/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.180 - (show annotations) (download)
Sat Sep 1 12:10:05 2007 UTC (7 years, 5 months ago) by phreak
Branch: MAIN
Changes since 1.179: +4 -1 lines
Updating the metadata.xml.
(Portage version: 2.1.3.7)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.179 2007/09/01 12:06:55 phreak Exp $
4
5 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
6 Updating the metadata.xml.
7
8 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
9 Removing tocharian from metadata due to his retirement (see #71718 for
10 reference).
11
12 *hardened-sources-2.6.20-r9 (30 Aug 2007)
13
14 30 Aug 2007; Christian Heim <phreak@gentoo.org>
15 +hardened-sources-2.6.20-r9.ebuild:
16 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
17
18 29 Aug 2007; Christian Heim <phreak@gentoo.org>
19 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
20 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
21 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
22 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
23 -hardened-sources-2.6.22-r2.ebuild:
24 Removing some redundant versions.
25
26 *hardened-sources-2.4.35-r1 (29 Aug 2007)
27
28 29 Aug 2007; Christian Heim <phreak@gentoo.org>
29 +hardened-sources-2.4.35-r1.ebuild:
30 Revision bump, new grsecurity patch.
31
32 *hardened-sources-2.6.20-r8 (26 Aug 2007)
33
34 26 Aug 2007; Christian Heim <phreak@gentoo.org>
35 +hardened-sources-2.6.20-r8.ebuild:
36 Revision bump for Linux 2.6.20.17.
37
38 *hardened-sources-2.6.22-r3 (22 Aug 2007)
39
40 22 Aug 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.22-r3.ebuild:
42 Revision bump for Linux 2.6.22.4.
43
44 16 Aug 2007; Christian Heim <phreak@gentoo.org>
45 hardened-sources-2.6.22-r2.ebuild:
46 Updated patchset, to fix the alignment against 2.6.22.3.
47
48 *hardened-sources-2.6.22-r2 (16 Aug 2007)
49
50 16 Aug 2007; Christian Heim <phreak@gentoo.org>
51 +hardened-sources-2.6.22-r2.ebuild:
52 Revision bump for Linux 2.6.22.3.
53
54 *hardened-sources-2.4.35 (16 Aug 2007)
55
56 16 Aug 2007; Christian Heim <phreak@gentoo.org>
57 +hardened-sources-2.4.35.ebuild:
58 Version bump, initial version for Linux 2.4.35.
59
60 *hardened-sources-2.6.21-r4 (16 Aug 2007)
61
62 16 Aug 2007; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.6.21-r4.ebuild:
64 Revision bump for Linux 2.6.21.6.
65
66 *hardened-sources-2.6.20-r7 (16 Aug 2007)
67
68 16 Aug 2007; Christian Heim <phreak@gentoo.org>
69 +hardened-sources-2.6.20-r7.ebuild:
70 Revision bump for Linux 2.6.20.16.
71
72 *hardened-sources-2.6.22-r1 (13 Aug 2007)
73
74 13 Aug 2007; Christian Heim <phreak@gentoo.org>
75 +hardened-sources-2.6.22-r1.ebuild:
76 Yet another revision bump.
77
78 *hardened-sources-2.6.22 (10 Aug 2007)
79
80 10 Aug 2007; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.22.ebuild:
82 Initial release for 2.6.22. If you are using hardened-sources on a desktop
83 machine (P4 or newer), be aware you might need to disable
84 CONFIG_PAX_PAGEEXEC.
85
86 04 Aug 2007; Christian Heim <phreak@gentoo.org>
87 hardened-sources-2.6.20-r6.ebuild:
88 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
89 2.6.20.15.
90
91 10 Jul 2007; Christian Heim <phreak@gentoo.org>
92 hardened-sources-2.6.20-r5.ebuild:
93 Marking hardened-sources-2.6.20-r5 stable on ppc.
94
95 10 Jul 2007; Christian Heim <phreak@gentoo.org>
96 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
97 Cleanup.
98
99 *hardened-sources-2.6.20-r6 (08 Jul 2007)
100
101 08 Jul 2007; Christian Heim <phreak@gentoo.org>
102 +hardened-sources-2.6.20-r6.ebuild:
103 Revision bump, grabbing yet another stable release.
104
105 17 Jun 2007; Christian Heim <phreak@gentoo.org>
106 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
107 -hardened-sources-2.6.21-r2.ebuild:
108 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
109 alpha stable KEYWORD by mistake.
