/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.189 - (show annotations) (download)
Thu Oct 4 18:13:52 2007 UTC (7 years, 2 months ago) by phreak
Branch: MAIN
Changes since 1.188: +5 -1 lines
Removing old versions.
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.188 2007/10/01 16:59:09 phreak Exp $
4
5 04 Oct 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
7 Removing old versions.
8
9 *hardened-sources-2.6.22-r7 (01 Oct 2007)
10
11 01 Oct 2007; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.22-r7.ebuild:
13 Revision bump, pulling in a newer patch. Should fix #194276.
14
15 30 Sep 2007; Christian Heim <phreak@gentoo.org>
16 hardened-sources-2.6.20-r10.ebuild:
17 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
18 Mike Doty).
19
20 *hardened-sources-2.6.22-r6 (26 Sep 2007)
21
22 26 Sep 2007; Christian Heim <phreak@gentoo.org>
23 +hardened-sources-2.6.22-r6.ebuild:
24 Revision bump, grabbing up till Linux 2.6.22.9.
25
26 24 Sep 2007; Christian Heim <phreak@gentoo.org>
27 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
28 Cleaning up further.
29
30 *hardened-sources-2.6.20-r10 (24 Sep 2007)
31
32 24 Sep 2007; Christian Heim <phreak@gentoo.org>
33 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
34 +hardened-sources-2.6.20-r10.ebuild:
35 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
36 revisions.
37
38 *hardened-sources-2.6.22-r5 (22 Sep 2007)
39
40 22 Sep 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.22-r5.ebuild:
42 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
43
44 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
45 Removing johnm from metadata.xml (see #186467 for reference).
46
47 *hardened-sources-2.6.22-r4 (17 Sep 2007)
48
49 17 Sep 2007; Christian Heim <phreak@gentoo.org>
50 +hardened-sources-2.6.22-r4.ebuild:
51 Revision bump, hopefully fixing all those weird PAX failures.
52
53 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
54 Updating the metadata.xml.
55
56 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
57 Removing tocharian from metadata due to his retirement (see #71718 for
58 reference).
59
60 *hardened-sources-2.6.20-r9 (30 Aug 2007)
61
62 30 Aug 2007; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.6.20-r9.ebuild:
64 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
65
66 29 Aug 2007; Christian Heim <phreak@gentoo.org>
67 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
68 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
69 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
70 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
71 -hardened-sources-2.6.22-r2.ebuild:
72 Removing some redundant versions.
73
74 *hardened-sources-2.4.35-r1 (29 Aug 2007)
75
76 29 Aug 2007; Christian Heim <phreak@gentoo.org>
77 +hardened-sources-2.4.35-r1.ebuild:
78 Revision bump, new grsecurity patch.
79
80 *hardened-sources-2.6.20-r8 (26 Aug 2007)
81
82 26 Aug 2007; Christian Heim <phreak@gentoo.org>
83 +hardened-sources-2.6.20-r8.ebuild:
84 Revision bump for Linux 2.6.20.17.
85
86 *hardened-sources-2.6.22-r3 (22 Aug 2007)
87
88 22 Aug 2007; Christian Heim <phreak@gentoo.org>
89 +hardened-sources-2.6.22-r3.ebuild:
90 Revision bump for Linux 2.6.22.4.
91
92 16 Aug 2007; Christian Heim <phreak@gentoo.org>
93 hardened-sources-2.6.22-r2.ebuild:
94 Updated patchset, to fix the alignment against 2.6.22.3.
95
96 *hardened-sources-2.6.22-r2 (16 Aug 2007)
97
98 16 Aug 2007; Christian Heim <phreak@gentoo.org>
99 +hardened-sources-2.6.22-r2.ebuild:
100 Revision bump for Linux 2.6.22.3.
101
102 *hardened-sources-2.4.35 (16 Aug 2007)
103
104 16 Aug 2007; Christian Heim <phreak@gentoo.org>
105 +hardened-sources-2.4.35.ebuild:
106 Version bump, initial version for Linux 2.4.35.
107
108 *hardened-sources-2.6.21-r4 (16 Aug 2007)
109
110 16 Aug 2007; Christian Heim <phreak@gentoo.org>
111 +hardened-sources-2.6.21-r4.ebuild:
112 Revision bump for Linux 2.6.21.6.
113
114 *hardened-sources-2.6.20-r7 (16 Aug 2007)
115
116 16 Aug 2007; Christian Heim <phreak@gentoo.org>
117 +hardened-sources-2.6.20-r7.ebuild:
118 Revision bump for Linux 2.6.20.16.
119
120 *hardened-sources-2.6.22-r1 (13 Aug 2007)
121
122 13 Aug 2007; Christian Heim <phreak@gentoo.org>
123 +hardened-sources-2.6.22-r1.ebuild:
124 Yet another revision bump.
125
126 *hardened-sources-2.6.22 (10 Aug 2007)
127
128 10 Aug 2007; Christian Heim <phreak@gentoo.org>
129 +hardened-sources-2.6.22.ebuild:
130 Initial release for 2.6.22. If you are using hardened-sources on a desktop
131 machine (P4 or newer), be aware you might need to disable
132 CONFIG_PAX_PAGEEXEC.
133
134 04 Aug 2007; Christian Heim <phreak@gentoo.org>
135 hardened-sources-2.6.20-r6.ebuild:
136 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
137 2.6.20.15.
