/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.176 - (show annotations) (download)
Wed Aug 29 11:15:55 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.175: +7 -1 lines
Revision bump, new grsecurity patch.
(Portage version: 2.1.3.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.175 2007/08/26 16:22:23 phreak Exp $
4
5 *hardened-sources-2.4.35-r1 (29 Aug 2007)
6
7 29 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.4.35-r1.ebuild:
9 Revision bump, new grsecurity patch.
10
11 *hardened-sources-2.6.20-r8 (26 Aug 2007)
12
13 26 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.20-r8.ebuild:
15 Revision bump for Linux 2.6.20.17.
16
17 *hardened-sources-2.6.22-r3 (22 Aug 2007)
18
19 22 Aug 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.22-r3.ebuild:
21 Revision bump for Linux 2.6.22.4.
22
23 16 Aug 2007; Christian Heim <phreak@gentoo.org>
24 hardened-sources-2.6.22-r2.ebuild:
25 Updated patchset, to fix the alignment against 2.6.22.3.
26
27 *hardened-sources-2.6.22-r2 (16 Aug 2007)
28
29 16 Aug 2007; Christian Heim <phreak@gentoo.org>
30 +hardened-sources-2.6.22-r2.ebuild:
31 Revision bump for Linux 2.6.22.3.
32
33 *hardened-sources-2.4.35 (16 Aug 2007)
34
35 16 Aug 2007; Christian Heim <phreak@gentoo.org>
36 +hardened-sources-2.4.35.ebuild:
37 Version bump, initial version for Linux 2.4.35.
38
39 *hardened-sources-2.6.21-r4 (16 Aug 2007)
40
41 16 Aug 2007; Christian Heim <phreak@gentoo.org>
42 +hardened-sources-2.6.21-r4.ebuild:
43 Revision bump for Linux 2.6.21.6.
44
45 *hardened-sources-2.6.20-r7 (16 Aug 2007)
46
47 16 Aug 2007; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.20-r7.ebuild:
49 Revision bump for Linux 2.6.20.16.
50
51 *hardened-sources-2.6.22-r1 (13 Aug 2007)
52
53 13 Aug 2007; Christian Heim <phreak@gentoo.org>
54 +hardened-sources-2.6.22-r1.ebuild:
55 Yet another revision bump.
56
57 *hardened-sources-2.6.22 (10 Aug 2007)
58
59 10 Aug 2007; Christian Heim <phreak@gentoo.org>
60 +hardened-sources-2.6.22.ebuild:
61 Initial release for 2.6.22. If you are using hardened-sources on a desktop
62 machine (P4 or newer), be aware you might need to disable
63 CONFIG_PAX_PAGEEXEC.
64
65 04 Aug 2007; Christian Heim <phreak@gentoo.org>
66 hardened-sources-2.6.20-r6.ebuild:
67 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
68 2.6.20.15.
69
70 10 Jul 2007; Christian Heim <phreak@gentoo.org>
71 hardened-sources-2.6.20-r5.ebuild:
72 Marking hardened-sources-2.6.20-r5 stable on ppc.
73
74 10 Jul 2007; Christian Heim <phreak@gentoo.org>
75 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
76 Cleanup.
77
78 *hardened-sources-2.6.20-r6 (08 Jul 2007)
79
80 08 Jul 2007; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.20-r6.ebuild:
82 Revision bump, grabbing yet another stable release.
83
84 17 Jun 2007; Christian Heim <phreak@gentoo.org>
85 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
86 -hardened-sources-2.6.21-r2.ebuild:
87 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
88 alpha stable KEYWORD by mistake.
89
90 17 Jun 2007; Christian Heim <phreak@gentoo.org>
91 hardened-sources-2.6.20-r5.ebuild:
92 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
93 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
94
95 *hardened-sources-2.6.21-r3 (12 Jun 2007)
96
97 12 Jun 2007; Christian Heim <phreak@gentoo.org>
98 +hardened-sources-2.6.21-r3.ebuild:
99 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
100 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
101 love.
102
103 *hardened-sources-2.6.20-r5 (11 Jun 2007)
104
105 11 Jun 2007; Christian Heim <phreak@gentoo.org>
106 +hardened-sources-2.6.20-r5.ebuild:
107 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
108 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
109 love.
110
111 *hardened-sources-2.4.34.5 (11 Jun 2007)
112
113 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
114 +hardened-sources-2.4.34.5.ebuild:
115 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
116
117 30 May 2007; Christian Heim <phreak@gentoo.org>
118 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
119 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
120 stale ebuild(s).
