/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.174 - (show annotations) (download)
Wed Aug 22 20:48:18 2007 UTC (7 years, 4 months ago) by phreak
Branch: MAIN
Changes since 1.173: +7 -1 lines
Revision bump for Linux 2.6.22.4.
(Portage version: 2.1.3.6)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.173 2007/08/16 23:05:15 phreak Exp $
4
5 *hardened-sources-2.6.22-r3 (22 Aug 2007)
6
7 22 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.22-r3.ebuild:
9 Revision bump for Linux 2.6.22.4.
10
11 16 Aug 2007; Christian Heim <phreak@gentoo.org>
12 hardened-sources-2.6.22-r2.ebuild:
13 Updated patchset, to fix the alignment against 2.6.22.3.
14
15 *hardened-sources-2.6.22-r2 (16 Aug 2007)
16
17 16 Aug 2007; Christian Heim <phreak@gentoo.org>
18 +hardened-sources-2.6.22-r2.ebuild:
19 Revision bump for Linux 2.6.22.3.
20
21 *hardened-sources-2.4.35 (16 Aug 2007)
22
23 16 Aug 2007; Christian Heim <phreak@gentoo.org>
24 +hardened-sources-2.4.35.ebuild:
25 Version bump, initial version for Linux 2.4.35.
26
27 *hardened-sources-2.6.21-r4 (16 Aug 2007)
28
29 16 Aug 2007; Christian Heim <phreak@gentoo.org>
30 +hardened-sources-2.6.21-r4.ebuild:
31 Revision bump for Linux 2.6.21.6.
32
33 *hardened-sources-2.6.20-r7 (16 Aug 2007)
34
35 16 Aug 2007; Christian Heim <phreak@gentoo.org>
36 +hardened-sources-2.6.20-r7.ebuild:
37 Revision bump for Linux 2.6.20.16.
38
39 *hardened-sources-2.6.22-r1 (13 Aug 2007)
40
41 13 Aug 2007; Christian Heim <phreak@gentoo.org>
42 +hardened-sources-2.6.22-r1.ebuild:
43 Yet another revision bump.
44
45 *hardened-sources-2.6.22 (10 Aug 2007)
46
47 10 Aug 2007; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.22.ebuild:
49 Initial release for 2.6.22. If you are using hardened-sources on a desktop
50 machine (P4 or newer), be aware you might need to disable
51 CONFIG_PAX_PAGEEXEC.
52
53 04 Aug 2007; Christian Heim <phreak@gentoo.org>
54 hardened-sources-2.6.20-r6.ebuild:
55 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
56 2.6.20.15.
57
58 10 Jul 2007; Christian Heim <phreak@gentoo.org>
59 hardened-sources-2.6.20-r5.ebuild:
60 Marking hardened-sources-2.6.20-r5 stable on ppc.
61
62 10 Jul 2007; Christian Heim <phreak@gentoo.org>
63 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
64 Cleanup.
65
66 *hardened-sources-2.6.20-r6 (08 Jul 2007)
67
68 08 Jul 2007; Christian Heim <phreak@gentoo.org>
69 +hardened-sources-2.6.20-r6.ebuild:
70 Revision bump, grabbing yet another stable release.
71
72 17 Jun 2007; Christian Heim <phreak@gentoo.org>
73 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
74 -hardened-sources-2.6.21-r2.ebuild:
75 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
76 alpha stable KEYWORD by mistake.
77
78 17 Jun 2007; Christian Heim <phreak@gentoo.org>
79 hardened-sources-2.6.20-r5.ebuild:
80 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
81 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
82
83 *hardened-sources-2.6.21-r3 (12 Jun 2007)
84
85 12 Jun 2007; Christian Heim <phreak@gentoo.org>
86 +hardened-sources-2.6.21-r3.ebuild:
87 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
88 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
89 love.
90
91 *hardened-sources-2.6.20-r5 (11 Jun 2007)
92
93 11 Jun 2007; Christian Heim <phreak@gentoo.org>
94 +hardened-sources-2.6.20-r5.ebuild:
95 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
96 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
97 love.
98
99 *hardened-sources-2.4.34.5 (11 Jun 2007)
100
101 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
102 +hardened-sources-2.4.34.5.ebuild:
103 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
104
105 30 May 2007; Christian Heim <phreak@gentoo.org>
106 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
107 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
108 stale ebuild(s).
