/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.178 - (show annotations) (download)
Thu Aug 30 13:51:24 2007 UTC (7 years ago) by phreak
Branch: MAIN
Changes since 1.177: +7 -1 lines
Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
(Portage version: 2.1.3.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.177 2007/08/29 11:23:35 phreak Exp $
4
5 *hardened-sources-2.6.20-r9 (30 Aug 2007)
6
7 30 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.20-r9.ebuild:
9 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
10
11 29 Aug 2007; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
13 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
14 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
15 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
16 -hardened-sources-2.6.22-r2.ebuild:
17 Removing some redundant versions.
18
19 *hardened-sources-2.4.35-r1 (29 Aug 2007)
20
21 29 Aug 2007; Christian Heim <phreak@gentoo.org>
22 +hardened-sources-2.4.35-r1.ebuild:
23 Revision bump, new grsecurity patch.
24
25 *hardened-sources-2.6.20-r8 (26 Aug 2007)
26
27 26 Aug 2007; Christian Heim <phreak@gentoo.org>
28 +hardened-sources-2.6.20-r8.ebuild:
29 Revision bump for Linux 2.6.20.17.
30
31 *hardened-sources-2.6.22-r3 (22 Aug 2007)
32
33 22 Aug 2007; Christian Heim <phreak@gentoo.org>
34 +hardened-sources-2.6.22-r3.ebuild:
35 Revision bump for Linux 2.6.22.4.
36
37 16 Aug 2007; Christian Heim <phreak@gentoo.org>
38 hardened-sources-2.6.22-r2.ebuild:
39 Updated patchset, to fix the alignment against 2.6.22.3.
40
41 *hardened-sources-2.6.22-r2 (16 Aug 2007)
42
43 16 Aug 2007; Christian Heim <phreak@gentoo.org>
44 +hardened-sources-2.6.22-r2.ebuild:
45 Revision bump for Linux 2.6.22.3.
46
47 *hardened-sources-2.4.35 (16 Aug 2007)
48
49 16 Aug 2007; Christian Heim <phreak@gentoo.org>
50 +hardened-sources-2.4.35.ebuild:
51 Version bump, initial version for Linux 2.4.35.
52
53 *hardened-sources-2.6.21-r4 (16 Aug 2007)
54
55 16 Aug 2007; Christian Heim <phreak@gentoo.org>
56 +hardened-sources-2.6.21-r4.ebuild:
57 Revision bump for Linux 2.6.21.6.
58
59 *hardened-sources-2.6.20-r7 (16 Aug 2007)
60
61 16 Aug 2007; Christian Heim <phreak@gentoo.org>
62 +hardened-sources-2.6.20-r7.ebuild:
63 Revision bump for Linux 2.6.20.16.
64
65 *hardened-sources-2.6.22-r1 (13 Aug 2007)
66
67 13 Aug 2007; Christian Heim <phreak@gentoo.org>
68 +hardened-sources-2.6.22-r1.ebuild:
69 Yet another revision bump.
70
71 *hardened-sources-2.6.22 (10 Aug 2007)
72
73 10 Aug 2007; Christian Heim <phreak@gentoo.org>
74 +hardened-sources-2.6.22.ebuild:
75 Initial release for 2.6.22. If you are using hardened-sources on a desktop
76 machine (P4 or newer), be aware you might need to disable
77 CONFIG_PAX_PAGEEXEC.
78
79 04 Aug 2007; Christian Heim <phreak@gentoo.org>
80 hardened-sources-2.6.20-r6.ebuild:
81 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
82 2.6.20.15.
83
84 10 Jul 2007; Christian Heim <phreak@gentoo.org>
85 hardened-sources-2.6.20-r5.ebuild:
86 Marking hardened-sources-2.6.20-r5 stable on ppc.
87
88 10 Jul 2007; Christian Heim <phreak@gentoo.org>
89 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
90 Cleanup.
91
92 *hardened-sources-2.6.20-r6 (08 Jul 2007)
93
94 08 Jul 2007; Christian Heim <phreak@gentoo.org>
95 +hardened-sources-2.6.20-r6.ebuild:
96 Revision bump, grabbing yet another stable release.
97
98 17 Jun 2007; Christian Heim <phreak@gentoo.org>
99 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
100 -hardened-sources-2.6.21-r2.ebuild:
101 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
102 alpha stable KEYWORD by mistake.
103
104 17 Jun 2007; Christian Heim <phreak@gentoo.org>
105 hardened-sources-2.6.20-r5.ebuild:
106 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
107 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
108
109 *hardened-sources-2.6.21-r3 (12 Jun 2007)
110
111 12 Jun 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.21-r3.ebuild:
113 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
114 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
115 love.