121
122 30 May 2007; Christian Heim <phreak@gentoo.org>
123 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
124 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
125 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
126 Doing some cleanups, remove stale ebuilds.
127
128 26 May 2007; Christian Heim <phreak@gentoo.org>
129 hardened-sources-2.6.21-r2.ebuild:
130 Fixing the grsecurity patch, had one '};' too much.
131
132 *hardened-sources-2.6.21-r2 (26 May 2007)
133
134 26 May 2007; Christian Heim <phreak@gentoo.org>
135 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
136 +hardened-sources-2.6.21-r2.ebuild:
137 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
138 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
139
140 *hardened-sources-2.6.20-r4 (26 May 2007)
141
142 26 May 2007; Christian Heim <phreak@gentoo.org>
143 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
144 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
145 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
146
147 15 May 2007; Christian Heim <phreak@gentoo.org>
148 hardened-sources-2.6.20-r3.ebuild:
149 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
150 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
151 grsecurity patch fail in that exact same hunk.
152
153 *hardened-sources-2.6.20-r3 (15 May 2007)
154
155 15 May 2007; Christian Heim <phreak@gentoo.org>
156 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
157 Revision bump, incorporating Linux 2.6.20.11.
158
159 *hardened-sources-2.6.21-r1 (11 May 2007)
160
161 11 May 2007; Christian Heim <phreak@gentoo.org>
162 +hardened-sources-2.6.21-r1.ebuild:
163 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
164 mentioned in #177234.
165
166 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
167 files/digest-hardened-sources-2.6.21, Manifest:
168 Fix Manifest/digest for linux-2.6.21.tar.bz2
169
170 06 May 2007; Christian Heim <phreak@gentoo.org>
171 hardened-sources-2.6.21.ebuild:
172 Bumping the hardened-patches version, needed for the fix for #177234.
173
174 *hardened-sources-2.6.21 (02 May 2007)
175
176 02 May 2007; Christian Heim <phreak@gentoo.org>
177 +hardened-sources-2.6.21.ebuild:
178 Version bump, Linux 2.6.21-hardened.
179
180 29 Apr 2007; Christian Heim <phreak@gentoo.org>
181 hardened-sources-2.6.20-r2.ebuild:
182 Adding ~ia64 on Ned's request.
183
184 29 Apr 2007; Christian Heim <phreak@gentoo.org>
185 hardened-sources-2.6.20-r2.ebuild:
186 Fixing the included grsecurity patch, wasn't alligning due to the Index:
187 header line(s).
188
189 29 Apr 2007; Christian Heim <phreak@gentoo.org>
190 hardened-sources-2.6.20-r2.ebuild:
191 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
192
193 *hardened-sources-2.6.20-r2 (10 Apr 2007)
194
195 10 Apr 2007; Ra├║l Porcel <armin76@gentoo.org>
196 +hardened-sources-2.6.20-r2.ebuild:
197 Version bump, on behalf of phreak
198
199 *hardened-sources-2.6.20-r1 (04 Apr 2007)
200
201 04 Apr 2007; Christian Heim <phreak@gentoo.org>
202 +hardened-sources-2.6.20-r1.ebuild:
203 Revision bump, grabbing a newer grsecurity snapshot.
204
205 *hardened-sources-2.6.20 (25 Mar 2007)
206
207 25 Mar 2007; Christian Heim <phreak@gentoo.org>
208 +hardened-sources-2.6.20.ebuild:
209 Finally a hardened-sources version for 2.6.20; many people have been waiting
210 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
211 testbox.
212
213 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
214 hardened-sources-2.6.18-r6.ebuild:
215 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
216
217 *hardened-sources-2.6.18-r6 (16 Mar 2007)
218
219 16 Mar 2007; Christian Heim <phreak@gentoo.org>
220 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
221 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
222 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
223 supposed to be.
224
225 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
226 Fixing the Manifest, the previous one was broken (as in still had the
227 deleted ebuild in it).
