/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.201 - (show annotations) (download)
Mon Dec 24 11:52:00 2007 UTC (6 years, 7 months ago) by phreak
Branch: MAIN
Changes since 1.200: +7 -1 lines
Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't in the tree for long, but there isn't much of a difference between this and -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
(Portage version: 2.1.3.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.200 2007/12/23 12:35:28 phreak Exp $
4
5 24 Dec 2007; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.6.23-r4.ebuild:
7 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
8 in the tree for long, but there isn't much of a difference between this and
9 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
10
11 *hardened-sources-2.6.23-r4 (23 Dec 2007)
12
13 23 Dec 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.23-r4.ebuild:
15 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
16
17 *hardened-sources-2.6.23-r3 (04 Dec 2007)
18
19 04 Dec 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.23-r3.ebuild:
21 Revision bump, pulling in 2.6.23.9.
22
23 *hardened-sources-2.6.23-r2 (25 Nov 2007)
24
25 25 Nov 2007; Christian Heim <phreak@gentoo.org>
26 +hardened-sources-2.6.23-r2.ebuild:
27 Updated patchset, thanks to solar.
28
29 *hardened-sources-2.6.23-r1 (31 Oct 2007)
30
31 31 Oct 2007; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.6.23-r1.ebuild:
33 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
34
35 29 Oct 2007; <solar@gentoo.org> metadata.xml:
36 - update metadata.xml
37
38 25 Oct 2007; Christian Heim <phreak@gentoo.org>
39 hardened-sources-2.6.22-r8.ebuild:
40 Marking 2.6.22-r8 stable on amd64 and x86.
41
42 21 Oct 2007; Christian Heim <phreak@gentoo.org>
43 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
44 -hardened-sources-2.6.21-r4.ebuild:
45 Removing old ebuilds.
46
47 *hardened-sources-2.4.35-r2 (21 Oct 2007)
48
49 21 Oct 2007; Christian Heim <phreak@gentoo.org>
50 +hardened-sources-2.4.35-r2.ebuild:
51 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
52 patches.
53
54 *hardened-sources-2.6.22-r8 (21 Oct 2007)
55
56 21 Oct 2007; Christian Heim <phreak@gentoo.org>
57 +hardened-sources-2.6.22-r8.ebuild:
58 Yet another new patch, hopefully fixing the remaining issues we had w/
59 2.6.22. Candidate for stabling.
60
61 *hardened-sources-2.6.23 (13 Oct 2007)
62
63 13 Oct 2007; Christian Heim <phreak@gentoo.org>
64 +hardened-sources-2.6.23.ebuild:
65 Initial hardened-sources-2.6.23. If people still have problems w/ bug
66 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
67
68 11 Oct 2007; Christian Heim <phreak@gentoo.org>
69 hardened-sources-2.6.20-r10.ebuild:
70 Pulling in yet another new genpatches version, fixing the PWC bug for real.
71
72 04 Oct 2007; Christian Heim <phreak@gentoo.org>
73 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
74 Removing old versions.
75
76 *hardened-sources-2.6.22-r7 (01 Oct 2007)
77
78 01 Oct 2007; Christian Heim <phreak@gentoo.org>
79 +hardened-sources-2.6.22-r7.ebuild:
80 Revision bump, pulling in a newer patch. Should fix #194276.
81
82 30 Sep 2007; Christian Heim <phreak@gentoo.org>
83 hardened-sources-2.6.20-r10.ebuild:
84 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
85 Mike Doty).
86
87 *hardened-sources-2.6.22-r6 (26 Sep 2007)
88
89 26 Sep 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.22-r6.ebuild:
91 Revision bump, grabbing up till Linux 2.6.22.9.
92
93 24 Sep 2007; Christian Heim <phreak@gentoo.org>
94 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
95 Cleaning up further.
96
97 *hardened-sources-2.6.20-r10 (24 Sep 2007)
98
99 24 Sep 2007; Christian Heim <phreak@gentoo.org>
100 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
101 +hardened-sources-2.6.20-r10.ebuild:
102 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
103 revisions.
104
105 *hardened-sources-2.6.22-r5 (22 Sep 2007)
106
107 22 Sep 2007; Christian Heim <phreak@gentoo.org>
108 +hardened-sources-2.6.22-r5.ebuild:
109 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
110
111 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
112 Removing johnm from metadata.xml (see #186467 for reference).
113
114 *hardened-sources-2.6.22-r4 (17 Sep 2007)
115
116 17 Sep 2007; Christian Heim <phreak@gentoo.org>
117 +hardened-sources-2.6.22-r4.ebuild:
118 Revision bump, hopefully fixing all those weird PAX failures.
119
120 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
121 Updating the metadata.xml.
122
123 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
124 Removing tocharian from metadata due to his retirement (see #71718 for
125 reference).
