/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.181 - (show annotations) (download)
Mon Sep 17 20:28:37 2007 UTC (7 years, 3 months ago) by phreak
Branch: MAIN
Changes since 1.180: +7 -1 lines
Revision bump, hopefully fixing all those weird PAX failures.
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.180 2007/09/01 12:10:05 phreak Exp $
4
5 *hardened-sources-2.6.22-r4 (17 Sep 2007)
6
7 17 Sep 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.22-r4.ebuild:
9 Revision bump, hopefully fixing all those weird PAX failures.
10
11 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
12 Updating the metadata.xml.
13
14 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
15 Removing tocharian from metadata due to his retirement (see #71718 for
16 reference).
17
18 *hardened-sources-2.6.20-r9 (30 Aug 2007)
19
20 30 Aug 2007; Christian Heim <phreak@gentoo.org>
21 +hardened-sources-2.6.20-r9.ebuild:
22 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
23
24 29 Aug 2007; Christian Heim <phreak@gentoo.org>
25 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
26 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
27 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
28 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
29 -hardened-sources-2.6.22-r2.ebuild:
30 Removing some redundant versions.
31
32 *hardened-sources-2.4.35-r1 (29 Aug 2007)
33
34 29 Aug 2007; Christian Heim <phreak@gentoo.org>
35 +hardened-sources-2.4.35-r1.ebuild:
36 Revision bump, new grsecurity patch.
37
38 *hardened-sources-2.6.20-r8 (26 Aug 2007)
39
40 26 Aug 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.20-r8.ebuild:
42 Revision bump for Linux 2.6.20.17.
43
44 *hardened-sources-2.6.22-r3 (22 Aug 2007)
45
46 22 Aug 2007; Christian Heim <phreak@gentoo.org>
47 +hardened-sources-2.6.22-r3.ebuild:
48 Revision bump for Linux 2.6.22.4.
49
50 16 Aug 2007; Christian Heim <phreak@gentoo.org>
51 hardened-sources-2.6.22-r2.ebuild:
52 Updated patchset, to fix the alignment against 2.6.22.3.
53
54 *hardened-sources-2.6.22-r2 (16 Aug 2007)
55
56 16 Aug 2007; Christian Heim <phreak@gentoo.org>
57 +hardened-sources-2.6.22-r2.ebuild:
58 Revision bump for Linux 2.6.22.3.
59
60 *hardened-sources-2.4.35 (16 Aug 2007)
61
62 16 Aug 2007; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.4.35.ebuild:
64 Version bump, initial version for Linux 2.4.35.
65
66 *hardened-sources-2.6.21-r4 (16 Aug 2007)
67
68 16 Aug 2007; Christian Heim <phreak@gentoo.org>
69 +hardened-sources-2.6.21-r4.ebuild:
70 Revision bump for Linux 2.6.21.6.
71
72 *hardened-sources-2.6.20-r7 (16 Aug 2007)
73
74 16 Aug 2007; Christian Heim <phreak@gentoo.org>
75 +hardened-sources-2.6.20-r7.ebuild:
76 Revision bump for Linux 2.6.20.16.
77
78 *hardened-sources-2.6.22-r1 (13 Aug 2007)
79
80 13 Aug 2007; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.22-r1.ebuild:
82 Yet another revision bump.
83
84 *hardened-sources-2.6.22 (10 Aug 2007)
85
86 10 Aug 2007; Christian Heim <phreak@gentoo.org>
87 +hardened-sources-2.6.22.ebuild:
88 Initial release for 2.6.22. If you are using hardened-sources on a desktop
89 machine (P4 or newer), be aware you might need to disable
90 CONFIG_PAX_PAGEEXEC.
91
92 04 Aug 2007; Christian Heim <phreak@gentoo.org>
93 hardened-sources-2.6.20-r6.ebuild:
94 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
95 2.6.20.15.
96
97 10 Jul 2007; Christian Heim <phreak@gentoo.org>
98 hardened-sources-2.6.20-r5.ebuild:
99 Marking hardened-sources-2.6.20-r5 stable on ppc.
100
101 10 Jul 2007; Christian Heim <phreak@gentoo.org>
102 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
103 Cleanup.
104
105 *hardened-sources-2.6.20-r6 (08 Jul 2007)
106
107 08 Jul 2007; Christian Heim <phreak@gentoo.org>
108 +hardened-sources-2.6.20-r6.ebuild:
109 Revision bump, grabbing yet another stable release.
110
111 17 Jun 2007; Christian Heim <phreak@gentoo.org>
112 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
113 -hardened-sources-2.6.21-r2.ebuild:
114 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
115 alpha stable KEYWORD by mistake.
