/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.173 - (show annotations) (download)
Thu Aug 16 23:05:15 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.172: +5 -1 lines
Updated patchset, to fix the alignment against 2.6.22.3.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.172 2007/08/16 20:06:45 phreak Exp $
4
5 16 Aug 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.22-r2.ebuild:
7 Updated patchset, to fix the alignment against 2.6.22.3.
8
9 *hardened-sources-2.6.22-r2 (16 Aug 2007)
10
11 16 Aug 2007; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.22-r2.ebuild:
13 Revision bump for Linux 2.6.22.3.
14
15 *hardened-sources-2.4.35 (16 Aug 2007)
16
17 16 Aug 2007; Christian Heim <phreak@gentoo.org>
18 +hardened-sources-2.4.35.ebuild:
19 Version bump, initial version for Linux 2.4.35.
20
21 *hardened-sources-2.6.21-r4 (16 Aug 2007)
22
23 16 Aug 2007; Christian Heim <phreak@gentoo.org>
24 +hardened-sources-2.6.21-r4.ebuild:
25 Revision bump for Linux 2.6.21.6.
26
27 *hardened-sources-2.6.20-r7 (16 Aug 2007)
28
29 16 Aug 2007; Christian Heim <phreak@gentoo.org>
30 +hardened-sources-2.6.20-r7.ebuild:
31 Revision bump for Linux 2.6.20.16.
32
33 *hardened-sources-2.6.22-r1 (13 Aug 2007)
34
35 13 Aug 2007; Christian Heim <phreak@gentoo.org>
36 +hardened-sources-2.6.22-r1.ebuild:
37 Yet another revision bump.
38
39 *hardened-sources-2.6.22 (10 Aug 2007)
40
41 10 Aug 2007; Christian Heim <phreak@gentoo.org>
42 +hardened-sources-2.6.22.ebuild:
43 Initial release for 2.6.22. If you are using hardened-sources on a desktop
44 machine (P4 or newer), be aware you might need to disable
45 CONFIG_PAX_PAGEEXEC.
46
47 04 Aug 2007; Christian Heim <phreak@gentoo.org>
48 hardened-sources-2.6.20-r6.ebuild:
49 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
50 2.6.20.15.
51
52 10 Jul 2007; Christian Heim <phreak@gentoo.org>
53 hardened-sources-2.6.20-r5.ebuild:
54 Marking hardened-sources-2.6.20-r5 stable on ppc.
55
56 10 Jul 2007; Christian Heim <phreak@gentoo.org>
57 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
58 Cleanup.
59
60 *hardened-sources-2.6.20-r6 (08 Jul 2007)
61
62 08 Jul 2007; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.6.20-r6.ebuild:
64 Revision bump, grabbing yet another stable release.
65
66 17 Jun 2007; Christian Heim <phreak@gentoo.org>
67 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
68 -hardened-sources-2.6.21-r2.ebuild:
69 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
70 alpha stable KEYWORD by mistake.
71
72 17 Jun 2007; Christian Heim <phreak@gentoo.org>
73 hardened-sources-2.6.20-r5.ebuild:
74 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
75 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
76
77 *hardened-sources-2.6.21-r3 (12 Jun 2007)
78
79 12 Jun 2007; Christian Heim <phreak@gentoo.org>
80 +hardened-sources-2.6.21-r3.ebuild:
81 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
82 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
83 love.
84
85 *hardened-sources-2.6.20-r5 (11 Jun 2007)
86
87 11 Jun 2007; Christian Heim <phreak@gentoo.org>
88 +hardened-sources-2.6.20-r5.ebuild:
89 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
90 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
91 love.
92
93 *hardened-sources-2.4.34.5 (11 Jun 2007)
94
95 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
96 +hardened-sources-2.4.34.5.ebuild:
97 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
98
99 30 May 2007; Christian Heim <phreak@gentoo.org>
100 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
101 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
102 stale ebuild(s).
103
104 30 May 2007; Christian Heim <phreak@gentoo.org>
105 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
106 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
107 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
108 Doing some cleanups, remove stale ebuilds.
109
110 26 May 2007; Christian Heim <phreak@gentoo.org>
111 hardened-sources-2.6.21-r2.ebuild:
112 Fixing the grsecurity patch, had one '};' too much.
113
114 *hardened-sources-2.6.21-r2 (26 May 2007)
115
116 26 May 2007; Christian Heim <phreak@gentoo.org>
117 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
118 +hardened-sources-2.6.21-r2.ebuild:
119 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
120 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
121
122 *hardened-sources-2.6.20-r4 (26 May 2007)
123
124 26 May 2007; Christian Heim <phreak@gentoo.org>
125 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
126 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
127 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
128
129 15 May 2007; Christian Heim <phreak@gentoo.org>
130 hardened-sources-2.6.20-r3.ebuild:
131 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
132 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
133 grsecurity patch fail in that exact same hunk.