110
111 17 Jun 2007; Christian Heim <phreak@gentoo.org>
112 hardened-sources-2.6.20-r5.ebuild:
113 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
114 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
115
116 *hardened-sources-2.6.21-r3 (12 Jun 2007)
117
118 12 Jun 2007; Christian Heim <phreak@gentoo.org>
119 +hardened-sources-2.6.21-r3.ebuild:
120 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
121 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
122 love.
123
124 *hardened-sources-2.6.20-r5 (11 Jun 2007)
125
126 11 Jun 2007; Christian Heim <phreak@gentoo.org>
127 +hardened-sources-2.6.20-r5.ebuild:
128 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
129 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
130 love.
131
132 *hardened-sources-2.4.34.5 (11 Jun 2007)
133
134 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
135 +hardened-sources-2.4.34.5.ebuild:
136 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
137
138 30 May 2007; Christian Heim <phreak@gentoo.org>
139 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
140 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
141 stale ebuild(s).
142
143 30 May 2007; Christian Heim <phreak@gentoo.org>
144 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
145 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
146 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
147 Doing some cleanups, remove stale ebuilds.
148
149 26 May 2007; Christian Heim <phreak@gentoo.org>
150 hardened-sources-2.6.21-r2.ebuild:
151 Fixing the grsecurity patch, had one '};' too much.
152
153 *hardened-sources-2.6.21-r2 (26 May 2007)
154
155 26 May 2007; Christian Heim <phreak@gentoo.org>
156 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
157 +hardened-sources-2.6.21-r2.ebuild:
158 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
159 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
160
161 *hardened-sources-2.6.20-r4 (26 May 2007)
162
163 26 May 2007; Christian Heim <phreak@gentoo.org>
164 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
165 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
166 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
167
168 15 May 2007; Christian Heim <phreak@gentoo.org>
169 hardened-sources-2.6.20-r3.ebuild:
170 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
171 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
172 grsecurity patch fail in that exact same hunk.
173
174 *hardened-sources-2.6.20-r3 (15 May 2007)
175
176 15 May 2007; Christian Heim <phreak@gentoo.org>
177 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
178 Revision bump, incorporating Linux 2.6.20.11.
179
180 *hardened-sources-2.6.21-r1 (11 May 2007)
181
182 11 May 2007; Christian Heim <phreak@gentoo.org>
183 +hardened-sources-2.6.21-r1.ebuild:
184 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
185 mentioned in #177234.
186
187 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
188 files/digest-hardened-sources-2.6.21, Manifest:
189 Fix Manifest/digest for linux-2.6.21.tar.bz2
190
191 06 May 2007; Christian Heim <phreak@gentoo.org>
192 hardened-sources-2.6.21.ebuild:
193 Bumping the hardened-patches version, needed for the fix for #177234.
194
195 *hardened-sources-2.6.21 (02 May 2007)
196
197 02 May 2007; Christian Heim <phreak@gentoo.org>
198 +hardened-sources-2.6.21.ebuild:
199 Version bump, Linux 2.6.21-hardened.
200
201 29 Apr 2007; Christian Heim <phreak@gentoo.org>
202 hardened-sources-2.6.20-r2.ebuild:
203 Adding ~ia64 on Ned's request.
204
205 29 Apr 2007; Christian Heim <phreak@gentoo.org>
206 hardened-sources-2.6.20-r2.ebuild:
207 Fixing the included grsecurity patch, wasn't alligning due to the Index:
208 header line(s).
209
210 29 Apr 2007; Christian Heim <phreak@gentoo.org>
211 hardened-sources-2.6.20-r2.ebuild:
212 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
213
214 *hardened-sources-2.6.20-r2 (10 Apr 2007)
215
216 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
217 +hardened-sources-2.6.20-r2.ebuild:
218 Version bump, on behalf of phreak
219
220 *hardened-sources-2.6.20-r1 (04 Apr 2007)
221
222 04 Apr 2007; Christian Heim <phreak@gentoo.org>
223 +hardened-sources-2.6.20-r1.ebuild:
224 Revision bump, grabbing a newer grsecurity snapshot.
225
226 *hardened-sources-2.6.20 (25 Mar 2007)
227
228 25 Mar 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.20.ebuild:
230 Finally a hardened-sources version for 2.6.20; many people have been waiting
231 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
232 testbox.
233
234 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
235 hardened-sources-2.6.18-r6.ebuild:
236 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
237
238 *hardened-sources-2.6.18-r6 (16 Mar 2007)
239
240 16 Mar 2007; Christian Heim <phreak@gentoo.org>
241 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
242 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
243 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
244 supposed to be.
245
246 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
247 Fixing the Manifest, the previous one was broken (as in still had the
248 deleted ebuild in it).