116
117 17 Jun 2007; Christian Heim <phreak@gentoo.org>
118 hardened-sources-2.6.20-r5.ebuild:
119 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
120 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
121
122 *hardened-sources-2.6.21-r3 (12 Jun 2007)
123
124 12 Jun 2007; Christian Heim <phreak@gentoo.org>
125 +hardened-sources-2.6.21-r3.ebuild:
126 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
127 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
128 love.
129
130 *hardened-sources-2.6.20-r5 (11 Jun 2007)
131
132 11 Jun 2007; Christian Heim <phreak@gentoo.org>
133 +hardened-sources-2.6.20-r5.ebuild:
134 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
135 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
136 love.
137
138 *hardened-sources-2.4.34.5 (11 Jun 2007)
139
140 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
141 +hardened-sources-2.4.34.5.ebuild:
142 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
143
144 30 May 2007; Christian Heim <phreak@gentoo.org>
145 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
146 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
147 stale ebuild(s).
148
149 30 May 2007; Christian Heim <phreak@gentoo.org>
150 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
151 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
152 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
153 Doing some cleanups, remove stale ebuilds.
154
155 26 May 2007; Christian Heim <phreak@gentoo.org>
156 hardened-sources-2.6.21-r2.ebuild:
157 Fixing the grsecurity patch, had one '};' too much.
158
159 *hardened-sources-2.6.21-r2 (26 May 2007)
160
161 26 May 2007; Christian Heim <phreak@gentoo.org>
162 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
163 +hardened-sources-2.6.21-r2.ebuild:
164 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
165 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
166
167 *hardened-sources-2.6.20-r4 (26 May 2007)
168
169 26 May 2007; Christian Heim <phreak@gentoo.org>
170 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
171 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
172 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
173
174 15 May 2007; Christian Heim <phreak@gentoo.org>
175 hardened-sources-2.6.20-r3.ebuild:
176 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
177 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
178 grsecurity patch fail in that exact same hunk.
179
180 *hardened-sources-2.6.20-r3 (15 May 2007)
181
182 15 May 2007; Christian Heim <phreak@gentoo.org>
183 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
184 Revision bump, incorporating Linux 2.6.20.11.
185
186 *hardened-sources-2.6.21-r1 (11 May 2007)
187
188 11 May 2007; Christian Heim <phreak@gentoo.org>
189 +hardened-sources-2.6.21-r1.ebuild:
190 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
191 mentioned in #177234.
192
193 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
194 files/digest-hardened-sources-2.6.21, Manifest:
195 Fix Manifest/digest for linux-2.6.21.tar.bz2
196
197 06 May 2007; Christian Heim <phreak@gentoo.org>
198 hardened-sources-2.6.21.ebuild:
199 Bumping the hardened-patches version, needed for the fix for #177234.
200
201 *hardened-sources-2.6.21 (02 May 2007)
202
203 02 May 2007; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.6.21.ebuild:
205 Version bump, Linux 2.6.21-hardened.
206
207 29 Apr 2007; Christian Heim <phreak@gentoo.org>
208 hardened-sources-2.6.20-r2.ebuild:
209 Adding ~ia64 on Ned's request.
210
211 29 Apr 2007; Christian Heim <phreak@gentoo.org>
212 hardened-sources-2.6.20-r2.ebuild:
213 Fixing the included grsecurity patch, wasn't alligning due to the Index:
214 header line(s).
215
216 29 Apr 2007; Christian Heim <phreak@gentoo.org>
217 hardened-sources-2.6.20-r2.ebuild:
218 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
219
220 *hardened-sources-2.6.20-r2 (10 Apr 2007)
221
222 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
223 +hardened-sources-2.6.20-r2.ebuild:
224 Version bump, on behalf of phreak
225
226 *hardened-sources-2.6.20-r1 (04 Apr 2007)
227
228 04 Apr 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.20-r1.ebuild:
230 Revision bump, grabbing a newer grsecurity snapshot.
231
232 *hardened-sources-2.6.20 (25 Mar 2007)
233
234 25 Mar 2007; Christian Heim <phreak@gentoo.org>
235 +hardened-sources-2.6.20.ebuild:
236 Finally a hardened-sources version for 2.6.20; many people have been waiting
237 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
238 testbox.
239
240 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
241 hardened-sources-2.6.18-r6.ebuild:
242 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
243
244 *hardened-sources-2.6.18-r6 (16 Mar 2007)
245
246 16 Mar 2007; Christian Heim <phreak@gentoo.org>
247 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
248 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
249 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
250 supposed to be.
251
252 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
253 Fixing the Manifest, the previous one was broken (as in still had the
254 deleted ebuild in it).
