/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.190 - (show annotations) (download)
Thu Oct 11 00:17:30 2007 UTC (7 years, 1 month ago) by phreak
Branch: MAIN
Changes since 1.189: +5 -1 lines
Pulling in yet another new genpatches version, fixing the PWC bug for real.
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.189 2007/10/04 18:13:52 phreak Exp $
4
5 11 Oct 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.20-r10.ebuild:
7 Pulling in yet another new genpatches version, fixing the PWC bug for real.
8
9 04 Oct 2007; Christian Heim <phreak@gentoo.org>
10 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
11 Removing old versions.
12
13 *hardened-sources-2.6.22-r7 (01 Oct 2007)
14
15 01 Oct 2007; Christian Heim <phreak@gentoo.org>
16 +hardened-sources-2.6.22-r7.ebuild:
17 Revision bump, pulling in a newer patch. Should fix #194276.
18
19 30 Sep 2007; Christian Heim <phreak@gentoo.org>
20 hardened-sources-2.6.20-r10.ebuild:
21 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
22 Mike Doty).
23
24 *hardened-sources-2.6.22-r6 (26 Sep 2007)
25
26 26 Sep 2007; Christian Heim <phreak@gentoo.org>
27 +hardened-sources-2.6.22-r6.ebuild:
28 Revision bump, grabbing up till Linux 2.6.22.9.
29
30 24 Sep 2007; Christian Heim <phreak@gentoo.org>
31 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
32 Cleaning up further.
33
34 *hardened-sources-2.6.20-r10 (24 Sep 2007)
35
36 24 Sep 2007; Christian Heim <phreak@gentoo.org>
37 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
38 +hardened-sources-2.6.20-r10.ebuild:
39 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
40 revisions.
41
42 *hardened-sources-2.6.22-r5 (22 Sep 2007)
43
44 22 Sep 2007; Christian Heim <phreak@gentoo.org>
45 +hardened-sources-2.6.22-r5.ebuild:
46 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
47
48 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
49 Removing johnm from metadata.xml (see #186467 for reference).
50
51 *hardened-sources-2.6.22-r4 (17 Sep 2007)
52
53 17 Sep 2007; Christian Heim <phreak@gentoo.org>
54 +hardened-sources-2.6.22-r4.ebuild:
55 Revision bump, hopefully fixing all those weird PAX failures.
56
57 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
58 Updating the metadata.xml.
59
60 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
61 Removing tocharian from metadata due to his retirement (see #71718 for
62 reference).
63
64 *hardened-sources-2.6.20-r9 (30 Aug 2007)
65
66 30 Aug 2007; Christian Heim <phreak@gentoo.org>
67 +hardened-sources-2.6.20-r9.ebuild:
68 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
69
70 29 Aug 2007; Christian Heim <phreak@gentoo.org>
71 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
72 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
73 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
74 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
75 -hardened-sources-2.6.22-r2.ebuild:
76 Removing some redundant versions.
77
78 *hardened-sources-2.4.35-r1 (29 Aug 2007)
79
80 29 Aug 2007; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.4.35-r1.ebuild:
82 Revision bump, new grsecurity patch.
83
84 *hardened-sources-2.6.20-r8 (26 Aug 2007)
85
86 26 Aug 2007; Christian Heim <phreak@gentoo.org>
87 +hardened-sources-2.6.20-r8.ebuild:
88 Revision bump for Linux 2.6.20.17.
89
90 *hardened-sources-2.6.22-r3 (22 Aug 2007)
91
92 22 Aug 2007; Christian Heim <phreak@gentoo.org>
93 +hardened-sources-2.6.22-r3.ebuild:
94 Revision bump for Linux 2.6.22.4.
95
96 16 Aug 2007; Christian Heim <phreak@gentoo.org>
97 hardened-sources-2.6.22-r2.ebuild:
98 Updated patchset, to fix the alignment against 2.6.22.3.
99
100 *hardened-sources-2.6.22-r2 (16 Aug 2007)
101
102 16 Aug 2007; Christian Heim <phreak@gentoo.org>
103 +hardened-sources-2.6.22-r2.ebuild:
104 Revision bump for Linux 2.6.22.3.
105
106 *hardened-sources-2.4.35 (16 Aug 2007)
107
108 16 Aug 2007; Christian Heim <phreak@gentoo.org>
109 +hardened-sources-2.4.35.ebuild:
110 Version bump, initial version for Linux 2.4.35.
111
112 *hardened-sources-2.6.21-r4 (16 Aug 2007)
113
114 16 Aug 2007; Christian Heim <phreak@gentoo.org>
115 +hardened-sources-2.6.21-r4.ebuild:
116 Revision bump for Linux 2.6.21.6.
117
118 *hardened-sources-2.6.20-r7 (16 Aug 2007)
119
120 16 Aug 2007; Christian Heim <phreak@gentoo.org>
121 +hardened-sources-2.6.20-r7.ebuild:
122 Revision bump for Linux 2.6.20.16.
123
124 *hardened-sources-2.6.22-r1 (13 Aug 2007)
125
126 13 Aug 2007; Christian Heim <phreak@gentoo.org>
127 +hardened-sources-2.6.22-r1.ebuild:
128 Yet another revision bump.
129
130 *hardened-sources-2.6.22 (10 Aug 2007)
131
132 10 Aug 2007; Christian Heim <phreak@gentoo.org>
133 +hardened-sources-2.6.22.ebuild:
134 Initial release for 2.6.22. If you are using hardened-sources on a desktop
135 machine (P4 or newer), be aware you might need to disable
136 CONFIG_PAX_PAGEEXEC.
137
138 04 Aug 2007; Christian Heim <phreak@gentoo.org>
139 hardened-sources-2.6.20-r6.ebuild:
140 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
141 2.6.20.15.
142
143 10 Jul 2007; Christian Heim <phreak@gentoo.org>
144 hardened-sources-2.6.20-r5.ebuild:
145 Marking hardened-sources-2.6.20-r5 stable on ppc.
146
147 10 Jul 2007; Christian Heim <phreak@gentoo.org>
148 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
149 Cleanup.
150
151 *hardened-sources-2.6.20-r6 (08 Jul 2007)
152
153 08 Jul 2007; Christian Heim <phreak@gentoo.org>
154 +hardened-sources-2.6.20-r6.ebuild:
155 Revision bump, grabbing yet another stable release.
156
157 17 Jun 2007; Christian Heim <phreak@gentoo.org>
158 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
159 -hardened-sources-2.6.21-r2.ebuild:
160 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
161 alpha stable KEYWORD by mistake.
162
163 17 Jun 2007; Christian Heim <phreak@gentoo.org>
164 hardened-sources-2.6.20-r5.ebuild:
165 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
166 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
167
168 *hardened-sources-2.6.21-r3 (12 Jun 2007)
169
170 12 Jun 2007; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.21-r3.ebuild:
172 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
173 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
174 love.
175
176 *hardened-sources-2.6.20-r5 (11 Jun 2007)
177
178 11 Jun 2007; Christian Heim <phreak@gentoo.org>
179 +hardened-sources-2.6.20-r5.ebuild:
180 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
181 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
182 love.
183
184 *hardened-sources-2.4.34.5 (11 Jun 2007)
185
186 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
187 +hardened-sources-2.4.34.5.ebuild:
188 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
189
190 30 May 2007; Christian Heim <phreak@gentoo.org>
191 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
192 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
193 stale ebuild(s).
194
195 30 May 2007; Christian Heim <phreak@gentoo.org>
196 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
197 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
198 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
199 Doing some cleanups, remove stale ebuilds.
200
201 26 May 2007; Christian Heim <phreak@gentoo.org>
202 hardened-sources-2.6.21-r2.ebuild:
203 Fixing the grsecurity patch, had one '};' too much.
204
205 *hardened-sources-2.6.21-r2 (26 May 2007)
206
207 26 May 2007; Christian Heim <phreak@gentoo.org>
208 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
209 +hardened-sources-2.6.21-r2.ebuild:
210 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
211 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
212
213 *hardened-sources-2.6.20-r4 (26 May 2007)
214
215 26 May 2007; Christian Heim <phreak@gentoo.org>
216 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
217 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
218 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
219
220 15 May 2007; Christian Heim <phreak@gentoo.org>
221 hardened-sources-2.6.20-r3.ebuild:
222 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
223 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
224 grsecurity patch fail in that exact same hunk.
225
226 *hardened-sources-2.6.20-r3 (15 May 2007)
227
228 15 May 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
230 Revision bump, incorporating Linux 2.6.20.11.
231
232 *hardened-sources-2.6.21-r1 (11 May 2007)
233
234 11 May 2007; Christian Heim <phreak@gentoo.org>
235 +hardened-sources-2.6.21-r1.ebuild:
236 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
237 mentioned in #177234.
238
239 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
240 files/digest-hardened-sources-2.6.21, Manifest:
241 Fix Manifest/digest for linux-2.6.21.tar.bz2
242
243 06 May 2007; Christian Heim <phreak@gentoo.org>
244 hardened-sources-2.6.21.ebuild:
245 Bumping the hardened-patches version, needed for the fix for #177234.
246
247 *hardened-sources-2.6.21 (02 May 2007)
248
249 02 May 2007; Christian Heim <phreak@gentoo.org>
250 +hardened-sources-2.6.21.ebuild:
251 Version bump, Linux 2.6.21-hardened.
252
253 29 Apr 2007; Christian Heim <phreak@gentoo.org>
254 hardened-sources-2.6.20-r2.ebuild:
255 Adding ~ia64 on Ned's request.
256
257 29 Apr 2007; Christian Heim <phreak@gentoo.org>
258 hardened-sources-2.6.20-r2.ebuild:
259 Fixing the included grsecurity patch, wasn't alligning due to the Index:
260 header line(s).