249
250 06 Mar 2007; Christian Heim <phreak@gentoo.org>
251 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
252 +hardened-sources-2.6.18-r5.ebuild:
253 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
254 Linux 2.6.18.8. Also cleaning up the older version.
255
256 *hardened-sources-2.6.18-r5 (06 Mar 2007)
257
258 06 Mar 2007; Christian Heim <phreak@gentoo.org>
259 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
260 +hardened-sources-2.6.18-r5.ebuild:
261 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
262 Linux 2.6.18.8. Also cleaning up the older version.
263
264 24 Feb 2007; Christian Heim <phreak@gentoo.org>
265 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
266 -hardened-sources-2.6.19-r5.ebuild:
267 Removing some of the old version, that didn't work.
268
269 *hardened-sources-2.6.19-r6 (12 Feb 2007)
270
271 12 Feb 2007; Christian Heim <phreak@gentoo.org>
272 +hardened-sources-2.6.19-r6.ebuild:
273 Revision bump, including a new grsec version fixing #166235.
274
275 *hardened-sources-2.4.34 (24 Jan 2007)
276
277 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
278 Manifest:
279 updating Manifest with checksums of new tarball and ebuild
280
281 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
282 +hardened-sources-2.4.34.ebuild:
283 I added new hardened sources 2.4 update, this is a critical path
284 security bugfix - all users of h-s are strongly advised
285 to update their existing hardened sources to this version.
286 It contains a fix for a kernel vulnerability that is pertaining
287 to the PaX changes to virtual memory management, possibly leading
288 to a local kernel exploit ... see grsecurity.net forums and homepage
289
290 23 Jan 2007; Christian Heim <phreak@gentoo.org>
291 files/digest-hardened-sources-2.6.19-r5, Manifest:
292 Fixing the patch-tarball digest.
293
294 *hardened-sources-2.6.19-r5 (23 Jan 2007)
295
296 23 Jan 2007; Christian Heim <phreak@gentoo.org>
297 +hardened-sources-2.6.19-r5.ebuild:
298 Revision bump, closing the recently discovered PaX expand_stack()
299 vulnerability.
300
301 *hardened-sources-2.6.19-r4 (14 Jan 2007)
302
303 14 Jan 2007; Christian Heim <phreak@gentoo.org>
304 +hardened-sources-2.6.19-r4.ebuild:
305 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
306 dropping the randomized PID feature.
307
308 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
309 hardened-sources-2.4.33.4.ebuild:
310 stable x86, bug #161171
311
312 *hardened-sources-2.6.19-r3 (27 Dec 2006)
313
314 27 Dec 2006; Christian Heim <phreak@gentoo.org>
315 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
316 Revision bump for bug #157186 and #158786.
317
318 *hardened-sources-2.6.18-r4 (27 Dec 2006)
319
320 27 Dec 2006; Christian Heim <phreak@gentoo.org>
321 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
322 Revision bump for bug #157186.
323
324 *hardened-sources-2.6.19-r2 (23 Dec 2006)
325
326 23 Dec 2006; Christian Heim <phreak@gentoo.org>
327 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
328 Revision bump to pull in genpatches-2.6.19-3 for #157186.
329
330 17 Dec 2006; Christian Heim <phreak@gentoo.org>
331 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
332 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
333 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
334 hardened-sources-2.6.19-r1.ebuild:
335 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
336 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
337
338 *hardened-sources-2.4.33.4 (17 Dec 2006)
339
340 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
341 +hardened-sources-2.4.33.4.ebuild:
342 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
343 and quilting
344
345 *hardened-sources-2.6.19-r1 (14 Dec 2006)
346
347 14 Dec 2006; Christian Heim <phreak@gentoo.org>
348 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
349 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
350 for reporting).
351
352 *hardened-sources-2.6.19 (13 Dec 2006)
353
354 13 Dec 2006; Christian Heim <phreak@gentoo.org>
355 +hardened-sources-2.6.19.ebuild:
356 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
357 Brad for providing that prompt update.
358
359 *hardened-sources-2.6.18-r3 (13 Dec 2006)
360
361 13 Dec 2006; Christian Heim <phreak@gentoo.org>
362 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
363 +hardened-sources-2.6.18-r3.ebuild:
364 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
365 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
366
367 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
368 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
369
370 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
371 Stable on ppc wrt bug 157356
372
373 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
374 hardened-sources-2.6.18.ebuild:
375 stable x86, bug #157356
376
377 *hardened-sources-2.6.18-r2 (06 Dec 2006)
378
379 06 Dec 2006; Christian Heim <phreak@gentoo.org>
380 +hardened-sources-2.6.18-r2.ebuild:
381 Revision bump, including 2.6.18.5 (via genpatches) and
382 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
383 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
384 redesign.