255
256 06 Mar 2007; Christian Heim <phreak@gentoo.org>
257 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
258 +hardened-sources-2.6.18-r5.ebuild:
259 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
260 Linux 2.6.18.8. Also cleaning up the older version.
261
262 *hardened-sources-2.6.18-r5 (06 Mar 2007)
263
264 06 Mar 2007; Christian Heim <phreak@gentoo.org>
265 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
266 +hardened-sources-2.6.18-r5.ebuild:
267 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
268 Linux 2.6.18.8. Also cleaning up the older version.
269
270 24 Feb 2007; Christian Heim <phreak@gentoo.org>
271 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
272 -hardened-sources-2.6.19-r5.ebuild:
273 Removing some of the old version, that didn't work.
274
275 *hardened-sources-2.6.19-r6 (12 Feb 2007)
276
277 12 Feb 2007; Christian Heim <phreak@gentoo.org>
278 +hardened-sources-2.6.19-r6.ebuild:
279 Revision bump, including a new grsec version fixing #166235.
280
281 *hardened-sources-2.4.34 (24 Jan 2007)
282
283 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
284 Manifest:
285 updating Manifest with checksums of new tarball and ebuild
286
287 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
288 +hardened-sources-2.4.34.ebuild:
289 I added new hardened sources 2.4 update, this is a critical path
290 security bugfix - all users of h-s are strongly advised
291 to update their existing hardened sources to this version.
292 It contains a fix for a kernel vulnerability that is pertaining
293 to the PaX changes to virtual memory management, possibly leading
294 to a local kernel exploit ... see grsecurity.net forums and homepage
295
296 23 Jan 2007; Christian Heim <phreak@gentoo.org>
297 files/digest-hardened-sources-2.6.19-r5, Manifest:
298 Fixing the patch-tarball digest.
299
300 *hardened-sources-2.6.19-r5 (23 Jan 2007)
301
302 23 Jan 2007; Christian Heim <phreak@gentoo.org>
303 +hardened-sources-2.6.19-r5.ebuild:
304 Revision bump, closing the recently discovered PaX expand_stack()
305 vulnerability.
306
307 *hardened-sources-2.6.19-r4 (14 Jan 2007)
308
309 14 Jan 2007; Christian Heim <phreak@gentoo.org>
310 +hardened-sources-2.6.19-r4.ebuild:
311 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
312 dropping the randomized PID feature.
313
314 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
315 hardened-sources-2.4.33.4.ebuild:
316 stable x86, bug #161171
317
318 *hardened-sources-2.6.19-r3 (27 Dec 2006)
319
320 27 Dec 2006; Christian Heim <phreak@gentoo.org>
321 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
322 Revision bump for bug #157186 and #158786.
323
324 *hardened-sources-2.6.18-r4 (27 Dec 2006)
325
326 27 Dec 2006; Christian Heim <phreak@gentoo.org>
327 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
328 Revision bump for bug #157186.
329
330 *hardened-sources-2.6.19-r2 (23 Dec 2006)
331
332 23 Dec 2006; Christian Heim <phreak@gentoo.org>
333 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
334 Revision bump to pull in genpatches-2.6.19-3 for #157186.
335
336 17 Dec 2006; Christian Heim <phreak@gentoo.org>
337 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
338 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
339 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
340 hardened-sources-2.6.19-r1.ebuild:
341 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
342 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
343
344 *hardened-sources-2.4.33.4 (17 Dec 2006)
345
346 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
347 +hardened-sources-2.4.33.4.ebuild:
348 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
349 and quilting
350
351 *hardened-sources-2.6.19-r1 (14 Dec 2006)
352
353 14 Dec 2006; Christian Heim <phreak@gentoo.org>
354 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
355 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
356 for reporting).
357
358 *hardened-sources-2.6.19 (13 Dec 2006)
359
360 13 Dec 2006; Christian Heim <phreak@gentoo.org>
361 +hardened-sources-2.6.19.ebuild:
362 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
363 Brad for providing that prompt update.
364
365 *hardened-sources-2.6.18-r3 (13 Dec 2006)
366
367 13 Dec 2006; Christian Heim <phreak@gentoo.org>
368 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
369 +hardened-sources-2.6.18-r3.ebuild:
370 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
371 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
372
373 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
374 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
375
376 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
377 Stable on ppc wrt bug 157356
378
379 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
380 hardened-sources-2.6.18.ebuild:
381 stable x86, bug #157356
382
383 *hardened-sources-2.6.18-r2 (06 Dec 2006)
384
385 06 Dec 2006; Christian Heim <phreak@gentoo.org>
386 +hardened-sources-2.6.18-r2.ebuild:
387 Revision bump, including 2.6.18.5 (via genpatches) and
388 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
389 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
390 redesign.