109
110 30 May 2007; Christian Heim <phreak@gentoo.org>
111 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
112 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
113 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
114 Doing some cleanups, remove stale ebuilds.
115
116 26 May 2007; Christian Heim <phreak@gentoo.org>
117 hardened-sources-2.6.21-r2.ebuild:
118 Fixing the grsecurity patch, had one '};' too much.
119
120 *hardened-sources-2.6.21-r2 (26 May 2007)
121
122 26 May 2007; Christian Heim <phreak@gentoo.org>
123 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
124 +hardened-sources-2.6.21-r2.ebuild:
125 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
126 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
127
128 *hardened-sources-2.6.20-r4 (26 May 2007)
129
130 26 May 2007; Christian Heim <phreak@gentoo.org>
131 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
132 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
133 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
134
135 15 May 2007; Christian Heim <phreak@gentoo.org>
136 hardened-sources-2.6.20-r3.ebuild:
137 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
138 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
139 grsecurity patch fail in that exact same hunk.
140
141 *hardened-sources-2.6.20-r3 (15 May 2007)
142
143 15 May 2007; Christian Heim <phreak@gentoo.org>
144 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
145 Revision bump, incorporating Linux 2.6.20.11.
146
147 *hardened-sources-2.6.21-r1 (11 May 2007)
148
149 11 May 2007; Christian Heim <phreak@gentoo.org>
150 +hardened-sources-2.6.21-r1.ebuild:
151 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
152 mentioned in #177234.
153
154 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
155 files/digest-hardened-sources-2.6.21, Manifest:
156 Fix Manifest/digest for linux-2.6.21.tar.bz2
157
158 06 May 2007; Christian Heim <phreak@gentoo.org>
159 hardened-sources-2.6.21.ebuild:
160 Bumping the hardened-patches version, needed for the fix for #177234.
161
162 *hardened-sources-2.6.21 (02 May 2007)
163
164 02 May 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.21.ebuild:
166 Version bump, Linux 2.6.21-hardened.
167
168 29 Apr 2007; Christian Heim <phreak@gentoo.org>
169 hardened-sources-2.6.20-r2.ebuild:
170 Adding ~ia64 on Ned's request.
171
172 29 Apr 2007; Christian Heim <phreak@gentoo.org>
173 hardened-sources-2.6.20-r2.ebuild:
174 Fixing the included grsecurity patch, wasn't alligning due to the Index:
175 header line(s).
176
177 29 Apr 2007; Christian Heim <phreak@gentoo.org>
178 hardened-sources-2.6.20-r2.ebuild:
179 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
180
181 *hardened-sources-2.6.20-r2 (10 Apr 2007)
182
183 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
184 +hardened-sources-2.6.20-r2.ebuild:
185 Version bump, on behalf of phreak
186
187 *hardened-sources-2.6.20-r1 (04 Apr 2007)
188
189 04 Apr 2007; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.20-r1.ebuild:
191 Revision bump, grabbing a newer grsecurity snapshot.
192
193 *hardened-sources-2.6.20 (25 Mar 2007)
194
195 25 Mar 2007; Christian Heim <phreak@gentoo.org>
196 +hardened-sources-2.6.20.ebuild:
197 Finally a hardened-sources version for 2.6.20; many people have been waiting
198 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
199 testbox.
200
201 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
202 hardened-sources-2.6.18-r6.ebuild:
203 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
204
205 *hardened-sources-2.6.18-r6 (16 Mar 2007)
206
207 16 Mar 2007; Christian Heim <phreak@gentoo.org>
208 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
209 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
210 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
211 supposed to be.
212
213 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
214 Fixing the Manifest, the previous one was broken (as in still had the
215 deleted ebuild in it).
216
217 06 Mar 2007; Christian Heim <phreak@gentoo.org>
218 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
219 +hardened-sources-2.6.18-r5.ebuild:
220 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
221 Linux 2.6.18.8. Also cleaning up the older version.
222
223 *hardened-sources-2.6.18-r5 (06 Mar 2007)
224
225 06 Mar 2007; Christian Heim <phreak@gentoo.org>
226 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
227 +hardened-sources-2.6.18-r5.ebuild:
228 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
229 Linux 2.6.18.8. Also cleaning up the older version.
230
231 24 Feb 2007; Christian Heim <phreak@gentoo.org>
232 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
233 -hardened-sources-2.6.19-r5.ebuild:
234 Removing some of the old version, that didn't work.
235
236 *hardened-sources-2.6.19-r6 (12 Feb 2007)
237
238 12 Feb 2007; Christian Heim <phreak@gentoo.org>
239 +hardened-sources-2.6.19-r6.ebuild:
240 Revision bump, including a new grsec version fixing #166235.
241
242 *hardened-sources-2.4.34 (24 Jan 2007)
243
244 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
245 Manifest:
246 updating Manifest with checksums of new tarball and ebuild
247
248 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
249 +hardened-sources-2.4.34.ebuild:
250 I added new hardened sources 2.4 update, this is a critical path
251 security bugfix - all users of h-s are strongly advised
252 to update their existing hardened sources to this version.