138
139 10 Jul 2007; Christian Heim <phreak@gentoo.org>
140 hardened-sources-2.6.20-r5.ebuild:
141 Marking hardened-sources-2.6.20-r5 stable on ppc.
142
143 10 Jul 2007; Christian Heim <phreak@gentoo.org>
144 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
145 Cleanup.
146
147 *hardened-sources-2.6.20-r6 (08 Jul 2007)
148
149 08 Jul 2007; Christian Heim <phreak@gentoo.org>
150 +hardened-sources-2.6.20-r6.ebuild:
151 Revision bump, grabbing yet another stable release.
152
153 17 Jun 2007; Christian Heim <phreak@gentoo.org>
154 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
155 -hardened-sources-2.6.21-r2.ebuild:
156 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
157 alpha stable KEYWORD by mistake.
158
159 17 Jun 2007; Christian Heim <phreak@gentoo.org>
160 hardened-sources-2.6.20-r5.ebuild:
161 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
162 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
163
164 *hardened-sources-2.6.21-r3 (12 Jun 2007)
165
166 12 Jun 2007; Christian Heim <phreak@gentoo.org>
167 +hardened-sources-2.6.21-r3.ebuild:
168 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
169 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
170 love.
171
172 *hardened-sources-2.6.20-r5 (11 Jun 2007)
173
174 11 Jun 2007; Christian Heim <phreak@gentoo.org>
175 +hardened-sources-2.6.20-r5.ebuild:
176 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
177 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
178 love.
179
180 *hardened-sources-2.4.34.5 (11 Jun 2007)
181
182 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
183 +hardened-sources-2.4.34.5.ebuild:
184 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
185
186 30 May 2007; Christian Heim <phreak@gentoo.org>
187 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
188 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
189 stale ebuild(s).
190
191 30 May 2007; Christian Heim <phreak@gentoo.org>
192 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
193 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
194 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
195 Doing some cleanups, remove stale ebuilds.
196
197 26 May 2007; Christian Heim <phreak@gentoo.org>
198 hardened-sources-2.6.21-r2.ebuild:
199 Fixing the grsecurity patch, had one '};' too much.
200
201 *hardened-sources-2.6.21-r2 (26 May 2007)
202
203 26 May 2007; Christian Heim <phreak@gentoo.org>
204 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
205 +hardened-sources-2.6.21-r2.ebuild:
206 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
207 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
208
209 *hardened-sources-2.6.20-r4 (26 May 2007)
210
211 26 May 2007; Christian Heim <phreak@gentoo.org>
212 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
213 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
214 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
215
216 15 May 2007; Christian Heim <phreak@gentoo.org>
217 hardened-sources-2.6.20-r3.ebuild:
218 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
219 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
220 grsecurity patch fail in that exact same hunk.
221
222 *hardened-sources-2.6.20-r3 (15 May 2007)
223
224 15 May 2007; Christian Heim <phreak@gentoo.org>
225 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
226 Revision bump, incorporating Linux 2.6.20.11.
227
228 *hardened-sources-2.6.21-r1 (11 May 2007)
229
230 11 May 2007; Christian Heim <phreak@gentoo.org>
231 +hardened-sources-2.6.21-r1.ebuild:
232 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
233 mentioned in #177234.
234
235 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
236 files/digest-hardened-sources-2.6.21, Manifest:
237 Fix Manifest/digest for linux-2.6.21.tar.bz2
238
239 06 May 2007; Christian Heim <phreak@gentoo.org>
240 hardened-sources-2.6.21.ebuild:
241 Bumping the hardened-patches version, needed for the fix for #177234.
242
243 *hardened-sources-2.6.21 (02 May 2007)
244
245 02 May 2007; Christian Heim <phreak@gentoo.org>
246 +hardened-sources-2.6.21.ebuild:
247 Version bump, Linux 2.6.21-hardened.
248
249 29 Apr 2007; Christian Heim <phreak@gentoo.org>
250 hardened-sources-2.6.20-r2.ebuild:
251 Adding ~ia64 on Ned's request.
252
253 29 Apr 2007; Christian Heim <phreak@gentoo.org>
254 hardened-sources-2.6.20-r2.ebuild:
255 Fixing the included grsecurity patch, wasn't alligning due to the Index:
256 header line(s).