391
392 06 Dec 2006; Christian Heim <phreak@gentoo.org>
393 hardened-sources-2.6.18.ebuild:
394 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
395 of Mike Doty).
396
397 *hardened-sources-2.6.18-r1 (23 Nov 2006)
398
399 23 Nov 2006; Christian Heim <phreak@gentoo.org>
400 +hardened-sources-2.6.18-r1.ebuild:
401 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
402
403 *hardened-sources-2.6.18 (11 Nov 2006)
404
405 11 Nov 2006; Christian Heim <phreak@gentoo.org>
406 +hardened-sources-2.6.18.ebuild:
407 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
408
409 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
410 - mark amd64 stable also. bug #151877
411
412 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
413 - mark 2.6.17-r1 stable
414
415 27 Aug 2006; Christian Heim <phreak@gentoo.org>
416 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
417 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
418
419 *hardened-sources-2.6.17-r1 (26 Aug 2006)
420
421 26 Aug 2006; Christian Heim <phreak@gentoo.org>
422 +hardened-sources-2.6.17-r1.ebuild:
423 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
424 grsecurity patch.
425
426 *hardened-sources-2.6.17 (17 Aug 2006)
427
428 17 Aug 2006; Christian Heim <phreak@gentoo.org>
429 +hardened-sources-2.6.17.ebuild:
430 Bumping the hardened-sources-2.6 series to 2.6.17, using
431 genpatches-2.6.17-6.base.
432
433 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
434 - stable on x86 and amd64
435
436 *hardened-sources-2.6.16-r11 (15 Jul 2006)
437
438 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
439 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
440 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
441 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
442 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
443 crusty ebuilds
444
445 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
446 hardened-sources-2.6.16-r10.ebuild:
447 marking stable on x86 and amd64
448
449 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
450 - 2.4.32-r6 stable on x86. RSBAC state unknown
451
452 *hardened-sources-2.4.32-r7 (10 Jul 2006)
453
454 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
455 +hardened-sources-2.4.32-r7.ebuild:
456 Bump PaX for RSBAC to test-17
457
458 *hardened-sources-2.6.16-r9 (03 Jul 2006)
459
460 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
461 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
462 hardened-sources-2.6.16 bump to latest -base.
463
464 *hardened-sources-2.4.32-r6 (30 Jun 2006)
465
466 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
467 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
468 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
469 sysctl controlable resource logging
470
471 *hardened-sources-2.6.16-r7 (05 Jun 2006)
472
473 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
474 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
475 push new 2.6.16 release in preparation for stable
476
477 22 May 2006; <solar@gentoo.org> :
478 - redigest bug 134002
479
480 *hardened-sources-2.4.32-r5 (16 May 2006)
481
482 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
483 +hardened-sources-2.4.32-r5.ebuild:
484 Fixes rsbac common patching (new patch in new -r5 patchset)
485
486 *hardened-sources-2.4.32-r4 (13 May 2006)
487
488 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
489 +hardened-sources-2.4.32-r4.ebuild:
490 - security bumps
491
492 *hardened-sources-2.6.16-r6 (03 May 2006)
493
494 03 May 2006; John Mylchreest <johnm@gentoo.org>
495 +hardened-sources-2.6.16-r6.ebuild:
496 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
497
498 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
499 hardened-sources-2.6.14-r8.ebuild:
500 fix x86_64 build problem, this will delay the digest issue again for a short
501 while but it will sort itself out
502
503 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
504 hardened-sources-2.6.14-r8.ebuild:
505 bump hardened patchset
506
507 27 Apr 2006; Alec Warner <antarus@gentoo.org>
508 files/digest-hardened-sources-2.4.32-r2,
509 files/digest-hardened-sources-2.4.32-r3,
510 files/digest-hardened-sources-2.6.14-r8, Manifest:
511 Fixing duff SHA256 digests: Bug # 131293
512
513 *hardened-sources-2.6.16-r5 (27 Apr 2006)
514
515 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
516 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
517 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
518 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
519 cleanup of old uneccessary sources
520
521 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
522 fix digest
523
524 *hardened-sources-2.6.14-r8 (20 Apr 2006)
525
526 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
527 +hardened-sources-2.6.14-r8.ebuild:
528 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
529
530 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
531 Turning on gpg-signing again, and recomitting
532
533 *hardened-sources-2.6.16-r4 (20 Apr 2006)
534
535 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
536 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
537 +hardened-sources-2.6.16-r4.ebuild:
538 Fix numerous security vulns
539
540 *hardened-sources-2.4.32-r3 (16 Apr 2006)
541
542 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
543 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
544 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
545 - security bump for bug #112791. Removed old ebuilds
546
547 *hardened-sources-2.6.16-r3 (15 Apr 2006)
548
549 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
550 +hardened-sources-2.6.16-r3.ebuild:
551 Removing silly localversion which I missed
552
553 *hardened-sources-2.6.14-r7 (14 Apr 2006)
554
555 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
556 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
557 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
558
559 *hardened-sources-2.6.16-r2 (13 Apr 2006)
560
561 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
562 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
563 +hardened-sources-2.6.16-r2.ebuild:
564 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
565 labels, dropping USERGROUP define fixes, since these were merged mainstream.