116
117 *hardened-sources-2.6.20-r5 (11 Jun 2007)
118
119 11 Jun 2007; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.6.20-r5.ebuild:
121 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
122 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
123 love.
124
125 *hardened-sources-2.4.34.5 (11 Jun 2007)
126
127 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
128 +hardened-sources-2.4.34.5.ebuild:
129 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
130
131 30 May 2007; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
133 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
134 stale ebuild(s).
135
136 30 May 2007; Christian Heim <phreak@gentoo.org>
137 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
138 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
139 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
140 Doing some cleanups, remove stale ebuilds.
141
142 26 May 2007; Christian Heim <phreak@gentoo.org>
143 hardened-sources-2.6.21-r2.ebuild:
144 Fixing the grsecurity patch, had one '};' too much.
145
146 *hardened-sources-2.6.21-r2 (26 May 2007)
147
148 26 May 2007; Christian Heim <phreak@gentoo.org>
149 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
150 +hardened-sources-2.6.21-r2.ebuild:
151 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
152 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
153
154 *hardened-sources-2.6.20-r4 (26 May 2007)
155
156 26 May 2007; Christian Heim <phreak@gentoo.org>
157 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
158 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
159 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
160
161 15 May 2007; Christian Heim <phreak@gentoo.org>
162 hardened-sources-2.6.20-r3.ebuild:
163 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
164 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
165 grsecurity patch fail in that exact same hunk.
166
167 *hardened-sources-2.6.20-r3 (15 May 2007)
168
169 15 May 2007; Christian Heim <phreak@gentoo.org>
170 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
171 Revision bump, incorporating Linux 2.6.20.11.
172
173 *hardened-sources-2.6.21-r1 (11 May 2007)
174
175 11 May 2007; Christian Heim <phreak@gentoo.org>
176 +hardened-sources-2.6.21-r1.ebuild:
177 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
178 mentioned in #177234.
179
180 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
181 files/digest-hardened-sources-2.6.21, Manifest:
182 Fix Manifest/digest for linux-2.6.21.tar.bz2
183
184 06 May 2007; Christian Heim <phreak@gentoo.org>
185 hardened-sources-2.6.21.ebuild:
186 Bumping the hardened-patches version, needed for the fix for #177234.
187
188 *hardened-sources-2.6.21 (02 May 2007)
189
190 02 May 2007; Christian Heim <phreak@gentoo.org>
191 +hardened-sources-2.6.21.ebuild:
192 Version bump, Linux 2.6.21-hardened.
193
194 29 Apr 2007; Christian Heim <phreak@gentoo.org>
195 hardened-sources-2.6.20-r2.ebuild:
196 Adding ~ia64 on Ned's request.
197
198 29 Apr 2007; Christian Heim <phreak@gentoo.org>
199 hardened-sources-2.6.20-r2.ebuild:
200 Fixing the included grsecurity patch, wasn't alligning due to the Index:
201 header line(s).
202
203 29 Apr 2007; Christian Heim <phreak@gentoo.org>
204 hardened-sources-2.6.20-r2.ebuild:
205 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
206
207 *hardened-sources-2.6.20-r2 (10 Apr 2007)
208
209 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
210 +hardened-sources-2.6.20-r2.ebuild:
211 Version bump, on behalf of phreak
212
213 *hardened-sources-2.6.20-r1 (04 Apr 2007)
214
215 04 Apr 2007; Christian Heim <phreak@gentoo.org>
216 +hardened-sources-2.6.20-r1.ebuild:
217 Revision bump, grabbing a newer grsecurity snapshot.
218
219 *hardened-sources-2.6.20 (25 Mar 2007)
220
221 25 Mar 2007; Christian Heim <phreak@gentoo.org>
222 +hardened-sources-2.6.20.ebuild:
223 Finally a hardened-sources version for 2.6.20; many people have been waiting
224 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
225 testbox.
226
227 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
228 hardened-sources-2.6.18-r6.ebuild:
229 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
230
231 *hardened-sources-2.6.18-r6 (16 Mar 2007)
232
233 16 Mar 2007; Christian Heim <phreak@gentoo.org>
234 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
235 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
236 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
237 supposed to be.
238
239 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
240 Fixing the Manifest, the previous one was broken (as in still had the
241 deleted ebuild in it).
