/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.206 - (show annotations) (download)
Mon Feb 11 19:40:19 2008 UTC (6 years, 5 months ago) by solar
Branch: MAIN
Changes since 1.205: +12 -1 lines
version bump from kerin.millar
Changes:

* Bump to genpatches-base-2.6.23-9
* Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
* Disables COMPAT_VDSO in x86/defconfig
* Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig

(Portage version: 2.1.3.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.205 2008/01/25 22:36:01 phreak Exp $
4
5 *hardened-sources-2.6.23-r7 (11 Feb 2008)
6
7 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
8 - version bump from kerin.millar
9 Changes:
10
11 * Bump to genpatches-base-2.6.23-9
12 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
13 * Disables COMPAT_VDSO in x86/defconfig
14 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
15
16 25 Jan 2008; Christian Heim <phreak@gentoo.org>
17 -hardened-sources-2.6.22-r8.ebuild:
18 Cleaning up old versions.
19
20 *hardened-sources-2.6.23-r6 (25 Jan 2008)
21
22 25 Jan 2008; Christian Heim <phreak@gentoo.org>
23 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
24 Revision bump, pulling in the latest genpatches.
25
26 *hardened-sources-2.6.23-r5 (24 Dec 2007)
27
28 24 Dec 2007; Christian Heim <phreak@gentoo.org>
29 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
30 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
31 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
32 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
33
34 24 Dec 2007; Christian Heim <phreak@gentoo.org>
35 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
36 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
37 -hardened-sources-2.6.23-r3.ebuild:
38 Cleaning out some unused, old versions.
39
40 24 Dec 2007; Christian Heim <phreak@gentoo.org>
41 hardened-sources-2.6.23-r4.ebuild:
42 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
43 in the tree for long, but there isn't much of a difference between this and
44 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
45
46 *hardened-sources-2.6.23-r4 (23 Dec 2007)
47
48 23 Dec 2007; Christian Heim <phreak@gentoo.org>
49 +hardened-sources-2.6.23-r4.ebuild:
50 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
51
52 *hardened-sources-2.6.23-r3 (04 Dec 2007)
53
54 04 Dec 2007; Christian Heim <phreak@gentoo.org>
55 +hardened-sources-2.6.23-r3.ebuild:
56 Revision bump, pulling in 2.6.23.9.
57
58 *hardened-sources-2.6.23-r2 (25 Nov 2007)
59
60 25 Nov 2007; Christian Heim <phreak@gentoo.org>
61 +hardened-sources-2.6.23-r2.ebuild:
62 Updated patchset, thanks to solar.
63
64 *hardened-sources-2.6.23-r1 (31 Oct 2007)
65
66 31 Oct 2007; Christian Heim <phreak@gentoo.org>
67 +hardened-sources-2.6.23-r1.ebuild:
68 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
69
70 29 Oct 2007; <solar@gentoo.org> metadata.xml:
71 - update metadata.xml
72
73 25 Oct 2007; Christian Heim <phreak@gentoo.org>
74 hardened-sources-2.6.22-r8.ebuild:
75 Marking 2.6.22-r8 stable on amd64 and x86.
76
77 21 Oct 2007; Christian Heim <phreak@gentoo.org>
78 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
79 -hardened-sources-2.6.21-r4.ebuild:
80 Removing old ebuilds.
81
82 *hardened-sources-2.4.35-r2 (21 Oct 2007)
83
84 21 Oct 2007; Christian Heim <phreak@gentoo.org>
85 +hardened-sources-2.4.35-r2.ebuild:
86 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
87 patches.
88
89 *hardened-sources-2.6.22-r8 (21 Oct 2007)
90
91 21 Oct 2007; Christian Heim <phreak@gentoo.org>
92 +hardened-sources-2.6.22-r8.ebuild:
93 Yet another new patch, hopefully fixing the remaining issues we had w/
94 2.6.22. Candidate for stabling.
95
96 *hardened-sources-2.6.23 (13 Oct 2007)
97
98 13 Oct 2007; Christian Heim <phreak@gentoo.org>
99 +hardened-sources-2.6.23.ebuild:
100 Initial hardened-sources-2.6.23. If people still have problems w/ bug
101 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
102
103 11 Oct 2007; Christian Heim <phreak@gentoo.org>
104 hardened-sources-2.6.20-r10.ebuild:
105 Pulling in yet another new genpatches version, fixing the PWC bug for real.
106
107 04 Oct 2007; Christian Heim <phreak@gentoo.org>
108 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
109 Removing old versions.
110
111 *hardened-sources-2.6.22-r7 (01 Oct 2007)
112
113 01 Oct 2007; Christian Heim <phreak@gentoo.org>
114 +hardened-sources-2.6.22-r7.ebuild:
115 Revision bump, pulling in a newer patch. Should fix #194276.
116
117 30 Sep 2007; Christian Heim <phreak@gentoo.org>
118 hardened-sources-2.6.20-r10.ebuild:
119 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
120 Mike Doty).
121
122 *hardened-sources-2.6.22-r6 (26 Sep 2007)
123
124 26 Sep 2007; Christian Heim <phreak@gentoo.org>
125 +hardened-sources-2.6.22-r6.ebuild:
126 Revision bump, grabbing up till Linux 2.6.22.9.
127
128 24 Sep 2007; Christian Heim <phreak@gentoo.org>
129 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
130 Cleaning up further.
131
132 *hardened-sources-2.6.20-r10 (24 Sep 2007)
133
134 24 Sep 2007; Christian Heim <phreak@gentoo.org>
135 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
136 +hardened-sources-2.6.20-r10.ebuild:
137 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
138 revisions.