385
386 06 Dec 2006; Christian Heim <phreak@gentoo.org>
387 hardened-sources-2.6.18.ebuild:
388 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
389 of Mike Doty).
390
391 *hardened-sources-2.6.18-r1 (23 Nov 2006)
392
393 23 Nov 2006; Christian Heim <phreak@gentoo.org>
394 +hardened-sources-2.6.18-r1.ebuild:
395 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
396
397 *hardened-sources-2.6.18 (11 Nov 2006)
398
399 11 Nov 2006; Christian Heim <phreak@gentoo.org>
400 +hardened-sources-2.6.18.ebuild:
401 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
402
403 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
404 - mark amd64 stable also. bug #151877
405
406 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
407 - mark 2.6.17-r1 stable
408
409 27 Aug 2006; Christian Heim <phreak@gentoo.org>
410 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
411 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
412
413 *hardened-sources-2.6.17-r1 (26 Aug 2006)
414
415 26 Aug 2006; Christian Heim <phreak@gentoo.org>
416 +hardened-sources-2.6.17-r1.ebuild:
417 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
418 grsecurity patch.
419
420 *hardened-sources-2.6.17 (17 Aug 2006)
421
422 17 Aug 2006; Christian Heim <phreak@gentoo.org>
423 +hardened-sources-2.6.17.ebuild:
424 Bumping the hardened-sources-2.6 series to 2.6.17, using
425 genpatches-2.6.17-6.base.
426
427 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
428 - stable on x86 and amd64
429
430 *hardened-sources-2.6.16-r11 (15 Jul 2006)
431
432 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
433 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
434 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
435 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
436 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
437 crusty ebuilds
438
439 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
440 hardened-sources-2.6.16-r10.ebuild:
441 marking stable on x86 and amd64
442
443 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
444 - 2.4.32-r6 stable on x86. RSBAC state unknown
445
446 *hardened-sources-2.4.32-r7 (10 Jul 2006)
447
448 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
449 +hardened-sources-2.4.32-r7.ebuild:
450 Bump PaX for RSBAC to test-17
451
452 *hardened-sources-2.6.16-r9 (03 Jul 2006)
453
454 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
455 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
456 hardened-sources-2.6.16 bump to latest -base.
457
458 *hardened-sources-2.4.32-r6 (30 Jun 2006)
459
460 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
461 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
462 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
463 sysctl controlable resource logging
464
465 *hardened-sources-2.6.16-r7 (05 Jun 2006)
466
467 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
468 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
469 push new 2.6.16 release in preparation for stable
470
471 22 May 2006; <solar@gentoo.org> :
472 - redigest bug 134002
473
474 *hardened-sources-2.4.32-r5 (16 May 2006)
475
476 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
477 +hardened-sources-2.4.32-r5.ebuild:
478 Fixes rsbac common patching (new patch in new -r5 patchset)
479
480 *hardened-sources-2.4.32-r4 (13 May 2006)
481
482 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
483 +hardened-sources-2.4.32-r4.ebuild:
484 - security bumps
485
486 *hardened-sources-2.6.16-r6 (03 May 2006)
487
488 03 May 2006; John Mylchreest <johnm@gentoo.org>
489 +hardened-sources-2.6.16-r6.ebuild:
490 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
491
492 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
493 hardened-sources-2.6.14-r8.ebuild:
494 fix x86_64 build problem, this will delay the digest issue again for a short
495 while but it will sort itself out
496
497 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
498 hardened-sources-2.6.14-r8.ebuild:
499 bump hardened patchset
500
501 27 Apr 2006; Alec Warner <antarus@gentoo.org>
502 files/digest-hardened-sources-2.4.32-r2,
503 files/digest-hardened-sources-2.4.32-r3,
504 files/digest-hardened-sources-2.6.14-r8, Manifest:
505 Fixing duff SHA256 digests: Bug # 131293
506
507 *hardened-sources-2.6.16-r5 (27 Apr 2006)
508
509 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
510 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
511 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
512 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
513 cleanup of old uneccessary sources
514
515 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
516 fix digest
517
518 *hardened-sources-2.6.14-r8 (20 Apr 2006)
519
520 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
521 +hardened-sources-2.6.14-r8.ebuild:
522 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
523
524 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
525 Turning on gpg-signing again, and recomitting
526
527 *hardened-sources-2.6.16-r4 (20 Apr 2006)
528
529 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
530 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
531 +hardened-sources-2.6.16-r4.ebuild:
532 Fix numerous security vulns
533
534 *hardened-sources-2.4.32-r3 (16 Apr 2006)
535
536 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
537 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
538 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
539 - security bump for bug #112791. Removed old ebuilds
540
541 *hardened-sources-2.6.16-r3 (15 Apr 2006)
542
543 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
544 +hardened-sources-2.6.16-r3.ebuild:
545 Removing silly localversion which I missed
546
547 *hardened-sources-2.6.14-r7 (14 Apr 2006)
548
549 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
550 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
551 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
552
553 *hardened-sources-2.6.16-r2 (13 Apr 2006)
554
555 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
556 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
557 +hardened-sources-2.6.16-r2.ebuild:
558 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
559 labels, dropping USERGROUP define fixes, since these were merged mainstream.
