/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.197 - (show annotations) (download)
Wed Oct 31 12:48:57 2007 UTC (7 years, 4 months ago) by phreak
Branch: MAIN
Changes since 1.196: +7 -1 lines
Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.196 2007/10/29 04:33:28 solar Exp $
4
5 *hardened-sources-2.6.23-r1 (31 Oct 2007)
6
7 31 Oct 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.23-r1.ebuild:
9 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
10
11 29 Oct 2007; <solar@gentoo.org> metadata.xml:
12 - update metadata.xml
13
14 25 Oct 2007; Christian Heim <phreak@gentoo.org>
15 hardened-sources-2.6.22-r8.ebuild:
16 Marking 2.6.22-r8 stable on amd64 and x86.
17
18 21 Oct 2007; Christian Heim <phreak@gentoo.org>
19 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
20 -hardened-sources-2.6.21-r4.ebuild:
21 Removing old ebuilds.
22
23 *hardened-sources-2.4.35-r2 (21 Oct 2007)
24
25 21 Oct 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.4.35-r2.ebuild:
27 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
28 patches.
29
30 *hardened-sources-2.6.22-r8 (21 Oct 2007)
31
32 21 Oct 2007; Christian Heim <phreak@gentoo.org>
33 +hardened-sources-2.6.22-r8.ebuild:
34 Yet another new patch, hopefully fixing the remaining issues we had w/
35 2.6.22. Candidate for stabling.
36
37 *hardened-sources-2.6.23 (13 Oct 2007)
38
39 13 Oct 2007; Christian Heim <phreak@gentoo.org>
40 +hardened-sources-2.6.23.ebuild:
41 Initial hardened-sources-2.6.23. If people still have problems w/ bug
42 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
43
44 11 Oct 2007; Christian Heim <phreak@gentoo.org>
45 hardened-sources-2.6.20-r10.ebuild:
46 Pulling in yet another new genpatches version, fixing the PWC bug for real.
47
48 04 Oct 2007; Christian Heim <phreak@gentoo.org>
49 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
50 Removing old versions.
51
52 *hardened-sources-2.6.22-r7 (01 Oct 2007)
53
54 01 Oct 2007; Christian Heim <phreak@gentoo.org>
55 +hardened-sources-2.6.22-r7.ebuild:
56 Revision bump, pulling in a newer patch. Should fix #194276.
57
58 30 Sep 2007; Christian Heim <phreak@gentoo.org>
59 hardened-sources-2.6.20-r10.ebuild:
60 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
61 Mike Doty).
62
63 *hardened-sources-2.6.22-r6 (26 Sep 2007)
64
65 26 Sep 2007; Christian Heim <phreak@gentoo.org>
66 +hardened-sources-2.6.22-r6.ebuild:
67 Revision bump, grabbing up till Linux 2.6.22.9.
68
69 24 Sep 2007; Christian Heim <phreak@gentoo.org>
70 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
71 Cleaning up further.
72
73 *hardened-sources-2.6.20-r10 (24 Sep 2007)
74
75 24 Sep 2007; Christian Heim <phreak@gentoo.org>
76 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
77 +hardened-sources-2.6.20-r10.ebuild:
78 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
79 revisions.
80
81 *hardened-sources-2.6.22-r5 (22 Sep 2007)
82
83 22 Sep 2007; Christian Heim <phreak@gentoo.org>
84 +hardened-sources-2.6.22-r5.ebuild:
85 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
86
87 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
88 Removing johnm from metadata.xml (see #186467 for reference).
89
90 *hardened-sources-2.6.22-r4 (17 Sep 2007)
91
92 17 Sep 2007; Christian Heim <phreak@gentoo.org>
93 +hardened-sources-2.6.22-r4.ebuild:
94 Revision bump, hopefully fixing all those weird PAX failures.
95
96 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
97 Updating the metadata.xml.
98
99 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
100 Removing tocharian from metadata due to his retirement (see #71718 for
101 reference).
102
103 *hardened-sources-2.6.20-r9 (30 Aug 2007)
104
105 30 Aug 2007; Christian Heim <phreak@gentoo.org>
106 +hardened-sources-2.6.20-r9.ebuild:
107 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
108
109 29 Aug 2007; Christian Heim <phreak@gentoo.org>
110 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
111 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
112 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
113 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
114 -hardened-sources-2.6.22-r2.ebuild:
115 Removing some redundant versions.
116
117 *hardened-sources-2.4.35-r1 (29 Aug 2007)
118
119 29 Aug 2007; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.4.35-r1.ebuild:
121 Revision bump, new grsecurity patch.
122
123 *hardened-sources-2.6.20-r8 (26 Aug 2007)
124
125 26 Aug 2007; Christian Heim <phreak@gentoo.org>
126 +hardened-sources-2.6.20-r8.ebuild:
127 Revision bump for Linux 2.6.20.17.
128
129 *hardened-sources-2.6.22-r3 (22 Aug 2007)
130
131 22 Aug 2007; Christian Heim <phreak@gentoo.org>
132 +hardened-sources-2.6.22-r3.ebuild:
133 Revision bump for Linux 2.6.22.4.
134
135 16 Aug 2007; Christian Heim <phreak@gentoo.org>
136 hardened-sources-2.6.22-r2.ebuild:
137 Updated patchset, to fix the alignment against 2.6.22.3.
138
139 *hardened-sources-2.6.22-r2 (16 Aug 2007)
140
141 16 Aug 2007; Christian Heim <phreak@gentoo.org>
142 +hardened-sources-2.6.22-r2.ebuild:
143 Revision bump for Linux 2.6.22.3.
144
145 *hardened-sources-2.4.35 (16 Aug 2007)
146
147 16 Aug 2007; Christian Heim <phreak@gentoo.org>
148 +hardened-sources-2.4.35.ebuild:
149 Version bump, initial version for Linux 2.4.35.
150
151 *hardened-sources-2.6.21-r4 (16 Aug 2007)
152
153 16 Aug 2007; Christian Heim <phreak@gentoo.org>
154 +hardened-sources-2.6.21-r4.ebuild:
155 Revision bump for Linux 2.6.21.6.
156
157 *hardened-sources-2.6.20-r7 (16 Aug 2007)
158
159 16 Aug 2007; Christian Heim <phreak@gentoo.org>
160 +hardened-sources-2.6.20-r7.ebuild:
161 Revision bump for Linux 2.6.20.16.
162
163 *hardened-sources-2.6.22-r1 (13 Aug 2007)
164
165 13 Aug 2007; Christian Heim <phreak@gentoo.org>
166 +hardened-sources-2.6.22-r1.ebuild:
167 Yet another revision bump.
168
169 *hardened-sources-2.6.22 (10 Aug 2007)
170
171 10 Aug 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.6.22.ebuild:
173 Initial release for 2.6.22. If you are using hardened-sources on a desktop
174 machine (P4 or newer), be aware you might need to disable
175 CONFIG_PAX_PAGEEXEC.
176
177 04 Aug 2007; Christian Heim <phreak@gentoo.org>
178 hardened-sources-2.6.20-r6.ebuild:
179 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
180 2.6.20.15.
181
182 10 Jul 2007; Christian Heim <phreak@gentoo.org>
183 hardened-sources-2.6.20-r5.ebuild:
184 Marking hardened-sources-2.6.20-r5 stable on ppc.
185
186 10 Jul 2007; Christian Heim <phreak@gentoo.org>
187 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
188 Cleanup.
189
190 *hardened-sources-2.6.20-r6 (08 Jul 2007)
191
192 08 Jul 2007; Christian Heim <phreak@gentoo.org>
193 +hardened-sources-2.6.20-r6.ebuild:
194 Revision bump, grabbing yet another stable release.
195
196 17 Jun 2007; Christian Heim <phreak@gentoo.org>
197 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
198 -hardened-sources-2.6.21-r2.ebuild:
199 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
200 alpha stable KEYWORD by mistake.
201
202 17 Jun 2007; Christian Heim <phreak@gentoo.org>
203 hardened-sources-2.6.20-r5.ebuild:
204 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
205 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
206
207 *hardened-sources-2.6.21-r3 (12 Jun 2007)
208
209 12 Jun 2007; Christian Heim <phreak@gentoo.org>
210 +hardened-sources-2.6.21-r3.ebuild:
211 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
212 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
213 love.
214
215 *hardened-sources-2.6.20-r5 (11 Jun 2007)
216
217 11 Jun 2007; Christian Heim <phreak@gentoo.org>
218 +hardened-sources-2.6.20-r5.ebuild:
219 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
220 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
221 love.
222
223 *hardened-sources-2.4.34.5 (11 Jun 2007)
224
225 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
226 +hardened-sources-2.4.34.5.ebuild:
227 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
228
229 30 May 2007; Christian Heim <phreak@gentoo.org>
230 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
231 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
232 stale ebuild(s).
233
234 30 May 2007; Christian Heim <phreak@gentoo.org>
235 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
236 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
237 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
238 Doing some cleanups, remove stale ebuilds.
239
240 26 May 2007; Christian Heim <phreak@gentoo.org>
241 hardened-sources-2.6.21-r2.ebuild:
242 Fixing the grsecurity patch, had one '};' too much.
243
244 *hardened-sources-2.6.21-r2 (26 May 2007)
245
246 26 May 2007; Christian Heim <phreak@gentoo.org>
247 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
248 +hardened-sources-2.6.21-r2.ebuild:
249 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
250 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
251
252 *hardened-sources-2.6.20-r4 (26 May 2007)
253
254 26 May 2007; Christian Heim <phreak@gentoo.org>
255 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
256 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
257 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
258
259 15 May 2007; Christian Heim <phreak@gentoo.org>
260 hardened-sources-2.6.20-r3.ebuild:
261 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
262 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
263 grsecurity patch fail in that exact same hunk.