139
140 *hardened-sources-2.6.22-r5 (22 Sep 2007)
141
142 22 Sep 2007; Christian Heim <phreak@gentoo.org>
143 +hardened-sources-2.6.22-r5.ebuild:
144 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
145
146 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
147 Removing johnm from metadata.xml (see #186467 for reference).
148
149 *hardened-sources-2.6.22-r4 (17 Sep 2007)
150
151 17 Sep 2007; Christian Heim <phreak@gentoo.org>
152 +hardened-sources-2.6.22-r4.ebuild:
153 Revision bump, hopefully fixing all those weird PAX failures.
154
155 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
156 Updating the metadata.xml.
157
158 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
159 Removing tocharian from metadata due to his retirement (see #71718 for
160 reference).
161
162 *hardened-sources-2.6.20-r9 (30 Aug 2007)
163
164 30 Aug 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.20-r9.ebuild:
166 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
167
168 29 Aug 2007; Christian Heim <phreak@gentoo.org>
169 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
170 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
171 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
172 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
173 -hardened-sources-2.6.22-r2.ebuild:
174 Removing some redundant versions.
175
176 *hardened-sources-2.4.35-r1 (29 Aug 2007)
177
178 29 Aug 2007; Christian Heim <phreak@gentoo.org>
179 +hardened-sources-2.4.35-r1.ebuild:
180 Revision bump, new grsecurity patch.
181
182 *hardened-sources-2.6.20-r8 (26 Aug 2007)
183
184 26 Aug 2007; Christian Heim <phreak@gentoo.org>
185 +hardened-sources-2.6.20-r8.ebuild:
186 Revision bump for Linux 2.6.20.17.
187
188 *hardened-sources-2.6.22-r3 (22 Aug 2007)
189
190 22 Aug 2007; Christian Heim <phreak@gentoo.org>
191 +hardened-sources-2.6.22-r3.ebuild:
192 Revision bump for Linux 2.6.22.4.
193
194 16 Aug 2007; Christian Heim <phreak@gentoo.org>
195 hardened-sources-2.6.22-r2.ebuild:
196 Updated patchset, to fix the alignment against 2.6.22.3.
197
198 *hardened-sources-2.6.22-r2 (16 Aug 2007)
199
200 16 Aug 2007; Christian Heim <phreak@gentoo.org>
201 +hardened-sources-2.6.22-r2.ebuild:
202 Revision bump for Linux 2.6.22.3.
203
204 *hardened-sources-2.4.35 (16 Aug 2007)
205
206 16 Aug 2007; Christian Heim <phreak@gentoo.org>
207 +hardened-sources-2.4.35.ebuild:
208 Version bump, initial version for Linux 2.4.35.
209
210 *hardened-sources-2.6.21-r4 (16 Aug 2007)
211
212 16 Aug 2007; Christian Heim <phreak@gentoo.org>
213 +hardened-sources-2.6.21-r4.ebuild:
214 Revision bump for Linux 2.6.21.6.
215
216 *hardened-sources-2.6.20-r7 (16 Aug 2007)
217
218 16 Aug 2007; Christian Heim <phreak@gentoo.org>
219 +hardened-sources-2.6.20-r7.ebuild:
220 Revision bump for Linux 2.6.20.16.
221
222 *hardened-sources-2.6.22-r1 (13 Aug 2007)
223
224 13 Aug 2007; Christian Heim <phreak@gentoo.org>
225 +hardened-sources-2.6.22-r1.ebuild:
226 Yet another revision bump.
227
228 *hardened-sources-2.6.22 (10 Aug 2007)
229
230 10 Aug 2007; Christian Heim <phreak@gentoo.org>
231 +hardened-sources-2.6.22.ebuild:
232 Initial release for 2.6.22. If you are using hardened-sources on a desktop
233 machine (P4 or newer), be aware you might need to disable
234 CONFIG_PAX_PAGEEXEC.
235
236 04 Aug 2007; Christian Heim <phreak@gentoo.org>
237 hardened-sources-2.6.20-r6.ebuild:
238 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
239 2.6.20.15.
240
241 10 Jul 2007; Christian Heim <phreak@gentoo.org>
242 hardened-sources-2.6.20-r5.ebuild:
243 Marking hardened-sources-2.6.20-r5 stable on ppc.
244
245 10 Jul 2007; Christian Heim <phreak@gentoo.org>
246 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
247 Cleanup.
248
249 *hardened-sources-2.6.20-r6 (08 Jul 2007)
250
251 08 Jul 2007; Christian Heim <phreak@gentoo.org>
252 +hardened-sources-2.6.20-r6.ebuild:
253 Revision bump, grabbing yet another stable release.
254
255 17 Jun 2007; Christian Heim <phreak@gentoo.org>
256 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
257 -hardened-sources-2.6.21-r2.ebuild:
258 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
259 alpha stable KEYWORD by mistake.
