/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.172 - (show annotations) (download)
Thu Aug 16 20:06:45 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.171: +7 -1 lines
Revision bump for Linux 2.6.22.3.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.171 2007/08/16 20:02:59 phreak Exp $
4
5 *hardened-sources-2.6.22-r2 (16 Aug 2007)
6
7 16 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.22-r2.ebuild:
9 Revision bump for Linux 2.6.22.3.
10
11 *hardened-sources-2.4.35 (16 Aug 2007)
12
13 16 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.4.35.ebuild:
15 Version bump, initial version for Linux 2.4.35.
16
17 *hardened-sources-2.6.21-r4 (16 Aug 2007)
18
19 16 Aug 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.21-r4.ebuild:
21 Revision bump for Linux 2.6.21.6.
22
23 *hardened-sources-2.6.20-r7 (16 Aug 2007)
24
25 16 Aug 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.6.20-r7.ebuild:
27 Revision bump for Linux 2.6.20.16.
28
29 *hardened-sources-2.6.22-r1 (13 Aug 2007)
30
31 13 Aug 2007; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.6.22-r1.ebuild:
33 Yet another revision bump.
34
35 *hardened-sources-2.6.22 (10 Aug 2007)
36
37 10 Aug 2007; Christian Heim <phreak@gentoo.org>
38 +hardened-sources-2.6.22.ebuild:
39 Initial release for 2.6.22. If you are using hardened-sources on a desktop
40 machine (P4 or newer), be aware you might need to disable
41 CONFIG_PAX_PAGEEXEC.
42
43 04 Aug 2007; Christian Heim <phreak@gentoo.org>
44 hardened-sources-2.6.20-r6.ebuild:
45 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
46 2.6.20.15.
47
48 10 Jul 2007; Christian Heim <phreak@gentoo.org>
49 hardened-sources-2.6.20-r5.ebuild:
50 Marking hardened-sources-2.6.20-r5 stable on ppc.
51
52 10 Jul 2007; Christian Heim <phreak@gentoo.org>
53 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
54 Cleanup.
55
56 *hardened-sources-2.6.20-r6 (08 Jul 2007)
57
58 08 Jul 2007; Christian Heim <phreak@gentoo.org>
59 +hardened-sources-2.6.20-r6.ebuild:
60 Revision bump, grabbing yet another stable release.
61
62 17 Jun 2007; Christian Heim <phreak@gentoo.org>
63 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
64 -hardened-sources-2.6.21-r2.ebuild:
65 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
66 alpha stable KEYWORD by mistake.
67
68 17 Jun 2007; Christian Heim <phreak@gentoo.org>
69 hardened-sources-2.6.20-r5.ebuild:
70 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
71 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
72
73 *hardened-sources-2.6.21-r3 (12 Jun 2007)
74
75 12 Jun 2007; Christian Heim <phreak@gentoo.org>
76 +hardened-sources-2.6.21-r3.ebuild:
77 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
78 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
79 love.
80
81 *hardened-sources-2.6.20-r5 (11 Jun 2007)
82
83 11 Jun 2007; Christian Heim <phreak@gentoo.org>
84 +hardened-sources-2.6.20-r5.ebuild:
85 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
86 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
87 love.
88
89 *hardened-sources-2.4.34.5 (11 Jun 2007)
90
91 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
92 +hardened-sources-2.4.34.5.ebuild:
93 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
94
95 30 May 2007; Christian Heim <phreak@gentoo.org>
96 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
97 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
98 stale ebuild(s).
99
100 30 May 2007; Christian Heim <phreak@gentoo.org>
101 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
102 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
103 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
104 Doing some cleanups, remove stale ebuilds.
105
106 26 May 2007; Christian Heim <phreak@gentoo.org>
107 hardened-sources-2.6.21-r2.ebuild:
108 Fixing the grsecurity patch, had one '};' too much.
109
110 *hardened-sources-2.6.21-r2 (26 May 2007)
111
112 26 May 2007; Christian Heim <phreak@gentoo.org>
113 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
114 +hardened-sources-2.6.21-r2.ebuild:
115 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
116 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
117
118 *hardened-sources-2.6.20-r4 (26 May 2007)
119
120 26 May 2007; Christian Heim <phreak@gentoo.org>
121 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
122 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
123 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
124
125 15 May 2007; Christian Heim <phreak@gentoo.org>
126 hardened-sources-2.6.20-r3.ebuild:
127 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
128 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
129 grsecurity patch fail in that exact same hunk.