134
135 *hardened-sources-2.6.20-r3 (15 May 2007)
136
137 15 May 2007; Christian Heim <phreak@gentoo.org>
138 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
139 Revision bump, incorporating Linux 2.6.20.11.
140
141 *hardened-sources-2.6.21-r1 (11 May 2007)
142
143 11 May 2007; Christian Heim <phreak@gentoo.org>
144 +hardened-sources-2.6.21-r1.ebuild:
145 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
146 mentioned in #177234.
147
148 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
149 files/digest-hardened-sources-2.6.21, Manifest:
150 Fix Manifest/digest for linux-2.6.21.tar.bz2
151
152 06 May 2007; Christian Heim <phreak@gentoo.org>
153 hardened-sources-2.6.21.ebuild:
154 Bumping the hardened-patches version, needed for the fix for #177234.
155
156 *hardened-sources-2.6.21 (02 May 2007)
157
158 02 May 2007; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.21.ebuild:
160 Version bump, Linux 2.6.21-hardened.
161
162 29 Apr 2007; Christian Heim <phreak@gentoo.org>
163 hardened-sources-2.6.20-r2.ebuild:
164 Adding ~ia64 on Ned's request.
165
166 29 Apr 2007; Christian Heim <phreak@gentoo.org>
167 hardened-sources-2.6.20-r2.ebuild:
168 Fixing the included grsecurity patch, wasn't alligning due to the Index:
169 header line(s).
170
171 29 Apr 2007; Christian Heim <phreak@gentoo.org>
172 hardened-sources-2.6.20-r2.ebuild:
173 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
174
175 *hardened-sources-2.6.20-r2 (10 Apr 2007)
176
177 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
178 +hardened-sources-2.6.20-r2.ebuild:
179 Version bump, on behalf of phreak
180
181 *hardened-sources-2.6.20-r1 (04 Apr 2007)
182
183 04 Apr 2007; Christian Heim <phreak@gentoo.org>
184 +hardened-sources-2.6.20-r1.ebuild:
185 Revision bump, grabbing a newer grsecurity snapshot.
186
187 *hardened-sources-2.6.20 (25 Mar 2007)
188
189 25 Mar 2007; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.20.ebuild:
191 Finally a hardened-sources version for 2.6.20; many people have been waiting
192 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
193 testbox.
194
195 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
196 hardened-sources-2.6.18-r6.ebuild:
197 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
198
199 *hardened-sources-2.6.18-r6 (16 Mar 2007)
200
201 16 Mar 2007; Christian Heim <phreak@gentoo.org>
202 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
203 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
204 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
205 supposed to be.
206
207 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
208 Fixing the Manifest, the previous one was broken (as in still had the
209 deleted ebuild in it).
210
211 06 Mar 2007; Christian Heim <phreak@gentoo.org>
212 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
213 +hardened-sources-2.6.18-r5.ebuild:
214 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
215 Linux 2.6.18.8. Also cleaning up the older version.
216
217 *hardened-sources-2.6.18-r5 (06 Mar 2007)
218
219 06 Mar 2007; Christian Heim <phreak@gentoo.org>
220 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
221 +hardened-sources-2.6.18-r5.ebuild:
222 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
223 Linux 2.6.18.8. Also cleaning up the older version.
224
225 24 Feb 2007; Christian Heim <phreak@gentoo.org>
226 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
227 -hardened-sources-2.6.19-r5.ebuild:
228 Removing some of the old version, that didn't work.
229
230 *hardened-sources-2.6.19-r6 (12 Feb 2007)
231
232 12 Feb 2007; Christian Heim <phreak@gentoo.org>
233 +hardened-sources-2.6.19-r6.ebuild:
234 Revision bump, including a new grsec version fixing #166235.
235
236 *hardened-sources-2.4.34 (24 Jan 2007)
237
238 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
239 Manifest:
240 updating Manifest with checksums of new tarball and ebuild
241
242 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
243 +hardened-sources-2.4.34.ebuild:
244 I added new hardened sources 2.4 update, this is a critical path
245 security bugfix - all users of h-s are strongly advised
246 to update their existing hardened sources to this version.