560
561 *hardened-sources-2.6.16-r1 (11 Apr 2006)
562
563 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
564 +hardened-sources-2.6.16-r1.ebuild:
565 Bumping to include ppc build fix and 2.6.16.3
566
567 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
568 hardened-sources-2.6.14-r6.ebuild:
569 Stable on x86; bug #127718
570
571 *hardened-sources-2.6.16 (31 Mar 2006)
572
573 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
574 +hardened-sources-2.6.16.ebuild:
575 Bumping to new version of grsec, and kernel base. New squashfs. Based on
576 2.6.16.1
577
578 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
579 hardened-sources-2.6.14-r6.ebuild:
580 Stable on amd64, bug 127718.
581
582 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
583 Stable on ppc. Bug #127718
584
585 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
586 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
587 -hardened-sources-2.6.14-r4.ebuild:
588 Cleanup.
589
590 *hardened-sources-2.6.14-r6 (15 Mar 2006)
591
592 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
593 +hardened-sources-2.6.14-r6.ebuild:
594 Fixes grsec policy recreation bug and adds a
595 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
596
597 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
598 - stable on x86
599
600 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
601 hardened-sources-2.6.14-r5.ebuild:
602 Stable on ppc.
603
604 *hardened-sources-2.6.14-r5 (01 Feb 2006)
605
606 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
607 +hardened-sources-2.6.14-r5.ebuild:
608 fixing every known exploit
609
610 *hardened-sources-2.4.32-r2 (26 Jan 2006)
611
612 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
613 +hardened-sources-2.4.32-r2.ebuild:
614 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
615
616 *hardened-sources-2.6.14-r4 (12 Jan 2006)
617
618 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
619 - version bump for new genpatches which fix up a few sec holes
620
621 *hardened-sources-2.4.32-r1 (05 Jan 2006)
622
623 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
624 - revision bump to add misc vital linux kernel security patches.
625
626 *hardened-sources-2.6.14-r3 (30 Dec 2005)
627
628 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
629 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
630 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
631
632 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
633 hardened-sources-2.6.14-r2.ebuild:
634 making x86 & amd64 stable following testing.
635
636 *hardened-sources-2.6.14-r2 (27 Dec 2005)
637
638 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
639 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
640 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
641 network hooks.
642
643 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
644 hardened-sources-2.6.14-r1.ebuild:
645 bumping to stable early for sec fix on x86 & amd64
646
647 *hardened-sources-2.6.14-r1 (05 Dec 2005)
648
649 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
650 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
651 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
652
653 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
654 - stable on x86 security bug #114227 CAN-2005-3257
655
656 *hardened-sources-2.4.32 (19 Nov 2005)
657
658 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
659 +hardened-sources-2.4.32.ebuild:
660 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
661 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
662 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
663 rsbac >> /etc/portage/package.use)
664
665 *hardened-sources-2.6.14 (14 Nov 2005)
666
667 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
668 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
669 Bumping 2.6 series to 2.6.14.2
670
671 *hardened-sources-2.6.13-r2 (20 Oct 2005)
672
673 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
674 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
675 +hardened-sources-2.6.13-r2.ebuild:
676 Fixes minor build error in ppc.
677
678 *hardened-sources-2.6.13-r1 (17 Oct 2005)
679
680 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
681 +hardened-sources-2.6.13-r1.ebuild:
682 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
683 2.6.13.4, fixes some major amd64 stability problems.
684
685 *hardened-sources-2.6.13 (16 Sep 2005)
686
687 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
688 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
689 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
690 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
691 users should test this thoroughly.
692
693 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
694 - stable on x86
695
696 *hardened-sources-2.6.11-r15 (27 Jun 2005)
697
698 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
699 +hardened-sources-2.6.11-r15.ebuild:
700 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
701 grsec redefining curr_ip struct.