130
131 *hardened-sources-2.6.20-r3 (15 May 2007)
132
133 15 May 2007; Christian Heim <phreak@gentoo.org>
134 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
135 Revision bump, incorporating Linux 2.6.20.11.
136
137 *hardened-sources-2.6.21-r1 (11 May 2007)
138
139 11 May 2007; Christian Heim <phreak@gentoo.org>
140 +hardened-sources-2.6.21-r1.ebuild:
141 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
142 mentioned in #177234.
143
144 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
145 files/digest-hardened-sources-2.6.21, Manifest:
146 Fix Manifest/digest for linux-2.6.21.tar.bz2
147
148 06 May 2007; Christian Heim <phreak@gentoo.org>
149 hardened-sources-2.6.21.ebuild:
150 Bumping the hardened-patches version, needed for the fix for #177234.
151
152 *hardened-sources-2.6.21 (02 May 2007)
153
154 02 May 2007; Christian Heim <phreak@gentoo.org>
155 +hardened-sources-2.6.21.ebuild:
156 Version bump, Linux 2.6.21-hardened.
157
158 29 Apr 2007; Christian Heim <phreak@gentoo.org>
159 hardened-sources-2.6.20-r2.ebuild:
160 Adding ~ia64 on Ned's request.
161
162 29 Apr 2007; Christian Heim <phreak@gentoo.org>
163 hardened-sources-2.6.20-r2.ebuild:
164 Fixing the included grsecurity patch, wasn't alligning due to the Index:
165 header line(s).
166
167 29 Apr 2007; Christian Heim <phreak@gentoo.org>
168 hardened-sources-2.6.20-r2.ebuild:
169 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
170
171 *hardened-sources-2.6.20-r2 (10 Apr 2007)
172
173 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
174 +hardened-sources-2.6.20-r2.ebuild:
175 Version bump, on behalf of phreak
176
177 *hardened-sources-2.6.20-r1 (04 Apr 2007)
178
179 04 Apr 2007; Christian Heim <phreak@gentoo.org>
180 +hardened-sources-2.6.20-r1.ebuild:
181 Revision bump, grabbing a newer grsecurity snapshot.
182
183 *hardened-sources-2.6.20 (25 Mar 2007)
184
185 25 Mar 2007; Christian Heim <phreak@gentoo.org>
186 +hardened-sources-2.6.20.ebuild:
187 Finally a hardened-sources version for 2.6.20; many people have been waiting
188 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
189 testbox.
190
191 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
192 hardened-sources-2.6.18-r6.ebuild:
193 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
194
195 *hardened-sources-2.6.18-r6 (16 Mar 2007)
196
197 16 Mar 2007; Christian Heim <phreak@gentoo.org>
198 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
199 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
200 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
201 supposed to be.
202
203 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
204 Fixing the Manifest, the previous one was broken (as in still had the
205 deleted ebuild in it).
206
207 06 Mar 2007; Christian Heim <phreak@gentoo.org>
208 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
209 +hardened-sources-2.6.18-r5.ebuild:
210 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
211 Linux 2.6.18.8. Also cleaning up the older version.
212
213 *hardened-sources-2.6.18-r5 (06 Mar 2007)
214
215 06 Mar 2007; Christian Heim <phreak@gentoo.org>
216 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
217 +hardened-sources-2.6.18-r5.ebuild:
218 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
219 Linux 2.6.18.8. Also cleaning up the older version.
220
221 24 Feb 2007; Christian Heim <phreak@gentoo.org>
222 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
223 -hardened-sources-2.6.19-r5.ebuild:
224 Removing some of the old version, that didn't work.
225
226 *hardened-sources-2.6.19-r6 (12 Feb 2007)
227
228 12 Feb 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.19-r6.ebuild:
230 Revision bump, including a new grsec version fixing #166235.
231
232 *hardened-sources-2.4.34 (24 Jan 2007)
233
234 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
235 Manifest:
236 updating Manifest with checksums of new tarball and ebuild
237
238 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
239 +hardened-sources-2.4.34.ebuild:
240 I added new hardened sources 2.4 update, this is a critical path
241 security bugfix - all users of h-s are strongly advised
242 to update their existing hardened sources to this version.