261
262 29 Apr 2007; Christian Heim <phreak@gentoo.org>
263 hardened-sources-2.6.20-r2.ebuild:
264 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
265
266 *hardened-sources-2.6.20-r2 (10 Apr 2007)
267
268 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
269 +hardened-sources-2.6.20-r2.ebuild:
270 Version bump, on behalf of phreak
271
272 *hardened-sources-2.6.20-r1 (04 Apr 2007)
273
274 04 Apr 2007; Christian Heim <phreak@gentoo.org>
275 +hardened-sources-2.6.20-r1.ebuild:
276 Revision bump, grabbing a newer grsecurity snapshot.
277
278 *hardened-sources-2.6.20 (25 Mar 2007)
279
280 25 Mar 2007; Christian Heim <phreak@gentoo.org>
281 +hardened-sources-2.6.20.ebuild:
282 Finally a hardened-sources version for 2.6.20; many people have been waiting
283 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
284 testbox.
285
286 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
287 hardened-sources-2.6.18-r6.ebuild:
288 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
289
290 *hardened-sources-2.6.18-r6 (16 Mar 2007)
291
292 16 Mar 2007; Christian Heim <phreak@gentoo.org>
293 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
294 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
295 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
296 supposed to be.
297
298 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
299 Fixing the Manifest, the previous one was broken (as in still had the
300 deleted ebuild in it).
301
302 06 Mar 2007; Christian Heim <phreak@gentoo.org>
303 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
304 +hardened-sources-2.6.18-r5.ebuild:
305 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
306 Linux 2.6.18.8. Also cleaning up the older version.
307
308 *hardened-sources-2.6.18-r5 (06 Mar 2007)
309
310 06 Mar 2007; Christian Heim <phreak@gentoo.org>
311 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
312 +hardened-sources-2.6.18-r5.ebuild:
313 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
314 Linux 2.6.18.8. Also cleaning up the older version.
315
316 24 Feb 2007; Christian Heim <phreak@gentoo.org>
317 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
318 -hardened-sources-2.6.19-r5.ebuild:
319 Removing some of the old version, that didn't work.
320
321 *hardened-sources-2.6.19-r6 (12 Feb 2007)
322
323 12 Feb 2007; Christian Heim <phreak@gentoo.org>
324 +hardened-sources-2.6.19-r6.ebuild:
325 Revision bump, including a new grsec version fixing #166235.
326
327 *hardened-sources-2.4.34 (24 Jan 2007)
328
329 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
330 Manifest:
331 updating Manifest with checksums of new tarball and ebuild
332
333 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
334 +hardened-sources-2.4.34.ebuild:
335 I added new hardened sources 2.4 update, this is a critical path
336 security bugfix - all users of h-s are strongly advised
337 to update their existing hardened sources to this version.
338 It contains a fix for a kernel vulnerability that is pertaining
339 to the PaX changes to virtual memory management, possibly leading
340 to a local kernel exploit ... see grsecurity.net forums and homepage
341
342 23 Jan 2007; Christian Heim <phreak@gentoo.org>
343 files/digest-hardened-sources-2.6.19-r5, Manifest:
344 Fixing the patch-tarball digest.
345
346 *hardened-sources-2.6.19-r5 (23 Jan 2007)
347
348 23 Jan 2007; Christian Heim <phreak@gentoo.org>
349 +hardened-sources-2.6.19-r5.ebuild:
350 Revision bump, closing the recently discovered PaX expand_stack()
351 vulnerability.
352
353 *hardened-sources-2.6.19-r4 (14 Jan 2007)
354
355 14 Jan 2007; Christian Heim <phreak@gentoo.org>
356 +hardened-sources-2.6.19-r4.ebuild:
357 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
358 dropping the randomized PID feature.
359
360 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
361 hardened-sources-2.4.33.4.ebuild:
362 stable x86, bug #161171
363
364 *hardened-sources-2.6.19-r3 (27 Dec 2006)
365
366 27 Dec 2006; Christian Heim <phreak@gentoo.org>
367 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
368 Revision bump for bug #157186 and #158786.
369
370 *hardened-sources-2.6.18-r4 (27 Dec 2006)
371
372 27 Dec 2006; Christian Heim <phreak@gentoo.org>
373 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
374 Revision bump for bug #157186.
375
376 *hardened-sources-2.6.19-r2 (23 Dec 2006)
377
378 23 Dec 2006; Christian Heim <phreak@gentoo.org>
379 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
380 Revision bump to pull in genpatches-2.6.19-3 for #157186.
381
382 17 Dec 2006; Christian Heim <phreak@gentoo.org>
383 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
384 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
385 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
386 hardened-sources-2.6.19-r1.ebuild:
387 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
388 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
389
390 *hardened-sources-2.4.33.4 (17 Dec 2006)
391
392 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
393 +hardened-sources-2.4.33.4.ebuild:
394 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
395 and quilting
396
397 *hardened-sources-2.6.19-r1 (14 Dec 2006)
398
399 14 Dec 2006; Christian Heim <phreak@gentoo.org>
400 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
401 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
402 for reporting).