242
243 06 Mar 2007; Christian Heim <phreak@gentoo.org>
244 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
245 +hardened-sources-2.6.18-r5.ebuild:
246 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
247 Linux 2.6.18.8. Also cleaning up the older version.
248
249 *hardened-sources-2.6.18-r5 (06 Mar 2007)
250
251 06 Mar 2007; Christian Heim <phreak@gentoo.org>
252 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
253 +hardened-sources-2.6.18-r5.ebuild:
254 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
255 Linux 2.6.18.8. Also cleaning up the older version.
256
257 24 Feb 2007; Christian Heim <phreak@gentoo.org>
258 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
259 -hardened-sources-2.6.19-r5.ebuild:
260 Removing some of the old version, that didn't work.
261
262 *hardened-sources-2.6.19-r6 (12 Feb 2007)
263
264 12 Feb 2007; Christian Heim <phreak@gentoo.org>
265 +hardened-sources-2.6.19-r6.ebuild:
266 Revision bump, including a new grsec version fixing #166235.
267
268 *hardened-sources-2.4.34 (24 Jan 2007)
269
270 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
271 Manifest:
272 updating Manifest with checksums of new tarball and ebuild
273
274 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
275 +hardened-sources-2.4.34.ebuild:
276 I added new hardened sources 2.4 update, this is a critical path
277 security bugfix - all users of h-s are strongly advised
278 to update their existing hardened sources to this version.
279 It contains a fix for a kernel vulnerability that is pertaining
280 to the PaX changes to virtual memory management, possibly leading
281 to a local kernel exploit ... see grsecurity.net forums and homepage
282
283 23 Jan 2007; Christian Heim <phreak@gentoo.org>
284 files/digest-hardened-sources-2.6.19-r5, Manifest:
285 Fixing the patch-tarball digest.
286
287 *hardened-sources-2.6.19-r5 (23 Jan 2007)
288
289 23 Jan 2007; Christian Heim <phreak@gentoo.org>
290 +hardened-sources-2.6.19-r5.ebuild:
291 Revision bump, closing the recently discovered PaX expand_stack()
292 vulnerability.
293
294 *hardened-sources-2.6.19-r4 (14 Jan 2007)
295
296 14 Jan 2007; Christian Heim <phreak@gentoo.org>
297 +hardened-sources-2.6.19-r4.ebuild:
298 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
299 dropping the randomized PID feature.
300
301 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
302 hardened-sources-2.4.33.4.ebuild:
303 stable x86, bug #161171
304
305 *hardened-sources-2.6.19-r3 (27 Dec 2006)
306
307 27 Dec 2006; Christian Heim <phreak@gentoo.org>
308 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
309 Revision bump for bug #157186 and #158786.
310
311 *hardened-sources-2.6.18-r4 (27 Dec 2006)
312
313 27 Dec 2006; Christian Heim <phreak@gentoo.org>
314 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
315 Revision bump for bug #157186.
316
317 *hardened-sources-2.6.19-r2 (23 Dec 2006)
318
319 23 Dec 2006; Christian Heim <phreak@gentoo.org>
320 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
321 Revision bump to pull in genpatches-2.6.19-3 for #157186.
322
323 17 Dec 2006; Christian Heim <phreak@gentoo.org>
324 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
325 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
326 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
327 hardened-sources-2.6.19-r1.ebuild:
328 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
329 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
330
331 *hardened-sources-2.4.33.4 (17 Dec 2006)
332
333 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
334 +hardened-sources-2.4.33.4.ebuild:
335 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
336 and quilting
337
338 *hardened-sources-2.6.19-r1 (14 Dec 2006)
339
340 14 Dec 2006; Christian Heim <phreak@gentoo.org>
341 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
342 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
343 for reporting).
344
345 *hardened-sources-2.6.19 (13 Dec 2006)
346
347 13 Dec 2006; Christian Heim <phreak@gentoo.org>
348 +hardened-sources-2.6.19.ebuild:
349 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
350 Brad for providing that prompt update.
351
352 *hardened-sources-2.6.18-r3 (13 Dec 2006)
353
354 13 Dec 2006; Christian Heim <phreak@gentoo.org>
355 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
356 +hardened-sources-2.6.18-r3.ebuild:
357 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
358 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
359
360 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
361 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
362
363 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
364 Stable on ppc wrt bug 157356
365
366 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
367 hardened-sources-2.6.18.ebuild:
368 stable x86, bug #157356
369
370 *hardened-sources-2.6.18-r2 (06 Dec 2006)
371
372 06 Dec 2006; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.18-r2.ebuild:
374 Revision bump, including 2.6.18.5 (via genpatches) and
375 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
376 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
377 redesign.
378
379 06 Dec 2006; Christian Heim <phreak@gentoo.org>
380 hardened-sources-2.6.18.ebuild:
381 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
382 of Mike Doty).