126
127 *hardened-sources-2.6.20-r9 (30 Aug 2007)
128
129 30 Aug 2007; Christian Heim <phreak@gentoo.org>
130 +hardened-sources-2.6.20-r9.ebuild:
131 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
132
133 29 Aug 2007; Christian Heim <phreak@gentoo.org>
134 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
135 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
136 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
137 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
138 -hardened-sources-2.6.22-r2.ebuild:
139 Removing some redundant versions.
140
141 *hardened-sources-2.4.35-r1 (29 Aug 2007)
142
143 29 Aug 2007; Christian Heim <phreak@gentoo.org>
144 +hardened-sources-2.4.35-r1.ebuild:
145 Revision bump, new grsecurity patch.
146
147 *hardened-sources-2.6.20-r8 (26 Aug 2007)
148
149 26 Aug 2007; Christian Heim <phreak@gentoo.org>
150 +hardened-sources-2.6.20-r8.ebuild:
151 Revision bump for Linux 2.6.20.17.
152
153 *hardened-sources-2.6.22-r3 (22 Aug 2007)
154
155 22 Aug 2007; Christian Heim <phreak@gentoo.org>
156 +hardened-sources-2.6.22-r3.ebuild:
157 Revision bump for Linux 2.6.22.4.
158
159 16 Aug 2007; Christian Heim <phreak@gentoo.org>
160 hardened-sources-2.6.22-r2.ebuild:
161 Updated patchset, to fix the alignment against 2.6.22.3.
162
163 *hardened-sources-2.6.22-r2 (16 Aug 2007)
164
165 16 Aug 2007; Christian Heim <phreak@gentoo.org>
166 +hardened-sources-2.6.22-r2.ebuild:
167 Revision bump for Linux 2.6.22.3.
168
169 *hardened-sources-2.4.35 (16 Aug 2007)
170
171 16 Aug 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.4.35.ebuild:
173 Version bump, initial version for Linux 2.4.35.
174
175 *hardened-sources-2.6.21-r4 (16 Aug 2007)
176
177 16 Aug 2007; Christian Heim <phreak@gentoo.org>
178 +hardened-sources-2.6.21-r4.ebuild:
179 Revision bump for Linux 2.6.21.6.
180
181 *hardened-sources-2.6.20-r7 (16 Aug 2007)
182
183 16 Aug 2007; Christian Heim <phreak@gentoo.org>
184 +hardened-sources-2.6.20-r7.ebuild:
185 Revision bump for Linux 2.6.20.16.
186
187 *hardened-sources-2.6.22-r1 (13 Aug 2007)
188
189 13 Aug 2007; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.22-r1.ebuild:
191 Yet another revision bump.
192
193 *hardened-sources-2.6.22 (10 Aug 2007)
194
195 10 Aug 2007; Christian Heim <phreak@gentoo.org>
196 +hardened-sources-2.6.22.ebuild:
197 Initial release for 2.6.22. If you are using hardened-sources on a desktop
198 machine (P4 or newer), be aware you might need to disable
199 CONFIG_PAX_PAGEEXEC.
200
201 04 Aug 2007; Christian Heim <phreak@gentoo.org>
202 hardened-sources-2.6.20-r6.ebuild:
203 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
204 2.6.20.15.
205
206 10 Jul 2007; Christian Heim <phreak@gentoo.org>
207 hardened-sources-2.6.20-r5.ebuild:
208 Marking hardened-sources-2.6.20-r5 stable on ppc.
209
210 10 Jul 2007; Christian Heim <phreak@gentoo.org>
211 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
212 Cleanup.
213
214 *hardened-sources-2.6.20-r6 (08 Jul 2007)
215
216 08 Jul 2007; Christian Heim <phreak@gentoo.org>
217 +hardened-sources-2.6.20-r6.ebuild:
218 Revision bump, grabbing yet another stable release.
219
220 17 Jun 2007; Christian Heim <phreak@gentoo.org>
221 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
222 -hardened-sources-2.6.21-r2.ebuild:
223 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
224 alpha stable KEYWORD by mistake.
225
226 17 Jun 2007; Christian Heim <phreak@gentoo.org>
227 hardened-sources-2.6.20-r5.ebuild:
228 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
229 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
230
231 *hardened-sources-2.6.21-r3 (12 Jun 2007)
232
233 12 Jun 2007; Christian Heim <phreak@gentoo.org>
234 +hardened-sources-2.6.21-r3.ebuild:
235 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
236 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
237 love.
238
239 *hardened-sources-2.6.20-r5 (11 Jun 2007)
240
241 11 Jun 2007; Christian Heim <phreak@gentoo.org>
242 +hardened-sources-2.6.20-r5.ebuild:
243 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
244 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
245 love.
246
247 *hardened-sources-2.4.34.5 (11 Jun 2007)
248
249 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
250 +hardened-sources-2.4.34.5.ebuild:
251 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
252
253 30 May 2007; Christian Heim <phreak@gentoo.org>
254 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
255 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
256 stale ebuild(s).
257
258 30 May 2007; Christian Heim <phreak@gentoo.org>
259 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
260 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
261 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
262 Doing some cleanups, remove stale ebuilds.
263
264 26 May 2007; Christian Heim <phreak@gentoo.org>
265 hardened-sources-2.6.21-r2.ebuild:
266 Fixing the grsecurity patch, had one '};' too much.
267
268 *hardened-sources-2.6.21-r2 (26 May 2007)
269
270 26 May 2007; Christian Heim <phreak@gentoo.org>
271 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
272 +hardened-sources-2.6.21-r2.ebuild:
273 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
274 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
275
276 *hardened-sources-2.6.20-r4 (26 May 2007)
277
278 26 May 2007; Christian Heim <phreak@gentoo.org>
279 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
280 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
281 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
282
283 15 May 2007; Christian Heim <phreak@gentoo.org>
284 hardened-sources-2.6.20-r3.ebuild:
285 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
286 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
287 grsecurity patch fail in that exact same hunk.