264
265 *hardened-sources-2.6.20-r3 (15 May 2007)
266
267 15 May 2007; Christian Heim <phreak@gentoo.org>
268 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
269 Revision bump, incorporating Linux 2.6.20.11.
270
271 *hardened-sources-2.6.21-r1 (11 May 2007)
272
273 11 May 2007; Christian Heim <phreak@gentoo.org>
274 +hardened-sources-2.6.21-r1.ebuild:
275 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
276 mentioned in #177234.
277
278 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
279 files/digest-hardened-sources-2.6.21, Manifest:
280 Fix Manifest/digest for linux-2.6.21.tar.bz2
281
282 06 May 2007; Christian Heim <phreak@gentoo.org>
283 hardened-sources-2.6.21.ebuild:
284 Bumping the hardened-patches version, needed for the fix for #177234.
285
286 *hardened-sources-2.6.21 (02 May 2007)
287
288 02 May 2007; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.21.ebuild:
290 Version bump, Linux 2.6.21-hardened.
291
292 29 Apr 2007; Christian Heim <phreak@gentoo.org>
293 hardened-sources-2.6.20-r2.ebuild:
294 Adding ~ia64 on Ned's request.
295
296 29 Apr 2007; Christian Heim <phreak@gentoo.org>
297 hardened-sources-2.6.20-r2.ebuild:
298 Fixing the included grsecurity patch, wasn't alligning due to the Index:
299 header line(s).
300
301 29 Apr 2007; Christian Heim <phreak@gentoo.org>
302 hardened-sources-2.6.20-r2.ebuild:
303 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
304
305 *hardened-sources-2.6.20-r2 (10 Apr 2007)
306
307 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
308 +hardened-sources-2.6.20-r2.ebuild:
309 Version bump, on behalf of phreak
310
311 *hardened-sources-2.6.20-r1 (04 Apr 2007)
312
313 04 Apr 2007; Christian Heim <phreak@gentoo.org>
314 +hardened-sources-2.6.20-r1.ebuild:
315 Revision bump, grabbing a newer grsecurity snapshot.
316
317 *hardened-sources-2.6.20 (25 Mar 2007)
318
319 25 Mar 2007; Christian Heim <phreak@gentoo.org>
320 +hardened-sources-2.6.20.ebuild:
321 Finally a hardened-sources version for 2.6.20; many people have been waiting
322 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
323 testbox.
324
325 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
326 hardened-sources-2.6.18-r6.ebuild:
327 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
328
329 *hardened-sources-2.6.18-r6 (16 Mar 2007)
330
331 16 Mar 2007; Christian Heim <phreak@gentoo.org>
332 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
333 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
334 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
335 supposed to be.
336
337 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
338 Fixing the Manifest, the previous one was broken (as in still had the
339 deleted ebuild in it).
340
341 06 Mar 2007; Christian Heim <phreak@gentoo.org>
342 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
343 +hardened-sources-2.6.18-r5.ebuild:
344 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
345 Linux 2.6.18.8. Also cleaning up the older version.
346
347 *hardened-sources-2.6.18-r5 (06 Mar 2007)
348
349 06 Mar 2007; Christian Heim <phreak@gentoo.org>
350 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
351 +hardened-sources-2.6.18-r5.ebuild:
352 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
353 Linux 2.6.18.8. Also cleaning up the older version.
354
355 24 Feb 2007; Christian Heim <phreak@gentoo.org>
356 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
357 -hardened-sources-2.6.19-r5.ebuild:
358 Removing some of the old version, that didn't work.
359
360 *hardened-sources-2.6.19-r6 (12 Feb 2007)
361
362 12 Feb 2007; Christian Heim <phreak@gentoo.org>
363 +hardened-sources-2.6.19-r6.ebuild:
364 Revision bump, including a new grsec version fixing #166235.
365
366 *hardened-sources-2.4.34 (24 Jan 2007)
367
368 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
369 Manifest:
370 updating Manifest with checksums of new tarball and ebuild
371
372 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
373 +hardened-sources-2.4.34.ebuild:
374 I added new hardened sources 2.4 update, this is a critical path
375 security bugfix - all users of h-s are strongly advised
376 to update their existing hardened sources to this version.
377 It contains a fix for a kernel vulnerability that is pertaining
378 to the PaX changes to virtual memory management, possibly leading
379 to a local kernel exploit ... see grsecurity.net forums and homepage
380
381 23 Jan 2007; Christian Heim <phreak@gentoo.org>
382 files/digest-hardened-sources-2.6.19-r5, Manifest:
383 Fixing the patch-tarball digest.
384
385 *hardened-sources-2.6.19-r5 (23 Jan 2007)
386
387 23 Jan 2007; Christian Heim <phreak@gentoo.org>
388 +hardened-sources-2.6.19-r5.ebuild:
389 Revision bump, closing the recently discovered PaX expand_stack()
390 vulnerability.
391
392 *hardened-sources-2.6.19-r4 (14 Jan 2007)
393
394 14 Jan 2007; Christian Heim <phreak@gentoo.org>
395 +hardened-sources-2.6.19-r4.ebuild:
396 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
397 dropping the randomized PID feature.
