/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.179 - (show annotations) (download)
Sat Sep 1 12:06:55 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.178: +5 -1 lines
Removing tocharian from metadata due to his retirement (see #71718 for reference).
(Portage version: 2.1.3.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.178 2007/08/30 13:51:24 phreak Exp $
4
5 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
6 Removing tocharian from metadata due to his retirement (see #71718 for
7 reference).
8
9 *hardened-sources-2.6.20-r9 (30 Aug 2007)
10
11 30 Aug 2007; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.20-r9.ebuild:
13 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
14
15 29 Aug 2007; Christian Heim <phreak@gentoo.org>
16 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
17 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
18 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
19 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
20 -hardened-sources-2.6.22-r2.ebuild:
21 Removing some redundant versions.
22
23 *hardened-sources-2.4.35-r1 (29 Aug 2007)
24
25 29 Aug 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.4.35-r1.ebuild:
27 Revision bump, new grsecurity patch.
28
29 *hardened-sources-2.6.20-r8 (26 Aug 2007)
30
31 26 Aug 2007; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.6.20-r8.ebuild:
33 Revision bump for Linux 2.6.20.17.
34
35 *hardened-sources-2.6.22-r3 (22 Aug 2007)
36
37 22 Aug 2007; Christian Heim <phreak@gentoo.org>
38 +hardened-sources-2.6.22-r3.ebuild:
39 Revision bump for Linux 2.6.22.4.
40
41 16 Aug 2007; Christian Heim <phreak@gentoo.org>
42 hardened-sources-2.6.22-r2.ebuild:
43 Updated patchset, to fix the alignment against 2.6.22.3.
44
45 *hardened-sources-2.6.22-r2 (16 Aug 2007)
46
47 16 Aug 2007; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.22-r2.ebuild:
49 Revision bump for Linux 2.6.22.3.
50
51 *hardened-sources-2.4.35 (16 Aug 2007)
52
53 16 Aug 2007; Christian Heim <phreak@gentoo.org>
54 +hardened-sources-2.4.35.ebuild:
55 Version bump, initial version for Linux 2.4.35.
56
57 *hardened-sources-2.6.21-r4 (16 Aug 2007)
58
59 16 Aug 2007; Christian Heim <phreak@gentoo.org>
60 +hardened-sources-2.6.21-r4.ebuild:
61 Revision bump for Linux 2.6.21.6.
62
63 *hardened-sources-2.6.20-r7 (16 Aug 2007)
64
65 16 Aug 2007; Christian Heim <phreak@gentoo.org>
66 +hardened-sources-2.6.20-r7.ebuild:
67 Revision bump for Linux 2.6.20.16.
68
69 *hardened-sources-2.6.22-r1 (13 Aug 2007)
70
71 13 Aug 2007; Christian Heim <phreak@gentoo.org>
72 +hardened-sources-2.6.22-r1.ebuild:
73 Yet another revision bump.
74
75 *hardened-sources-2.6.22 (10 Aug 2007)
76
77 10 Aug 2007; Christian Heim <phreak@gentoo.org>
78 +hardened-sources-2.6.22.ebuild:
79 Initial release for 2.6.22. If you are using hardened-sources on a desktop
80 machine (P4 or newer), be aware you might need to disable
81 CONFIG_PAX_PAGEEXEC.
82
83 04 Aug 2007; Christian Heim <phreak@gentoo.org>
84 hardened-sources-2.6.20-r6.ebuild:
85 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
86 2.6.20.15.
87
88 10 Jul 2007; Christian Heim <phreak@gentoo.org>
89 hardened-sources-2.6.20-r5.ebuild:
90 Marking hardened-sources-2.6.20-r5 stable on ppc.
91
92 10 Jul 2007; Christian Heim <phreak@gentoo.org>
93 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
94 Cleanup.
95
96 *hardened-sources-2.6.20-r6 (08 Jul 2007)
97
98 08 Jul 2007; Christian Heim <phreak@gentoo.org>
99 +hardened-sources-2.6.20-r6.ebuild:
100 Revision bump, grabbing yet another stable release.
101
102 17 Jun 2007; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
104 -hardened-sources-2.6.21-r2.ebuild:
105 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
106 alpha stable KEYWORD by mistake.
107
108 17 Jun 2007; Christian Heim <phreak@gentoo.org>
109 hardened-sources-2.6.20-r5.ebuild:
110 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
111 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
112
113 *hardened-sources-2.6.21-r3 (12 Jun 2007)
114
115 12 Jun 2007; Christian Heim <phreak@gentoo.org>
116 +hardened-sources-2.6.21-r3.ebuild:
117 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
118 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
119 love.