383
384 *hardened-sources-2.6.18-r1 (23 Nov 2006)
385
386 23 Nov 2006; Christian Heim <phreak@gentoo.org>
387 +hardened-sources-2.6.18-r1.ebuild:
388 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
389
390 *hardened-sources-2.6.18 (11 Nov 2006)
391
392 11 Nov 2006; Christian Heim <phreak@gentoo.org>
393 +hardened-sources-2.6.18.ebuild:
394 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
395
396 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
397 - mark amd64 stable also. bug #151877
398
399 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
400 - mark 2.6.17-r1 stable
401
402 27 Aug 2006; Christian Heim <phreak@gentoo.org>
403 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
404 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
405
406 *hardened-sources-2.6.17-r1 (26 Aug 2006)
407
408 26 Aug 2006; Christian Heim <phreak@gentoo.org>
409 +hardened-sources-2.6.17-r1.ebuild:
410 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
411 grsecurity patch.
412
413 *hardened-sources-2.6.17 (17 Aug 2006)
414
415 17 Aug 2006; Christian Heim <phreak@gentoo.org>
416 +hardened-sources-2.6.17.ebuild:
417 Bumping the hardened-sources-2.6 series to 2.6.17, using
418 genpatches-2.6.17-6.base.
419
420 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
421 - stable on x86 and amd64
422
423 *hardened-sources-2.6.16-r11 (15 Jul 2006)
424
425 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
426 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
427 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
428 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
429 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
430 crusty ebuilds
431
432 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
433 hardened-sources-2.6.16-r10.ebuild:
434 marking stable on x86 and amd64
435
436 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
437 - 2.4.32-r6 stable on x86. RSBAC state unknown
438
439 *hardened-sources-2.4.32-r7 (10 Jul 2006)
440
441 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
442 +hardened-sources-2.4.32-r7.ebuild:
443 Bump PaX for RSBAC to test-17
444
445 *hardened-sources-2.6.16-r9 (03 Jul 2006)
446
447 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
448 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
449 hardened-sources-2.6.16 bump to latest -base.
450
451 *hardened-sources-2.4.32-r6 (30 Jun 2006)
452
453 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
454 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
455 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
456 sysctl controlable resource logging
457
458 *hardened-sources-2.6.16-r7 (05 Jun 2006)
459
460 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
461 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
462 push new 2.6.16 release in preparation for stable
463
464 22 May 2006; <solar@gentoo.org> :
465 - redigest bug 134002
466
467 *hardened-sources-2.4.32-r5 (16 May 2006)
468
469 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
470 +hardened-sources-2.4.32-r5.ebuild:
471 Fixes rsbac common patching (new patch in new -r5 patchset)
472
473 *hardened-sources-2.4.32-r4 (13 May 2006)
474
475 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
476 +hardened-sources-2.4.32-r4.ebuild:
477 - security bumps
478
479 *hardened-sources-2.6.16-r6 (03 May 2006)
480
481 03 May 2006; John Mylchreest <johnm@gentoo.org>
482 +hardened-sources-2.6.16-r6.ebuild:
483 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
484
485 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
486 hardened-sources-2.6.14-r8.ebuild:
487 fix x86_64 build problem, this will delay the digest issue again for a short
488 while but it will sort itself out
489
490 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
491 hardened-sources-2.6.14-r8.ebuild:
492 bump hardened patchset
493
494 27 Apr 2006; Alec Warner <antarus@gentoo.org>
495 files/digest-hardened-sources-2.4.32-r2,
496 files/digest-hardened-sources-2.4.32-r3,
497 files/digest-hardened-sources-2.6.14-r8, Manifest:
498 Fixing duff SHA256 digests: Bug # 131293
499
500 *hardened-sources-2.6.16-r5 (27 Apr 2006)
501
502 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
503 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
504 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
505 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
506 cleanup of old uneccessary sources
507
508 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
509 fix digest
510
511 *hardened-sources-2.6.14-r8 (20 Apr 2006)
512
513 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
514 +hardened-sources-2.6.14-r8.ebuild:
515 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
516
517 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
518 Turning on gpg-signing again, and recomitting
519
520 *hardened-sources-2.6.16-r4 (20 Apr 2006)
521
522 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
523 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
524 +hardened-sources-2.6.16-r4.ebuild:
525 Fix numerous security vulns
526
527 *hardened-sources-2.4.32-r3 (16 Apr 2006)
528
529 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
530 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
531 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
532 - security bump for bug #112791. Removed old ebuilds
533
534 *hardened-sources-2.6.16-r3 (15 Apr 2006)
535
536 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
537 +hardened-sources-2.6.16-r3.ebuild:
538 Removing silly localversion which I missed
539
540 *hardened-sources-2.6.14-r7 (14 Apr 2006)
541
542 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
543 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
544 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
545
546 *hardened-sources-2.6.16-r2 (13 Apr 2006)
547
548 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
549 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
550 +hardened-sources-2.6.16-r2.ebuild:
551 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
552 labels, dropping USERGROUP define fixes, since these were merged mainstream.