260
261 17 Jun 2007; Christian Heim <phreak@gentoo.org>
262 hardened-sources-2.6.20-r5.ebuild:
263 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
264 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
265
266 *hardened-sources-2.6.21-r3 (12 Jun 2007)
267
268 12 Jun 2007; Christian Heim <phreak@gentoo.org>
269 +hardened-sources-2.6.21-r3.ebuild:
270 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
271 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
272 love.
273
274 *hardened-sources-2.6.20-r5 (11 Jun 2007)
275
276 11 Jun 2007; Christian Heim <phreak@gentoo.org>
277 +hardened-sources-2.6.20-r5.ebuild:
278 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
279 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
280 love.
281
282 *hardened-sources-2.4.34.5 (11 Jun 2007)
283
284 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
285 +hardened-sources-2.4.34.5.ebuild:
286 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
287
288 30 May 2007; Christian Heim <phreak@gentoo.org>
289 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
290 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
291 stale ebuild(s).
292
293 30 May 2007; Christian Heim <phreak@gentoo.org>
294 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
295 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
296 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
297 Doing some cleanups, remove stale ebuilds.
298
299 26 May 2007; Christian Heim <phreak@gentoo.org>
300 hardened-sources-2.6.21-r2.ebuild:
301 Fixing the grsecurity patch, had one '};' too much.
302
303 *hardened-sources-2.6.21-r2 (26 May 2007)
304
305 26 May 2007; Christian Heim <phreak@gentoo.org>
306 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
307 +hardened-sources-2.6.21-r2.ebuild:
308 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
309 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
310
311 *hardened-sources-2.6.20-r4 (26 May 2007)
312
313 26 May 2007; Christian Heim <phreak@gentoo.org>
314 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
315 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
316 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
317
318 15 May 2007; Christian Heim <phreak@gentoo.org>
319 hardened-sources-2.6.20-r3.ebuild:
320 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
321 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
322 grsecurity patch fail in that exact same hunk.
323
324 *hardened-sources-2.6.20-r3 (15 May 2007)
325
326 15 May 2007; Christian Heim <phreak@gentoo.org>
327 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
328 Revision bump, incorporating Linux 2.6.20.11.
329
330 *hardened-sources-2.6.21-r1 (11 May 2007)
331
332 11 May 2007; Christian Heim <phreak@gentoo.org>
333 +hardened-sources-2.6.21-r1.ebuild:
334 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
335 mentioned in #177234.
336
337 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
338 files/digest-hardened-sources-2.6.21, Manifest:
339 Fix Manifest/digest for linux-2.6.21.tar.bz2
340
341 06 May 2007; Christian Heim <phreak@gentoo.org>
342 hardened-sources-2.6.21.ebuild:
343 Bumping the hardened-patches version, needed for the fix for #177234.
344
345 *hardened-sources-2.6.21 (02 May 2007)
346
347 02 May 2007; Christian Heim <phreak@gentoo.org>
348 +hardened-sources-2.6.21.ebuild:
349 Version bump, Linux 2.6.21-hardened.
350
351 29 Apr 2007; Christian Heim <phreak@gentoo.org>
352 hardened-sources-2.6.20-r2.ebuild:
353 Adding ~ia64 on Ned's request.
354
355 29 Apr 2007; Christian Heim <phreak@gentoo.org>
356 hardened-sources-2.6.20-r2.ebuild:
357 Fixing the included grsecurity patch, wasn't alligning due to the Index:
358 header line(s).
359
360 29 Apr 2007; Christian Heim <phreak@gentoo.org>
361 hardened-sources-2.6.20-r2.ebuild:
362 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
363
364 *hardened-sources-2.6.20-r2 (10 Apr 2007)
365
366 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
367 +hardened-sources-2.6.20-r2.ebuild:
368 Version bump, on behalf of phreak
369
370 *hardened-sources-2.6.20-r1 (04 Apr 2007)
371
372 04 Apr 2007; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.20-r1.ebuild:
374 Revision bump, grabbing a newer grsecurity snapshot.
375
376 *hardened-sources-2.6.20 (25 Mar 2007)
377
378 25 Mar 2007; Christian Heim <phreak@gentoo.org>
379 +hardened-sources-2.6.20.ebuild:
380 Finally a hardened-sources version for 2.6.20; many people have been waiting
381 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
382 testbox.
383
384 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
385 hardened-sources-2.6.18-r6.ebuild:
386 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
387
388 *hardened-sources-2.6.18-r6 (16 Mar 2007)
389
390 16 Mar 2007; Christian Heim <phreak@gentoo.org>
391 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
392 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
393 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
394 supposed to be.
395
396 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
397 Fixing the Manifest, the previous one was broken (as in still had the
398 deleted ebuild in it).
399
400 06 Mar 2007; Christian Heim <phreak@gentoo.org>
401 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
402 +hardened-sources-2.6.18-r5.ebuild:
403 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
404 Linux 2.6.18.8. Also cleaning up the older version.
405
406 *hardened-sources-2.6.18-r5 (06 Mar 2007)
407
408 06 Mar 2007; Christian Heim <phreak@gentoo.org>
409 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
410 +hardened-sources-2.6.18-r5.ebuild:
411 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
412 Linux 2.6.18.8. Also cleaning up the older version.
413
414 24 Feb 2007; Christian Heim <phreak@gentoo.org>
415 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
416 -hardened-sources-2.6.19-r5.ebuild:
417 Removing some of the old version, that didn't work.
418
419 *hardened-sources-2.6.19-r6 (12 Feb 2007)
420
421 12 Feb 2007; Christian Heim <phreak@gentoo.org>
422 +hardened-sources-2.6.19-r6.ebuild:
423 Revision bump, including a new grsec version fixing #166235.
424
425 *hardened-sources-2.4.34 (24 Jan 2007)
426
427 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
428 Manifest:
429 updating Manifest with checksums of new tarball and ebuild
430
431 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
432 +hardened-sources-2.4.34.ebuild:
433 I added new hardened sources 2.4 update, this is a critical path
434 security bugfix - all users of h-s are strongly advised
435 to update their existing hardened sources to this version.