253 It contains a fix for a kernel vulnerability that is pertaining
254 to the PaX changes to virtual memory management, possibly leading
255 to a local kernel exploit ... see grsecurity.net forums and homepage
256
257 23 Jan 2007; Christian Heim <phreak@gentoo.org>
258 files/digest-hardened-sources-2.6.19-r5, Manifest:
259 Fixing the patch-tarball digest.
260
261 *hardened-sources-2.6.19-r5 (23 Jan 2007)
262
263 23 Jan 2007; Christian Heim <phreak@gentoo.org>
264 +hardened-sources-2.6.19-r5.ebuild:
265 Revision bump, closing the recently discovered PaX expand_stack()
266 vulnerability.
267
268 *hardened-sources-2.6.19-r4 (14 Jan 2007)
269
270 14 Jan 2007; Christian Heim <phreak@gentoo.org>
271 +hardened-sources-2.6.19-r4.ebuild:
272 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
273 dropping the randomized PID feature.
274
275 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
276 hardened-sources-2.4.33.4.ebuild:
277 stable x86, bug #161171
278
279 *hardened-sources-2.6.19-r3 (27 Dec 2006)
280
281 27 Dec 2006; Christian Heim <phreak@gentoo.org>
282 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
283 Revision bump for bug #157186 and #158786.
284
285 *hardened-sources-2.6.18-r4 (27 Dec 2006)
286
287 27 Dec 2006; Christian Heim <phreak@gentoo.org>
288 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
289 Revision bump for bug #157186.
290
291 *hardened-sources-2.6.19-r2 (23 Dec 2006)
292
293 23 Dec 2006; Christian Heim <phreak@gentoo.org>
294 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
295 Revision bump to pull in genpatches-2.6.19-3 for #157186.
296
297 17 Dec 2006; Christian Heim <phreak@gentoo.org>
298 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
299 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
300 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
301 hardened-sources-2.6.19-r1.ebuild:
302 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
303 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
304
305 *hardened-sources-2.4.33.4 (17 Dec 2006)
306
307 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
308 +hardened-sources-2.4.33.4.ebuild:
309 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
310 and quilting
311
312 *hardened-sources-2.6.19-r1 (14 Dec 2006)
313
314 14 Dec 2006; Christian Heim <phreak@gentoo.org>
315 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
316 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
317 for reporting).
318
319 *hardened-sources-2.6.19 (13 Dec 2006)
320
321 13 Dec 2006; Christian Heim <phreak@gentoo.org>
322 +hardened-sources-2.6.19.ebuild:
323 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
324 Brad for providing that prompt update.
325
326 *hardened-sources-2.6.18-r3 (13 Dec 2006)
327
328 13 Dec 2006; Christian Heim <phreak@gentoo.org>
329 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
330 +hardened-sources-2.6.18-r3.ebuild:
331 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
332 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
333
334 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
335 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
336
337 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
338 Stable on ppc wrt bug 157356
339
340 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
341 hardened-sources-2.6.18.ebuild:
342 stable x86, bug #157356
343
344 *hardened-sources-2.6.18-r2 (06 Dec 2006)
345
346 06 Dec 2006; Christian Heim <phreak@gentoo.org>
347 +hardened-sources-2.6.18-r2.ebuild:
348 Revision bump, including 2.6.18.5 (via genpatches) and
349 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
350 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
351 redesign.
352
353 06 Dec 2006; Christian Heim <phreak@gentoo.org>
354 hardened-sources-2.6.18.ebuild:
355 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
356 of Mike Doty).
357
358 *hardened-sources-2.6.18-r1 (23 Nov 2006)
359
360 23 Nov 2006; Christian Heim <phreak@gentoo.org>
361 +hardened-sources-2.6.18-r1.ebuild:
362 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
363
364 *hardened-sources-2.6.18 (11 Nov 2006)
365
366 11 Nov 2006; Christian Heim <phreak@gentoo.org>
367 +hardened-sources-2.6.18.ebuild:
368 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
369
370 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
371 - mark amd64 stable also. bug #151877
372
373 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
374 - mark 2.6.17-r1 stable
375
376 27 Aug 2006; Christian Heim <phreak@gentoo.org>
377 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
378 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
379
380 *hardened-sources-2.6.17-r1 (26 Aug 2006)
381
382 26 Aug 2006; Christian Heim <phreak@gentoo.org>
383 +hardened-sources-2.6.17-r1.ebuild:
384 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
385 grsecurity patch.