228
229 06 Mar 2007; Christian Heim <phreak@gentoo.org>
230 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
231 +hardened-sources-2.6.18-r5.ebuild:
232 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
233 Linux 2.6.18.8. Also cleaning up the older version.
234
235 *hardened-sources-2.6.18-r5 (06 Mar 2007)
236
237 06 Mar 2007; Christian Heim <phreak@gentoo.org>
238 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
239 +hardened-sources-2.6.18-r5.ebuild:
240 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
241 Linux 2.6.18.8. Also cleaning up the older version.
242
243 24 Feb 2007; Christian Heim <phreak@gentoo.org>
244 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
245 -hardened-sources-2.6.19-r5.ebuild:
246 Removing some of the old version, that didn't work.
247
248 *hardened-sources-2.6.19-r6 (12 Feb 2007)
249
250 12 Feb 2007; Christian Heim <phreak@gentoo.org>
251 +hardened-sources-2.6.19-r6.ebuild:
252 Revision bump, including a new grsec version fixing #166235.
253
254 *hardened-sources-2.4.34 (24 Jan 2007)
255
256 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
257 Manifest:
258 updating Manifest with checksums of new tarball and ebuild
259
260 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
261 +hardened-sources-2.4.34.ebuild:
262 I added new hardened sources 2.4 update, this is a critical path
263 security bugfix - all users of h-s are strongly advised
264 to update their existing hardened sources to this version.
265 It contains a fix for a kernel vulnerability that is pertaining
266 to the PaX changes to virtual memory management, possibly leading
267 to a local kernel exploit ... see grsecurity.net forums and homepage
268
269 23 Jan 2007; Christian Heim <phreak@gentoo.org>
270 files/digest-hardened-sources-2.6.19-r5, Manifest:
271 Fixing the patch-tarball digest.
272
273 *hardened-sources-2.6.19-r5 (23 Jan 2007)
274
275 23 Jan 2007; Christian Heim <phreak@gentoo.org>
276 +hardened-sources-2.6.19-r5.ebuild:
277 Revision bump, closing the recently discovered PaX expand_stack()
278 vulnerability.
279
280 *hardened-sources-2.6.19-r4 (14 Jan 2007)
281
282 14 Jan 2007; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.6.19-r4.ebuild:
284 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
285 dropping the randomized PID feature.
286
287 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
288 hardened-sources-2.4.33.4.ebuild:
289 stable x86, bug #161171
290
291 *hardened-sources-2.6.19-r3 (27 Dec 2006)
292
293 27 Dec 2006; Christian Heim <phreak@gentoo.org>
294 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
295 Revision bump for bug #157186 and #158786.
296
297 *hardened-sources-2.6.18-r4 (27 Dec 2006)
298
299 27 Dec 2006; Christian Heim <phreak@gentoo.org>
300 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
301 Revision bump for bug #157186.
302
303 *hardened-sources-2.6.19-r2 (23 Dec 2006)
304
305 23 Dec 2006; Christian Heim <phreak@gentoo.org>
306 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
307 Revision bump to pull in genpatches-2.6.19-3 for #157186.
308
309 17 Dec 2006; Christian Heim <phreak@gentoo.org>
310 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
311 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
312 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
313 hardened-sources-2.6.19-r1.ebuild:
314 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
315 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
316
317 *hardened-sources-2.4.33.4 (17 Dec 2006)
318
319 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
320 +hardened-sources-2.4.33.4.ebuild:
321 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
322 and quilting
323
324 *hardened-sources-2.6.19-r1 (14 Dec 2006)
325
326 14 Dec 2006; Christian Heim <phreak@gentoo.org>
327 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
328 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
329 for reporting).
330
331 *hardened-sources-2.6.19 (13 Dec 2006)
332
333 13 Dec 2006; Christian Heim <phreak@gentoo.org>
334 +hardened-sources-2.6.19.ebuild:
335 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
336 Brad for providing that prompt update.
337
338 *hardened-sources-2.6.18-r3 (13 Dec 2006)
339
340 13 Dec 2006; Christian Heim <phreak@gentoo.org>
341 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
342 +hardened-sources-2.6.18-r3.ebuild:
343 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
344 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
345
346 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
347 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
348
349 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
350 Stable on ppc wrt bug 157356
351
352 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
353 hardened-sources-2.6.18.ebuild:
354 stable x86, bug #157356
355
356 *hardened-sources-2.6.18-r2 (06 Dec 2006)
357
358 06 Dec 2006; Christian Heim <phreak@gentoo.org>
359 +hardened-sources-2.6.18-r2.ebuild:
360 Revision bump, including 2.6.18.5 (via genpatches) and
361 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
362 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
363 redesign.
364
365 06 Dec 2006; Christian Heim <phreak@gentoo.org>
366 hardened-sources-2.6.18.ebuild:
367 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
368 of Mike Doty).