403
404 *hardened-sources-2.6.19 (13 Dec 2006)
405
406 13 Dec 2006; Christian Heim <phreak@gentoo.org>
407 +hardened-sources-2.6.19.ebuild:
408 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
409 Brad for providing that prompt update.
410
411 *hardened-sources-2.6.18-r3 (13 Dec 2006)
412
413 13 Dec 2006; Christian Heim <phreak@gentoo.org>
414 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
415 +hardened-sources-2.6.18-r3.ebuild:
416 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
417 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
418
419 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
420 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
421
422 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
423 Stable on ppc wrt bug 157356
424
425 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
426 hardened-sources-2.6.18.ebuild:
427 stable x86, bug #157356
428
429 *hardened-sources-2.6.18-r2 (06 Dec 2006)
430
431 06 Dec 2006; Christian Heim <phreak@gentoo.org>
432 +hardened-sources-2.6.18-r2.ebuild:
433 Revision bump, including 2.6.18.5 (via genpatches) and
434 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
435 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
436 redesign.
437
438 06 Dec 2006; Christian Heim <phreak@gentoo.org>
439 hardened-sources-2.6.18.ebuild:
440 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
441 of Mike Doty).
442
443 *hardened-sources-2.6.18-r1 (23 Nov 2006)
444
445 23 Nov 2006; Christian Heim <phreak@gentoo.org>
446 +hardened-sources-2.6.18-r1.ebuild:
447 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
448
449 *hardened-sources-2.6.18 (11 Nov 2006)
450
451 11 Nov 2006; Christian Heim <phreak@gentoo.org>
452 +hardened-sources-2.6.18.ebuild:
453 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
454
455 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
456 - mark amd64 stable also. bug #151877
457
458 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
459 - mark 2.6.17-r1 stable
460
461 27 Aug 2006; Christian Heim <phreak@gentoo.org>
462 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
463 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
464
465 *hardened-sources-2.6.17-r1 (26 Aug 2006)
466
467 26 Aug 2006; Christian Heim <phreak@gentoo.org>
468 +hardened-sources-2.6.17-r1.ebuild:
469 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
470 grsecurity patch.
471
472 *hardened-sources-2.6.17 (17 Aug 2006)
473
474 17 Aug 2006; Christian Heim <phreak@gentoo.org>
475 +hardened-sources-2.6.17.ebuild:
476 Bumping the hardened-sources-2.6 series to 2.6.17, using
477 genpatches-2.6.17-6.base.
478
479 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
480 - stable on x86 and amd64
481
482 *hardened-sources-2.6.16-r11 (15 Jul 2006)
483
484 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
485 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
486 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
487 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
488 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
489 crusty ebuilds
490
491 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
492 hardened-sources-2.6.16-r10.ebuild:
493 marking stable on x86 and amd64
494
495 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
496 - 2.4.32-r6 stable on x86. RSBAC state unknown
497
498 *hardened-sources-2.4.32-r7 (10 Jul 2006)
499
500 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
501 +hardened-sources-2.4.32-r7.ebuild:
502 Bump PaX for RSBAC to test-17
503
504 *hardened-sources-2.6.16-r9 (03 Jul 2006)
505
506 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
507 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
508 hardened-sources-2.6.16 bump to latest -base.