288
289 *hardened-sources-2.6.20-r3 (15 May 2007)
290
291 15 May 2007; Christian Heim <phreak@gentoo.org>
292 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
293 Revision bump, incorporating Linux 2.6.20.11.
294
295 *hardened-sources-2.6.21-r1 (11 May 2007)
296
297 11 May 2007; Christian Heim <phreak@gentoo.org>
298 +hardened-sources-2.6.21-r1.ebuild:
299 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
300 mentioned in #177234.
301
302 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
303 files/digest-hardened-sources-2.6.21, Manifest:
304 Fix Manifest/digest for linux-2.6.21.tar.bz2
305
306 06 May 2007; Christian Heim <phreak@gentoo.org>
307 hardened-sources-2.6.21.ebuild:
308 Bumping the hardened-patches version, needed for the fix for #177234.
309
310 *hardened-sources-2.6.21 (02 May 2007)
311
312 02 May 2007; Christian Heim <phreak@gentoo.org>
313 +hardened-sources-2.6.21.ebuild:
314 Version bump, Linux 2.6.21-hardened.
315
316 29 Apr 2007; Christian Heim <phreak@gentoo.org>
317 hardened-sources-2.6.20-r2.ebuild:
318 Adding ~ia64 on Ned's request.
319
320 29 Apr 2007; Christian Heim <phreak@gentoo.org>
321 hardened-sources-2.6.20-r2.ebuild:
322 Fixing the included grsecurity patch, wasn't alligning due to the Index:
323 header line(s).
324
325 29 Apr 2007; Christian Heim <phreak@gentoo.org>
326 hardened-sources-2.6.20-r2.ebuild:
327 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
328
329 *hardened-sources-2.6.20-r2 (10 Apr 2007)
330
331 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
332 +hardened-sources-2.6.20-r2.ebuild:
333 Version bump, on behalf of phreak
334
335 *hardened-sources-2.6.20-r1 (04 Apr 2007)
336
337 04 Apr 2007; Christian Heim <phreak@gentoo.org>
338 +hardened-sources-2.6.20-r1.ebuild:
339 Revision bump, grabbing a newer grsecurity snapshot.
340
341 *hardened-sources-2.6.20 (25 Mar 2007)
342
343 25 Mar 2007; Christian Heim <phreak@gentoo.org>
344 +hardened-sources-2.6.20.ebuild:
345 Finally a hardened-sources version for 2.6.20; many people have been waiting
346 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
347 testbox.
348
349 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
350 hardened-sources-2.6.18-r6.ebuild:
351 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
352
353 *hardened-sources-2.6.18-r6 (16 Mar 2007)
354
355 16 Mar 2007; Christian Heim <phreak@gentoo.org>
356 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
357 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
358 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
359 supposed to be.
360
361 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
362 Fixing the Manifest, the previous one was broken (as in still had the
363 deleted ebuild in it).
364
365 06 Mar 2007; Christian Heim <phreak@gentoo.org>
366 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
367 +hardened-sources-2.6.18-r5.ebuild:
368 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
369 Linux 2.6.18.8. Also cleaning up the older version.
370
371 *hardened-sources-2.6.18-r5 (06 Mar 2007)
372
373 06 Mar 2007; Christian Heim <phreak@gentoo.org>
374 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
375 +hardened-sources-2.6.18-r5.ebuild:
376 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
377 Linux 2.6.18.8. Also cleaning up the older version.
378
379 24 Feb 2007; Christian Heim <phreak@gentoo.org>
380 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
381 -hardened-sources-2.6.19-r5.ebuild:
382 Removing some of the old version, that didn't work.
383
384 *hardened-sources-2.6.19-r6 (12 Feb 2007)
385
386 12 Feb 2007; Christian Heim <phreak@gentoo.org>
387 +hardened-sources-2.6.19-r6.ebuild:
388 Revision bump, including a new grsec version fixing #166235.
389
390 *hardened-sources-2.4.34 (24 Jan 2007)
391
392 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
393 Manifest:
394 updating Manifest with checksums of new tarball and ebuild
395
396 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
397 +hardened-sources-2.4.34.ebuild:
398 I added new hardened sources 2.4 update, this is a critical path
399 security bugfix - all users of h-s are strongly advised
400 to update their existing hardened sources to this version.
401 It contains a fix for a kernel vulnerability that is pertaining
402 to the PaX changes to virtual memory management, possibly leading
403 to a local kernel exploit ... see grsecurity.net forums and homepage
404
405 23 Jan 2007; Christian Heim <phreak@gentoo.org>
406 files/digest-hardened-sources-2.6.19-r5, Manifest:
407 Fixing the patch-tarball digest.
408
409 *hardened-sources-2.6.19-r5 (23 Jan 2007)
410
411 23 Jan 2007; Christian Heim <phreak@gentoo.org>
412 +hardened-sources-2.6.19-r5.ebuild:
413 Revision bump, closing the recently discovered PaX expand_stack()
414 vulnerability.