553
554 *hardened-sources-2.6.16-r1 (11 Apr 2006)
555
556 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
557 +hardened-sources-2.6.16-r1.ebuild:
558 Bumping to include ppc build fix and 2.6.16.3
559
560 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
561 hardened-sources-2.6.14-r6.ebuild:
562 Stable on x86; bug #127718
563
564 *hardened-sources-2.6.16 (31 Mar 2006)
565
566 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
567 +hardened-sources-2.6.16.ebuild:
568 Bumping to new version of grsec, and kernel base. New squashfs. Based on
569 2.6.16.1
570
571 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
572 hardened-sources-2.6.14-r6.ebuild:
573 Stable on amd64, bug 127718.
574
575 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
576 Stable on ppc. Bug #127718
577
578 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
579 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
580 -hardened-sources-2.6.14-r4.ebuild:
581 Cleanup.
582
583 *hardened-sources-2.6.14-r6 (15 Mar 2006)
584
585 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
586 +hardened-sources-2.6.14-r6.ebuild:
587 Fixes grsec policy recreation bug and adds a
588 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
589
590 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
591 - stable on x86
592
593 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
594 hardened-sources-2.6.14-r5.ebuild:
595 Stable on ppc.
596
597 *hardened-sources-2.6.14-r5 (01 Feb 2006)
598
599 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
600 +hardened-sources-2.6.14-r5.ebuild:
601 fixing every known exploit
602
603 *hardened-sources-2.4.32-r2 (26 Jan 2006)
604
605 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
606 +hardened-sources-2.4.32-r2.ebuild:
607 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
608
609 *hardened-sources-2.6.14-r4 (12 Jan 2006)
610
611 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
612 - version bump for new genpatches which fix up a few sec holes
613
614 *hardened-sources-2.4.32-r1 (05 Jan 2006)
615
616 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
617 - revision bump to add misc vital linux kernel security patches.
618
619 *hardened-sources-2.6.14-r3 (30 Dec 2005)
620
621 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
622 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
623 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
624
625 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
626 hardened-sources-2.6.14-r2.ebuild:
627 making x86 & amd64 stable following testing.
628
629 *hardened-sources-2.6.14-r2 (27 Dec 2005)
630
631 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
632 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
633 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
634 network hooks.
635
636 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
637 hardened-sources-2.6.14-r1.ebuild:
638 bumping to stable early for sec fix on x86 & amd64
639
640 *hardened-sources-2.6.14-r1 (05 Dec 2005)
641
642 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
643 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
644 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
645
646 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
647 - stable on x86 security bug #114227 CAN-2005-3257
648
649 *hardened-sources-2.4.32 (19 Nov 2005)
650
651 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
652 +hardened-sources-2.4.32.ebuild:
653 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
654 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
655 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
656 rsbac >> /etc/portage/package.use)
657
658 *hardened-sources-2.6.14 (14 Nov 2005)
659
660 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
661 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
662 Bumping 2.6 series to 2.6.14.2
663
664 *hardened-sources-2.6.13-r2 (20 Oct 2005)
665
666 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
667 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
668 +hardened-sources-2.6.13-r2.ebuild:
669 Fixes minor build error in ppc.
670
671 *hardened-sources-2.6.13-r1 (17 Oct 2005)
672
673 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
674 +hardened-sources-2.6.13-r1.ebuild:
675 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
676 2.6.13.4, fixes some major amd64 stability problems.
677
678 *hardened-sources-2.6.13 (16 Sep 2005)
679
680 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
681 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
682 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
683 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
684 users should test this thoroughly.
685
686 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
687 - stable on x86
688
689 *hardened-sources-2.6.11-r15 (27 Jun 2005)
690
691 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
692 +hardened-sources-2.6.11-r15.ebuild:
693 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
694 grsec redefining curr_ip struct.