247 It contains a fix for a kernel vulnerability that is pertaining
248 to the PaX changes to virtual memory management, possibly leading
249 to a local kernel exploit ... see grsecurity.net forums and homepage
250
251 23 Jan 2007; Christian Heim <phreak@gentoo.org>
252 files/digest-hardened-sources-2.6.19-r5, Manifest:
253 Fixing the patch-tarball digest.
254
255 *hardened-sources-2.6.19-r5 (23 Jan 2007)
256
257 23 Jan 2007; Christian Heim <phreak@gentoo.org>
258 +hardened-sources-2.6.19-r5.ebuild:
259 Revision bump, closing the recently discovered PaX expand_stack()
260 vulnerability.
261
262 *hardened-sources-2.6.19-r4 (14 Jan 2007)
263
264 14 Jan 2007; Christian Heim <phreak@gentoo.org>
265 +hardened-sources-2.6.19-r4.ebuild:
266 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
267 dropping the randomized PID feature.
268
269 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
270 hardened-sources-2.4.33.4.ebuild:
271 stable x86, bug #161171
272
273 *hardened-sources-2.6.19-r3 (27 Dec 2006)
274
275 27 Dec 2006; Christian Heim <phreak@gentoo.org>
276 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
277 Revision bump for bug #157186 and #158786.
278
279 *hardened-sources-2.6.18-r4 (27 Dec 2006)
280
281 27 Dec 2006; Christian Heim <phreak@gentoo.org>
282 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
283 Revision bump for bug #157186.
284
285 *hardened-sources-2.6.19-r2 (23 Dec 2006)
286
287 23 Dec 2006; Christian Heim <phreak@gentoo.org>
288 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
289 Revision bump to pull in genpatches-2.6.19-3 for #157186.
290
291 17 Dec 2006; Christian Heim <phreak@gentoo.org>
292 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
293 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
294 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
295 hardened-sources-2.6.19-r1.ebuild:
296 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
297 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
298
299 *hardened-sources-2.4.33.4 (17 Dec 2006)
300
301 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
302 +hardened-sources-2.4.33.4.ebuild:
303 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
304 and quilting
305
306 *hardened-sources-2.6.19-r1 (14 Dec 2006)
307
308 14 Dec 2006; Christian Heim <phreak@gentoo.org>
309 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
310 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
311 for reporting).
312
313 *hardened-sources-2.6.19 (13 Dec 2006)
314
315 13 Dec 2006; Christian Heim <phreak@gentoo.org>
316 +hardened-sources-2.6.19.ebuild:
317 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
318 Brad for providing that prompt update.
319
320 *hardened-sources-2.6.18-r3 (13 Dec 2006)
321
322 13 Dec 2006; Christian Heim <phreak@gentoo.org>
323 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
324 +hardened-sources-2.6.18-r3.ebuild:
325 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
326 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
327
328 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
329 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
330
331 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
332 Stable on ppc wrt bug 157356
333
334 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
335 hardened-sources-2.6.18.ebuild:
336 stable x86, bug #157356
337
338 *hardened-sources-2.6.18-r2 (06 Dec 2006)
339
340 06 Dec 2006; Christian Heim <phreak@gentoo.org>
341 +hardened-sources-2.6.18-r2.ebuild:
342 Revision bump, including 2.6.18.5 (via genpatches) and
343 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
344 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
345 redesign.
346
347 06 Dec 2006; Christian Heim <phreak@gentoo.org>
348 hardened-sources-2.6.18.ebuild:
349 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
350 of Mike Doty).
351
352 *hardened-sources-2.6.18-r1 (23 Nov 2006)
353
354 23 Nov 2006; Christian Heim <phreak@gentoo.org>
355 +hardened-sources-2.6.18-r1.ebuild:
356 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
357
358 *hardened-sources-2.6.18 (11 Nov 2006)
359
360 11 Nov 2006; Christian Heim <phreak@gentoo.org>
361 +hardened-sources-2.6.18.ebuild:
362 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
363
364 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
365 - mark amd64 stable also. bug #151877
366
367 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
368 - mark 2.6.17-r1 stable
369
370 27 Aug 2006; Christian Heim <phreak@gentoo.org>
371 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
372 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
373
374 *hardened-sources-2.6.17-r1 (26 Aug 2006)
375
376 26 Aug 2006; Christian Heim <phreak@gentoo.org>
377 +hardened-sources-2.6.17-r1.ebuild:
378 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
379 grsecurity patch.