415
416 *hardened-sources-2.6.19-r4 (14 Jan 2007)
417
418 14 Jan 2007; Christian Heim <phreak@gentoo.org>
419 +hardened-sources-2.6.19-r4.ebuild:
420 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
421 dropping the randomized PID feature.
422
423 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
424 hardened-sources-2.4.33.4.ebuild:
425 stable x86, bug #161171
426
427 *hardened-sources-2.6.19-r3 (27 Dec 2006)
428
429 27 Dec 2006; Christian Heim <phreak@gentoo.org>
430 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
431 Revision bump for bug #157186 and #158786.
432
433 *hardened-sources-2.6.18-r4 (27 Dec 2006)
434
435 27 Dec 2006; Christian Heim <phreak@gentoo.org>
436 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
437 Revision bump for bug #157186.
438
439 *hardened-sources-2.6.19-r2 (23 Dec 2006)
440
441 23 Dec 2006; Christian Heim <phreak@gentoo.org>
442 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
443 Revision bump to pull in genpatches-2.6.19-3 for #157186.
444
445 17 Dec 2006; Christian Heim <phreak@gentoo.org>
446 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
447 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
448 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
449 hardened-sources-2.6.19-r1.ebuild:
450 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
451 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
452
453 *hardened-sources-2.4.33.4 (17 Dec 2006)
454
455 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
456 +hardened-sources-2.4.33.4.ebuild:
457 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
458 and quilting
459
460 *hardened-sources-2.6.19-r1 (14 Dec 2006)
461
462 14 Dec 2006; Christian Heim <phreak@gentoo.org>
463 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
464 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
465 for reporting).
466
467 *hardened-sources-2.6.19 (13 Dec 2006)
468
469 13 Dec 2006; Christian Heim <phreak@gentoo.org>
470 +hardened-sources-2.6.19.ebuild:
471 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
472 Brad for providing that prompt update.
473
474 *hardened-sources-2.6.18-r3 (13 Dec 2006)
475
476 13 Dec 2006; Christian Heim <phreak@gentoo.org>
477 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
478 +hardened-sources-2.6.18-r3.ebuild:
479 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
480 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
481
482 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
483 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
484
485 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
486 Stable on ppc wrt bug 157356
487
488 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
489 hardened-sources-2.6.18.ebuild:
490 stable x86, bug #157356
491
492 *hardened-sources-2.6.18-r2 (06 Dec 2006)
493
494 06 Dec 2006; Christian Heim <phreak@gentoo.org>
495 +hardened-sources-2.6.18-r2.ebuild:
496 Revision bump, including 2.6.18.5 (via genpatches) and
497 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
498 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
499 redesign.
500
501 06 Dec 2006; Christian Heim <phreak@gentoo.org>
502 hardened-sources-2.6.18.ebuild:
503 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
504 of Mike Doty).
505
506 *hardened-sources-2.6.18-r1 (23 Nov 2006)
507
508 23 Nov 2006; Christian Heim <phreak@gentoo.org>
509 +hardened-sources-2.6.18-r1.ebuild:
510 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
511
512 *hardened-sources-2.6.18 (11 Nov 2006)
513
514 11 Nov 2006; Christian Heim <phreak@gentoo.org>
515 +hardened-sources-2.6.18.ebuild:
516 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
517
518 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
519 - mark amd64 stable also. bug #151877
520
521 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
522 - mark 2.6.17-r1 stable
523
524 27 Aug 2006; Christian Heim <phreak@gentoo.org>
525 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
526 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
527
528 *hardened-sources-2.6.17-r1 (26 Aug 2006)
529
530 26 Aug 2006; Christian Heim <phreak@gentoo.org>
531 +hardened-sources-2.6.17-r1.ebuild:
532 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
533 grsecurity patch.
534
535 *hardened-sources-2.6.17 (17 Aug 2006)
536
537 17 Aug 2006; Christian Heim <phreak@gentoo.org>
538 +hardened-sources-2.6.17.ebuild:
539 Bumping the hardened-sources-2.6 series to 2.6.17, using
540 genpatches-2.6.17-6.base.
541
542 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
543 - stable on x86 and amd64
544
545 *hardened-sources-2.6.16-r11 (15 Jul 2006)
546
547 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
548 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
549 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
550 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
551 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
552 crusty ebuilds
553
554 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
555 hardened-sources-2.6.16-r10.ebuild:
556 marking stable on x86 and amd64
557
558 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
559 - 2.4.32-r6 stable on x86. RSBAC state unknown
560
561 *hardened-sources-2.4.32-r7 (10 Jul 2006)
562
563 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
564 +hardened-sources-2.4.32-r7.ebuild:
565 Bump PaX for RSBAC to test-17
566
567 *hardened-sources-2.6.16-r9 (03 Jul 2006)
568
569 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
570 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
571 hardened-sources-2.6.16 bump to latest -base.