695
696 *hardened-sources-2.4.31 (20 Jun 2005)
697
698 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
699 initial import of 2.4.31 tree
700
701 *hardened-sources-2.6.11-r14 (14 Jun 2005)
702
703 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
704 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
705 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
706 naming scheme to abide by genpatches
707
708 *hardened-sources-2.6.11-r13 (18 May 2005)
709
710 18 May 2005; John Mylchreest <johnm@gentoo.org>
711 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
712 Managed to mangle the Makefile patch from grsec, to miss out the grsec
713 target. sorry about that. Fixes bug #93022
714
715 *hardened-sources-2.6.11-r12 (17 May 2005)
716
717 17 May 2005; John Mylchreest <johnm@gentoo.org>
718 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
719 +hardened-sources-2.6.11-r12.ebuild:
720 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
721 merges in genpatches-base
722
723 *hardened-sources-2.6.11-r12 (17 May 2005)
724
725 17 May 2005; John Mylchreest <johnm@gentoo.org>
726 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
727 +hardened-sources-2.6.11-r12.ebuild:
728 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
729 merges in genpatches-base
730
731 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
732 -files/2.4.27-cmdline-race.patch,
733 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
734 -files/2.4.28-grsec-binfmt_a.out.patch,
735 -files/2.4.28-grsec-cmdline-race.patch,
736 -files/2.4.28-selinux-binfmt_a.out.patch,
737 -files/2.4.28-selinux-cmdline-race.patch,
738 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
739 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
740 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
741 cleanup..
742
743 *hardened-sources-2.4.30-r1 (21 Apr 2005)
744
745 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
746 - disable aout by default
747
748 *hardened-sources-2.4.30 (18 Apr 2005)
749
750 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
751 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
752 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
753 use
754
755 *hardened-sources-2.4.29 (30 Mar 2005)
756
757 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
758 +hardened-sources-2.4.29.ebuild:
759 New hardened-patches-2.4-29.0 patchball.
760 Removed SELinux support, upgraded GRSecurity to 2.1.4.
761
762 *hardened-sources-2.4.28-r5 (06 Mar 2005)
763
764 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
765 +hardened-sources-2.4.28-r5.ebuild:
766 Added a fix for a PaX vulnerability.
767
768 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
769 hardened-sources-2.4.28-r4.ebuild:
770 Stable on x86
771
772 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
773 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
774 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
775 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
776 - fixed/added RDEPEND= in all kernel-2 ebuilds
777
778 *hardened-sources-2.4.28-r4 (21 Jan 2005)
779
780 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
781 +hardened-sources-2.4.28-r4.ebuild:
782 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
783 backport of neighbour hash updates.
784
785 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
786 hardened-sources-2.4.28-r3.ebuild:
787 Stable on x86
788
789 *hardened-sources-2.6.10-r3 (20 Jan 2005)
790
791 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
792 +hardened-sources-2.6.10-r3.ebuild:
793 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
794 in 2005.0
795
796 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
797 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
798 hardened-sources-2.4.28-r2.ebuild:
799 Mark stable on x86
800
801 *hardened-sources-2.4.28-r3 (17 Jan 2005)
802
803 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
804 +hardened-sources-2.4.28-r3.ebuild:
805 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
806
807 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
808 hardened-sources-2.4.28.ebuild:
809 Mark stable on x86.
810
811 *hardened-sources-2.4.28-r2 (13 Jan 2005)
812
813 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
814 +hardened-sources-2.4.28-r2.ebuild:
815 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
816 Mazinger for grsecurity patches as well.
817
818 *hardened-sources-2.4.28-r1 (23 Dec 2004)
819
820 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
821 Security bump. Thank tocharian for rolling a new patchset...
822
823 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
824 +files/2.4.28-grsec-cmdline-race.patch,
825 +files/2.4.28-selinux-binfmt_a.out.patch,
826 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
827 - Round up remaining security patches that appear to be missing in 2.4.28. -
828 PaX standalone updated to current. hgpv=28.1
829
830 *hardened-sources-2.4.28 (28 Nov 2004)
831
832 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
833 security bump. Thank tocharian for rolling a new patchset
834
835 *hardened-sources-2.4.27-r3 (08 Sep 2004)
836
837 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
838 +hardened-sources-2.4.27-r3.ebuild:
839 Applies the new 2.4-27.2 patchball which updates
840 GRSecurity to the 2.0.1 version.
841
842 *hardened-sources-2.4.27-r2 (31 Aug 2004)
843
844 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
845 +hardened-sources-2.4.27-r2.ebuild:
846 Version bump.
847 This version uses the new 2.4-27.1 patchball which updates
848 both the SELinux PaX hooks patch and the SELinux headers.