120
121 *hardened-sources-2.6.20-r5 (11 Jun 2007)
122
123 11 Jun 2007; Christian Heim <phreak@gentoo.org>
124 +hardened-sources-2.6.20-r5.ebuild:
125 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
126 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
127 love.
128
129 *hardened-sources-2.4.34.5 (11 Jun 2007)
130
131 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
132 +hardened-sources-2.4.34.5.ebuild:
133 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
134
135 30 May 2007; Christian Heim <phreak@gentoo.org>
136 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
137 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
138 stale ebuild(s).
139
140 30 May 2007; Christian Heim <phreak@gentoo.org>
141 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
142 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
143 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
144 Doing some cleanups, remove stale ebuilds.
145
146 26 May 2007; Christian Heim <phreak@gentoo.org>
147 hardened-sources-2.6.21-r2.ebuild:
148 Fixing the grsecurity patch, had one '};' too much.
149
150 *hardened-sources-2.6.21-r2 (26 May 2007)
151
152 26 May 2007; Christian Heim <phreak@gentoo.org>
153 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
154 +hardened-sources-2.6.21-r2.ebuild:
155 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
156 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
157
158 *hardened-sources-2.6.20-r4 (26 May 2007)
159
160 26 May 2007; Christian Heim <phreak@gentoo.org>
161 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
162 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
163 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
164
165 15 May 2007; Christian Heim <phreak@gentoo.org>
166 hardened-sources-2.6.20-r3.ebuild:
167 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
168 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
169 grsecurity patch fail in that exact same hunk.
170
171 *hardened-sources-2.6.20-r3 (15 May 2007)
172
173 15 May 2007; Christian Heim <phreak@gentoo.org>
174 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
175 Revision bump, incorporating Linux 2.6.20.11.
176
177 *hardened-sources-2.6.21-r1 (11 May 2007)
178
179 11 May 2007; Christian Heim <phreak@gentoo.org>
180 +hardened-sources-2.6.21-r1.ebuild:
181 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
182 mentioned in #177234.
183
184 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
185 files/digest-hardened-sources-2.6.21, Manifest:
186 Fix Manifest/digest for linux-2.6.21.tar.bz2
187
188 06 May 2007; Christian Heim <phreak@gentoo.org>
189 hardened-sources-2.6.21.ebuild:
190 Bumping the hardened-patches version, needed for the fix for #177234.
191
192 *hardened-sources-2.6.21 (02 May 2007)
193
194 02 May 2007; Christian Heim <phreak@gentoo.org>
195 +hardened-sources-2.6.21.ebuild:
196 Version bump, Linux 2.6.21-hardened.
197
198 29 Apr 2007; Christian Heim <phreak@gentoo.org>
199 hardened-sources-2.6.20-r2.ebuild:
200 Adding ~ia64 on Ned's request.
201
202 29 Apr 2007; Christian Heim <phreak@gentoo.org>
203 hardened-sources-2.6.20-r2.ebuild:
204 Fixing the included grsecurity patch, wasn't alligning due to the Index:
205 header line(s).
206
207 29 Apr 2007; Christian Heim <phreak@gentoo.org>
208 hardened-sources-2.6.20-r2.ebuild:
209 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
210
211 *hardened-sources-2.6.20-r2 (10 Apr 2007)
212
213 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
214 +hardened-sources-2.6.20-r2.ebuild:
215 Version bump, on behalf of phreak
216
217 *hardened-sources-2.6.20-r1 (04 Apr 2007)
218
219 04 Apr 2007; Christian Heim <phreak@gentoo.org>
220 +hardened-sources-2.6.20-r1.ebuild:
221 Revision bump, grabbing a newer grsecurity snapshot.
222
223 *hardened-sources-2.6.20 (25 Mar 2007)
224
225 25 Mar 2007; Christian Heim <phreak@gentoo.org>
226 +hardened-sources-2.6.20.ebuild:
227 Finally a hardened-sources version for 2.6.20; many people have been waiting
228 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
229 testbox.
230
231 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
232 hardened-sources-2.6.18-r6.ebuild:
233 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
234
235 *hardened-sources-2.6.18-r6 (16 Mar 2007)
236
237 16 Mar 2007; Christian Heim <phreak@gentoo.org>
238 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
239 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
240 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
241 supposed to be.
242
243 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
244 Fixing the Manifest, the previous one was broken (as in still had the
245 deleted ebuild in it).