572
573 *hardened-sources-2.4.32-r6 (30 Jun 2006)
574
575 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
576 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
577 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
578 sysctl controlable resource logging
579
580 *hardened-sources-2.6.16-r7 (05 Jun 2006)
581
582 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
583 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
584 push new 2.6.16 release in preparation for stable
585
586 22 May 2006; <solar@gentoo.org> :
587 - redigest bug 134002
588
589 *hardened-sources-2.4.32-r5 (16 May 2006)
590
591 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
592 +hardened-sources-2.4.32-r5.ebuild:
593 Fixes rsbac common patching (new patch in new -r5 patchset)
594
595 *hardened-sources-2.4.32-r4 (13 May 2006)
596
597 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
598 +hardened-sources-2.4.32-r4.ebuild:
599 - security bumps
600
601 *hardened-sources-2.6.16-r6 (03 May 2006)
602
603 03 May 2006; John Mylchreest <johnm@gentoo.org>
604 +hardened-sources-2.6.16-r6.ebuild:
605 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
606
607 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
608 hardened-sources-2.6.14-r8.ebuild:
609 fix x86_64 build problem, this will delay the digest issue again for a short
610 while but it will sort itself out
611
612 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
613 hardened-sources-2.6.14-r8.ebuild:
614 bump hardened patchset
615
616 27 Apr 2006; Alec Warner <antarus@gentoo.org>
617 files/digest-hardened-sources-2.4.32-r2,
618 files/digest-hardened-sources-2.4.32-r3,
619 files/digest-hardened-sources-2.6.14-r8, Manifest:
620 Fixing duff SHA256 digests: Bug # 131293
621
622 *hardened-sources-2.6.16-r5 (27 Apr 2006)
623
624 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
625 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
626 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
627 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
628 cleanup of old uneccessary sources
629
630 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
631 fix digest
632
633 *hardened-sources-2.6.14-r8 (20 Apr 2006)
634
635 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
636 +hardened-sources-2.6.14-r8.ebuild:
637 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
638
639 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
640 Turning on gpg-signing again, and recomitting
641
642 *hardened-sources-2.6.16-r4 (20 Apr 2006)
643
644 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
645 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
646 +hardened-sources-2.6.16-r4.ebuild:
647 Fix numerous security vulns
648
649 *hardened-sources-2.4.32-r3 (16 Apr 2006)
650
651 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
652 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
653 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
654 - security bump for bug #112791. Removed old ebuilds
655
656 *hardened-sources-2.6.16-r3 (15 Apr 2006)
657
658 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
659 +hardened-sources-2.6.16-r3.ebuild:
660 Removing silly localversion which I missed
661
662 *hardened-sources-2.6.14-r7 (14 Apr 2006)
663
664 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
665 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
666 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
667
668 *hardened-sources-2.6.16-r2 (13 Apr 2006)
669
670 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
671 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
672 +hardened-sources-2.6.16-r2.ebuild:
673 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
674 labels, dropping USERGROUP define fixes, since these were merged mainstream.
675
676 *hardened-sources-2.6.16-r1 (11 Apr 2006)
677
678 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
679 +hardened-sources-2.6.16-r1.ebuild:
680 Bumping to include ppc build fix and 2.6.16.3
681
682 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
683 hardened-sources-2.6.14-r6.ebuild:
684 Stable on x86; bug #127718
685
686 *hardened-sources-2.6.16 (31 Mar 2006)
687
688 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
689 +hardened-sources-2.6.16.ebuild:
690 Bumping to new version of grsec, and kernel base. New squashfs. Based on
691 2.6.16.1
692
693 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
694 hardened-sources-2.6.14-r6.ebuild:
695 Stable on amd64, bug 127718.
696
697 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
698 Stable on ppc. Bug #127718
699
700 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
701 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
702 -hardened-sources-2.6.14-r4.ebuild:
703 Cleanup.
704
705 *hardened-sources-2.6.14-r6 (15 Mar 2006)
706
707 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
708 +hardened-sources-2.6.14-r6.ebuild:
709 Fixes grsec policy recreation bug and adds a
710 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
711
712 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
713 - stable on x86
714
715 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
716 hardened-sources-2.6.14-r5.ebuild:
717 Stable on ppc.
718
719 *hardened-sources-2.6.14-r5 (01 Feb 2006)
720
721 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
722 +hardened-sources-2.6.14-r5.ebuild:
723 fixing every known exploit
724
725 *hardened-sources-2.4.32-r2 (26 Jan 2006)
726
727 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
728 +hardened-sources-2.4.32-r2.ebuild:
729 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
730
731 *hardened-sources-2.6.14-r4 (12 Jan 2006)
732
733 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
734 - version bump for new genpatches which fix up a few sec holes
735
736 *hardened-sources-2.4.32-r1 (05 Jan 2006)
737
738 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
739 - revision bump to add misc vital linux kernel security patches.
740
741 *hardened-sources-2.6.14-r3 (30 Dec 2005)
742
743 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
744 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
745 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
746
747 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
748 hardened-sources-2.6.14-r2.ebuild:
749 making x86 & amd64 stable following testing.
750
751 *hardened-sources-2.6.14-r2 (27 Dec 2005)
752
753 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
754 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
755 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
756 network hooks.