566
567 *hardened-sources-2.6.16-r1 (11 Apr 2006)
568
569 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
570 +hardened-sources-2.6.16-r1.ebuild:
571 Bumping to include ppc build fix and 2.6.16.3
572
573 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
574 hardened-sources-2.6.14-r6.ebuild:
575 Stable on x86; bug #127718
576
577 *hardened-sources-2.6.16 (31 Mar 2006)
578
579 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
580 +hardened-sources-2.6.16.ebuild:
581 Bumping to new version of grsec, and kernel base. New squashfs. Based on
582 2.6.16.1
583
584 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
585 hardened-sources-2.6.14-r6.ebuild:
586 Stable on amd64, bug 127718.
587
588 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
589 Stable on ppc. Bug #127718
590
591 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
592 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
593 -hardened-sources-2.6.14-r4.ebuild:
594 Cleanup.
595
596 *hardened-sources-2.6.14-r6 (15 Mar 2006)
597
598 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
599 +hardened-sources-2.6.14-r6.ebuild:
600 Fixes grsec policy recreation bug and adds a
601 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
602
603 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
604 - stable on x86
605
606 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
607 hardened-sources-2.6.14-r5.ebuild:
608 Stable on ppc.
609
610 *hardened-sources-2.6.14-r5 (01 Feb 2006)
611
612 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
613 +hardened-sources-2.6.14-r5.ebuild:
614 fixing every known exploit
615
616 *hardened-sources-2.4.32-r2 (26 Jan 2006)
617
618 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
619 +hardened-sources-2.4.32-r2.ebuild:
620 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
621
622 *hardened-sources-2.6.14-r4 (12 Jan 2006)
623
624 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
625 - version bump for new genpatches which fix up a few sec holes
626
627 *hardened-sources-2.4.32-r1 (05 Jan 2006)
628
629 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
630 - revision bump to add misc vital linux kernel security patches.
631
632 *hardened-sources-2.6.14-r3 (30 Dec 2005)
633
634 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
635 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
636 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
637
638 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
639 hardened-sources-2.6.14-r2.ebuild:
640 making x86 & amd64 stable following testing.
641
642 *hardened-sources-2.6.14-r2 (27 Dec 2005)
643
644 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
645 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
646 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
647 network hooks.
648
649 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
650 hardened-sources-2.6.14-r1.ebuild:
651 bumping to stable early for sec fix on x86 & amd64
652
653 *hardened-sources-2.6.14-r1 (05 Dec 2005)
654
655 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
656 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
657 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
658
659 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
660 - stable on x86 security bug #114227 CAN-2005-3257
661
662 *hardened-sources-2.4.32 (19 Nov 2005)
663
664 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
665 +hardened-sources-2.4.32.ebuild:
666 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
667 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
668 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
669 rsbac >> /etc/portage/package.use)
670
671 *hardened-sources-2.6.14 (14 Nov 2005)
672
673 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
674 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
675 Bumping 2.6 series to 2.6.14.2
676
677 *hardened-sources-2.6.13-r2 (20 Oct 2005)
678
679 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
680 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
681 +hardened-sources-2.6.13-r2.ebuild:
682 Fixes minor build error in ppc.
683
684 *hardened-sources-2.6.13-r1 (17 Oct 2005)
685
686 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
687 +hardened-sources-2.6.13-r1.ebuild:
688 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
689 2.6.13.4, fixes some major amd64 stability problems.
690
691 *hardened-sources-2.6.13 (16 Sep 2005)
692
693 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
694 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
695 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
696 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
697 users should test this thoroughly.
698
699 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
700 - stable on x86
701
702 *hardened-sources-2.6.11-r15 (27 Jun 2005)
703
704 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
705 +hardened-sources-2.6.11-r15.ebuild:
706 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
707 grsec redefining curr_ip struct.