243 It contains a fix for a kernel vulnerability that is pertaining
244 to the PaX changes to virtual memory management, possibly leading
245 to a local kernel exploit ... see grsecurity.net forums and homepage
246
247 23 Jan 2007; Christian Heim <phreak@gentoo.org>
248 files/digest-hardened-sources-2.6.19-r5, Manifest:
249 Fixing the patch-tarball digest.
250
251 *hardened-sources-2.6.19-r5 (23 Jan 2007)
252
253 23 Jan 2007; Christian Heim <phreak@gentoo.org>
254 +hardened-sources-2.6.19-r5.ebuild:
255 Revision bump, closing the recently discovered PaX expand_stack()
256 vulnerability.
257
258 *hardened-sources-2.6.19-r4 (14 Jan 2007)
259
260 14 Jan 2007; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.6.19-r4.ebuild:
262 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
263 dropping the randomized PID feature.
264
265 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
266 hardened-sources-2.4.33.4.ebuild:
267 stable x86, bug #161171
268
269 *hardened-sources-2.6.19-r3 (27 Dec 2006)
270
271 27 Dec 2006; Christian Heim <phreak@gentoo.org>
272 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
273 Revision bump for bug #157186 and #158786.
274
275 *hardened-sources-2.6.18-r4 (27 Dec 2006)
276
277 27 Dec 2006; Christian Heim <phreak@gentoo.org>
278 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
279 Revision bump for bug #157186.
280
281 *hardened-sources-2.6.19-r2 (23 Dec 2006)
282
283 23 Dec 2006; Christian Heim <phreak@gentoo.org>
284 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
285 Revision bump to pull in genpatches-2.6.19-3 for #157186.
286
287 17 Dec 2006; Christian Heim <phreak@gentoo.org>
288 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
289 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
290 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
291 hardened-sources-2.6.19-r1.ebuild:
292 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
293 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
294
295 *hardened-sources-2.4.33.4 (17 Dec 2006)
296
297 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
298 +hardened-sources-2.4.33.4.ebuild:
299 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
300 and quilting
301
302 *hardened-sources-2.6.19-r1 (14 Dec 2006)
303
304 14 Dec 2006; Christian Heim <phreak@gentoo.org>
305 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
306 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
307 for reporting).
308
309 *hardened-sources-2.6.19 (13 Dec 2006)
310
311 13 Dec 2006; Christian Heim <phreak@gentoo.org>
312 +hardened-sources-2.6.19.ebuild:
313 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
314 Brad for providing that prompt update.
315
316 *hardened-sources-2.6.18-r3 (13 Dec 2006)
317
318 13 Dec 2006; Christian Heim <phreak@gentoo.org>
319 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
320 +hardened-sources-2.6.18-r3.ebuild:
321 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
322 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
323
324 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
325 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
326
327 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
328 Stable on ppc wrt bug 157356
329
330 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
331 hardened-sources-2.6.18.ebuild:
332 stable x86, bug #157356
333
334 *hardened-sources-2.6.18-r2 (06 Dec 2006)
335
336 06 Dec 2006; Christian Heim <phreak@gentoo.org>
337 +hardened-sources-2.6.18-r2.ebuild:
338 Revision bump, including 2.6.18.5 (via genpatches) and
339 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
340 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
341 redesign.
342
343 06 Dec 2006; Christian Heim <phreak@gentoo.org>
344 hardened-sources-2.6.18.ebuild:
345 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
346 of Mike Doty).
347
348 *hardened-sources-2.6.18-r1 (23 Nov 2006)
349
350 23 Nov 2006; Christian Heim <phreak@gentoo.org>
351 +hardened-sources-2.6.18-r1.ebuild:
352 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
353
354 *hardened-sources-2.6.18 (11 Nov 2006)
355
356 11 Nov 2006; Christian Heim <phreak@gentoo.org>
357 +hardened-sources-2.6.18.ebuild:
358 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
359
360 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
361 - mark amd64 stable also. bug #151877
362
363 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
364 - mark 2.6.17-r1 stable
365
366 27 Aug 2006; Christian Heim <phreak@gentoo.org>
367 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
368 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
369
370 *hardened-sources-2.6.17-r1 (26 Aug 2006)
371
372 26 Aug 2006; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.17-r1.ebuild:
374 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
375 grsecurity patch.
376
377 *hardened-sources-2.6.17 (17 Aug 2006)
378
379 17 Aug 2006; Christian Heim <phreak@gentoo.org>
380 +hardened-sources-2.6.17.ebuild:
381 Bumping the hardened-sources-2.6 series to 2.6.17, using
382 genpatches-2.6.17-6.base.