398
399 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
400 hardened-sources-2.4.33.4.ebuild:
401 stable x86, bug #161171
402
403 *hardened-sources-2.6.19-r3 (27 Dec 2006)
404
405 27 Dec 2006; Christian Heim <phreak@gentoo.org>
406 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
407 Revision bump for bug #157186 and #158786.
408
409 *hardened-sources-2.6.18-r4 (27 Dec 2006)
410
411 27 Dec 2006; Christian Heim <phreak@gentoo.org>
412 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
413 Revision bump for bug #157186.
414
415 *hardened-sources-2.6.19-r2 (23 Dec 2006)
416
417 23 Dec 2006; Christian Heim <phreak@gentoo.org>
418 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
419 Revision bump to pull in genpatches-2.6.19-3 for #157186.
420
421 17 Dec 2006; Christian Heim <phreak@gentoo.org>
422 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
423 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
424 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
425 hardened-sources-2.6.19-r1.ebuild:
426 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
427 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
428
429 *hardened-sources-2.4.33.4 (17 Dec 2006)
430
431 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
432 +hardened-sources-2.4.33.4.ebuild:
433 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
434 and quilting
435
436 *hardened-sources-2.6.19-r1 (14 Dec 2006)
437
438 14 Dec 2006; Christian Heim <phreak@gentoo.org>
439 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
440 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
441 for reporting).
442
443 *hardened-sources-2.6.19 (13 Dec 2006)
444
445 13 Dec 2006; Christian Heim <phreak@gentoo.org>
446 +hardened-sources-2.6.19.ebuild:
447 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
448 Brad for providing that prompt update.
449
450 *hardened-sources-2.6.18-r3 (13 Dec 2006)
451
452 13 Dec 2006; Christian Heim <phreak@gentoo.org>
453 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
454 +hardened-sources-2.6.18-r3.ebuild:
455 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
456 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
457
458 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
459 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
460
461 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
462 Stable on ppc wrt bug 157356
463
464 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
465 hardened-sources-2.6.18.ebuild:
466 stable x86, bug #157356
467
468 *hardened-sources-2.6.18-r2 (06 Dec 2006)
469
470 06 Dec 2006; Christian Heim <phreak@gentoo.org>
471 +hardened-sources-2.6.18-r2.ebuild:
472 Revision bump, including 2.6.18.5 (via genpatches) and
473 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
474 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
475 redesign.
476
477 06 Dec 2006; Christian Heim <phreak@gentoo.org>
478 hardened-sources-2.6.18.ebuild:
479 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
480 of Mike Doty).
481
482 *hardened-sources-2.6.18-r1 (23 Nov 2006)
483
484 23 Nov 2006; Christian Heim <phreak@gentoo.org>
485 +hardened-sources-2.6.18-r1.ebuild:
486 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
487
488 *hardened-sources-2.6.18 (11 Nov 2006)
489
490 11 Nov 2006; Christian Heim <phreak@gentoo.org>
491 +hardened-sources-2.6.18.ebuild:
492 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
493
494 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
495 - mark amd64 stable also. bug #151877
496
497 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
498 - mark 2.6.17-r1 stable
499
500 27 Aug 2006; Christian Heim <phreak@gentoo.org>
501 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
502 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
503
504 *hardened-sources-2.6.17-r1 (26 Aug 2006)
505
506 26 Aug 2006; Christian Heim <phreak@gentoo.org>
507 +hardened-sources-2.6.17-r1.ebuild:
508 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
509 grsecurity patch.
510
511 *hardened-sources-2.6.17 (17 Aug 2006)
512
513 17 Aug 2006; Christian Heim <phreak@gentoo.org>
514 +hardened-sources-2.6.17.ebuild:
515 Bumping the hardened-sources-2.6 series to 2.6.17, using
516 genpatches-2.6.17-6.base.
517
518 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
519 - stable on x86 and amd64
520
521 *hardened-sources-2.6.16-r11 (15 Jul 2006)
522
523 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
524 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
525 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
526 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
527 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
528 crusty ebuilds
529
530 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
531 hardened-sources-2.6.16-r10.ebuild:
532 marking stable on x86 and amd64
533
534 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
535 - 2.4.32-r6 stable on x86. RSBAC state unknown
536
537 *hardened-sources-2.4.32-r7 (10 Jul 2006)
538
539 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
540 +hardened-sources-2.4.32-r7.ebuild:
541 Bump PaX for RSBAC to test-17
542
543 *hardened-sources-2.6.16-r9 (03 Jul 2006)
544
545 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
546 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
547 hardened-sources-2.6.16 bump to latest -base.