702
703 *hardened-sources-2.4.31 (20 Jun 2005)
704
705 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
706 initial import of 2.4.31 tree
707
708 *hardened-sources-2.6.11-r14 (14 Jun 2005)
709
710 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
711 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
712 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
713 naming scheme to abide by genpatches
714
715 *hardened-sources-2.6.11-r13 (18 May 2005)
716
717 18 May 2005; John Mylchreest <johnm@gentoo.org>
718 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
719 Managed to mangle the Makefile patch from grsec, to miss out the grsec
720 target. sorry about that. Fixes bug #93022
721
722 *hardened-sources-2.6.11-r12 (17 May 2005)
723
724 17 May 2005; John Mylchreest <johnm@gentoo.org>
725 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
726 +hardened-sources-2.6.11-r12.ebuild:
727 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
728 merges in genpatches-base
729
730 *hardened-sources-2.6.11-r12 (17 May 2005)
731
732 17 May 2005; John Mylchreest <johnm@gentoo.org>
733 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
734 +hardened-sources-2.6.11-r12.ebuild:
735 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
736 merges in genpatches-base
737
738 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
739 -files/2.4.27-cmdline-race.patch,
740 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
741 -files/2.4.28-grsec-binfmt_a.out.patch,
742 -files/2.4.28-grsec-cmdline-race.patch,
743 -files/2.4.28-selinux-binfmt_a.out.patch,
744 -files/2.4.28-selinux-cmdline-race.patch,
745 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
746 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
747 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
748 cleanup..
749
750 *hardened-sources-2.4.30-r1 (21 Apr 2005)
751
752 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
753 - disable aout by default
754
755 *hardened-sources-2.4.30 (18 Apr 2005)
756
757 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
758 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
759 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
760 use
761
762 *hardened-sources-2.4.29 (30 Mar 2005)
763
764 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
765 +hardened-sources-2.4.29.ebuild:
766 New hardened-patches-2.4-29.0 patchball.
767 Removed SELinux support, upgraded GRSecurity to 2.1.4.
768
769 *hardened-sources-2.4.28-r5 (06 Mar 2005)
770
771 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
772 +hardened-sources-2.4.28-r5.ebuild:
773 Added a fix for a PaX vulnerability.
774
775 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
776 hardened-sources-2.4.28-r4.ebuild:
777 Stable on x86
778
779 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
780 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
781 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
782 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
783 - fixed/added RDEPEND= in all kernel-2 ebuilds
784
785 *hardened-sources-2.4.28-r4 (21 Jan 2005)
786
787 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
788 +hardened-sources-2.4.28-r4.ebuild:
789 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
790 backport of neighbour hash updates.
791
792 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
793 hardened-sources-2.4.28-r3.ebuild:
794 Stable on x86
795
796 *hardened-sources-2.6.10-r3 (20 Jan 2005)
797
798 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
799 +hardened-sources-2.6.10-r3.ebuild:
800 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
801 in 2005.0
802
803 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
804 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
805 hardened-sources-2.4.28-r2.ebuild:
806 Mark stable on x86
807
808 *hardened-sources-2.4.28-r3 (17 Jan 2005)
809
810 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
811 +hardened-sources-2.4.28-r3.ebuild:
812 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
813
814 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
815 hardened-sources-2.4.28.ebuild:
816 Mark stable on x86.
817
818 *hardened-sources-2.4.28-r2 (13 Jan 2005)
819
820 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
821 +hardened-sources-2.4.28-r2.ebuild:
822 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
823 Mazinger for grsecurity patches as well.
824
825 *hardened-sources-2.4.28-r1 (23 Dec 2004)
826
827 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
828 Security bump. Thank tocharian for rolling a new patchset...
829
830 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
831 +files/2.4.28-grsec-cmdline-race.patch,
832 +files/2.4.28-selinux-binfmt_a.out.patch,
833 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
834 - Round up remaining security patches that appear to be missing in 2.4.28. -
835 PaX standalone updated to current. hgpv=28.1
836
837 *hardened-sources-2.4.28 (28 Nov 2004)
838
839 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
840 security bump. Thank tocharian for rolling a new patchset
841
842 *hardened-sources-2.4.27-r3 (08 Sep 2004)
843
844 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
845 +hardened-sources-2.4.27-r3.ebuild:
846 Applies the new 2.4-27.2 patchball which updates
847 GRSecurity to the 2.0.1 version.
848
849 *hardened-sources-2.4.27-r2 (31 Aug 2004)
850
851 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
852 +hardened-sources-2.4.27-r2.ebuild:
853 Version bump.
854 This version uses the new 2.4-27.1 patchball which updates
855 both the SELinux PaX hooks patch and the SELinux headers.