383
384 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
385 - stable on x86 and amd64
386
387 *hardened-sources-2.6.16-r11 (15 Jul 2006)
388
389 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
390 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
391 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
392 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
393 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
394 crusty ebuilds
395
396 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
397 hardened-sources-2.6.16-r10.ebuild:
398 marking stable on x86 and amd64
399
400 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
401 - 2.4.32-r6 stable on x86. RSBAC state unknown
402
403 *hardened-sources-2.4.32-r7 (10 Jul 2006)
404
405 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
406 +hardened-sources-2.4.32-r7.ebuild:
407 Bump PaX for RSBAC to test-17
408
409 *hardened-sources-2.6.16-r9 (03 Jul 2006)
410
411 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
412 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
413 hardened-sources-2.6.16 bump to latest -base.
414
415 *hardened-sources-2.4.32-r6 (30 Jun 2006)
416
417 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
418 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
419 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
420 sysctl controlable resource logging
421
422 *hardened-sources-2.6.16-r7 (05 Jun 2006)
423
424 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
425 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
426 push new 2.6.16 release in preparation for stable
427
428 22 May 2006; <solar@gentoo.org> :
429 - redigest bug 134002
430
431 *hardened-sources-2.4.32-r5 (16 May 2006)
432
433 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
434 +hardened-sources-2.4.32-r5.ebuild:
435 Fixes rsbac common patching (new patch in new -r5 patchset)
436
437 *hardened-sources-2.4.32-r4 (13 May 2006)
438
439 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
440 +hardened-sources-2.4.32-r4.ebuild:
441 - security bumps
442
443 *hardened-sources-2.6.16-r6 (03 May 2006)
444
445 03 May 2006; John Mylchreest <johnm@gentoo.org>
446 +hardened-sources-2.6.16-r6.ebuild:
447 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
448
449 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
450 hardened-sources-2.6.14-r8.ebuild:
451 fix x86_64 build problem, this will delay the digest issue again for a short
452 while but it will sort itself out
453
454 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
455 hardened-sources-2.6.14-r8.ebuild:
456 bump hardened patchset
457
458 27 Apr 2006; Alec Warner <antarus@gentoo.org>
459 files/digest-hardened-sources-2.4.32-r2,
460 files/digest-hardened-sources-2.4.32-r3,
461 files/digest-hardened-sources-2.6.14-r8, Manifest:
462 Fixing duff SHA256 digests: Bug # 131293
463
464 *hardened-sources-2.6.16-r5 (27 Apr 2006)
465
466 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
467 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
468 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
469 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
470 cleanup of old uneccessary sources
471
472 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
473 fix digest
474
475 *hardened-sources-2.6.14-r8 (20 Apr 2006)
476
477 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
478 +hardened-sources-2.6.14-r8.ebuild:
479 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
480
481 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
482 Turning on gpg-signing again, and recomitting
483
484 *hardened-sources-2.6.16-r4 (20 Apr 2006)
485
486 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
487 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
488 +hardened-sources-2.6.16-r4.ebuild:
489 Fix numerous security vulns
490
491 *hardened-sources-2.4.32-r3 (16 Apr 2006)
492
493 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
494 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
495 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
496 - security bump for bug #112791. Removed old ebuilds
497
498 *hardened-sources-2.6.16-r3 (15 Apr 2006)
499
500 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
501 +hardened-sources-2.6.16-r3.ebuild:
502 Removing silly localversion which I missed
503
504 *hardened-sources-2.6.14-r7 (14 Apr 2006)
505
506 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
507 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
508 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
509
510 *hardened-sources-2.6.16-r2 (13 Apr 2006)
511
512 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
513 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
514 +hardened-sources-2.6.16-r2.ebuild:
515 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
516 labels, dropping USERGROUP define fixes, since these were merged mainstream.