548
549 *hardened-sources-2.4.32-r6 (30 Jun 2006)
550
551 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
552 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
553 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
554 sysctl controlable resource logging
555
556 *hardened-sources-2.6.16-r7 (05 Jun 2006)
557
558 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
559 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
560 push new 2.6.16 release in preparation for stable
561
562 22 May 2006; <solar@gentoo.org> :
563 - redigest bug 134002
564
565 *hardened-sources-2.4.32-r5 (16 May 2006)
566
567 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
568 +hardened-sources-2.4.32-r5.ebuild:
569 Fixes rsbac common patching (new patch in new -r5 patchset)
570
571 *hardened-sources-2.4.32-r4 (13 May 2006)
572
573 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
574 +hardened-sources-2.4.32-r4.ebuild:
575 - security bumps
576
577 *hardened-sources-2.6.16-r6 (03 May 2006)
578
579 03 May 2006; John Mylchreest <johnm@gentoo.org>
580 +hardened-sources-2.6.16-r6.ebuild:
581 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
582
583 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
584 hardened-sources-2.6.14-r8.ebuild:
585 fix x86_64 build problem, this will delay the digest issue again for a short
586 while but it will sort itself out
587
588 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
589 hardened-sources-2.6.14-r8.ebuild:
590 bump hardened patchset
591
592 27 Apr 2006; Alec Warner <antarus@gentoo.org>
593 files/digest-hardened-sources-2.4.32-r2,
594 files/digest-hardened-sources-2.4.32-r3,
595 files/digest-hardened-sources-2.6.14-r8, Manifest:
596 Fixing duff SHA256 digests: Bug # 131293
597
598 *hardened-sources-2.6.16-r5 (27 Apr 2006)
599
600 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
601 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
602 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
603 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
604 cleanup of old uneccessary sources
605
606 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
607 fix digest
608
609 *hardened-sources-2.6.14-r8 (20 Apr 2006)
610
611 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
612 +hardened-sources-2.6.14-r8.ebuild:
613 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
614
615 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
616 Turning on gpg-signing again, and recomitting
617
618 *hardened-sources-2.6.16-r4 (20 Apr 2006)
619
620 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
621 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
622 +hardened-sources-2.6.16-r4.ebuild:
623 Fix numerous security vulns
624
625 *hardened-sources-2.4.32-r3 (16 Apr 2006)
626
627 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
628 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
629 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
630 - security bump for bug #112791. Removed old ebuilds
631
632 *hardened-sources-2.6.16-r3 (15 Apr 2006)
633
634 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
635 +hardened-sources-2.6.16-r3.ebuild:
636 Removing silly localversion which I missed
637
638 *hardened-sources-2.6.14-r7 (14 Apr 2006)
639
640 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
641 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
642 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
643
644 *hardened-sources-2.6.16-r2 (13 Apr 2006)
645
646 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
648 +hardened-sources-2.6.16-r2.ebuild:
649 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
650 labels, dropping USERGROUP define fixes, since these were merged mainstream.
651
652 *hardened-sources-2.6.16-r1 (11 Apr 2006)
653
654 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
655 +hardened-sources-2.6.16-r1.ebuild:
656 Bumping to include ppc build fix and 2.6.16.3
657
658 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
659 hardened-sources-2.6.14-r6.ebuild:
660 Stable on x86; bug #127718
661
662 *hardened-sources-2.6.16 (31 Mar 2006)
663
664 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
665 +hardened-sources-2.6.16.ebuild:
666 Bumping to new version of grsec, and kernel base. New squashfs. Based on
667 2.6.16.1
668
669 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
670 hardened-sources-2.6.14-r6.ebuild:
671 Stable on amd64, bug 127718.
672
673 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
674 Stable on ppc. Bug #127718
675
676 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
677 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
678 -hardened-sources-2.6.14-r4.ebuild:
679 Cleanup.
680
681 *hardened-sources-2.6.14-r6 (15 Mar 2006)
682
683 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
684 +hardened-sources-2.6.14-r6.ebuild:
685 Fixes grsec policy recreation bug and adds a
686 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
687
688 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
689 - stable on x86
690
691 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
692 hardened-sources-2.6.14-r5.ebuild:
693 Stable on ppc.
694
695 *hardened-sources-2.6.14-r5 (01 Feb 2006)
696
697 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
698 +hardened-sources-2.6.14-r5.ebuild:
699 fixing every known exploit
700
701 *hardened-sources-2.4.32-r2 (26 Jan 2006)
702
703 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
704 +hardened-sources-2.4.32-r2.ebuild:
705 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
706
707 *hardened-sources-2.6.14-r4 (12 Jan 2006)
708
709 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
710 - version bump for new genpatches which fix up a few sec holes
711
712 *hardened-sources-2.4.32-r1 (05 Jan 2006)
713
714 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
715 - revision bump to add misc vital linux kernel security patches.
716
717 *hardened-sources-2.6.14-r3 (30 Dec 2005)
718
719 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
720 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
721 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
722
723 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
724 hardened-sources-2.6.14-r2.ebuild:
725 making x86 & amd64 stable following testing.
726
727 *hardened-sources-2.6.14-r2 (27 Dec 2005)
728
729 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
730 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
731 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
732 network hooks.