509
510 *hardened-sources-2.4.32-r6 (30 Jun 2006)
511
512 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
513 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
514 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
515 sysctl controlable resource logging
516
517 *hardened-sources-2.6.16-r7 (05 Jun 2006)
518
519 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
520 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
521 push new 2.6.16 release in preparation for stable
522
523 22 May 2006; <solar@gentoo.org> :
524 - redigest bug 134002
525
526 *hardened-sources-2.4.32-r5 (16 May 2006)
527
528 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
529 +hardened-sources-2.4.32-r5.ebuild:
530 Fixes rsbac common patching (new patch in new -r5 patchset)
531
532 *hardened-sources-2.4.32-r4 (13 May 2006)
533
534 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
535 +hardened-sources-2.4.32-r4.ebuild:
536 - security bumps
537
538 *hardened-sources-2.6.16-r6 (03 May 2006)
539
540 03 May 2006; John Mylchreest <johnm@gentoo.org>
541 +hardened-sources-2.6.16-r6.ebuild:
542 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
543
544 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
545 hardened-sources-2.6.14-r8.ebuild:
546 fix x86_64 build problem, this will delay the digest issue again for a short
547 while but it will sort itself out
548
549 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
550 hardened-sources-2.6.14-r8.ebuild:
551 bump hardened patchset
552
553 27 Apr 2006; Alec Warner <antarus@gentoo.org>
554 files/digest-hardened-sources-2.4.32-r2,
555 files/digest-hardened-sources-2.4.32-r3,
556 files/digest-hardened-sources-2.6.14-r8, Manifest:
557 Fixing duff SHA256 digests: Bug # 131293
558
559 *hardened-sources-2.6.16-r5 (27 Apr 2006)
560
561 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
562 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
563 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
564 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
565 cleanup of old uneccessary sources
566
567 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
568 fix digest
569
570 *hardened-sources-2.6.14-r8 (20 Apr 2006)
571
572 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
573 +hardened-sources-2.6.14-r8.ebuild:
574 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
575
576 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
577 Turning on gpg-signing again, and recomitting
578
579 *hardened-sources-2.6.16-r4 (20 Apr 2006)
580
581 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
582 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
583 +hardened-sources-2.6.16-r4.ebuild:
584 Fix numerous security vulns
585
586 *hardened-sources-2.4.32-r3 (16 Apr 2006)
587
588 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
589 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
590 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
591 - security bump for bug #112791. Removed old ebuilds
592
593 *hardened-sources-2.6.16-r3 (15 Apr 2006)
594
595 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
596 +hardened-sources-2.6.16-r3.ebuild:
597 Removing silly localversion which I missed
598
599 *hardened-sources-2.6.14-r7 (14 Apr 2006)
600
601 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
602 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
603 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
604
605 *hardened-sources-2.6.16-r2 (13 Apr 2006)
606
607 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
608 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
609 +hardened-sources-2.6.16-r2.ebuild:
610 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
611 labels, dropping USERGROUP define fixes, since these were merged mainstream.
612
613 *hardened-sources-2.6.16-r1 (11 Apr 2006)
614
615 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
616 +hardened-sources-2.6.16-r1.ebuild:
617 Bumping to include ppc build fix and 2.6.16.3
618
619 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
620 hardened-sources-2.6.14-r6.ebuild:
621 Stable on x86; bug #127718
622
623 *hardened-sources-2.6.16 (31 Mar 2006)
624
625 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
626 +hardened-sources-2.6.16.ebuild:
627 Bumping to new version of grsec, and kernel base. New squashfs. Based on
628 2.6.16.1
629
630 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
631 hardened-sources-2.6.14-r6.ebuild:
632 Stable on amd64, bug 127718.
633
634 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
635 Stable on ppc. Bug #127718
636
637 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
638 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
639 -hardened-sources-2.6.14-r4.ebuild:
640 Cleanup.
641
642 *hardened-sources-2.6.14-r6 (15 Mar 2006)
643
644 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
645 +hardened-sources-2.6.14-r6.ebuild:
646 Fixes grsec policy recreation bug and adds a
647 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
648
649 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
650 - stable on x86
651
652 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
653 hardened-sources-2.6.14-r5.ebuild:
654 Stable on ppc.
655
656 *hardened-sources-2.6.14-r5 (01 Feb 2006)
657
658 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
659 +hardened-sources-2.6.14-r5.ebuild:
660 fixing every known exploit
661
662 *hardened-sources-2.4.32-r2 (26 Jan 2006)
663
664 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
665 +hardened-sources-2.4.32-r2.ebuild:
666 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
667
668 *hardened-sources-2.6.14-r4 (12 Jan 2006)
669
670 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
671 - version bump for new genpatches which fix up a few sec holes
672
673 *hardened-sources-2.4.32-r1 (05 Jan 2006)
674
675 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
676 - revision bump to add misc vital linux kernel security patches.
677
678 *hardened-sources-2.6.14-r3 (30 Dec 2005)
679
680 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
681 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
682 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
683
684 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
685 hardened-sources-2.6.14-r2.ebuild:
686 making x86 & amd64 stable following testing.
687
688 *hardened-sources-2.6.14-r2 (27 Dec 2005)
689
690 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
691 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
692 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
693 network hooks.
694
695 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
696 hardened-sources-2.6.14-r1.ebuild:
697 bumping to stable early for sec fix on x86 & amd64
698
699 *hardened-sources-2.6.14-r1 (05 Dec 2005)
700
701 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
702 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
703 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
704
705 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
706 - stable on x86 security bug #114227 CAN-2005-3257
707
708 *hardened-sources-2.4.32 (19 Nov 2005)
709
710 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
711 +hardened-sources-2.4.32.ebuild:
712 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
713 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
714 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
715 rsbac >> /etc/portage/package.use)
716
717 *hardened-sources-2.6.14 (14 Nov 2005)
718
719 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
720 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
721 Bumping 2.6 series to 2.6.14.2
722
723 *hardened-sources-2.6.13-r2 (20 Oct 2005)
724
725 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
726 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
727 +hardened-sources-2.6.13-r2.ebuild:
728 Fixes minor build error in ppc.
729
730 *hardened-sources-2.6.13-r1 (17 Oct 2005)
731
732 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
733 +hardened-sources-2.6.13-r1.ebuild:
734 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
735 2.6.13.4, fixes some major amd64 stability problems.