856
857 *hardened-sources-2.4.27-r1 (09 Aug 2004)
858
859 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
860 +hardened-sources-2.4.27-r1.ebuild,
861 -hardened-sources-2.4.27.ebuild,
862 +files/2.4.27-cmdline-race.patch:
863 Version bump, fix for cmdline race. See bug #59905.
864
865 *hardened-sources-2.4.26-r6 (09 Aug 2004)
866
867 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
868 +hardened-sources-2.4.26-r6.ebuild,
869 -hardened-sources-2.4.26-r5.ebuild,
870 -hardened-sources-2.4.26-r4.ebuild,
871 +files/2.4.26-cmdline-race.patch:
872 Version bump, fix for cmdline race. See bug #59905.
873
874 *hardened-sources-2.4.27 (08 Aug 2004)
875
876 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
877 +hardened-sources-2.4.27.ebuild,
878 +files/2.4.27-CAN-2004-0394.patch:
879 Ported the patchball to the 2.4.27 kernel version.
880
881 *hardened-sources-2.4.26-r5 (07 Aug 2004)
882
883 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
884 +hardened-sources-2.4.26-r5.ebuild:
885 Updated to use the new hardened-patches-2.4-26.1 patchball.
886 It adds the following features:
887 - Squashfs
888 - Ebtables
889 - Netdev random (core+drivers)
890 - Watchdog Timer (WDT) fix.
891
892 *hardened-sources-2.4.26-r4 (04 Aug 2004)
893
894 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
895 +hardened-sources-2.4.26-r4.ebuild,
896 +files/2.4.26-CAN-2004-0415.patch,
897 -hardened-sources-2.4.26-3:
898 Version bump, fix for CAN 0415, see bug #59378.
899
900 *hardened-sources-2.4.26-r3 (22 Jul 2004)
901
902 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
903 +hardened-sources-2.4.26-r3.ebuild,
904 +files/2.4.26-CAN-2004-0497.patch,
905 -hardened-sources-2.4.26-r2.ebuild:
906 Version bump, fixed CAN 0497, see bug #56171.
907
908 *hardened-sources-2.4.26-r2 (29 Jun 2004)
909
910 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
911 +hardened-sources-2.4.26-r2.ebuild,
912 +files/2.4.26-CAN-2004-0495.patch,
913 +files/2.4.26-CAN-2004-0535.patch,
914 -hardened-sources-2.4.26-r1.ebuild:
915 Fixes for both CAN 0495 and 0535, see bug #54976
916
917 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
918 hardened-sources-2.4.26-r1.ebuild:
919 QA - fix use invocation
920
921 *hardened-sources-2.4.26-r1 (22 June 2004)
922
923 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
924 +hardened-sources-2.4.26-r1.ebuild,
925 +files/2.4.26-CAN-2004-0394.patch,
926 +files/2.4.26-signal-race.patch,
927 -hardened-sources-2.4.26.ebuild,
928 -hardened-sources-2.4.24-r3.ebuild:
929 Version bump for the CAN-2004-0394 issue and bug #53804
930 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
931
932
933 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
934 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
935 Masked hardened-sources-2.4.26.ebuild broken for ppc
936
937 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
938 hardened-sources-2.4.24-r3.ebuild:
939 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
940
941 *hardened-sources-2.4.26 (29 May 2004)
942
943 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
944 +hardened-sources-2.4.26.ebuild:
945 Updated hardened-sources for the 2.4.26 kernel
946 Removed broken components, updated almost everything.
947
948 *hardened-sources-2.4.24-r3 (17 Apr 2004)
949
950 17 Apr 2004; <plasmaroo@gentoo.org>
951 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
952 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
953 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
954 +hardened-sources-2.4.24-r3.ebuild:
955 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
956 vulnerabilities. Old revisions removed.
957
958 *hardened-sources-2.4.24-r2 (15 Apr 2004)
959
960 15 Apr 2004; <plasmaroo@gentoo.org>
961 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
962 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
963 Version bump for the CAN-2004-0109 issue; bug #47881.
964
965 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
966 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
967 Add eutils to inherit.
968
969 *hardened-sources-2.4.24-r1 (19 Feb 2004)
970
971 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
972 files/hardened-sources-2.4.24.munmap.patch:
973 Added the patch for the mremap/munmap vulnerability. Bug #42024.
974
975 *hardened-sources-2.4.24 (06 Feb 2004)
976
977 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
978 hardened-sources-2.4.24.ebuild:
979 Version bump, updated most of the components.
980 This release includes the following:
981
982 - Hardened security
983 - Netfilter patch-o-matic 20031219
984 - FreeSWAN 2.04 & x509 1.4.8
985 - EVMS 2.2.2
986 - XFS 1.3.1
987 - cryptoloop jari
988 - grsecurity 2.0-rc4
989 - SELinux
990 - PaX 200402060000
991 - PaX Obscurity 200308302223
992 - Others...