733
734 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
735 hardened-sources-2.6.14-r1.ebuild:
736 bumping to stable early for sec fix on x86 & amd64
737
738 *hardened-sources-2.6.14-r1 (05 Dec 2005)
739
740 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
741 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
742 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
743
744 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
745 - stable on x86 security bug #114227 CAN-2005-3257
746
747 *hardened-sources-2.4.32 (19 Nov 2005)
748
749 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
750 +hardened-sources-2.4.32.ebuild:
751 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
752 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
753 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
754 rsbac >> /etc/portage/package.use)
755
756 *hardened-sources-2.6.14 (14 Nov 2005)
757
758 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
759 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
760 Bumping 2.6 series to 2.6.14.2
761
762 *hardened-sources-2.6.13-r2 (20 Oct 2005)
763
764 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
765 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
766 +hardened-sources-2.6.13-r2.ebuild:
767 Fixes minor build error in ppc.
768
769 *hardened-sources-2.6.13-r1 (17 Oct 2005)
770
771 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
772 +hardened-sources-2.6.13-r1.ebuild:
773 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
774 2.6.13.4, fixes some major amd64 stability problems.
775
776 *hardened-sources-2.6.13 (16 Sep 2005)
777
778 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
779 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
780 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
781 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
782 users should test this thoroughly.
783
784 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
785 - stable on x86
786
787 *hardened-sources-2.6.11-r15 (27 Jun 2005)
788
789 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
790 +hardened-sources-2.6.11-r15.ebuild:
791 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
792 grsec redefining curr_ip struct.
793
794 *hardened-sources-2.4.31 (20 Jun 2005)
795
796 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
797 initial import of 2.4.31 tree
798
799 *hardened-sources-2.6.11-r14 (14 Jun 2005)
800
801 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
802 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
803 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
804 naming scheme to abide by genpatches
805
806 *hardened-sources-2.6.11-r13 (18 May 2005)
807
808 18 May 2005; John Mylchreest <johnm@gentoo.org>
809 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
810 Managed to mangle the Makefile patch from grsec, to miss out the grsec
811 target. sorry about that. Fixes bug #93022
812
813 *hardened-sources-2.6.11-r12 (17 May 2005)
814
815 17 May 2005; John Mylchreest <johnm@gentoo.org>
816 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
817 +hardened-sources-2.6.11-r12.ebuild:
818 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
819 merges in genpatches-base
820
821 *hardened-sources-2.6.11-r12 (17 May 2005)
822
823 17 May 2005; John Mylchreest <johnm@gentoo.org>
824 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
825 +hardened-sources-2.6.11-r12.ebuild:
826 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
827 merges in genpatches-base
828
829 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
830 -files/2.4.27-cmdline-race.patch,
831 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
832 -files/2.4.28-grsec-binfmt_a.out.patch,
833 -files/2.4.28-grsec-cmdline-race.patch,
834 -files/2.4.28-selinux-binfmt_a.out.patch,
835 -files/2.4.28-selinux-cmdline-race.patch,
836 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
837 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
838 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
839 cleanup..
840
841 *hardened-sources-2.4.30-r1 (21 Apr 2005)
842
843 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
844 - disable aout by default
845
846 *hardened-sources-2.4.30 (18 Apr 2005)
847
848 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
849 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
850 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
851 use
852
853 *hardened-sources-2.4.29 (30 Mar 2005)
854
855 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
856 +hardened-sources-2.4.29.ebuild:
857 New hardened-patches-2.4-29.0 patchball.
858 Removed SELinux support, upgraded GRSecurity to 2.1.4.
859
860 *hardened-sources-2.4.28-r5 (06 Mar 2005)
861
862 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
863 +hardened-sources-2.4.28-r5.ebuild:
864 Added a fix for a PaX vulnerability.
865
866 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
867 hardened-sources-2.4.28-r4.ebuild:
868 Stable on x86
869
870 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
871 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
872 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
873 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
874 - fixed/added RDEPEND= in all kernel-2 ebuilds
875
876 *hardened-sources-2.4.28-r4 (21 Jan 2005)
877
878 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
879 +hardened-sources-2.4.28-r4.ebuild:
880 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
881 backport of neighbour hash updates.
882
883 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
884 hardened-sources-2.4.28-r3.ebuild:
885 Stable on x86
886
887 *hardened-sources-2.6.10-r3 (20 Jan 2005)
888
889 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
890 +hardened-sources-2.6.10-r3.ebuild:
891 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
892 in 2005.0
893
894 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
895 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
896 hardened-sources-2.4.28-r2.ebuild:
897 Mark stable on x86
898
899 *hardened-sources-2.4.28-r3 (17 Jan 2005)
900
901 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
902 +hardened-sources-2.4.28-r3.ebuild:
903 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
904
905 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
906 hardened-sources-2.4.28.ebuild:
907 Mark stable on x86.
908
909 *hardened-sources-2.4.28-r2 (13 Jan 2005)
910
911 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
912 +hardened-sources-2.4.28-r2.ebuild:
913 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
914 Mazinger for grsecurity patches as well.
915
916 *hardened-sources-2.4.28-r1 (23 Dec 2004)