517
518 *hardened-sources-2.6.16-r1 (11 Apr 2006)
519
520 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
521 +hardened-sources-2.6.16-r1.ebuild:
522 Bumping to include ppc build fix and 2.6.16.3
523
524 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
525 hardened-sources-2.6.14-r6.ebuild:
526 Stable on x86; bug #127718
527
528 *hardened-sources-2.6.16 (31 Mar 2006)
529
530 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
531 +hardened-sources-2.6.16.ebuild:
532 Bumping to new version of grsec, and kernel base. New squashfs. Based on
533 2.6.16.1
534
535 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
536 hardened-sources-2.6.14-r6.ebuild:
537 Stable on amd64, bug 127718.
538
539 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
540 Stable on ppc. Bug #127718
541
542 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
543 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
544 -hardened-sources-2.6.14-r4.ebuild:
545 Cleanup.
546
547 *hardened-sources-2.6.14-r6 (15 Mar 2006)
548
549 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
550 +hardened-sources-2.6.14-r6.ebuild:
551 Fixes grsec policy recreation bug and adds a
552 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
553
554 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
555 - stable on x86
556
557 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
558 hardened-sources-2.6.14-r5.ebuild:
559 Stable on ppc.
560
561 *hardened-sources-2.6.14-r5 (01 Feb 2006)
562
563 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
564 +hardened-sources-2.6.14-r5.ebuild:
565 fixing every known exploit
566
567 *hardened-sources-2.4.32-r2 (26 Jan 2006)
568
569 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
570 +hardened-sources-2.4.32-r2.ebuild:
571 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
572
573 *hardened-sources-2.6.14-r4 (12 Jan 2006)
574
575 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
576 - version bump for new genpatches which fix up a few sec holes
577
578 *hardened-sources-2.4.32-r1 (05 Jan 2006)
579
580 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
581 - revision bump to add misc vital linux kernel security patches.
582
583 *hardened-sources-2.6.14-r3 (30 Dec 2005)
584
585 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
586 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
587 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
588
589 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
590 hardened-sources-2.6.14-r2.ebuild:
591 making x86 & amd64 stable following testing.
592
593 *hardened-sources-2.6.14-r2 (27 Dec 2005)
594
595 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
596 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
597 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
598 network hooks.
599
600 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
601 hardened-sources-2.6.14-r1.ebuild:
602 bumping to stable early for sec fix on x86 & amd64
603
604 *hardened-sources-2.6.14-r1 (05 Dec 2005)
605
606 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
607 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
608 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
609
610 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
611 - stable on x86 security bug #114227 CAN-2005-3257
612
613 *hardened-sources-2.4.32 (19 Nov 2005)
614
615 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
616 +hardened-sources-2.4.32.ebuild:
617 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
618 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
619 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
620 rsbac >> /etc/portage/package.use)
621
622 *hardened-sources-2.6.14 (14 Nov 2005)
623
624 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
625 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
626 Bumping 2.6 series to 2.6.14.2
627
628 *hardened-sources-2.6.13-r2 (20 Oct 2005)
629
630 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
631 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
632 +hardened-sources-2.6.13-r2.ebuild:
633 Fixes minor build error in ppc.
634
635 *hardened-sources-2.6.13-r1 (17 Oct 2005)
636
637 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
638 +hardened-sources-2.6.13-r1.ebuild:
639 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
640 2.6.13.4, fixes some major amd64 stability problems.
641
642 *hardened-sources-2.6.13 (16 Sep 2005)
643
644 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
645 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
646 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
647 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
648 users should test this thoroughly.
649
650 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
651 - stable on x86
652
653 *hardened-sources-2.6.11-r15 (27 Jun 2005)
654
655 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
656 +hardened-sources-2.6.11-r15.ebuild:
657 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
658 grsec redefining curr_ip struct.
659
660 *hardened-sources-2.4.31 (20 Jun 2005)
661
662 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
663 initial import of 2.4.31 tree
664
665 *hardened-sources-2.6.11-r14 (14 Jun 2005)
666
667 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
668 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
669 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
670 naming scheme to abide by genpatches
671
672 *hardened-sources-2.6.11-r13 (18 May 2005)
673
674 18 May 2005; John Mylchreest <johnm@gentoo.org>
675 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
676 Managed to mangle the Makefile patch from grsec, to miss out the grsec
677 target. sorry about that. Fixes bug #93022
678
679 *hardened-sources-2.6.11-r12 (17 May 2005)
680
681 17 May 2005; John Mylchreest <johnm@gentoo.org>
682 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
683 +hardened-sources-2.6.11-r12.ebuild:
684 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
685 merges in genpatches-base
686
687 *hardened-sources-2.6.11-r12 (17 May 2005)
688
689 17 May 2005; John Mylchreest <johnm@gentoo.org>
690 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
691 +hardened-sources-2.6.11-r12.ebuild:
692 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
693 merges in genpatches-base
694
695 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
696 -files/2.4.27-cmdline-race.patch,
697 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
698 -files/2.4.28-grsec-binfmt_a.out.patch,
699 -files/2.4.28-grsec-cmdline-race.patch,
700 -files/2.4.28-selinux-binfmt_a.out.patch,
701 -files/2.4.28-selinux-cmdline-race.patch,
702 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
703 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
704 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
705 cleanup..