246
247 06 Mar 2007; Christian Heim <phreak@gentoo.org>
248 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
249 +hardened-sources-2.6.18-r5.ebuild:
250 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
251 Linux 2.6.18.8. Also cleaning up the older version.
252
253 *hardened-sources-2.6.18-r5 (06 Mar 2007)
254
255 06 Mar 2007; Christian Heim <phreak@gentoo.org>
256 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
257 +hardened-sources-2.6.18-r5.ebuild:
258 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
259 Linux 2.6.18.8. Also cleaning up the older version.
260
261 24 Feb 2007; Christian Heim <phreak@gentoo.org>
262 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
263 -hardened-sources-2.6.19-r5.ebuild:
264 Removing some of the old version, that didn't work.
265
266 *hardened-sources-2.6.19-r6 (12 Feb 2007)
267
268 12 Feb 2007; Christian Heim <phreak@gentoo.org>
269 +hardened-sources-2.6.19-r6.ebuild:
270 Revision bump, including a new grsec version fixing #166235.
271
272 *hardened-sources-2.4.34 (24 Jan 2007)
273
274 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
275 Manifest:
276 updating Manifest with checksums of new tarball and ebuild
277
278 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
279 +hardened-sources-2.4.34.ebuild:
280 I added new hardened sources 2.4 update, this is a critical path
281 security bugfix - all users of h-s are strongly advised
282 to update their existing hardened sources to this version.
283 It contains a fix for a kernel vulnerability that is pertaining
284 to the PaX changes to virtual memory management, possibly leading
285 to a local kernel exploit ... see grsecurity.net forums and homepage
286
287 23 Jan 2007; Christian Heim <phreak@gentoo.org>
288 files/digest-hardened-sources-2.6.19-r5, Manifest:
289 Fixing the patch-tarball digest.
290
291 *hardened-sources-2.6.19-r5 (23 Jan 2007)
292
293 23 Jan 2007; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.19-r5.ebuild:
295 Revision bump, closing the recently discovered PaX expand_stack()
296 vulnerability.
297
298 *hardened-sources-2.6.19-r4 (14 Jan 2007)
299
300 14 Jan 2007; Christian Heim <phreak@gentoo.org>
301 +hardened-sources-2.6.19-r4.ebuild:
302 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
303 dropping the randomized PID feature.
304
305 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
306 hardened-sources-2.4.33.4.ebuild:
307 stable x86, bug #161171
308
309 *hardened-sources-2.6.19-r3 (27 Dec 2006)
310
311 27 Dec 2006; Christian Heim <phreak@gentoo.org>
312 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
313 Revision bump for bug #157186 and #158786.
314
315 *hardened-sources-2.6.18-r4 (27 Dec 2006)
316
317 27 Dec 2006; Christian Heim <phreak@gentoo.org>
318 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
319 Revision bump for bug #157186.
320
321 *hardened-sources-2.6.19-r2 (23 Dec 2006)
322
323 23 Dec 2006; Christian Heim <phreak@gentoo.org>
324 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
325 Revision bump to pull in genpatches-2.6.19-3 for #157186.
326
327 17 Dec 2006; Christian Heim <phreak@gentoo.org>
328 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
329 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
330 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
331 hardened-sources-2.6.19-r1.ebuild:
332 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
333 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
334
335 *hardened-sources-2.4.33.4 (17 Dec 2006)
336
337 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
338 +hardened-sources-2.4.33.4.ebuild:
339 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
340 and quilting
341
342 *hardened-sources-2.6.19-r1 (14 Dec 2006)
343
344 14 Dec 2006; Christian Heim <phreak@gentoo.org>
345 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
346 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
347 for reporting).
348
349 *hardened-sources-2.6.19 (13 Dec 2006)
350
351 13 Dec 2006; Christian Heim <phreak@gentoo.org>
352 +hardened-sources-2.6.19.ebuild:
353 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
354 Brad for providing that prompt update.
355
356 *hardened-sources-2.6.18-r3 (13 Dec 2006)
357
358 13 Dec 2006; Christian Heim <phreak@gentoo.org>
359 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
360 +hardened-sources-2.6.18-r3.ebuild:
361 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
362 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
363
364 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
365 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
366
367 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
368 Stable on ppc wrt bug 157356
369
370 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
371 hardened-sources-2.6.18.ebuild:
372 stable x86, bug #157356
373
374 *hardened-sources-2.6.18-r2 (06 Dec 2006)
375
376 06 Dec 2006; Christian Heim <phreak@gentoo.org>
377 +hardened-sources-2.6.18-r2.ebuild:
378 Revision bump, including 2.6.18.5 (via genpatches) and
379 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
380 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
381 redesign.
382
383 06 Dec 2006; Christian Heim <phreak@gentoo.org>
384 hardened-sources-2.6.18.ebuild:
385 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
386 of Mike Doty).