917
918 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
919 Security bump. Thank tocharian for rolling a new patchset...
920
921 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
922 +files/2.4.28-grsec-cmdline-race.patch,
923 +files/2.4.28-selinux-binfmt_a.out.patch,
924 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
925 - Round up remaining security patches that appear to be missing in 2.4.28. -
926 PaX standalone updated to current. hgpv=28.1
927
928 *hardened-sources-2.4.28 (28 Nov 2004)
929
930 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
931 security bump. Thank tocharian for rolling a new patchset
932
933 *hardened-sources-2.4.27-r3 (08 Sep 2004)
934
935 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
936 +hardened-sources-2.4.27-r3.ebuild:
937 Applies the new 2.4-27.2 patchball which updates
938 GRSecurity to the 2.0.1 version.
939
940 *hardened-sources-2.4.27-r2 (31 Aug 2004)
941
942 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943 +hardened-sources-2.4.27-r2.ebuild:
944 Version bump.
945 This version uses the new 2.4-27.1 patchball which updates
946 both the SELinux PaX hooks patch and the SELinux headers.
947
948 *hardened-sources-2.4.27-r1 (09 Aug 2004)
949
950 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
951 +hardened-sources-2.4.27-r1.ebuild,
952 -hardened-sources-2.4.27.ebuild,
953 +files/2.4.27-cmdline-race.patch:
954 Version bump, fix for cmdline race. See bug #59905.
955
956 *hardened-sources-2.4.26-r6 (09 Aug 2004)
957
958 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
959 +hardened-sources-2.4.26-r6.ebuild,
960 -hardened-sources-2.4.26-r5.ebuild,
961 -hardened-sources-2.4.26-r4.ebuild,
962 +files/2.4.26-cmdline-race.patch:
963 Version bump, fix for cmdline race. See bug #59905.
964
965 *hardened-sources-2.4.27 (08 Aug 2004)
966
967 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
968 +hardened-sources-2.4.27.ebuild,
969 +files/2.4.27-CAN-2004-0394.patch:
970 Ported the patchball to the 2.4.27 kernel version.
971
972 *hardened-sources-2.4.26-r5 (07 Aug 2004)
973
974 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
975 +hardened-sources-2.4.26-r5.ebuild:
976 Updated to use the new hardened-patches-2.4-26.1 patchball.
977 It adds the following features:
978 - Squashfs
979 - Ebtables
980 - Netdev random (core+drivers)
981 - Watchdog Timer (WDT) fix.
982
983 *hardened-sources-2.4.26-r4 (04 Aug 2004)
984
985 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
986 +hardened-sources-2.4.26-r4.ebuild,
987 +files/2.4.26-CAN-2004-0415.patch,
988 -hardened-sources-2.4.26-3:
989 Version bump, fix for CAN 0415, see bug #59378.
990
991 *hardened-sources-2.4.26-r3 (22 Jul 2004)
992
993 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
994 +hardened-sources-2.4.26-r3.ebuild,
995 +files/2.4.26-CAN-2004-0497.patch,
996 -hardened-sources-2.4.26-r2.ebuild:
997 Version bump, fixed CAN 0497, see bug #56171.
998
999 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1000
1001 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1002 +hardened-sources-2.4.26-r2.ebuild,
1003 +files/2.4.26-CAN-2004-0495.patch,
1004 +files/2.4.26-CAN-2004-0535.patch,
1005 -hardened-sources-2.4.26-r1.ebuild:
1006 Fixes for both CAN 0495 and 0535, see bug #54976
1007
1008 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1009 hardened-sources-2.4.26-r1.ebuild:
1010 QA - fix use invocation
1011
1012 *hardened-sources-2.4.26-r1 (22 June 2004)
1013
1014 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1015 +hardened-sources-2.4.26-r1.ebuild,
1016 +files/2.4.26-CAN-2004-0394.patch,
1017 +files/2.4.26-signal-race.patch,
1018 -hardened-sources-2.4.26.ebuild,
1019 -hardened-sources-2.4.24-r3.ebuild:
1020 Version bump for the CAN-2004-0394 issue and bug #53804
1021 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1022
1023
1024 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1025 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1026 Masked hardened-sources-2.4.26.ebuild broken for ppc
1027
1028 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1029 hardened-sources-2.4.24-r3.ebuild:
1030 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1031
1032 *hardened-sources-2.4.26 (29 May 2004)
1033
1034 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1035 +hardened-sources-2.4.26.ebuild:
1036 Updated hardened-sources for the 2.4.26 kernel
1037 Removed broken components, updated almost everything.
1038
1039 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1040
1041 17 Apr 2004; <plasmaroo@gentoo.org>
1042 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1043 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1044 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1045 +hardened-sources-2.4.24-r3.ebuild:
1046 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1047 vulnerabilities. Old revisions removed.
1048
1049 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1050
1051 15 Apr 2004; <plasmaroo@gentoo.org>
1052 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1053 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1054 Version bump for the CAN-2004-0109 issue; bug #47881.
1055
1056 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1057 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1058 Add eutils to inherit.