369
370 *hardened-sources-2.6.18-r1 (23 Nov 2006)
371
372 23 Nov 2006; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.18-r1.ebuild:
374 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
375
376 *hardened-sources-2.6.18 (11 Nov 2006)
377
378 11 Nov 2006; Christian Heim <phreak@gentoo.org>
379 +hardened-sources-2.6.18.ebuild:
380 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
381
382 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
383 - mark amd64 stable also. bug #151877
384
385 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
386 - mark 2.6.17-r1 stable
387
388 27 Aug 2006; Christian Heim <phreak@gentoo.org>
389 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
390 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
391
392 *hardened-sources-2.6.17-r1 (26 Aug 2006)
393
394 26 Aug 2006; Christian Heim <phreak@gentoo.org>
395 +hardened-sources-2.6.17-r1.ebuild:
396 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
397 grsecurity patch.
398
399 *hardened-sources-2.6.17 (17 Aug 2006)
400
401 17 Aug 2006; Christian Heim <phreak@gentoo.org>
402 +hardened-sources-2.6.17.ebuild:
403 Bumping the hardened-sources-2.6 series to 2.6.17, using
404 genpatches-2.6.17-6.base.
405
406 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
407 - stable on x86 and amd64
408
409 *hardened-sources-2.6.16-r11 (15 Jul 2006)
410
411 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
412 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
413 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
414 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
415 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
416 crusty ebuilds
417
418 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
419 hardened-sources-2.6.16-r10.ebuild:
420 marking stable on x86 and amd64
421
422 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
423 - 2.4.32-r6 stable on x86. RSBAC state unknown
424
425 *hardened-sources-2.4.32-r7 (10 Jul 2006)
426
427 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
428 +hardened-sources-2.4.32-r7.ebuild:
429 Bump PaX for RSBAC to test-17
430
431 *hardened-sources-2.6.16-r9 (03 Jul 2006)
432
433 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
434 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
435 hardened-sources-2.6.16 bump to latest -base.
436
437 *hardened-sources-2.4.32-r6 (30 Jun 2006)
438
439 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
440 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
441 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
442 sysctl controlable resource logging
443
444 *hardened-sources-2.6.16-r7 (05 Jun 2006)
445
446 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
447 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
448 push new 2.6.16 release in preparation for stable
449
450 22 May 2006; <solar@gentoo.org> :
451 - redigest bug 134002
452
453 *hardened-sources-2.4.32-r5 (16 May 2006)
454
455 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
456 +hardened-sources-2.4.32-r5.ebuild:
457 Fixes rsbac common patching (new patch in new -r5 patchset)
458
459 *hardened-sources-2.4.32-r4 (13 May 2006)
460
461 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
462 +hardened-sources-2.4.32-r4.ebuild:
463 - security bumps
464
465 *hardened-sources-2.6.16-r6 (03 May 2006)
466
467 03 May 2006; John Mylchreest <johnm@gentoo.org>
468 +hardened-sources-2.6.16-r6.ebuild:
469 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
470
471 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
472 hardened-sources-2.6.14-r8.ebuild:
473 fix x86_64 build problem, this will delay the digest issue again for a short
474 while but it will sort itself out
475
476 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
477 hardened-sources-2.6.14-r8.ebuild:
478 bump hardened patchset
479
480 27 Apr 2006; Alec Warner <antarus@gentoo.org>
481 files/digest-hardened-sources-2.4.32-r2,
482 files/digest-hardened-sources-2.4.32-r3,
483 files/digest-hardened-sources-2.6.14-r8, Manifest:
484 Fixing duff SHA256 digests: Bug # 131293
485
486 *hardened-sources-2.6.16-r5 (27 Apr 2006)
487
488 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
489 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
490 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
491 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
492 cleanup of old uneccessary sources
493
494 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
495 fix digest
496
497 *hardened-sources-2.6.14-r8 (20 Apr 2006)
498
499 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
500 +hardened-sources-2.6.14-r8.ebuild:
501 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
502
503 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
504 Turning on gpg-signing again, and recomitting
505
506 *hardened-sources-2.6.16-r4 (20 Apr 2006)
507
508 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
509 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
510 +hardened-sources-2.6.16-r4.ebuild:
511 Fix numerous security vulns
512
513 *hardened-sources-2.4.32-r3 (16 Apr 2006)
514
515 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
516 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
517 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
518 - security bump for bug #112791. Removed old ebuilds
519
520 *hardened-sources-2.6.16-r3 (15 Apr 2006)
521
522 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
523 +hardened-sources-2.6.16-r3.ebuild:
524 Removing silly localversion which I missed
525
526 *hardened-sources-2.6.14-r7 (14 Apr 2006)
527
528 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
529 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
530 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
531
532 *hardened-sources-2.6.16-r2 (13 Apr 2006)
533
534 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
535 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
536 +hardened-sources-2.6.16-r2.ebuild:
537 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
538 labels, dropping USERGROUP define fixes, since these were merged mainstream.