257
258 29 Apr 2007; Christian Heim <phreak@gentoo.org>
259 hardened-sources-2.6.20-r2.ebuild:
260 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
261
262 *hardened-sources-2.6.20-r2 (10 Apr 2007)
263
264 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
265 +hardened-sources-2.6.20-r2.ebuild:
266 Version bump, on behalf of phreak
267
268 *hardened-sources-2.6.20-r1 (04 Apr 2007)
269
270 04 Apr 2007; Christian Heim <phreak@gentoo.org>
271 +hardened-sources-2.6.20-r1.ebuild:
272 Revision bump, grabbing a newer grsecurity snapshot.
273
274 *hardened-sources-2.6.20 (25 Mar 2007)
275
276 25 Mar 2007; Christian Heim <phreak@gentoo.org>
277 +hardened-sources-2.6.20.ebuild:
278 Finally a hardened-sources version for 2.6.20; many people have been waiting
279 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
280 testbox.
281
282 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
283 hardened-sources-2.6.18-r6.ebuild:
284 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
285
286 *hardened-sources-2.6.18-r6 (16 Mar 2007)
287
288 16 Mar 2007; Christian Heim <phreak@gentoo.org>
289 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
290 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
291 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
292 supposed to be.
293
294 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
295 Fixing the Manifest, the previous one was broken (as in still had the
296 deleted ebuild in it).
297
298 06 Mar 2007; Christian Heim <phreak@gentoo.org>
299 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
300 +hardened-sources-2.6.18-r5.ebuild:
301 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
302 Linux 2.6.18.8. Also cleaning up the older version.
303
304 *hardened-sources-2.6.18-r5 (06 Mar 2007)
305
306 06 Mar 2007; Christian Heim <phreak@gentoo.org>
307 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
308 +hardened-sources-2.6.18-r5.ebuild:
309 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
310 Linux 2.6.18.8. Also cleaning up the older version.
311
312 24 Feb 2007; Christian Heim <phreak@gentoo.org>
313 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
314 -hardened-sources-2.6.19-r5.ebuild:
315 Removing some of the old version, that didn't work.
316
317 *hardened-sources-2.6.19-r6 (12 Feb 2007)
318
319 12 Feb 2007; Christian Heim <phreak@gentoo.org>
320 +hardened-sources-2.6.19-r6.ebuild:
321 Revision bump, including a new grsec version fixing #166235.
322
323 *hardened-sources-2.4.34 (24 Jan 2007)
324
325 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
326 Manifest:
327 updating Manifest with checksums of new tarball and ebuild
328
329 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
330 +hardened-sources-2.4.34.ebuild:
331 I added new hardened sources 2.4 update, this is a critical path
332 security bugfix - all users of h-s are strongly advised
333 to update their existing hardened sources to this version.
334 It contains a fix for a kernel vulnerability that is pertaining
335 to the PaX changes to virtual memory management, possibly leading
336 to a local kernel exploit ... see grsecurity.net forums and homepage
337
338 23 Jan 2007; Christian Heim <phreak@gentoo.org>
339 files/digest-hardened-sources-2.6.19-r5, Manifest:
340 Fixing the patch-tarball digest.
341
342 *hardened-sources-2.6.19-r5 (23 Jan 2007)
343
344 23 Jan 2007; Christian Heim <phreak@gentoo.org>
345 +hardened-sources-2.6.19-r5.ebuild:
346 Revision bump, closing the recently discovered PaX expand_stack()
347 vulnerability.
348
349 *hardened-sources-2.6.19-r4 (14 Jan 2007)
350
351 14 Jan 2007; Christian Heim <phreak@gentoo.org>
352 +hardened-sources-2.6.19-r4.ebuild:
353 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
354 dropping the randomized PID feature.
355
356 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
357 hardened-sources-2.4.33.4.ebuild:
358 stable x86, bug #161171
359
360 *hardened-sources-2.6.19-r3 (27 Dec 2006)
361
362 27 Dec 2006; Christian Heim <phreak@gentoo.org>
363 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
364 Revision bump for bug #157186 and #158786.
365
366 *hardened-sources-2.6.18-r4 (27 Dec 2006)
367
368 27 Dec 2006; Christian Heim <phreak@gentoo.org>
369 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
370 Revision bump for bug #157186.
371
372 *hardened-sources-2.6.19-r2 (23 Dec 2006)
373
374 23 Dec 2006; Christian Heim <phreak@gentoo.org>
375 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
376 Revision bump to pull in genpatches-2.6.19-3 for #157186.
377
378 17 Dec 2006; Christian Heim <phreak@gentoo.org>
379 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
380 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
381 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
382 hardened-sources-2.6.19-r1.ebuild:
383 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
384 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
385
386 *hardened-sources-2.4.33.4 (17 Dec 2006)
387
388 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
389 +hardened-sources-2.4.33.4.ebuild:
390 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
391 and quilting
392
393 *hardened-sources-2.6.19-r1 (14 Dec 2006)
394
395 14 Dec 2006; Christian Heim <phreak@gentoo.org>
396 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
397 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
398 for reporting).