387
388 *hardened-sources-2.6.18-r1 (23 Nov 2006)
389
390 23 Nov 2006; Christian Heim <phreak@gentoo.org>
391 +hardened-sources-2.6.18-r1.ebuild:
392 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
393
394 *hardened-sources-2.6.18 (11 Nov 2006)
395
396 11 Nov 2006; Christian Heim <phreak@gentoo.org>
397 +hardened-sources-2.6.18.ebuild:
398 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
399
400 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
401 - mark amd64 stable also. bug #151877
402
403 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
404 - mark 2.6.17-r1 stable
405
406 27 Aug 2006; Christian Heim <phreak@gentoo.org>
407 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
408 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
409
410 *hardened-sources-2.6.17-r1 (26 Aug 2006)
411
412 26 Aug 2006; Christian Heim <phreak@gentoo.org>
413 +hardened-sources-2.6.17-r1.ebuild:
414 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
415 grsecurity patch.
416
417 *hardened-sources-2.6.17 (17 Aug 2006)
418
419 17 Aug 2006; Christian Heim <phreak@gentoo.org>
420 +hardened-sources-2.6.17.ebuild:
421 Bumping the hardened-sources-2.6 series to 2.6.17, using
422 genpatches-2.6.17-6.base.
423
424 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
425 - stable on x86 and amd64
426
427 *hardened-sources-2.6.16-r11 (15 Jul 2006)
428
429 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
430 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
431 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
432 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
433 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
434 crusty ebuilds
435
436 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
437 hardened-sources-2.6.16-r10.ebuild:
438 marking stable on x86 and amd64
439
440 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
441 - 2.4.32-r6 stable on x86. RSBAC state unknown
442
443 *hardened-sources-2.4.32-r7 (10 Jul 2006)
444
445 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
446 +hardened-sources-2.4.32-r7.ebuild:
447 Bump PaX for RSBAC to test-17
448
449 *hardened-sources-2.6.16-r9 (03 Jul 2006)
450
451 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
452 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
453 hardened-sources-2.6.16 bump to latest -base.
454
455 *hardened-sources-2.4.32-r6 (30 Jun 2006)
456
457 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
458 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
459 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
460 sysctl controlable resource logging
461
462 *hardened-sources-2.6.16-r7 (05 Jun 2006)
463
464 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
465 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
466 push new 2.6.16 release in preparation for stable
467
468 22 May 2006; <solar@gentoo.org> :
469 - redigest bug 134002
470
471 *hardened-sources-2.4.32-r5 (16 May 2006)
472
473 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
474 +hardened-sources-2.4.32-r5.ebuild:
475 Fixes rsbac common patching (new patch in new -r5 patchset)
476
477 *hardened-sources-2.4.32-r4 (13 May 2006)
478
479 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
480 +hardened-sources-2.4.32-r4.ebuild:
481 - security bumps
482
483 *hardened-sources-2.6.16-r6 (03 May 2006)
484
485 03 May 2006; John Mylchreest <johnm@gentoo.org>
486 +hardened-sources-2.6.16-r6.ebuild:
487 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
488
489 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
490 hardened-sources-2.6.14-r8.ebuild:
491 fix x86_64 build problem, this will delay the digest issue again for a short
492 while but it will sort itself out
493
494 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
495 hardened-sources-2.6.14-r8.ebuild:
496 bump hardened patchset
497
498 27 Apr 2006; Alec Warner <antarus@gentoo.org>
499 files/digest-hardened-sources-2.4.32-r2,
500 files/digest-hardened-sources-2.4.32-r3,
501 files/digest-hardened-sources-2.6.14-r8, Manifest:
502 Fixing duff SHA256 digests: Bug # 131293
503
504 *hardened-sources-2.6.16-r5 (27 Apr 2006)
505
506 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
507 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
508 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
509 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
510 cleanup of old uneccessary sources
511
512 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
513 fix digest
514
515 *hardened-sources-2.6.14-r8 (20 Apr 2006)
516
517 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
518 +hardened-sources-2.6.14-r8.ebuild:
519 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
520
521 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
522 Turning on gpg-signing again, and recomitting
523
524 *hardened-sources-2.6.16-r4 (20 Apr 2006)
525
526 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
527 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
528 +hardened-sources-2.6.16-r4.ebuild:
529 Fix numerous security vulns
530
531 *hardened-sources-2.4.32-r3 (16 Apr 2006)
532
533 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
534 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
535 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
536 - security bump for bug #112791. Removed old ebuilds
537
538 *hardened-sources-2.6.16-r3 (15 Apr 2006)
539
540 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
541 +hardened-sources-2.6.16-r3.ebuild:
542 Removing silly localversion which I missed
543
544 *hardened-sources-2.6.14-r7 (14 Apr 2006)
545
546 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
547 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
548 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
549
550 *hardened-sources-2.6.16-r2 (13 Apr 2006)
551
552 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
553 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
554 +hardened-sources-2.6.16-r2.ebuild:
555 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
556 labels, dropping USERGROUP define fixes, since these were merged mainstream.