993
994 Neither -ck nor systrace are included anymore.
995
996 *hardened-sources-2.4.22-r2 (05 Jan 2004)
997
998 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
999 hardened-sources-2.4.22-r2.ebuild:
1000 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1001
1002 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1003
1004 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1005 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1006
1007 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1008 hardened-sources-2.4.22-r1.ebuild:
1009 Version bump for the 'do_brk' vulnerability.
1010
1011 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1012 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1013 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1014 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1015 Fix the 'do_brk' vulnerability.
1016
1017 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1018 hardened-sources-2.4.22.ebuild:
1019 - Removed the src_install() portion for SELinux flask
1020 components. These are no longer handled in the kernel
1021 so this code was not necessary.
1022
1023 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1024 New 2.4.22 based hardened-sources thanks to
1025 Phil West <p.west@computer.org>.
1026
1027 These sources include:
1028 - New SELinux API
1029 - Updated CK-base
1030 - Updated GRSec
1031 - Systrace
1032 - SuperFreeS/WAN 1.99.8
1033 - Propolice kernel build support
1034 - EVMS
1035 - Other various security related patches
1036
1037 *hardened-sources-2.4.21 (14 Sep 2003)
1038
1039 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1040 Updated hardened-sources based on the 2.4.21 Linux kernel.
1041 This includes updates to most major components such as:
1042 - ck-base-0306300059
1043 - selinux-2.4-2003071106
1044 - grsecurity-2.0-rc1
1045 - Updated IPTables patch-o-matic
1046 - Updated SuperFreeS/WAN
1047
1048 Thanks to Phil West <pwest@computer.org> for his work in getting this
1049 updated patch set ready for the 2.4.21 based kernel.
1050
1051 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1052 Initial import of hardened-sources-2.4.20-r4. This revision
1053 includes only a few changes, but one of these is an important
1054 security fix. It is recommended all users of hardened-sources
1055 upgrade to this release.
1056
1057 - ioperm bug fix
1058 - fixed compilation failure when building without GRSec
1059
1060 SAL (Secure Auditing for Linux) is NOT included in this revision
1061 due to time constraints, but is planned for inclusion in the near
1062 future.
1063
1064 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1065
1066 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1067 hardened-sources-2.4.20-r3.ebuild:
1068 Add Header...
1069
1070 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1071 hardened-sources-2.4.20-r3.ebuild:
1072 Removed warnings from ebuild. This kernel should be safe to
1073 use at this point.
1074
1075 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1076
1077 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1078 hardened-sources-2.4.20-r3.ebuild:
1079 New revision. Includes the following changes over -r2:
1080
1081 - ck7-base (O(1), preempt, low latency)
1082 - Super FreeS/WAN 1.99.7rc2
1083 - PaX for the LSM/SELinux branch
1084 - GRSecurity 2.0-pre4 (role based access control)
1085 - Systrace 1.3
1086 - EXT3 fixes
1087 - EVMS 2.0.1
1088 - GCC 3.1+ compile optimizations
1089 - ProPolice kernel build support
1090 - Hashing table security fixes
1091
1092 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1093
1094 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1095 Initial import of hardened-sources-r2. This new
1096 ebuild includes many new performance and security
1097 related patches. As in -r1, it will patch in
1098 LSM/SELinux if "selinux" is in USE, otherwise it
1099 will patch in GRSecurity. The following patches
1100 are included in this revision:
1101
1102 - O(1) Scheduler, Low Latency, and Preempt
1103 (pulled from the base CK patch)
1104 - ptrace exploit patch for the LSM kernel
1105 (the GRSec patch already fixes this)
1106 - LSM 2.4-2003040709
1107 - SELinux 2.4-2003040709
1108 - Systrace v1.2
1109 - IPTables patch-o-matic base patches - 20030107
1110 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1111 - Super FreeS/WAN 1.99.6.1
1112 - GRSecurity 1.9.9g
1113 - MPPE
1114 - EXT3 data journal fix
1115 - CIPE 1.5.4
1116
1117 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1118 hardened-sources-2.4.20-r1.ebuild, manifest:
1119 Updated to install flask components correctly for selinux.
1120
1121 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1122 hardened-sources-2.4.20-r1.ebuild:
1123 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1124 is patched in instead. Ptrace patches for selinux have also been added. In
1125 either case, systrace support will be patched in as well.
1126
1127 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1128 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1129 Revision bump for new sources.
1130
1131 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1132 hardened-sources-2.4.20-r1.ebuild:
1133 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1134
1135 *hardened-sources-2.4.20 (30 Mar 2003)
1136
1137 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1138 hardened-sources-2.4.20.ebuild:
1139 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20