539
540 *hardened-sources-2.6.16-r1 (11 Apr 2006)
541
542 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
543 +hardened-sources-2.6.16-r1.ebuild:
544 Bumping to include ppc build fix and 2.6.16.3
545
546 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
547 hardened-sources-2.6.14-r6.ebuild:
548 Stable on x86; bug #127718
549
550 *hardened-sources-2.6.16 (31 Mar 2006)
551
552 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
553 +hardened-sources-2.6.16.ebuild:
554 Bumping to new version of grsec, and kernel base. New squashfs. Based on
555 2.6.16.1
556
557 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
558 hardened-sources-2.6.14-r6.ebuild:
559 Stable on amd64, bug 127718.
560
561 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
562 Stable on ppc. Bug #127718
563
564 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
565 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
566 -hardened-sources-2.6.14-r4.ebuild:
567 Cleanup.
568
569 *hardened-sources-2.6.14-r6 (15 Mar 2006)
570
571 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
572 +hardened-sources-2.6.14-r6.ebuild:
573 Fixes grsec policy recreation bug and adds a
574 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
575
576 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
577 - stable on x86
578
579 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
580 hardened-sources-2.6.14-r5.ebuild:
581 Stable on ppc.
582
583 *hardened-sources-2.6.14-r5 (01 Feb 2006)
584
585 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
586 +hardened-sources-2.6.14-r5.ebuild:
587 fixing every known exploit
588
589 *hardened-sources-2.4.32-r2 (26 Jan 2006)
590
591 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
592 +hardened-sources-2.4.32-r2.ebuild:
593 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
594
595 *hardened-sources-2.6.14-r4 (12 Jan 2006)
596
597 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
598 - version bump for new genpatches which fix up a few sec holes
599
600 *hardened-sources-2.4.32-r1 (05 Jan 2006)
601
602 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
603 - revision bump to add misc vital linux kernel security patches.
604
605 *hardened-sources-2.6.14-r3 (30 Dec 2005)
606
607 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
608 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
609 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
610
611 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
612 hardened-sources-2.6.14-r2.ebuild:
613 making x86 & amd64 stable following testing.
614
615 *hardened-sources-2.6.14-r2 (27 Dec 2005)
616
617 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
618 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
619 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
620 network hooks.
621
622 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
623 hardened-sources-2.6.14-r1.ebuild:
624 bumping to stable early for sec fix on x86 & amd64
625
626 *hardened-sources-2.6.14-r1 (05 Dec 2005)
627
628 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
629 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
630 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
631
632 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
633 - stable on x86 security bug #114227 CAN-2005-3257
634
635 *hardened-sources-2.4.32 (19 Nov 2005)
636
637 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
638 +hardened-sources-2.4.32.ebuild:
639 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
640 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
641 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
642 rsbac >> /etc/portage/package.use)
643
644 *hardened-sources-2.6.14 (14 Nov 2005)
645
646 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
648 Bumping 2.6 series to 2.6.14.2
649
650 *hardened-sources-2.6.13-r2 (20 Oct 2005)
651
652 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
653 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
654 +hardened-sources-2.6.13-r2.ebuild:
655 Fixes minor build error in ppc.
656
657 *hardened-sources-2.6.13-r1 (17 Oct 2005)
658
659 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
660 +hardened-sources-2.6.13-r1.ebuild:
661 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
662 2.6.13.4, fixes some major amd64 stability problems.
663
664 *hardened-sources-2.6.13 (16 Sep 2005)
665
666 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
667 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
668 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
669 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
670 users should test this thoroughly.
671
672 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
673 - stable on x86
674
675 *hardened-sources-2.6.11-r15 (27 Jun 2005)
676
677 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
678 +hardened-sources-2.6.11-r15.ebuild:
679 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
680 grsec redefining curr_ip struct.