399
400 *hardened-sources-2.6.19 (13 Dec 2006)
401
402 13 Dec 2006; Christian Heim <phreak@gentoo.org>
403 +hardened-sources-2.6.19.ebuild:
404 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
405 Brad for providing that prompt update.
406
407 *hardened-sources-2.6.18-r3 (13 Dec 2006)
408
409 13 Dec 2006; Christian Heim <phreak@gentoo.org>
410 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
411 +hardened-sources-2.6.18-r3.ebuild:
412 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
413 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
414
415 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
416 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
417
418 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
419 Stable on ppc wrt bug 157356
420
421 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
422 hardened-sources-2.6.18.ebuild:
423 stable x86, bug #157356
424
425 *hardened-sources-2.6.18-r2 (06 Dec 2006)
426
427 06 Dec 2006; Christian Heim <phreak@gentoo.org>
428 +hardened-sources-2.6.18-r2.ebuild:
429 Revision bump, including 2.6.18.5 (via genpatches) and
430 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
431 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
432 redesign.
433
434 06 Dec 2006; Christian Heim <phreak@gentoo.org>
435 hardened-sources-2.6.18.ebuild:
436 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
437 of Mike Doty).
438
439 *hardened-sources-2.6.18-r1 (23 Nov 2006)
440
441 23 Nov 2006; Christian Heim <phreak@gentoo.org>
442 +hardened-sources-2.6.18-r1.ebuild:
443 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
444
445 *hardened-sources-2.6.18 (11 Nov 2006)
446
447 11 Nov 2006; Christian Heim <phreak@gentoo.org>
448 +hardened-sources-2.6.18.ebuild:
449 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
450
451 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
452 - mark amd64 stable also. bug #151877
453
454 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
455 - mark 2.6.17-r1 stable
456
457 27 Aug 2006; Christian Heim <phreak@gentoo.org>
458 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
459 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
460
461 *hardened-sources-2.6.17-r1 (26 Aug 2006)
462
463 26 Aug 2006; Christian Heim <phreak@gentoo.org>
464 +hardened-sources-2.6.17-r1.ebuild:
465 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
466 grsecurity patch.
467
468 *hardened-sources-2.6.17 (17 Aug 2006)
469
470 17 Aug 2006; Christian Heim <phreak@gentoo.org>
471 +hardened-sources-2.6.17.ebuild:
472 Bumping the hardened-sources-2.6 series to 2.6.17, using
473 genpatches-2.6.17-6.base.
474
475 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
476 - stable on x86 and amd64
477
478 *hardened-sources-2.6.16-r11 (15 Jul 2006)
479
480 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
481 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
482 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
483 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
484 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
485 crusty ebuilds
486
487 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
488 hardened-sources-2.6.16-r10.ebuild:
489 marking stable on x86 and amd64
490
491 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
492 - 2.4.32-r6 stable on x86. RSBAC state unknown
493
494 *hardened-sources-2.4.32-r7 (10 Jul 2006)
495
496 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
497 +hardened-sources-2.4.32-r7.ebuild:
498 Bump PaX for RSBAC to test-17
499
500 *hardened-sources-2.6.16-r9 (03 Jul 2006)
501
502 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
503 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
504 hardened-sources-2.6.16 bump to latest -base.