380
381 *hardened-sources-2.6.17 (17 Aug 2006)
382
383 17 Aug 2006; Christian Heim <phreak@gentoo.org>
384 +hardened-sources-2.6.17.ebuild:
385 Bumping the hardened-sources-2.6 series to 2.6.17, using
386 genpatches-2.6.17-6.base.
387
388 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
389 - stable on x86 and amd64
390
391 *hardened-sources-2.6.16-r11 (15 Jul 2006)
392
393 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
394 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
395 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
396 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
397 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
398 crusty ebuilds
399
400 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
401 hardened-sources-2.6.16-r10.ebuild:
402 marking stable on x86 and amd64
403
404 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
405 - 2.4.32-r6 stable on x86. RSBAC state unknown
406
407 *hardened-sources-2.4.32-r7 (10 Jul 2006)
408
409 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
410 +hardened-sources-2.4.32-r7.ebuild:
411 Bump PaX for RSBAC to test-17
412
413 *hardened-sources-2.6.16-r9 (03 Jul 2006)
414
415 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
416 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
417 hardened-sources-2.6.16 bump to latest -base.
418
419 *hardened-sources-2.4.32-r6 (30 Jun 2006)
420
421 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
422 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
423 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
424 sysctl controlable resource logging
425
426 *hardened-sources-2.6.16-r7 (05 Jun 2006)
427
428 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
429 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
430 push new 2.6.16 release in preparation for stable
431
432 22 May 2006; <solar@gentoo.org> :
433 - redigest bug 134002
434
435 *hardened-sources-2.4.32-r5 (16 May 2006)
436
437 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
438 +hardened-sources-2.4.32-r5.ebuild:
439 Fixes rsbac common patching (new patch in new -r5 patchset)
440
441 *hardened-sources-2.4.32-r4 (13 May 2006)
442
443 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
444 +hardened-sources-2.4.32-r4.ebuild:
445 - security bumps
446
447 *hardened-sources-2.6.16-r6 (03 May 2006)
448
449 03 May 2006; John Mylchreest <johnm@gentoo.org>
450 +hardened-sources-2.6.16-r6.ebuild:
451 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
452
453 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
454 hardened-sources-2.6.14-r8.ebuild:
455 fix x86_64 build problem, this will delay the digest issue again for a short
456 while but it will sort itself out
457
458 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
459 hardened-sources-2.6.14-r8.ebuild:
460 bump hardened patchset
461
462 27 Apr 2006; Alec Warner <antarus@gentoo.org>
463 files/digest-hardened-sources-2.4.32-r2,
464 files/digest-hardened-sources-2.4.32-r3,
465 files/digest-hardened-sources-2.6.14-r8, Manifest:
466 Fixing duff SHA256 digests: Bug # 131293
467
468 *hardened-sources-2.6.16-r5 (27 Apr 2006)
469
470 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
471 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
472 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
473 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
474 cleanup of old uneccessary sources
475
476 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
477 fix digest
478
479 *hardened-sources-2.6.14-r8 (20 Apr 2006)
480
481 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
482 +hardened-sources-2.6.14-r8.ebuild:
483 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
484
485 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
486 Turning on gpg-signing again, and recomitting
487
488 *hardened-sources-2.6.16-r4 (20 Apr 2006)
489
490 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
491 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
492 +hardened-sources-2.6.16-r4.ebuild:
493 Fix numerous security vulns
494
495 *hardened-sources-2.4.32-r3 (16 Apr 2006)
496
497 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
498 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
499 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
500 - security bump for bug #112791. Removed old ebuilds
501
502 *hardened-sources-2.6.16-r3 (15 Apr 2006)
503
504 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
505 +hardened-sources-2.6.16-r3.ebuild:
506 Removing silly localversion which I missed
507
508 *hardened-sources-2.6.14-r7 (14 Apr 2006)
509
510 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
511 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
512 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
513
514 *hardened-sources-2.6.16-r2 (13 Apr 2006)
515
516 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
517 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
518 +hardened-sources-2.6.16-r2.ebuild:
519 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
520 labels, dropping USERGROUP define fixes, since these were merged mainstream.