736
737 *hardened-sources-2.6.13 (16 Sep 2005)
738
739 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
740 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
741 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
742 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
743 users should test this thoroughly.
744
745 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
746 - stable on x86
747
748 *hardened-sources-2.6.11-r15 (27 Jun 2005)
749
750 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
751 +hardened-sources-2.6.11-r15.ebuild:
752 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
753 grsec redefining curr_ip struct.
754
755 *hardened-sources-2.4.31 (20 Jun 2005)
756
757 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
758 initial import of 2.4.31 tree
759
760 *hardened-sources-2.6.11-r14 (14 Jun 2005)
761
762 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
763 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
764 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
765 naming scheme to abide by genpatches
766
767 *hardened-sources-2.6.11-r13 (18 May 2005)
768
769 18 May 2005; John Mylchreest <johnm@gentoo.org>
770 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
771 Managed to mangle the Makefile patch from grsec, to miss out the grsec
772 target. sorry about that. Fixes bug #93022
773
774 *hardened-sources-2.6.11-r12 (17 May 2005)
775
776 17 May 2005; John Mylchreest <johnm@gentoo.org>
777 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
778 +hardened-sources-2.6.11-r12.ebuild:
779 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
780 merges in genpatches-base
781
782 *hardened-sources-2.6.11-r12 (17 May 2005)
783
784 17 May 2005; John Mylchreest <johnm@gentoo.org>
785 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
786 +hardened-sources-2.6.11-r12.ebuild:
787 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
788 merges in genpatches-base
789
790 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
791 -files/2.4.27-cmdline-race.patch,
792 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
793 -files/2.4.28-grsec-binfmt_a.out.patch,
794 -files/2.4.28-grsec-cmdline-race.patch,
795 -files/2.4.28-selinux-binfmt_a.out.patch,
796 -files/2.4.28-selinux-cmdline-race.patch,
797 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
798 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
799 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
800 cleanup..
801
802 *hardened-sources-2.4.30-r1 (21 Apr 2005)
803
804 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
805 - disable aout by default
806
807 *hardened-sources-2.4.30 (18 Apr 2005)
808
809 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
810 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
811 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
812 use
813
814 *hardened-sources-2.4.29 (30 Mar 2005)
815
816 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
817 +hardened-sources-2.4.29.ebuild:
818 New hardened-patches-2.4-29.0 patchball.
819 Removed SELinux support, upgraded GRSecurity to 2.1.4.
820
821 *hardened-sources-2.4.28-r5 (06 Mar 2005)
822
823 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
824 +hardened-sources-2.4.28-r5.ebuild:
825 Added a fix for a PaX vulnerability.
826
827 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
828 hardened-sources-2.4.28-r4.ebuild:
829 Stable on x86
830
831 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
832 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
833 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
834 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
835 - fixed/added RDEPEND= in all kernel-2 ebuilds
836
837 *hardened-sources-2.4.28-r4 (21 Jan 2005)
838
839 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
840 +hardened-sources-2.4.28-r4.ebuild:
841 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
842 backport of neighbour hash updates.
843
844 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
845 hardened-sources-2.4.28-r3.ebuild:
846 Stable on x86
847
848 *hardened-sources-2.6.10-r3 (20 Jan 2005)
849
850 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
851 +hardened-sources-2.6.10-r3.ebuild:
852 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
853 in 2005.0
854
855 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
856 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
857 hardened-sources-2.4.28-r2.ebuild:
858 Mark stable on x86
859
860 *hardened-sources-2.4.28-r3 (17 Jan 2005)
861
862 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
863 +hardened-sources-2.4.28-r3.ebuild:
864 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
865
866 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
867 hardened-sources-2.4.28.ebuild:
868 Mark stable on x86.
869
870 *hardened-sources-2.4.28-r2 (13 Jan 2005)
871
872 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
873 +hardened-sources-2.4.28-r2.ebuild:
874 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
875 Mazinger for grsecurity patches as well.
876
877 *hardened-sources-2.4.28-r1 (23 Dec 2004)
878
879 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
880 Security bump. Thank tocharian for rolling a new patchset...
881
882 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
883 +files/2.4.28-grsec-cmdline-race.patch,
884 +files/2.4.28-selinux-binfmt_a.out.patch,
885 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
886 - Round up remaining security patches that appear to be missing in 2.4.28. -
887 PaX standalone updated to current. hgpv=28.1
888
889 *hardened-sources-2.4.28 (28 Nov 2004)
890
891 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
892 security bump. Thank tocharian for rolling a new patchset
893
894 *hardened-sources-2.4.27-r3 (08 Sep 2004)
895
896 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
897 +hardened-sources-2.4.27-r3.ebuild:
898 Applies the new 2.4-27.2 patchball which updates
899 GRSecurity to the 2.0.1 version.
900
901 *hardened-sources-2.4.27-r2 (31 Aug 2004)
902
903 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
904 +hardened-sources-2.4.27-r2.ebuild:
905 Version bump.
906 This version uses the new 2.4-27.1 patchball which updates
907 both the SELinux PaX hooks patch and the SELinux headers.