436 It contains a fix for a kernel vulnerability that is pertaining
437 to the PaX changes to virtual memory management, possibly leading
438 to a local kernel exploit ... see grsecurity.net forums and homepage
439
440 23 Jan 2007; Christian Heim <phreak@gentoo.org>
441 files/digest-hardened-sources-2.6.19-r5, Manifest:
442 Fixing the patch-tarball digest.
443
444 *hardened-sources-2.6.19-r5 (23 Jan 2007)
445
446 23 Jan 2007; Christian Heim <phreak@gentoo.org>
447 +hardened-sources-2.6.19-r5.ebuild:
448 Revision bump, closing the recently discovered PaX expand_stack()
449 vulnerability.
450
451 *hardened-sources-2.6.19-r4 (14 Jan 2007)
452
453 14 Jan 2007; Christian Heim <phreak@gentoo.org>
454 +hardened-sources-2.6.19-r4.ebuild:
455 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
456 dropping the randomized PID feature.
457
458 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
459 hardened-sources-2.4.33.4.ebuild:
460 stable x86, bug #161171
461
462 *hardened-sources-2.6.19-r3 (27 Dec 2006)
463
464 27 Dec 2006; Christian Heim <phreak@gentoo.org>
465 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
466 Revision bump for bug #157186 and #158786.
467
468 *hardened-sources-2.6.18-r4 (27 Dec 2006)
469
470 27 Dec 2006; Christian Heim <phreak@gentoo.org>
471 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
472 Revision bump for bug #157186.
473
474 *hardened-sources-2.6.19-r2 (23 Dec 2006)
475
476 23 Dec 2006; Christian Heim <phreak@gentoo.org>
477 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
478 Revision bump to pull in genpatches-2.6.19-3 for #157186.
479
480 17 Dec 2006; Christian Heim <phreak@gentoo.org>
481 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
482 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
483 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
484 hardened-sources-2.6.19-r1.ebuild:
485 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
486 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
487
488 *hardened-sources-2.4.33.4 (17 Dec 2006)
489
490 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
491 +hardened-sources-2.4.33.4.ebuild:
492 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
493 and quilting
494
495 *hardened-sources-2.6.19-r1 (14 Dec 2006)
496
497 14 Dec 2006; Christian Heim <phreak@gentoo.org>
498 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
499 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
500 for reporting).
501
502 *hardened-sources-2.6.19 (13 Dec 2006)
503
504 13 Dec 2006; Christian Heim <phreak@gentoo.org>
505 +hardened-sources-2.6.19.ebuild:
506 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
507 Brad for providing that prompt update.
508
509 *hardened-sources-2.6.18-r3 (13 Dec 2006)
510
511 13 Dec 2006; Christian Heim <phreak@gentoo.org>
512 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
513 +hardened-sources-2.6.18-r3.ebuild:
514 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
515 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
516
517 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
518 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
519
520 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
521 Stable on ppc wrt bug 157356
522
523 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
524 hardened-sources-2.6.18.ebuild:
525 stable x86, bug #157356
526
527 *hardened-sources-2.6.18-r2 (06 Dec 2006)
528
529 06 Dec 2006; Christian Heim <phreak@gentoo.org>
530 +hardened-sources-2.6.18-r2.ebuild:
531 Revision bump, including 2.6.18.5 (via genpatches) and
532 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
533 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
534 redesign.
535
536 06 Dec 2006; Christian Heim <phreak@gentoo.org>
537 hardened-sources-2.6.18.ebuild:
538 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
539 of Mike Doty).
540
541 *hardened-sources-2.6.18-r1 (23 Nov 2006)
542
543 23 Nov 2006; Christian Heim <phreak@gentoo.org>
544 +hardened-sources-2.6.18-r1.ebuild:
545 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
546
547 *hardened-sources-2.6.18 (11 Nov 2006)
548
549 11 Nov 2006; Christian Heim <phreak@gentoo.org>
550 +hardened-sources-2.6.18.ebuild:
551 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
552
553 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
554 - mark amd64 stable also. bug #151877
555
556 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
557 - mark 2.6.17-r1 stable
558
559 27 Aug 2006; Christian Heim <phreak@gentoo.org>
560 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
561 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
562
563 *hardened-sources-2.6.17-r1 (26 Aug 2006)
564
565 26 Aug 2006; Christian Heim <phreak@gentoo.org>
566 +hardened-sources-2.6.17-r1.ebuild:
567 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
568 grsecurity patch.
569
570 *hardened-sources-2.6.17 (17 Aug 2006)
571
572 17 Aug 2006; Christian Heim <phreak@gentoo.org>
573 +hardened-sources-2.6.17.ebuild:
574 Bumping the hardened-sources-2.6 series to 2.6.17, using
575 genpatches-2.6.17-6.base.