386
387 *hardened-sources-2.6.17 (17 Aug 2006)
388
389 17 Aug 2006; Christian Heim <phreak@gentoo.org>
390 +hardened-sources-2.6.17.ebuild:
391 Bumping the hardened-sources-2.6 series to 2.6.17, using
392 genpatches-2.6.17-6.base.
393
394 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
395 - stable on x86 and amd64
396
397 *hardened-sources-2.6.16-r11 (15 Jul 2006)
398
399 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
400 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
401 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
402 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
403 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
404 crusty ebuilds
405
406 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
407 hardened-sources-2.6.16-r10.ebuild:
408 marking stable on x86 and amd64
409
410 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
411 - 2.4.32-r6 stable on x86. RSBAC state unknown
412
413 *hardened-sources-2.4.32-r7 (10 Jul 2006)
414
415 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
416 +hardened-sources-2.4.32-r7.ebuild:
417 Bump PaX for RSBAC to test-17
418
419 *hardened-sources-2.6.16-r9 (03 Jul 2006)
420
421 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
422 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
423 hardened-sources-2.6.16 bump to latest -base.
424
425 *hardened-sources-2.4.32-r6 (30 Jun 2006)
426
427 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
428 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
429 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
430 sysctl controlable resource logging
431
432 *hardened-sources-2.6.16-r7 (05 Jun 2006)
433
434 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
435 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
436 push new 2.6.16 release in preparation for stable
437
438 22 May 2006; <solar@gentoo.org> :
439 - redigest bug 134002
440
441 *hardened-sources-2.4.32-r5 (16 May 2006)
442
443 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
444 +hardened-sources-2.4.32-r5.ebuild:
445 Fixes rsbac common patching (new patch in new -r5 patchset)
446
447 *hardened-sources-2.4.32-r4 (13 May 2006)
448
449 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
450 +hardened-sources-2.4.32-r4.ebuild:
451 - security bumps
452
453 *hardened-sources-2.6.16-r6 (03 May 2006)
454
455 03 May 2006; John Mylchreest <johnm@gentoo.org>
456 +hardened-sources-2.6.16-r6.ebuild:
457 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
458
459 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
460 hardened-sources-2.6.14-r8.ebuild:
461 fix x86_64 build problem, this will delay the digest issue again for a short
462 while but it will sort itself out
463
464 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
465 hardened-sources-2.6.14-r8.ebuild:
466 bump hardened patchset
467
468 27 Apr 2006; Alec Warner <antarus@gentoo.org>
469 files/digest-hardened-sources-2.4.32-r2,
470 files/digest-hardened-sources-2.4.32-r3,
471 files/digest-hardened-sources-2.6.14-r8, Manifest:
472 Fixing duff SHA256 digests: Bug # 131293
473
474 *hardened-sources-2.6.16-r5 (27 Apr 2006)
475
476 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
477 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
478 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
479 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
480 cleanup of old uneccessary sources
481
482 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
483 fix digest
484
485 *hardened-sources-2.6.14-r8 (20 Apr 2006)
486
487 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
488 +hardened-sources-2.6.14-r8.ebuild:
489 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
490
491 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
492 Turning on gpg-signing again, and recomitting
493
494 *hardened-sources-2.6.16-r4 (20 Apr 2006)
495
496 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
497 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
498 +hardened-sources-2.6.16-r4.ebuild:
499 Fix numerous security vulns
500
501 *hardened-sources-2.4.32-r3 (16 Apr 2006)
502
503 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
504 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
505 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
506 - security bump for bug #112791. Removed old ebuilds
507
508 *hardened-sources-2.6.16-r3 (15 Apr 2006)
509
510 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
511 +hardened-sources-2.6.16-r3.ebuild:
512 Removing silly localversion which I missed
513
514 *hardened-sources-2.6.14-r7 (14 Apr 2006)
515
516 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
517 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
518 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
519
520 *hardened-sources-2.6.16-r2 (13 Apr 2006)
521
522 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
523 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
524 +hardened-sources-2.6.16-r2.ebuild:
525 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
526 labels, dropping USERGROUP define fixes, since these were merged mainstream.