908
909 *hardened-sources-2.4.27-r1 (09 Aug 2004)
910
911 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
912 +hardened-sources-2.4.27-r1.ebuild,
913 -hardened-sources-2.4.27.ebuild,
914 +files/2.4.27-cmdline-race.patch:
915 Version bump, fix for cmdline race. See bug #59905.
916
917 *hardened-sources-2.4.26-r6 (09 Aug 2004)
918
919 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
920 +hardened-sources-2.4.26-r6.ebuild,
921 -hardened-sources-2.4.26-r5.ebuild,
922 -hardened-sources-2.4.26-r4.ebuild,
923 +files/2.4.26-cmdline-race.patch:
924 Version bump, fix for cmdline race. See bug #59905.
925
926 *hardened-sources-2.4.27 (08 Aug 2004)
927
928 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
929 +hardened-sources-2.4.27.ebuild,
930 +files/2.4.27-CAN-2004-0394.patch:
931 Ported the patchball to the 2.4.27 kernel version.
932
933 *hardened-sources-2.4.26-r5 (07 Aug 2004)
934
935 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
936 +hardened-sources-2.4.26-r5.ebuild:
937 Updated to use the new hardened-patches-2.4-26.1 patchball.
938 It adds the following features:
939 - Squashfs
940 - Ebtables
941 - Netdev random (core+drivers)
942 - Watchdog Timer (WDT) fix.
943
944 *hardened-sources-2.4.26-r4 (04 Aug 2004)
945
946 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
947 +hardened-sources-2.4.26-r4.ebuild,
948 +files/2.4.26-CAN-2004-0415.patch,
949 -hardened-sources-2.4.26-3:
950 Version bump, fix for CAN 0415, see bug #59378.
951
952 *hardened-sources-2.4.26-r3 (22 Jul 2004)
953
954 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
955 +hardened-sources-2.4.26-r3.ebuild,
956 +files/2.4.26-CAN-2004-0497.patch,
957 -hardened-sources-2.4.26-r2.ebuild:
958 Version bump, fixed CAN 0497, see bug #56171.
959
960 *hardened-sources-2.4.26-r2 (29 Jun 2004)
961
962 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
963 +hardened-sources-2.4.26-r2.ebuild,
964 +files/2.4.26-CAN-2004-0495.patch,
965 +files/2.4.26-CAN-2004-0535.patch,
966 -hardened-sources-2.4.26-r1.ebuild:
967 Fixes for both CAN 0495 and 0535, see bug #54976
968
969 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
970 hardened-sources-2.4.26-r1.ebuild:
971 QA - fix use invocation
972
973 *hardened-sources-2.4.26-r1 (22 June 2004)
974
975 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
976 +hardened-sources-2.4.26-r1.ebuild,
977 +files/2.4.26-CAN-2004-0394.patch,
978 +files/2.4.26-signal-race.patch,
979 -hardened-sources-2.4.26.ebuild,
980 -hardened-sources-2.4.24-r3.ebuild:
981 Version bump for the CAN-2004-0394 issue and bug #53804
982 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
983
984
985 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
986 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
987 Masked hardened-sources-2.4.26.ebuild broken for ppc
988
989 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
990 hardened-sources-2.4.24-r3.ebuild:
991 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
992
993 *hardened-sources-2.4.26 (29 May 2004)
994
995 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
996 +hardened-sources-2.4.26.ebuild:
997 Updated hardened-sources for the 2.4.26 kernel
998 Removed broken components, updated almost everything.
999
1000 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1001
1002 17 Apr 2004; <plasmaroo@gentoo.org>
1003 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1004 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1005 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1006 +hardened-sources-2.4.24-r3.ebuild:
1007 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1008 vulnerabilities. Old revisions removed.
1009
1010 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1011
1012 15 Apr 2004; <plasmaroo@gentoo.org>
1013 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1014 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1015 Version bump for the CAN-2004-0109 issue; bug #47881.
1016
1017 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1018 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1019 Add eutils to inherit.
1020
1021 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1022
1023 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1024 files/hardened-sources-2.4.24.munmap.patch:
1025 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1026
1027 *hardened-sources-2.4.24 (06 Feb 2004)
1028
1029 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1030 hardened-sources-2.4.24.ebuild:
1031 Version bump, updated most of the components.
1032 This release includes the following:
1033
1034 - Hardened security
1035 - Netfilter patch-o-matic 20031219
1036 - FreeSWAN 2.04 & x509 1.4.8
1037 - EVMS 2.2.2
1038 - XFS 1.3.1
1039 - cryptoloop jari
1040 - grsecurity 2.0-rc4
1041 - SELinux
1042 - PaX 200402060000
1043 - PaX Obscurity 200308302223
1044 - Others...