576
577 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
578 - stable on x86 and amd64
579
580 *hardened-sources-2.6.16-r11 (15 Jul 2006)
581
582 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
583 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
584 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
585 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
586 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
587 crusty ebuilds
588
589 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
590 hardened-sources-2.6.16-r10.ebuild:
591 marking stable on x86 and amd64
592
593 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
594 - 2.4.32-r6 stable on x86. RSBAC state unknown
595
596 *hardened-sources-2.4.32-r7 (10 Jul 2006)
597
598 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
599 +hardened-sources-2.4.32-r7.ebuild:
600 Bump PaX for RSBAC to test-17
601
602 *hardened-sources-2.6.16-r9 (03 Jul 2006)
603
604 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
605 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
606 hardened-sources-2.6.16 bump to latest -base.
607
608 *hardened-sources-2.4.32-r6 (30 Jun 2006)
609
610 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
611 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
612 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
613 sysctl controlable resource logging
614
615 *hardened-sources-2.6.16-r7 (05 Jun 2006)
616
617 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
618 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
619 push new 2.6.16 release in preparation for stable
620
621 22 May 2006; <solar@gentoo.org> :
622 - redigest bug 134002
623
624 *hardened-sources-2.4.32-r5 (16 May 2006)
625
626 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
627 +hardened-sources-2.4.32-r5.ebuild:
628 Fixes rsbac common patching (new patch in new -r5 patchset)
629
630 *hardened-sources-2.4.32-r4 (13 May 2006)
631
632 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
633 +hardened-sources-2.4.32-r4.ebuild:
634 - security bumps
635
636 *hardened-sources-2.6.16-r6 (03 May 2006)
637
638 03 May 2006; John Mylchreest <johnm@gentoo.org>
639 +hardened-sources-2.6.16-r6.ebuild:
640 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
641
642 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
643 hardened-sources-2.6.14-r8.ebuild:
644 fix x86_64 build problem, this will delay the digest issue again for a short
645 while but it will sort itself out
646
647 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
648 hardened-sources-2.6.14-r8.ebuild:
649 bump hardened patchset
650
651 27 Apr 2006; Alec Warner <antarus@gentoo.org>
652 files/digest-hardened-sources-2.4.32-r2,
653 files/digest-hardened-sources-2.4.32-r3,
654 files/digest-hardened-sources-2.6.14-r8, Manifest:
655 Fixing duff SHA256 digests: Bug # 131293
656
657 *hardened-sources-2.6.16-r5 (27 Apr 2006)
658
659 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
660 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
661 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
662 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
663 cleanup of old uneccessary sources
664
665 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
666 fix digest
667
668 *hardened-sources-2.6.14-r8 (20 Apr 2006)
669
670 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
671 +hardened-sources-2.6.14-r8.ebuild:
672 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
673
674 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
675 Turning on gpg-signing again, and recomitting
676
677 *hardened-sources-2.6.16-r4 (20 Apr 2006)
678
679 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
680 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
681 +hardened-sources-2.6.16-r4.ebuild:
682 Fix numerous security vulns
683
684 *hardened-sources-2.4.32-r3 (16 Apr 2006)
685
686 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
687 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
688 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
689 - security bump for bug #112791. Removed old ebuilds
690
691 *hardened-sources-2.6.16-r3 (15 Apr 2006)
692
693 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
694 +hardened-sources-2.6.16-r3.ebuild:
695 Removing silly localversion which I missed
696
697 *hardened-sources-2.6.14-r7 (14 Apr 2006)
698
699 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
700 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
701 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
702
703 *hardened-sources-2.6.16-r2 (13 Apr 2006)
704
705 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
706 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
707 +hardened-sources-2.6.16-r2.ebuild:
708 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
709 labels, dropping USERGROUP define fixes, since these were merged mainstream.
710
711 *hardened-sources-2.6.16-r1 (11 Apr 2006)
712
713 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
714 +hardened-sources-2.6.16-r1.ebuild:
715 Bumping to include ppc build fix and 2.6.16.3
716
717 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
718 hardened-sources-2.6.14-r6.ebuild:
719 Stable on x86; bug #127718
720
721 *hardened-sources-2.6.16 (31 Mar 2006)
722
723 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
724 +hardened-sources-2.6.16.ebuild:
725 Bumping to new version of grsec, and kernel base. New squashfs. Based on
726 2.6.16.1
727
728 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
729 hardened-sources-2.6.14-r6.ebuild:
730 Stable on amd64, bug 127718.
731
732 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
733 Stable on ppc. Bug #127718
734
735 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
736 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
737 -hardened-sources-2.6.14-r4.ebuild:
738 Cleanup.
739
740 *hardened-sources-2.6.14-r6 (15 Mar 2006)
741
742 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
743 +hardened-sources-2.6.14-r6.ebuild:
744 Fixes grsec policy recreation bug and adds a
745 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
746
747 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
748 - stable on x86
749
750 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
751 hardened-sources-2.6.14-r5.ebuild:
752 Stable on ppc.
753
754 *hardened-sources-2.6.14-r5 (01 Feb 2006)
755
756 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
757 +hardened-sources-2.6.14-r5.ebuild:
758 fixing every known exploit
759
760 *hardened-sources-2.4.32-r2 (26 Jan 2006)
761
762 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
763 +hardened-sources-2.4.32-r2.ebuild:
764 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
765
766 *hardened-sources-2.6.14-r4 (12 Jan 2006)
767
768 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
769 - version bump for new genpatches which fix up a few sec holes
770
771 *hardened-sources-2.4.32-r1 (05 Jan 2006)
772
773 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
774 - revision bump to add misc vital linux kernel security patches.