757
758 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
759 hardened-sources-2.6.14-r1.ebuild:
760 bumping to stable early for sec fix on x86 & amd64
761
762 *hardened-sources-2.6.14-r1 (05 Dec 2005)
763
764 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
765 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
766 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
767
768 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
769 - stable on x86 security bug #114227 CAN-2005-3257
770
771 *hardened-sources-2.4.32 (19 Nov 2005)
772
773 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
774 +hardened-sources-2.4.32.ebuild:
775 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
776 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
777 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
778 rsbac >> /etc/portage/package.use)
779
780 *hardened-sources-2.6.14 (14 Nov 2005)
781
782 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
783 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
784 Bumping 2.6 series to 2.6.14.2
785
786 *hardened-sources-2.6.13-r2 (20 Oct 2005)
787
788 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
789 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
790 +hardened-sources-2.6.13-r2.ebuild:
791 Fixes minor build error in ppc.
792
793 *hardened-sources-2.6.13-r1 (17 Oct 2005)
794
795 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
796 +hardened-sources-2.6.13-r1.ebuild:
797 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
798 2.6.13.4, fixes some major amd64 stability problems.
799
800 *hardened-sources-2.6.13 (16 Sep 2005)
801
802 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
803 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
804 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
805 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
806 users should test this thoroughly.
807
808 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
809 - stable on x86
810
811 *hardened-sources-2.6.11-r15 (27 Jun 2005)
812
813 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
814 +hardened-sources-2.6.11-r15.ebuild:
815 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
816 grsec redefining curr_ip struct.
817
818 *hardened-sources-2.4.31 (20 Jun 2005)
819
820 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
821 initial import of 2.4.31 tree
822
823 *hardened-sources-2.6.11-r14 (14 Jun 2005)
824
825 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
826 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
827 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
828 naming scheme to abide by genpatches
829
830 *hardened-sources-2.6.11-r13 (18 May 2005)
831
832 18 May 2005; John Mylchreest <johnm@gentoo.org>
833 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
834 Managed to mangle the Makefile patch from grsec, to miss out the grsec
835 target. sorry about that. Fixes bug #93022
836
837 *hardened-sources-2.6.11-r12 (17 May 2005)
838
839 17 May 2005; John Mylchreest <johnm@gentoo.org>
840 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
841 +hardened-sources-2.6.11-r12.ebuild:
842 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
843 merges in genpatches-base
844
845 *hardened-sources-2.6.11-r12 (17 May 2005)
846
847 17 May 2005; John Mylchreest <johnm@gentoo.org>
848 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
849 +hardened-sources-2.6.11-r12.ebuild:
850 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
851 merges in genpatches-base
852
853 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
854 -files/2.4.27-cmdline-race.patch,
855 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
856 -files/2.4.28-grsec-binfmt_a.out.patch,
857 -files/2.4.28-grsec-cmdline-race.patch,
858 -files/2.4.28-selinux-binfmt_a.out.patch,
859 -files/2.4.28-selinux-cmdline-race.patch,
860 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
861 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
862 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
863 cleanup..
864
865 *hardened-sources-2.4.30-r1 (21 Apr 2005)
866
867 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
868 - disable aout by default
869
870 *hardened-sources-2.4.30 (18 Apr 2005)
871
872 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
873 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
874 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
875 use
876
877 *hardened-sources-2.4.29 (30 Mar 2005)
878
879 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
880 +hardened-sources-2.4.29.ebuild:
881 New hardened-patches-2.4-29.0 patchball.
882 Removed SELinux support, upgraded GRSecurity to 2.1.4.
883
884 *hardened-sources-2.4.28-r5 (06 Mar 2005)
885
886 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
887 +hardened-sources-2.4.28-r5.ebuild:
888 Added a fix for a PaX vulnerability.
889
890 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
891 hardened-sources-2.4.28-r4.ebuild:
892 Stable on x86
893
894 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
895 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
896 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
897 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
898 - fixed/added RDEPEND= in all kernel-2 ebuilds
899
900 *hardened-sources-2.4.28-r4 (21 Jan 2005)
901
902 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
903 +hardened-sources-2.4.28-r4.ebuild:
904 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
905 backport of neighbour hash updates.
906
907 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
908 hardened-sources-2.4.28-r3.ebuild:
909 Stable on x86
910
911 *hardened-sources-2.6.10-r3 (20 Jan 2005)
912
913 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
914 +hardened-sources-2.6.10-r3.ebuild:
915 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
916 in 2005.0
917
918 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
919 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
920 hardened-sources-2.4.28-r2.ebuild:
921 Mark stable on x86
922
923 *hardened-sources-2.4.28-r3 (17 Jan 2005)
924
925 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
926 +hardened-sources-2.4.28-r3.ebuild:
927 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
928
929 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
930 hardened-sources-2.4.28.ebuild:
931 Mark stable on x86.
932
933 *hardened-sources-2.4.28-r2 (13 Jan 2005)
934
935 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
936 +hardened-sources-2.4.28-r2.ebuild:
