24.munmap.patch:
924 Added the patch for the mremap/munmap vulnerability. Bug #42024.
925
926 *hardened-sources-2.4.24 (06 Feb 2004)
927
928 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
929 hardened-sources-2.4.24.ebuild:
930 Version bump, updated most of the components.
931 This release includes the following:
932
933 - Hardened security
934 - Netfilter patch-o-matic 20031219
935 - FreeSWAN 2.04 & x509 1.4.8
936 - EVMS 2.2.2
937 - XFS 1.3.1
938 - cryptoloop jari
939 - grsecurity 2.0-rc4
940 - SELinux
941 - PaX 200402060000
942 - PaX Obscurity 200308302223
943 - Others...
944
945 Neither -ck nor systrace are included anymore.
946
947 *hardened-sources-2.4.22-r2 (05 Jan 2004)
948
949 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
950 hardened-sources-2.4.22-r2.ebuild:
951 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
952
953 *hardened-sources-2.4.22-r1 (02 Dec 2003)
954
955 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
956 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
957
958 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
959 hardened-sources-2.4.22-r1.ebuild:
960 Version bump for the 'do_brk' vulnerability.
961
962 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
963 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
964 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
965 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
966 Fix the 'do_brk' vulnerability.
967
968 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
969 hardened-sources-2.4.22.ebuild:
970 - Removed the src_install() portion for SELinux flask
971 components. These are no longer handled in the kernel
972 so this code was not necessary.
973
974 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
975 New 2.4.22 based hardened-sources thanks to
976 Phil West <p.west@computer.org>.
977
978 These sources include:
979 - New SELinux API
980 - Updated CK-base
981 - Updated GRSec
982 - Systrace
983 - SuperFreeS/WAN 1.99.8
984 - Propolice kernel build support
985 - EVMS
986 - Other various security related patches
987
988 *hardened-sources-2.4.21 (14 Sep 2003)
989
990 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
991 Updated hardened-sources based on the 2.4.21 Linux kernel.
992 This includes updates to most major components such as:
993 - ck-base-0306300059
994 - selinux-2.4-2003071106
995 - grsecurity-2.0-rc1
996 - Updated IPTables patch-o-matic
997 - Updated SuperFreeS/WAN
998
999 Thanks to Phil West <pwest@computer.org> for his work in getting this
1000 updated patch set ready for the 2.4.21 based kernel.
1001
1002 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1003 Initial import of hardened-sources-2.4.20-r4. This revision
1004 includes only a few changes, but one of these is an important
1005 security fix. It is recommended all users of hardened-sources
1006 upgrade to this release.
1007
1008 - ioperm bug fix
1009 - fixed compilation failure when building without GRSec
1010
1011 SAL (Secure Auditing for Linux) is NOT included in this revision
1012 due to time constraints, but is planned for inclusion in the near
1013 future.
1014
1015 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1016
1017 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1018 hardened-sources-2.4.20-r3.ebuild:
1019 Add Header...
1020
1021 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1022 hardened-sources-2.4.20-r3.ebuild:
1023 Removed warnings from ebuild. This kernel should be safe to
1024 use at this point.
1025
1026 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1027
1028 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1029 hardened-sources-2.4.20-r3.ebuild:
1030 New revision. Includes the following changes over -r2:
1031
1032 - ck7-base (O(1), preempt, low latency)
1033 - Super FreeS/WAN 1.99.7rc2
1034 - PaX for the LSM/SELinux branch
1035 - GRSecurity 2.0-pre4 (role based access control)
1036 - Systrace 1.3
1037 - EXT3 fixes
1038 - EVMS 2.0.1
1039 - GCC 3.1+ compile optimizations
1040 - ProPolice kernel build support
1041 - Hashing table security fixes
1042
1043 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1044
1045 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1046 Initial import of hardened-sources-r2. This new
1047 ebuild includes many new performance and security
1048 related patches. As in -r1, it will patch in
1049 LSM/SELinux if "selinux" is in USE, otherwise it
1050 will patch in GRSecurity. The following patches
1051 are included in this revision:
1052
1053 - O(1) Scheduler, Low Latency, and Preempt
1054 (pulled from the base CK patch)
1055 - ptrace exploit patch for the LSM kernel
1056 (the GRSec patch already fixes this)
1057 - LSM 2.4-2003040709
1058 - SELinux 2.4-2003040709
1059 - Systrace v1.2
1060 - IPTables patch-o-matic base patches - 20030107
1061 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1062 - Super FreeS/WAN 1.99.6.1
1063 - GRSecurity 1.9.9g
1064 - MPPE
1065 - EXT3 data journal fix
1066 - CIPE 1.5.4
1067
1068 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1069 hardened-sources-2.4.20-r1.ebuild, manifest:
1070 Updated to install flask components correctly for selinux.
1071
1072 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1073 hardened-sources-2.4.20-r1.ebuild:
1074 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1075 is patched in instead. Ptrace patches for selinux have also been added. In
1076 either case, systrace support will be patched in as well.
1077
1078 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1080 Revision bump for new sources.
1081
1082 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1083 hardened-sources-2.4.20-r1.ebuild:
1084 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1085
1086 *hardened-sources-2.4.20 (30 Mar 2003)
1087
1088 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1089 hardened-sources-2.4.20.ebuild:
1090 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20