521
522 *hardened-sources-2.6.16-r1 (11 Apr 2006)
523
524 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
525 +hardened-sources-2.6.16-r1.ebuild:
526 Bumping to include ppc build fix and 2.6.16.3
527
528 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
529 hardened-sources-2.6.14-r6.ebuild:
530 Stable on x86; bug #127718
531
532 *hardened-sources-2.6.16 (31 Mar 2006)
533
534 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
535 +hardened-sources-2.6.16.ebuild:
536 Bumping to new version of grsec, and kernel base. New squashfs. Based on
537 2.6.16.1
538
539 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
540 hardened-sources-2.6.14-r6.ebuild:
541 Stable on amd64, bug 127718.
542
543 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
544 Stable on ppc. Bug #127718
545
546 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
547 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
548 -hardened-sources-2.6.14-r4.ebuild:
549 Cleanup.
550
551 *hardened-sources-2.6.14-r6 (15 Mar 2006)
552
553 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
554 +hardened-sources-2.6.14-r6.ebuild:
555 Fixes grsec policy recreation bug and adds a
556 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
557
558 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
559 - stable on x86
560
561 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
562 hardened-sources-2.6.14-r5.ebuild:
563 Stable on ppc.
564
565 *hardened-sources-2.6.14-r5 (01 Feb 2006)
566
567 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
568 +hardened-sources-2.6.14-r5.ebuild:
569 fixing every known exploit
570
571 *hardened-sources-2.4.32-r2 (26 Jan 2006)
572
573 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
574 +hardened-sources-2.4.32-r2.ebuild:
575 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
576
577 *hardened-sources-2.6.14-r4 (12 Jan 2006)
578
579 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
580 - version bump for new genpatches which fix up a few sec holes
581
582 *hardened-sources-2.4.32-r1 (05 Jan 2006)
583
584 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
585 - revision bump to add misc vital linux kernel security patches.
586
587 *hardened-sources-2.6.14-r3 (30 Dec 2005)
588
589 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
590 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
591 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
592
593 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
594 hardened-sources-2.6.14-r2.ebuild:
595 making x86 & amd64 stable following testing.
596
597 *hardened-sources-2.6.14-r2 (27 Dec 2005)
598
599 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
600 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
601 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
602 network hooks.
603
604 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
605 hardened-sources-2.6.14-r1.ebuild:
606 bumping to stable early for sec fix on x86 & amd64
607
608 *hardened-sources-2.6.14-r1 (05 Dec 2005)
609
610 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
611 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
612 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
613
614 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
615 - stable on x86 security bug #114227 CAN-2005-3257
616
617 *hardened-sources-2.4.32 (19 Nov 2005)
618
619 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
620 +hardened-sources-2.4.32.ebuild:
621 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
622 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
623 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
624 rsbac >> /etc/portage/package.use)
625
626 *hardened-sources-2.6.14 (14 Nov 2005)
627
628 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
629 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
630 Bumping 2.6 series to 2.6.14.2
631
632 *hardened-sources-2.6.13-r2 (20 Oct 2005)
633
634 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
635 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
636 +hardened-sources-2.6.13-r2.ebuild:
637 Fixes minor build error in ppc.
638
639 *hardened-sources-2.6.13-r1 (17 Oct 2005)
640
641 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
642 +hardened-sources-2.6.13-r1.ebuild:
643 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
644 2.6.13.4, fixes some major amd64 stability problems.
645
646 *hardened-sources-2.6.13 (16 Sep 2005)
647
648 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
649 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
650 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
651 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
652 users should test this thoroughly.
653
654 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
655 - stable on x86
656
657 *hardened-sources-2.6.11-r15 (27 Jun 2005)
658
659 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
660 +hardened-sources-2.6.11-r15.ebuild:
661 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
662 grsec redefining curr_ip struct.
663
664 *hardened-sources-2.4.31 (20 Jun 2005)
665
666 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
667 initial import of 2.4.31 tree
668
669 *hardened-sources-2.6.11-r14 (14 Jun 2005)
670
671 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
672 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
673 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
674 naming scheme to abide by genpatches
675
676 *hardened-sources-2.6.11-r13 (18 May 2005)
677
678 18 May 2005; John Mylchreest <johnm@gentoo.org>
679 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
680 Managed to mangle the Makefile patch from grsec, to miss out the grsec
681 target. sorry about that. Fixes bug #93022
682
683 *hardened-sources-2.6.11-r12 (17 May 2005)
684
685 17 May 2005; John Mylchreest <johnm@gentoo.org>
686 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
687 +hardened-sources-2.6.11-r12.ebuild:
688 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
689 merges in genpatches-base
690
691 *hardened-sources-2.6.11-r12 (17 May 2005)
692
693 17 May 2005; John Mylchreest <johnm@gentoo.org>
694 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
695 +hardened-sources-2.6.11-r12.ebuild:
696 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
697 merges in genpatches-base
698
699 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
700 -files/2.4.27-cmdline-race.patch,
701 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
702 -files/2.4.28-grsec-binfmt_a.out.patch,
703 -files/2.4.28-grsec-cmdline-race.patch,
704 -files/2.4.28-selinux-binfmt_a.out.patch,
705 -files/2.4.28-selinux-cmdline-race.patch,
706 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
707 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
708 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
709 cleanup..