505
506 *hardened-sources-2.4.32-r6 (30 Jun 2006)
507
508 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
509 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
510 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
511 sysctl controlable resource logging
512
513 *hardened-sources-2.6.16-r7 (05 Jun 2006)
514
515 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
516 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
517 push new 2.6.16 release in preparation for stable
518
519 22 May 2006; <solar@gentoo.org> :
520 - redigest bug 134002
521
522 *hardened-sources-2.4.32-r5 (16 May 2006)
523
524 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
525 +hardened-sources-2.4.32-r5.ebuild:
526 Fixes rsbac common patching (new patch in new -r5 patchset)
527
528 *hardened-sources-2.4.32-r4 (13 May 2006)
529
530 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
531 +hardened-sources-2.4.32-r4.ebuild:
532 - security bumps
533
534 *hardened-sources-2.6.16-r6 (03 May 2006)
535
536 03 May 2006; John Mylchreest <johnm@gentoo.org>
537 +hardened-sources-2.6.16-r6.ebuild:
538 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
539
540 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
541 hardened-sources-2.6.14-r8.ebuild:
542 fix x86_64 build problem, this will delay the digest issue again for a short
543 while but it will sort itself out
544
545 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
546 hardened-sources-2.6.14-r8.ebuild:
547 bump hardened patchset
548
549 27 Apr 2006; Alec Warner <antarus@gentoo.org>
550 files/digest-hardened-sources-2.4.32-r2,
551 files/digest-hardened-sources-2.4.32-r3,
552 files/digest-hardened-sources-2.6.14-r8, Manifest:
553 Fixing duff SHA256 digests: Bug # 131293
554
555 *hardened-sources-2.6.16-r5 (27 Apr 2006)
556
557 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
558 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
559 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
560 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
561 cleanup of old uneccessary sources
562
563 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
564 fix digest
565
566 *hardened-sources-2.6.14-r8 (20 Apr 2006)
567
568 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
569 +hardened-sources-2.6.14-r8.ebuild:
570 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
571
572 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
573 Turning on gpg-signing again, and recomitting
574
575 *hardened-sources-2.6.16-r4 (20 Apr 2006)
576
577 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
578 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
579 +hardened-sources-2.6.16-r4.ebuild:
580 Fix numerous security vulns
581
582 *hardened-sources-2.4.32-r3 (16 Apr 2006)
583
584 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
585 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
586 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
587 - security bump for bug #112791. Removed old ebuilds
588
589 *hardened-sources-2.6.16-r3 (15 Apr 2006)
590
591 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
592 +hardened-sources-2.6.16-r3.ebuild:
593 Removing silly localversion which I missed
594
595 *hardened-sources-2.6.14-r7 (14 Apr 2006)
596
597 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
598 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
599 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
600
601 *hardened-sources-2.6.16-r2 (13 Apr 2006)
602
603 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
604 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
605 +hardened-sources-2.6.16-r2.ebuild:
606 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
607 labels, dropping USERGROUP define fixes, since these were merged mainstream.
608
609 *hardened-sources-2.6.16-r1 (11 Apr 2006)
610
611 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
612 +hardened-sources-2.6.16-r1.ebuild:
613 Bumping to include ppc build fix and 2.6.16.3
614
615 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
616 hardened-sources-2.6.14-r6.ebuild:
617 Stable on x86; bug #127718
618
619 *hardened-sources-2.6.16 (31 Mar 2006)
620
621 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
622 +hardened-sources-2.6.16.ebuild:
623 Bumping to new version of grsec, and kernel base. New squashfs. Based on
624 2.6.16.1
625
626 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
627 hardened-sources-2.6.14-r6.ebuild:
628 Stable on amd64, bug 127718.
629
630 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
631 Stable on ppc. Bug #127718
632
633 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
634 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
635 -hardened-sources-2.6.14-r4.ebuild:
636 Cleanup.
637
638 *hardened-sources-2.6.14-r6 (15 Mar 2006)
639
640 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
641 +hardened-sources-2.6.14-r6.ebuild:
642 Fixes grsec policy recreation bug and adds a
643 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
644
645 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
646 - stable on x86
647
648 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
649 hardened-sources-2.6.14-r5.ebuild:
650 Stable on ppc.
651
652 *hardened-sources-2.6.14-r5 (01 Feb 2006)
653
654 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
655 +hardened-sources-2.6.14-r5.ebuild:
656 fixing every known exploit
657
658 *hardened-sources-2.4.32-r2 (26 Jan 2006)
659
660 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
661 +hardened-sources-2.4.32-r2.ebuild:
662 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
663
664 *hardened-sources-2.6.14-r4 (12 Jan 2006)
665
666 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
667 - version bump for new genpatches which fix up a few sec holes
668
669 *hardened-sources-2.4.32-r1 (05 Jan 2006)
670
671 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
672 - revision bump to add misc vital linux kernel security patches.
673
674 *hardened-sources-2.6.14-r3 (30 Dec 2005)
675
676 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
677 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
678 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
679
680 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
681 hardened-sources-2.6.14-r2.ebuild:
682 making x86 & amd64 stable following testing.
683
684 *hardened-sources-2.6.14-r2 (27 Dec 2005)
685
686 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
687 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
688 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
689 network hooks.
690
691 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
692 hardened-sources-2.6.14-r1.ebuild:
693 bumping to stable early for sec fix on x86 & amd64
694
695 *hardened-sources-2.6.14-r1 (05 Dec 2005)
696
697 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
698 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
699 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
700
701 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
702 - stable on x86 security bug #114227 CAN-2005-3257
703
704 *hardened-sources-2.4.32 (19 Nov 2005)
705
706 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
707 +hardened-sources-2.4.32.ebuild:
708 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
709 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
710 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
711 rsbac >> /etc/portage/package.use)
712
713 *hardened-sources-2.6.14 (14 Nov 2005)
714
715 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
716 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
717 Bumping 2.6 series to 2.6.14.2
718
719 *hardened-sources-2.6.13-r2 (20 Oct 2005)
720
721 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
722 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
723 +hardened-sources-2.6.13-r2.ebuild:
724 Fixes minor build error in ppc.
725
726 *hardened-sources-2.6.13-r1 (17 Oct 2005)
727
728 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
729 +hardened-sources-2.6.13-r1.ebuild:
730 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
731 2.6.13.4, fixes some major amd64 stability problems.