849
850 *hardened-sources-2.4.27-r1 (09 Aug 2004)
851
852 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
853 +hardened-sources-2.4.27-r1.ebuild,
854 -hardened-sources-2.4.27.ebuild,
855 +files/2.4.27-cmdline-race.patch:
856 Version bump, fix for cmdline race. See bug #59905.
857
858 *hardened-sources-2.4.26-r6 (09 Aug 2004)
859
860 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
861 +hardened-sources-2.4.26-r6.ebuild,
862 -hardened-sources-2.4.26-r5.ebuild,
863 -hardened-sources-2.4.26-r4.ebuild,
864 +files/2.4.26-cmdline-race.patch:
865 Version bump, fix for cmdline race. See bug #59905.
866
867 *hardened-sources-2.4.27 (08 Aug 2004)
868
869 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
870 +hardened-sources-2.4.27.ebuild,
871 +files/2.4.27-CAN-2004-0394.patch:
872 Ported the patchball to the 2.4.27 kernel version.
873
874 *hardened-sources-2.4.26-r5 (07 Aug 2004)
875
876 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
877 +hardened-sources-2.4.26-r5.ebuild:
878 Updated to use the new hardened-patches-2.4-26.1 patchball.
879 It adds the following features:
880 - Squashfs
881 - Ebtables
882 - Netdev random (core+drivers)
883 - Watchdog Timer (WDT) fix.
884
885 *hardened-sources-2.4.26-r4 (04 Aug 2004)
886
887 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
888 +hardened-sources-2.4.26-r4.ebuild,
889 +files/2.4.26-CAN-2004-0415.patch,
890 -hardened-sources-2.4.26-3:
891 Version bump, fix for CAN 0415, see bug #59378.
892
893 *hardened-sources-2.4.26-r3 (22 Jul 2004)
894
895 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
896 +hardened-sources-2.4.26-r3.ebuild,
897 +files/2.4.26-CAN-2004-0497.patch,
898 -hardened-sources-2.4.26-r2.ebuild:
899 Version bump, fixed CAN 0497, see bug #56171.
900
901 *hardened-sources-2.4.26-r2 (29 Jun 2004)
902
903 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
904 +hardened-sources-2.4.26-r2.ebuild,
905 +files/2.4.26-CAN-2004-0495.patch,
906 +files/2.4.26-CAN-2004-0535.patch,
907 -hardened-sources-2.4.26-r1.ebuild:
908 Fixes for both CAN 0495 and 0535, see bug #54976
909
910 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
911 hardened-sources-2.4.26-r1.ebuild:
912 QA - fix use invocation
913
914 *hardened-sources-2.4.26-r1 (22 June 2004)
915
916 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
917 +hardened-sources-2.4.26-r1.ebuild,
918 +files/2.4.26-CAN-2004-0394.patch,
919 +files/2.4.26-signal-race.patch,
920 -hardened-sources-2.4.26.ebuild,
921 -hardened-sources-2.4.24-r3.ebuild:
922 Version bump for the CAN-2004-0394 issue and bug #53804
923 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
924
925
926 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
927 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
928 Masked hardened-sources-2.4.26.ebuild broken for ppc
929
930 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
931 hardened-sources-2.4.24-r3.ebuild:
932 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
933
934 *hardened-sources-2.4.26 (29 May 2004)
935
936 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
937 +hardened-sources-2.4.26.ebuild:
938 Updated hardened-sources for the 2.4.26 kernel
939 Removed broken components, updated almost everything.
940
941 *hardened-sources-2.4.24-r3 (17 Apr 2004)
942
943 17 Apr 2004; <plasmaroo@gentoo.org>
944 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
945 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
946 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
947 +hardened-sources-2.4.24-r3.ebuild:
948 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
949 vulnerabilities. Old revisions removed.
950
951 *hardened-sources-2.4.24-r2 (15 Apr 2004)
952
953 15 Apr 2004; <plasmaroo@gentoo.org>
954 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
955 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
956 Version bump for the CAN-2004-0109 issue; bug #47881.
957
958 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
959 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
960 Add eutils to inherit.
961
962 *hardened-sources-2.4.24-r1 (19 Feb 2004)
963
964 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
965 files/hardened-sources-2.4.24.munmap.patch:
966 Added the patch for the mremap/munmap vulnerability. Bug #42024.
967
968 *hardened-sources-2.4.24 (06 Feb 2004)
969
970 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
971 hardened-sources-2.4.24.ebuild:
972 Version bump, updated most of the components.
973 This release includes the following:
974
975 - Hardened security
976 - Netfilter patch-o-matic 20031219
977 - FreeSWAN 2.04 & x509 1.4.8
978 - EVMS 2.2.2
979 - XFS 1.3.1
980 - cryptoloop jari
981 - grsecurity 2.0-rc4
982 - SELinux
983 - PaX 200402060000
984 - PaX Obscurity 200308302223
985 - Others...