937 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
938 Mazinger for grsecurity patches as well.
939
940 *hardened-sources-2.4.28-r1 (23 Dec 2004)
941
942 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
943 Security bump. Thank tocharian for rolling a new patchset...
944
945 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
946 +files/2.4.28-grsec-cmdline-race.patch,
947 +files/2.4.28-selinux-binfmt_a.out.patch,
948 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
949 - Round up remaining security patches that appear to be missing in 2.4.28. -
950 PaX standalone updated to current. hgpv=28.1
951
952 *hardened-sources-2.4.28 (28 Nov 2004)
953
954 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
955 security bump. Thank tocharian for rolling a new patchset
956
957 *hardened-sources-2.4.27-r3 (08 Sep 2004)
958
959 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
960 +hardened-sources-2.4.27-r3.ebuild:
961 Applies the new 2.4-27.2 patchball which updates
962 GRSecurity to the 2.0.1 version.
963
964 *hardened-sources-2.4.27-r2 (31 Aug 2004)
965
966 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
967 +hardened-sources-2.4.27-r2.ebuild:
968 Version bump.
969 This version uses the new 2.4-27.1 patchball which updates
970 both the SELinux PaX hooks patch and the SELinux headers.
971
972 *hardened-sources-2.4.27-r1 (09 Aug 2004)
973
974 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
975 +hardened-sources-2.4.27-r1.ebuild,
976 -hardened-sources-2.4.27.ebuild,
977 +files/2.4.27-cmdline-race.patch:
978 Version bump, fix for cmdline race. See bug #59905.
979
980 *hardened-sources-2.4.26-r6 (09 Aug 2004)
981
982 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
983 +hardened-sources-2.4.26-r6.ebuild,
984 -hardened-sources-2.4.26-r5.ebuild,
985 -hardened-sources-2.4.26-r4.ebuild,
986 +files/2.4.26-cmdline-race.patch:
987 Version bump, fix for cmdline race. See bug #59905.
988
989 *hardened-sources-2.4.27 (08 Aug 2004)
990
991 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
992 +hardened-sources-2.4.27.ebuild,
993 +files/2.4.27-CAN-2004-0394.patch:
994 Ported the patchball to the 2.4.27 kernel version.
995
996 *hardened-sources-2.4.26-r5 (07 Aug 2004)
997
998 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
999 +hardened-sources-2.4.26-r5.ebuild:
1000 Updated to use the new hardened-patches-2.4-26.1 patchball.
1001 It adds the following features:
1002 - Squashfs
1003 - Ebtables
1004 - Netdev random (core+drivers)
1005 - Watchdog Timer (WDT) fix.
1006
1007 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1008
1009 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1010 +hardened-sources-2.4.26-r4.ebuild,
1011 +files/2.4.26-CAN-2004-0415.patch,
1012 -hardened-sources-2.4.26-3:
1013 Version bump, fix for CAN 0415, see bug #59378.
1014
1015 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1016
1017 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1018 +hardened-sources-2.4.26-r3.ebuild,
1019 +files/2.4.26-CAN-2004-0497.patch,
1020 -hardened-sources-2.4.26-r2.ebuild:
1021 Version bump, fixed CAN 0497, see bug #56171.
1022
1023 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1024
1025 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1026 +hardened-sources-2.4.26-r2.ebuild,
1027 +files/2.4.26-CAN-2004-0495.patch,
1028 +files/2.4.26-CAN-2004-0535.patch,
1029 -hardened-sources-2.4.26-r1.ebuild:
1030 Fixes for both CAN 0495 and 0535, see bug #54976
1031
1032 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1033 hardened-sources-2.4.26-r1.ebuild:
1034 QA - fix use invocation
1035
1036 *hardened-sources-2.4.26-r1 (22 June 2004)
1037
1038 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1039 +hardened-sources-2.4.26-r1.ebuild,
1040 +files/2.4.26-CAN-2004-0394.patch,
1041 +files/2.4.26-signal-race.patch,
1042 -hardened-sources-2.4.26.ebuild,
1043 -hardened-sources-2.4.24-r3.ebuild:
1044 Version bump for the CAN-2004-0394 issue and bug #53804
1045 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1046
1047
1048 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1049 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1050 Masked hardened-sources-2.4.26.ebuild broken for ppc
1051
1052 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1053 hardened-sources-2.4.24-r3.ebuild:
1054 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1055
1056 *hardened-sources-2.4.26 (29 May 2004)
1057
1058 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1059 +hardened-sources-2.4.26.ebuild:
1060 Updated hardened-sources for the 2.4.26 kernel
1061 Removed broken components, updated almost everything.
1062
1063 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1064
1065 17 Apr 2004; <plasmaroo@gentoo.org>
1066 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1067 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1068 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1069 +hardened-sources-2.4.24-r3.ebuild:
1070 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1071 vulnerabilities. Old revisions removed.
1072
1073 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1074
1075 15 Apr 2004; <plasmaroo@gentoo.org>
1076 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1077 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1078 Version bump for the CAN-2004-0109 issue; bug #47881.
1079
1080 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1081 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1082 Add eutils to inherit.