732
733 *hardened-sources-2.6.13 (16 Sep 2005)
734
735 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
736 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
737 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
738 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
739 users should test this thoroughly.
740
741 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
742 - stable on x86
743
744 *hardened-sources-2.6.11-r15 (27 Jun 2005)
745
746 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
747 +hardened-sources-2.6.11-r15.ebuild:
748 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
749 grsec redefining curr_ip struct.
750
751 *hardened-sources-2.4.31 (20 Jun 2005)
752
753 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
754 initial import of 2.4.31 tree
755
756 *hardened-sources-2.6.11-r14 (14 Jun 2005)
757
758 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
759 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
760 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
761 naming scheme to abide by genpatches
762
763 *hardened-sources-2.6.11-r13 (18 May 2005)
764
765 18 May 2005; John Mylchreest <johnm@gentoo.org>
766 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
767 Managed to mangle the Makefile patch from grsec, to miss out the grsec
768 target. sorry about that. Fixes bug #93022
769
770 *hardened-sources-2.6.11-r12 (17 May 2005)
771
772 17 May 2005; John Mylchreest <johnm@gentoo.org>
773 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
774 +hardened-sources-2.6.11-r12.ebuild:
775 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
776 merges in genpatches-base
777
778 *hardened-sources-2.6.11-r12 (17 May 2005)
779
780 17 May 2005; John Mylchreest <johnm@gentoo.org>
781 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
782 +hardened-sources-2.6.11-r12.ebuild:
783 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
784 merges in genpatches-base
785
786 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
787 -files/2.4.27-cmdline-race.patch,
788 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
789 -files/2.4.28-grsec-binfmt_a.out.patch,
790 -files/2.4.28-grsec-cmdline-race.patch,
791 -files/2.4.28-selinux-binfmt_a.out.patch,
792 -files/2.4.28-selinux-cmdline-race.patch,
793 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
794 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
795 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
796 cleanup..
797
798 *hardened-sources-2.4.30-r1 (21 Apr 2005)
799
800 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
801 - disable aout by default
802
803 *hardened-sources-2.4.30 (18 Apr 2005)
804
805 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
806 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
807 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
808 use
809
810 *hardened-sources-2.4.29 (30 Mar 2005)
811
812 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
813 +hardened-sources-2.4.29.ebuild:
814 New hardened-patches-2.4-29.0 patchball.
815 Removed SELinux support, upgraded GRSecurity to 2.1.4.
816
817 *hardened-sources-2.4.28-r5 (06 Mar 2005)
818
819 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
820 +hardened-sources-2.4.28-r5.ebuild:
821 Added a fix for a PaX vulnerability.
822
823 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
824 hardened-sources-2.4.28-r4.ebuild:
825 Stable on x86
826
827 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
828 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
829 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
830 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
831 - fixed/added RDEPEND= in all kernel-2 ebuilds
832
833 *hardened-sources-2.4.28-r4 (21 Jan 2005)
834
835 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
836 +hardened-sources-2.4.28-r4.ebuild:
837 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
838 backport of neighbour hash updates.
839
840 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
841 hardened-sources-2.4.28-r3.ebuild:
842 Stable on x86
843
844 *hardened-sources-2.6.10-r3 (20 Jan 2005)
845
846 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
847 +hardened-sources-2.6.10-r3.ebuild:
848 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
849 in 2005.0
850
851 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
852 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
853 hardened-sources-2.4.28-r2.ebuild:
854 Mark stable on x86
855
856 *hardened-sources-2.4.28-r3 (17 Jan 2005)
857
858 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
859 +hardened-sources-2.4.28-r3.ebuild:
860 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
861
862 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
863 hardened-sources-2.4.28.ebuild:
864 Mark stable on x86.
865
866 *hardened-sources-2.4.28-r2 (13 Jan 2005)
867
868 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
869 +hardened-sources-2.4.28-r2.ebuild:
870 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
871 Mazinger for grsecurity patches as well.
872
873 *hardened-sources-2.4.28-r1 (23 Dec 2004)
874
875 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
876 Security bump. Thank tocharian for rolling a new patchset...
877
878 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
879 +files/2.4.28-grsec-cmdline-race.patch,
880 +files/2.4.28-selinux-binfmt_a.out.patch,
881 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
882 - Round up remaining security patches that appear to be missing in 2.4.28. -
883 PaX standalone updated to current. hgpv=28.1
884
885 *hardened-sources-2.4.28 (28 Nov 2004)
886
887 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
888 security bump. Thank tocharian for rolling a new patchset
889
890 *hardened-sources-2.4.27-r3 (08 Sep 2004)
891
892 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
893 +hardened-sources-2.4.27-r3.ebuild:
894 Applies the new 2.4-27.2 patchball which updates
895 GRSecurity to the 2.0.1 version.
896
897 *hardened-sources-2.4.27-r2 (31 Aug 2004)
898
899 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
900 +hardened-sources-2.4.27-r2.ebuild:
901 Version bump.
902 This version uses the new 2.4-27.1 patchball which updates
903 both the SELinux PaX hooks patch and the SELinux headers.