775
776 *hardened-sources-2.6.14-r3 (30 Dec 2005)
777
778 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
779 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
780 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
781
782 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
783 hardened-sources-2.6.14-r2.ebuild:
784 making x86 & amd64 stable following testing.
785
786 *hardened-sources-2.6.14-r2 (27 Dec 2005)
787
788 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
789 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
790 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
791 network hooks.
792
793 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
794 hardened-sources-2.6.14-r1.ebuild:
795 bumping to stable early for sec fix on x86 & amd64
796
797 *hardened-sources-2.6.14-r1 (05 Dec 2005)
798
799 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
800 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
801 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
802
803 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
804 - stable on x86 security bug #114227 CAN-2005-3257
805
806 *hardened-sources-2.4.32 (19 Nov 2005)
807
808 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
809 +hardened-sources-2.4.32.ebuild:
810 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
811 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
812 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
813 rsbac >> /etc/portage/package.use)
814
815 *hardened-sources-2.6.14 (14 Nov 2005)
816
817 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
818 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
819 Bumping 2.6 series to 2.6.14.2
820
821 *hardened-sources-2.6.13-r2 (20 Oct 2005)
822
823 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
824 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
825 +hardened-sources-2.6.13-r2.ebuild:
826 Fixes minor build error in ppc.
827
828 *hardened-sources-2.6.13-r1 (17 Oct 2005)
829
830 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
831 +hardened-sources-2.6.13-r1.ebuild:
832 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
833 2.6.13.4, fixes some major amd64 stability problems.
834
835 *hardened-sources-2.6.13 (16 Sep 2005)
836
837 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
838 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
839 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
840 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
841 users should test this thoroughly.
842
843 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
844 - stable on x86
845
846 *hardened-sources-2.6.11-r15 (27 Jun 2005)
847
848 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
849 +hardened-sources-2.6.11-r15.ebuild:
850 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
851 grsec redefining curr_ip struct.
852
853 *hardened-sources-2.4.31 (20 Jun 2005)
854
855 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
856 initial import of 2.4.31 tree
857
858 *hardened-sources-2.6.11-r14 (14 Jun 2005)
859
860 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
861 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
862 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
863 naming scheme to abide by genpatches
864
865 *hardened-sources-2.6.11-r13 (18 May 2005)
866
867 18 May 2005; John Mylchreest <johnm@gentoo.org>
868 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
869 Managed to mangle the Makefile patch from grsec, to miss out the grsec
870 target. sorry about that. Fixes bug #93022
871
872 *hardened-sources-2.6.11-r12 (17 May 2005)
873
874 17 May 2005; John Mylchreest <johnm@gentoo.org>
875 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
876 +hardened-sources-2.6.11-r12.ebuild:
877 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
878 merges in genpatches-base
879
880 *hardened-sources-2.6.11-r12 (17 May 2005)
881
882 17 May 2005; John Mylchreest <johnm@gentoo.org>
883 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
884 +hardened-sources-2.6.11-r12.ebuild:
885 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
886 merges in genpatches-base
887
888 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
889 -files/2.4.27-cmdline-race.patch,
890 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
891 -files/2.4.28-grsec-binfmt_a.out.patch,
892 -files/2.4.28-grsec-cmdline-race.patch,
893 -files/2.4.28-selinux-binfmt_a.out.patch,
894 -files/2.4.28-selinux-cmdline-race.patch,
895 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
896 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
897 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
898 cleanup..
899
900 *hardened-sources-2.4.30-r1 (21 Apr 2005)
901
902 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
903 - disable aout by default
904
905 *hardened-sources-2.4.30 (18 Apr 2005)
906
907 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
908 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
909 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
910 use
911
912 *hardened-sources-2.4.29 (30 Mar 2005)
913
914 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
915 +hardened-sources-2.4.29.ebuild:
916 New hardened-patches-2.4-29.0 patchball.
917 Removed SELinux support, upgraded GRSecurity to 2.1.4.
918
919 *hardened-sources-2.4.28-r5 (06 Mar 2005)
920
921 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
922 +hardened-sources-2.4.28-r5.ebuild:
923 Added a fix for a PaX vulnerability.
924
925 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
926 hardened-sources-2.4.28-r4.ebuild:
927 Stable on x86
928
929 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
930 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
931 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
932 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
933 - fixed/added RDEPEND= in all kernel-2 ebuilds
934
935 *hardened-sources-2.4.28-r4 (21 Jan 2005)
936
937 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
938 +hardened-sources-2.4.28-r4.ebuild:
939 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
940 backport of neighbour hash updates.