706
707 *hardened-sources-2.4.30-r1 (21 Apr 2005)
708
709 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
710 - disable aout by default
711
712 *hardened-sources-2.4.30 (18 Apr 2005)
713
714 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
715 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
716 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
717 use
718
719 *hardened-sources-2.4.29 (30 Mar 2005)
720
721 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
722 +hardened-sources-2.4.29.ebuild:
723 New hardened-patches-2.4-29.0 patchball.
724 Removed SELinux support, upgraded GRSecurity to 2.1.4.
725
726 *hardened-sources-2.4.28-r5 (06 Mar 2005)
727
728 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
729 +hardened-sources-2.4.28-r5.ebuild:
730 Added a fix for a PaX vulnerability.
731
732 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
733 hardened-sources-2.4.28-r4.ebuild:
734 Stable on x86
735
736 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
737 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
738 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
739 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
740 - fixed/added RDEPEND= in all kernel-2 ebuilds
741
742 *hardened-sources-2.4.28-r4 (21 Jan 2005)
743
744 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
745 +hardened-sources-2.4.28-r4.ebuild:
746 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
747 backport of neighbour hash updates.
748
749 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
750 hardened-sources-2.4.28-r3.ebuild:
751 Stable on x86
752
753 *hardened-sources-2.6.10-r3 (20 Jan 2005)
754
755 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
756 +hardened-sources-2.6.10-r3.ebuild:
757 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
758 in 2005.0
759
760 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
761 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
762 hardened-sources-2.4.28-r2.ebuild:
763 Mark stable on x86
764
765 *hardened-sources-2.4.28-r3 (17 Jan 2005)
766
767 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
768 +hardened-sources-2.4.28-r3.ebuild:
769 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
770
771 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772 hardened-sources-2.4.28.ebuild:
773 Mark stable on x86.
774
775 *hardened-sources-2.4.28-r2 (13 Jan 2005)
776
777 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
778 +hardened-sources-2.4.28-r2.ebuild:
779 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
780 Mazinger for grsecurity patches as well.
781
782 *hardened-sources-2.4.28-r1 (23 Dec 2004)
783
784 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
785 Security bump. Thank tocharian for rolling a new patchset...
786
787 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
788 +files/2.4.28-grsec-cmdline-race.patch,
789 +files/2.4.28-selinux-binfmt_a.out.patch,
790 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
791 - Round up remaining security patches that appear to be missing in 2.4.28. -
792 PaX standalone updated to current. hgpv=28.1
793
794 *hardened-sources-2.4.28 (28 Nov 2004)
795
796 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
797 security bump. Thank tocharian for rolling a new patchset
798
799 *hardened-sources-2.4.27-r3 (08 Sep 2004)
800
801 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
802 +hardened-sources-2.4.27-r3.ebuild:
803 Applies the new 2.4-27.2 patchball which updates
804 GRSecurity to the 2.0.1 version.
805
806 *hardened-sources-2.4.27-r2 (31 Aug 2004)
807
808 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
809 +hardened-sources-2.4.27-r2.ebuild:
810 Version bump.
811 This version uses the new 2.4-27.1 patchball which updates
812 both the SELinux PaX hooks patch and the SELinux headers.
813
814 *hardened-sources-2.4.27-r1 (09 Aug 2004)
815
816 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.27-r1.ebuild,
818 -hardened-sources-2.4.27.ebuild,
819 +files/2.4.27-cmdline-race.patch:
820 Version bump, fix for cmdline race. See bug #59905.
821
822 *hardened-sources-2.4.26-r6 (09 Aug 2004)
823
824 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
825 +hardened-sources-2.4.26-r6.ebuild,
826 -hardened-sources-2.4.26-r5.ebuild,
827 -hardened-sources-2.4.26-r4.ebuild,
828 +files/2.4.26-cmdline-race.patch:
829 Version bump, fix for cmdline race. See bug #59905.
830
831 *hardened-sources-2.4.27 (08 Aug 2004)
832
833 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
834 +hardened-sources-2.4.27.ebuild,
835 +files/2.4.27-CAN-2004-0394.patch:
836 Ported the patchball to the 2.4.27 kernel version.
837
838 *hardened-sources-2.4.26-r5 (07 Aug 2004)
839
840 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
841 +hardened-sources-2.4.26-r5.ebuild:
842 Updated to use the new hardened-patches-2.4-26.1 patchball.
843 It adds the following features:
844 - Squashfs
845 - Ebtables
846 - Netdev random (core+drivers)
847 - Watchdog Timer (WDT) fix.