904
905 *hardened-sources-2.4.27-r1 (09 Aug 2004)
906
907 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
908 +hardened-sources-2.4.27-r1.ebuild,
909 -hardened-sources-2.4.27.ebuild,
910 +files/2.4.27-cmdline-race.patch:
911 Version bump, fix for cmdline race. See bug #59905.
912
913 *hardened-sources-2.4.26-r6 (09 Aug 2004)
914
915 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
916 +hardened-sources-2.4.26-r6.ebuild,
917 -hardened-sources-2.4.26-r5.ebuild,
918 -hardened-sources-2.4.26-r4.ebuild,
919 +files/2.4.26-cmdline-race.patch:
920 Version bump, fix for cmdline race. See bug #59905.
921
922 *hardened-sources-2.4.27 (08 Aug 2004)
923
924 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
925 +hardened-sources-2.4.27.ebuild,
926 +files/2.4.27-CAN-2004-0394.patch:
927 Ported the patchball to the 2.4.27 kernel version.
928
929 *hardened-sources-2.4.26-r5 (07 Aug 2004)
930
931 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
932 +hardened-sources-2.4.26-r5.ebuild:
933 Updated to use the new hardened-patches-2.4-26.1 patchball.
934 It adds the following features:
935 - Squashfs
936 - Ebtables
937 - Netdev random (core+drivers)
938 - Watchdog Timer (WDT) fix.
939
940 *hardened-sources-2.4.26-r4 (04 Aug 2004)
941
942 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943 +hardened-sources-2.4.26-r4.ebuild,
944 +files/2.4.26-CAN-2004-0415.patch,
945 -hardened-sources-2.4.26-3:
946 Version bump, fix for CAN 0415, see bug #59378.
947
948 *hardened-sources-2.4.26-r3 (22 Jul 2004)
949
950 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
951 +hardened-sources-2.4.26-r3.ebuild,
952 +files/2.4.26-CAN-2004-0497.patch,
953 -hardened-sources-2.4.26-r2.ebuild:
954 Version bump, fixed CAN 0497, see bug #56171.
955
956 *hardened-sources-2.4.26-r2 (29 Jun 2004)
957
958 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
959 +hardened-sources-2.4.26-r2.ebuild,
960 +files/2.4.26-CAN-2004-0495.patch,
961 +files/2.4.26-CAN-2004-0535.patch,
962 -hardened-sources-2.4.26-r1.ebuild:
963 Fixes for both CAN 0495 and 0535, see bug #54976
964
965 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
966 hardened-sources-2.4.26-r1.ebuild:
967 QA - fix use invocation
968
969 *hardened-sources-2.4.26-r1 (22 June 2004)
970
971 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
972 +hardened-sources-2.4.26-r1.ebuild,
973 +files/2.4.26-CAN-2004-0394.patch,
974 +files/2.4.26-signal-race.patch,
975 -hardened-sources-2.4.26.ebuild,
976 -hardened-sources-2.4.24-r3.ebuild:
977 Version bump for the CAN-2004-0394 issue and bug #53804
978 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
979
980
981 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
982 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
983 Masked hardened-sources-2.4.26.ebuild broken for ppc
984
985 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
986 hardened-sources-2.4.24-r3.ebuild:
987 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
988
989 *hardened-sources-2.4.26 (29 May 2004)
990
991 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
992 +hardened-sources-2.4.26.ebuild:
993 Updated hardened-sources for the 2.4.26 kernel
994 Removed broken components, updated almost everything.
995
996 *hardened-sources-2.4.24-r3 (17 Apr 2004)
997
998 17 Apr 2004; <plasmaroo@gentoo.org>
999 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1000 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1001 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1002 +hardened-sources-2.4.24-r3.ebuild:
1003 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1004 vulnerabilities. Old revisions removed.
1005
1006 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1007
1008 15 Apr 2004; <plasmaroo@gentoo.org>
1009 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1010 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1011 Version bump for the CAN-2004-0109 issue; bug #47881.
1012
1013 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1014 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1015 Add eutils to inherit.
1016
1017 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1018
1019 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1020 files/hardened-sources-2.4.24.munmap.patch:
1021 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1022
1023 *hardened-sources-2.4.24 (06 Feb 2004)
1024
1025 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1026 hardened-sources-2.4.24.ebuild:
1027 Version bump, updated most of the components.
1028 This release includes the following:
1029
1030 - Hardened security
1031 - Netfilter patch-o-matic 20031219
1032 - FreeSWAN 2.04 & x509 1.4.8
1033 - EVMS 2.2.2
1034 - XFS 1.3.1
1035 - cryptoloop jari
1036 - grsecurity 2.0-rc4
1037 - SELinux
1038 - PaX 200402060000
1039 - PaX Obscurity 200308302223
1040 - Others...