527
528 *hardened-sources-2.6.16-r1 (11 Apr 2006)
529
530 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
531 +hardened-sources-2.6.16-r1.ebuild:
532 Bumping to include ppc build fix and 2.6.16.3
533
534 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
535 hardened-sources-2.6.14-r6.ebuild:
536 Stable on x86; bug #127718
537
538 *hardened-sources-2.6.16 (31 Mar 2006)
539
540 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
541 +hardened-sources-2.6.16.ebuild:
542 Bumping to new version of grsec, and kernel base. New squashfs. Based on
543 2.6.16.1
544
545 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
546 hardened-sources-2.6.14-r6.ebuild:
547 Stable on amd64, bug 127718.
548
549 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
550 Stable on ppc. Bug #127718
551
552 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
553 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
554 -hardened-sources-2.6.14-r4.ebuild:
555 Cleanup.
556
557 *hardened-sources-2.6.14-r6 (15 Mar 2006)
558
559 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
560 +hardened-sources-2.6.14-r6.ebuild:
561 Fixes grsec policy recreation bug and adds a
562 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
563
564 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
565 - stable on x86
566
567 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
568 hardened-sources-2.6.14-r5.ebuild:
569 Stable on ppc.
570
571 *hardened-sources-2.6.14-r5 (01 Feb 2006)
572
573 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
574 +hardened-sources-2.6.14-r5.ebuild:
575 fixing every known exploit
576
577 *hardened-sources-2.4.32-r2 (26 Jan 2006)
578
579 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
580 +hardened-sources-2.4.32-r2.ebuild:
581 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
582
583 *hardened-sources-2.6.14-r4 (12 Jan 2006)
584
585 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
586 - version bump for new genpatches which fix up a few sec holes
587
588 *hardened-sources-2.4.32-r1 (05 Jan 2006)
589
590 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
591 - revision bump to add misc vital linux kernel security patches.
592
593 *hardened-sources-2.6.14-r3 (30 Dec 2005)
594
595 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
596 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
597 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
598
599 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
600 hardened-sources-2.6.14-r2.ebuild:
601 making x86 & amd64 stable following testing.
602
603 *hardened-sources-2.6.14-r2 (27 Dec 2005)
604
605 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
606 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
607 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
608 network hooks.
609
610 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
611 hardened-sources-2.6.14-r1.ebuild:
612 bumping to stable early for sec fix on x86 & amd64
613
614 *hardened-sources-2.6.14-r1 (05 Dec 2005)
615
616 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
617 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
618 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
619
620 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
621 - stable on x86 security bug #114227 CAN-2005-3257
622
623 *hardened-sources-2.4.32 (19 Nov 2005)
624
625 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
626 +hardened-sources-2.4.32.ebuild:
627 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
628 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
629 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
630 rsbac >> /etc/portage/package.use)
631
632 *hardened-sources-2.6.14 (14 Nov 2005)
633
634 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
635 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
636 Bumping 2.6 series to 2.6.14.2
637
638 *hardened-sources-2.6.13-r2 (20 Oct 2005)
639
640 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
641 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
642 +hardened-sources-2.6.13-r2.ebuild:
643 Fixes minor build error in ppc.
644
645 *hardened-sources-2.6.13-r1 (17 Oct 2005)
646
647 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
648 +hardened-sources-2.6.13-r1.ebuild:
649 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
650 2.6.13.4, fixes some major amd64 stability problems.
651
652 *hardened-sources-2.6.13 (16 Sep 2005)
653
654 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
655 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
656 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
657 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
658 users should test this thoroughly.
659
660 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
661 - stable on x86
662
663 *hardened-sources-2.6.11-r15 (27 Jun 2005)
664
665 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
666 +hardened-sources-2.6.11-r15.ebuild:
667 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
668 grsec redefining curr_ip struct.