708
709 *hardened-sources-2.4.31 (20 Jun 2005)
710
711 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
712 initial import of 2.4.31 tree
713
714 *hardened-sources-2.6.11-r14 (14 Jun 2005)
715
716 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
717 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
718 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
719 naming scheme to abide by genpatches
720
721 *hardened-sources-2.6.11-r13 (18 May 2005)
722
723 18 May 2005; John Mylchreest <johnm@gentoo.org>
724 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
725 Managed to mangle the Makefile patch from grsec, to miss out the grsec
726 target. sorry about that. Fixes bug #93022
727
728 *hardened-sources-2.6.11-r12 (17 May 2005)
729
730 17 May 2005; John Mylchreest <johnm@gentoo.org>
731 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
732 +hardened-sources-2.6.11-r12.ebuild:
733 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
734 merges in genpatches-base
735
736 *hardened-sources-2.6.11-r12 (17 May 2005)
737
738 17 May 2005; John Mylchreest <johnm@gentoo.org>
739 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
740 +hardened-sources-2.6.11-r12.ebuild:
741 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
742 merges in genpatches-base
743
744 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
745 -files/2.4.27-cmdline-race.patch,
746 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
747 -files/2.4.28-grsec-binfmt_a.out.patch,
748 -files/2.4.28-grsec-cmdline-race.patch,
749 -files/2.4.28-selinux-binfmt_a.out.patch,
750 -files/2.4.28-selinux-cmdline-race.patch,
751 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
752 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
753 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
754 cleanup..
755
756 *hardened-sources-2.4.30-r1 (21 Apr 2005)
757
758 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
759 - disable aout by default
760
761 *hardened-sources-2.4.30 (18 Apr 2005)
762
763 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
764 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
765 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
766 use
767
768 *hardened-sources-2.4.29 (30 Mar 2005)
769
770 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
771 +hardened-sources-2.4.29.ebuild:
772 New hardened-patches-2.4-29.0 patchball.
773 Removed SELinux support, upgraded GRSecurity to 2.1.4.
774
775 *hardened-sources-2.4.28-r5 (06 Mar 2005)
776
777 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
778 +hardened-sources-2.4.28-r5.ebuild:
779 Added a fix for a PaX vulnerability.
780
781 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
782 hardened-sources-2.4.28-r4.ebuild:
783 Stable on x86
784
785 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
786 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
787 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
788 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
789 - fixed/added RDEPEND= in all kernel-2 ebuilds
790
791 *hardened-sources-2.4.28-r4 (21 Jan 2005)
792
793 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
794 +hardened-sources-2.4.28-r4.ebuild:
795 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
796 backport of neighbour hash updates.
797
798 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
799 hardened-sources-2.4.28-r3.ebuild:
800 Stable on x86
801
802 *hardened-sources-2.6.10-r3 (20 Jan 2005)
803
804 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
805 +hardened-sources-2.6.10-r3.ebuild:
806 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
807 in 2005.0
808
809 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
810 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
811 hardened-sources-2.4.28-r2.ebuild:
812 Mark stable on x86
813
814 *hardened-sources-2.4.28-r3 (17 Jan 2005)
815
816 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
817 +hardened-sources-2.4.28-r3.ebuild:
818 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
819
820 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
821 hardened-sources-2.4.28.ebuild:
822 Mark stable on x86.
823
824 *hardened-sources-2.4.28-r2 (13 Jan 2005)
825
826 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
827 +hardened-sources-2.4.28-r2.ebuild:
828 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
829 Mazinger for grsecurity patches as well.
830
831 *hardened-sources-2.4.28-r1 (23 Dec 2004)
832
833 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
834 Security bump. Thank tocharian for rolling a new patchset...
835
836 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
837 +files/2.4.28-grsec-cmdline-race.patch,
838 +files/2.4.28-selinux-binfmt_a.out.patch,
839 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
840 - Round up remaining security patches that appear to be missing in 2.4.28. -
841 PaX standalone updated to current. hgpv=28.1
842
843 *hardened-sources-2.4.28 (28 Nov 2004)
844
845 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
846 security bump. Thank tocharian for rolling a new patchset
847
848 *hardened-sources-2.4.27-r3 (08 Sep 2004)
849
850 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
851 +hardened-sources-2.4.27-r3.ebuild:
852 Applies the new 2.4-27.2 patchball which updates
853 GRSecurity to the 2.0.1 version.
854
855 *hardened-sources-2.4.27-r2 (31 Aug 2004)
856
857 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
858 +hardened-sources-2.4.27-r2.ebuild:
859 Version bump.
860 This version uses the new 2.4-27.1 patchball which updates
861 both the SELinux PaX hooks patch and the SELinux headers.