848
849 *hardened-sources-2.4.26-r4 (04 Aug 2004)
850
851 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
852 +hardened-sources-2.4.26-r4.ebuild,
853 +files/2.4.26-CAN-2004-0415.patch,
854 -hardened-sources-2.4.26-3:
855 Version bump, fix for CAN 0415, see bug #59378.
856
857 *hardened-sources-2.4.26-r3 (22 Jul 2004)
858
859 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
860 +hardened-sources-2.4.26-r3.ebuild,
861 +files/2.4.26-CAN-2004-0497.patch,
862 -hardened-sources-2.4.26-r2.ebuild:
863 Version bump, fixed CAN 0497, see bug #56171.
864
865 *hardened-sources-2.4.26-r2 (29 Jun 2004)
866
867 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
868 +hardened-sources-2.4.26-r2.ebuild,
869 +files/2.4.26-CAN-2004-0495.patch,
870 +files/2.4.26-CAN-2004-0535.patch,
871 -hardened-sources-2.4.26-r1.ebuild:
872 Fixes for both CAN 0495 and 0535, see bug #54976
873
874 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
875 hardened-sources-2.4.26-r1.ebuild:
876 QA - fix use invocation
877
878 *hardened-sources-2.4.26-r1 (22 June 2004)
879
880 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
881 +hardened-sources-2.4.26-r1.ebuild,
882 +files/2.4.26-CAN-2004-0394.patch,
883 +files/2.4.26-signal-race.patch,
884 -hardened-sources-2.4.26.ebuild,
885 -hardened-sources-2.4.24-r3.ebuild:
886 Version bump for the CAN-2004-0394 issue and bug #53804
887 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
888
889
890 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
891 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
892 Masked hardened-sources-2.4.26.ebuild broken for ppc
893
894 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
895 hardened-sources-2.4.24-r3.ebuild:
896 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
897
898 *hardened-sources-2.4.26 (29 May 2004)
899
900 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
901 +hardened-sources-2.4.26.ebuild:
902 Updated hardened-sources for the 2.4.26 kernel
903 Removed broken components, updated almost everything.
904
905 *hardened-sources-2.4.24-r3 (17 Apr 2004)
906
907 17 Apr 2004; <plasmaroo@gentoo.org>
908 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
909 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
910 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
911 +hardened-sources-2.4.24-r3.ebuild:
912 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
913 vulnerabilities. Old revisions removed.
914
915 *hardened-sources-2.4.24-r2 (15 Apr 2004)
916
917 15 Apr 2004; <plasmaroo@gentoo.org>
918 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
919 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
920 Version bump for the CAN-2004-0109 issue; bug #47881.
921
922 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
923 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
924 Add eutils to inherit.
925
926 *hardened-sources-2.4.24-r1 (19 Feb 2004)
927
928 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
929 files/hardened-sources-2.4.24.munmap.patch:
930 Added the patch for the mremap/munmap vulnerability. Bug #42024.
931
932 *hardened-sources-2.4.24 (06 Feb 2004)
933
934 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
935 hardened-sources-2.4.24.ebuild:
936 Version bump, updated most of the components.
937 This release includes the following:
938
939 - Hardened security
940 - Netfilter patch-o-matic 20031219
941 - FreeSWAN 2.04 & x509 1.4.8
942 - EVMS 2.2.2
943 - XFS 1.3.1
944 - cryptoloop jari
945 - grsecurity 2.0-rc4
946 - SELinux
947 - PaX 200402060000
948 - PaX Obscurity 200308302223
949 - Others...