557
558 *hardened-sources-2.6.16-r1 (11 Apr 2006)
559
560 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
561 +hardened-sources-2.6.16-r1.ebuild:
562 Bumping to include ppc build fix and 2.6.16.3
563
564 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
565 hardened-sources-2.6.14-r6.ebuild:
566 Stable on x86; bug #127718
567
568 *hardened-sources-2.6.16 (31 Mar 2006)
569
570 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
571 +hardened-sources-2.6.16.ebuild:
572 Bumping to new version of grsec, and kernel base. New squashfs. Based on
573 2.6.16.1
574
575 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
576 hardened-sources-2.6.14-r6.ebuild:
577 Stable on amd64, bug 127718.
578
579 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
580 Stable on ppc. Bug #127718
581
582 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
583 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
584 -hardened-sources-2.6.14-r4.ebuild:
585 Cleanup.
586
587 *hardened-sources-2.6.14-r6 (15 Mar 2006)
588
589 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
590 +hardened-sources-2.6.14-r6.ebuild:
591 Fixes grsec policy recreation bug and adds a
592 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
593
594 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
595 - stable on x86
596
597 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
598 hardened-sources-2.6.14-r5.ebuild:
599 Stable on ppc.
600
601 *hardened-sources-2.6.14-r5 (01 Feb 2006)
602
603 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
604 +hardened-sources-2.6.14-r5.ebuild:
605 fixing every known exploit
606
607 *hardened-sources-2.4.32-r2 (26 Jan 2006)
608
609 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
610 +hardened-sources-2.4.32-r2.ebuild:
611 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
612
613 *hardened-sources-2.6.14-r4 (12 Jan 2006)
614
615 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
616 - version bump for new genpatches which fix up a few sec holes
617
618 *hardened-sources-2.4.32-r1 (05 Jan 2006)
619
620 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
621 - revision bump to add misc vital linux kernel security patches.
622
623 *hardened-sources-2.6.14-r3 (30 Dec 2005)
624
625 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
626 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
627 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
628
629 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
630 hardened-sources-2.6.14-r2.ebuild:
631 making x86 & amd64 stable following testing.
632
633 *hardened-sources-2.6.14-r2 (27 Dec 2005)
634
635 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
636 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
637 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
638 network hooks.
639
640 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
641 hardened-sources-2.6.14-r1.ebuild:
642 bumping to stable early for sec fix on x86 & amd64
643
644 *hardened-sources-2.6.14-r1 (05 Dec 2005)
645
646 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
648 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
649
650 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
651 - stable on x86 security bug #114227 CAN-2005-3257
652
653 *hardened-sources-2.4.32 (19 Nov 2005)
654
655 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
656 +hardened-sources-2.4.32.ebuild:
657 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
658 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
659 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
660 rsbac >> /etc/portage/package.use)
661
662 *hardened-sources-2.6.14 (14 Nov 2005)
663
664 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
665 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
666 Bumping 2.6 series to 2.6.14.2
667
668 *hardened-sources-2.6.13-r2 (20 Oct 2005)
669
670 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
671 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
672 +hardened-sources-2.6.13-r2.ebuild:
673 Fixes minor build error in ppc.
674
675 *hardened-sources-2.6.13-r1 (17 Oct 2005)
676
677 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
678 +hardened-sources-2.6.13-r1.ebuild:
679 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
680 2.6.13.4, fixes some major amd64 stability problems.
681
682 *hardened-sources-2.6.13 (16 Sep 2005)
683
684 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
685 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
686 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
687 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
688 users should test this thoroughly.
689
690 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
691 - stable on x86
692
693 *hardened-sources-2.6.11-r15 (27 Jun 2005)
694
695 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
696 +hardened-sources-2.6.11-r15.ebuild:
697 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
698 grsec redefining curr_ip struct.