669
670 *hardened-sources-2.4.31 (20 Jun 2005)
671
672 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
673 initial import of 2.4.31 tree
674
675 *hardened-sources-2.6.11-r14 (14 Jun 2005)
676
677 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
678 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
679 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
680 naming scheme to abide by genpatches
681
682 *hardened-sources-2.6.11-r13 (18 May 2005)
683
684 18 May 2005; John Mylchreest <johnm@gentoo.org>
685 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
686 Managed to mangle the Makefile patch from grsec, to miss out the grsec
687 target. sorry about that. Fixes bug #93022
688
689 *hardened-sources-2.6.11-r12 (17 May 2005)
690
691 17 May 2005; John Mylchreest <johnm@gentoo.org>
692 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
693 +hardened-sources-2.6.11-r12.ebuild:
694 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
695 merges in genpatches-base
696
697 *hardened-sources-2.6.11-r12 (17 May 2005)
698
699 17 May 2005; John Mylchreest <johnm@gentoo.org>
700 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
701 +hardened-sources-2.6.11-r12.ebuild:
702 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
703 merges in genpatches-base
704
705 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
706 -files/2.4.27-cmdline-race.patch,
707 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
708 -files/2.4.28-grsec-binfmt_a.out.patch,
709 -files/2.4.28-grsec-cmdline-race.patch,
710 -files/2.4.28-selinux-binfmt_a.out.patch,
711 -files/2.4.28-selinux-cmdline-race.patch,
712 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
713 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
714 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
715 cleanup..
716
717 *hardened-sources-2.4.30-r1 (21 Apr 2005)
718
719 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
720 - disable aout by default
721
722 *hardened-sources-2.4.30 (18 Apr 2005)
723
724 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
725 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
726 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
727 use
728
729 *hardened-sources-2.4.29 (30 Mar 2005)
730
731 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
732 +hardened-sources-2.4.29.ebuild:
733 New hardened-patches-2.4-29.0 patchball.
734 Removed SELinux support, upgraded GRSecurity to 2.1.4.
735
736 *hardened-sources-2.4.28-r5 (06 Mar 2005)
737
738 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
739 +hardened-sources-2.4.28-r5.ebuild:
740 Added a fix for a PaX vulnerability.
741
742 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
743 hardened-sources-2.4.28-r4.ebuild:
744 Stable on x86
745
746 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
747 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
748 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
749 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
750 - fixed/added RDEPEND= in all kernel-2 ebuilds
751
752 *hardened-sources-2.4.28-r4 (21 Jan 2005)
753
754 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
755 +hardened-sources-2.4.28-r4.ebuild:
756 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
757 backport of neighbour hash updates.
758
759 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
760 hardened-sources-2.4.28-r3.ebuild:
761 Stable on x86
762
763 *hardened-sources-2.6.10-r3 (20 Jan 2005)
764
765 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
766 +hardened-sources-2.6.10-r3.ebuild:
767 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
768 in 2005.0
769
770 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
771 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
772 hardened-sources-2.4.28-r2.ebuild:
773 Mark stable on x86
774
775 *hardened-sources-2.4.28-r3 (17 Jan 2005)
776
777 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
778 +hardened-sources-2.4.28-r3.ebuild:
779 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
780
781 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
782 hardened-sources-2.4.28.ebuild:
783 Mark stable on x86.
784
785 *hardened-sources-2.4.28-r2 (13 Jan 2005)
786
787 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
788 +hardened-sources-2.4.28-r2.ebuild:
789 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
790 Mazinger for grsecurity patches as well.
791
792 *hardened-sources-2.4.28-r1 (23 Dec 2004)
793
794 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
795 Security bump. Thank tocharian for rolling a new patchset...
796
797 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
798 +files/2.4.28-grsec-cmdline-race.patch,
799 +files/2.4.28-selinux-binfmt_a.out.patch,
800 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
801 - Round up remaining security patches that appear to be missing in 2.4.28. -
802 PaX standalone updated to current. hgpv=28.1
803
804 *hardened-sources-2.4.28 (28 Nov 2004)
805
806 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
807 security bump. Thank tocharian for rolling a new patchset
808
809 *hardened-sources-2.4.27-r3 (08 Sep 2004)
810
811 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
812 +hardened-sources-2.4.27-r3.ebuild:
813 Applies the new 2.4-27.2 patchball which updates
814 GRSecurity to the 2.0.1 version.
815
816 *hardened-sources-2.4.27-r2 (31 Aug 2004)
817
818 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
819 +hardened-sources-2.4.27-r2.ebuild:
820 Version bump.
821 This version uses the new 2.4-27.1 patchball which updates
822 both the SELinux PaX hooks patch and the SELinux headers.