1083
1084 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1085
1086 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1087 files/hardened-sources-2.4.24.munmap.patch:
1088 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1089
1090 *hardened-sources-2.4.24 (06 Feb 2004)
1091
1092 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1093 hardened-sources-2.4.24.ebuild:
1094 Version bump, updated most of the components.
1095 This release includes the following:
1096
1097 - Hardened security
1098 - Netfilter patch-o-matic 20031219
1099 - FreeSWAN 2.04 & x509 1.4.8
1100 - EVMS 2.2.2
1101 - XFS 1.3.1
1102 - cryptoloop jari
1103 - grsecurity 2.0-rc4
1104 - SELinux
1105 - PaX 200402060000
1106 - PaX Obscurity 200308302223
1107 - Others...
1108
1109 Neither -ck nor systrace are included anymore.
1110
1111 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1112
1113 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1114 hardened-sources-2.4.22-r2.ebuild:
1115 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1116
1117 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1118
1119 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1120 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1121
1122 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1123 hardened-sources-2.4.22-r1.ebuild:
1124 Version bump for the 'do_brk' vulnerability.
1125
1126 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1127 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1128 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1129 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1130 Fix the 'do_brk' vulnerability.
1131
1132 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1133 hardened-sources-2.4.22.ebuild:
1134 - Removed the src_install() portion for SELinux flask
1135 components. These are no longer handled in the kernel
1136 so this code was not necessary.
1137
1138 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1139 New 2.4.22 based hardened-sources thanks to
1140 Phil West <p.west@computer.org>.
1141
1142 These sources include:
1143 - New SELinux API
1144 - Updated CK-base
1145 - Updated GRSec
1146 - Systrace
1147 - SuperFreeS/WAN 1.99.8
1148 - Propolice kernel build support
1149 - EVMS
1150 - Other various security related patches
1151
1152 *hardened-sources-2.4.21 (14 Sep 2003)
1153
1154 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1155 Updated hardened-sources based on the 2.4.21 Linux kernel.
1156 This includes updates to most major components such as:
1157 - ck-base-0306300059
1158 - selinux-2.4-2003071106
1159 - grsecurity-2.0-rc1
1160 - Updated IPTables patch-o-matic
1161 - Updated SuperFreeS/WAN
1162
1163 Thanks to Phil West <pwest@computer.org> for his work in getting this
1164 updated patch set ready for the 2.4.21 based kernel.
1165
1166 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1167 Initial import of hardened-sources-2.4.20-r4. This revision
1168 includes only a few changes, but one of these is an important
1169 security fix. It is recommended all users of hardened-sources
1170 upgrade to this release.
1171
1172 - ioperm bug fix
1173 - fixed compilation failure when building without GRSec
1174
1175 SAL (Secure Auditing for Linux) is NOT included in this revision
1176 due to time constraints, but is planned for inclusion in the near
1177 future.
1178
1179 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1180
1181 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1182 hardened-sources-2.4.20-r3.ebuild:
1183 Add Header...
1184
1185 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1186 hardened-sources-2.4.20-r3.ebuild:
1187 Removed warnings from ebuild. This kernel should be safe to
1188 use at this point.
1189
1190 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1191
1192 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1193 hardened-sources-2.4.20-r3.ebuild:
1194 New revision. Includes the following changes over -r2:
1195
1196 - ck7-base (O(1), preempt, low latency)
1197 - Super FreeS/WAN 1.99.7rc2
1198 - PaX for the LSM/SELinux branch
1199 - GRSecurity 2.0-pre4 (role based access control)
1200 - Systrace 1.3
1201 - EXT3 fixes
1202 - EVMS 2.0.1
1203 - GCC 3.1+ compile optimizations
1204 - ProPolice kernel build support
1205 - Hashing table security fixes
1206
1207 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1208
1209 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1210 Initial import of hardened-sources-r2. This new
1211 ebuild includes many new performance and security
1212 related patches. As in -r1, it will patch in
1213 LSM/SELinux if "selinux" is in USE, otherwise it
1214 will patch in GRSecurity. The following patches
1215 are included in this revision:
1216
1217 - O(1) Scheduler, Low Latency, and Preempt
1218 (pulled from the base CK patch)
1219 - ptrace exploit patch for the LSM kernel
1220 (the GRSec patch already fixes this)
1221 - LSM 2.4-2003040709
1222 - SELinux 2.4-2003040709
1223 - Systrace v1.2
1224 - IPTables patch-o-matic base patches - 20030107
1225 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1226 - Super FreeS/WAN 1.99.6.1
1227 - GRSecurity 1.9.9g
1228 - MPPE
1229 - EXT3 data journal fix
1230 - CIPE 1.5.4
1231
1232 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1233 hardened-sources-2.4.20-r1.ebuild, manifest:
1234 Updated to install flask components correctly for selinux.
1235
1236 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1237 hardened-sources-2.4.20-r1.ebuild:
1238 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1239 is patched in instead. Ptrace patches for selinux have also been added. In
1240 either case, systrace support will be patched in as well.
1241
1242 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1243 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1244 Revision bump for new sources.
1245
1246 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1247 hardened-sources-2.4.20-r1.ebuild:
1248 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1249
1250 *hardened-sources-2.4.20 (30 Mar 2003)
1251
1252 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1253 hardened-sources-2.4.20.ebuild:
1254 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20