710
711 *hardened-sources-2.4.30-r1 (21 Apr 2005)
712
713 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
714 - disable aout by default
715
716 *hardened-sources-2.4.30 (18 Apr 2005)
717
718 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
719 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
720 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
721 use
722
723 *hardened-sources-2.4.29 (30 Mar 2005)
724
725 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
726 +hardened-sources-2.4.29.ebuild:
727 New hardened-patches-2.4-29.0 patchball.
728 Removed SELinux support, upgraded GRSecurity to 2.1.4.
729
730 *hardened-sources-2.4.28-r5 (06 Mar 2005)
731
732 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
733 +hardened-sources-2.4.28-r5.ebuild:
734 Added a fix for a PaX vulnerability.
735
736 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
737 hardened-sources-2.4.28-r4.ebuild:
738 Stable on x86
739
740 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
741 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
742 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
743 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
744 - fixed/added RDEPEND= in all kernel-2 ebuilds
745
746 *hardened-sources-2.4.28-r4 (21 Jan 2005)
747
748 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
749 +hardened-sources-2.4.28-r4.ebuild:
750 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
751 backport of neighbour hash updates.
752
753 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754 hardened-sources-2.4.28-r3.ebuild:
755 Stable on x86
756
757 *hardened-sources-2.6.10-r3 (20 Jan 2005)
758
759 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
760 +hardened-sources-2.6.10-r3.ebuild:
761 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
762 in 2005.0
763
764 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
765 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
766 hardened-sources-2.4.28-r2.ebuild:
767 Mark stable on x86
768
769 *hardened-sources-2.4.28-r3 (17 Jan 2005)
770
771 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772 +hardened-sources-2.4.28-r3.ebuild:
773 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
774
775 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
776 hardened-sources-2.4.28.ebuild:
777 Mark stable on x86.
778
779 *hardened-sources-2.4.28-r2 (13 Jan 2005)
780
781 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
782 +hardened-sources-2.4.28-r2.ebuild:
783 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
784 Mazinger for grsecurity patches as well.
785
786 *hardened-sources-2.4.28-r1 (23 Dec 2004)
787
788 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
789 Security bump. Thank tocharian for rolling a new patchset...
790
791 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
792 +files/2.4.28-grsec-cmdline-race.patch,
793 +files/2.4.28-selinux-binfmt_a.out.patch,
794 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
795 - Round up remaining security patches that appear to be missing in 2.4.28. -
796 PaX standalone updated to current. hgpv=28.1
797
798 *hardened-sources-2.4.28 (28 Nov 2004)
799
800 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
801 security bump. Thank tocharian for rolling a new patchset
802
803 *hardened-sources-2.4.27-r3 (08 Sep 2004)
804
805 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
806 +hardened-sources-2.4.27-r3.ebuild:
807 Applies the new 2.4-27.2 patchball which updates
808 GRSecurity to the 2.0.1 version.
809
810 *hardened-sources-2.4.27-r2 (31 Aug 2004)
811
812 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
813 +hardened-sources-2.4.27-r2.ebuild:
814 Version bump.
815 This version uses the new 2.4-27.1 patchball which updates
816 both the SELinux PaX hooks patch and the SELinux headers.