699
700 *hardened-sources-2.4.31 (20 Jun 2005)
701
702 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
703 initial import of 2.4.31 tree
704
705 *hardened-sources-2.6.11-r14 (14 Jun 2005)
706
707 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
708 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
709 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
710 naming scheme to abide by genpatches
711
712 *hardened-sources-2.6.11-r13 (18 May 2005)
713
714 18 May 2005; John Mylchreest <johnm@gentoo.org>
715 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
716 Managed to mangle the Makefile patch from grsec, to miss out the grsec
717 target. sorry about that. Fixes bug #93022
718
719 *hardened-sources-2.6.11-r12 (17 May 2005)
720
721 17 May 2005; John Mylchreest <johnm@gentoo.org>
722 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
723 +hardened-sources-2.6.11-r12.ebuild:
724 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
725 merges in genpatches-base
726
727 *hardened-sources-2.6.11-r12 (17 May 2005)
728
729 17 May 2005; John Mylchreest <johnm@gentoo.org>
730 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
731 +hardened-sources-2.6.11-r12.ebuild:
732 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
733 merges in genpatches-base
734
735 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
736 -files/2.4.27-cmdline-race.patch,
737 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
738 -files/2.4.28-grsec-binfmt_a.out.patch,
739 -files/2.4.28-grsec-cmdline-race.patch,
740 -files/2.4.28-selinux-binfmt_a.out.patch,
741 -files/2.4.28-selinux-cmdline-race.patch,
742 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
743 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
744 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
745 cleanup..
746
747 *hardened-sources-2.4.30-r1 (21 Apr 2005)
748
749 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
750 - disable aout by default
751
752 *hardened-sources-2.4.30 (18 Apr 2005)
753
754 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
755 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
756 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
757 use
758
759 *hardened-sources-2.4.29 (30 Mar 2005)
760
761 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
762 +hardened-sources-2.4.29.ebuild:
763 New hardened-patches-2.4-29.0 patchball.
764 Removed SELinux support, upgraded GRSecurity to 2.1.4.
765
766 *hardened-sources-2.4.28-r5 (06 Mar 2005)
767
768 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
769 +hardened-sources-2.4.28-r5.ebuild:
770 Added a fix for a PaX vulnerability.
771
772 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
773 hardened-sources-2.4.28-r4.ebuild:
774 Stable on x86
775
776 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
777 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
778 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
779 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
780 - fixed/added RDEPEND= in all kernel-2 ebuilds
781
782 *hardened-sources-2.4.28-r4 (21 Jan 2005)
783
784 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
785 +hardened-sources-2.4.28-r4.ebuild:
786 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
787 backport of neighbour hash updates.
788
789 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
790 hardened-sources-2.4.28-r3.ebuild:
791 Stable on x86
792
793 *hardened-sources-2.6.10-r3 (20 Jan 2005)
794
795 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
796 +hardened-sources-2.6.10-r3.ebuild:
797 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
798 in 2005.0
799
800 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
801 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
802 hardened-sources-2.4.28-r2.ebuild:
803 Mark stable on x86
804
805 *hardened-sources-2.4.28-r3 (17 Jan 2005)
806
807 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
808 +hardened-sources-2.4.28-r3.ebuild:
809 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
810
811 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
812 hardened-sources-2.4.28.ebuild:
813 Mark stable on x86.
814
815 *hardened-sources-2.4.28-r2 (13 Jan 2005)
816
817 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
818 +hardened-sources-2.4.28-r2.ebuild:
819 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
820 Mazinger for grsecurity patches as well.
821
822 *hardened-sources-2.4.28-r1 (23 Dec 2004)
823
824 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
825 Security bump. Thank tocharian for rolling a new patchset...
826
827 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
828 +files/2.4.28-grsec-cmdline-race.patch,
829 +files/2.4.28-selinux-binfmt_a.out.patch,
830 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
831 - Round up remaining security patches that appear to be missing in 2.4.28. -
832 PaX standalone updated to current. hgpv=28.1
833
834 *hardened-sources-2.4.28 (28 Nov 2004)
835
836 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
837 security bump. Thank tocharian for rolling a new patchset
838
839 *hardened-sources-2.4.27-r3 (08 Sep 2004)
840
841 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
842 +hardened-sources-2.4.27-r3.ebuild:
843 Applies the new 2.4-27.2 patchball which updates
844 GRSecurity to the 2.0.1 version.
845
846 *hardened-sources-2.4.27-r2 (31 Aug 2004)
847
848 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
849 +hardened-sources-2.4.27-r2.ebuild:
850 Version bump.
851 This version uses the new 2.4-27.1 patchball which updates
852 both the SELinux PaX hooks patch and the SELinux headers.