1041
1042 Neither -ck nor systrace are included anymore.
1043
1044 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1045
1046 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1047 hardened-sources-2.4.22-r2.ebuild:
1048 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1049
1050 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1051
1052 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1053 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1054
1055 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1056 hardened-sources-2.4.22-r1.ebuild:
1057 Version bump for the 'do_brk' vulnerability.
1058
1059 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1060 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1061 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1062 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1063 Fix the 'do_brk' vulnerability.
1064
1065 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1066 hardened-sources-2.4.22.ebuild:
1067 - Removed the src_install() portion for SELinux flask
1068 components. These are no longer handled in the kernel
1069 so this code was not necessary.
1070
1071 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1072 New 2.4.22 based hardened-sources thanks to
1073 Phil West <p.west@computer.org>.
1074
1075 These sources include:
1076 - New SELinux API
1077 - Updated CK-base
1078 - Updated GRSec
1079 - Systrace
1080 - SuperFreeS/WAN 1.99.8
1081 - Propolice kernel build support
1082 - EVMS
1083 - Other various security related patches
1084
1085 *hardened-sources-2.4.21 (14 Sep 2003)
1086
1087 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1088 Updated hardened-sources based on the 2.4.21 Linux kernel.
1089 This includes updates to most major components such as:
1090 - ck-base-0306300059
1091 - selinux-2.4-2003071106
1092 - grsecurity-2.0-rc1
1093 - Updated IPTables patch-o-matic
1094 - Updated SuperFreeS/WAN
1095
1096 Thanks to Phil West <pwest@computer.org> for his work in getting this
1097 updated patch set ready for the 2.4.21 based kernel.
1098
1099 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1100 Initial import of hardened-sources-2.4.20-r4. This revision
1101 includes only a few changes, but one of these is an important
1102 security fix. It is recommended all users of hardened-sources
1103 upgrade to this release.
1104
1105 - ioperm bug fix
1106 - fixed compilation failure when building without GRSec
1107
1108 SAL (Secure Auditing for Linux) is NOT included in this revision
1109 due to time constraints, but is planned for inclusion in the near
1110 future.
1111
1112 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1113
1114 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1115 hardened-sources-2.4.20-r3.ebuild:
1116 Add Header...
1117
1118 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1119 hardened-sources-2.4.20-r3.ebuild:
1120 Removed warnings from ebuild. This kernel should be safe to
1121 use at this point.
1122
1123 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1124
1125 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1126 hardened-sources-2.4.20-r3.ebuild:
1127 New revision. Includes the following changes over -r2:
1128
1129 - ck7-base (O(1), preempt, low latency)
1130 - Super FreeS/WAN 1.99.7rc2
1131 - PaX for the LSM/SELinux branch
1132 - GRSecurity 2.0-pre4 (role based access control)
1133 - Systrace 1.3
1134 - EXT3 fixes
1135 - EVMS 2.0.1
1136 - GCC 3.1+ compile optimizations
1137 - ProPolice kernel build support
1138 - Hashing table security fixes
1139
1140 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1141
1142 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1143 Initial import of hardened-sources-r2. This new
1144 ebuild includes many new performance and security
1145 related patches. As in -r1, it will patch in
1146 LSM/SELinux if "selinux" is in USE, otherwise it
1147 will patch in GRSecurity. The following patches
1148 are included in this revision:
1149
1150 - O(1) Scheduler, Low Latency, and Preempt
1151 (pulled from the base CK patch)
1152 - ptrace exploit patch for the LSM kernel
1153 (the GRSec patch already fixes this)
1154 - LSM 2.4-2003040709
1155 - SELinux 2.4-2003040709
1156 - Systrace v1.2
1157 - IPTables patch-o-matic base patches - 20030107
1158 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1159 - Super FreeS/WAN 1.99.6.1
1160 - GRSecurity 1.9.9g
1161 - MPPE
1162 - EXT3 data journal fix
1163 - CIPE 1.5.4
1164
1165 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1166 hardened-sources-2.4.20-r1.ebuild, manifest:
1167 Updated to install flask components correctly for selinux.
1168
1169 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1170 hardened-sources-2.4.20-r1.ebuild:
1171 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1172 is patched in instead. Ptrace patches for selinux have also been added. In
1173 either case, systrace support will be patched in as well.
1174
1175 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1176 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1177 Revision bump for new sources.
1178
1179 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1180 hardened-sources-2.4.20-r1.ebuild:
1181 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1182
1183 *hardened-sources-2.4.20 (30 Mar 2003)
1184
1185 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1186 hardened-sources-2.4.20.ebuild:
1187 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20