950
951 Neither -ck nor systrace are included anymore.
952
953 *hardened-sources-2.4.22-r2 (05 Jan 2004)
954
955 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
956 hardened-sources-2.4.22-r2.ebuild:
957 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
958
959 *hardened-sources-2.4.22-r1 (02 Dec 2003)
960
961 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
962 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
963
964 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
965 hardened-sources-2.4.22-r1.ebuild:
966 Version bump for the 'do_brk' vulnerability.
967
968 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
969 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
970 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
971 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
972 Fix the 'do_brk' vulnerability.
973
974 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
975 hardened-sources-2.4.22.ebuild:
976 - Removed the src_install() portion for SELinux flask
977 components. These are no longer handled in the kernel
978 so this code was not necessary.
979
980 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
981 New 2.4.22 based hardened-sources thanks to
982 Phil West <p.west@computer.org>.
983
984 These sources include:
985 - New SELinux API
986 - Updated CK-base
987 - Updated GRSec
988 - Systrace
989 - SuperFreeS/WAN 1.99.8
990 - Propolice kernel build support
991 - EVMS
992 - Other various security related patches
993
994 *hardened-sources-2.4.21 (14 Sep 2003)
995
996 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
997 Updated hardened-sources based on the 2.4.21 Linux kernel.
998 This includes updates to most major components such as:
999 - ck-base-0306300059
1000 - selinux-2.4-2003071106
1001 - grsecurity-2.0-rc1
1002 - Updated IPTables patch-o-matic
1003 - Updated SuperFreeS/WAN
1004
1005 Thanks to Phil West <pwest@computer.org> for his work in getting this
1006 updated patch set ready for the 2.4.21 based kernel.
1007
1008 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1009 Initial import of hardened-sources-2.4.20-r4. This revision
1010 includes only a few changes, but one of these is an important
1011 security fix. It is recommended all users of hardened-sources
1012 upgrade to this release.
1013
1014 - ioperm bug fix
1015 - fixed compilation failure when building without GRSec
1016
1017 SAL (Secure Auditing for Linux) is NOT included in this revision
1018 due to time constraints, but is planned for inclusion in the near
1019 future.
1020
1021 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1022
1023 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1024 hardened-sources-2.4.20-r3.ebuild:
1025 Add Header...
1026
1027 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1028 hardened-sources-2.4.20-r3.ebuild:
1029 Removed warnings from ebuild. This kernel should be safe to
1030 use at this point.
1031
1032 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1033
1034 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1035 hardened-sources-2.4.20-r3.ebuild:
1036 New revision. Includes the following changes over -r2:
1037
1038 - ck7-base (O(1), preempt, low latency)
1039 - Super FreeS/WAN 1.99.7rc2
1040 - PaX for the LSM/SELinux branch
1041 - GRSecurity 2.0-pre4 (role based access control)
1042 - Systrace 1.3
1043 - EXT3 fixes
1044 - EVMS 2.0.1
1045 - GCC 3.1+ compile optimizations
1046 - ProPolice kernel build support
1047 - Hashing table security fixes
1048
1049 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1050
1051 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1052 Initial import of hardened-sources-r2. This new
1053 ebuild includes many new performance and security
1054 related patches. As in -r1, it will patch in
1055 LSM/SELinux if "selinux" is in USE, otherwise it
1056 will patch in GRSecurity. The following patches
1057 are included in this revision:
1058
1059 - O(1) Scheduler, Low Latency, and Preempt
1060 (pulled from the base CK patch)
1061 - ptrace exploit patch for the LSM kernel
1062 (the GRSec patch already fixes this)
1063 - LSM 2.4-2003040709
1064 - SELinux 2.4-2003040709
1065 - Systrace v1.2
1066 - IPTables patch-o-matic base patches - 20030107
1067 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1068 - Super FreeS/WAN 1.99.6.1
1069 - GRSecurity 1.9.9g
1070 - MPPE
1071 - EXT3 data journal fix
1072 - CIPE 1.5.4
1073
1074 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1075 hardened-sources-2.4.20-r1.ebuild, manifest:
1076 Updated to install flask components correctly for selinux.
1077
1078 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079 hardened-sources-2.4.20-r1.ebuild:
1080 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1081 is patched in instead. Ptrace patches for selinux have also been added. In
1082 either case, systrace support will be patched in as well.
1083
1084 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1085 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1086 Revision bump for new sources.
1087
1088 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1089 hardened-sources-2.4.20-r1.ebuild:
1090 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1091
1092 *hardened-sources-2.4.20 (30 Mar 2003)
1093
1094 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1095 hardened-sources-2.4.20.ebuild:
1096 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20