817
818 *hardened-sources-2.4.27-r1 (09 Aug 2004)
819
820 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
821 +hardened-sources-2.4.27-r1.ebuild,
822 -hardened-sources-2.4.27.ebuild,
823 +files/2.4.27-cmdline-race.patch:
824 Version bump, fix for cmdline race. See bug #59905.
825
826 *hardened-sources-2.4.26-r6 (09 Aug 2004)
827
828 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
829 +hardened-sources-2.4.26-r6.ebuild,
830 -hardened-sources-2.4.26-r5.ebuild,
831 -hardened-sources-2.4.26-r4.ebuild,
832 +files/2.4.26-cmdline-race.patch:
833 Version bump, fix for cmdline race. See bug #59905.
834
835 *hardened-sources-2.4.27 (08 Aug 2004)
836
837 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
838 +hardened-sources-2.4.27.ebuild,
839 +files/2.4.27-CAN-2004-0394.patch:
840 Ported the patchball to the 2.4.27 kernel version.
841
842 *hardened-sources-2.4.26-r5 (07 Aug 2004)
843
844 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
845 +hardened-sources-2.4.26-r5.ebuild:
846 Updated to use the new hardened-patches-2.4-26.1 patchball.
847 It adds the following features:
848 - Squashfs
849 - Ebtables
850 - Netdev random (core+drivers)
851 - Watchdog Timer (WDT) fix.
852
853 *hardened-sources-2.4.26-r4 (04 Aug 2004)
854
855 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
856 +hardened-sources-2.4.26-r4.ebuild,
857 +files/2.4.26-CAN-2004-0415.patch,
858 -hardened-sources-2.4.26-3:
859 Version bump, fix for CAN 0415, see bug #59378.
860
861 *hardened-sources-2.4.26-r3 (22 Jul 2004)
862
863 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
864 +hardened-sources-2.4.26-r3.ebuild,
865 +files/2.4.26-CAN-2004-0497.patch,
866 -hardened-sources-2.4.26-r2.ebuild:
867 Version bump, fixed CAN 0497, see bug #56171.
868
869 *hardened-sources-2.4.26-r2 (29 Jun 2004)
870
871 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
872 +hardened-sources-2.4.26-r2.ebuild,
873 +files/2.4.26-CAN-2004-0495.patch,
874 +files/2.4.26-CAN-2004-0535.patch,
875 -hardened-sources-2.4.26-r1.ebuild:
876 Fixes for both CAN 0495 and 0535, see bug #54976
877
878 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
879 hardened-sources-2.4.26-r1.ebuild:
880 QA - fix use invocation
881
882 *hardened-sources-2.4.26-r1 (22 June 2004)
883
884 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
885 +hardened-sources-2.4.26-r1.ebuild,
886 +files/2.4.26-CAN-2004-0394.patch,
887 +files/2.4.26-signal-race.patch,
888 -hardened-sources-2.4.26.ebuild,
889 -hardened-sources-2.4.24-r3.ebuild:
890 Version bump for the CAN-2004-0394 issue and bug #53804
891 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
892
893
894 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
895 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
896 Masked hardened-sources-2.4.26.ebuild broken for ppc
897
898 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
899 hardened-sources-2.4.24-r3.ebuild:
900 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
901
902 *hardened-sources-2.4.26 (29 May 2004)
903
904 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
905 +hardened-sources-2.4.26.ebuild:
906 Updated hardened-sources for the 2.4.26 kernel
907 Removed broken components, updated almost everything.
908
909 *hardened-sources-2.4.24-r3 (17 Apr 2004)
910
911 17 Apr 2004; <plasmaroo@gentoo.org>
912 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
913 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
914 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
915 +hardened-sources-2.4.24-r3.ebuild:
916 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
917 vulnerabilities. Old revisions removed.
918
919 *hardened-sources-2.4.24-r2 (15 Apr 2004)
920
921 15 Apr 2004; <plasmaroo@gentoo.org>
922 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
923 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
924 Version bump for the CAN-2004-0109 issue; bug #47881.
925
926 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
927 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
928 Add eutils to inherit.
929
930 *hardened-sources-2.4.24-r1 (19 Feb 2004)
931
932 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
933 files/hardened-sources-2.4.24.munmap.patch:
934 Added the patch for the mremap/munmap vulnerability. Bug #42024.
935
936 *hardened-sources-2.4.24 (06 Feb 2004)
937
938 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
939 hardened-sources-2.4.24.ebuild:
940 Version bump, updated most of the components.
941 This release includes the following:
942
943 - Hardened security
944 - Netfilter patch-o-matic 20031219
945 - FreeSWAN 2.04 & x509 1.4.8
946 - EVMS 2.2.2
947 - XFS 1.3.1
948 - cryptoloop jari
949 - grsecurity 2.0-rc4
950 - SELinux
951 - PaX 200402060000
952 - PaX Obscurity 200308302223
953 - Others...