853
854 *hardened-sources-2.4.27-r1 (09 Aug 2004)
855
856 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
857 +hardened-sources-2.4.27-r1.ebuild,
858 -hardened-sources-2.4.27.ebuild,
859 +files/2.4.27-cmdline-race.patch:
860 Version bump, fix for cmdline race. See bug #59905.
861
862 *hardened-sources-2.4.26-r6 (09 Aug 2004)
863
864 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
865 +hardened-sources-2.4.26-r6.ebuild,
866 -hardened-sources-2.4.26-r5.ebuild,
867 -hardened-sources-2.4.26-r4.ebuild,
868 +files/2.4.26-cmdline-race.patch:
869 Version bump, fix for cmdline race. See bug #59905.
870
871 *hardened-sources-2.4.27 (08 Aug 2004)
872
873 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874 +hardened-sources-2.4.27.ebuild,
875 +files/2.4.27-CAN-2004-0394.patch:
876 Ported the patchball to the 2.4.27 kernel version.
877
878 *hardened-sources-2.4.26-r5 (07 Aug 2004)
879
880 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
881 +hardened-sources-2.4.26-r5.ebuild:
882 Updated to use the new hardened-patches-2.4-26.1 patchball.
883 It adds the following features:
884 - Squashfs
885 - Ebtables
886 - Netdev random (core+drivers)
887 - Watchdog Timer (WDT) fix.
888
889 *hardened-sources-2.4.26-r4 (04 Aug 2004)
890
891 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
892 +hardened-sources-2.4.26-r4.ebuild,
893 +files/2.4.26-CAN-2004-0415.patch,
894 -hardened-sources-2.4.26-3:
895 Version bump, fix for CAN 0415, see bug #59378.
896
897 *hardened-sources-2.4.26-r3 (22 Jul 2004)
898
899 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
900 +hardened-sources-2.4.26-r3.ebuild,
901 +files/2.4.26-CAN-2004-0497.patch,
902 -hardened-sources-2.4.26-r2.ebuild:
903 Version bump, fixed CAN 0497, see bug #56171.
904
905 *hardened-sources-2.4.26-r2 (29 Jun 2004)
906
907 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
908 +hardened-sources-2.4.26-r2.ebuild,
909 +files/2.4.26-CAN-2004-0495.patch,
910 +files/2.4.26-CAN-2004-0535.patch,
911 -hardened-sources-2.4.26-r1.ebuild:
912 Fixes for both CAN 0495 and 0535, see bug #54976
913
914 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
915 hardened-sources-2.4.26-r1.ebuild:
916 QA - fix use invocation
917
918 *hardened-sources-2.4.26-r1 (22 June 2004)
919
920 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
921 +hardened-sources-2.4.26-r1.ebuild,
922 +files/2.4.26-CAN-2004-0394.patch,
923 +files/2.4.26-signal-race.patch,
924 -hardened-sources-2.4.26.ebuild,
925 -hardened-sources-2.4.24-r3.ebuild:
926 Version bump for the CAN-2004-0394 issue and bug #53804
927 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
928
929
930 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
931 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
932 Masked hardened-sources-2.4.26.ebuild broken for ppc
933
934 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
935 hardened-sources-2.4.24-r3.ebuild:
936 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
937
938 *hardened-sources-2.4.26 (29 May 2004)
939
940 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
941 +hardened-sources-2.4.26.ebuild:
942 Updated hardened-sources for the 2.4.26 kernel
943 Removed broken components, updated almost everything.
944
945 *hardened-sources-2.4.24-r3 (17 Apr 2004)
946
947 17 Apr 2004; <plasmaroo@gentoo.org>
948 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
949 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
950 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
951 +hardened-sources-2.4.24-r3.ebuild:
952 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
953 vulnerabilities. Old revisions removed.
954
955 *hardened-sources-2.4.24-r2 (15 Apr 2004)
956
957 15 Apr 2004; <plasmaroo@gentoo.org>
958 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
959 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
960 Version bump for the CAN-2004-0109 issue; bug #47881.
961
962 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
963 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
964 Add eutils to inherit.
965
966 *hardened-sources-2.4.24-r1 (19 Feb 2004)
967
968 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
969 files/hardened-sources-2.4.24.munmap.patch:
970 Added the patch for the mremap/munmap vulnerability. Bug #42024.
971
972 *hardened-sources-2.4.24 (06 Feb 2004)
973
974 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
975 hardened-sources-2.4.24.ebuild:
976 Version bump, updated most of the components.
977 This release includes the following:
978
979 - Hardened security
980 - Netfilter patch-o-matic 20031219
981 - FreeSWAN 2.04 & x509 1.4.8
982 - EVMS 2.2.2
983 - XFS 1.3.1
984 - cryptoloop jari
985 - grsecurity 2.0-rc4
986 - SELinux
987 - PaX 200402060000
988 - PaX Obscurity 200308302223
989 - Others...