681
682 *hardened-sources-2.4.31 (20 Jun 2005)
683
684 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
685 initial import of 2.4.31 tree
686
687 *hardened-sources-2.6.11-r14 (14 Jun 2005)
688
689 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
690 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
691 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
692 naming scheme to abide by genpatches
693
694 *hardened-sources-2.6.11-r13 (18 May 2005)
695
696 18 May 2005; John Mylchreest <johnm@gentoo.org>
697 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
698 Managed to mangle the Makefile patch from grsec, to miss out the grsec
699 target. sorry about that. Fixes bug #93022
700
701 *hardened-sources-2.6.11-r12 (17 May 2005)
702
703 17 May 2005; John Mylchreest <johnm@gentoo.org>
704 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
705 +hardened-sources-2.6.11-r12.ebuild:
706 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
707 merges in genpatches-base
708
709 *hardened-sources-2.6.11-r12 (17 May 2005)
710
711 17 May 2005; John Mylchreest <johnm@gentoo.org>
712 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
713 +hardened-sources-2.6.11-r12.ebuild:
714 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
715 merges in genpatches-base
716
717 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
718 -files/2.4.27-cmdline-race.patch,
719 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
720 -files/2.4.28-grsec-binfmt_a.out.patch,
721 -files/2.4.28-grsec-cmdline-race.patch,
722 -files/2.4.28-selinux-binfmt_a.out.patch,
723 -files/2.4.28-selinux-cmdline-race.patch,
724 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
725 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
726 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
727 cleanup..
728
729 *hardened-sources-2.4.30-r1 (21 Apr 2005)
730
731 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
732 - disable aout by default
733
734 *hardened-sources-2.4.30 (18 Apr 2005)
735
736 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
737 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
738 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
739 use
740
741 *hardened-sources-2.4.29 (30 Mar 2005)
742
743 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
744 +hardened-sources-2.4.29.ebuild:
745 New hardened-patches-2.4-29.0 patchball.
746 Removed SELinux support, upgraded GRSecurity to 2.1.4.
747
748 *hardened-sources-2.4.28-r5 (06 Mar 2005)
749
750 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
751 +hardened-sources-2.4.28-r5.ebuild:
752 Added a fix for a PaX vulnerability.
753
754 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
755 hardened-sources-2.4.28-r4.ebuild:
756 Stable on x86
757
758 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
759 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
760 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
761 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
762 - fixed/added RDEPEND= in all kernel-2 ebuilds
763
764 *hardened-sources-2.4.28-r4 (21 Jan 2005)
765
766 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
767 +hardened-sources-2.4.28-r4.ebuild:
768 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
769 backport of neighbour hash updates.
770
771 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
772 hardened-sources-2.4.28-r3.ebuild:
773 Stable on x86
774
775 *hardened-sources-2.6.10-r3 (20 Jan 2005)
776
777 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
778 +hardened-sources-2.6.10-r3.ebuild:
779 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
780 in 2005.0
781
782 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
783 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
784 hardened-sources-2.4.28-r2.ebuild:
785 Mark stable on x86
786
787 *hardened-sources-2.4.28-r3 (17 Jan 2005)
788
789 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
790 +hardened-sources-2.4.28-r3.ebuild:
791 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
792
793 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
794 hardened-sources-2.4.28.ebuild:
795 Mark stable on x86.
796
797 *hardened-sources-2.4.28-r2 (13 Jan 2005)
798
799 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
800 +hardened-sources-2.4.28-r2.ebuild:
801 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
802 Mazinger for grsecurity patches as well.
803
804 *hardened-sources-2.4.28-r1 (23 Dec 2004)
805
806 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
807 Security bump. Thank tocharian for rolling a new patchset...
808
809 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
810 +files/2.4.28-grsec-cmdline-race.patch,
811 +files/2.4.28-selinux-binfmt_a.out.patch,
812 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
813 - Round up remaining security patches that appear to be missing in 2.4.28. -
814 PaX standalone updated to current. hgpv=28.1
815
816 *hardened-sources-2.4.28 (28 Nov 2004)
817
818 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
819 security bump. Thank tocharian for rolling a new patchset
820
821 *hardened-sources-2.4.27-r3 (08 Sep 2004)
822
823 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
824 +hardened-sources-2.4.27-r3.ebuild:
825 Applies the new 2.4-27.2 patchball which updates
826 GRSecurity to the 2.0.1 version.
827
828 *hardened-sources-2.4.27-r2 (31 Aug 2004)
829
830 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
831 +hardened-sources-2.4.27-r2.ebuild:
832 Version bump.
833 This version uses the new 2.4-27.1 patchball which updates
834 both the SELinux PaX hooks patch and the SELinux headers.