1059
1060 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1061
1062 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1063 files/hardened-sources-2.4.24.munmap.patch:
1064 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1065
1066 *hardened-sources-2.4.24 (06 Feb 2004)
1067
1068 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1069 hardened-sources-2.4.24.ebuild:
1070 Version bump, updated most of the components.
1071 This release includes the following:
1072
1073 - Hardened security
1074 - Netfilter patch-o-matic 20031219
1075 - FreeSWAN 2.04 & x509 1.4.8
1076 - EVMS 2.2.2
1077 - XFS 1.3.1
1078 - cryptoloop jari
1079 - grsecurity 2.0-rc4
1080 - SELinux
1081 - PaX 200402060000
1082 - PaX Obscurity 200308302223
1083 - Others...
1084
1085 Neither -ck nor systrace are included anymore.
1086
1087 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1088
1089 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1090 hardened-sources-2.4.22-r2.ebuild:
1091 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1092
1093 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1094
1095 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1096 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1097
1098 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1099 hardened-sources-2.4.22-r1.ebuild:
1100 Version bump for the 'do_brk' vulnerability.
1101
1102 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1103 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1104 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1105 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1106 Fix the 'do_brk' vulnerability.
1107
1108 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1109 hardened-sources-2.4.22.ebuild:
1110 - Removed the src_install() portion for SELinux flask
1111 components. These are no longer handled in the kernel
1112 so this code was not necessary.
1113
1114 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1115 New 2.4.22 based hardened-sources thanks to
1116 Phil West <p.west@computer.org>.
1117
1118 These sources include:
1119 - New SELinux API
1120 - Updated CK-base
1121 - Updated GRSec
1122 - Systrace
1123 - SuperFreeS/WAN 1.99.8
1124 - Propolice kernel build support
1125 - EVMS
1126 - Other various security related patches
1127
1128 *hardened-sources-2.4.21 (14 Sep 2003)
1129
1130 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1131 Updated hardened-sources based on the 2.4.21 Linux kernel.
1132 This includes updates to most major components such as:
1133 - ck-base-0306300059
1134 - selinux-2.4-2003071106
1135 - grsecurity-2.0-rc1
1136 - Updated IPTables patch-o-matic
1137 - Updated SuperFreeS/WAN
1138
1139 Thanks to Phil West <pwest@computer.org> for his work in getting this
1140 updated patch set ready for the 2.4.21 based kernel.
1141
1142 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1143 Initial import of hardened-sources-2.4.20-r4. This revision
1144 includes only a few changes, but one of these is an important
1145 security fix. It is recommended all users of hardened-sources
1146 upgrade to this release.
1147
1148 - ioperm bug fix
1149 - fixed compilation failure when building without GRSec
1150
1151 SAL (Secure Auditing for Linux) is NOT included in this revision
1152 due to time constraints, but is planned for inclusion in the near
1153 future.
1154
1155 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1156
1157 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1158 hardened-sources-2.4.20-r3.ebuild:
1159 Add Header...
1160
1161 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1162 hardened-sources-2.4.20-r3.ebuild:
1163 Removed warnings from ebuild. This kernel should be safe to
1164 use at this point.
1165
1166 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1167
1168 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1169 hardened-sources-2.4.20-r3.ebuild:
1170 New revision. Includes the following changes over -r2:
1171
1172 - ck7-base (O(1), preempt, low latency)
1173 - Super FreeS/WAN 1.99.7rc2
1174 - PaX for the LSM/SELinux branch
1175 - GRSecurity 2.0-pre4 (role based access control)
1176 - Systrace 1.3
1177 - EXT3 fixes
1178 - EVMS 2.0.1
1179 - GCC 3.1+ compile optimizations
1180 - ProPolice kernel build support
1181 - Hashing table security fixes
1182
1183 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1184
1185 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1186 Initial import of hardened-sources-r2. This new
1187 ebuild includes many new performance and security
1188 related patches. As in -r1, it will patch in
1189 LSM/SELinux if "selinux" is in USE, otherwise it
1190 will patch in GRSecurity. The following patches
1191 are included in this revision:
1192
1193 - O(1) Scheduler, Low Latency, and Preempt
1194 (pulled from the base CK patch)
1195 - ptrace exploit patch for the LSM kernel
1196 (the GRSec patch already fixes this)
1197 - LSM 2.4-2003040709
1198 - SELinux 2.4-2003040709
1199 - Systrace v1.2
1200 - IPTables patch-o-matic base patches - 20030107
1201 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1202 - Super FreeS/WAN 1.99.6.1
1203 - GRSecurity 1.9.9g
1204 - MPPE
1205 - EXT3 data journal fix
1206 - CIPE 1.5.4
1207
1208 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1209 hardened-sources-2.4.20-r1.ebuild, manifest:
1210 Updated to install flask components correctly for selinux.
1211
1212 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1213 hardened-sources-2.4.20-r1.ebuild:
1214 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1215 is patched in instead. Ptrace patches for selinux have also been added. In
1216 either case, systrace support will be patched in as well.
1217
1218 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1219 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1220 Revision bump for new sources.
1221
1222 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1223 hardened-sources-2.4.20-r1.ebuild:
1224 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1225
1226 *hardened-sources-2.4.20 (30 Mar 2003)
1227
1228 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1229 hardened-sources-2.4.20.ebuild:
1230 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20