1045
1046 Neither -ck nor systrace are included anymore.
1047
1048 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1049
1050 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1051 hardened-sources-2.4.22-r2.ebuild:
1052 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1053
1054 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1055
1056 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1057 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1058
1059 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1060 hardened-sources-2.4.22-r1.ebuild:
1061 Version bump for the 'do_brk' vulnerability.
1062
1063 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1064 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1065 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1066 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1067 Fix the 'do_brk' vulnerability.
1068
1069 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1070 hardened-sources-2.4.22.ebuild:
1071 - Removed the src_install() portion for SELinux flask
1072 components. These are no longer handled in the kernel
1073 so this code was not necessary.
1074
1075 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1076 New 2.4.22 based hardened-sources thanks to
1077 Phil West <p.west@computer.org>.
1078
1079 These sources include:
1080 - New SELinux API
1081 - Updated CK-base
1082 - Updated GRSec
1083 - Systrace
1084 - SuperFreeS/WAN 1.99.8
1085 - Propolice kernel build support
1086 - EVMS
1087 - Other various security related patches
1088
1089 *hardened-sources-2.4.21 (14 Sep 2003)
1090
1091 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1092 Updated hardened-sources based on the 2.4.21 Linux kernel.
1093 This includes updates to most major components such as:
1094 - ck-base-0306300059
1095 - selinux-2.4-2003071106
1096 - grsecurity-2.0-rc1
1097 - Updated IPTables patch-o-matic
1098 - Updated SuperFreeS/WAN
1099
1100 Thanks to Phil West <pwest@computer.org> for his work in getting this
1101 updated patch set ready for the 2.4.21 based kernel.
1102
1103 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1104 Initial import of hardened-sources-2.4.20-r4. This revision
1105 includes only a few changes, but one of these is an important
1106 security fix. It is recommended all users of hardened-sources
1107 upgrade to this release.
1108
1109 - ioperm bug fix
1110 - fixed compilation failure when building without GRSec
1111
1112 SAL (Secure Auditing for Linux) is NOT included in this revision
1113 due to time constraints, but is planned for inclusion in the near
1114 future.
1115
1116 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1117
1118 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1119 hardened-sources-2.4.20-r3.ebuild:
1120 Add Header...
1121
1122 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1123 hardened-sources-2.4.20-r3.ebuild:
1124 Removed warnings from ebuild. This kernel should be safe to
1125 use at this point.
1126
1127 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1128
1129 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1130 hardened-sources-2.4.20-r3.ebuild:
1131 New revision. Includes the following changes over -r2:
1132
1133 - ck7-base (O(1), preempt, low latency)
1134 - Super FreeS/WAN 1.99.7rc2
1135 - PaX for the LSM/SELinux branch
1136 - GRSecurity 2.0-pre4 (role based access control)
1137 - Systrace 1.3
1138 - EXT3 fixes
1139 - EVMS 2.0.1
1140 - GCC 3.1+ compile optimizations
1141 - ProPolice kernel build support
1142 - Hashing table security fixes
1143
1144 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1145
1146 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1147 Initial import of hardened-sources-r2. This new
1148 ebuild includes many new performance and security
1149 related patches. As in -r1, it will patch in
1150 LSM/SELinux if "selinux" is in USE, otherwise it
1151 will patch in GRSecurity. The following patches
1152 are included in this revision:
1153
1154 - O(1) Scheduler, Low Latency, and Preempt
1155 (pulled from the base CK patch)
1156 - ptrace exploit patch for the LSM kernel
1157 (the GRSec patch already fixes this)
1158 - LSM 2.4-2003040709
1159 - SELinux 2.4-2003040709
1160 - Systrace v1.2
1161 - IPTables patch-o-matic base patches - 20030107
1162 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1163 - Super FreeS/WAN 1.99.6.1
1164 - GRSecurity 1.9.9g
1165 - MPPE
1166 - EXT3 data journal fix
1167 - CIPE 1.5.4
1168
1169 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1170 hardened-sources-2.4.20-r1.ebuild, manifest:
1171 Updated to install flask components correctly for selinux.
1172
1173 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1174 hardened-sources-2.4.20-r1.ebuild:
1175 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1176 is patched in instead. Ptrace patches for selinux have also been added. In
1177 either case, systrace support will be patched in as well.
1178
1179 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1180 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1181 Revision bump for new sources.
1182
1183 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1184 hardened-sources-2.4.20-r1.ebuild:
1185 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1186
1187 *hardened-sources-2.4.20 (30 Mar 2003)
1188
1189 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1190 hardened-sources-2.4.20.ebuild:
1191 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20