823
824 *hardened-sources-2.4.27-r1 (09 Aug 2004)
825
826 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
827 +hardened-sources-2.4.27-r1.ebuild,
828 -hardened-sources-2.4.27.ebuild,
829 +files/2.4.27-cmdline-race.patch:
830 Version bump, fix for cmdline race. See bug #59905.
831
832 *hardened-sources-2.4.26-r6 (09 Aug 2004)
833
834 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
835 +hardened-sources-2.4.26-r6.ebuild,
836 -hardened-sources-2.4.26-r5.ebuild,
837 -hardened-sources-2.4.26-r4.ebuild,
838 +files/2.4.26-cmdline-race.patch:
839 Version bump, fix for cmdline race. See bug #59905.
840
841 *hardened-sources-2.4.27 (08 Aug 2004)
842
843 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
844 +hardened-sources-2.4.27.ebuild,
845 +files/2.4.27-CAN-2004-0394.patch:
846 Ported the patchball to the 2.4.27 kernel version.
847
848 *hardened-sources-2.4.26-r5 (07 Aug 2004)
849
850 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
851 +hardened-sources-2.4.26-r5.ebuild:
852 Updated to use the new hardened-patches-2.4-26.1 patchball.
853 It adds the following features:
854 - Squashfs
855 - Ebtables
856 - Netdev random (core+drivers)
857 - Watchdog Timer (WDT) fix.
858
859 *hardened-sources-2.4.26-r4 (04 Aug 2004)
860
861 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
862 +hardened-sources-2.4.26-r4.ebuild,
863 +files/2.4.26-CAN-2004-0415.patch,
864 -hardened-sources-2.4.26-3:
865 Version bump, fix for CAN 0415, see bug #59378.
866
867 *hardened-sources-2.4.26-r3 (22 Jul 2004)
868
869 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
870 +hardened-sources-2.4.26-r3.ebuild,
871 +files/2.4.26-CAN-2004-0497.patch,
872 -hardened-sources-2.4.26-r2.ebuild:
873 Version bump, fixed CAN 0497, see bug #56171.
874
875 *hardened-sources-2.4.26-r2 (29 Jun 2004)
876
877 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
878 +hardened-sources-2.4.26-r2.ebuild,
879 +files/2.4.26-CAN-2004-0495.patch,
880 +files/2.4.26-CAN-2004-0535.patch,
881 -hardened-sources-2.4.26-r1.ebuild:
882 Fixes for both CAN 0495 and 0535, see bug #54976
883
884 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
885 hardened-sources-2.4.26-r1.ebuild:
886 QA - fix use invocation
887
888 *hardened-sources-2.4.26-r1 (22 June 2004)
889
890 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
891 +hardened-sources-2.4.26-r1.ebuild,
892 +files/2.4.26-CAN-2004-0394.patch,
893 +files/2.4.26-signal-race.patch,
894 -hardened-sources-2.4.26.ebuild,
895 -hardened-sources-2.4.24-r3.ebuild:
896 Version bump for the CAN-2004-0394 issue and bug #53804
897 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
898
899
900 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
901 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
902 Masked hardened-sources-2.4.26.ebuild broken for ppc
903
904 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
905 hardened-sources-2.4.24-r3.ebuild:
906 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
907
908 *hardened-sources-2.4.26 (29 May 2004)
909
910 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
911 +hardened-sources-2.4.26.ebuild:
912 Updated hardened-sources for the 2.4.26 kernel
913 Removed broken components, updated almost everything.
914
915 *hardened-sources-2.4.24-r3 (17 Apr 2004)
916
917 17 Apr 2004; <plasmaroo@gentoo.org>
918 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
919 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
920 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
921 +hardened-sources-2.4.24-r3.ebuild:
922 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
923 vulnerabilities. Old revisions removed.
924
925 *hardened-sources-2.4.24-r2 (15 Apr 2004)
926
927 15 Apr 2004; <plasmaroo@gentoo.org>
928 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
929 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
930 Version bump for the CAN-2004-0109 issue; bug #47881.
931
932 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
933 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
934 Add eutils to inherit.
935
936 *hardened-sources-2.4.24-r1 (19 Feb 2004)
937
938 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
939 files/hardened-sources-2.4.24.munmap.patch:
940 Added the patch for the mremap/munmap vulnerability. Bug #42024.
941
942 *hardened-sources-2.4.24 (06 Feb 2004)
943
944 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
945 hardened-sources-2.4.24.ebuild:
946 Version bump, updated most of the components.
947 This release includes the following:
948
949 - Hardened security
950 - Netfilter patch-o-matic 20031219
951 - FreeSWAN 2.04 & x509 1.4.8
952 - EVMS 2.2.2
953 - XFS 1.3.1
954 - cryptoloop jari
955 - grsecurity 2.0-rc4
956 - SELinux
957 - PaX 200402060000
958 - PaX Obscurity 200308302223
959 - Others...