986
987 Neither -ck nor systrace are included anymore.
988
989 *hardened-sources-2.4.22-r2 (05 Jan 2004)
990
991 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
992 hardened-sources-2.4.22-r2.ebuild:
993 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
994
995 *hardened-sources-2.4.22-r1 (02 Dec 2003)
996
997 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
998 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
999
1000 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1001 hardened-sources-2.4.22-r1.ebuild:
1002 Version bump for the 'do_brk' vulnerability.
1003
1004 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1005 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1006 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1007 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1008 Fix the 'do_brk' vulnerability.
1009
1010 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1011 hardened-sources-2.4.22.ebuild:
1012 - Removed the src_install() portion for SELinux flask
1013 components. These are no longer handled in the kernel
1014 so this code was not necessary.
1015
1016 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1017 New 2.4.22 based hardened-sources thanks to
1018 Phil West <p.west@computer.org>.
1019
1020 These sources include:
1021 - New SELinux API
1022 - Updated CK-base
1023 - Updated GRSec
1024 - Systrace
1025 - SuperFreeS/WAN 1.99.8
1026 - Propolice kernel build support
1027 - EVMS
1028 - Other various security related patches
1029
1030 *hardened-sources-2.4.21 (14 Sep 2003)
1031
1032 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1033 Updated hardened-sources based on the 2.4.21 Linux kernel.
1034 This includes updates to most major components such as:
1035 - ck-base-0306300059
1036 - selinux-2.4-2003071106
1037 - grsecurity-2.0-rc1
1038 - Updated IPTables patch-o-matic
1039 - Updated SuperFreeS/WAN
1040
1041 Thanks to Phil West <pwest@computer.org> for his work in getting this
1042 updated patch set ready for the 2.4.21 based kernel.
1043
1044 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1045 Initial import of hardened-sources-2.4.20-r4. This revision
1046 includes only a few changes, but one of these is an important
1047 security fix. It is recommended all users of hardened-sources
1048 upgrade to this release.
1049
1050 - ioperm bug fix
1051 - fixed compilation failure when building without GRSec
1052
1053 SAL (Secure Auditing for Linux) is NOT included in this revision
1054 due to time constraints, but is planned for inclusion in the near
1055 future.
1056
1057 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1058
1059 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1060 hardened-sources-2.4.20-r3.ebuild:
1061 Add Header...
1062
1063 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1064 hardened-sources-2.4.20-r3.ebuild:
1065 Removed warnings from ebuild. This kernel should be safe to
1066 use at this point.
1067
1068 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1069
1070 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1071 hardened-sources-2.4.20-r3.ebuild:
1072 New revision. Includes the following changes over -r2:
1073
1074 - ck7-base (O(1), preempt, low latency)
1075 - Super FreeS/WAN 1.99.7rc2
1076 - PaX for the LSM/SELinux branch
1077 - GRSecurity 2.0-pre4 (role based access control)
1078 - Systrace 1.3
1079 - EXT3 fixes
1080 - EVMS 2.0.1
1081 - GCC 3.1+ compile optimizations
1082 - ProPolice kernel build support
1083 - Hashing table security fixes
1084
1085 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1086
1087 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1088 Initial import of hardened-sources-r2. This new
1089 ebuild includes many new performance and security
1090 related patches. As in -r1, it will patch in
1091 LSM/SELinux if "selinux" is in USE, otherwise it
1092 will patch in GRSecurity. The following patches
1093 are included in this revision:
1094
1095 - O(1) Scheduler, Low Latency, and Preempt
1096 (pulled from the base CK patch)
1097 - ptrace exploit patch for the LSM kernel
1098 (the GRSec patch already fixes this)
1099 - LSM 2.4-2003040709
1100 - SELinux 2.4-2003040709
1101 - Systrace v1.2
1102 - IPTables patch-o-matic base patches - 20030107
1103 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1104 - Super FreeS/WAN 1.99.6.1
1105 - GRSecurity 1.9.9g
1106 - MPPE
1107 - EXT3 data journal fix
1108 - CIPE 1.5.4
1109
1110 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1111 hardened-sources-2.4.20-r1.ebuild, manifest:
1112 Updated to install flask components correctly for selinux.
1113
1114 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1115 hardened-sources-2.4.20-r1.ebuild:
1116 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1117 is patched in instead. Ptrace patches for selinux have also been added. In
1118 either case, systrace support will be patched in as well.
1119
1120 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1121 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1122 Revision bump for new sources.
1123
1124 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1125 hardened-sources-2.4.20-r1.ebuild:
1126 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1127
1128 *hardened-sources-2.4.20 (30 Mar 2003)
1129
1130 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1131 hardened-sources-2.4.20.ebuild:
1132 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20