941
942 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
943 hardened-sources-2.4.28-r3.ebuild:
944 Stable on x86
945
946 *hardened-sources-2.6.10-r3 (20 Jan 2005)
947
948 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
949 +hardened-sources-2.6.10-r3.ebuild:
950 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
951 in 2005.0
952
953 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
954 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
955 hardened-sources-2.4.28-r2.ebuild:
956 Mark stable on x86
957
958 *hardened-sources-2.4.28-r3 (17 Jan 2005)
959
960 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
961 +hardened-sources-2.4.28-r3.ebuild:
962 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
963
964 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
965 hardened-sources-2.4.28.ebuild:
966 Mark stable on x86.
967
968 *hardened-sources-2.4.28-r2 (13 Jan 2005)
969
970 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
971 +hardened-sources-2.4.28-r2.ebuild:
972 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
973 Mazinger for grsecurity patches as well.
974
975 *hardened-sources-2.4.28-r1 (23 Dec 2004)
976
977 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
978 Security bump. Thank tocharian for rolling a new patchset...
979
980 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
981 +files/2.4.28-grsec-cmdline-race.patch,
982 +files/2.4.28-selinux-binfmt_a.out.patch,
983 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
984 - Round up remaining security patches that appear to be missing in 2.4.28. -
985 PaX standalone updated to current. hgpv=28.1
986
987 *hardened-sources-2.4.28 (28 Nov 2004)
988
989 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
990 security bump. Thank tocharian for rolling a new patchset
991
992 *hardened-sources-2.4.27-r3 (08 Sep 2004)
993
994 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
995 +hardened-sources-2.4.27-r3.ebuild:
996 Applies the new 2.4-27.2 patchball which updates
997 GRSecurity to the 2.0.1 version.
998
999 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1000
1001 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1002 +hardened-sources-2.4.27-r2.ebuild:
1003 Version bump.
1004 This version uses the new 2.4-27.1 patchball which updates
1005 both the SELinux PaX hooks patch and the SELinux headers.
1006
1007 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1008
1009 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1010 +hardened-sources-2.4.27-r1.ebuild,
1011 -hardened-sources-2.4.27.ebuild,
1012 +files/2.4.27-cmdline-race.patch:
1013 Version bump, fix for cmdline race. See bug #59905.
1014
1015 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1016
1017 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1018 +hardened-sources-2.4.26-r6.ebuild,
1019 -hardened-sources-2.4.26-r5.ebuild,
1020 -hardened-sources-2.4.26-r4.ebuild,
1021 +files/2.4.26-cmdline-race.patch:
1022 Version bump, fix for cmdline race. See bug #59905.
1023
1024 *hardened-sources-2.4.27 (08 Aug 2004)
1025
1026 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1027 +hardened-sources-2.4.27.ebuild,
1028 +files/2.4.27-CAN-2004-0394.patch:
1029 Ported the patchball to the 2.4.27 kernel version.
1030
1031 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1032
1033 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1034 +hardened-sources-2.4.26-r5.ebuild:
1035 Updated to use the new hardened-patches-2.4-26.1 patchball.
1036 It adds the following features:
1037 - Squashfs
1038 - Ebtables
1039 - Netdev random (core+drivers)
1040 - Watchdog Timer (WDT) fix.
1041
1042 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1043
1044 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1045 +hardened-sources-2.4.26-r4.ebuild,
1046 +files/2.4.26-CAN-2004-0415.patch,
1047 -hardened-sources-2.4.26-3:
1048 Version bump, fix for CAN 0415, see bug #59378.
1049
1050 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1051
1052 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1053 +hardened-sources-2.4.26-r3.ebuild,
1054 +files/2.4.26-CAN-2004-0497.patch,
1055 -hardened-sources-2.4.26-r2.ebuild:
1056 Version bump, fixed CAN 0497, see bug #56171.
1057
1058 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1059
1060 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1061 +hardened-sources-2.4.26-r2.ebuild,
1062 +files/2.4.26-CAN-2004-0495.patch,
1063 +files/2.4.26-CAN-2004-0535.patch,
1064 -hardened-sources-2.4.26-r1.ebuild:
1065 Fixes for both CAN 0495 and 0535, see bug #54976
1066
1067 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1068 hardened-sources-2.4.26-r1.ebuild:
1069 QA - fix use invocation
1070
1071 *hardened-sources-2.4.26-r1 (22 June 2004)
1072
1073 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1074 +hardened-sources-2.4.26-r1.ebuild,
1075 +files/2.4.26-CAN-2004-0394.patch,
1076 +files/2.4.26-signal-race.patch,
1077 -hardened-sources-2.4.26.ebuild,
1078 -hardened-sources-2.4.24-r3.ebuild:
1079 Version bump for the CAN-2004-0394 issue and bug #53804
1080 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1081
1082
1083 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1084 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1085 Masked hardened-sources-2.4.26.ebuild broken for ppc
1086
1087 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1088 hardened-sources-2.4.24-r3.ebuild:
1089 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1090
1091 *hardened-sources-2.4.26 (29 May 2004)
1092
1093 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1094 +hardened-sources-2.4.26.ebuild:
1095 Updated hardened-sources for the 2.4.26 kernel
1096 Removed broken components, updated almost everything.
1097
1098 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1099
1100 17 Apr 2004; <plasmaroo@gentoo.org>
1101 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1102 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1103 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1104 +hardened-sources-2.4.24-r3.ebuild:
1105 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1106 vulnerabilities. Old revisions removed.
1107
1108 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1109
1110 15 Apr 2004; <plasmaroo@gentoo.org>
1111 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1112 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1113 Version bump for the CAN-2004-0109 issue; bug #47881.
1114
1115 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1116 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1117 Add eutils to inherit.