862
863 *hardened-sources-2.4.27-r1 (09 Aug 2004)
864
865 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
866 +hardened-sources-2.4.27-r1.ebuild,
867 -hardened-sources-2.4.27.ebuild,
868 +files/2.4.27-cmdline-race.patch:
869 Version bump, fix for cmdline race. See bug #59905.
870
871 *hardened-sources-2.4.26-r6 (09 Aug 2004)
872
873 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
874 +hardened-sources-2.4.26-r6.ebuild,
875 -hardened-sources-2.4.26-r5.ebuild,
876 -hardened-sources-2.4.26-r4.ebuild,
877 +files/2.4.26-cmdline-race.patch:
878 Version bump, fix for cmdline race. See bug #59905.
879
880 *hardened-sources-2.4.27 (08 Aug 2004)
881
882 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
883 +hardened-sources-2.4.27.ebuild,
884 +files/2.4.27-CAN-2004-0394.patch:
885 Ported the patchball to the 2.4.27 kernel version.
886
887 *hardened-sources-2.4.26-r5 (07 Aug 2004)
888
889 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
890 +hardened-sources-2.4.26-r5.ebuild:
891 Updated to use the new hardened-patches-2.4-26.1 patchball.
892 It adds the following features:
893 - Squashfs
894 - Ebtables
895 - Netdev random (core+drivers)
896 - Watchdog Timer (WDT) fix.
897
898 *hardened-sources-2.4.26-r4 (04 Aug 2004)
899
900 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
901 +hardened-sources-2.4.26-r4.ebuild,
902 +files/2.4.26-CAN-2004-0415.patch,
903 -hardened-sources-2.4.26-3:
904 Version bump, fix for CAN 0415, see bug #59378.
905
906 *hardened-sources-2.4.26-r3 (22 Jul 2004)
907
908 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
909 +hardened-sources-2.4.26-r3.ebuild,
910 +files/2.4.26-CAN-2004-0497.patch,
911 -hardened-sources-2.4.26-r2.ebuild:
912 Version bump, fixed CAN 0497, see bug #56171.
913
914 *hardened-sources-2.4.26-r2 (29 Jun 2004)
915
916 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
917 +hardened-sources-2.4.26-r2.ebuild,
918 +files/2.4.26-CAN-2004-0495.patch,
919 +files/2.4.26-CAN-2004-0535.patch,
920 -hardened-sources-2.4.26-r1.ebuild:
921 Fixes for both CAN 0495 and 0535, see bug #54976
922
923 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
924 hardened-sources-2.4.26-r1.ebuild:
925 QA - fix use invocation
926
927 *hardened-sources-2.4.26-r1 (22 June 2004)
928
929 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
930 +hardened-sources-2.4.26-r1.ebuild,
931 +files/2.4.26-CAN-2004-0394.patch,
932 +files/2.4.26-signal-race.patch,
933 -hardened-sources-2.4.26.ebuild,
934 -hardened-sources-2.4.24-r3.ebuild:
935 Version bump for the CAN-2004-0394 issue and bug #53804
936 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
937
938
939 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
940 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
941 Masked hardened-sources-2.4.26.ebuild broken for ppc
942
943 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
944 hardened-sources-2.4.24-r3.ebuild:
945 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
946
947 *hardened-sources-2.4.26 (29 May 2004)
948
949 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
950 +hardened-sources-2.4.26.ebuild:
951 Updated hardened-sources for the 2.4.26 kernel
952 Removed broken components, updated almost everything.
953
954 *hardened-sources-2.4.24-r3 (17 Apr 2004)
955
956 17 Apr 2004; <plasmaroo@gentoo.org>
957 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
958 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
959 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
960 +hardened-sources-2.4.24-r3.ebuild:
961 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
962 vulnerabilities. Old revisions removed.
963
964 *hardened-sources-2.4.24-r2 (15 Apr 2004)
965
966 15 Apr 2004; <plasmaroo@gentoo.org>
967 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
968 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
969 Version bump for the CAN-2004-0109 issue; bug #47881.
970
971 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
972 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
973 Add eutils to inherit.
974
975 *hardened-sources-2.4.24-r1 (19 Feb 2004)
976
977 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
978 files/hardened-sources-2.4.24.munmap.patch:
979 Added the patch for the mremap/munmap vulnerability. Bug #42024.
980
981 *hardened-sources-2.4.24 (06 Feb 2004)
982
983 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
984 hardened-sources-2.4.24.ebuild:
985 Version bump, updated most of the components.
986 This release includes the following:
987
988 - Hardened security
989 - Netfilter patch-o-matic 20031219
990 - FreeSWAN 2.04 & x509 1.4.8
991 - EVMS 2.2.2
992 - XFS 1.3.1
993 - cryptoloop jari
994 - grsecurity 2.0-rc4
995 - SELinux
996 - PaX 200402060000
997 - PaX Obscurity 200308302223
998 - Others...