960
961 Neither -ck nor systrace are included anymore.
962
963 *hardened-sources-2.4.22-r2 (05 Jan 2004)
964
965 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
966 hardened-sources-2.4.22-r2.ebuild:
967 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
968
969 *hardened-sources-2.4.22-r1 (02 Dec 2003)
970
971 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
972 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
973
974 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
975 hardened-sources-2.4.22-r1.ebuild:
976 Version bump for the 'do_brk' vulnerability.
977
978 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
979 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
980 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
981 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
982 Fix the 'do_brk' vulnerability.
983
984 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
985 hardened-sources-2.4.22.ebuild:
986 - Removed the src_install() portion for SELinux flask
987 components. These are no longer handled in the kernel
988 so this code was not necessary.
989
990 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
991 New 2.4.22 based hardened-sources thanks to
992 Phil West <p.west@computer.org>.
993
994 These sources include:
995 - New SELinux API
996 - Updated CK-base
997 - Updated GRSec
998 - Systrace
999 - SuperFreeS/WAN 1.99.8
1000 - Propolice kernel build support
1001 - EVMS
1002 - Other various security related patches
1003
1004 *hardened-sources-2.4.21 (14 Sep 2003)
1005
1006 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1007 Updated hardened-sources based on the 2.4.21 Linux kernel.
1008 This includes updates to most major components such as:
1009 - ck-base-0306300059
1010 - selinux-2.4-2003071106
1011 - grsecurity-2.0-rc1
1012 - Updated IPTables patch-o-matic
1013 - Updated SuperFreeS/WAN
1014
1015 Thanks to Phil West <pwest@computer.org> for his work in getting this
1016 updated patch set ready for the 2.4.21 based kernel.
1017
1018 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1019 Initial import of hardened-sources-2.4.20-r4. This revision
1020 includes only a few changes, but one of these is an important
1021 security fix. It is recommended all users of hardened-sources
1022 upgrade to this release.
1023
1024 - ioperm bug fix
1025 - fixed compilation failure when building without GRSec
1026
1027 SAL (Secure Auditing for Linux) is NOT included in this revision
1028 due to time constraints, but is planned for inclusion in the near
1029 future.
1030
1031 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1032
1033 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1034 hardened-sources-2.4.20-r3.ebuild:
1035 Add Header...
1036
1037 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1038 hardened-sources-2.4.20-r3.ebuild:
1039 Removed warnings from ebuild. This kernel should be safe to
1040 use at this point.
1041
1042 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1043
1044 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1045 hardened-sources-2.4.20-r3.ebuild:
1046 New revision. Includes the following changes over -r2:
1047
1048 - ck7-base (O(1), preempt, low latency)
1049 - Super FreeS/WAN 1.99.7rc2
1050 - PaX for the LSM/SELinux branch
1051 - GRSecurity 2.0-pre4 (role based access control)
1052 - Systrace 1.3
1053 - EXT3 fixes
1054 - EVMS 2.0.1
1055 - GCC 3.1+ compile optimizations
1056 - ProPolice kernel build support
1057 - Hashing table security fixes
1058
1059 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1060
1061 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1062 Initial import of hardened-sources-r2. This new
1063 ebuild includes many new performance and security
1064 related patches. As in -r1, it will patch in
1065 LSM/SELinux if "selinux" is in USE, otherwise it
1066 will patch in GRSecurity. The following patches
1067 are included in this revision:
1068
1069 - O(1) Scheduler, Low Latency, and Preempt
1070 (pulled from the base CK patch)
1071 - ptrace exploit patch for the LSM kernel
1072 (the GRSec patch already fixes this)
1073 - LSM 2.4-2003040709
1074 - SELinux 2.4-2003040709
1075 - Systrace v1.2
1076 - IPTables patch-o-matic base patches - 20030107
1077 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1078 - Super FreeS/WAN 1.99.6.1
1079 - GRSecurity 1.9.9g
1080 - MPPE
1081 - EXT3 data journal fix
1082 - CIPE 1.5.4
1083
1084 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1085 hardened-sources-2.4.20-r1.ebuild, manifest:
1086 Updated to install flask components correctly for selinux.
1087
1088 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1089 hardened-sources-2.4.20-r1.ebuild:
1090 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1091 is patched in instead. Ptrace patches for selinux have also been added. In
1092 either case, systrace support will be patched in as well.
1093
1094 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1095 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1096 Revision bump for new sources.
1097
1098 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1099 hardened-sources-2.4.20-r1.ebuild:
1100 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1101
1102 *hardened-sources-2.4.20 (30 Mar 2003)
1103
1104 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1105 hardened-sources-2.4.20.ebuild:
1106 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20