1118
1119 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1120
1121 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1122 files/hardened-sources-2.4.24.munmap.patch:
1123 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1124
1125 *hardened-sources-2.4.24 (06 Feb 2004)
1126
1127 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1128 hardened-sources-2.4.24.ebuild:
1129 Version bump, updated most of the components.
1130 This release includes the following:
1131
1132 - Hardened security
1133 - Netfilter patch-o-matic 20031219
1134 - FreeSWAN 2.04 & x509 1.4.8
1135 - EVMS 2.2.2
1136 - XFS 1.3.1
1137 - cryptoloop jari
1138 - grsecurity 2.0-rc4
1139 - SELinux
1140 - PaX 200402060000
1141 - PaX Obscurity 200308302223
1142 - Others...
1143
1144 Neither -ck nor systrace are included anymore.
1145
1146 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1147
1148 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1149 hardened-sources-2.4.22-r2.ebuild:
1150 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1151
1152 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1153
1154 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1155 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1156
1157 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1158 hardened-sources-2.4.22-r1.ebuild:
1159 Version bump for the 'do_brk' vulnerability.
1160
1161 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1162 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1163 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1164 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1165 Fix the 'do_brk' vulnerability.
1166
1167 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1168 hardened-sources-2.4.22.ebuild:
1169 - Removed the src_install() portion for SELinux flask
1170 components. These are no longer handled in the kernel
1171 so this code was not necessary.
1172
1173 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1174 New 2.4.22 based hardened-sources thanks to
1175 Phil West <p.west@computer.org>.
1176
1177 These sources include:
1178 - New SELinux API
1179 - Updated CK-base
1180 - Updated GRSec
1181 - Systrace
1182 - SuperFreeS/WAN 1.99.8
1183 - Propolice kernel build support
1184 - EVMS
1185 - Other various security related patches
1186
1187 *hardened-sources-2.4.21 (14 Sep 2003)
1188
1189 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1190 Updated hardened-sources based on the 2.4.21 Linux kernel.
1191 This includes updates to most major components such as:
1192 - ck-base-0306300059
1193 - selinux-2.4-2003071106
1194 - grsecurity-2.0-rc1
1195 - Updated IPTables patch-o-matic
1196 - Updated SuperFreeS/WAN
1197
1198 Thanks to Phil West <pwest@computer.org> for his work in getting this
1199 updated patch set ready for the 2.4.21 based kernel.
1200
1201 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1202 Initial import of hardened-sources-2.4.20-r4. This revision
1203 includes only a few changes, but one of these is an important
1204 security fix. It is recommended all users of hardened-sources
1205 upgrade to this release.
1206
1207 - ioperm bug fix
1208 - fixed compilation failure when building without GRSec
1209
1210 SAL (Secure Auditing for Linux) is NOT included in this revision
1211 due to time constraints, but is planned for inclusion in the near
1212 future.
1213
1214 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1215
1216 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1217 hardened-sources-2.4.20-r3.ebuild:
1218 Add Header...
1219
1220 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1221 hardened-sources-2.4.20-r3.ebuild:
1222 Removed warnings from ebuild. This kernel should be safe to
1223 use at this point.
1224
1225 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1226
1227 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1228 hardened-sources-2.4.20-r3.ebuild:
1229 New revision. Includes the following changes over -r2:
1230
1231 - ck7-base (O(1), preempt, low latency)
1232 - Super FreeS/WAN 1.99.7rc2
1233 - PaX for the LSM/SELinux branch
1234 - GRSecurity 2.0-pre4 (role based access control)
1235 - Systrace 1.3
1236 - EXT3 fixes
1237 - EVMS 2.0.1
1238 - GCC 3.1+ compile optimizations
1239 - ProPolice kernel build support
1240 - Hashing table security fixes
1241
1242 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1243
1244 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1245 Initial import of hardened-sources-r2. This new
1246 ebuild includes many new performance and security
1247 related patches. As in -r1, it will patch in
1248 LSM/SELinux if "selinux" is in USE, otherwise it
1249 will patch in GRSecurity. The following patches
1250 are included in this revision:
1251
1252 - O(1) Scheduler, Low Latency, and Preempt
1253 (pulled from the base CK patch)
1254 - ptrace exploit patch for the LSM kernel
1255 (the GRSec patch already fixes this)
1256 - LSM 2.4-2003040709
1257 - SELinux 2.4-2003040709
1258 - Systrace v1.2
1259 - IPTables patch-o-matic base patches - 20030107
1260 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1261 - Super FreeS/WAN 1.99.6.1
1262 - GRSecurity 1.9.9g
1263 - MPPE
1264 - EXT3 data journal fix
1265 - CIPE 1.5.4
1266
1267 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1268 hardened-sources-2.4.20-r1.ebuild, manifest:
1269 Updated to install flask components correctly for selinux.
1270
1271 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1272 hardened-sources-2.4.20-r1.ebuild:
1273 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1274 is patched in instead. Ptrace patches for selinux have also been added. In
1275 either case, systrace support will be patched in as well.
1276
1277 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1278 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1279 Revision bump for new sources.
1280
1281 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1282 hardened-sources-2.4.20-r1.ebuild:
1283 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1284
1285 *hardened-sources-2.4.20 (30 Mar 2003)
1286
1287 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1288 hardened-sources-2.4.20.ebuild:
1289 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20