835
836 *hardened-sources-2.4.27-r1 (09 Aug 2004)
837
838 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
839 +hardened-sources-2.4.27-r1.ebuild,
840 -hardened-sources-2.4.27.ebuild,
841 +files/2.4.27-cmdline-race.patch:
842 Version bump, fix for cmdline race. See bug #59905.
843
844 *hardened-sources-2.4.26-r6 (09 Aug 2004)
845
846 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
847 +hardened-sources-2.4.26-r6.ebuild,
848 -hardened-sources-2.4.26-r5.ebuild,
849 -hardened-sources-2.4.26-r4.ebuild,
850 +files/2.4.26-cmdline-race.patch:
851 Version bump, fix for cmdline race. See bug #59905.
852
853 *hardened-sources-2.4.27 (08 Aug 2004)
854
855 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
856 +hardened-sources-2.4.27.ebuild,
857 +files/2.4.27-CAN-2004-0394.patch:
858 Ported the patchball to the 2.4.27 kernel version.
859
860 *hardened-sources-2.4.26-r5 (07 Aug 2004)
861
862 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
863 +hardened-sources-2.4.26-r5.ebuild:
864 Updated to use the new hardened-patches-2.4-26.1 patchball.
865 It adds the following features:
866 - Squashfs
867 - Ebtables
868 - Netdev random (core+drivers)
869 - Watchdog Timer (WDT) fix.
870
871 *hardened-sources-2.4.26-r4 (04 Aug 2004)
872
873 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874 +hardened-sources-2.4.26-r4.ebuild,
875 +files/2.4.26-CAN-2004-0415.patch,
876 -hardened-sources-2.4.26-3:
877 Version bump, fix for CAN 0415, see bug #59378.
878
879 *hardened-sources-2.4.26-r3 (22 Jul 2004)
880
881 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
882 +hardened-sources-2.4.26-r3.ebuild,
883 +files/2.4.26-CAN-2004-0497.patch,
884 -hardened-sources-2.4.26-r2.ebuild:
885 Version bump, fixed CAN 0497, see bug #56171.
886
887 *hardened-sources-2.4.26-r2 (29 Jun 2004)
888
889 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
890 +hardened-sources-2.4.26-r2.ebuild,
891 +files/2.4.26-CAN-2004-0495.patch,
892 +files/2.4.26-CAN-2004-0535.patch,
893 -hardened-sources-2.4.26-r1.ebuild:
894 Fixes for both CAN 0495 and 0535, see bug #54976
895
896 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
897 hardened-sources-2.4.26-r1.ebuild:
898 QA - fix use invocation
899
900 *hardened-sources-2.4.26-r1 (22 June 2004)
901
902 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
903 +hardened-sources-2.4.26-r1.ebuild,
904 +files/2.4.26-CAN-2004-0394.patch,
905 +files/2.4.26-signal-race.patch,
906 -hardened-sources-2.4.26.ebuild,
907 -hardened-sources-2.4.24-r3.ebuild:
908 Version bump for the CAN-2004-0394 issue and bug #53804
909 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
910
911
912 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
913 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
914 Masked hardened-sources-2.4.26.ebuild broken for ppc
915
916 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
917 hardened-sources-2.4.24-r3.ebuild:
918 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
919
920 *hardened-sources-2.4.26 (29 May 2004)
921
922 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
923 +hardened-sources-2.4.26.ebuild:
924 Updated hardened-sources for the 2.4.26 kernel
925 Removed broken components, updated almost everything.
926
927 *hardened-sources-2.4.24-r3 (17 Apr 2004)
928
929 17 Apr 2004; <plasmaroo@gentoo.org>
930 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
931 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
932 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
933 +hardened-sources-2.4.24-r3.ebuild:
934 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
935 vulnerabilities. Old revisions removed.
936
937 *hardened-sources-2.4.24-r2 (15 Apr 2004)
938
939 15 Apr 2004; <plasmaroo@gentoo.org>
940 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
941 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
942 Version bump for the CAN-2004-0109 issue; bug #47881.
943
944 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
945 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
946 Add eutils to inherit.
947
948 *hardened-sources-2.4.24-r1 (19 Feb 2004)
949
950 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
951 files/hardened-sources-2.4.24.munmap.patch:
952 Added the patch for the mremap/munmap vulnerability. Bug #42024.
953
954 *hardened-sources-2.4.24 (06 Feb 2004)
955
956 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
957 hardened-sources-2.4.24.ebuild:
958 Version bump, updated most of the components.
959 This release includes the following:
960
961 - Hardened security
962 - Netfilter patch-o-matic 20031219
963 - FreeSWAN 2.04 & x509 1.4.8
964 - EVMS 2.2.2
965 - XFS 1.3.1
966 - cryptoloop jari
967 - grsecurity 2.0-rc4
968 - SELinux
969 - PaX 200402060000
970 - PaX Obscurity 200308302223
971 - Others...