990
991 Neither -ck nor systrace are included anymore.
992
993 *hardened-sources-2.4.22-r2 (05 Jan 2004)
994
995 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
996 hardened-sources-2.4.22-r2.ebuild:
997 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
998
999 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1000
1001 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1002 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1003
1004 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1005 hardened-sources-2.4.22-r1.ebuild:
1006 Version bump for the 'do_brk' vulnerability.
1007
1008 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1009 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1010 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1011 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1012 Fix the 'do_brk' vulnerability.
1013
1014 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1015 hardened-sources-2.4.22.ebuild:
1016 - Removed the src_install() portion for SELinux flask
1017 components. These are no longer handled in the kernel
1018 so this code was not necessary.
1019
1020 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1021 New 2.4.22 based hardened-sources thanks to
1022 Phil West <p.west@computer.org>.
1023
1024 These sources include:
1025 - New SELinux API
1026 - Updated CK-base
1027 - Updated GRSec
1028 - Systrace
1029 - SuperFreeS/WAN 1.99.8
1030 - Propolice kernel build support
1031 - EVMS
1032 - Other various security related patches
1033
1034 *hardened-sources-2.4.21 (14 Sep 2003)
1035
1036 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1037 Updated hardened-sources based on the 2.4.21 Linux kernel.
1038 This includes updates to most major components such as:
1039 - ck-base-0306300059
1040 - selinux-2.4-2003071106
1041 - grsecurity-2.0-rc1
1042 - Updated IPTables patch-o-matic
1043 - Updated SuperFreeS/WAN
1044
1045 Thanks to Phil West <pwest@computer.org> for his work in getting this
1046 updated patch set ready for the 2.4.21 based kernel.
1047
1048 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1049 Initial import of hardened-sources-2.4.20-r4. This revision
1050 includes only a few changes, but one of these is an important
1051 security fix. It is recommended all users of hardened-sources
1052 upgrade to this release.
1053
1054 - ioperm bug fix
1055 - fixed compilation failure when building without GRSec
1056
1057 SAL (Secure Auditing for Linux) is NOT included in this revision
1058 due to time constraints, but is planned for inclusion in the near
1059 future.
1060
1061 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1062
1063 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1064 hardened-sources-2.4.20-r3.ebuild:
1065 Add Header...
1066
1067 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1068 hardened-sources-2.4.20-r3.ebuild:
1069 Removed warnings from ebuild. This kernel should be safe to
1070 use at this point.
1071
1072 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1073
1074 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1075 hardened-sources-2.4.20-r3.ebuild:
1076 New revision. Includes the following changes over -r2:
1077
1078 - ck7-base (O(1), preempt, low latency)
1079 - Super FreeS/WAN 1.99.7rc2
1080 - PaX for the LSM/SELinux branch
1081 - GRSecurity 2.0-pre4 (role based access control)
1082 - Systrace 1.3
1083 - EXT3 fixes
1084 - EVMS 2.0.1
1085 - GCC 3.1+ compile optimizations
1086 - ProPolice kernel build support
1087 - Hashing table security fixes
1088
1089 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1090
1091 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1092 Initial import of hardened-sources-r2. This new
1093 ebuild includes many new performance and security
1094 related patches. As in -r1, it will patch in
1095 LSM/SELinux if "selinux" is in USE, otherwise it
1096 will patch in GRSecurity. The following patches
1097 are included in this revision:
1098
1099 - O(1) Scheduler, Low Latency, and Preempt
1100 (pulled from the base CK patch)
1101 - ptrace exploit patch for the LSM kernel
1102 (the GRSec patch already fixes this)
1103 - LSM 2.4-2003040709
1104 - SELinux 2.4-2003040709
1105 - Systrace v1.2
1106 - IPTables patch-o-matic base patches - 20030107
1107 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1108 - Super FreeS/WAN 1.99.6.1
1109 - GRSecurity 1.9.9g
1110 - MPPE
1111 - EXT3 data journal fix
1112 - CIPE 1.5.4
1113
1114 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1115 hardened-sources-2.4.20-r1.ebuild, manifest:
1116 Updated to install flask components correctly for selinux.
1117
1118 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1119 hardened-sources-2.4.20-r1.ebuild:
1120 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1121 is patched in instead. Ptrace patches for selinux have also been added. In
1122 either case, systrace support will be patched in as well.
1123
1124 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1125 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1126 Revision bump for new sources.
1127
1128 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1129 hardened-sources-2.4.20-r1.ebuild:
1130 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1131
1132 *hardened-sources-2.4.20 (30 Mar 2003)
1133
1134 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1135 hardened-sources-2.4.20.ebuild:
1136 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20