954
955 Neither -ck nor systrace are included anymore.
956
957 *hardened-sources-2.4.22-r2 (05 Jan 2004)
958
959 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
960 hardened-sources-2.4.22-r2.ebuild:
961 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
962
963 *hardened-sources-2.4.22-r1 (02 Dec 2003)
964
965 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
966 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
967
968 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
969 hardened-sources-2.4.22-r1.ebuild:
970 Version bump for the 'do_brk' vulnerability.
971
972 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
973 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
974 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
975 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
976 Fix the 'do_brk' vulnerability.
977
978 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
979 hardened-sources-2.4.22.ebuild:
980 - Removed the src_install() portion for SELinux flask
981 components. These are no longer handled in the kernel
982 so this code was not necessary.
983
984 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
985 New 2.4.22 based hardened-sources thanks to
986 Phil West <p.west@computer.org>.
987
988 These sources include:
989 - New SELinux API
990 - Updated CK-base
991 - Updated GRSec
992 - Systrace
993 - SuperFreeS/WAN 1.99.8
994 - Propolice kernel build support
995 - EVMS
996 - Other various security related patches
997
998 *hardened-sources-2.4.21 (14 Sep 2003)
999
1000 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1001 Updated hardened-sources based on the 2.4.21 Linux kernel.
1002 This includes updates to most major components such as:
1003 - ck-base-0306300059
1004 - selinux-2.4-2003071106
1005 - grsecurity-2.0-rc1
1006 - Updated IPTables patch-o-matic
1007 - Updated SuperFreeS/WAN
1008
1009 Thanks to Phil West <pwest@computer.org> for his work in getting this
1010 updated patch set ready for the 2.4.21 based kernel.
1011
1012 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1013 Initial import of hardened-sources-2.4.20-r4. This revision
1014 includes only a few changes, but one of these is an important
1015 security fix. It is recommended all users of hardened-sources
1016 upgrade to this release.
1017
1018 - ioperm bug fix
1019 - fixed compilation failure when building without GRSec
1020
1021 SAL (Secure Auditing for Linux) is NOT included in this revision
1022 due to time constraints, but is planned for inclusion in the near
1023 future.
1024
1025 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1026
1027 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1028 hardened-sources-2.4.20-r3.ebuild:
1029 Add Header...
1030
1031 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1032 hardened-sources-2.4.20-r3.ebuild:
1033 Removed warnings from ebuild. This kernel should be safe to
1034 use at this point.
1035
1036 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1037
1038 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1039 hardened-sources-2.4.20-r3.ebuild:
1040 New revision. Includes the following changes over -r2:
1041
1042 - ck7-base (O(1), preempt, low latency)
1043 - Super FreeS/WAN 1.99.7rc2
1044 - PaX for the LSM/SELinux branch
1045 - GRSecurity 2.0-pre4 (role based access control)
1046 - Systrace 1.3
1047 - EXT3 fixes
1048 - EVMS 2.0.1
1049 - GCC 3.1+ compile optimizations
1050 - ProPolice kernel build support
1051 - Hashing table security fixes
1052
1053 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1054
1055 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1056 Initial import of hardened-sources-r2. This new
1057 ebuild includes many new performance and security
1058 related patches. As in -r1, it will patch in
1059 LSM/SELinux if "selinux" is in USE, otherwise it
1060 will patch in GRSecurity. The following patches
1061 are included in this revision:
1062
1063 - O(1) Scheduler, Low Latency, and Preempt
1064 (pulled from the base CK patch)
1065 - ptrace exploit patch for the LSM kernel
1066 (the GRSec patch already fixes this)
1067 - LSM 2.4-2003040709
1068 - SELinux 2.4-2003040709
1069 - Systrace v1.2
1070 - IPTables patch-o-matic base patches - 20030107
1071 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1072 - Super FreeS/WAN 1.99.6.1
1073 - GRSecurity 1.9.9g
1074 - MPPE
1075 - EXT3 data journal fix
1076 - CIPE 1.5.4
1077
1078 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1079 hardened-sources-2.4.20-r1.ebuild, manifest:
1080 Updated to install flask components correctly for selinux.
1081
1082 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1083 hardened-sources-2.4.20-r1.ebuild:
1084 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1085 is patched in instead. Ptrace patches for selinux have also been added. In
1086 either case, systrace support will be patched in as well.
1087
1088 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1089 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1090 Revision bump for new sources.
1091
1092 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1093 hardened-sources-2.4.20-r1.ebuild:
1094 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1095
1096 *hardened-sources-2.4.20 (30 Mar 2003)
1097
1098 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1099 hardened-sources-2.4.20.ebuild:
1100 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20