972
973 Neither -ck nor systrace are included anymore.
974
975 *hardened-sources-2.4.22-r2 (05 Jan 2004)
976
977 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
978 hardened-sources-2.4.22-r2.ebuild:
979 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
980
981 *hardened-sources-2.4.22-r1 (02 Dec 2003)
982
983 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
984 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
985
986 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
987 hardened-sources-2.4.22-r1.ebuild:
988 Version bump for the 'do_brk' vulnerability.
989
990 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
991 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
992 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
993 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
994 Fix the 'do_brk' vulnerability.
995
996 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
997 hardened-sources-2.4.22.ebuild:
998 - Removed the src_install() portion for SELinux flask
999 components. These are no longer handled in the kernel
1000 so this code was not necessary.
1001
1002 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1003 New 2.4.22 based hardened-sources thanks to
1004 Phil West <p.west@computer.org>.
1005
1006 These sources include:
1007 - New SELinux API
1008 - Updated CK-base
1009 - Updated GRSec
1010 - Systrace
1011 - SuperFreeS/WAN 1.99.8
1012 - Propolice kernel build support
1013 - EVMS
1014 - Other various security related patches
1015
1016 *hardened-sources-2.4.21 (14 Sep 2003)
1017
1018 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1019 Updated hardened-sources based on the 2.4.21 Linux kernel.
1020 This includes updates to most major components such as:
1021 - ck-base-0306300059
1022 - selinux-2.4-2003071106
1023 - grsecurity-2.0-rc1
1024 - Updated IPTables patch-o-matic
1025 - Updated SuperFreeS/WAN
1026
1027 Thanks to Phil West <pwest@computer.org> for his work in getting this
1028 updated patch set ready for the 2.4.21 based kernel.
1029
1030 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1031 Initial import of hardened-sources-2.4.20-r4. This revision
1032 includes only a few changes, but one of these is an important
1033 security fix. It is recommended all users of hardened-sources
1034 upgrade to this release.
1035
1036 - ioperm bug fix
1037 - fixed compilation failure when building without GRSec
1038
1039 SAL (Secure Auditing for Linux) is NOT included in this revision
1040 due to time constraints, but is planned for inclusion in the near
1041 future.
1042
1043 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1044
1045 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1046 hardened-sources-2.4.20-r3.ebuild:
1047 Add Header...
1048
1049 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1050 hardened-sources-2.4.20-r3.ebuild:
1051 Removed warnings from ebuild. This kernel should be safe to
1052 use at this point.
1053
1054 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1055
1056 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1057 hardened-sources-2.4.20-r3.ebuild:
1058 New revision. Includes the following changes over -r2:
1059
1060 - ck7-base (O(1), preempt, low latency)
1061 - Super FreeS/WAN 1.99.7rc2
1062 - PaX for the LSM/SELinux branch
1063 - GRSecurity 2.0-pre4 (role based access control)
1064 - Systrace 1.3
1065 - EXT3 fixes
1066 - EVMS 2.0.1
1067 - GCC 3.1+ compile optimizations
1068 - ProPolice kernel build support
1069 - Hashing table security fixes
1070
1071 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1072
1073 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1074 Initial import of hardened-sources-r2. This new
1075 ebuild includes many new performance and security
1076 related patches. As in -r1, it will patch in
1077 LSM/SELinux if "selinux" is in USE, otherwise it
1078 will patch in GRSecurity. The following patches
1079 are included in this revision:
1080
1081 - O(1) Scheduler, Low Latency, and Preempt
1082 (pulled from the base CK patch)
1083 - ptrace exploit patch for the LSM kernel
1084 (the GRSec patch already fixes this)
1085 - LSM 2.4-2003040709
1086 - SELinux 2.4-2003040709
1087 - Systrace v1.2
1088 - IPTables patch-o-matic base patches - 20030107
1089 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1090 - Super FreeS/WAN 1.99.6.1
1091 - GRSecurity 1.9.9g
1092 - MPPE
1093 - EXT3 data journal fix
1094 - CIPE 1.5.4
1095
1096 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1097 hardened-sources-2.4.20-r1.ebuild, manifest:
1098 Updated to install flask components correctly for selinux.
1099
1100 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1101 hardened-sources-2.4.20-r1.ebuild:
1102 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1103 is patched in instead. Ptrace patches for selinux have also been added. In
1104 either case, systrace support will be patched in as well.
1105
1106 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1107 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1108 Revision bump for new sources.
1109
1110 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1111 hardened-sources-2.4.20-r1.ebuild:
1112 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1113
1114 *hardened-sources-2.4.20 (30 Mar 2003)
1115
1116 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1117 hardened-sources-2.4.20.ebuild:
1118 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20