999
1000 Neither -ck nor systrace are included anymore.
1001
1002 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1003
1004 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1005 hardened-sources-2.4.22-r2.ebuild:
1006 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1007
1008 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1009
1010 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1011 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1012
1013 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1014 hardened-sources-2.4.22-r1.ebuild:
1015 Version bump for the 'do_brk' vulnerability.
1016
1017 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1018 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1019 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1020 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1021 Fix the 'do_brk' vulnerability.
1022
1023 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1024 hardened-sources-2.4.22.ebuild:
1025 - Removed the src_install() portion for SELinux flask
1026 components. These are no longer handled in the kernel
1027 so this code was not necessary.
1028
1029 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1030 New 2.4.22 based hardened-sources thanks to
1031 Phil West <p.west@computer.org>.
1032
1033 These sources include:
1034 - New SELinux API
1035 - Updated CK-base
1036 - Updated GRSec
1037 - Systrace
1038 - SuperFreeS/WAN 1.99.8
1039 - Propolice kernel build support
1040 - EVMS
1041 - Other various security related patches
1042
1043 *hardened-sources-2.4.21 (14 Sep 2003)
1044
1045 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1046 Updated hardened-sources based on the 2.4.21 Linux kernel.
1047 This includes updates to most major components such as:
1048 - ck-base-0306300059
1049 - selinux-2.4-2003071106
1050 - grsecurity-2.0-rc1
1051 - Updated IPTables patch-o-matic
1052 - Updated SuperFreeS/WAN
1053
1054 Thanks to Phil West <pwest@computer.org> for his work in getting this
1055 updated patch set ready for the 2.4.21 based kernel.
1056
1057 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1058 Initial import of hardened-sources-2.4.20-r4. This revision
1059 includes only a few changes, but one of these is an important
1060 security fix. It is recommended all users of hardened-sources
1061 upgrade to this release.
1062
1063 - ioperm bug fix
1064 - fixed compilation failure when building without GRSec
1065
1066 SAL (Secure Auditing for Linux) is NOT included in this revision
1067 due to time constraints, but is planned for inclusion in the near
1068 future.
1069
1070 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1071
1072 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1073 hardened-sources-2.4.20-r3.ebuild:
1074 Add Header...
1075
1076 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1077 hardened-sources-2.4.20-r3.ebuild:
1078 Removed warnings from ebuild. This kernel should be safe to
1079 use at this point.
1080
1081 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1082
1083 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1084 hardened-sources-2.4.20-r3.ebuild:
1085 New revision. Includes the following changes over -r2:
1086
1087 - ck7-base (O(1), preempt, low latency)
1088 - Super FreeS/WAN 1.99.7rc2
1089 - PaX for the LSM/SELinux branch
1090 - GRSecurity 2.0-pre4 (role based access control)
1091 - Systrace 1.3
1092 - EXT3 fixes
1093 - EVMS 2.0.1
1094 - GCC 3.1+ compile optimizations
1095 - ProPolice kernel build support
1096 - Hashing table security fixes
1097
1098 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1099
1100 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1101 Initial import of hardened-sources-r2. This new
1102 ebuild includes many new performance and security
1103 related patches. As in -r1, it will patch in
1104 LSM/SELinux if "selinux" is in USE, otherwise it
1105 will patch in GRSecurity. The following patches
1106 are included in this revision:
1107
1108 - O(1) Scheduler, Low Latency, and Preempt
1109 (pulled from the base CK patch)
1110 - ptrace exploit patch for the LSM kernel
1111 (the GRSec patch already fixes this)
1112 - LSM 2.4-2003040709
1113 - SELinux 2.4-2003040709
1114 - Systrace v1.2
1115 - IPTables patch-o-matic base patches - 20030107
1116 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1117 - Super FreeS/WAN 1.99.6.1
1118 - GRSecurity 1.9.9g
1119 - MPPE
1120 - EXT3 data journal fix
1121 - CIPE 1.5.4
1122
1123 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1124 hardened-sources-2.4.20-r1.ebuild, manifest:
1125 Updated to install flask components correctly for selinux.
1126
1127 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1128 hardened-sources-2.4.20-r1.ebuild:
1129 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1130 is patched in instead. Ptrace patches for selinux have also been added. In
1131 either case, systrace support will be patched in as well.
1132
1133 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1134 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1135 Revision bump for new sources.
1136
1137 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1138 hardened-sources-2.4.20-r1.ebuild:
1139 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1140
1141 *hardened-sources-2.4.20 (30 Mar 2003)
1142
1143 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1144 hardened-sources-2.4.20.ebuild:
1145 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20